diff options
Diffstat (limited to 'phpBB/includes')
39 files changed, 794 insertions, 399 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 361ef2666c..b555f46a94 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -25,14 +25,13 @@ class acp_ban function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; - global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; + global $user, $template, $request, $phpbb_dispatcher; + global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - $bansubmit = (isset($_POST['bansubmit'])) ? true : false; - $unbansubmit = (isset($_POST['unbansubmit'])) ? true : false; - $current_time = time(); + $bansubmit = $request->is_set_post('bansubmit'); + $unbansubmit = $request->is_set_post('unbansubmit'); $user->add_lang(array('acp/ban', 'acp/users')); $this->tpl_name = 'acp_ban'; @@ -48,23 +47,79 @@ class acp_ban if ($bansubmit) { // Grab the list of entries - $ban = utf8_normalize_nfc(request_var('ban', '', true)); - $ban_len = request_var('banlength', 0); - $ban_len_other = request_var('banlengthother', ''); - $ban_exclude = request_var('banexclude', 0); - $ban_reason = utf8_normalize_nfc(request_var('banreason', '', true)); - $ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true)); + $ban = $request->variable('ban', '', true); + $ban_length = $request->variable('banlength', 0); + $ban_length_other = $request->variable('banlengthother', ''); + $ban_exclude = $request->variable('banexclude', 0); + $ban_reason = $request->variable('banreason', '', true); + $ban_give_reason = $request->variable('bangivereason', '', true); if ($ban) { - user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason); + $abort_ban = false; + /** + * Use this event to modify the ban details before the ban is performed + * + * @event core.acp_ban_before + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @var mixed abort_ban Either false, or an error message that is displayed to the user. + * If a string is given the bans are not issued. + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + 'abort_ban', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_ban_before', compact($vars))); + + if ($abort_ban) + { + trigger_error($abort_ban . adm_back_link($this->u_action)); + } + user_ban($mode, $ban, $ban_length, $ban_length_other, $ban_exclude, $ban_reason, $ban_give_reason); + + /** + * Use this event to perform actions after the ban has been performed + * + * @event core.acp_ban_after + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_ban_after', compact($vars))); trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action)); } } else if ($unbansubmit) { - $ban = request_var('unban', array('')); + $ban = $request->variable('unban', array('')); if ($ban) { diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index f2707f15ca..f4f7512f0c 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -65,13 +65,16 @@ class acp_board 'default_lang' => array('lang' => 'DEFAULT_LANGUAGE', 'validate' => 'lang', 'type' => 'select', 'function' => 'language_select', 'params' => array('{CONFIG_VALUE}'), 'explain' => false), 'default_dateformat' => array('lang' => 'DEFAULT_DATE_FORMAT', 'validate' => 'string', 'type' => 'custom', 'method' => 'dateformat_select', 'explain' => true), 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'timezone', 'type' => 'custom', 'method' => 'timezone_select', 'explain' => true), - 'default_style' => array('lang' => 'DEFAULT_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => false), + + 'legend2' => 'BOARD_STYLE', + 'default_style' => array('lang' => 'DEFAULT_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => true), + 'guest_style' => array('lang' => 'GUEST_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array($this->guest_style_get(), false), 'explain' => true), 'override_user_style' => array('lang' => 'OVERRIDE_STYLE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'legend2' => 'WARNINGS', + 'legend3' => 'WARNINGS', 'warnings_expire_days' => array('lang' => 'WARNINGS_EXPIRE', 'validate' => 'int:0:9999', 'type' => 'number:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']), - 'legend3' => 'ACP_SUBMIT_CHANGES', + 'legend4' => 'ACP_SUBMIT_CHANGES', ) ); break; @@ -509,6 +512,14 @@ class acp_board continue; } + if ($config_name == 'guest_style') + { + if (isset($cfg_array[$config_name])) { + $this->guest_style_set($cfg_array[$config_name]); + } + continue; + } + $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; if ($config_name == 'email_function_name') @@ -904,12 +915,44 @@ class acp_board */ function timezone_select($value, $key) { - global $user; + global $template, $user; + + $timezone_select = phpbb_timezone_select($template, $user, $value, true); - $timezone_select = phpbb_timezone_select($user, $value, true); - $timezone_select['tz_select']; + return '<select name="config[' . $key . ']" id="' . $key . '">' . $timezone_select . '</select>'; + } - return '<select name="config[' . $key . ']" id="' . $key . '">' . $timezone_select['tz_select'] . '</select>'; + /** + * Get guest style + */ + public function guest_style_get() + { + global $db; + + $sql = 'SELECT user_style + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . ANONYMOUS; + $result = $db->sql_query($sql); + + $style = (int) $db->sql_fetchfield('user_style'); + $db->sql_freeresult($result); + + return $style; + } + + /** + * Set guest style + * + * @param int $style_id The style ID + */ + public function guest_style_set($style_id) + { + global $db; + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_style = ' . (int) $style_id . ' + WHERE user_id = ' . ANONYMOUS; + $db->sql_query($sql); } /** diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 8f9c155ffc..0c52f82459 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -269,7 +269,7 @@ class acp_database break; } - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"$name\""); header("Content-disposition: attachment; filename=$name"); @@ -510,7 +510,7 @@ class base_extractor if ($download == true) { $name = $filename . $ext; - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"$name\""); header("Content-disposition: attachment; filename=$name"); diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 028025b547..9265415dd1 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -737,7 +737,7 @@ class acp_icons { garbage_collection(); - header('Pragma: public'); + header('Cache-Control: public'); // Send out the Headers header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"'); diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 2a28226d6c..48ca05a118 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -655,8 +655,8 @@ class acp_main 'S_MBSTRING_LOADED' => true, 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)), 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0), - 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'), - 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'), + 'S_MBSTRING_HTTP_INPUT_FAIL' => !in_array(@ini_get('mbstring.http_input'), array('pass', '')), + 'S_MBSTRING_HTTP_OUTPUT_FAIL' => !in_array(@ini_get('mbstring.http_output'), array('pass', '')), )); } diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index fda6ef25ec..046281596c 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -112,58 +112,8 @@ class acp_profile $db->sql_query('DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . " WHERE field_id = $field_id"); $db->sql_query('DELETE FROM ' . PROFILE_LANG_TABLE . " WHERE field_id = $field_id"); - switch ($db->get_sql_layer()) - { - case 'sqlite': - case 'sqlite3': - $sql = "SELECT sql - FROM sqlite_master - WHERE type = 'table' - AND name = '" . PROFILE_FIELDS_DATA_TABLE . "' - ORDER BY type DESC, name;"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // Create a temp table and populate it, destroy the existing one - $db->sql_query(preg_replace('#CREATE\s+TABLE\s+"?' . PROFILE_FIELDS_DATA_TABLE . '"?#i', 'CREATE TEMPORARY TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp', $row['sql'])); - $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . '_temp SELECT * FROM ' . PROFILE_FIELDS_DATA_TABLE); - $db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE); - - preg_match('#\((.*)\)#s', $row['sql'], $matches); - - $new_table_cols = trim($matches[1]); - $old_table_cols = preg_split('/,(?=[\\sa-z])/im', $new_table_cols); - $column_list = array(); - - foreach ($old_table_cols as $declaration) - { - $entities = preg_split('#\s+#', trim($declaration)); - - if ($entities[0] == 'PRIMARY') - { - continue; - } - - if ($entities[0] !== 'pf_' . $field_ident) - { - $column_list[] = $entities[0]; - } - } - - $columns = implode(',', $column_list); - - $new_table_cols = preg_replace('/' . 'pf_' . $field_ident . '[^,]+,/', '', $new_table_cols); - - // create a new table and fill it up. destroy the temp one - $db->sql_query('CREATE TABLE ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $new_table_cols . ');'); - $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $columns . ') SELECT ' . $columns . ' FROM ' . PROFILE_FIELDS_DATA_TABLE . '_temp;'); - $db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp'); - break; - - default: - $db->sql_query('ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " DROP COLUMN pf_$field_ident"); - } + $db_tools = $phpbb_container->get('dbal.tools'); + $db_tools->sql_column_remove(PROFILE_FIELDS_DATA_TABLE, 'pf_' . $field_ident); $order = 0; @@ -932,9 +882,7 @@ class acp_profile $field_ident = 'pf_' . $field_ident; $db_tools = $phpbb_container->get('dbal.tools'); - - list($sql_type, $null) = $db_tools->get_column_type($profile_field->get_database_column_type()); - $profile_sql[] = $this->add_field_ident($field_ident, $sql_type); + $db_tools->sql_column_add(PROFILE_FIELDS_DATA_TABLE, $field_ident, array($profile_field->get_database_column_type(), null)); } $sql_ary = array( @@ -1188,91 +1136,4 @@ class acp_profile } } } - - /** - * Return sql statement for adding a new field ident (profile field) to the profile fields data table - */ - function add_field_ident($field_ident, $sql_type) - { - global $db; - - switch ($db->get_sql_layer()) - { - case 'mysql': - case 'mysql4': - case 'mysqli': - $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD `$field_ident` " . $sql_type; - - break; - - case 'sqlite': - case 'sqlite3': - if (version_compare($db->sql_server_info(true), '3.0') == -1) - { - $sql = "SELECT sql - FROM sqlite_master - WHERE type = 'table' - AND name = '" . PROFILE_FIELDS_DATA_TABLE . "' - ORDER BY type DESC, name;"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // Create a temp table and populate it, destroy the existing one - $db->sql_query(preg_replace('#CREATE\s+TABLE\s+"?' . PROFILE_FIELDS_DATA_TABLE . '"?#i', 'CREATE TEMPORARY TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp', $row['sql'])); - $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . '_temp SELECT * FROM ' . PROFILE_FIELDS_DATA_TABLE); - $db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE); - - preg_match('#\((.*)\)#s', $row['sql'], $matches); - - $new_table_cols = trim($matches[1]); - $old_table_cols = explode(',', $new_table_cols); - $column_list = array(); - - foreach ($old_table_cols as $declaration) - { - $entities = preg_split('#\s+#', trim($declaration)); - if ($entities[0] == 'PRIMARY') - { - continue; - } - $column_list[] = $entities[0]; - } - - $columns = implode(',', $column_list); - - $new_table_cols = $field_ident . ' ' . $sql_type . ',' . $new_table_cols; - - // create a new table and fill it up. destroy the temp one - $db->sql_query('CREATE TABLE ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $new_table_cols . ');'); - $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' (' . $columns . ') SELECT ' . $columns . ' FROM ' . PROFILE_FIELDS_DATA_TABLE . '_temp;'); - $db->sql_query('DROP TABLE ' . PROFILE_FIELDS_DATA_TABLE . '_temp'); - } - else - { - $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident [$sql_type]"; - } - - break; - - case 'mssql': - case 'mssql_odbc': - case 'mssqlnative': - $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] " . $sql_type; - - break; - - case 'postgres': - $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD COLUMN \"$field_ident\" " . $sql_type; - - break; - - case 'oracle': - $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident " . $sql_type; - - break; - } - - return $sql; - } } diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 2a02e3e845..af3fd7937c 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -70,11 +70,6 @@ class acp_styles $action = $this->request->variable('action', ''); $post_actions = array('install', 'activate', 'deactivate', 'uninstall'); - if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action)) - { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); - } - foreach ($post_actions as $key) { if ($this->request->is_set_post($key)) @@ -83,6 +78,18 @@ class acp_styles } } + // The uninstall action uses confirm_box() to verify the validity of the request, + // so there is no need to check for a valid token here. + if (in_array($action, $post_actions) && $action != 'uninstall') + { + $is_valid_request = check_link_hash($request->variable('hash', ''), $action) || check_form_key('styles_management'); + + if (!$is_valid_request) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + } + if ($action != '') { $this->s_hidden_fields['action'] = $action; @@ -122,6 +129,8 @@ class acp_styles */ protected function frontend() { + add_form_key('styles_management'); + // Check mode switch ($this->mode) { @@ -133,33 +142,11 @@ class acp_styles $this->welcome_message('INSTALL_STYLES', 'INSTALL_STYLES_EXPLAIN'); $this->show_available(); return; - case 'cache': - $this->action_cache(); - return; } trigger_error($this->user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING); } /** - * Purge cache - */ - protected function action_cache() - { - global $db, $cache, $auth; - - $this->config->increment('assets_version', 1); - $this->cache->purge(); - - // Clear permissions - $this->auth->acl_clear_prefetch(); - phpbb_cache_moderators($db, $cache, $auth); - - add_log('admin', 'LOG_PURGE_CACHE'); - - trigger_error($this->user->lang['PURGED_CACHE'] . adm_back_link($this->u_base_action), E_USER_NOTICE); - } - - /** * Install style(s) */ protected function action_install() diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 40d8218a07..31b033604d 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1661,7 +1661,7 @@ class acp_users ${'s_sort_' . $sort_option . '_dir'} .= '</select>'; } - $timezone_selects = phpbb_timezone_select($user, $data['tz'], true); + phpbb_timezone_select($template, $user, $data['tz'], true); $user_prefs_data = array( 'S_PREFS' => true, 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true, @@ -1700,8 +1700,6 @@ class acp_users 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_STYLE_OPTIONS' => style_select($data['style']), - 'S_TZ_OPTIONS' => $timezone_selects['tz_select'], - 'S_TZ_DATE_OPTIONS' => $timezone_selects['tz_dates'], ); /** diff --git a/phpBB/includes/acp/info/acp_styles.php b/phpBB/includes/acp/info/acp_styles.php index 1a9865aa1d..c0ab005502 100644 --- a/phpBB/includes/acp/info/acp_styles.php +++ b/phpBB/includes/acp/info/acp_styles.php @@ -22,7 +22,6 @@ class acp_styles_info 'modes' => array( 'style' => array('title' => 'ACP_STYLES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), 'install' => array('title' => 'ACP_STYLES_INSTALL', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), - 'cache' => array('title' => 'ACP_STYLES_CACHE', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), ), ); } diff --git a/phpBB/includes/compatibility_globals.php b/phpBB/includes/compatibility_globals.php index 2a60f7fb8e..54c9287c96 100644 --- a/phpBB/includes/compatibility_globals.php +++ b/phpBB/includes/compatibility_globals.php @@ -43,6 +43,5 @@ $phpbb_path_helper = $phpbb_container->get('path_helper'); // load extensions $phpbb_extension_manager = $phpbb_container->get('ext.manager'); -$phpbb_subscriber_loader = $phpbb_container->get('event.subscriber_loader'); $template = $phpbb_container->get('template'); diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 0eac2e9417..2d4cb727a7 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.1.0-RC4-dev'); +define('PHPBB_VERSION', '3.1.2-RC1-dev'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index df613682a7..1a3560dbb1 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -31,7 +31,7 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path) new \phpbb\recursive_dot_prefix_filter_iterator( new \RecursiveDirectoryIterator( $phpbb_root_path . 'ext/', - \FilesystemIterator::SKIP_DOTS + \FilesystemIterator::SKIP_DOTS | \FilesystemIterator::FOLLOW_SYMLINKS ) ), \RecursiveIteratorIterator::SELF_FIRST @@ -937,14 +937,20 @@ function style_select($default = '', $all = false) * Format the timezone offset with hours and minutes * * @param int $tz_offset Timezone offset in seconds +* @param bool $show_null Whether null offsets should be shown * @return string Normalized offset string: -7200 => -02:00 * 16200 => +04:30 */ -function phpbb_format_timezone_offset($tz_offset) +function phpbb_format_timezone_offset($tz_offset, $show_null = false) { $sign = ($tz_offset < 0) ? '-' : '+'; $time_offset = abs($tz_offset); + if ($time_offset == 0 && $show_null == false) + { + return ''; + } + $offset_seconds = $time_offset % 3600; $offset_minutes = $offset_seconds / 60; $offset_hours = ($time_offset - $offset_seconds) / 3600; @@ -1040,13 +1046,14 @@ function phpbb_get_timezone_identifiers($selected_timezone) /** * Options to pick a timezone and date/time * +* @param \phpbb\template\template $template phpBB template object * @param \phpbb\user $user Object of the current user * @param string $default A timezone to select * @param boolean $truncate Shall we truncate the options text * -* @return array Returns an array, also containing the options for the time selector. +* @return array Returns an array containing the options for the time selector. */ -function phpbb_timezone_select($user, $default = '', $truncate = false) +function phpbb_timezone_select($template, $user, $default = '', $truncate = false) { static $timezones; @@ -1062,15 +1069,15 @@ function phpbb_timezone_select($user, $default = '', $truncate = false) $dt = $user->create_datetime('now', $tz); $offset = $dt->getOffset(); $current_time = $dt->format($user->lang['DATETIME_FORMAT'], true); - $offset_string = phpbb_format_timezone_offset($offset); - $timezones['GMT' . $offset_string . ' - ' . $timezone] = array( + $offset_string = phpbb_format_timezone_offset($offset, true); + $timezones['UTC' . $offset_string . ' - ' . $timezone] = array( 'tz' => $timezone, - 'offset' => 'GMT' . $offset_string, + 'offset' => $offset_string, 'current' => $current_time, ); if ($timezone === $default) { - $default_offset = 'GMT' . $offset_string; + $default_offset = 'UTC' . $offset_string; } } unset($unsorted_timezones); @@ -1078,18 +1085,27 @@ function phpbb_timezone_select($user, $default = '', $truncate = false) uksort($timezones, 'phpbb_tz_select_compare'); } - $tz_select = $tz_dates = $opt_group = ''; + $tz_select = $opt_group = ''; - foreach ($timezones as $timezone) + foreach ($timezones as $key => $timezone) { if ($opt_group != $timezone['offset']) { + // Generate tz_select for backwards compatibility $tz_select .= ($opt_group) ? '</optgroup>' : ''; - $tz_select .= '<optgroup label="' . $timezone['offset'] . ' - ' . $timezone['current'] . '">'; + $tz_select .= '<optgroup label="' . $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']) . '">'; $opt_group = $timezone['offset']; + $template->assign_block_vars('timezone_select', array( + 'LABEL' => $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']), + 'VALUE' => $key . ' - ' . $timezone['current'], + )); - $selected = ($default_offset == $timezone['offset']) ? ' selected="selected"' : ''; - $tz_dates .= '<option value="' . $timezone['offset'] . ' - ' . $timezone['current'] . '"' . $selected . '>' . $timezone['offset'] . ' - ' . $timezone['current'] . '</option>'; + $selected = (!empty($default_offset) && strpos($key, $default_offset) !== false) ? ' selected="selected"' : ''; + $template->assign_block_vars('timezone_date', array( + 'VALUE' => $key . ' - ' . $timezone['current'], + 'SELECTED' => !empty($selected), + 'TITLE' => $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']), + )); } $label = $timezone['tz']; @@ -1097,22 +1113,26 @@ function phpbb_timezone_select($user, $default = '', $truncate = false) { $label = $user->lang['timezones'][$label]; } - $title = $timezone['offset'] . ' - ' . $label; + $title = $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $label); if ($truncate) { $label = truncate_string($label, 50, 255, false, '...'); } + // Also generate timezone_select for backwards compatibility $selected = ($timezone['tz'] === $default) ? ' selected="selected"' : ''; $tz_select .= '<option title="' . $title . '" value="' . $timezone['tz'] . '"' . $selected . '>' . $label . '</option>'; + $template->assign_block_vars('timezone_select.timezone_options', array( + 'TITLE' => $title, + 'VALUE' => $timezone['tz'], + 'SELECTED' => !empty($selected), + 'LABEL' => $label, + )); } $tz_select .= '</optgroup>'; - return array( - 'tz_select' => $tz_select, - 'tz_dates' => $tz_dates, - ); + return $tz_select; } // Functions handling topic/post tracking/marking @@ -1989,6 +2009,9 @@ function tracking_unserialize($string, $max_depth = 3) * @param mixed $params String or array of additional url parameters * @param bool $is_amp Is url using & (true) or & (false) * @param string $session_id Possibility to use a custom session id instead of the global one +* @param bool $is_route Is url generated by a route. +* +* @return string The corrected url. * * Examples: * <code> @@ -1999,7 +2022,7 @@ function tracking_unserialize($string, $max_depth = 3) * </code> * */ -function append_sid($url, $params = false, $is_amp = true, $session_id = false) +function append_sid($url, $params = false, $is_amp = true, $session_id = false, $is_route = false) { global $_SID, $_EXTRA_URL, $phpbb_hook, $phpbb_path_helper; global $phpbb_dispatcher; @@ -2011,7 +2034,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) } // Update the root path with the correct relative web path - if ($phpbb_path_helper instanceof \phpbb\path_helper) + if (!$is_route && $phpbb_path_helper instanceof \phpbb\path_helper) { $url = $phpbb_path_helper->update_web_root_path($url); } @@ -2037,9 +2060,10 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) * the global one (false) * @var bool|string append_sid_overwrite Overwrite function (string * URL) or not (false) + * @var bool is_route Is url generated by a route. * @since 3.1.0-a1 */ - $vars = array('url', 'params', 'is_amp', 'session_id', 'append_sid_overwrite'); + $vars = array('url', 'params', 'is_amp', 'session_id', 'append_sid_overwrite', 'is_route'); extract($phpbb_dispatcher->trigger_event('core.append_sid', compact($vars))); if ($append_sid_overwrite) @@ -2576,15 +2600,17 @@ function add_form_key($form_name) } /** -* Check the form key. Required for all altering actions not secured by confirm_box -* @param string $form_name The name of the form; has to match the name used in add_form_key, otherwise no restrictions apply -* @param int $timespan The maximum acceptable age for a submitted form in seconds. Defaults to the config setting. -* @param string $return_page The address for the return link -* @param bool $trigger If true, the function will triger an error when encountering an invalid form -*/ -function check_form_key($form_name, $timespan = false, $return_page = '', $trigger = false) + * Check the form key. Required for all altering actions not secured by confirm_box + * + * @param string $form_name The name of the form; has to match the name used + * in add_form_key, otherwise no restrictions apply + * @param int $timespan The maximum acceptable age for a submitted form + * in seconds. Defaults to the config setting. + * @return bool True, if the form key was valid, false otherwise + */ +function check_form_key($form_name, $timespan = false) { - global $config, $user; + global $config, $request, $user; if ($timespan === false) { @@ -2592,10 +2618,10 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg $timespan = ($config['form_token_lifetime'] == -1) ? -1 : max(30, $config['form_token_lifetime']); } - if (isset($_POST['creation_time']) && isset($_POST['form_token'])) + if ($request->is_set_post('creation_time') && $request->is_set_post('form_token')) { - $creation_time = abs(request_var('creation_time', 0)); - $token = request_var('form_token', ''); + $creation_time = abs($request->variable('creation_time', 0)); + $token = $request->variable('form_token', ''); $diff = time() - $creation_time; @@ -2612,11 +2638,6 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg } } - if ($trigger) - { - trigger_error($user->lang['FORM_INVALID'] . $return_page); - } - return false; } @@ -2747,7 +2768,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; $err = ''; @@ -2832,8 +2853,18 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa if ($result['status'] == LOGIN_SUCCESS) { $redirect = request_var('redirect', "{$phpbb_root_path}index.$phpEx"); - $message = ($l_success) ? $l_success : $user->lang['LOGIN_REDIRECT']; - $l_redirect = ($admin) ? $user->lang['PROCEED_TO_ACP'] : (($redirect === "{$phpbb_root_path}index.$phpEx" || $redirect === "index.$phpEx") ? $user->lang['RETURN_INDEX'] : $user->lang['RETURN_PAGE']); + + /** + * This event allows an extension to modify the redirection when a user successfully logs in + * + * @event core.login_box_redirect + * @var string redirect Redirect string + * @var boolean admin Is admin? + * @var bool return If true, do not redirect but return the sanitized URL. + * @since 3.1.0-RC5 + */ + $vars = array('redirect', 'admin', 'return'); + extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars))); // append/replace SID (may change during the session for AOL users) $redirect = reapply_sid($redirect); @@ -3318,6 +3349,11 @@ function get_preg_expression($mode) case 'table_prefix': return '#^[a-zA-Z][a-zA-Z0-9_]*$#'; break; + + // Matches the predecing dot + case 'path_remove_dot_trailing_slash': + return '#^(?:(\.)?)+(?:(.+)?)+(?:([\\/\\\])$)#'; + break; } return ''; @@ -4899,7 +4935,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = } $dt = $user->create_datetime(); - $timezone_offset = 'GMT' . phpbb_format_timezone_offset($dt->getOffset()); + $timezone_offset = $user->lang(array('timezones', 'UTC_OFFSET'), phpbb_format_timezone_offset($dt->getOffset())); $timezone_name = $user->timezone->getName(); if (isset($user->lang['timezones'][$timezone_name])) { @@ -5063,8 +5099,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = // application/xhtml+xml not used because of IE 'Content-type' => 'text/html; charset=UTF-8', 'Cache-Control' => 'private, no-cache="set-cookie"', - 'Expires' => '0', - 'Pragma' => 'no-cache', + 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', ); if (!empty($user->data['is_bot'])) { @@ -5219,7 +5254,7 @@ function page_footer($run_cron = true, $display_template = true, $exit_handler = // Call cron-type script $call_cron = false; - if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable'] && !$user->data['is_bot'] && !$cache->get('cron.lock_check')) + if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable'] && !$user->data['is_bot'] && !$cache->get('_cron.lock_check')) { $call_cron = true; $time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time(); @@ -5251,10 +5286,22 @@ function page_footer($run_cron = true, $display_template = true, $exit_handler = } else { - $cache->put('cron.lock_check', true, 300); + $cache->put('_cron.lock_check', true, 60); } } + /** + * Execute code and/or modify output before displaying the template. + * + * @event core.page_footer_after + * @var bool display_template Whether or not to display the template + * @var bool exit_handler Whether or not to run the exit_handler() + * + * @since 3.1.0-RC5 + */ + $vars = array('display_template', 'exit_handler'); + extract($phpbb_dispatcher->trigger_event('core.page_footer_after', compact($vars))); + if ($display_template) { $template->display('body'); diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index d9dc11239c..e30c6da505 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -112,8 +112,7 @@ function adm_page_header($page_title) // application/xhtml+xml not used because of IE 'Content-type' => 'text/html; charset=UTF-8', 'Cache-Control' => 'private, no-cache="set-cookie"', - 'Expires' => '0', - 'Pragma' => 'no-cache', + 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', ); /** diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 093cb19538..43952ae57a 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -101,18 +101,21 @@ function phpbb_clean_path($path) } else if (!$phpbb_path_helper) { + global $phpbb_root_path, $phpEx; + // The container is not yet loaded, use a new instance if (!class_exists('\phpbb\path_helper')) { - global $phpbb_root_path, $phpEx; require($phpbb_root_path . 'phpbb/path_helper.' . $phpEx); } + $request = new phpbb\request\request(); $phpbb_path_helper = new phpbb\path_helper( new phpbb\symfony_request( - new phpbb\request\request() + $request ), new phpbb\filesystem(), + $request, $phpbb_root_path, $phpEx ); @@ -133,10 +136,9 @@ function phpbb_clean_path($path) */ function tz_select($default = '', $truncate = false) { - global $user; + global $template, $user; - $timezone_select = phpbb_timezone_select($user, $default, $truncate); - return $timezone_select['tz_select']; + return phpbb_timezone_select($template, $user, $default, $truncate); } /** @@ -166,3 +168,30 @@ function update_foes($group_id = false, $user_id = false) global $db, $auth; return phpbb_update_foes($db, $auth, $group_id, $user_id); } + +/** +* Get user rank title and image +* +* @param int $user_rank the current stored users rank id +* @param int $user_posts the users number of posts +* @param string &$rank_title the rank title will be stored here after execution +* @param string &$rank_img the rank image as full img tag is stored here after execution +* @param string &$rank_img_src the rank image source is stored here after execution +* +* @deprecated 3.1.0-RC5 (To be removed: 3.3.0) +* +* Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false +*/ +function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src) +{ + global $phpbb_root_path, $phpEx; + if (!function_exists('phpbb_get_user_rank')) + { + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + } + + $rank_data = phpbb_get_user_rank(array('user_rank' => $user_rank), $user_posts); + $rank_title = $rank_data['title']; + $rank_img = $rank_data['img']; + $rank_img_src = $rank_data['img_src']; +} diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php index 6ed69d6928..a7ee29dd91 100644 --- a/phpBB/includes/functions_compress.php +++ b/phpBB/includes/functions_compress.php @@ -509,7 +509,7 @@ class compress_zip extends compress $mimetype = 'application/zip'; - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"$download_name.zip\""); header("Content-disposition: attachment; filename=$download_name.zip"); @@ -757,7 +757,7 @@ class compress_tar extends compress break; } - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"$download_name$this->type\""); header("Content-disposition: attachment; filename=$download_name$this->type"); diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index f275ed1dd1..25ca50e8f1 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -912,7 +912,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, return; } - global $template, $cache, $user; + global $template, $cache, $user, $phpbb_dispatcher; global $extensions, $config, $phpbb_root_path, $phpEx; // @@ -1187,6 +1187,34 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, ); } + /** + * Use this event to modify the attachment template data. + * + * This event is triggered once per attachment. + * + * @event core.parse_attachments_modify_template_data + * @var array attachment Array with attachment data + * @var array block_array Template data of the attachment + * @var int display_cat Attachment category data + * @var string download_link Attachment download link + * @var array extensions Array with attachment extensions data + * @var mixed forum_id The forum id the attachments are displayed in (false if in private message) + * @var bool preview Flag indicating if we are in post preview mode + * @var array update_count Array with attachment ids to update download count + * @since 3.1.0-RC5 + */ + $vars = array( + 'attachment', + 'block_array', + 'display_cat', + 'download_link', + 'extensions', + 'forum_id', + 'preview', + 'update_count', + ); + extract($phpbb_dispatcher->trigger_event('core.parse_attachments_modify_template_data', compact($vars))); + $template->assign_block_vars('_file', $block_array); $compiled_attachments[] = $template->assign_display('attachment_tpl'); diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 78137d075b..31cf43e599 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -379,10 +379,10 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $last_catless = true; foreach ($forum_rows as $row) { - // Empty category + // Category if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT) { - $template->assign_block_vars('forumrow', array( + $cat_row = array( 'S_IS_CAT' => true, 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name'], @@ -391,9 +391,33 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'FORUM_FOLDER_IMG_SRC' => '', 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang['FORUM_CAT'] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', - 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id'])) + 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), ); + /** + * Modify the template data block of the 'category' + * + * This event is triggered once per 'category' + * + * @event core.display_forums_modify_category_template_vars + * @var array cat_row Template data of the 'category' + * @var bool catless The flag indicating whether the 'category' has a parent category + * @var bool last_catless The flag indicating whether the last forum had a parent category + * @var array root_data Array with the root forum data + * @var array row The data of the 'category' + * @since 3.1.0-RC4 + */ + $vars = array( + 'cat_row', + 'catless', + 'last_catless', + 'root_data', + 'row', + ); + extract($phpbb_dispatcher->trigger_event('core.display_forums_modify_category_template_vars', compact($vars))); + + $template->assign_block_vars('forumrow', $cat_row); + continue; } @@ -625,6 +649,28 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'UNAPPROVED_POST_IMG' => $user->img('icon_topic_unapproved', 'POSTS_UNAPPROVED_FORUM'), )); + /** + * Event to perform additional actions after the forum list has been generated + * + * @event core.display_forums_after + * @var array active_forum_ary Array with forum data to display active topics + * @var bool display_moderators Flag indicating if we display forum moderators + * @var array forum_moderators Array with forum moderators list + * @var array forum_rows Data array of all forums we display + * @var bool return_moderators Flag indicating if moderators list should be returned + * @var array root_data Array with the root forum data + * @since 3.1.0-RC5 + */ + $vars = array( + 'active_forum_ary', + 'display_moderators', + 'forum_moderators', + 'forum_rows', + 'return_moderators', + 'root_data', + ); + extract($phpbb_dispatcher->trigger_event('core.display_forums_after', compact($vars))); + if ($return_moderators) { return array($active_forum_ary, $forum_moderators); @@ -1378,17 +1424,34 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, /** * Get user rank title and image * -* @param int $user_rank the current stored users rank id +* @param array $user_data the current stored users data * @param int $user_posts the users number of posts -* @param string &$rank_title the rank title will be stored here after execution -* @param string &$rank_img the rank image as full img tag is stored here after execution -* @param string &$rank_img_src the rank image source is stored here after execution +* +* @return array An associative array containing the rank title (title), the rank image source (img) and the rank image as full img tag (img) * * Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false */ -function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src) +function phpbb_get_user_rank($user_data, $user_posts) { - global $ranks, $config, $phpbb_root_path, $phpbb_path_helper; + global $ranks, $config, $phpbb_root_path, $phpbb_path_helper, $phpbb_dispatcher; + + $user_rank_data = array( + 'title' => null, + 'img' => null, + 'img_src' => null, + ); + + /** + * Preparing a user's rank before displaying + * + * @event core.modify_user_rank + * @var array user_data Array with user's data + * @var int user_posts User_posts to change + * @since 3.1.0-RC4 + */ + + $vars = array('user_data', 'user_posts'); + extract($phpbb_dispatcher->trigger_event('core.modify_user_rank', compact($vars))); if (empty($ranks)) { @@ -1396,11 +1459,14 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank $ranks = $cache->obtain_ranks(); } - if (!empty($user_rank)) + if (!empty($user_data['user_rank'])) { - $rank_title = (isset($ranks['special'][$user_rank]['rank_title'])) ? $ranks['special'][$user_rank]['rank_title'] : ''; - $rank_img_src = (!empty($ranks['special'][$user_rank]['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image']) : ''; - $rank_img = (!empty($ranks['special'][$user_rank]['rank_image'])) ? '<img src="' . $rank_img_src . '" alt="' . $ranks['special'][$user_rank]['rank_title'] . '" title="' . $ranks['special'][$user_rank]['rank_title'] . '" />' : ''; + + $user_rank_data['title'] = (isset($ranks['special'][$user_data['user_rank']]['rank_title'])) ? $ranks['special'][$user_data['user_rank']]['rank_title'] : ''; + + $user_rank_data['img_src'] = (!empty($ranks['special'][$user_data['user_rank']]['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_data['user_rank']]['rank_image']) : ''; + + $user_rank_data['img'] = (!empty($ranks['special'][$user_data['user_rank']]['rank_image'])) ? '<img src="' . $user_rank_data['img_src'] . '" alt="' . $ranks['special'][$user_data['user_rank']]['rank_title'] . '" title="' . $ranks['special'][$user_data['user_rank']]['rank_title'] . '" />' : ''; } else if ($user_posts !== false) { @@ -1410,28 +1476,29 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank { if ($user_posts >= $rank['rank_min']) { - $rank_title = $rank['rank_title']; - $rank_img_src = (!empty($rank['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image']) : ''; - $rank_img = (!empty($rank['rank_image'])) ? '<img src="' . $rank_img_src . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : ''; + $user_rank_data['title'] = $rank['rank_title']; + $user_rank_data['img_src'] = (!empty($rank['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image']) : ''; + $user_rank_data['img'] = (!empty($rank['rank_image'])) ? '<img src="' . $user_rank_data['img_src'] . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : ''; break; } } } } + + return $user_rank_data; } /** * Prepare profile data */ -function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabled = false) +function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabled = false, $check_can_receive_pm = true) { global $config, $auth, $user, $phpEx, $phpbb_root_path, $phpbb_dispatcher; $username = $data['username']; $user_id = $data['user_id']; - $rank_title = $rank_img = $rank_img_src = ''; - get_user_rank($data['user_rank'], (($user_id == ANONYMOUS) ? false : $data['user_posts']), $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($data, (($user_id == ANONYMOUS) ? false : $data['user_posts'])); if ((!empty($data['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_user')) { @@ -1492,7 +1559,7 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl } // Can this user receive a Private Message? - $can_receive_pm = ( + $can_receive_pm = $check_can_receive_pm && ( // They must be a "normal" user $data['user_type'] != USER_IGNORE && @@ -1512,7 +1579,7 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl // Dump it out to the template $template_data = array( 'AGE' => $age, - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($data['user_regdate']), 'LAST_ACTIVE' => (empty($last_active)) ? ' - ' : $user->format_date($last_active), 'POSTS' => ($data['user_posts']) ? $data['user_posts'] : 0, @@ -1528,8 +1595,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl 'AVATAR_IMG' => phpbb_get_user_avatar($data), 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')), 'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false, - 'RANK_IMG' => $rank_img, - 'RANK_IMG_SRC' => $rank_img_src, + 'RANK_IMG' => $user_rank_data['img'], + 'RANK_IMG_SRC' => $user_rank_data['img_src'], 'S_JABBER_ENABLED' => ($config['jab_enable']) ? true : false, 'S_WARNINGS' => ($auth->acl_getf_global('m_') || $auth->acl_get('m_warn')) ? true : false, @@ -1541,8 +1608,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl 'U_EMAIL' => $email, 'U_JABBER' => ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $user_id) : '', - 'USER_JABBER' => $data['user_jabber'], - 'USER_JABBER_IMG' => ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', + 'USER_JABBER' => ($config['jab_enable']) ? $data['user_jabber'] : '', + 'USER_JABBER_IMG' => ($config['jab_enable'] && $data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', 'L_SEND_EMAIL_USER' => $user->lang('SEND_EMAIL_USER', $username), 'L_CONTACT_USER' => $user->lang('CONTACT_USER', $username), diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 4ff3994f4c..fbeae50f55 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -45,28 +45,28 @@ function send_avatar_to_browser($file, $browser) if ((@file_exists($file_path) && @is_readable($file_path)) && !headers_sent()) { - header('Pragma: public'); + header('Cache-Control: public'); $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) + if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); if (strpos(strtolower($browser), 'msie 6.0') !== false) { - header('Expires: -1'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); } else { - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); } } else { header('Content-Disposition: inline; ' . header_filename($file)); - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); } $size = @filesize($file_path); @@ -175,7 +175,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } // Now the tricky part... let's dance - header('Pragma: public'); + header('Cache-Control: public'); // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); @@ -197,7 +197,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) { - header('expires: -1'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); } } else @@ -420,8 +420,8 @@ function set_modified_headers($stamp, $browser) { send_status_line(304, 'Not Modified'); // seems that we need those too ... browsers - header('Pragma: public'); - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Cache-Control: public'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); return true; } else diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 768011fa5b..af44f6270e 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -2384,6 +2384,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u * @var int topic_type Variable containing topic type value * @var array poll Array with the poll data for the post * @var array data Array with the data for the post + * @var int post_visibility Variable containing up to date post visibility * @var bool update_message Flag indicating if the post will be updated * @var bool update_search_index Flag indicating if the search index will be updated * @var string url The "Return to topic" URL @@ -2399,6 +2400,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_type', 'poll', 'data', + 'post_visibility', 'update_message', 'update_search_index', 'url', @@ -2538,7 +2540,7 @@ function phpbb_upload_popup($forum_style = 0) /** * Do the various checks required for removing posts as well as removing it */ -function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $is_soft = false, $soft_delete_reason = '') +function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $is_soft = false, $delete_reason = '') { global $user, $auth, $config, $request; global $phpbb_root_path, $phpEx; @@ -2571,19 +2573,19 @@ function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $ 'post_postcount' => $post_data['post_postcount'], ); - $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data, $is_soft, $soft_delete_reason); + $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data, $is_soft, $delete_reason); $post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username']; if ($next_post_id === false) { - add_log('mod', $forum_id, $topic_id, (($is_soft) ? 'LOG_SOFTDELETE_TOPIC' : 'LOG_DELETE_TOPIC'), $post_data['topic_title'], $post_username, $soft_delete_reason); + add_log('mod', $forum_id, $topic_id, (($is_soft) ? 'LOG_SOFTDELETE_TOPIC' : 'LOG_DELETE_TOPIC'), $post_data['topic_title'], $post_username, $delete_reason); $meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"); $message = $user->lang['POST_DELETED']; } else { - add_log('mod', $forum_id, $topic_id, (($is_soft) ? 'LOG_SOFTDELETE_POST' : 'LOG_DELETE_POST'), $post_data['post_subject'], $post_username, $soft_delete_reason); + add_log('mod', $forum_id, $topic_id, (($is_soft) ? 'LOG_SOFTDELETE_POST' : 'LOG_DELETE_POST'), $post_data['post_subject'], $post_username, $delete_reason); $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=$next_post_id") . "#p$next_post_id"; $message = $user->lang['POST_DELETED']; diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 29cea477e4..838c6a0fec 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -914,6 +914,24 @@ function update_unread_status($unread, $msg_id, $user_id, $folder_id) } } +function mark_folder_read($user_id, $folder_id) +{ + global $db; + + $sql = 'SELECT msg_id + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE folder_id = ' . ((int) $folder_id) . ' + AND user_id = ' . ((int) $user_id) . ' + AND pm_unread = 1'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + update_unread_status(true, $row['msg_id'], $user_id, $folder_id); + } + $db->sql_freeresult($result); +} + /** * Handle all actions possible with marked messages */ @@ -1573,7 +1591,7 @@ function get_folder_status($folder_id, $folder) 'cur' => $folder['num_messages'], 'remaining' => ($user->data['message_limit']) ? $user->data['message_limit'] - $folder['num_messages'] : 0, 'max' => $user->data['message_limit'], - 'percent' => ($user->data['message_limit']) ? (($user->data['message_limit'] > 0) ? round(($folder['num_messages'] / $user->data['message_limit']) * 100) : 100) : 0, + 'percent' => ($user->data['message_limit']) ? (($user->data['message_limit'] > 0) ? floor(($folder['num_messages'] / $user->data['message_limit']) * 100) : 100) : 0, ); $return['message'] = $user->lang('FOLDER_STATUS_MSG', $user->lang('MESSAGES_COUNT', (int) $return['max']), $return['cur'], $return['percent']); diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index a0a67ccf3d..f179b2fd70 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -232,7 +232,12 @@ class filespec { if ($this->mimetype_guesser !== null) { - $this->mimetype = $this->mimetype_guesser->guess($filename); + $mimetype = $this->mimetype_guesser->guess($filename, $this->uploadname); + + if ($mimetype !== 'application/octet-stream') + { + $this->mimetype = $mimetype; + } } return $this->mimetype; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 38ae34c66c..f79a8998c4 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -161,9 +161,10 @@ function user_update_name($old_name, $new_name) * * @param mixed $user_row An array containing the following keys (and the appropriate values): username, group_id (the group to place the user in), user_email and the user_type(usually 0). Additional entries not overridden by defaults will be forwarded. * @param string $cp_data custom profile fields, see custom_profile::build_insert_sql_array +* @param array $notifications_data The notifications settings for the new user * @return the new user's ID. */ -function user_add($user_row, $cp_data = false) +function user_add($user_row, $cp_data = false, $notifications_data = null) { global $db, $user, $auth, $config, $phpbb_root_path, $phpEx; global $phpbb_dispatcher, $phpbb_container; @@ -347,6 +348,31 @@ function user_add($user_row, $cp_data = false) set_config('newest_user_colour', $row['group_colour'], true); } + // Use default notifications settings if notifications_data is not set + if ($notifications_data === null) + { + $notifications_data = array( + array( + 'item_type' => 'notification.type.post', + 'method' => 'notification.method.email', + ), + array( + 'item_type' => 'notification.type.topic', + 'method' => 'notification.method.email', + ), + ); + } + + // Subscribe user to notifications if necessary + if (!empty($notifications_data)) + { + $phpbb_notifications = $phpbb_container->get('notification_manager'); + foreach ($notifications_data as $subscription) + { + $phpbb_notifications->add_subscription($subscription['item_type'], 0, $subscription['method'], $user_id); + } + } + /** * Event that returns user id, user detals and user CPF of newly registared user * @@ -363,12 +389,16 @@ function user_add($user_row, $cp_data = false) } /** -* Remove User -* @param $mode Either 'retain' or 'remove' -*/ + * Remove User + * + * @param string $mode Either 'retain' or 'remove' + * @param mixed $user_ids Either an array of integers or an integer + * @param bool $retain_username + * @return bool + */ function user_delete($mode, $user_ids, $retain_username = true) { - global $cache, $config, $db, $user, $auth, $phpbb_dispatcher; + global $cache, $config, $db, $user, $phpbb_dispatcher; global $phpbb_root_path, $phpEx; $db->sql_transaction('begin'); @@ -555,11 +585,6 @@ function user_delete($mode, $user_ids, $retain_username = true) WHERE ' . $db->sql_in_set('poster_id', $user_ids); $db->sql_query($sql); - $sql = 'UPDATE ' . POSTS_TABLE . ' - SET post_edit_user = ' . ANONYMOUS . ' - WHERE ' . $db->sql_in_set('post_edit_user', $user_ids); - $db->sql_query($sql); - $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = user_posts + ' . $added_guest_posts . ' WHERE user_id = ' . ANONYMOUS; @@ -589,6 +614,30 @@ function user_delete($mode, $user_ids, $retain_username = true) $cache->destroy('sql', MODERATOR_CACHE_TABLE); + // Change user_id to anonymous for posts edited by this user + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_edit_user = ' . ANONYMOUS . ' + WHERE ' . $db->sql_in_set('post_edit_user', $user_ids); + $db->sql_query($sql); + + // Change user_id to anonymous for pms edited by this user + $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' + SET message_edit_user = ' . ANONYMOUS . ' + WHERE ' . $db->sql_in_set('message_edit_user', $user_ids); + $db->sql_query($sql); + + // Change user_id to anonymous for posts deleted by this user + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_delete_user = ' . ANONYMOUS . ' + WHERE ' . $db->sql_in_set('post_delete_user', $user_ids); + $db->sql_query($sql); + + // Change user_id to anonymous for topics deleted by this user + $sql = 'UPDATE ' . TOPICS_TABLE . ' + SET topic_delete_user = ' . ANONYMOUS . ' + WHERE ' . $db->sql_in_set('topic_delete_user', $user_ids); + $db->sql_query($sql); + // Delete user log entries about this user $sql = 'DELETE FROM ' . LOG_TABLE . ' WHERE ' . $db->sql_in_set('reportee_id', $user_ids); diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index e6fac3b80c..4d2151fded 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -25,7 +25,7 @@ class mcp_ban function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; + global $db, $user, $auth, $template, $request, $phpbb_dispatcher; global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -33,55 +33,133 @@ class mcp_ban // Include the admin banning interface... include($phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx); - $bansubmit = (isset($_POST['bansubmit'])) ? true : false; - $unbansubmit = (isset($_POST['unbansubmit'])) ? true : false; - $current_time = time(); + $bansubmit = $request->is_set_post('bansubmit'); + $unbansubmit = $request->is_set_post('unbansubmit'); $user->add_lang(array('acp/ban', 'acp/users')); $this->tpl_name = 'mcp_ban'; + /** + * Use this event to pass perform actions when a ban is issued or revoked + * + * @event core.mcp_ban_main + * @var bool bansubmit True if a ban is issued + * @var bool unbansubmit True if a ban is removed + * @var string mode Mode of the ban that is being worked on + * @since 3.1.0-RC5 + */ + $vars = array( + 'bansubmit', + 'unbansubmit', + 'mode', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_main', compact($vars))); + // Ban submitted? if ($bansubmit) { // Grab the list of entries - $ban = request_var('ban', '', ($mode === 'user') ? true : false); - - if ($mode === 'user') - { - $ban = utf8_normalize_nfc($ban); - } - - $ban_len = request_var('banlength', 0); - $ban_len_other = request_var('banlengthother', ''); - $ban_exclude = request_var('banexclude', 0); - $ban_reason = utf8_normalize_nfc(request_var('banreason', '', true)); - $ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true)); + $ban = $request->variable('ban', '', $mode === 'user'); + $ban_length = $request->variable('banlength', 0); + $ban_length_other = $request->variable('banlengthother', ''); + $ban_exclude = $request->variable('banexclude', 0); + $ban_reason = $request->variable('banreason', '', true); + $ban_give_reason = $request->variable('bangivereason', '', true); if ($ban) { if (confirm_box(true)) { - user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason); + $abort_ban = false; + /** + * Use this event to modify the ban details before the ban is performed + * + * @event core.mcp_ban_before + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @var mixed abort_ban Either false, or an error message that is displayed to the user. + * If a string is given the bans are not issued. + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + 'abort_ban', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_before', compact($vars))); + + if ($abort_ban) + { + trigger_error($abort_ban); + } + user_ban($mode, $ban, $ban_length, $ban_length_other, $ban_exclude, $ban_reason, $ban_give_reason); + + /** + * Use this event to perform actions after the ban has been performed + * + * @event core.mcp_ban_after + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_after', compact($vars))); trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'); } else { - confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + $hidden_fields = array( 'mode' => $mode, 'ban' => $ban, 'bansubmit' => true, - 'banlength' => $ban_len, - 'banlengthother' => $ban_len_other, + 'banlength' => $ban_length, + 'banlengthother' => $ban_length_other, 'banexclude' => $ban_exclude, 'banreason' => $ban_reason, - 'bangivereason' => $ban_give_reason))); + 'bangivereason' => $ban_give_reason, + ); + + /** + * Use this event to pass data from the ban form to the confirmation screen + * + * @event core.mcp_ban_confirm + * @var array hidden_fields Hidden fields that are passed through the confirm screen + * @since 3.1.0-RC5 + */ + $vars = array('hidden_fields'); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_confirm', compact($vars))); + + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($hidden_fields)); } } } else if ($unbansubmit) { - $ban = request_var('unban', array('')); + $ban = $request->variable('unban', array('')); if ($ban) { @@ -157,9 +235,9 @@ class mcp_ban } // As a "service" we will check if any post id is specified and populate the username of the poster id if given - $post_id = request_var('p', 0); - $user_id = request_var('u', 0); - $username = $pre_fill = false; + $post_id = $request->variable('p', 0); + $user_id = $request->variable('u', 0); + $pre_fill = false; if ($user_id && $user_id <> ANONYMOUS) { diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index f03bc034e4..19a0ee3051 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -161,9 +161,13 @@ class mcp_main * This event allows you to handle custom quickmod options * * @event core.modify_quickmod_actions + * @var string action Topic quick moderation action name + * @var bool quickmod Flag indicating whether MCP is in quick moderation mode * @since 3.1.0-a4 + * @change 3.1.0-RC4 Added variables: action, quickmod */ - $phpbb_dispatcher->dispatch('core.modify_quickmod_actions'); + $vars = array('action', 'quickmod'); + extract($phpbb_dispatcher->trigger_event('core.modify_quickmod_actions', compact($vars))); break; } @@ -750,7 +754,8 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' { global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container; - if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_delete'))) + $check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete'; + if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array($check_permission))) { return; } @@ -878,7 +883,8 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '', { global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container; - if (!phpbb_check_ids($post_ids, POSTS_TABLE, 'post_id', array('m_softdelete'))) + $check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete'; + if (!phpbb_check_ids($post_ids, POSTS_TABLE, 'post_id', array($check_permission))) { return; } diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index bfd30a5be2..f9c00da3ec 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -745,11 +745,11 @@ class mcp_queue if (!$post_data['topic_posts_approved']) { - $phpbb_notifications->add_notifications('notification.type.approve_post', $post_data); + $phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data); } else { - $phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data); + $phpbb_notifications->add_notifications('notification.type.approve_post', $post_data); } } } diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index ba118e5db8..804d48ea97 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -36,7 +36,7 @@ class mcp_reports function main($id, $mode) { global $auth, $db, $user, $template, $cache; - global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container; + global $config, $phpbb_root_path, $phpEx, $action, $phpbb_container, $phpbb_dispatcher; include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); @@ -364,6 +364,27 @@ class mcp_reports AND r.pm_id = 0 $limit_time_sql ORDER BY $sort_order_sql"; + + /** + * Alter sql query to get report id of all reports for requested forum and topic or just forum + * + * @event core.mcp_reports_get_reports_query_before + * @var string sql String with the query to be executed + * @var array forum_list List of forums that contain the posts + * @var int topic_id topic_id in the page request + * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) + * @var string sort_order_sql String with the ORDER BY SQL code used in this query + * @since 3.1.0-RC4 + */ + $vars = array( + 'sql', + 'forum_list', + 'topic_id', + 'limit_time_sql', + 'sort_order_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_reports_get_reports_query_before', compact($vars))); + $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); $i = 0; diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index 106b025757..d724b8703b 100644 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -332,16 +332,16 @@ class mcp_warn // We want to make the message available here as a reminder // Parse the message and subject - $parse_flags = OPTION_FLAG_SMILIES | ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); + $parse_flags = OPTION_FLAG_SMILIES | ($user_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); $message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true); // Generate the appropriate user information for the user we are looking at - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); $avatar_img = phpbb_get_user_avatar($user_row); $template->assign_vars(array( @@ -350,13 +350,13 @@ class mcp_warn 'POST' => $message, 'USERNAME' => $user_row['username'], 'USER_COLOR' => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '', - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($user_row['user_regdate']), 'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, 'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, 'AVATAR_IMG' => $avatar_img, - 'RANK_IMG' => $rank_img, + 'RANK_IMG' => $user_rank_data['img'], 'L_WARNING_POST_DEFAULT' => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&p=$post_id#p$post_id"), @@ -486,18 +486,18 @@ class mcp_warn } // Generate the appropriate user information for the user we are looking at - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); $avatar_img = phpbb_get_user_avatar($user_row); // OK, they didn't submit a warning so lets build the page for them to do so $template->assign_vars(array( 'U_POST_ACTION' => $this->u_action, - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($user_row['user_regdate']), 'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, 'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, @@ -508,7 +508,7 @@ class mcp_warn 'U_PROFILE' => get_username_string('profile', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), 'AVATAR_IMG' => $avatar_img, - 'RANK_IMG' => $rank_img, + 'RANK_IMG' => $user_rank_data['img'], 'S_CAN_NOTIFY' => $s_can_notify, )); diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php index aab45339c5..42724209aa 100644 --- a/phpBB/includes/ucp/ucp_attachments.php +++ b/phpBB/includes/ucp/ucp_attachments.php @@ -182,6 +182,7 @@ class ucp_attachments $template->assign_vars(array( 'TOTAL_ATTACHMENTS' => $num_attachments, + 'NUM_ATTACHMENTS' => $user->lang('NUM_ATTACHMENTS', $num_attachments), 'L_TITLE' => $user->lang['UCP_ATTACHMENTS'], diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index a595ce46c3..748f0fdec2 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -34,11 +34,12 @@ class ucp_auth_link */ public function main($id, $mode) { - global $config, $request, $template, $phpbb_container, $user; + global $request, $template, $phpbb_container, $user; $error = array(); - $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider(); // confirm that the auth provider supports this page $provider_data = $auth_provider->get_auth_link_data(); diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 5ca5df00f7..bfe4804286 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -39,7 +39,7 @@ class ucp_login_link */ function main($id, $mode) { - global $config, $phpbb_container, $request, $template, $user; + global $phpbb_container, $request, $template, $user; global $phpbb_root_path, $phpEx; // Initialize necessary variables @@ -57,8 +57,8 @@ class ucp_login_link } // Use the auth_provider requested even if different from configured - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); // Set the link_method to login_link $data['link_method'] = 'login_link'; @@ -75,7 +75,7 @@ class ucp_login_link { if ($request->is_set_post('login')) { - $login_username = $request->variable('login_username', '', false, \phpbb\request\request_interface::POST); + $login_username = $request->variable('login_username', '', true, \phpbb\request\request_interface::POST); $login_password = $request->untrimmed_variable('login_password', '', true, \phpbb\request\request_interface::POST); $login_result = $auth_provider->login($login_username, $login_password); diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index 5691302b83..b0aeaba227 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -95,35 +95,25 @@ class ucp_notifications case 'notification_list': default: // Mark all items read - if ($request->variable('mark', '') == 'all' && (confirm_box(true) || check_link_hash($request->variable('token', ''), 'mark_all_notifications_read'))) + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) { - if (confirm_box(true)) - { - $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - - meta_refresh(3, $this->u_action); - $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; + $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - if ($request->is_ajax()) - { - $json_response = new \phpbb\json_response(); - $json_response->send(array( - 'MESSAGE_TITLE' => $user->lang['INFORMATION'], - 'MESSAGE_TEXT' => $message, - 'success' => true, - )); - } - $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + meta_refresh(3, $this->u_action); + $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; - trigger_error($message); - } - else + if ($request->is_ajax()) { - confirm_box(false, 'NOTIFICATIONS_MARK_ALL_READ', build_hidden_fields(array( - 'mark' => 'all', - 'form_time' => $form_time, - ))); + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); } // Mark specific notifications read diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 7a8c694870..425a56cf6c 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -45,7 +45,7 @@ class ucp_pm function main($id, $mode) { - global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config; + global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request; if (!$user->data['is_registered']) { @@ -246,6 +246,27 @@ class ucp_pm $folder_id = (int) $row['folder_id']; } + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) + { + mark_folder_read($user->data['user_id'], $folder_id); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PM_MARK_ALL_READ_SUCCESS']; + + if ($request->is_ajax()) + { + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); + } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); + } + $message_row = array(); if ($action == 'view_message' && $msg_id) { @@ -332,6 +353,7 @@ class ucp_pm 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, + 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false, 'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false, diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 01c2041f42..f3b59186a6 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -27,8 +27,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user, $cache; global $phpbb_root_path, $phpEx, $config; - global $request; - global $phpbb_container; + global $request, $phpbb_dispatcher, $phpbb_container; // Damn php and globals - i know, this is horrible // Needed for handle_message_list_actions() @@ -233,6 +232,42 @@ function compose_pm($id, $mode, $action, $user_folders = array()) if ($sql) { + /** + * Alter sql query to get message for user to write the PM + * + * @event core.ucp_pm_compose_compose_pm_basic_info_query_before + * @var string sql String with the query to be executed + * @var array forum_list List of forums that contain the posts + * @var int visibility_const Integer with one of the possible ITEM_* constant values + * @var int msg_id topic_id in the page request + * @var int to_user_id The id of whom the message is to + * @var int to_group_id The id of the group whom the message is to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete Whether the user is deleting the PM + * @var int reply_to_all Value of reply_to_all request variable. + * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) + * @var string sort_order_sql String with the ORDER BY SQL code used in this query + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'forum_list', + 'visibility_const', + 'msg_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + 'limit_time_sql', + 'sort_order_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars))); + $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -267,6 +302,40 @@ function compose_pm($id, $mode, $action, $user_folders = array()) trigger_error('NOT_AUTHORISED'); } + /** + * Get the result of querying for the post to be quoted in the pm message + * + * @event core.ucp_pm_compose_quotepost_query_after + * @var string sql The original SQL used in the query + * @var array post Associative array with the data of the quoted post + * @var array msg_id The post_id that was searched to get the message for quoting + * @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values) + * @var int topic_id Topic ID of the quoted post + * @var int to_user_id Users the message is sent to + * @var int to_group_id Groups the message is sent to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete If deleting message + * @var int reply_to_all Value of reply_to_all request variable. + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'post', + 'msg_id', + 'visibility_const', + 'topic_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars))); + // Passworded forum? if ($post['forum_id']) { diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 353bfdc7ec..d1fc9d2c62 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -32,7 +32,11 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit // Change "full folder" setting - what to do if folder is full if (isset($_POST['fullfolder'])) { - check_form_key('ucp_pm_options', $config['form_token_lifetime'], $redirect_url); + if (!check_form_key('ucp_pm_options')) + { + trigger_error('FORM_INVALID'); + } + $full_action = request_var('full_action', 0); $set_folder_id = 0; diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index 72921270f4..19acd9ecb9 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -383,7 +383,7 @@ function view_folder($id, $mode, $folder_id, $folder) break; } - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"data.$filetype\""); header("Content-disposition: attachment; filename=data.$filetype"); echo $string; diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index d5a1dbae87..888c2e6825 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -197,7 +197,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id); } - if ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) + if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) { $u_jabber = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id); } @@ -213,6 +213,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], + 'U_AUTHOR_POSTS' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$author_id&sr=posts") : '', 'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])), 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), @@ -403,12 +404,15 @@ function get_user_information($user_id, $user_row) $user_row['avatar'] = ($user->optionget('viewavatars')) ? phpbb_get_user_avatar($user_row) : ''; - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); + $user_row['rank_title'] = $user_rank_data['title']; + $user_row['rank_image'] = $user_rank_data['img']; + $user_row['rank_image_src'] = $user_rank_data['img_src']; if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index b0a8e8d374..2195500b57 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -154,7 +154,7 @@ class ucp_prefs } $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>'; - $timezone_selects = phpbb_timezone_select($user, $data['tz'], true); + phpbb_timezone_select($template, $user, $data['tz'], true); // check if there are any user-selectable languages $sql = 'SELECT COUNT(lang_id) as languages_count @@ -208,8 +208,6 @@ class ucp_prefs 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_STYLE_OPTIONS' => ($config['override_user_style']) ? '' : style_select($data['user_style']), - 'S_TZ_OPTIONS' => $timezone_selects['tz_select'], - 'S_TZ_DATE_OPTIONS' => $timezone_selects['tz_dates'], 'S_CAN_HIDE_ONLINE' => ($auth->acl_get('u_hideonline')) ? true : false, 'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false) ); @@ -223,11 +221,11 @@ class ucp_prefs $data = array( 'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'), 'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'), - 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? $user->data['user_topic_show_days'] : 0), + 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? (int) $user->data['user_topic_show_days'] : 0), 'post_sk' => request_var('post_sk', (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't'), 'post_sd' => request_var('post_sd', (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a'), - 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0), + 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? (int) $user->data['user_post_show_days'] : 0), 'images' => request_var('images', (bool) $user->optionget('viewimg')), 'flash' => request_var('flash', (bool) $user->optionget('viewflash')), @@ -254,10 +252,22 @@ class ucp_prefs if ($submit) { $error = validate_data($data, array( - 'topic_sk' => array('string', false, 1, 1), - 'topic_sd' => array('string', false, 1, 1), - 'post_sk' => array('string', false, 1, 1), - 'post_sd' => array('string', false, 1, 1), + 'topic_sk' => array( + array('string', false, 1, 1), + array('match', false, '#(a|r|s|t|v)#'), + ), + 'topic_sd' => array( + array('string', false, 1, 1), + array('match', false, '#(a|d)#'), + ), + 'post_sk' => array( + array('string', false, 1, 1), + array('match', false, '#(a|s|t)#'), + ), + 'post_sd' => array( + array('string', false, 1, 1), + array('match', false, '#(a|d)#'), + ), )); if (!check_form_key('ucp_prefs_view')) diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 361dc831aa..a876d0133a 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -655,9 +655,14 @@ class ucp_profile { if (!empty($keys)) { + foreach ($keys as $key => $id) + { + $keys[$key] = $db->sql_like_expression($id . $db->get_any_char()); + } + $sql_where = '(key_id ' . implode(' OR key_id ', $keys) . ')'; $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' WHERE user_id = ' . (int) $user->data['user_id'] . ' - AND ' . $db->sql_in_set('key_id', $keys) ; + AND ' . $sql_where ; $db->sql_query($sql); @@ -681,7 +686,7 @@ class ucp_profile while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('sessions', array( - 'KEY' => $row['key_id'], + 'KEY' => substr($row['key_id'], 0, 8), 'IP' => $row['last_ip'], 'LOGIN_TIME' => $user->format_date($row['last_login']), )); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 06baf7e5f2..88078c10af 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -87,8 +87,8 @@ class ucp_register if (!empty($login_link_data)) { // Confirm that we have all necessary data - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); $result = $auth_provider->login_link_has_necessary_data($login_link_data); if ($result !== null) @@ -452,7 +452,7 @@ class ucp_register break; } - $timezone_selects = phpbb_timezone_select($user, $data['tz'], true); + $timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true); $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], @@ -465,8 +465,6 @@ class ucp_register 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), 'S_LANG_OPTIONS' => language_select($data['lang']), - 'S_TZ_OPTIONS' => $timezone_selects['tz_select'], - 'S_TZ_DATE_OPTIONS' => $timezone_selects['tz_dates'], 'S_TZ_PRESELECT' => !$submit, 'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false, 'S_REGISTRATION' => true, |