diff options
45 files changed, 600 insertions, 84 deletions
diff --git a/build/build.xml b/build/build.xml index 268f09d674..bc9240f37c 100644 --- a/build/build.xml +++ b/build/build.xml @@ -133,7 +133,7 @@ --> <target name="export"> <exec dir="phpBB" - command="git archive ${revision} | tar -x -C ../${dir}" + command="git archive ${revision} | tar -xf - -C ../${dir}" checkreturn="true" /> <delete file="${dir}/config.php" /> <delete dir="${dir}/develop" /> @@ -141,8 +141,8 @@ <echo msg="Setting permissions for checkout of ${revision} in ${dir}" /> <!-- set permissions of all files to 644, directories to 755 --> - <exec dir="${dir}" command="find -type f|xargs chmod 644" escape="false" /> - <exec dir="${dir}" command="find -type d|xargs chmod 755" escape="false" /> + <exec dir="${dir}" command="find . -type f|xargs chmod 644" escape="false" /> + <exec dir="${dir}" command="find . -type d|xargs chmod 755" escape="false" /> <!-- set permissions of some directories to 777 --> <chmod mode="0777" file="${dir}/cache" /> <chmod mode="0777" file="${dir}/store" /> diff --git a/build/build_helper.php b/build/build_helper.php index 94fc0ff3b5..2d9b86b3c3 100644 --- a/build/build_helper.php +++ b/build/build_helper.php @@ -177,7 +177,7 @@ class build_package } // Is binary? - if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9_-]+\/\1 differ/i', $line, $match)) + if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9._-]+\/\1 differ/i', $line, $match)) { $binary[] = trim($match[1]); } diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index dd8f4c279d..68508bc353 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -237,7 +237,7 @@ function build_select($option_ary, $option_default = false) /** * Build radio fields in acp pages */ -function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = false) +function h_radio($name, $input_ary, $input_default = false, $id = false, $key = false, $separator = '') { global $user; @@ -246,7 +246,7 @@ function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = foreach ($input_ary as $value => $title) { $selected = ($input_default !== false && $value == $input_default) ? ' checked="checked"' : ''; - $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>'; + $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>' . $separator; $id_assigned = true; } @@ -276,7 +276,7 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) $size = (int) $tpl_type[1]; $maxlength = (int) $tpl_type[2]; - $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '" />'; + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; break; case 'dimension': diff --git a/phpBB/adm/style/acp_forums.html b/phpBB/adm/style/acp_forums.html index d27cea28f7..8577c08860 100644 --- a/phpBB/adm/style/acp_forums.html +++ b/phpBB/adm/style/acp_forums.html @@ -140,6 +140,12 @@ <dt><label for="parent">{L_FORUM_PARENT}:</label></dt> <dd><select id="parent" name="forum_parent_id"><option value="0"<!-- IF not S_FORUM_PARENT_ID --> selected="selected"<!-- ENDIF -->>{L_NO_PARENT}</option>{S_PARENT_OPTIONS}</select></dd> </dl> + <!-- IF S_CAN_COPY_PERMISSIONS --> + <dl> + <dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt> + <dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd> + </dl> + <!-- ENDIF --> <dl> <dt><label for="forum_name">{L_FORUM_NAME}:</label></dt> <dd><input class="text medium" type="text" id="forum_name" name="forum_name" value="{FORUM_NAME}" maxlength="255" /></dd> @@ -160,11 +166,11 @@ </dl> <dl> <dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <dl> <dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <!-- IF S_FORUM_PASSWORD_SET --> <dl> @@ -176,12 +182,6 @@ <dt><label for="forum_style">{L_FORUM_STYLE}:</label></dt> <dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd> </dl> - <!-- IF S_CAN_COPY_PERMISSIONS --> - <dl> - <dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt> - <dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd> - </dl> - <!-- ENDIF --> </fieldset> <div id="forum_cat_options"> diff --git a/phpBB/adm/style/acp_users_overview.html b/phpBB/adm/style/acp_users_overview.html index 911dcad293..9237e45daf 100644 --- a/phpBB/adm/style/acp_users_overview.html +++ b/phpBB/adm/style/acp_users_overview.html @@ -43,19 +43,19 @@ </dl> <dl> <dt><label for="user_email">{L_EMAIL}:</label></dt> - <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" /></dd> + <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" autocomplete="off" /></dd> </dl> <dl> <dt><label for="email_confirm">{L_CONFIRM_EMAIL}:</label><br /><span>{L_CONFIRM_EMAIL_EXPLAIN}</span></dt> - <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" /></dd> + <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="new_password">{L_NEW_PASSWORD}:</label><br /><span>{L_CHANGE_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="new_password" name="new_password" value="" /></dd> + <dd><input type="password" id="new_password" name="new_password" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="password_confirm">{L_CONFIRM_PASSWORD}:</label><br /><span>{L_CONFIRM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="password_confirm" name="password_confirm" value="" /></dd> + <dd><input type="password" id="password_confirm" name="password_confirm" value="" autocomplete="off" /></dd> </dl> <p class="quick"> diff --git a/phpBB/common.php b/phpBB/common.php index ae174c8441..a176a45c38 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -24,7 +24,7 @@ if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); +error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); /* * Remove variables created by register_globals from the global scope @@ -69,7 +69,7 @@ function deregister_globals() { if (isset($not_unset[$varname])) { - // Hacking attempt. No point in continuing unless it's a COOKIE + // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) { exit; @@ -79,6 +79,11 @@ function deregister_globals() $cookie = &$_COOKIE; while (isset($cookie['GLOBALS'])) { + if (!is_array($cookie['GLOBALS'])) + { + break; + } + foreach ($cookie['GLOBALS'] as $registered_var => $value) { if (!isset($not_unset[$registered_var])) diff --git a/phpBB/develop/mysql_upgrader.php b/phpBB/develop/mysql_upgrader.php index 70c8173a32..dec8f8c210 100644 --- a/phpBB/develop/mysql_upgrader.php +++ b/phpBB/develop/mysql_upgrader.php @@ -253,7 +253,7 @@ foreach ($schema_data as $table_name => $table_data) // Do we now need to re-add the fulltext index? ;) if ($table_name == ($prefix . 'posts') && $drop_index) { - echo "ALTER TABLE $table_name ADD FULLTEXT (post_subject), ADD FULLTEXT (post_text), ADD FULLTEXT post_content (post_subject, post_text){$newline}"; + echo "ALTER TABLE $table_name ADD FULLTEXT (post_subject), ADD FULLTEXT (post_text), ADD FULLTEXT post_content (post_subject, post_text);{$newline}"; } } diff --git a/phpBB/download/file.php b/phpBB/download/file.php index e1ec835b9b..ed5c4f55b8 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -35,7 +35,7 @@ if (isset($_GET['avatar'])) { define('E_DEPRECATED', 8192); } - error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); + error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); require($phpbb_root_path . 'config.' . $phpEx); diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index a5e80e1f6d..d38c4d58ba 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -769,13 +769,20 @@ class acp_board { global $user, $config; - $radio_ary = array(USER_ACTIVATION_DISABLE => 'ACC_DISABLE', USER_ACTIVATION_NONE => 'ACC_NONE'); + $radio_ary = array( + USER_ACTIVATION_DISABLE => 'ACC_DISABLE', + USER_ACTIVATION_NONE => 'ACC_NONE', + ); + if ($config['email_enable']) { - $radio_ary += array(USER_ACTIVATION_SELF => 'ACC_USER', USER_ACTIVATION_ADMIN => 'ACC_ADMIN'); + $radio_ary[USER_ACTIVATION_SELF] = 'ACC_USER'; + $radio_ary[USER_ACTIVATION_ADMIN] = 'ACC_ADMIN'; } - return h_radio('config[require_activation]', $radio_ary, $value, $key); + $radio_text = h_radio('config[require_activation]', $radio_ary, $value, 'require_activation', $key, '<br />'); + + return $radio_text; } /** diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e8c957aaa3..5dfa74ddab 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -335,7 +335,7 @@ function acp_ldap(&$new) </dl> <dl> <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt> - <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd> + <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd> </dl> '; diff --git a/phpBB/includes/captcha/captcha_gd.php b/phpBB/includes/captcha/captcha_gd.php index 5f24618aab..ecdad43978 100644 --- a/phpBB/includes/captcha/captcha_gd.php +++ b/phpBB/includes/captcha/captcha_gd.php @@ -77,7 +77,7 @@ class captcha { $denom = ($code_len - $i); $denom = max(1.3, $denom); - $offset[$i] = mt_rand(0, (1.5 * $width_avail) / $denom); + $offset[$i] = phpbb_mt_rand(0, (int) round((1.5 * $width_avail) / $denom)); $width_avail -= $offset[$i]; } diff --git a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php index ea171dbe2c..0b0270f568 100644 --- a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php @@ -27,9 +27,14 @@ if (!class_exists('phpbb_default_captcha')) */ class phpbb_recaptcha extends phpbb_default_captcha { - var $recaptcha_server = 'http://api.recaptcha.net'; - var $recaptcha_server_secure = 'https://api-secure.recaptcha.net'; // class constants :( - var $recaptcha_verify_server = 'api-verify.recaptcha.net'; + var $recaptcha_server = 'http://www.google.com/recaptcha/api'; + var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :( + + // We are opening a socket to port 80 of this host and send + // the POST request asking for verification to the path specified here. + var $recaptcha_verify_server = 'www.google.com'; + var $recaptcha_verify_path = '/recaptcha/api/verify'; + var $challenge; var $response; @@ -296,7 +301,7 @@ class phpbb_recaptcha extends phpbb_default_captcha return $user->lang['RECAPTCHA_INCORRECT']; } - $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, '/verify', + $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path, array( 'privatekey' => $config['recaptcha_privkey'], 'remoteip' => $user->ip, diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php index f4b181c6ad..483ceee043 100644 --- a/phpBB/includes/db/db_tools.php +++ b/phpBB/includes/db/db_tools.php @@ -681,10 +681,12 @@ class phpbb_db_tools { foreach ($columns as $column_name => $column_data) { - // Only add the column if it does not exist yet, else change it (to be consistent) + // Only add the column if it does not exist yet if ($column_exists = $this->sql_column_exists($table, $column_name)) { - $result = $this->sql_column_change($table, $column_name, $column_data, true); + continue; + // This is commented out here because it can take tremendous time on updates +// $result = $this->sql_column_change($table, $column_name, $column_data, true); } else { @@ -695,7 +697,8 @@ class phpbb_db_tools { if ($column_exists) { - $sqlite_data[$table]['change_columns'][] = $result; + continue; +// $sqlite_data[$table]['change_columns'][] = $result; } else { @@ -717,6 +720,11 @@ class phpbb_db_tools { foreach ($indexes as $index_name) { + if (!$this->sql_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_index_drop($table, $index_name); if ($this->return_statements) @@ -777,6 +785,11 @@ class phpbb_db_tools { foreach ($index_array as $index_name => $column) { + if ($this->sql_unique_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_create_unique_index($table, $index_name, $column); if ($this->return_statements) @@ -794,6 +807,11 @@ class phpbb_db_tools { foreach ($index_array as $index_name => $column) { + if ($this->sql_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_create_index($table, $index_name, $column); if ($this->return_statements) @@ -1103,6 +1121,236 @@ class phpbb_db_tools } /** + * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes. + * + * @param string $table_name Table to check the index at + * @param string $index_name The index name to check + * + * @return bool True if index exists, else false + */ + function sql_index_exists($table_name, $index_name) + { + if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative') + { + $sql = "EXEC sp_statistics '$table_name'"; + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + if ($row['TYPE'] == 3) + { + if (strtolower($row['INDEX_NAME']) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + } + $this->db->sql_freeresult($result); + + return false; + } + + switch ($this->sql_layer) + { + case 'firebird': + $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name + FROM RDB\$INDICES + WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "' + AND RDB\$UNIQUE_FLAG IS NULL + AND RDB\$FOREIGN_KEY IS NULL"; + $col = 'index_name'; + break; + + case 'postgres': + $sql = "SELECT ic.relname as index_name + FROM pg_class bc, pg_class ic, pg_index i + WHERE (bc.oid = i.indrelid) + AND (ic.oid = i.indexrelid) + AND (bc.relname = '" . $table_name . "') + AND (i.indisunique != 't') + AND (i.indisprimary != 't')"; + $col = 'index_name'; + break; + + case 'mysql_40': + case 'mysql_41': + $sql = 'SHOW KEYS + FROM ' . $table_name; + $col = 'Key_name'; + break; + + case 'oracle': + $sql = "SELECT index_name + FROM user_indexes + WHERE table_name = '" . strtoupper($table_name) . "' + AND generated = 'N' + AND uniqueness = 'NONUNIQUE'"; + $col = 'index_name'; + break; + + case 'sqlite': + $sql = "PRAGMA index_list('" . $table_name . "');"; + $col = 'name'; + break; + } + + $result = $this->db->sql_query($sql); + while ($row = $this->db->sql_fetchrow($result)) + { + if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && !$row['Non_unique']) + { + continue; + } + + // These DBMS prefix index name with the table name + switch ($this->sql_layer) + { + case 'firebird': + case 'oracle': + case 'postgres': + case 'sqlite': + $row[$col] = substr($row[$col], strlen($table_name) + 1); + break; + } + + if (strtolower($row[$col]) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + $this->db->sql_freeresult($result); + + return false; + } + + /** + * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes. + * + * @param string $table_name Table to check the index at + * @param string $index_name The index name to check + * + * @return bool True if index exists, else false + */ + function sql_unique_index_exists($table_name, $index_name) + { + if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative') + { + $sql = "EXEC sp_statistics '$table_name'"; + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + // Usually NON_UNIQUE is the column we want to check, but we allow for both + if ($row['TYPE'] == 3) + { + if (strtolower($row['INDEX_NAME']) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + } + $this->db->sql_freeresult($result); + return false; + } + + switch ($this->sql_layer) + { + case 'firebird': + $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name + FROM RDB\$INDICES + WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "' + AND RDB\$UNIQUE_FLAG IS NOT NULL + AND RDB\$FOREIGN_KEY IS NULL"; + $col = 'index_name'; + break; + + case 'postgres': + $sql = "SELECT ic.relname as index_name, i.indisunique + FROM pg_class bc, pg_class ic, pg_index i + WHERE (bc.oid = i.indrelid) + AND (ic.oid = i.indexrelid) + AND (bc.relname = '" . $table_name . "') + AND (i.indisprimary != 't')"; + $col = 'index_name'; + break; + + case 'mysql_40': + case 'mysql_41': + $sql = 'SHOW KEYS + FROM ' . $table_name; + $col = 'Key_name'; + break; + + case 'oracle': + $sql = "SELECT index_name, table_owner + FROM user_indexes + WHERE table_name = '" . strtoupper($table_name) . "' + AND generated = 'N' + AND uniqueness = 'UNIQUE'"; + $col = 'index_name'; + break; + + case 'sqlite': + $sql = "PRAGMA index_list('" . $table_name . "');"; + $col = 'name'; + break; + } + + $result = $this->db->sql_query($sql); + while ($row = $this->db->sql_fetchrow($result)) + { + if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && ($row['Non_unique'] || $row[$col] == 'PRIMARY')) + { + continue; + } + + if ($this->sql_layer == 'sqlite' && !$row['unique']) + { + continue; + } + + if ($this->sql_layer == 'postgres' && $row['indisunique'] != 't') + { + continue; + } + + // These DBMS prefix index name with the table name + switch ($this->sql_layer) + { + case 'oracle': + // Two cases here... prefixed with U_[table_owner] and not prefixed with table_name + if (strpos($row[$col], 'U_') === 0) + { + $row[$col] = substr($row[$col], strlen('U_' . $row['table_owner']) + 1); + } + else if (strpos($row[$col], strtoupper($table_name)) === 0) + { + $row[$col] = substr($row[$col], strlen($table_name) + 1); + } + break; + + case 'firebird': + case 'postgres': + case 'sqlite': + $row[$col] = substr($row[$col], strlen($table_name) + 1); + break; + } + + if (strtolower($row[$col]) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + $this->db->sql_freeresult($result); + + return false; + } + + /** * Private method for performing sql statements (either execute them or return them) * @access private */ @@ -1371,24 +1619,29 @@ class phpbb_db_tools switch ($this->sql_layer) { case 'firebird': + // Does not support AFTER statement, only POSITION (and there you need the column position) $statements[] = 'ALTER TABLE ' . $table_name . ' ADD "' . strtoupper($column_name) . '" ' . $column_data['column_type_sql']; break; case 'mssql': case 'mssqlnative': + // Does not support AFTER, only through temporary table $statements[] = 'ALTER TABLE [' . $table_name . '] ADD [' . $column_name . '] ' . $column_data['column_type_sql_default']; break; case 'mysql_40': case 'mysql_41': - $statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql']; + $after = (!empty($column_data['after'])) ? ' AFTER ' . $column_data['after'] : ''; + $statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql'] . $after; break; case 'oracle': + // Does not support AFTER, only through temporary table $statements[] = 'ALTER TABLE ' . $table_name . ' ADD ' . $column_name . ' ' . $column_data['column_type_sql']; break; case 'postgres': + // Does not support AFTER, only through temporary table if (version_compare($this->db->sql_server_info(true), '8.0', '>=')) { $statements[] = 'ALTER TABLE ' . $table_name . ' ADD COLUMN "' . $column_name . '" ' . $column_data['column_type_sql']; @@ -1957,6 +2210,7 @@ class phpbb_db_tools } else { + // TODO: try to change pkey without removing trigger, generator or constraints. ATM this query may fail. $statements[] = 'ALTER TABLE ' . $table_name . ' ALTER COLUMN "' . strtoupper($column_name) . '" TYPE ' . ' ' . $column_data['column_type_sql_type']; } break; diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index d7860fc8bc..2f9619c8ea 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -246,7 +246,7 @@ class dbal * * @return bool Whether buffering is required. */ - function sql_buffer_nested_transaction() + function sql_buffer_nested_transactions() { return false; } diff --git a/phpBB/includes/db/mssqlnative.php b/phpBB/includes/db/mssqlnative.php index e057e7fe74..6810562d17 100644 --- a/phpBB/includes/db/mssqlnative.php +++ b/phpBB/includes/db/mssqlnative.php @@ -261,7 +261,7 @@ class dbal_mssqlnative extends dbal /** * {@inheritDoc} */ - function sql_buffer_nested_transaction() + function sql_buffer_nested_transactions() { return true; } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b8ea80ad4a..b8d9e0b92e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -175,7 +175,8 @@ function set_config_count($config_name, $increment, $is_dynamic = false) switch ($db->sql_layer) { case 'firebird': - $sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))'; + // Precision must be from 1 to 18 + $sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))'; break; case 'postgres': @@ -249,6 +250,22 @@ function unique_id($extra = 'c') } /** +* Wrapper for mt_rand() which allows swapping $min and $max parameters. +* +* PHP does not allow us to swap the order of the arguments for mt_rand() anymore. +* (since PHP 5.3.4, see http://bugs.php.net/46587) +* +* @param int $min Lowest value to be returned +* @param int $max Highest value to be returned +* +* @return int Random integer between $min and $max (or $max and $min) +*/ +function phpbb_mt_rand($min, $max) +{ + return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max); +} + +/** * Return formatted string for filesizes * * @param int $value filesize in bytes @@ -3447,7 +3464,7 @@ function get_preg_expression($mode) * Depends on whether installed PHP version supports unicode properties * * @param string $word word template to be replaced -* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode +* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode * * @return string $preg_expr regex to use with word censor */ @@ -3557,7 +3574,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') // but until 5.3.3 it only works for MX records // See: http://bugs.php.net/bug.php?id=51844 - // Call checkdnsrr() if + // Call checkdnsrr() if // we're looking for an MX record or // we're not on Windows or // we're running a PHP version where #51844 has been fixed @@ -3577,7 +3594,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows, // but on Windows it does not work reliable for AAAA records before PHP 5.3.1 - // Call dns_get_record() if + // Call dns_get_record() if // we're not looking for an AAAA record or // we're not on Windows or // we're running a PHP version where AAAA lookups work reliable @@ -3607,7 +3624,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') foreach ($resultset as $result) { if ( - isset($result['host']) && $result['host'] == $host && + isset($result['host']) && $result['host'] == $host && isset($result['type']) && $result['type'] == $type ) { @@ -3742,7 +3759,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) { // flush the content, else we get a white page if output buffering is on - if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on') + if (ob_get_level() > 0) { @ob_flush(); } @@ -4435,6 +4452,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); } + $s_search_hidden_fields = array(); + if ($_SID) + { + $s_search_hidden_fields['sid'] = $_SID; + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4524,11 +4547,13 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false, + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), + 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_IMAGESET_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset', - 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->data['user_lang'], + 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->lang_name, 'T_IMAGES_PATH' => "{$web_path}images/", 'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/", 'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/", @@ -4536,7 +4561,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang']), + 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->lang_name), 'T_STYLESHEET_NAME' => $user->theme['theme_name'], 'T_THEME_NAME' => $user->theme['theme_path'], @@ -4718,7 +4743,7 @@ function exit_handler() } // As a pre-caution... some setups display a blank page if the flush() is not there. - (empty($config['gzip_compress'])) ? @flush() : @ob_flush(); + (ob_get_level() > 0) ? @ob_flush() : @flush(); exit; } diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index acaef49fe8..d7422aa2c9 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -477,7 +477,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'SUBFORUMS' => $s_subforums_list, 'L_SUBFORUM_STR' => $l_subforums, - 'L_FORUM_FOLDER_ALT' => $folder_alt, 'L_MODERATOR_STR' => $l_moderator, 'U_UNAPPROVED_TOPICS' => ($row['forum_id_unapproved_topics']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=unapproved_topics&f=' . $row['forum_id_unapproved_topics']) : '', diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 78fe049f40..1eae2a9ad6 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -149,7 +149,18 @@ class custom_profile case FIELD_DROPDOWN: $field_value = (int) $field_value; - + + // retrieve option lang data if necessary + if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']])) + { + $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false); + } + + if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value])) + { + return 'FIELD_INVALID_VALUE'; + } + if ($field_value == $field_data['field_novalue'] && $field_data['field_required']) { return 'FIELD_REQUIRED'; @@ -302,6 +313,7 @@ class custom_profile switch ($cp_result) { case 'FIELD_INVALID_DATE': + case 'FIELD_INVALID_VALUE': case 'FIELD_REQUIRED': $error = sprintf($user->lang[$cp_result], $row['lang_name']); break; diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index d803f8d799..2181375dc1 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1238,6 +1238,12 @@ class session $ip = $this->ip; } + // Neither Spamhaus nor Spamcop supports IPv6 addresses. + if (strpos($ip, ':') !== false) + { + return false; + } + $dnsbl_check = array( 'sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=', ); diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index e1c51170db..c675928a5b 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -115,7 +115,7 @@ class ucp_pm case 'compose': $action = request_var('action', 'post'); - get_folder($user->data['user_id']); + $user_folders = get_folder($user->data['user_id']); if (!$auth->acl_get('u_sendpm')) { @@ -130,7 +130,7 @@ class ucp_pm } include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx); - compose_pm($id, $mode, $action); + compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index b596e72c41..05243e3d7a 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -20,7 +20,7 @@ if (!defined('IN_PHPBB')) * Compose private message * Called from ucp_pm with mode == 'compose' */ -function compose_pm($id, $mode, $action) +function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user; global $phpbb_root_path, $phpEx, $config; @@ -135,6 +135,7 @@ function compose_pm($id, $mode, $action) } $sql = ''; + $folder_id = 0; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. @@ -398,7 +399,7 @@ function compose_pm($id, $mode, $action) unset($message_text); $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); - $s_action .= ($msg_id) ? "&p=$msg_id" : ''; + $s_action .= (($folder_id) ? "&f=$folder_id" : '') . (($msg_id) ? "&p=$msg_id" : ''); // Delete triggered ? if ($action == 'delete') @@ -741,10 +742,30 @@ function compose_pm($id, $mode, $action) $msg_id = submit_pm($action, $subject, $pm_data); $return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id); - $return_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); - meta_refresh(3, $return_message_url); + $inbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'); + $outbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); + + $folder_url = ''; + if (($folder_id > 0) && isset($user_folders[$folder_id])) + { + $folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=' . $folder_id); + } + + $return_box_url = ($action === 'post' || $action === 'edit') ? $outbox_folder_url : $inbox_folder_url; + $return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX'; + - $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $user->lang['PM_OUTBOX']); + $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>'); + + $last_click_type = 'CLICK_RETURN_FOLDER'; + if ($folder_url) + { + $message .= '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $folder_url . '">', '</a>', $user_folders[$folder_id]['folder_name']); + $last_click_type = 'CLICK_GOTO_FOLDER'; + } + $message .= '<br /><br />' . sprintf($user->lang[$last_click_type], '<a href="' . $return_box_url . '">', '</a>', $user->lang[$return_box_lang]); + + meta_refresh(3, $return_message_url); trigger_error($message); } diff --git a/phpBB/install/convertors/functions_phpbb20.php b/phpBB/install/convertors/functions_phpbb20.php index 78224dd5da..466f57a572 100644 --- a/phpBB/install/convertors/functions_phpbb20.php +++ b/phpBB/install/convertors/functions_phpbb20.php @@ -94,6 +94,7 @@ function phpbb_insert_forums() { case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $db->sql_query('SET IDENTITY_INSERT ' . FORUMS_TABLE . ' ON'); break; } @@ -291,6 +292,7 @@ function phpbb_insert_forums() case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $db->sql_query('SET IDENTITY_INSERT ' . FORUMS_TABLE . ' OFF'); break; @@ -1727,6 +1729,7 @@ function phpbb_create_userconv_table() case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $map_dbms = 'mssql'; break; diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 01048520d2..3d32a82cc6 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -35,7 +35,7 @@ if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } -//error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); +//error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); error_reporting(E_ALL); @set_time_limit(0); diff --git a/phpBB/install/index.php b/phpBB/install/index.php index 49c99da0d7..bace22f177 100644 --- a/phpBB/install/index.php +++ b/phpBB/install/index.php @@ -23,7 +23,7 @@ if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); +error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); // @todo Review this test and see if we can find out what it is which prevents PHP 4.2.x from even displaying the page with requirements on it if (version_compare(PHP_VERSION, '4.3.3') < 0) diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 5293b835d6..10e4aa7b6b 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -208,16 +208,16 @@ $lang = array_merge($lang, array( 'ACP_REGISTER_SETTINGS_EXPLAIN' => 'Here you are able to define registration and profile related settings.', 'ACC_ACTIVATION' => 'Account activation', - 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations.', + 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations. “Board-wide e-mail” must be enabled in order to use user or admin activation.', 'NEW_MEMBER_POST_LIMIT' => 'New member post limit', 'NEW_MEMBER_POST_LIMIT_EXPLAIN' => 'New members are within the <em>Newly Registered Users</em> group until they reach this number of posts. You can use this group to keep them from using the PM system or to review their posts. <strong>A value of 0 disables this feature.</strong>', 'NEW_MEMBER_GROUP_DEFAULT' => 'Set Newly Registered Users group to default', 'NEW_MEMBER_GROUP_DEFAULT_EXPLAIN' => 'If set to yes, and a new member post limit is specified, newly registered users will not only be put into the <em>Newly Registered Users</em> group, but this group will also be their default one. This may come in handy if you want to assign a group default rank and/or avatar the user then inherits.', - 'ACC_ADMIN' => 'By Admin', - 'ACC_DISABLE' => 'Disable', - 'ACC_NONE' => 'None', - 'ACC_USER' => 'By User', + 'ACC_ADMIN' => 'By admin', + 'ACC_DISABLE' => 'Disable registration', + 'ACC_NONE' => 'No activation (immediate access)', + 'ACC_USER' => 'By user (e-mail verification)', // 'ACC_USER_ADMIN' => 'User + Admin', 'ALLOW_EMAIL_REUSE' => 'Allow e-mail address re-use', 'ALLOW_EMAIL_REUSE_EXPLAIN' => 'Different users can register with the same e-mail address.', diff --git a/phpBB/language/en/captcha_recaptcha.php b/phpBB/language/en/captcha_recaptcha.php index 463bfffe0d..9b2fb2049d 100644 --- a/phpBB/language/en/captcha_recaptcha.php +++ b/phpBB/language/en/captcha_recaptcha.php @@ -37,14 +37,14 @@ if (empty($lang) || !is_array($lang)) $lang = array_merge($lang, array( 'RECAPTCHA_LANG' => 'en', - 'RECAPTCHA_NOT_AVAILABLE' => 'In order to use reCaptcha, you must create an account on <a href="http://recaptcha.net">reCaptcha.net</a>.', + 'RECAPTCHA_NOT_AVAILABLE' => 'In order to use reCaptcha, you must create an account on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.', 'CAPTCHA_RECAPTCHA' => 'reCaptcha', 'RECAPTCHA_INCORRECT' => 'The visual confirmation code you submitted was incorrect', 'RECAPTCHA_PUBLIC' => 'Public reCaptcha key', - 'RECAPTCHA_PUBLIC_EXPLAIN' => 'Your public reCaptcha key. Keys can be obtained on <a href="http://recaptcha.net">reCaptcha.net</a>.', + 'RECAPTCHA_PUBLIC_EXPLAIN' => 'Your public reCaptcha key. Keys can be obtained on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.', 'RECAPTCHA_PRIVATE' => 'Private reCaptcha key', - 'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on <a href="http://recaptcha.net">reCaptcha.net</a>.', + 'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.', 'RECAPTCHA_EXPLAIN' => 'In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.', )); diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 731f674120..078a280223 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -329,7 +329,7 @@ $lang = array_merge($lang, array( 'MEMBERLIST' => 'Members', 'MEMBERLIST_EXPLAIN' => 'View complete list of members', 'MERGE' => 'Merge', - 'MERGE_POSTS' => 'Merge posts', + 'MERGE_POSTS' => 'Move posts', 'MERGE_TOPIC' => 'Merge topic', 'MESSAGE' => 'Message', 'MESSAGES' => 'Messages', @@ -530,6 +530,7 @@ $lang = array_merge($lang, array( 'SEARCH_TOPIC' => 'Search this topic…', 'SEARCH_UNANSWERED' => 'View unanswered posts', 'SEARCH_UNREAD' => 'View unread posts', + 'SEARCH_USER_POSTS' => 'Search user’s posts', 'SECONDS' => 'Seconds', 'SELECT' => 'Select', 'SELECT_ALL_CODE' => 'Select all', diff --git a/phpBB/language/en/mcp.php b/phpBB/language/en/mcp.php index fc1b8c8f62..d0bcec0d9c 100644 --- a/phpBB/language/en/mcp.php +++ b/phpBB/language/en/mcp.php @@ -209,9 +209,8 @@ $lang = array_merge($lang, array( 'MCP_WARN_POST' => 'Warn for specific post', 'MCP_WARN_USER' => 'Warn user', - 'MERGE_POSTS' => 'Merge posts', - 'MERGE_POSTS_CONFIRM' => 'Are you sure you want to merge the selected posts?', - 'MERGE_TOPIC_EXPLAIN' => 'Using the form below you can merge selected posts into another topic. These posts will not be reordered and will appear as if the users posted them to the new topic.<br />Please enter the destination topic id or click on “Select topic” to search for one.', + 'MERGE_POSTS_CONFIRM' => 'Are you sure you want to move the selected posts?', + 'MERGE_TOPIC_EXPLAIN' => 'Using the form below you can move selected posts into another topic. The posts will be split from this topic and merged into the other topic. These posts will not be reordered and will appear as if the users posted them to the new topic.<br />Please enter the destination topic id or click on “Select topic” to search for one.', 'MERGE_TOPIC_ID' => 'Destination topic identification number', 'MERGE_TOPICS' => 'Merge topics', 'MERGE_TOPICS_CONFIRM' => 'Are you sure you want to merge the selected topics?', diff --git a/phpBB/language/en/memberlist.php b/phpBB/language/en/memberlist.php index 213f766610..e71f9d6565 100644 --- a/phpBB/language/en/memberlist.php +++ b/phpBB/language/en/memberlist.php @@ -116,7 +116,6 @@ $lang = array_merge($lang, array( 'REMOVE_FOE' => 'Remove foe', 'REMOVE_FRIEND' => 'Remove friend', - 'SEARCH_USER_POSTS' => 'Search user’s posts', 'SELECT_MARKED' => 'Select marked', 'SELECT_SORT_METHOD' => 'Select sort method', 'SEND_AIM_MESSAGE' => 'Send AIM message', diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 02b8a282d9..c1e3c06c43 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -119,6 +119,7 @@ $lang = array_merge($lang, array( 'CANNOT_REMOVE_FOLDER' => 'This folder cannot be removed.', 'CHANGE_DEFAULT_GROUP' => 'Change default group', 'CHANGE_PASSWORD' => 'Change password', + 'CLICK_GOTO_FOLDER' => '%1$sGo to your “%3$s” folder%2$s', 'CLICK_RETURN_FOLDER' => '%1$sReturn to your “%3$s” folder%2$s', 'CONFIRMATION' => 'Confirmation of registration', 'CONFIRM_CHANGES' => 'Confirm changes', @@ -194,6 +195,7 @@ $lang = array_merge($lang, array( 'FIELD_INVALID_CHARS_ALPHA_ONLY' => 'The field “%s” has invalid characters, only alphanumeric characters are allowed.', 'FIELD_INVALID_CHARS_SPACERS_ONLY' => 'The field “%s” has invalid characters, only alphanumeric, space or -+_[] characters are allowed.', 'FIELD_INVALID_DATE' => 'The field “%s” has an invalid date.', + 'FIELD_INVALID_VALUE' => 'The field “%s” has an invalid value.', 'FOE_MESSAGE' => 'Message from foe', 'FOES_EXPLAIN' => 'Foes are users which will be ignored by default. Posts by these users will not be fully visible. Personal messages from foes are still permitted. Please note that you cannot ignore moderators or administrators.', diff --git a/phpBB/style.php b/phpBB/style.php index 8ca1751391..f3e1b4c89e 100644 --- a/phpBB/style.php +++ b/phpBB/style.php @@ -20,7 +20,7 @@ if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); +error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); require($phpbb_root_path . 'config.' . $phpEx); diff --git a/phpBB/styles/prosilver/template/mcp_topic.html b/phpBB/styles/prosilver/template/mcp_topic.html index db36ebf5ac..a4d2a0f600 100644 --- a/phpBB/styles/prosilver/template/mcp_topic.html +++ b/phpBB/styles/prosilver/template/mcp_topic.html @@ -31,7 +31,7 @@ onload_functions.push('subPanels()'); </li> <li id="merge-panel-tab"<!-- IF S_MERGE_VIEW --> class="activetab"<!-- ENDIF -->> <span class="corners-top"><span></span></span> - <a href="#minitabs" onclick="subPanels('merge-panel'); return false;"><span>{L_MERGE_TOPIC}</span></a> + <a href="#minitabs" onclick="subPanels('merge-panel'); return false;"><span>{L_MERGE_POSTS}</span></a> </li> </ul> </div> diff --git a/phpBB/styles/prosilver/template/overall_header.html b/phpBB/styles/prosilver/template/overall_header.html index 51fff0735a..05ddc48123 100644 --- a/phpBB/styles/prosilver/template/overall_header.html +++ b/phpBB/styles/prosilver/template/overall_header.html @@ -114,7 +114,7 @@ <!-- IF S_DISPLAY_SEARCH and not S_IN_SEARCH --> <div id="search-box"> - <form action="{U_SEARCH}" method="post" id="search"> + <form action="{U_SEARCH}" method="get" id="search"> <fieldset> <input name="keywords" id="keywords" type="text" maxlength="128" title="{L_SEARCH_KEYWORDS}" class="inputbox search" value="<!-- IF SEARCH_WORDS-->{SEARCH_WORDS}<!-- ELSE -->{L_SEARCH_MINI}<!-- ENDIF -->" onclick="if(this.value=='{LA_SEARCH_MINI}')this.value='';" onblur="if(this.value=='')this.value='{LA_SEARCH_MINI}';" /> <input class="button2" value="{L_SEARCH}" type="submit" /><br /> diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index f4e80fd625..6a789074b1 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -45,11 +45,11 @@ <!-- IF S_DISPLAY_SEARCHBOX --> <div class="search-box"> - <form method="post" id="forum-search" action="{S_SEARCHBOX_ACTION}"> + <form method="get" id="forum-search" action="{S_SEARCHBOX_ACTION}"> <fieldset> <input class="inputbox search tiny" type="text" name="keywords" id="search_keywords" size="20" value="{L_SEARCH_FORUM}" onclick="if (this.value == '{LA_SEARCH_FORUM}') this.value = '';" onblur="if (this.value == '') this.value = '{LA_SEARCH_FORUM}';" /> <input class="button2" type="submit" value="{L_SEARCH}" /> - <input type="hidden" value="{FORUM_ID}" name="fid[]" /> + {S_SEARCH_HIDDEN_FIELDS} </fieldset> </form> </div> diff --git a/phpBB/styles/prosilver/template/viewtopic_body.html b/phpBB/styles/prosilver/template/viewtopic_body.html index 24c57b9a7e..98e1988d10 100644 --- a/phpBB/styles/prosilver/template/viewtopic_body.html +++ b/phpBB/styles/prosilver/template/viewtopic_body.html @@ -38,12 +38,11 @@ <!-- IF S_DISPLAY_SEARCHBOX --> <div class="search-box"> - <form method="post" id="topic-search" action="{S_SEARCHBOX_ACTION}"> + <form method="get" id="topic-search" action="{S_SEARCHBOX_ACTION}"> <fieldset> <input class="inputbox search tiny" type="text" name="keywords" id="search_keywords" size="20" value="{L_SEARCH_TOPIC}" onclick="if(this.value=='{LA_SEARCH_TOPIC}')this.value='';" onblur="if(this.value=='')this.value='{LA_SEARCH_TOPIC}';" /> <input class="button2" type="submit" value="{L_SEARCH}" /> - <input type="hidden" value="{TOPIC_ID}" name="t" /> - <input type="hidden" value="msgonly" name="sf" /> + {S_SEARCH_HIDDEN_FIELDS} </fieldset> </form> </div> diff --git a/phpBB/styles/subsilver2/template/mcp_topic.html b/phpBB/styles/subsilver2/template/mcp_topic.html index 12c0f73b97..13865d26ee 100644 --- a/phpBB/styles/subsilver2/template/mcp_topic.html +++ b/phpBB/styles/subsilver2/template/mcp_topic.html @@ -35,7 +35,7 @@ <!-- IF S_CAN_MERGE --> <tr> - <th colspan="3" nowrap="nowrap">{L_MERGE_TOPIC}</th> + <th colspan="3" nowrap="nowrap">{L_MERGE_POSTS}</th> </tr> <tr> <td class="row2" colspan="3" align="center"><span class="gensmall">{L_MERGE_TOPIC_EXPLAIN}</span></td> diff --git a/phpBB/styles/subsilver2/template/searchbox.html b/phpBB/styles/subsilver2/template/searchbox.html index cb0bb5ba73..09b87a15d8 100644 --- a/phpBB/styles/subsilver2/template/searchbox.html +++ b/phpBB/styles/subsilver2/template/searchbox.html @@ -1 +1 @@ -<form method="post" name="search" action="{S_SEARCHBOX_ACTION}"><span class="gensmall">{L_SEARCH_FOR}:</span> <input class="post" type="text" name="keywords" size="20" /> <input class="btnlite" type="submit" value="{L_GO}" /></form> +<form method="get" name="search" action="{S_SEARCHBOX_ACTION}"><span class="gensmall">{L_SEARCH_FOR}:</span> <input class="post" type="text" name="keywords" size="20" /> <input class="btnlite" type="submit" value="{L_GO}" />{S_SEARCH_HIDDEN_FIELDS}</form> diff --git a/phpBB/styles/subsilver2/template/viewtopic_body.html b/phpBB/styles/subsilver2/template/viewtopic_body.html index bba00ce685..630871af61 100644 --- a/phpBB/styles/subsilver2/template/viewtopic_body.html +++ b/phpBB/styles/subsilver2/template/viewtopic_body.html @@ -150,7 +150,7 @@ <!-- IF postrow.POST_ICON_IMG --> <td><img src="{T_ICONS_PATH}{postrow.POST_ICON_IMG}" width="{postrow.POST_ICON_IMG_WIDTH}" height="{postrow.POST_ICON_IMG_HEIGHT}" alt="" title="" /></td> <!-- ENDIF --> - <td class="gensmall" width="100%"><div style="float: {S_CONTENT_FLOW_BEGIN};"> <b>{L_POST_SUBJECT}:</b> {postrow.POST_SUBJECT}</div><div style="float: {S_CONTENT_FLOW_END};"><!-- IF S_IS_BOT -->{postrow.MINI_POST_IMG}<!-- ELSE --><a href="{postrow.U_MINI_POST}">{postrow.MINI_POST_IMG}</a><!-- ENDIF --><b>{L_POSTED}:</b> {postrow.POST_DATE} </div></td> + <td class="gensmall" width="100%"><div style="float: {S_CONTENT_FLOW_BEGIN};"> <b>{L_POST_SUBJECT}:</b> <a href="#p{postrow.POST_ID}">{postrow.POST_SUBJECT}</a></div><div style="float: {S_CONTENT_FLOW_END};"><!-- IF S_IS_BOT -->{postrow.MINI_POST_IMG}<!-- ELSE --><a href="{postrow.U_MINI_POST}">{postrow.MINI_POST_IMG}</a><!-- ENDIF --><b>{L_POSTED}:</b> {postrow.POST_DATE} </div></td> </tr> </table> </td> diff --git a/phpBB/ucp.php b/phpBB/ucp.php index f5a2ec9648..8fa022668b 100644 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -314,6 +314,12 @@ if (!$config['allow_topic_notify'] && !$config['allow_forum_notify']) $module->set_display('main', 'subscribed', false); } +// Do not display signature panel if not authed to do so +if (!$auth->acl_get('u_sig')) +{ + $module->set_display('profile', 'signature', false); +} + // Select the active module $module->set_active($id, $mode); diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 9cfa93f880..fff5be69d3 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -267,6 +267,12 @@ $post_alt = ($forum_data['forum_status'] == ITEM_LOCKED) ? $user->lang['FORUM_LO // Display active topics? $s_display_active = ($forum_data['forum_type'] == FORUM_CAT && ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS)) ? true : false; +$s_search_hidden_fields = array('fid' => $forum_id); +if ($_SID) +{ + $s_search_hidden_fields['sid'] = $_SID; +} + $template->assign_vars(array( 'MODERATORS' => (!empty($moderators[$forum_id])) ? implode(', ', $moderators[$forum_id]) : '', @@ -304,7 +310,8 @@ $template->assign_vars(array( 'S_WATCHING_FORUM' => $s_watching_forum['is_watching'], 'S_FORUM_ACTION' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id" . (($start == 0) ? '' : "&start=$start")), 'S_DISPLAY_SEARCHBOX' => ($auth->acl_get('u_search') && $auth->acl_get('f_search', $forum_id) && $config['load_search']) ? true : false, - 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx", 'fid[]=' . $forum_id), + 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx"), + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), 'S_SINGLE_MODERATOR' => (!empty($moderators[$forum_id]) && sizeof($moderators[$forum_id]) > 1) ? false : true, 'S_IS_LOCKED' => ($forum_data['forum_status'] == ITEM_LOCKED) ? true : false, 'S_VIEWFORUM' => true, diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 53da7f539f..e4c02a88fb 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -585,6 +585,15 @@ $server_path = (!$view) ? $phpbb_root_path : generate_board_url() . '/'; // Replace naughty words in title $topic_data['topic_title'] = censor_text($topic_data['topic_title']); +$s_search_hidden_fields = array( + 't' => $topic_id, + 'sf' => 'msgonly', +); +if ($_SID) +{ + $s_search_hidden_fields['sid'] = $_SID; +} + // Send vars to template $template->assign_vars(array( 'FORUM_ID' => $forum_id, @@ -636,7 +645,8 @@ $template->assign_vars(array( 'S_VIEWTOPIC' => true, 'S_DISPLAY_SEARCHBOX' => ($auth->acl_get('u_search') && $auth->acl_get('f_search', $forum_id) && $config['load_search']) ? true : false, - 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx", 't=' . $topic_id), + 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx"), + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), 'S_DISPLAY_POST_INFO' => ($topic_data['forum_type'] == FORUM_POST && ($auth->acl_get('f_post', $forum_id) || $user->data['user_id'] == ANONYMOUS)) ? true : false, 'S_DISPLAY_REPLY_INFO' => ($topic_data['forum_type'] == FORUM_POST && ($auth->acl_get('f_reply', $forum_id) || $user->data['user_id'] == ANONYMOUS)) ? true : false, diff --git a/tests/dbal/select_test.php b/tests/dbal/select_test.php index 533416f14b..e0d08d9306 100644 --- a/tests/dbal/select_test.php +++ b/tests/dbal/select_test.php @@ -8,6 +8,7 @@ */ require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; class phpbb_dbal_select_test extends phpbb_database_test_case { @@ -317,4 +318,27 @@ class phpbb_dbal_select_test extends phpbb_database_test_case $db->sql_freeresult($result); } + + function test_nested_transactions() + { + $db = $this->new_dbal(); + + // nested transactions should work on systems that do not require + // buffering of nested transactions, so ignore the ones that need + // buffering + if ($db->sql_buffer_nested_transactions()) + { + return; + } + + $sql = 'SELECT user_id FROM phpbb_users ORDER BY user_id ASC'; + $result1 = $db->sql_query($sql); + + $db->sql_transaction('begin'); + $result2 = $db->sql_query($sql); + $row = $db->sql_fetchrow($result2); + $db->sql_transaction('commit'); + + $this->assertEquals('1', $row['user_id']); + } } diff --git a/tests/profile/custom_test.php b/tests/profile/custom_test.php new file mode 100644 index 0000000000..0e0a851243 --- /dev/null +++ b/tests/profile/custom_test.php @@ -0,0 +1,55 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +require_once dirname(__FILE__) . '/../../phpBB/includes/functions_profile_fields.php'; + +class phpbb_profile_custom_test extends phpbb_database_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/profile_fields.xml'); + } + + static public function dropdownFields() + { + return array( + // note, there is an offset of 1 between option_id (0-indexed) + // in the database and values (1-indexed) to avoid problems with + // transmitting 0 in an HTML form + // required, value, expected + array(1, '0', 'FIELD_INVALID_VALUE', 'Required field should throw error for out-of-range value'), + array(1, '1', 'FIELD_REQUIRED', 'Required field should throw error for default value'), + array(1, '2', false, 'Required field should accept non-default value'), + array(0, '0', 'FIELD_INVALID_VALUE', 'Optional field should throw error for out-of-range value'), + array(0, '1', false, 'Optional field should accept default value'), + array(0, '2', false, 'Optional field should accept non-default value'), + ); + } + + /** + * @dataProvider dropdownFields + */ + public function test_dropdown_validate($field_required, $field_value, $expected, $description) + { + global $db; + $db = $this->new_dbal(); + + $field_data = array( + 'field_id' => 1, + 'lang_id' => 1, + 'field_novalue' => 1, + 'field_required' => $field_required, + ); + + $cp = new custom_profile; + $result = $cp->validate_profile_field(FIELD_DROPDOWN, &$field_value, $field_data); + + $this->assertEquals($expected, $result, $description); + } +} diff --git a/tests/profile/fixtures/profile_fields.xml b/tests/profile/fixtures/profile_fields.xml new file mode 100644 index 0000000000..0b2929f625 --- /dev/null +++ b/tests/profile/fixtures/profile_fields.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_profile_fields_lang"> + <column>field_id</column> + <column>lang_id</column> + <column>option_id</column> + <column>field_type</column> + <column>lang_value</column> + <row> + <value>1</value> + <value>1</value> + <value>0</value> + <value>5</value> + <value>Default Option</value> + </row> + <row> + <value>1</value> + <value>1</value> + <value>1</value> + <value>5</value> + <value>First Alternative</value> + </row> + <row> + <value>1</value> + <value>1</value> + <value>2</value> + <value>5</value> + <value>Third Alternative</value> + </row> + </table> +</dataset> diff --git a/tests/random/mt_rand.php b/tests/random/mt_rand.php new file mode 100644 index 0000000000..d6502c4e80 --- /dev/null +++ b/tests/random/mt_rand.php @@ -0,0 +1,46 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; + +class phpbb_random_mt_rand_test extends phpbb_test_case +{ + public function test_max_equals_min() + { + $result = phpbb_mt_rand(42, 42); + $this->assertEquals(42, $result); + } + + public function test_max_equals_min_negative() + { + $result = phpbb_mt_rand(-42, -42); + $this->assertEquals(-42, $result); + } + + public function test_max_greater_min() + { + $result = phpbb_mt_rand(3, 4); + $this->assertGreaterThanOrEqual(3, $result); + $this->assertLessThanOrEqual(4, $result); + } + + public function test_min_greater_max() + { + $result = phpbb_mt_rand(4, 3); + $this->assertGreaterThanOrEqual(3, $result); + $this->assertLessThanOrEqual(4, $result); + } + + public function test_min_greater_max_negative() + { + $result = phpbb_mt_rand(-3, -4); + $this->assertGreaterThanOrEqual(-4, $result); + $this->assertLessThanOrEqual(-3, $result); + } +} |