diff options
Diffstat (limited to 'phpBB/includes')
30 files changed, 549 insertions, 760 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 0cfe791ad7..c9225a7eae 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -416,8 +416,6 @@ class acp_bbcodes // Allow unicode characters for URL|LOCAL_URL|RELATIVE_URL|INTTEXT tokens $utf8 = preg_match('/(URL|LOCAL_URL|RELATIVE_URL|INTTEXT)/', $bbcode_match); - $utf8_pcre_properties = phpbb_pcre_utf8_support(); - $fp_match = preg_quote($bbcode_match, '!'); $fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $bbcode_match); $fp_replace = preg_replace('#\[/(.*?)\]$#', '[/$1:$uid]', $fp_replace); @@ -448,7 +446,7 @@ class acp_bbcodes '!([a-zA-Z0-9-+.,_ ]+)!' => "$1" ), 'INTTEXT' => array( - ($utf8_pcre_properties) ? '!([\p{L}\p{N}\-+,_. ]+)!u' : '!([a-zA-Z0-9\-+,_. ]+)!u' => "$1" + '!([\p{L}\p{N}\-+,_. ]+)!u' => "$1" ), 'IDENTIFIER' => array( '!([a-zA-Z0-9-_]+)!' => "$1" @@ -468,7 +466,7 @@ class acp_bbcodes 'EMAIL' => '(' . get_preg_expression('email') . ')', 'TEXT' => '(.*?)', 'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)', - 'INTTEXT' => ($utf8_pcre_properties) ? '([\p{L}\p{N}\-+,_. ]+)' : '([a-zA-Z0-9\-+,_. ]+)', + 'INTTEXT' => '([\p{L}\p{N}\-+,_. ]+)', 'IDENTIFIER' => '([a-zA-Z0-9-_]+)', 'COLOR' => '([a-zA-Z]+|#[0-9abcdefABCDEF]+)', 'NUMBER' => '([0-9]+)', @@ -476,7 +474,7 @@ class acp_bbcodes $pad = 0; $modifiers = 'i'; - $modifiers .= ($utf8 && $utf8_pcre_properties) ? 'u' : ''; + $modifiers .= ($utf8) ? 'u' : ''; if (preg_match_all('/\{(' . implode('|', array_keys($tokens)) . ')[0-9]*\}/i', $bbcode_match, $m)) { diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index ff3b50174b..018eedda2a 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -501,7 +501,7 @@ class acp_board } // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... - foreach ($display_vars['vars'] as $config_name => $null) + foreach ($display_vars['vars'] as $config_name => $data) { if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) { @@ -533,6 +533,13 @@ class acp_board if ($submit) { + if (strpos($data['type'], 'password') === 0 && $config_value === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } $config->set($config_name, $config_value); if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable'])) @@ -562,6 +569,7 @@ class acp_board $old_auth_config = array(); foreach ($auth_providers as $provider) { + /** @var \phpbb\auth\provider\provider_interface $provider */ if ($fields = $provider->acp()) { // Check if we need to create config fields for this plugin and save config when submit was pressed @@ -577,6 +585,14 @@ class acp_board continue; } + if (substr($field, -9) === '_password' && $cfg_array[$field] === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } + $old_auth_config[$field] = $this->new_config[$field]; $config_value = $cfg_array[$field]; $this->new_config[$field] = $config_value; diff --git a/phpBB/includes/acp/acp_contact.php b/phpBB/includes/acp/acp_contact.php index 945add66a4..1a4d5b95a3 100644 --- a/phpBB/includes/acp/acp_contact.php +++ b/phpBB/includes/acp/acp_contact.php @@ -119,7 +119,7 @@ class acp_contact 'S_SMILIES_DISABLE_CHECKED' => !$contact_admin_edit['allow_smilies'], 'S_MAGIC_URL_DISABLE_CHECKED' => !$contact_admin_edit['allow_urls'], - 'BBCODE_STATUS' => $user->lang('BBCODE_IS_ON', '<a href="' . $controller_helper->route('phpbb_help_controller', array('mode' => 'bbcode')) . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang('BBCODE_IS_ON', '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'SMILIES_STATUS' => $user->lang['SMILIES_ARE_ON'], 'IMG_STATUS' => $user->lang['IMAGES_ARE_ON'], 'FLASH_STATUS' => $user->lang['FLASH_IS_ON'], diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index d860ae27f4..5058e9c769 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -107,7 +107,10 @@ class acp_jabber $config->set('jab_host', $jab_host); $config->set('jab_port', $jab_port); $config->set('jab_username', $jab_username); - $config->set('jab_password', $jab_password); + if ($jab_password !== '********') + { + $config->set('jab_password', $jab_password); + } $config->set('jab_package_size', $jab_package_size); $config->set('jab_use_ssl', $jab_use_ssl); @@ -122,7 +125,7 @@ class acp_jabber 'JAB_HOST' => $jab_host, 'JAB_PORT' => ($jab_port) ? $jab_port : '', 'JAB_USERNAME' => $jab_username, - 'JAB_PASSWORD' => $jab_password, + 'JAB_PASSWORD' => $jab_password !== '' ? '********' : '', 'JAB_PACKAGE_SIZE' => $jab_package_size, 'JAB_USE_SSL' => $jab_use_ssl, 'S_CAN_USE_SSL' => jabber::can_use_ssl(), diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 8680b7786a..8a53edb8ee 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -638,7 +638,7 @@ class acp_main { $error = false; $search_type = $config['search_type']; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$search->index_created()) { diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index 4fca366868..c2407f15b4 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -19,6 +19,8 @@ if (!defined('IN_PHPBB')) exit; } +use phpbb\module\exception\module_exception; + /** * - Able to check for new module versions (modes changed/adjusted/added/removed) * Icons for: @@ -37,8 +39,10 @@ class acp_modules function main($id, $mode) { - global $db, $user, $auth, $template, $module, $request, $phpbb_log; - global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; + global $db, $user, $template, $module, $request, $phpbb_log, $phpbb_container; + + /** @var \phpbb\module\module_manager $module_manager */ + $module_manager = $phpbb_container->get('module.manager'); // Set a global define for modules we might include (the author is able to prevent execution of code by checking this constant) define('MODULE_INCLUDE', true); @@ -91,13 +95,20 @@ class acp_modules $db->sql_freeresult($result); } - $errors = $this->delete_module($module_id); - - if (!sizeof($errors)) + try { - $this->remove_cache_file(); - trigger_error($user->lang['MODULE_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); + $row = $module_manager->get_module_row($module_id, $this->module_class); + $module_manager->delete_module($module_id, $this->module_class); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_REMOVED', false, array($user->lang($row['module_langname']))); } + catch (module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } + + $module_manager->remove_cache_file($this->module_class); + trigger_error($user->lang['MODULE_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } else { @@ -138,8 +149,8 @@ class acp_modules AND module_id = $module_id"; $db->sql_query($sql); - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($this->lang_name($row['module_langname']))); - $this->remove_cache_file(); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($user->lang($row['module_langname']))); + $module_manager->remove_cache_file($this->module_class); break; @@ -163,12 +174,16 @@ class acp_modules trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - $move_module_name = $this->move_module_by($row, $action, 1); + try + { + $move_module_name = $module_manager->move_module_by($row, $this->module_class, $action, 1); - if ($move_module_name !== false) + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($user->lang($row['module_langname']), $move_module_name)); + $module_manager->remove_cache_file($this->module_class); + } + catch (module_exception $e) { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($this->lang_name($row['module_langname']), $move_module_name)); - $this->remove_cache_file(); + // Do nothing } if ($request->is_ajax()) @@ -194,7 +209,7 @@ class acp_modules list($module_basename, $module_mode) = explode('::', $quick_install); // Check if module name and mode exist... - $fileinfo = $this->get_module_infos($module_basename); + $fileinfo = $module_manager->get_module_infos($this->module_class, $module_basename); $fileinfo = $fileinfo[$module_basename]; if (isset($fileinfo['modes'][$module_mode])) @@ -210,11 +225,20 @@ class acp_modules 'module_auth' => $fileinfo['modes'][$module_mode]['auth'], ); - $errors = $this->update_module_data($module_data); + try + { + $module_manager->update_module_data($module_data); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_ADD', false, array($user->lang($module_data['module_langname']))); + } + catch (\phpbb\module\exception\module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } if (!sizeof($errors)) { - $this->remove_cache_file(); + $module_manager->remove_cache_file($this->module_class); trigger_error($user->lang['MODULE_ADDED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } @@ -240,7 +264,15 @@ class acp_modules trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - $module_row = $this->get_module_row($module_id); + try + { + $module_row = $module_manager->get_module_row($module_id, $this->module_class); + } + catch (\phpbb\module\exception\module_not_found_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } // no break @@ -294,15 +326,29 @@ class acp_modules // Adjust auth row if ($module_data['module_basename'] && $module_data['module_mode']) { - $fileinfo = $this->get_module_infos($module_data['module_basename']); + $fileinfo = $module_manager->get_module_infos($this->module_class, $module_data['module_basename']); $module_data['module_auth'] = $fileinfo[$module_data['module_basename']]['modes'][$module_data['module_mode']]['auth']; } - $errors = $this->update_module_data($module_data); + try + { + $module_manager->update_module_data($module_data); + $phpbb_log->add('admin', + $user->data['user_id'], + $user->ip, + ($action === 'edit') ? 'LOG_MODULE_EDIT' : 'LOG_MODULE_ADD', + false, + array($user->lang($module_data['module_langname'])) + ); } + catch (\phpbb\module\exception\module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } if (!sizeof($errors)) { - $this->remove_cache_file(); + $module_manager->remove_cache_file($this->module_class); trigger_error((($action == 'add') ? $user->lang['MODULE_ADDED'] : $user->lang['MODULE_EDITED']) . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } @@ -312,7 +358,7 @@ class acp_modules $is_cat = (!$module_data['module_basename']) ? true : false; // Get module information - $module_infos = $this->get_module_infos(); + $module_infos = $module_manager->get_module_infos($this->module_class); // Build name options $s_name_options = $s_mode_options = ''; @@ -324,7 +370,7 @@ class acp_modules } // Name options - $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $option . ']</option>'; + $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $user->lang($values['title']) . ' [' . $option . ']</option>'; $template->assign_block_vars('m_names', array('NAME' => $option, 'A_NAME' => addslashes($option))); @@ -333,14 +379,14 @@ class acp_modules { if ($option == $module_data['module_basename']) { - $s_mode_options .= '<option value="' . $m_mode . '"' . (($m_mode == $module_data['module_mode']) ? ' selected="selected"' : '') . '>' . $this->lang_name($m_values['title']) . '</option>'; + $s_mode_options .= '<option value="' . $m_mode . '"' . (($m_mode == $module_data['module_mode']) ? ' selected="selected"' : '') . '>' . $user->lang($m_values['title']) . '</option>'; } $template->assign_block_vars('m_names.modes', array( 'OPTION' => $m_mode, - 'VALUE' => $this->lang_name($m_values['title']), + 'VALUE' => $user->lang($m_values['title']), 'A_OPTION' => addslashes($m_mode), - 'A_VALUE' => addslashes($this->lang_name($m_values['title']))) + 'A_VALUE' => addslashes($user->lang($m_values['title']))) ); } } @@ -358,7 +404,7 @@ class acp_modules 'L_TITLE' => $user->lang[strtoupper($action) . '_MODULE'], - 'MODULENAME' => $this->lang_name($module_data['module_langname']), + 'MODULENAME' => $user->lang($module_data['module_langname']), 'ACTION' => $action, 'MODULE_ID' => $module_id, @@ -406,11 +452,11 @@ class acp_modules { $navigation = '<a href="' . $this->u_action . '">' . strtoupper($this->module_class) . '</a>'; - $modules_nav = $this->get_module_branch($this->parent_id, 'parents', 'descending'); + $modules_nav = $module_manager->get_module_branch($this->parent_id, $this->module_class, 'parents'); foreach ($modules_nav as $row) { - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); if ($row['module_id'] == $this->parent_id) { @@ -437,7 +483,7 @@ class acp_modules { do { - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); if (!$row['module_enabled']) { @@ -472,7 +518,15 @@ class acp_modules } else if ($this->parent_id) { - $row = $this->get_module_row($this->parent_id); + try + { + $row = $module_manager->get_module_row($this->parent_id, $this->module_class); + } + catch (\phpbb\module\exception\module_not_found_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } $url = $this->u_action . '&parent_id=' . $this->parent_id . '&m=' . $row['module_id']; @@ -491,19 +545,19 @@ class acp_modules $db->sql_freeresult($result); // Quick adding module - $module_infos = $this->get_module_infos(); + $module_infos = $module_manager->get_module_infos($this->module_class); // Build quick options $s_install_options = ''; foreach ($module_infos as $option => $values) { // Name options - $s_install_options .= '<optgroup label="' . $this->lang_name($values['title']) . ' [' . $option . ']">'; + $s_install_options .= '<optgroup label="' . $user->lang($values['title']) . ' [' . $option . ']">'; // Build module modes foreach ($values['modes'] as $m_mode => $m_values) { - $s_install_options .= '<option value="' . $option . '::' . $m_mode . '"> ' . $this->lang_name($m_values['title']) . '</option>'; + $s_install_options .= '<option value="' . $option . '::' . $m_mode . '"> ' . $user->lang($m_values['title']) . '</option>'; } $s_install_options .= '</optgroup>'; @@ -521,104 +575,6 @@ class acp_modules } /** - * Get row for specified module - */ - function get_module_row($module_id) - { - global $db, $user; - - $sql = 'SELECT * - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND module_id = $module_id"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); - } - - return $row; - } - - /** - * Get available module information from module files - * - * @param string $module - * @param bool|string $module_class - * @param bool $use_all_available Use all available instead of just all - * enabled extensions - * @return array - */ - function get_module_infos($module = '', $module_class = false, $use_all_available = false) - { - global $phpbb_extension_manager, $phpbb_root_path, $phpEx; - - $module_class = ($module_class === false) ? $this->module_class : $module_class; - - $directory = $phpbb_root_path . 'includes/' . $module_class . '/info/'; - $fileinfo = array(); - - $finder = $phpbb_extension_manager->get_finder($use_all_available); - - $modules = $finder - ->extension_suffix('_module') - ->extension_directory("/$module_class") - ->core_path("includes/$module_class/info/") - ->core_prefix($module_class . '_') - ->get_classes(true); - - foreach ($modules as $cur_module) - { - // Skip entries we do not need if we know the module we are - // looking for - if ($module && strpos(str_replace('\\', '_', $cur_module), $module) === false && $module !== $cur_module) - { - continue; - } - - $info_class = preg_replace('/_module$/', '_info', $cur_module); - - // If the class does not exist it might be following the old - // format. phpbb_acp_info_acp_foo needs to be turned into - // acp_foo_info and the respective file has to be included - // manually because it does not support auto loading - $old_info_class_file = str_replace("phpbb_{$module_class}_info_", '', $cur_module); - $old_info_class = $old_info_class_file . '_info'; - - if (class_exists($old_info_class)) - { - $info_class = $old_info_class; - } - else if (!class_exists($info_class)) - { - $info_class = $old_info_class; - // need to check class exists again because previous checks triggered autoloading - if (!class_exists($info_class) && file_exists($directory . $old_info_class_file . '.' . $phpEx)) - { - include($directory . $old_info_class_file . '.' . $phpEx); - } - } - - if (class_exists($info_class)) - { - $info = new $info_class(); - $module_info = $info->module(); - - $main_class = (isset($module_info['filename'])) ? $module_info['filename'] : $cur_module; - - $fileinfo[$main_class] = $module_info; - } - } - - ksort($fileinfo); - - return $fileinfo; - } - - /** * Simple version of jumpbox, just lists modules */ function make_module_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true, $ignore_noncat = false) @@ -678,7 +634,7 @@ class acp_modules $selected = (is_array($select_id)) ? ((in_array($row['module_id'], $select_id)) ? ' selected="selected"' : '') : (($row['module_id'] == $select_id) ? ' selected="selected"' : ''); - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); $module_list .= '<option value="' . $row['module_id'] . '"' . $selected . ((!$row['module_enabled']) ? ' class="disabled"' : '') . '>' . $padding . $langname . '</option>'; $iteration++; @@ -689,401 +645,4 @@ class acp_modules return $module_list; } - - /** - * Get module branch - */ - function get_module_branch($module_id, $type = 'all', $order = 'descending', $include_module = true) - { - global $db; - - switch ($type) - { - case 'parents': - $condition = 'm1.left_id BETWEEN m2.left_id AND m2.right_id'; - break; - - case 'children': - $condition = 'm2.left_id BETWEEN m1.left_id AND m1.right_id'; - break; - - default: - $condition = 'm2.left_id BETWEEN m1.left_id AND m1.right_id OR m1.left_id BETWEEN m2.left_id AND m2.right_id'; - break; - } - - $rows = array(); - - $sql = 'SELECT m2.* - FROM ' . MODULES_TABLE . ' m1 - LEFT JOIN ' . MODULES_TABLE . " m2 ON ($condition) - WHERE m1.module_class = '" . $db->sql_escape($this->module_class) . "' - AND m2.module_class = '" . $db->sql_escape($this->module_class) . "' - AND m1.module_id = $module_id - ORDER BY m2.left_id " . (($order == 'descending') ? 'ASC' : 'DESC'); - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (!$include_module && $row['module_id'] == $module_id) - { - continue; - } - - $rows[] = $row; - } - $db->sql_freeresult($result); - - return $rows; - } - - /** - * Remove modules cache file - */ - function remove_cache_file() - { - global $phpbb_container; - - // Sanitise for future path use, it's escaped as appropriate for queries - $p_class = str_replace(array('.', '/', '\\'), '', basename($this->module_class)); - - $phpbb_container->get('cache.driver')->destroy('_modules_' . $p_class); - - // Additionally remove sql cache - $phpbb_container->get('cache.driver')->destroy('sql', MODULES_TABLE); - } - - /** - * Return correct language name - */ - function lang_name($module_langname) - { - global $user; - - return (!empty($user->lang[$module_langname])) ? $user->lang[$module_langname] : $module_langname; - } - - /** - * Update/Add module - * - * @param array &$module_data The module data - * @param bool $run_inline if set to true errors will be returned and no logs being written - */ - function update_module_data(&$module_data, $run_inline = false) - { - global $db, $user, $phpbb_log; - - if (!isset($module_data['module_id'])) - { - // no module_id means we're creating a new category/module - if ($module_data['parent_id']) - { - $sql = 'SELECT left_id, right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND module_id = " . (int) $module_data['parent_id']; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - if ($run_inline) - { - return 'PARENT_NO_EXIST'; - } - - trigger_error($user->lang['PARENT_NO_EXIST'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); - } - - // Workaround - $row['left_id'] = (int) $row['left_id']; - $row['right_id'] = (int) $row['right_id']; - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + 2, right_id = right_id + 2 - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND left_id > {$row['right_id']}"; - $db->sql_query($sql); - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id + 2 - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND {$row['left_id']} BETWEEN left_id AND right_id"; - $db->sql_query($sql); - - $module_data['left_id'] = (int) $row['right_id']; - $module_data['right_id'] = (int) $row['right_id'] + 1; - } - else - { - $sql = 'SELECT MAX(right_id) AS right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $module_data['left_id'] = (int) $row['right_id'] + 1; - $module_data['right_id'] = (int) $row['right_id'] + 2; - } - - $sql = 'INSERT INTO ' . MODULES_TABLE . ' ' . $db->sql_build_array('INSERT', $module_data); - $db->sql_query($sql); - - $module_data['module_id'] = $db->sql_nextid(); - - if (!$run_inline) - { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_ADD', false, array($this->lang_name($module_data['module_langname']))); - } - } - else - { - $row = $this->get_module_row($module_data['module_id']); - - if ($module_data['module_basename'] && !$row['module_basename']) - { - // we're turning a category into a module - $branch = $this->get_module_branch($module_data['module_id'], 'children', 'descending', false); - - if (sizeof($branch)) - { - return array($user->lang['NO_CATEGORY_TO_MODULE']); - } - } - - if ($row['parent_id'] != $module_data['parent_id']) - { - $this->move_module($module_data['module_id'], $module_data['parent_id']); - } - - $update_ary = $module_data; - unset($update_ary['module_id']); - - $sql = 'UPDATE ' . MODULES_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $update_ary) . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND module_id = " . (int) $module_data['module_id']; - $db->sql_query($sql); - - if (!$run_inline) - { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_EDIT', false, array($this->lang_name($module_data['module_langname']))); - } - } - - return array(); - } - - /** - * Move module around the tree - */ - function move_module($from_module_id, $to_parent_id) - { - global $db; - - $moved_modules = $this->get_module_branch($from_module_id, 'children', 'descending'); - $from_data = $moved_modules[0]; - $diff = sizeof($moved_modules) * 2; - - $moved_ids = array(); - for ($i = 0; $i < sizeof($moved_modules); ++$i) - { - $moved_ids[] = $moved_modules[$i]['module_id']; - } - - // Resync parents - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id < " . (int) $from_data['right_id'] . ' - AND right_id > ' . (int) $from_data['right_id']; - $db->sql_query($sql); - - // Resync righthand side of tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id - $diff, right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > " . (int) $from_data['right_id']; - $db->sql_query($sql); - - if ($to_parent_id > 0) - { - $to_data = $this->get_module_row($to_parent_id); - - // Resync new parents - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id + $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . (int) $to_data['right_id'] . ' BETWEEN left_id AND right_id - AND ' . $db->sql_in_set('module_id', $moved_ids, true); - $db->sql_query($sql); - - // Resync the righthand side of the tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + $diff, right_id = right_id + $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > " . (int) $to_data['right_id'] . ' - AND ' . $db->sql_in_set('module_id', $moved_ids, true); - $db->sql_query($sql); - - // Resync moved branch - $to_data['right_id'] += $diff; - if ($to_data['right_id'] > $from_data['right_id']) - { - $diff = '+ ' . ($to_data['right_id'] - $from_data['right_id'] - 1); - } - else - { - $diff = '- ' . abs($to_data['right_id'] - $from_data['right_id'] - 1); - } - } - else - { - $sql = 'SELECT MAX(right_id) AS right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . $db->sql_in_set('module_id', $moved_ids, true); - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $diff = '+ ' . (int) ($row['right_id'] - $from_data['left_id'] + 1); - } - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id $diff, right_id = right_id $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . $db->sql_in_set('module_id', $moved_ids); - $db->sql_query($sql); - } - - /** - * Remove module from tree - */ - function delete_module($module_id) - { - global $db, $user, $phpbb_log; - - $row = $this->get_module_row($module_id); - - $branch = $this->get_module_branch($module_id, 'children', 'descending', false); - - if (sizeof($branch)) - { - return array($user->lang['CANNOT_REMOVE_MODULE']); - } - - // If not move - $diff = 2; - $sql = 'DELETE FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND module_id = $module_id"; - $db->sql_query($sql); - - $row['right_id'] = (int) $row['right_id']; - $row['left_id'] = (int) $row['left_id']; - - // Resync tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id < {$row['right_id']} AND right_id > {$row['right_id']}"; - $db->sql_query($sql); - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id - $diff, right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > {$row['right_id']}"; - $db->sql_query($sql); - - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_REMOVED', false, array($this->lang_name($row['module_langname']))); - - return array(); - - } - - /** - * Move module position by $steps up/down - */ - function move_module_by($module_row, $action = 'move_up', $steps = 1) - { - global $db; - - /** - * Fetch all the siblings between the module's current spot - * and where we want to move it to. If there are less than $steps - * siblings between the current spot and the target then the - * module will move as far as possible - */ - $sql = 'SELECT module_id, left_id, right_id, module_langname - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND parent_id = " . (int) $module_row['parent_id'] . ' - AND ' . (($action == 'move_up') ? 'right_id < ' . (int) $module_row['right_id'] . ' ORDER BY right_id DESC' : 'left_id > ' . (int) $module_row['left_id'] . ' ORDER BY left_id ASC'); - $result = $db->sql_query_limit($sql, $steps); - - $target = array(); - while ($row = $db->sql_fetchrow($result)) - { - $target = $row; - } - $db->sql_freeresult($result); - - if (!sizeof($target)) - { - // The module is already on top or bottom - return false; - } - - /** - * $left_id and $right_id define the scope of the nodes that are affected by the move. - * $diff_up and $diff_down are the values to substract or add to each node's left_id - * and right_id in order to move them up or down. - * $move_up_left and $move_up_right define the scope of the nodes that are moving - * up. Other nodes in the scope of ($left_id, $right_id) are considered to move down. - */ - if ($action == 'move_up') - { - $left_id = (int) $target['left_id']; - $right_id = (int) $module_row['right_id']; - - $diff_up = (int) ($module_row['left_id'] - $target['left_id']); - $diff_down = (int) ($module_row['right_id'] + 1 - $module_row['left_id']); - - $move_up_left = (int) $module_row['left_id']; - $move_up_right = (int) $module_row['right_id']; - } - else - { - $left_id = (int) $module_row['left_id']; - $right_id = (int) $target['right_id']; - - $diff_up = (int) ($module_row['right_id'] + 1 - $module_row['left_id']); - $diff_down = (int) ($target['right_id'] - $module_row['right_id']); - - $move_up_left = (int) ($module_row['right_id'] + 1); - $move_up_right = (int) $target['right_id']; - } - - // Now do the dirty job - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + CASE - WHEN left_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} - ELSE {$diff_down} - END, - right_id = right_id + CASE - WHEN right_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} - ELSE {$diff_down} - END - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id BETWEEN {$left_id} AND {$right_id} - AND right_id BETWEEN {$left_id} AND {$right_id}"; - $db->sql_query($sql); - - $this->remove_cache_file(); - - return $this->lang_name($target['module_langname']); - } } diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 63a103aa0c..ed40b0d424 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -507,9 +507,9 @@ class acp_prune WHERE ug.group_id = ' . (int) $group_id . ' AND ug.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . ' - AND ug.user_pending = 0 ' . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . ' - AND u.user_id = ug.user_id'; + AND ug.user_pending = 0 + AND u.user_id = ug.user_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : ''); $result = $db->sql_query($sql); // we're performing an intersection operation, so all the relevant users @@ -533,10 +533,10 @@ class acp_prune $sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE u.user_id <> ' . ANONYMOUS . ' - AND u.user_type <> ' . USER_FOUNDER . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' + AND u.user_type <> ' . USER_FOUNDER . ' AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . ' AND u.user_id = p.poster_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' GROUP BY p.poster_id HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue; $result = $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index e0991158fe..25fc1ed8dc 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -596,7 +596,7 @@ class acp_search */ function init_search($type, &$search, &$error) { - global $phpbb_root_path, $phpEx, $user, $auth, $config, $db; + global $phpbb_root_path, $phpEx, $user, $auth, $config, $db, $phpbb_dispatcher; if (!class_exists($type) || !method_exists($type, 'keyword_search')) { @@ -605,7 +605,7 @@ class acp_search } $error = false; - $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); return $error; } diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index b652fd6587..de3ca5f787 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -1013,7 +1013,7 @@ class acp_styles // Assign template variables $this->template->assign_block_vars('styles_list', $row); - foreach($actions as $action) + foreach ($actions as $action) { $this->template->assign_block_vars('styles_list.actions', $action); } diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index fec32146c1..0ec17ccf0c 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -2045,7 +2045,7 @@ class acp_users 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '', - 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_controller', array('mode' => 'bbcode')) . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 644b1ac7a5..b13b1ee040 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -470,7 +470,8 @@ class auth_admin extends \phpbb\auth\auth // Build role dropdown options $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0; - $s_role_options = ''; + // Output current role id to template + $template->assign_var('S_ROLE_ID', $current_role_id); @reset($roles); while (list($role_id, $role_row) = each($roles)) @@ -478,13 +479,12 @@ class auth_admin extends \phpbb\auth\auth $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']); $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; - $title = ($role_description) ? ' title="' . $role_description . '"' : ''; - $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>'; - } - - if ($s_role_options) - { - $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options; + $template->assign_block_vars('role_options', array( + 'ID' => $role_id, + 'ROLE_NAME' => $role_name, + 'TITLE' => $role_description, + 'SELECTED' => $role_id == $current_role_id, + )); } if (!$current_role_id && $mode != 'view') @@ -507,7 +507,6 @@ class auth_admin extends \phpbb\auth\auth $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( 'NAME' => $ug_names_ary[$ug_id], - 'S_ROLE_OPTIONS' => $s_role_options, 'UG_ID' => $ug_id, 'S_CUSTOM' => $s_custom_permissions, 'FORUM_ID' => $forum_id) @@ -556,7 +555,8 @@ class auth_admin extends \phpbb\auth\auth // Build role dropdown options $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0; - $s_role_options = ''; + // Output current role id to template + $template->assign_var('S_ROLE_ID', $current_role_id); @reset($roles); while (list($role_id, $role_row) = each($roles)) @@ -564,13 +564,12 @@ class auth_admin extends \phpbb\auth\auth $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']); $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; - $title = ($role_description) ? ' title="' . $role_description . '"' : ''; - $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>'; - } - - if ($s_role_options) - { - $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options; + $template->assign_block_vars('role_options', array( + 'ID' => $role_id, + 'ROLE_NAME' => $role_name, + 'TITLE' => $role_description, + 'SELECTED' => $role_id == $current_role_id, + )); } if (!$current_role_id && $mode != 'view') @@ -594,7 +593,6 @@ class auth_admin extends \phpbb\auth\auth $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( 'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'], 'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'], - 'S_ROLE_OPTIONS' => $s_role_options, 'S_CUSTOM' => $s_custom_permissions, 'UG_ID' => $ug_id, 'FORUM_ID' => $forum_id) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index ac5b3e6390..41d4ec40fe 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -213,6 +213,8 @@ class bbcode $db->sql_freeresult($result); } + // To perform custom second pass in extension, use $this->bbcode_second_pass_by_extension() + // method which accepts variable number of parameters foreach ($bbcode_ids as $bbcode_id) { switch ($bbcode_id) @@ -654,4 +656,36 @@ class bbcode return $code; } + + /** + * Function to perform custom bbcode second pass by extensions + * can be used to assign bbcode pattern replacement + * Example: '#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_second_pass_by_extension('\$1')" + * + * Accepts variable number of parameters + * + * @return mixed Second pass result + */ + function bbcode_second_pass_by_extension() + { + global $phpbb_dispatcher; + + $return = false; + $params_array = func_get_args(); + + /** + * Event to perform bbcode second pass with + * the custom validating methods provided by extensions + * + * @event core.bbcode_second_pass_by_extension + * @var array params_array Array with the function parameters + * @var mixed return Second pass result to return + * + * @since 3.1.5-RC1 + */ + $vars = array('params_array', 'return'); + extract($phpbb_dispatcher->trigger_event('core.bbcode_second_pass_by_extension', compact($vars))); + + return $return; + } } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 2ed0eff81c..bb4fc5dbae 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -686,6 +686,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ { $forum_id = array($forum_id); } + else + { + $forum_id = array_unique($forum_id); + } /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); @@ -2811,31 +2815,19 @@ function get_preg_expression($mode) * Depends on whether installed PHP version supports unicode properties * * @param string $word word template to be replaced -* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode * * @return string $preg_expr regex to use with word censor */ -function get_censor_preg_expression($word, $use_unicode = true) +function get_censor_preg_expression($word) { // Unescape the asterisk to simplify further conversions $word = str_replace('\*', '*', preg_quote($word, '#')); - if ($use_unicode && phpbb_pcre_utf8_support()) - { - // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes - $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word); + // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes + $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word); - // Generate the final substitution - $preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu'; - } - else - { - // Replace the asterisk inside the pattern, at the start and at the end of it with regexes - $word = preg_replace(array('#(?<=\S)\*+(?=\S)#iu', '#^\*+#', '#\*+$#'), array('(\x20*?\S*?)', '\S*?', '\S*?'), $word); - - // Generate the final substitution - $preg_expr = '#(?<!\S)(' . $word . ')(?!\S)#iu'; - } + // Generate the final substitution + $preg_expr = '#(?<![\p{Nd}\p{L}_-])(' . $word . ')(?![\p{Nd}\p{L}_-])#iu'; return $preg_expr; } @@ -3965,13 +3957,14 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) * @param array $user_row Row from the users table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false) +function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'user'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -3980,13 +3973,14 @@ function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = * @param array $group_row Row from the groups table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false) +function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'group'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -3995,10 +3989,11 @@ function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config * @param array $row Row cleaned by \phpbb\avatar\manager::clean_row * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_avatar($row, $alt, $ignore_config = false) +function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false) { global $user, $config, $cache, $phpbb_root_path, $phpEx; global $request; @@ -4037,7 +4032,28 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false) if (!empty($avatar_data['src'])) { - $html = '<img src="' . $avatar_data['src'] . '" ' . + if ($lazy) + { + // Determine board url - we may need it later + $board_url = generate_board_url() . '/'; + // This path is sent with the base template paths in the assign_vars() + // call below. We need to correct it in case we are accessing from a + // controller because the web paths will be incorrect otherwise. + $phpbb_path_helper = $phpbb_container->get('path_helper'); + $corrected_path = $phpbb_path_helper->get_web_root_path(); + + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; + + $theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme'; + + $src = 'src="' . $theme . '/images/no_avatar.gif" data-src="' . $avatar_data['src'] . '"'; + } + else + { + $src = 'src="' . $avatar_data['src'] . '"'; + } + + $html = '<img class="avatar" ' . $src . ($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') . ($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') . 'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />'; @@ -4309,7 +4325,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'U_PROFILE' => append_sid("{$phpbb_root_path}ucp.$phpEx"), 'U_USER_PROFILE' => get_username_string('profile', $user->data['user_id'], $user->data['username'], $user->data['user_colour']), 'U_MODCP' => append_sid("{$phpbb_root_path}mcp.$phpEx", false, true, $user->session_id), - 'U_FAQ' => $controller_helper->route('phpbb_help_controller', array('mode' => 'faq')), + 'U_FAQ' => $controller_helper->route('phpbb_help_faq_controller'), 'U_SEARCH_SELF' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=egosearch'), 'U_SEARCH_NEW' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=newposts'), 'U_SEARCH_UNANSWERED' => append_sid("{$phpbb_root_path}search.$phpEx", 'search_id=unanswered'), @@ -4691,22 +4707,6 @@ function phpbb_user_session_handler() } /** -* Check if PCRE has UTF-8 support -* PHP may not be linked with the bundled PCRE lib and instead with an older version -* -* @return bool Returns true if PCRE (the regular expressions library) supports UTF-8 encoding -*/ -function phpbb_pcre_utf8_support() -{ - static $utf8_pcre_properties = null; - if (is_null($utf8_pcre_properties)) - { - $utf8_pcre_properties = (@preg_match('/\p{L}/u', 'a') !== false); - } - return $utf8_pcre_properties; -} - -/** * Casts a numeric string $input to an appropriate numeric type (i.e. integer or float) * * @param string $input A numeric string. diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index 6d59b513af..eea18a0c47 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -245,8 +245,13 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) switch ($tpl_type[0]) { - case 'text': case 'password': + if ($new[$config_key] !== '') + { + // replace passwords with asterixes + $new[$config_key] = '********'; + } + case 'text': case 'url': case 'email': case 'color': diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index fce4bf841b..7ca1f621ff 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -500,7 +500,7 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png') */ function move_topics($topic_ids, $forum_id, $auto_sync = true) { - global $db; + global $db, $phpbb_dispatcher; if (empty($topic_ids)) { @@ -534,6 +534,27 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true) } $table_ary = array(TOPICS_TABLE, POSTS_TABLE, LOG_TABLE, DRAFTS_TABLE, TOPICS_TRACK_TABLE); + + /** + * Perform additional actions before topics move + * + * @event core.move_topics_before_query + * @var array table_ary Array of tables from which forum_id will be updated for all rows that hold the moved topics + * @var array topic_ids Array of the moved topic ids + * @var string forum_id The forum id from where the topics are moved + * @var array forum_ids Array of the forums where the topics are moving (includes also forum_id) + * @var bool auto_sync Whether or not to perform auto sync + * @since 3.1.5-RC1 + */ + $vars = array( + 'table_ary', + 'topic_ids', + 'forum_id', + 'forum_ids', + 'auto_sync', + ); + extract($phpbb_dispatcher->trigger_event('core.move_topics_before_query', compact($vars))); + foreach ($table_ary as $table) { $sql = "UPDATE $table @@ -921,7 +942,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 8655203754..4b085a6050 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -30,10 +30,11 @@ if (!defined('IN_PHPBB')) * @param string $avatar_height Height of users avatar * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar image */ -function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false) +function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { // map arguments to new function phpbb_get_avatar() $row = array( @@ -43,7 +44,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $ 'avatar_height' => $avatar_height, ); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -501,3 +502,12 @@ function phpbb_get_plural_form($rule, $number) $language = $phpbb_container->get('language'); return $language->get_plural_form($number, $rule); } + +/** +* @return bool Always true +* @deprecated 3.2.0-dev +*/ +function phpbb_pcre_utf8_support() +{ + return true; +} diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index ad693f4019..0a25ae8c36 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -966,7 +966,7 @@ function get_remote_avatar_dim($src, $axis) $protocol = (isset($url_info['scheme'])) ? $url_info['scheme'] : 'http'; if (empty($port)) { - switch(strtolower($protocol)) + switch (strtolower($protocol)) { case 'ftp': $port = 21; diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index f89068327c..3a96119dbe 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -150,7 +150,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); - $forum_tracking_info = array(); + $forum_tracking_info = $valid_categories = array(); $branch_root_id = $root_data['forum_id']; /* @var $phpbb_content_visibility \phpbb\content_visibility */ @@ -251,6 +251,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod } } + // Fill list of categories with forums + if (isset($forum_rows[$row['parent_id']])) + { + $valid_categories[$row['parent_id']] = true; + } + // if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id) { @@ -268,6 +274,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $branch_root_id = $forum_id; } $forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id']; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; $forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time']; } else if ($row['forum_type'] != FORUM_CAT) @@ -309,6 +316,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name']; $forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour']; $forum_rows[$parent_id]['forum_id_last_post'] = $forum_id; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; } } @@ -405,6 +413,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Category if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT) { + // Do not display categories without any forums to display + if (!isset($valid_categories[$row['forum_id']])) + { + continue; + } + $cat_row = array( 'S_IS_CAT' => true, 'FORUM_ID' => $row['forum_id'], @@ -523,8 +537,15 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Create last post link information, if appropriate if ($row['forum_last_post_id']) { - $last_post_subject = $row['forum_last_post_subject']; - $last_post_subject_truncated = truncate_string(censor_text($last_post_subject), 30, 255, false, $user->lang['ELLIPSIS']); + if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post'])) + { + $last_post_subject = censor_text($row['forum_last_post_subject']); + $last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']); + } + else + { + $last_post_subject = $last_post_subject_truncated = ''; + } $last_post_time = $user->format_date($row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } @@ -584,7 +605,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false, 'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false, 'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false, - 'S_DISPLAY_SUBJECT' => ($last_post_subject && $config['display_last_subject'] && !$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? true : false, + 'S_DISPLAY_SUBJECT' => ($last_post_subject !== '' && $config['display_last_subject']) ? true : false, 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false, 'FORUM_ID' => $row['forum_id'], @@ -597,8 +618,8 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', - 'LAST_POST_SUBJECT' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? censor_text($last_post_subject) : "", - 'LAST_POST_SUBJECT_TRUNCATED' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? $last_post_subject_truncated : "", + 'LAST_POST_SUBJECT' => $last_post_subject, + 'LAST_POST_SUBJECT_TRUNCATED' => $last_post_subject_truncated, 'LAST_POST_TIME' => $last_post_time, 'LAST_POSTER' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index d0d09fe9fb..144e6b4e7c 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -978,7 +978,7 @@ class p_master * * @param string $class module class (acp/mcp/ucp) * @param string $name module name (class name of the module, or its basename - * phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra) + * phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra) * @param string $mode mode, as passed through to the module * */ @@ -1088,7 +1088,7 @@ class p_master ->core_path('language/' . $user->lang_name . '/mods/') ->find(); - $lang_files = array_unique(array_merge($user_lang_files, $english_lang_files, $default_lang_files)); + $lang_files = array_merge($english_lang_files, $default_lang_files, $user_lang_files); foreach ($lang_files as $lang_file => $ext_name) { $user->add_lang_ext($ext_name, $lang_file); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index fcab667cb2..a1ace42c32 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1552,7 +1552,14 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u return false; } - $current_time = time(); + if (!empty($data['post_time'])) + { + $current_time = $data['post_time']; + } + else + { + $current_time = time(); + } if ($mode == 'post') { @@ -1754,6 +1761,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_type' => $topic_type, 'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0, 'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, + 'topic_status' => (isset($data['topic_status'])) ? $data['topic_status'] : ITEM_UNLOCKED, ); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) @@ -2226,7 +2234,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index c8b5280c8c..245b1c0d1a 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -2127,17 +2127,42 @@ function set_user_message_limit() { global $user, $db, $config; - // Get maximum about from user memberships - if it is 0, there is no limit set and we use the maximum value within the config. - $sql = 'SELECT MAX(g.group_message_limit) as max_message_limit + // Get maximum about from user memberships + $message_limit = phpbb_get_max_setting_from_group($db, $user->data['user_id'], 'message_limit'); + + // If it is 0, there is no limit set and we use the maximum value within the config. + $user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit; +} + +/** + * Get the maximum PM setting for the groups of the user + * + * @param \phpbb\db\driver\driver_interface $db + * @param int $user_id + * @param string $setting Only 'max_recipients' and 'message_limit' are supported + * @return int The maximum setting for all groups of the user, unless one group has '0' + * @throws \InvalidArgumentException If selected group setting is not supported + */ +function phpbb_get_max_setting_from_group(\phpbb\db\driver\driver_interface $db, $user_id, $setting) +{ + if ($setting !== 'max_recipients' && $setting !== 'message_limit') + { + throw new InvalidArgumentException('Setting "' . $setting . '" is not supported'); + } + + // Get maximum number of allowed recipients + $sql = 'SELECT MIN(g.group_' . $setting . ') as min_setting, MAX(g.group_' . $setting . ') as max_setting FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug - WHERE ug.user_id = ' . $user->data['user_id'] . ' + WHERE ug.user_id = ' . (int) $user_id . ' AND ug.user_pending = 0 AND ug.group_id = g.group_id'; $result = $db->sql_query($sql); - $message_limit = (int) $db->sql_fetchfield('max_message_limit'); + $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); + $max_setting = (int) $row['max_setting']; + $min_setting = (int) $row['min_setting']; - $user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit; + return ($min_setting > 0) ? $max_setting : 0; } /** diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index e8c2fbcbfa..45263ad018 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -502,6 +502,9 @@ function user_delete($mode, $user_ids, $retain_username = true) $num_users_delta = 0; + // Get auth provider collection in case accounts might need to be unlinked + $provider_collection = $phpbb_container->get('auth.provider_collection'); + // Some things need to be done in the loop (if the query changes based // on which user is currently being deleted) $added_guest_posts = 0; @@ -512,6 +515,38 @@ function user_delete($mode, $user_ids, $retain_username = true) avatar_delete('user', $user_row); } + // Unlink accounts + foreach ($provider_collection as $provider_name => $auth_provider) + { + $provider_data = $auth_provider->get_auth_link_data($user_id); + + if ($provider_data !== null) + { + $link_data = array( + 'user_id' => $user_id, + 'link_method' => 'user_delete', + ); + + // BLOCK_VARS might contain hidden fields necessary for unlinking accounts + if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS'])) + { + foreach ($provider_data['BLOCK_VARS'] as $provider_service) + { + if (!array_key_exists('HIDDEN_FIELDS', $provider_service)) + { + $provider_service['HIDDEN_FIELDS'] = array(); + } + + $auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS'])); + } + } + else + { + $auth_provider->unlink_account($link_data); + } + } + } + // Decrement number of users if this user is active if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) { @@ -1385,7 +1420,7 @@ function user_ipwhois($ip) $match = array(); // Test for referrals from $whois_host to other whois databases, roll on rwhois - if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match)) + if (preg_match('#ReferralServer:[\x20]*whois://(.+)#im', $ipwhois, $match)) { if (strpos($match[1], ':') !== false) { @@ -1647,89 +1682,37 @@ function validate_username($username, $allowed_username = false) return 'INVALID_CHARS'; } - $mbstring = $pcre = false; - - // generic UTF-8 character types supported? - if (phpbb_pcre_utf8_support()) - { - $pcre = true; - } - else if (function_exists('mb_ereg_match')) - { - mb_regex_encoding('UTF-8'); - $mbstring = true; - } - switch ($config['allow_name_chars']) { case 'USERNAME_CHARS_ANY': - $pcre = true; $regex = '.+'; break; case 'USERNAME_ALPHA_ONLY': - $pcre = true; $regex = '[A-Za-z0-9]+'; break; case 'USERNAME_ALPHA_SPACERS': - $pcre = true; $regex = '[A-Za-z0-9-[\]_+ ]+'; break; case 'USERNAME_LETTER_NUM': - if ($pcre) - { - $regex = '[\p{Lu}\p{Ll}\p{N}]+'; - } - else if ($mbstring) - { - $regex = '[[:upper:][:lower:][:digit:]]+'; - } - else - { - $pcre = true; - $regex = '[a-zA-Z0-9]+'; - } + $regex = '[\p{Lu}\p{Ll}\p{N}]+'; break; case 'USERNAME_LETTER_NUM_SPACERS': - if ($pcre) - { - $regex = '[-\]_+ [\p{Lu}\p{Ll}\p{N}]+'; - } - else if ($mbstring) - { - $regex = '[-\]_+ \[[:upper:][:lower:][:digit:]]+'; - } - else - { - $pcre = true; - $regex = '[-\]_+ [a-zA-Z0-9]+'; - } + $regex = '[-\]_+ [\p{Lu}\p{Ll}\p{N}]+'; break; case 'USERNAME_ASCII': default: - $pcre = true; $regex = '[\x01-\x7F]+'; break; } - if ($pcre) - { - if (!preg_match('#^' . $regex . '$#u', $username)) - { - return 'INVALID_CHARS'; - } - } - else if ($mbstring) + if (!preg_match('#^' . $regex . '$#u', $username)) { - mb_ereg_search_init($username, '^' . $regex . '$'); - if (!mb_ereg_search()) - { - return 'INVALID_CHARS'; - } + return 'INVALID_CHARS'; } $sql = 'SELECT username @@ -1784,35 +1767,10 @@ function validate_password($password) return false; } - $pcre = $mbstring = false; - - // generic UTF-8 character types supported? - if (phpbb_pcre_utf8_support()) - { - $upp = '\p{Lu}'; - $low = '\p{Ll}'; - $num = '\p{N}'; - $sym = '[^\p{Lu}\p{Ll}\p{N}]'; - $pcre = true; - } - else if (function_exists('mb_ereg_match')) - { - mb_regex_encoding('UTF-8'); - $upp = '[[:upper:]]'; - $low = '[[:lower:]]'; - $num = '[[:digit:]]'; - $sym = '[^[:upper:][:lower:][:digit:]]'; - $mbstring = true; - } - else - { - $upp = '[A-Z]'; - $low = '[a-z]'; - $num = '[0-9]'; - $sym = '[^A-Za-z0-9]'; - $pcre = true; - } - + $upp = '\p{Lu}'; + $low = '\p{Ll}'; + $num = '\p{N}'; + $sym = '[^\p{Lu}\p{Ll}\p{N}]'; $chars = array(); switch ($config['pass_complex']) @@ -1835,24 +1793,11 @@ function validate_password($password) $chars[] = $upp; } - if ($pcre) - { - foreach ($chars as $char) - { - if (!preg_match('#' . $char . '#u', $password)) - { - return 'INVALID_CHARS'; - } - } - } - else if ($mbstring) + foreach ($chars as $char) { - foreach ($chars as $char) + if (!preg_match('#' . $char . '#u', $password)) { - if (mb_ereg($char, $password) === false) - { - return 'INVALID_CHARS'; - } + return 'INVALID_CHARS'; } } diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index e8ab0167f5..2659a4bf01 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -1188,7 +1188,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '', function mcp_fork_topic($topic_ids) { global $auth, $user, $db, $template, $config; - global $phpEx, $phpbb_root_path, $phpbb_log, $request; + global $phpEx, $phpbb_root_path, $phpbb_log, $request, $phpbb_dispatcher; if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_'))) { @@ -1266,7 +1266,7 @@ function mcp_fork_topic($topic_ids) } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); $search_mode = 'post'; if ($error) diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index b70dfbb514..f7983c57bf 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -26,6 +26,7 @@ function mcp_post_details($id, $mode, $action) { global $phpEx, $phpbb_root_path, $config, $request; global $template, $db, $user, $auth, $cache; + global $phpbb_dispatcher; $user->add_lang('posting'); @@ -106,6 +107,21 @@ function mcp_post_details($id, $mode, $action) } break; + + default: + + /** + * This event allows you to handle custom post moderation options + * + * @event core.mcp_post_additional_options + * @var string action Post moderation action name + * @var array post_info Information on the affected post + * @since 3.1.5-RC1 + */ + $vars = array('action', 'post_info'); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_additional_options', compact($vars))); + + break; } // Set some vars @@ -197,7 +213,7 @@ function mcp_post_details($id, $mode, $action) $l_deleted_by = ''; } - $template->assign_vars(array( + $mcp_post_template_data = array( 'U_MCP_ACTION' => "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters 'U_POST_ACTION' => "$url&i=$id&mode=post_details", // Use this for action parameters 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"), @@ -249,7 +265,32 @@ function mcp_post_details($id, $mode, $action) 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '', 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '', - )); + ); + + $s_additional_opts = false; + + /** + * Event to add/modify MCP post template data + * + * @event core.mcp_post_template_data + * @var array post_info Array with the post information + * @var array mcp_post_template_data Array with the MCP post template data + * @var array attachments Array with the post attachments, if any + * @var bool s_additional_opts Must be set to true in extension if additional options are presented in MCP post panel + * @since 3.1.5-RC1 + */ + $vars = array( + 'post_info', + 'mcp_post_template_data', + 'attachments', + 's_additional_opts', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_template_data', compact($vars))); + + $template->assign_vars($mcp_post_template_data); + $template->assign_var('S_MCP_POST_ADDITIONAL_OPTS', $s_additional_opts); + + unset($mcp_post_template_data); // Get User Notes $log_data = array(); @@ -497,7 +538,7 @@ function change_poster(&$post_info, $userdata) { // We do some additional checks in the module to ensure it can actually be utilised $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$error && method_exists($search, 'destroy_cache')) { diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 30319f1a8c..30a2188b98 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -74,17 +74,66 @@ class mcp_reports // closed reports are accessed by report id $report_id = $request->variable('r', 0); - $sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour - FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u - WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . ' + $sql_ary = array( + 'SELECT' => 'r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour', + + 'FROM' => array( + REPORTS_TABLE => 'r', + REPORTS_REASONS_TABLE => 'rr', + USERS_TABLE => 'u', + ), + + 'WHERE' => (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . ' AND rr.reason_id = r.reason_id AND r.user_id = u.user_id - AND r.pm_id = 0 - ORDER BY report_closed ASC'; + AND r.pm_id = 0', + + 'ORDER_BY' => 'report_closed ASC', + ); + + /** + * Allow changing the query to obtain the user-submitted report. + * + * @event core.mcp_reports_report_details_query_before + * @var array sql_ary The array in the format of the query builder with the query + * @var mixed forum_id The forum_id, the number in the f GET parameter + * @var int post_id The post_id of the report being viewed (if 0, it is meaningless) + * @var int report_id The report_id of the report being viewed + * @since 3.1.5-RC1 + */ + $vars = array( + 'sql_ary', + 'forum_id', + 'post_id', + 'report_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_before', compact($vars))); + + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query_limit($sql, 1); $report = $db->sql_fetchrow($result); $db->sql_freeresult($result); + /** + * Allow changing the data obtained from the user-submitted report. + * + * @event core.mcp_reports_report_details_query_after + * @var array sql_ary The array in the format of the query builder with the query that had been executted + * @var mixed forum_id The forum_id, the number in the f GET parameter + * @var int post_id The post_id of the report being viewed (if 0, it is meaningless) + * @var int report_id The report_id of the report being viewed + * @var int report The query's resulting row. + * @since 3.1.5-RC1 + */ + $vars = array( + 'sql_ary', + 'forum_id', + 'post_id', + 'report_id', + 'report', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_after', compact($vars))); + if (!$report) { trigger_error('NO_REPORT'); diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 208690c146..72733f3d0c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -137,6 +137,9 @@ class bbcode_firstpass extends bbcode // [quote] in second position. // To parse multiline URL we enable dotall option setting only for URL text // but not for link itself, thus [url][/url] is not affected. + // + // To perform custom validation in extension, use $this->validate_bbcode_by_extension() + // method which accepts variable number of parameters $this->bbcodes = array( 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) use($bbcode_class) { @@ -1313,10 +1316,25 @@ class parse_message extends bbcode_firstpass return (!$update_this_message) ? $return_message : $this->warn_msg; } + // Remove quotes that are nested too deep + if ($config['max_quote_depth'] > 0) + { + $this->message = $phpbb_container->get('text_formatter.utils')->remove_bbcode( + $this->message, + 'quote', + $config['max_quote_depth'] + ); + } + // Check for errors $errors = $parser->get_errors(); if ($errors) { + foreach ($errors as $i => $args) + { + // Translate each error with $user->lang() + $errors[$i] = call_user_func_array(array($user, 'lang'), $args); + } $this->warn_msg = array_merge($this->warn_msg, $errors); return (!$update_this_message) ? $return_message : $this->warn_msg; @@ -1909,4 +1927,36 @@ class parse_message extends bbcode_firstpass { $this->mimetype_guesser = $mimetype_guesser; } + + /** + * Function to perform custom bbcode validation by extensions + * can be used in bbcode_init() to assign regexp replacement + * Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')") + * + * Accepts variable number of parameters + * + * @return mixed Validation result + */ + public function validate_bbcode_by_extension() + { + global $phpbb_dispatcher; + + $return = false; + $params_array = func_get_args(); + + /** + * Event to validate bbcode with the custom validating methods + * provided by extensions + * + * @event core.validate_bbcode_by_extension + * @var array params_array Array with the function parameters + * @var mixed return Validation result to return + * + * @since 3.1.5-RC1 + */ + $vars = array('params_array', 'return'); + extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars))); + + return $return; + } } diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index c90fd79366..5900016c39 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -90,7 +90,11 @@ if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) } else { - @set_magic_quotes_runtime(0); + if (get_magic_quotes_runtime()) + { + // Deactivate + @set_magic_quotes_runtime(0); + } // Be paranoid with passed vars if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index b778ffdf12..6d0d4f06a6 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -55,11 +55,11 @@ class ucp_notifications $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) { @@ -183,13 +183,13 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { $template->assign_block_vars($block, array( 'GROUP_NAME' => $user->lang($group), )); - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { $template->assign_block_vars($block, array( 'TYPE' => $type, @@ -200,7 +200,7 @@ class ucp_notifications 'SUBSCRIBED' => (isset($subscriptions[$type])) ? true : false, )); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block . '.notification_methods', array( 'METHOD' => $method_data['id'], @@ -230,7 +230,7 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block, array( 'METHOD' => $method_data['id'], diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 59952182df..0989539a0f 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -55,7 +55,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $address_list = $request->variable('address_list', array('' => array(0 => ''))); - $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; @@ -69,6 +68,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; + $submit = $request->is_set_post('post') && !$refresh && !$preview; $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; @@ -530,15 +530,9 @@ function compose_pm($id, $mode, $action, $user_folders = array()) } // Get maximum number of allowed recipients - $sql = 'SELECT MAX(g.group_max_recipients) as max_recipients - FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug - WHERE ug.user_id = ' . $user->data['user_id'] . ' - AND ug.user_pending = 0 - AND ug.group_id = g.group_id'; - $result = $db->sql_query($sql); - $max_recipients = (int) $db->sql_fetchfield('max_recipients'); - $db->sql_freeresult($result); + $max_recipients = phpbb_get_max_setting_from_group($db, $user->data['user_id'], 'max_recipients'); + // If it is 0, there is no limit set and we use the maximum value within the config. $max_recipients = (!$max_recipients) ? $config['pm_max_recipients'] : $max_recipients; // If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients @@ -947,7 +941,11 @@ function compose_pm($id, $mode, $action, $user_folders = array()) { $message_link = ''; } - $message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; + $quote_text = $phpbb_container->get('text_formatter.utils')->generate_quote( + censor_text($message_parser->message), + array('author' => $quote_username) + ); + $message_parser->message = $message_link . $quote_text . "\n\n"; } if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) @@ -975,7 +973,11 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text); $forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to'])); - $message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; + $quote_text = $phpbb_container->get('text_formatter.utils')->generate_quote( + censor_text($message_parser->message), + array('author' => $quote_username) + ); + $message_parser->message = implode("\n", $forward_text) . "\n\n" . $quote_text; $message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject); } @@ -1157,7 +1159,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) 'SUBJECT' => (isset($message_subject)) ? $message_subject : '', 'MESSAGE' => $message_text, - 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_controller', array('mode' => 'bbcode')) . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 66eae22a1b..2f4d650ed0 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -572,7 +572,7 @@ class ucp_profile 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '', - 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_controller', array('mode' => 'bbcode')) . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], |