9 files changed, 141 insertions, 198 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php
index 361ef2666c..b555f46a94 100644
--- a/phpBB/includes/acp/acp_ban.php
+++ b/phpBB/includes/acp/acp_ban.php
@@ -25,14 +25,13 @@ class acp_ban
 
 	function main($id, $mode)
 	{
-		global $config, $db, $user, $auth, $template, $cache;
-		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
+		global $user, $template, $request, $phpbb_dispatcher;
+		global $phpbb_root_path, $phpEx;
 
 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
-		$bansubmit	= (isset($_POST['bansubmit'])) ? true : false;
-		$unbansubmit = (isset($_POST['unbansubmit'])) ? true : false;
-		$current_time = time();
+		$bansubmit	= $request->is_set_post('bansubmit');
+		$unbansubmit = $request->is_set_post('unbansubmit');
 
 		$user->add_lang(array('acp/ban', 'acp/users'));
 		$this->tpl_name = 'acp_ban';
@@ -48,23 +47,79 @@ class acp_ban
 		if ($bansubmit)
 		{
 			// Grab the list of entries
-			$ban				= utf8_normalize_nfc(request_var('ban', '', true));
-			$ban_len			= request_var('banlength', 0);
-			$ban_len_other		= request_var('banlengthother', '');
-			$ban_exclude		= request_var('banexclude', 0);
-			$ban_reason			= utf8_normalize_nfc(request_var('banreason', '', true));
-			$ban_give_reason	= utf8_normalize_nfc(request_var('bangivereason', '', true));
+			$ban				= $request->variable('ban', '', true);
+			$ban_length			= $request->variable('banlength', 0);
+			$ban_length_other	= $request->variable('banlengthother', '');
+			$ban_exclude		= $request->variable('banexclude', 0);
+			$ban_reason			= $request->variable('banreason', '', true);
+			$ban_give_reason	= $request->variable('bangivereason', '', true);
 
 			if ($ban)
 			{
-				user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
+				$abort_ban = false;
+				/**
+				* Use this event to modify the ban details before the ban is performed
+				*
+				* @event core.acp_ban_before
+				* @var	string	mode				One of the following: user, ip, email
+				* @var	string	ban					Either string or array with usernames, ips or email addresses
+				* @var	int		ban_length			Ban length in minutes
+				* @var	string	ban_length_other	Ban length as a date (YYYY-MM-DD)
+				* @var	bool	ban_exclude			Are we banning or excluding from another ban
+				* @var	string	ban_reason			Ban reason displayed to moderators
+				* @var	string	ban_give_reason		Ban reason displayed to the banned user
+				* @var	mixed	abort_ban			Either false, or an error message that is displayed to the user.
+				*									If a string is given the bans are not issued.
+				* @since 3.1.0-RC5
+				*/
+				$vars = array(
+					'mode',
+					'ban',
+					'ban_length',
+					'ban_length_other',
+					'ban_exclude',
+					'ban_reason',
+					'ban_give_reason',
+					'abort_ban',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.acp_ban_before', compact($vars)));
+
+				if ($abort_ban)
+				{
+					trigger_error($abort_ban . adm_back_link($this->u_action));
+				}
+				user_ban($mode, $ban, $ban_length, $ban_length_other, $ban_exclude, $ban_reason, $ban_give_reason);
+
+				/**
+				* Use this event to perform actions after the ban has been performed
+				*
+				* @event core.acp_ban_after
+				* @var	string	mode				One of the following: user, ip, email
+				* @var	string	ban					Either string or array with usernames, ips or email addresses
+				* @var	int		ban_length			Ban length in minutes
+				* @var	string	ban_length_other	Ban length as a date (YYYY-MM-DD)
+				* @var	bool	ban_exclude			Are we banning or excluding from another ban
+				* @var	string	ban_reason			Ban reason displayed to moderators
+				* @var	string	ban_give_reason		Ban reason displayed to the banned user
+				* @since 3.1.0-RC5
+				*/
+				$vars = array(
+					'mode',
+					'ban',
+					'ban_length',
+					'ban_length_other',
+					'ban_exclude',
+					'ban_reason',
+					'ban_give_reason',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.acp_ban_after', compact($vars)));
 
 				trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action));
 			}
 		}
 		else if ($unbansubmit)
 		{
-			$ban = request_var('unban', array(''));
+			$ban = $request->variable('unban', array(''));
 
 			if ($ban)
 			{
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index f2707f15ca..f4f7512f0c 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -65,13 +65,16 @@ class acp_board
 						'default_lang'			=> array('lang' => 'DEFAULT_LANGUAGE',		'validate' => 'lang',	'type' => 'select', 'function' => 'language_select', 'params' => array('{CONFIG_VALUE}'), 'explain' => false),
 						'default_dateformat'	=> array('lang' => 'DEFAULT_DATE_FORMAT',	'validate' => 'string',	'type' => 'custom', 'method' => 'dateformat_select', 'explain' => true),
 						'board_timezone'		=> array('lang' => 'SYSTEM_TIMEZONE',		'validate' => 'timezone',	'type' => 'custom', 'method' => 'timezone_select', 'explain' => true),
-						'default_style'			=> array('lang' => 'DEFAULT_STYLE',			'validate' => 'int',	'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => false),
+
+						'legend2'				=> 'BOARD_STYLE',
+						'default_style'			=> array('lang' => 'DEFAULT_STYLE',			'validate' => 'int',	'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => true),
+						'guest_style'			=> array('lang' => 'GUEST_STYLE',			'validate' => 'int',	'type' => 'select', 'function' => 'style_select', 'params' => array($this->guest_style_get(), false), 'explain' => true),
 						'override_user_style'	=> array('lang' => 'OVERRIDE_STYLE',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 
-						'legend2'				=> 'WARNINGS',
+						'legend3'				=> 'WARNINGS',
 						'warnings_expire_days'	=> array('lang' => 'WARNINGS_EXPIRE',		'validate' => 'int:0:9999',	'type' => 'number:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
 
-						'legend3'					=> 'ACP_SUBMIT_CHANGES',
+						'legend4'					=> 'ACP_SUBMIT_CHANGES',
 					)
 				);
 			break;
@@ -509,6 +512,14 @@ class acp_board
 				continue;
 			}
 
+			if ($config_name == 'guest_style')
+			{
+				if (isset($cfg_array[$config_name])) {
+					$this->guest_style_set($cfg_array[$config_name]);
+				}
+				continue;
+			}
+
 			$this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
 
 			if ($config_name == 'email_function_name')
@@ -904,12 +915,44 @@ class acp_board
 	*/
 	function timezone_select($value, $key)
 	{
-		global $user;
+		global $template, $user;
+
+		$timezone_select = phpbb_timezone_select($template, $user, $value, true);
 
-		$timezone_select = phpbb_timezone_select($user, $value, true);
-		$timezone_select['tz_select'];
+		return '<select name="config[' . $key . ']" id="' . $key . '">' . $timezone_select . '</select>';
+	}
 
-		return '<select name="config[' . $key . ']" id="' . $key . '">' . $timezone_select['tz_select'] . '</select>';
+	/**
+	* Get guest style
+	*/
+	public function guest_style_get()
+	{
+		global $db;
+
+		$sql = 'SELECT user_style
+			FROM ' . USERS_TABLE . '
+			WHERE user_id = ' . ANONYMOUS;
+		$result = $db->sql_query($sql);
+
+		$style = (int) $db->sql_fetchfield('user_style');
+		$db->sql_freeresult($result);
+
+		return $style;
+	}
+
+	/**
+	* Set guest style
+	*
+	* @param	int		$style_id	The style ID
+	*/
+	public function guest_style_set($style_id)
+	{
+		global $db;
+
+		$sql = 'UPDATE ' . USERS_TABLE . '
+			SET user_style = ' . (int) $style_id . '
+			WHERE user_id = ' . ANONYMOUS;
+		$db->sql_query($sql);
 	}
 
 	/**
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index 8f9c155ffc..0c52f82459 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -269,7 +269,7 @@ class acp_database
 									break;
 								}
 
-								header('Pragma: no-cache');
+								header('Cache-Control: private, no-cache');
 								header("Content-Type: $mimetype; name=\"$name\"");
 								header("Content-disposition: attachment; filename=$name");
 
@@ -510,7 +510,7 @@ class base_extractor
 		if ($download == true)
 		{
 			$name = $filename . $ext;
-			header('Pragma: no-cache');
+			header('Cache-Control: private, no-cache');
 			header("Content-Type: $mimetype; name=\"$name\"");
 			header("Content-disposition: attachment; filename=$name");
 
diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php
index 028025b547..9265415dd1 100644
--- a/phpBB/includes/acp/acp_icons.php
+++ b/phpBB/includes/acp/acp_icons.php
@@ -737,7 +737,7 @@ class acp_icons
 				{
 					garbage_collection();
 
-					header('Pragma: public');
+					header('Cache-Control: public');
 
 					// Send out the Headers
 					header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"');
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index 2a28226d6c..48ca05a118 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -655,8 +655,8 @@ class acp_main
 				'S_MBSTRING_LOADED'						=> true,
 				'S_MBSTRING_FUNC_OVERLOAD_FAIL'			=> (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)),
 				'S_MBSTRING_ENCODING_TRANSLATION_FAIL'	=> (@ini_get('mbstring.encoding_translation') != 0),
-				'S_MBSTRING_HTTP_INPUT_FAIL'			=> (@ini_get('mbstring.http_input') != 'pass'),
-				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> (@ini_get('mbstring.http_output') != 'pass'),
+				'S_MBSTRING_HTTP_INPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_input'), array('pass', '')),
+				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_output'), array('pass', '')),
 			));
 		}
 
diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php
index fda6ef25ec..046281596c 100644
--- a/phpBB/includes/acp/acp_profile.php
+++ b/phpBB/includes/acp/acp_profile.php
@@ -112,58 +112,8 @@ class acp_profile
 					$db->sql_query('DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . " WHERE field_id = $field_id");
 					$db->sql_query('DELETE FROM ' . PROFILE_LANG_TABLE . " WHERE field_id = $field_id");
 
-					switch ($db->get_sql_layer())
-					{
-						case 'sqlite':
-						case 'sqlite3':
-							$sql = "SELECT sql
-								FROM sqlite_master
-								WHERE type = 'table'
-									AND name = '" . PROFILE_FIELDS_DATA_TABLE . "'
-								ORDER BY type DESC, name;";
-							$result = $db->sql_query($sql);
-							$row = $db->sql_fetchrow($result);
-							$db->sql_freeresult($result);
-
-							// Create a temp table and populate it, destroy the existing one
-							$db->sql_query(preg_replace('#CREATE\s+TABLE\s+"?' . PROFILE_FIELDS_DATA_TABLE . '"?#i', 'CREATE TEMPORARY TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp', $row['sql']));
-							$db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . '_temp SELECT * FROM ' . PROFILE_FIELDS_DATA_TABLE);
-							$db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE);
-
-							preg_match('#\((.*)\)#s', $row['sql'], $matches);
-
-							$new_table_cols = trim($matches[1]);
-							$old_table_cols = preg_split('/,(?=[\\sa-z])/im', $new_table_cols);
-							$column_list = array();
-
-							foreach ($old_table_cols as $declaration)
-							{
-								$entities = preg_split('#\s+#', trim($declaration));
-
-								if ($entities[0] == 'PRIMARY')
-								{
-									continue;
-								}
-
-								if ($entities[0] !== 'pf_' . $field_ident)
-								{
-									$column_list[] = $entities[0];
-								}
-							}
-
-							$columns = implode(',', $column_list);
-
-							$new_table_cols = preg_replace('/' . 'pf_' . $field_ident . '[^,]+,/', '', $new_table_cols);
-
-							// create a new table and fill it up. destroy the temp one
-							$db->sql_query('CREATE TABLE ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $new_table_cols . ');');
-							$db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $columns . ') SELECT ' . $columns . ' FROM ' . PROFILE_FIELDS_DATA_TABLE . '_temp;');
-							$db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp');
-						break;
-
-						default:
-							$db->sql_query('ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " DROP COLUMN pf_$field_ident");
-					}
+					$db_tools = $phpbb_container->get('dbal.tools');
+					$db_tools->sql_column_remove(PROFILE_FIELDS_DATA_TABLE, 'pf_' . $field_ident);
 
 					$order = 0;
 
@@ -932,9 +882,7 @@ class acp_profile
 			$field_ident = 'pf_' . $field_ident;
 
 			$db_tools = $phpbb_container->get('dbal.tools');
-
-			list($sql_type, $null) = $db_tools->get_column_type($profile_field->get_database_column_type());
-			$profile_sql[] = $this->add_field_ident($field_ident, $sql_type);
+			$db_tools->sql_column_add(PROFILE_FIELDS_DATA_TABLE, $field_ident, array($profile_field->get_database_column_type(), null));
 		}
 
 		$sql_ary = array(
@@ -1188,91 +1136,4 @@ class acp_profile
 			}
 		}
 	}
-
-	/**
-	* Return sql statement for adding a new field ident (profile field) to the profile fields data table
-	*/
-	function add_field_ident($field_ident, $sql_type)
-	{
-		global $db;
-
-		switch ($db->get_sql_layer())
-		{
-			case 'mysql':
-			case 'mysql4':
-			case 'mysqli':
-				$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD `$field_ident` " . $sql_type;
-
-			break;
-
-			case 'sqlite':
-			case 'sqlite3':
-				if (version_compare($db->sql_server_info(true), '3.0') == -1)
-				{
-					$sql = "SELECT sql
-						FROM sqlite_master
-						WHERE type = 'table'
-							AND name = '" . PROFILE_FIELDS_DATA_TABLE . "'
-						ORDER BY type DESC, name;";
-					$result = $db->sql_query($sql);
-					$row = $db->sql_fetchrow($result);
-					$db->sql_freeresult($result);
-
-					// Create a temp table and populate it, destroy the existing one
-					$db->sql_query(preg_replace('#CREATE\s+TABLE\s+"?' . PROFILE_FIELDS_DATA_TABLE . '"?#i', 'CREATE TEMPORARY TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp', $row['sql']));
-					$db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . '_temp SELECT * FROM ' . PROFILE_FIELDS_DATA_TABLE);
-					$db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE);
-
-					preg_match('#\((.*)\)#s', $row['sql'], $matches);
-
-					$new_table_cols = trim($matches[1]);
-					$old_table_cols = explode(',', $new_table_cols);
-					$column_list = array();
-
-					foreach ($old_table_cols as $declaration)
-					{
-						$entities = preg_split('#\s+#', trim($declaration));
-						if ($entities[0] == 'PRIMARY')
-						{
-							continue;
-						}
-						$column_list[] = $entities[0];
-					}
-
-					$columns = implode(',', $column_list);
-
-					$new_table_cols = $field_ident . ' ' . $sql_type . ',' . $new_table_cols;
-
-					// create a new table and fill it up. destroy the temp one
-					$db->sql_query('CREATE TABLE ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $new_table_cols . ');');
-					$db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $columns . ') SELECT ' . $columns . ' FROM ' . PROFILE_FIELDS_DATA_TABLE . '_temp;');
-					$db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp');
-				}
-				else
-				{
-					$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident [$sql_type]";
-				}
-
-			break;
-
-			case 'mssql':
-			case 'mssql_odbc':
-			case 'mssqlnative':
-				$sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] " . $sql_type;
-
-			break;
-
-			case 'postgres':
-				$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD COLUMN \"$field_ident\" " . $sql_type;
-
-			break;
-
-			case 'oracle':
-				$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident " . $sql_type;
-
-			break;
-		}
-
-		return $sql;
-	}
 }
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php
index 2a02e3e845..af3fd7937c 100644
--- a/phpBB/includes/acp/acp_styles.php
+++ b/phpBB/includes/acp/acp_styles.php
@@ -70,11 +70,6 @@ class acp_styles
 		$action = $this->request->variable('action', '');
 		$post_actions = array('install', 'activate', 'deactivate', 'uninstall');
 
-		if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action))
-		{
-			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
-		}
-
 		foreach ($post_actions as $key)
 		{
 			if ($this->request->is_set_post($key))
@@ -83,6 +78,18 @@ class acp_styles
 			}
 		}
 
+		// The uninstall action uses confirm_box() to verify the validity of the request,
+		// so there is no need to check for a valid token here.
+		if (in_array($action, $post_actions) && $action != 'uninstall')
+		{
+			$is_valid_request = check_link_hash($request->variable('hash', ''), $action) || check_form_key('styles_management');
+
+			if (!$is_valid_request)
+			{
+				trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+			}
+		}
+
 		if ($action != '')
 		{
 			$this->s_hidden_fields['action'] = $action;
@@ -122,6 +129,8 @@ class acp_styles
 	*/
 	protected function frontend()
 	{
+		add_form_key('styles_management');
+
 		// Check mode
 		switch ($this->mode)
 		{
@@ -133,33 +142,11 @@ class acp_styles
 				$this->welcome_message('INSTALL_STYLES', 'INSTALL_STYLES_EXPLAIN');
 				$this->show_available();
 				return;
-			case 'cache':
-				$this->action_cache();
-				return;
 		}
 		trigger_error($this->user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING);
 	}
 
 	/**
-	* Purge cache
-	*/
-	protected function action_cache()
-	{
-		global $db, $cache, $auth;
-
-		$this->config->increment('assets_version', 1);
-		$this->cache->purge();
-
-		// Clear permissions
-		$this->auth->acl_clear_prefetch();
-		phpbb_cache_moderators($db, $cache, $auth);
-
-		add_log('admin', 'LOG_PURGE_CACHE');
-
-		trigger_error($this->user->lang['PURGED_CACHE'] . adm_back_link($this->u_base_action), E_USER_NOTICE);
-	}
-
-	/**
 	* Install style(s)
 	*/
 	protected function action_install()
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 40d8218a07..31b033604d 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -1661,7 +1661,7 @@ class acp_users
 					${'s_sort_' . $sort_option . '_dir'} .= '</select>';
 				}
 
-				$timezone_selects = phpbb_timezone_select($user, $data['tz'], true);
+				phpbb_timezone_select($template, $user, $data['tz'], true);
 				$user_prefs_data = array(
 					'S_PREFS'			=> true,
 					'S_JABBER_DISABLED'	=> ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
@@ -1700,8 +1700,6 @@ class acp_users
 
 					'S_LANG_OPTIONS'	=> language_select($data['lang']),
 					'S_STYLE_OPTIONS'	=> style_select($data['style']),
-					'S_TZ_OPTIONS'			=> $timezone_selects['tz_select'],
-					'S_TZ_DATE_OPTIONS'		=> $timezone_selects['tz_dates'],
 				);
 
 				/**
diff --git a/phpBB/includes/acp/info/acp_styles.php b/phpBB/includes/acp/info/acp_styles.php
index 1a9865aa1d..c0ab005502 100644
--- a/phpBB/includes/acp/info/acp_styles.php
+++ b/phpBB/includes/acp/info/acp_styles.php
@@ -22,7 +22,6 @@ class acp_styles_info
 			'modes'		=> array(
 				'style'		=> array('title' => 'ACP_STYLES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')),
 				'install'	=> array('title' => 'ACP_STYLES_INSTALL', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')),
-				'cache'		=> array('title' => 'ACP_STYLES_CACHE', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')),
 			),
 		);
 	}