diff options
| -rw-r--r-- | .travis.yml | 3 | ||||
| -rw-r--r-- | phpBB/docs/lighttpd.sample.conf | 13 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions_messenger.php | 38 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v310/timezone.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/search/base.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/session.php | 18 | ||||
| -rw-r--r-- | phpBB/posting.php | 3 | ||||
| -rw-r--r-- | phpBB/search.php | 46 | ||||
| -rw-r--r-- | tests/functional/search/base.php | 2 |
10 files changed, 112 insertions, 21 deletions
diff --git a/.travis.yml b/.travis.yml index 7bd7e85ab1..f1f95fc4a5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,11 +22,14 @@ matrix: env: DB=mysqli - php: 7.0 env: DB=mysqli + - php: 7.1 + env: DB=mysqli - php: nightly env: DB=mysqli - php: hhvm env: DB=mysqli allow_failures: + - php: 7.1 - php: hhvm - php: nightly fast_finish: true diff --git a/phpBB/docs/lighttpd.sample.conf b/phpBB/docs/lighttpd.sample.conf index 5862cb319d..5b04122267 100644 --- a/phpBB/docs/lighttpd.sample.conf +++ b/phpBB/docs/lighttpd.sample.conf @@ -1,7 +1,7 @@ # Sample lighttpd configuration file for phpBB. # Global settings have been removed, copy them # from your system's lighttpd.conf. -# Tested with lighttpd 1.4.26 +# Tested with lighttpd 1.4.35 # If you want to use the X-Sendfile feature, # uncomment the 'allow-x-send-file' for the fastcgi @@ -16,6 +16,7 @@ server.modules += ( "mod_access", "mod_fastcgi", + "mod_rewrite", "mod_accesslog" ) @@ -49,7 +50,15 @@ $HTTP["host"] == "www.myforums.com" { $HTTP["url"] =~ "/\.htaccess|/\.htpasswd|/\.htgroups" { url.access-deny = ( "" ) } - + + # The following 3 lines will rewrite URLs passed through the front controller + # to not require app.php in the actual URL. In other words, a controller is + # by default accessed at /app.php/my/controller, but can also be accessed at + # /my/controller + url.rewrite-if-not-file = ( + "^/(.*)$" => "/app.php/$1" + ) + fastcgi.server = ( ".php" => (( "bin-path" => "/usr/bin/php-cgi", diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 465964913c..da698ae4cb 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -853,7 +853,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ $tracking['tf'][$forum_id][$topic_id36] = true; } - $tracking['t'][$topic_id36] = base_convert($post_time - $config['board_startdate'], 10, 36); + $tracking['t'][$topic_id36] = base_convert($post_time - (int) $config['board_startdate'], 10, 36); // If the cookie grows larger than 10000 characters we will remove the smallest value // This can result in old topics being unread - but most of the time it should be accurate... @@ -1723,8 +1723,8 @@ function redirect($url, $return = false, $disable_cd_check = false) if ($url_parts === false) { - // Malformed url, redirect to current page... - $url = generate_board_url() . '/' . $user->page['page']; + // Malformed url + trigger_error('INSECURE_REDIRECT', E_USER_ERROR); } else if (!empty($url_parts['scheme']) && !empty($url_parts['host'])) { diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index fa9ed84a34..0056cbca35 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -225,6 +225,13 @@ class messenger $template_lang = basename($config['default_lang']); } + $ext_template_paths = array( + array( + 'name' => $template_lang . '_email', + 'ext_path' => 'language/' . $template_lang . '/email' . $template_dir_prefix, + ), + ); + if ($template_path) { $template_paths = array( @@ -240,23 +247,38 @@ class messenger $template_path . $template_dir_prefix, ); + $board_language = basename($config['default_lang']); + // we can only specify default language fallback when the path is not a custom one for which we // do not know the default language alternative - if ($template_lang !== basename($config['default_lang'])) + if ($template_lang !== $board_language) + { + $fallback_template_path = (!empty($user->lang_path)) ? $user->lang_path : $phpbb_root_path . 'language/'; + $fallback_template_path .= $board_language . '/email'; + + $template_paths[] = $fallback_template_path . $template_dir_prefix; + + $ext_template_paths[] = array( + 'name' => $board_language . '_email', + 'ext_path' => 'language/' . $board_language . '/email' . $template_dir_prefix, + ); + } + // If everything fails just fall back to en template + if ($template_lang !== 'en' && $board_language !== 'en') { $fallback_template_path = (!empty($user->lang_path)) ? $user->lang_path : $phpbb_root_path . 'language/'; - $fallback_template_path .= basename($config['default_lang']) . '/email'; + $fallback_template_path .= 'en/email'; $template_paths[] = $fallback_template_path . $template_dir_prefix; + + $ext_template_paths[] = array( + 'name' => 'en_email', + 'ext_path' => 'language/en/email' . $template_dir_prefix, + ); } } - $this->set_template_paths(array( - array( - 'name' => $template_lang . '_email', - 'ext_path' => 'language/' . $template_lang . '/email' . $template_dir_prefix, - ), - ), $template_paths); + $this->set_template_paths($ext_template_paths, $template_paths); $this->template->set_filenames(array( 'body' => $template_file . '.txt', diff --git a/phpBB/phpbb/db/migration/data/v310/timezone.php b/phpBB/phpbb/db/migration/data/v310/timezone.php index 1f6b47ad50..03a8d1ab34 100644 --- a/phpBB/phpbb/db/migration/data/v310/timezone.php +++ b/phpBB/phpbb/db/migration/data/v310/timezone.php @@ -103,7 +103,7 @@ class timezone extends \phpbb\db\migration\migration */ public function convert_phpbb30_timezone($timezone, $dst) { - $offset = $timezone + $dst; + $offset = (float) $timezone + (int) $dst; switch ($timezone) { diff --git a/phpBB/phpbb/search/base.php b/phpBB/phpbb/search/base.php index d9313dddab..56de973b65 100644 --- a/phpBB/phpbb/search/base.php +++ b/phpBB/phpbb/search/base.php @@ -286,7 +286,7 @@ class base $sql = 'DELETE FROM ' . SEARCH_RESULTS_TABLE . ' - WHERE search_time < ' . (time() - $config['search_store_results']); + WHERE search_time < ' . (time() - (int) $config['search_store_results']); $db->sql_query($sql); } } diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 518cee4705..cbe2f02851 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -219,7 +219,7 @@ class session function session_begin($update_session_page = true) { global $phpEx, $SID, $_SID, $_EXTRA_URL, $db, $config, $phpbb_root_path; - global $request, $phpbb_container, $user, $phpbb_log; + global $request, $phpbb_container, $user, $phpbb_log, $phpbb_dispatcher; // Give us some basic information $this->time_now = time(); @@ -281,11 +281,21 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR')); - $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); + $ip = htmlspecialchars_decode($request->server('REMOTE_ADDR')); + $ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip)); + + /** + * Event to alter user IP address + * + * @event core.session_ip_after + * @var string ip REMOTE_ADDR + * @since 3.1.10-RC1 + */ + $vars = array('ip'); + extract($phpbb_dispatcher->trigger_event('core.session_ip_after', compact($vars))); // split the list of IPs - $ips = explode(' ', trim($this->ip)); + $ips = explode(' ', trim($ip)); // Default IP if REMOTE_ADDR is invalid $this->ip = '127.0.0.1'; diff --git a/phpBB/posting.php b/phpBB/posting.php index 516f94f323..b0aef2482a 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -372,7 +372,9 @@ switch ($mode) * NOTE: Should be actual language strings, NOT * language keys. * @var bool is_authed Does the user have the required permissions? +* @var array post_data All post data from database * @since 3.1.3-RC1 +* @changed 3.1.10-RC1 Added post_data */ $vars = array( 'post_id', @@ -388,6 +390,7 @@ $vars = array( 'mode', 'error', 'is_authed', + 'post_data', ); extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars))); diff --git a/phpBB/search.php b/phpBB/search.php index fdd4aec7ae..5946e7531e 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -598,6 +598,48 @@ if ($keywords || $author || $author_id || $search_id || $submit) $total_match_count = $search->author_search($show_results, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_posts_fid_sql, $topic_id, $author_id_ary, $sql_author_match, $id_ary, $start, $per_page); } + /** + * Event to search otherwise than by keywords or author + * + * @event core.search_backend_search_after + * @var string show_results 'posts' or 'topics' type of ids + * @var string search_fields The data fields to search in + * @var string search_terms Is either 'all' (use query as entered, words without prefix should default to "have to be in field") or 'any' (ignore search query parts and just return all posts that contain any of the specified words) + * @var array sort_by_sql Array of SQL sorting instructions + * @var string sort_key The sort key + * @var string sort_dir The sort direction + * @var int sort_days Limit the age of results + * @var array ex_fid_ary Array of excluded forum ids + * @var string m_approve_posts_fid_sql Specifies which types of posts the user can view in which forums + * @var int topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched + * @var array author_id_ary Array of exclusive author ids + * @var string sql_author_match Specifies the author match, when ANONYMOUS is also a search-match + * @var array id_ary Array of post or topic ids for search result + * @var int start The starting id of the results + * @var int per_page Number of ids each page is supposed to contain + * @var int total_match_count The total number of search matches + * @since 3.1.10-RC1 + */ + $vars = array( + 'show_results', + 'search_fields', + 'search_terms', + 'sort_by_sql', + 'sort_key', + 'sort_dir', + 'sort_days', + 'ex_fid_ary', + 'm_approve_posts_fid_sql', + 'topic_id', + 'author_id_ary', + 'sql_author_match', + 'id_ary', + 'start', + 'per_page', + 'total_match_count', + ); + extract($phpbb_dispatcher->trigger_event('core.search_backend_search_after', compact($vars))); + $sql_where = ''; if (sizeof($id_ary)) @@ -648,14 +690,16 @@ if ($keywords || $author || $author_id || $search_id || $submit) * @event core.search_modify_url_parameters * @var string u_search Search URL parameters string * @var string search_id Predefined search type name + * @var string show_results String indicating the show results mode * @var string sql_where The SQL WHERE string used by search to get topic data * @var int total_match_count The total number of search matches * @since 3.1.7-RC1 - * @changed 3.1.10-RC1 Added sql_where, total_match_count + * @changed 3.1.10-RC1 Added show_results, sql_where, total_match_count */ $vars = array( 'u_search', 'search_id', + 'show_results', 'sql_where', 'total_match_count', ); diff --git a/tests/functional/search/base.php b/tests/functional/search/base.php index f77ef70ecc..fc6f4c0a0b 100644 --- a/tests/functional/search/base.php +++ b/tests/functional/search/base.php @@ -79,7 +79,7 @@ abstract class phpbb_functional_search_base extends phpbb_functional_test_case { $this->add_lang('acp/search'); $crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid); - $form_values = $crawler->selectButton('Delete index')->form()->getValues(); + $form_values = $crawler->selectButton('Create index')->form()->getValues(); $crawler = self::request( 'POST', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid, |