diff options
Diffstat (limited to 'phpBB/includes')
25 files changed, 469 insertions, 627 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 2b438e5670..c9225a7eae 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -489,7 +489,9 @@ class acp_bbcodes if (preg_match_all('/(?<!\\\\)\$([0-9]+)/', $replace, $repad)) { $repad = $pad + sizeof(array_unique($repad[0])); - $replace = preg_replace('/(?<!\\\\)\$([0-9]+)/e', "'\${' . (\$1 + \$pad) . '}'", $replace); + $replace = preg_replace_callback('/(?<!\\\\)\$([0-9]+)/', function ($match) use ($pad) { + return '${' . ($match[1] + $pad) . '}'; + }, $replace); $pad = $repad; } @@ -554,10 +556,18 @@ class acp_bbcodes trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } - $fp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_match); - $fp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_replace); - $sp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_match); - $sp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_replace); + $fp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $fp_match); + $fp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $fp_replace); + $sp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $sp_match); + $sp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $sp_replace); return array( 'bbcode_tag' => $bbcode_tag, diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index ff3b50174b..018eedda2a 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -501,7 +501,7 @@ class acp_board } // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... - foreach ($display_vars['vars'] as $config_name => $null) + foreach ($display_vars['vars'] as $config_name => $data) { if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) { @@ -533,6 +533,13 @@ class acp_board if ($submit) { + if (strpos($data['type'], 'password') === 0 && $config_value === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } $config->set($config_name, $config_value); if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable'])) @@ -562,6 +569,7 @@ class acp_board $old_auth_config = array(); foreach ($auth_providers as $provider) { + /** @var \phpbb\auth\provider\provider_interface $provider */ if ($fields = $provider->acp()) { // Check if we need to create config fields for this plugin and save config when submit was pressed @@ -577,6 +585,14 @@ class acp_board continue; } + if (substr($field, -9) === '_password' && $cfg_array[$field] === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } + $old_auth_config[$field] = $this->new_config[$field]; $config_value = $cfg_array[$field]; $this->new_config[$field] = $config_value; diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index d860ae27f4..5058e9c769 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -107,7 +107,10 @@ class acp_jabber $config->set('jab_host', $jab_host); $config->set('jab_port', $jab_port); $config->set('jab_username', $jab_username); - $config->set('jab_password', $jab_password); + if ($jab_password !== '********') + { + $config->set('jab_password', $jab_password); + } $config->set('jab_package_size', $jab_package_size); $config->set('jab_use_ssl', $jab_use_ssl); @@ -122,7 +125,7 @@ class acp_jabber 'JAB_HOST' => $jab_host, 'JAB_PORT' => ($jab_port) ? $jab_port : '', 'JAB_USERNAME' => $jab_username, - 'JAB_PASSWORD' => $jab_password, + 'JAB_PASSWORD' => $jab_password !== '' ? '********' : '', 'JAB_PACKAGE_SIZE' => $jab_package_size, 'JAB_USE_SSL' => $jab_use_ssl, 'S_CAN_USE_SSL' => jabber::can_use_ssl(), diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 8680b7786a..8a53edb8ee 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -638,7 +638,7 @@ class acp_main { $error = false; $search_type = $config['search_type']; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$search->index_created()) { diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index 4fca366868..c2407f15b4 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -19,6 +19,8 @@ if (!defined('IN_PHPBB')) exit; } +use phpbb\module\exception\module_exception; + /** * - Able to check for new module versions (modes changed/adjusted/added/removed) * Icons for: @@ -37,8 +39,10 @@ class acp_modules function main($id, $mode) { - global $db, $user, $auth, $template, $module, $request, $phpbb_log; - global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; + global $db, $user, $template, $module, $request, $phpbb_log, $phpbb_container; + + /** @var \phpbb\module\module_manager $module_manager */ + $module_manager = $phpbb_container->get('module.manager'); // Set a global define for modules we might include (the author is able to prevent execution of code by checking this constant) define('MODULE_INCLUDE', true); @@ -91,13 +95,20 @@ class acp_modules $db->sql_freeresult($result); } - $errors = $this->delete_module($module_id); - - if (!sizeof($errors)) + try { - $this->remove_cache_file(); - trigger_error($user->lang['MODULE_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); + $row = $module_manager->get_module_row($module_id, $this->module_class); + $module_manager->delete_module($module_id, $this->module_class); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_REMOVED', false, array($user->lang($row['module_langname']))); } + catch (module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } + + $module_manager->remove_cache_file($this->module_class); + trigger_error($user->lang['MODULE_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } else { @@ -138,8 +149,8 @@ class acp_modules AND module_id = $module_id"; $db->sql_query($sql); - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($this->lang_name($row['module_langname']))); - $this->remove_cache_file(); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($user->lang($row['module_langname']))); + $module_manager->remove_cache_file($this->module_class); break; @@ -163,12 +174,16 @@ class acp_modules trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - $move_module_name = $this->move_module_by($row, $action, 1); + try + { + $move_module_name = $module_manager->move_module_by($row, $this->module_class, $action, 1); - if ($move_module_name !== false) + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($user->lang($row['module_langname']), $move_module_name)); + $module_manager->remove_cache_file($this->module_class); + } + catch (module_exception $e) { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_' . strtoupper($action), false, array($this->lang_name($row['module_langname']), $move_module_name)); - $this->remove_cache_file(); + // Do nothing } if ($request->is_ajax()) @@ -194,7 +209,7 @@ class acp_modules list($module_basename, $module_mode) = explode('::', $quick_install); // Check if module name and mode exist... - $fileinfo = $this->get_module_infos($module_basename); + $fileinfo = $module_manager->get_module_infos($this->module_class, $module_basename); $fileinfo = $fileinfo[$module_basename]; if (isset($fileinfo['modes'][$module_mode])) @@ -210,11 +225,20 @@ class acp_modules 'module_auth' => $fileinfo['modes'][$module_mode]['auth'], ); - $errors = $this->update_module_data($module_data); + try + { + $module_manager->update_module_data($module_data); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_ADD', false, array($user->lang($module_data['module_langname']))); + } + catch (\phpbb\module\exception\module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } if (!sizeof($errors)) { - $this->remove_cache_file(); + $module_manager->remove_cache_file($this->module_class); trigger_error($user->lang['MODULE_ADDED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } @@ -240,7 +264,15 @@ class acp_modules trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - $module_row = $this->get_module_row($module_id); + try + { + $module_row = $module_manager->get_module_row($module_id, $this->module_class); + } + catch (\phpbb\module\exception\module_not_found_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } // no break @@ -294,15 +326,29 @@ class acp_modules // Adjust auth row if ($module_data['module_basename'] && $module_data['module_mode']) { - $fileinfo = $this->get_module_infos($module_data['module_basename']); + $fileinfo = $module_manager->get_module_infos($this->module_class, $module_data['module_basename']); $module_data['module_auth'] = $fileinfo[$module_data['module_basename']]['modes'][$module_data['module_mode']]['auth']; } - $errors = $this->update_module_data($module_data); + try + { + $module_manager->update_module_data($module_data); + $phpbb_log->add('admin', + $user->data['user_id'], + $user->ip, + ($action === 'edit') ? 'LOG_MODULE_EDIT' : 'LOG_MODULE_ADD', + false, + array($user->lang($module_data['module_langname'])) + ); } + catch (\phpbb\module\exception\module_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } if (!sizeof($errors)) { - $this->remove_cache_file(); + $module_manager->remove_cache_file($this->module_class); trigger_error((($action == 'add') ? $user->lang['MODULE_ADDED'] : $user->lang['MODULE_EDITED']) . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } @@ -312,7 +358,7 @@ class acp_modules $is_cat = (!$module_data['module_basename']) ? true : false; // Get module information - $module_infos = $this->get_module_infos(); + $module_infos = $module_manager->get_module_infos($this->module_class); // Build name options $s_name_options = $s_mode_options = ''; @@ -324,7 +370,7 @@ class acp_modules } // Name options - $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $option . ']</option>'; + $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $user->lang($values['title']) . ' [' . $option . ']</option>'; $template->assign_block_vars('m_names', array('NAME' => $option, 'A_NAME' => addslashes($option))); @@ -333,14 +379,14 @@ class acp_modules { if ($option == $module_data['module_basename']) { - $s_mode_options .= '<option value="' . $m_mode . '"' . (($m_mode == $module_data['module_mode']) ? ' selected="selected"' : '') . '>' . $this->lang_name($m_values['title']) . '</option>'; + $s_mode_options .= '<option value="' . $m_mode . '"' . (($m_mode == $module_data['module_mode']) ? ' selected="selected"' : '') . '>' . $user->lang($m_values['title']) . '</option>'; } $template->assign_block_vars('m_names.modes', array( 'OPTION' => $m_mode, - 'VALUE' => $this->lang_name($m_values['title']), + 'VALUE' => $user->lang($m_values['title']), 'A_OPTION' => addslashes($m_mode), - 'A_VALUE' => addslashes($this->lang_name($m_values['title']))) + 'A_VALUE' => addslashes($user->lang($m_values['title']))) ); } } @@ -358,7 +404,7 @@ class acp_modules 'L_TITLE' => $user->lang[strtoupper($action) . '_MODULE'], - 'MODULENAME' => $this->lang_name($module_data['module_langname']), + 'MODULENAME' => $user->lang($module_data['module_langname']), 'ACTION' => $action, 'MODULE_ID' => $module_id, @@ -406,11 +452,11 @@ class acp_modules { $navigation = '<a href="' . $this->u_action . '">' . strtoupper($this->module_class) . '</a>'; - $modules_nav = $this->get_module_branch($this->parent_id, 'parents', 'descending'); + $modules_nav = $module_manager->get_module_branch($this->parent_id, $this->module_class, 'parents'); foreach ($modules_nav as $row) { - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); if ($row['module_id'] == $this->parent_id) { @@ -437,7 +483,7 @@ class acp_modules { do { - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); if (!$row['module_enabled']) { @@ -472,7 +518,15 @@ class acp_modules } else if ($this->parent_id) { - $row = $this->get_module_row($this->parent_id); + try + { + $row = $module_manager->get_module_row($this->parent_id, $this->module_class); + } + catch (\phpbb\module\exception\module_not_found_exception $e) + { + $msg = $user->lang($e->getMessage()); + trigger_error($msg . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); + } $url = $this->u_action . '&parent_id=' . $this->parent_id . '&m=' . $row['module_id']; @@ -491,19 +545,19 @@ class acp_modules $db->sql_freeresult($result); // Quick adding module - $module_infos = $this->get_module_infos(); + $module_infos = $module_manager->get_module_infos($this->module_class); // Build quick options $s_install_options = ''; foreach ($module_infos as $option => $values) { // Name options - $s_install_options .= '<optgroup label="' . $this->lang_name($values['title']) . ' [' . $option . ']">'; + $s_install_options .= '<optgroup label="' . $user->lang($values['title']) . ' [' . $option . ']">'; // Build module modes foreach ($values['modes'] as $m_mode => $m_values) { - $s_install_options .= '<option value="' . $option . '::' . $m_mode . '"> ' . $this->lang_name($m_values['title']) . '</option>'; + $s_install_options .= '<option value="' . $option . '::' . $m_mode . '"> ' . $user->lang($m_values['title']) . '</option>'; } $s_install_options .= '</optgroup>'; @@ -521,104 +575,6 @@ class acp_modules } /** - * Get row for specified module - */ - function get_module_row($module_id) - { - global $db, $user; - - $sql = 'SELECT * - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND module_id = $module_id"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); - } - - return $row; - } - - /** - * Get available module information from module files - * - * @param string $module - * @param bool|string $module_class - * @param bool $use_all_available Use all available instead of just all - * enabled extensions - * @return array - */ - function get_module_infos($module = '', $module_class = false, $use_all_available = false) - { - global $phpbb_extension_manager, $phpbb_root_path, $phpEx; - - $module_class = ($module_class === false) ? $this->module_class : $module_class; - - $directory = $phpbb_root_path . 'includes/' . $module_class . '/info/'; - $fileinfo = array(); - - $finder = $phpbb_extension_manager->get_finder($use_all_available); - - $modules = $finder - ->extension_suffix('_module') - ->extension_directory("/$module_class") - ->core_path("includes/$module_class/info/") - ->core_prefix($module_class . '_') - ->get_classes(true); - - foreach ($modules as $cur_module) - { - // Skip entries we do not need if we know the module we are - // looking for - if ($module && strpos(str_replace('\\', '_', $cur_module), $module) === false && $module !== $cur_module) - { - continue; - } - - $info_class = preg_replace('/_module$/', '_info', $cur_module); - - // If the class does not exist it might be following the old - // format. phpbb_acp_info_acp_foo needs to be turned into - // acp_foo_info and the respective file has to be included - // manually because it does not support auto loading - $old_info_class_file = str_replace("phpbb_{$module_class}_info_", '', $cur_module); - $old_info_class = $old_info_class_file . '_info'; - - if (class_exists($old_info_class)) - { - $info_class = $old_info_class; - } - else if (!class_exists($info_class)) - { - $info_class = $old_info_class; - // need to check class exists again because previous checks triggered autoloading - if (!class_exists($info_class) && file_exists($directory . $old_info_class_file . '.' . $phpEx)) - { - include($directory . $old_info_class_file . '.' . $phpEx); - } - } - - if (class_exists($info_class)) - { - $info = new $info_class(); - $module_info = $info->module(); - - $main_class = (isset($module_info['filename'])) ? $module_info['filename'] : $cur_module; - - $fileinfo[$main_class] = $module_info; - } - } - - ksort($fileinfo); - - return $fileinfo; - } - - /** * Simple version of jumpbox, just lists modules */ function make_module_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true, $ignore_noncat = false) @@ -678,7 +634,7 @@ class acp_modules $selected = (is_array($select_id)) ? ((in_array($row['module_id'], $select_id)) ? ' selected="selected"' : '') : (($row['module_id'] == $select_id) ? ' selected="selected"' : ''); - $langname = $this->lang_name($row['module_langname']); + $langname = $user->lang($row['module_langname']); $module_list .= '<option value="' . $row['module_id'] . '"' . $selected . ((!$row['module_enabled']) ? ' class="disabled"' : '') . '>' . $padding . $langname . '</option>'; $iteration++; @@ -689,401 +645,4 @@ class acp_modules return $module_list; } - - /** - * Get module branch - */ - function get_module_branch($module_id, $type = 'all', $order = 'descending', $include_module = true) - { - global $db; - - switch ($type) - { - case 'parents': - $condition = 'm1.left_id BETWEEN m2.left_id AND m2.right_id'; - break; - - case 'children': - $condition = 'm2.left_id BETWEEN m1.left_id AND m1.right_id'; - break; - - default: - $condition = 'm2.left_id BETWEEN m1.left_id AND m1.right_id OR m1.left_id BETWEEN m2.left_id AND m2.right_id'; - break; - } - - $rows = array(); - - $sql = 'SELECT m2.* - FROM ' . MODULES_TABLE . ' m1 - LEFT JOIN ' . MODULES_TABLE . " m2 ON ($condition) - WHERE m1.module_class = '" . $db->sql_escape($this->module_class) . "' - AND m2.module_class = '" . $db->sql_escape($this->module_class) . "' - AND m1.module_id = $module_id - ORDER BY m2.left_id " . (($order == 'descending') ? 'ASC' : 'DESC'); - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (!$include_module && $row['module_id'] == $module_id) - { - continue; - } - - $rows[] = $row; - } - $db->sql_freeresult($result); - - return $rows; - } - - /** - * Remove modules cache file - */ - function remove_cache_file() - { - global $phpbb_container; - - // Sanitise for future path use, it's escaped as appropriate for queries - $p_class = str_replace(array('.', '/', '\\'), '', basename($this->module_class)); - - $phpbb_container->get('cache.driver')->destroy('_modules_' . $p_class); - - // Additionally remove sql cache - $phpbb_container->get('cache.driver')->destroy('sql', MODULES_TABLE); - } - - /** - * Return correct language name - */ - function lang_name($module_langname) - { - global $user; - - return (!empty($user->lang[$module_langname])) ? $user->lang[$module_langname] : $module_langname; - } - - /** - * Update/Add module - * - * @param array &$module_data The module data - * @param bool $run_inline if set to true errors will be returned and no logs being written - */ - function update_module_data(&$module_data, $run_inline = false) - { - global $db, $user, $phpbb_log; - - if (!isset($module_data['module_id'])) - { - // no module_id means we're creating a new category/module - if ($module_data['parent_id']) - { - $sql = 'SELECT left_id, right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND module_id = " . (int) $module_data['parent_id']; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - if ($run_inline) - { - return 'PARENT_NO_EXIST'; - } - - trigger_error($user->lang['PARENT_NO_EXIST'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); - } - - // Workaround - $row['left_id'] = (int) $row['left_id']; - $row['right_id'] = (int) $row['right_id']; - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + 2, right_id = right_id + 2 - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND left_id > {$row['right_id']}"; - $db->sql_query($sql); - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id + 2 - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND {$row['left_id']} BETWEEN left_id AND right_id"; - $db->sql_query($sql); - - $module_data['left_id'] = (int) $row['right_id']; - $module_data['right_id'] = (int) $row['right_id'] + 1; - } - else - { - $sql = 'SELECT MAX(right_id) AS right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $module_data['left_id'] = (int) $row['right_id'] + 1; - $module_data['right_id'] = (int) $row['right_id'] + 2; - } - - $sql = 'INSERT INTO ' . MODULES_TABLE . ' ' . $db->sql_build_array('INSERT', $module_data); - $db->sql_query($sql); - - $module_data['module_id'] = $db->sql_nextid(); - - if (!$run_inline) - { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_ADD', false, array($this->lang_name($module_data['module_langname']))); - } - } - else - { - $row = $this->get_module_row($module_data['module_id']); - - if ($module_data['module_basename'] && !$row['module_basename']) - { - // we're turning a category into a module - $branch = $this->get_module_branch($module_data['module_id'], 'children', 'descending', false); - - if (sizeof($branch)) - { - return array($user->lang['NO_CATEGORY_TO_MODULE']); - } - } - - if ($row['parent_id'] != $module_data['parent_id']) - { - $this->move_module($module_data['module_id'], $module_data['parent_id']); - } - - $update_ary = $module_data; - unset($update_ary['module_id']); - - $sql = 'UPDATE ' . MODULES_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $update_ary) . " - WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "' - AND module_id = " . (int) $module_data['module_id']; - $db->sql_query($sql); - - if (!$run_inline) - { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_EDIT', false, array($this->lang_name($module_data['module_langname']))); - } - } - - return array(); - } - - /** - * Move module around the tree - */ - function move_module($from_module_id, $to_parent_id) - { - global $db; - - $moved_modules = $this->get_module_branch($from_module_id, 'children', 'descending'); - $from_data = $moved_modules[0]; - $diff = sizeof($moved_modules) * 2; - - $moved_ids = array(); - for ($i = 0; $i < sizeof($moved_modules); ++$i) - { - $moved_ids[] = $moved_modules[$i]['module_id']; - } - - // Resync parents - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id < " . (int) $from_data['right_id'] . ' - AND right_id > ' . (int) $from_data['right_id']; - $db->sql_query($sql); - - // Resync righthand side of tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id - $diff, right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > " . (int) $from_data['right_id']; - $db->sql_query($sql); - - if ($to_parent_id > 0) - { - $to_data = $this->get_module_row($to_parent_id); - - // Resync new parents - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id + $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . (int) $to_data['right_id'] . ' BETWEEN left_id AND right_id - AND ' . $db->sql_in_set('module_id', $moved_ids, true); - $db->sql_query($sql); - - // Resync the righthand side of the tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + $diff, right_id = right_id + $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > " . (int) $to_data['right_id'] . ' - AND ' . $db->sql_in_set('module_id', $moved_ids, true); - $db->sql_query($sql); - - // Resync moved branch - $to_data['right_id'] += $diff; - if ($to_data['right_id'] > $from_data['right_id']) - { - $diff = '+ ' . ($to_data['right_id'] - $from_data['right_id'] - 1); - } - else - { - $diff = '- ' . abs($to_data['right_id'] - $from_data['right_id'] - 1); - } - } - else - { - $sql = 'SELECT MAX(right_id) AS right_id - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . $db->sql_in_set('module_id', $moved_ids, true); - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $diff = '+ ' . (int) ($row['right_id'] - $from_data['left_id'] + 1); - } - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id $diff, right_id = right_id $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND " . $db->sql_in_set('module_id', $moved_ids); - $db->sql_query($sql); - } - - /** - * Remove module from tree - */ - function delete_module($module_id) - { - global $db, $user, $phpbb_log; - - $row = $this->get_module_row($module_id); - - $branch = $this->get_module_branch($module_id, 'children', 'descending', false); - - if (sizeof($branch)) - { - return array($user->lang['CANNOT_REMOVE_MODULE']); - } - - // If not move - $diff = 2; - $sql = 'DELETE FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND module_id = $module_id"; - $db->sql_query($sql); - - $row['right_id'] = (int) $row['right_id']; - $row['left_id'] = (int) $row['left_id']; - - // Resync tree - $sql = 'UPDATE ' . MODULES_TABLE . " - SET right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id < {$row['right_id']} AND right_id > {$row['right_id']}"; - $db->sql_query($sql); - - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id - $diff, right_id = right_id - $diff - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id > {$row['right_id']}"; - $db->sql_query($sql); - - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MODULE_REMOVED', false, array($this->lang_name($row['module_langname']))); - - return array(); - - } - - /** - * Move module position by $steps up/down - */ - function move_module_by($module_row, $action = 'move_up', $steps = 1) - { - global $db; - - /** - * Fetch all the siblings between the module's current spot - * and where we want to move it to. If there are less than $steps - * siblings between the current spot and the target then the - * module will move as far as possible - */ - $sql = 'SELECT module_id, left_id, right_id, module_langname - FROM ' . MODULES_TABLE . " - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND parent_id = " . (int) $module_row['parent_id'] . ' - AND ' . (($action == 'move_up') ? 'right_id < ' . (int) $module_row['right_id'] . ' ORDER BY right_id DESC' : 'left_id > ' . (int) $module_row['left_id'] . ' ORDER BY left_id ASC'); - $result = $db->sql_query_limit($sql, $steps); - - $target = array(); - while ($row = $db->sql_fetchrow($result)) - { - $target = $row; - } - $db->sql_freeresult($result); - - if (!sizeof($target)) - { - // The module is already on top or bottom - return false; - } - - /** - * $left_id and $right_id define the scope of the nodes that are affected by the move. - * $diff_up and $diff_down are the values to substract or add to each node's left_id - * and right_id in order to move them up or down. - * $move_up_left and $move_up_right define the scope of the nodes that are moving - * up. Other nodes in the scope of ($left_id, $right_id) are considered to move down. - */ - if ($action == 'move_up') - { - $left_id = (int) $target['left_id']; - $right_id = (int) $module_row['right_id']; - - $diff_up = (int) ($module_row['left_id'] - $target['left_id']); - $diff_down = (int) ($module_row['right_id'] + 1 - $module_row['left_id']); - - $move_up_left = (int) $module_row['left_id']; - $move_up_right = (int) $module_row['right_id']; - } - else - { - $left_id = (int) $module_row['left_id']; - $right_id = (int) $target['right_id']; - - $diff_up = (int) ($module_row['right_id'] + 1 - $module_row['left_id']); - $diff_down = (int) ($target['right_id'] - $module_row['right_id']); - - $move_up_left = (int) ($module_row['right_id'] + 1); - $move_up_right = (int) $target['right_id']; - } - - // Now do the dirty job - $sql = 'UPDATE ' . MODULES_TABLE . " - SET left_id = left_id + CASE - WHEN left_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} - ELSE {$diff_down} - END, - right_id = right_id + CASE - WHEN right_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} - ELSE {$diff_down} - END - WHERE module_class = '" . $db->sql_escape($this->module_class) . "' - AND left_id BETWEEN {$left_id} AND {$right_id} - AND right_id BETWEEN {$left_id} AND {$right_id}"; - $db->sql_query($sql); - - $this->remove_cache_file(); - - return $this->lang_name($target['module_langname']); - } } diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 63a103aa0c..ed40b0d424 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -507,9 +507,9 @@ class acp_prune WHERE ug.group_id = ' . (int) $group_id . ' AND ug.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . ' - AND ug.user_pending = 0 ' . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . ' - AND u.user_id = ug.user_id'; + AND ug.user_pending = 0 + AND u.user_id = ug.user_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : ''); $result = $db->sql_query($sql); // we're performing an intersection operation, so all the relevant users @@ -533,10 +533,10 @@ class acp_prune $sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE u.user_id <> ' . ANONYMOUS . ' - AND u.user_type <> ' . USER_FOUNDER . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' + AND u.user_type <> ' . USER_FOUNDER . ' AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . ' AND u.user_id = p.poster_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' GROUP BY p.poster_id HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue; $result = $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index e0991158fe..25fc1ed8dc 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -596,7 +596,7 @@ class acp_search */ function init_search($type, &$search, &$error) { - global $phpbb_root_path, $phpEx, $user, $auth, $config, $db; + global $phpbb_root_path, $phpEx, $user, $auth, $config, $db, $phpbb_dispatcher; if (!class_exists($type) || !method_exists($type, 'keyword_search')) { @@ -605,7 +605,7 @@ class acp_search } $error = false; - $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); return $error; } diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index b652fd6587..de3ca5f787 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -1013,7 +1013,7 @@ class acp_styles // Assign template variables $this->template->assign_block_vars('styles_list', $row); - foreach($actions as $action) + foreach ($actions as $action) { $this->template->assign_block_vars('styles_list.actions', $action); } diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 644b1ac7a5..b13b1ee040 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -470,7 +470,8 @@ class auth_admin extends \phpbb\auth\auth // Build role dropdown options $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0; - $s_role_options = ''; + // Output current role id to template + $template->assign_var('S_ROLE_ID', $current_role_id); @reset($roles); while (list($role_id, $role_row) = each($roles)) @@ -478,13 +479,12 @@ class auth_admin extends \phpbb\auth\auth $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']); $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; - $title = ($role_description) ? ' title="' . $role_description . '"' : ''; - $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>'; - } - - if ($s_role_options) - { - $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options; + $template->assign_block_vars('role_options', array( + 'ID' => $role_id, + 'ROLE_NAME' => $role_name, + 'TITLE' => $role_description, + 'SELECTED' => $role_id == $current_role_id, + )); } if (!$current_role_id && $mode != 'view') @@ -507,7 +507,6 @@ class auth_admin extends \phpbb\auth\auth $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( 'NAME' => $ug_names_ary[$ug_id], - 'S_ROLE_OPTIONS' => $s_role_options, 'UG_ID' => $ug_id, 'S_CUSTOM' => $s_custom_permissions, 'FORUM_ID' => $forum_id) @@ -556,7 +555,8 @@ class auth_admin extends \phpbb\auth\auth // Build role dropdown options $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0; - $s_role_options = ''; + // Output current role id to template + $template->assign_var('S_ROLE_ID', $current_role_id); @reset($roles); while (list($role_id, $role_row) = each($roles)) @@ -564,13 +564,12 @@ class auth_admin extends \phpbb\auth\auth $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']); $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; - $title = ($role_description) ? ' title="' . $role_description . '"' : ''; - $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>'; - } - - if ($s_role_options) - { - $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options; + $template->assign_block_vars('role_options', array( + 'ID' => $role_id, + 'ROLE_NAME' => $role_name, + 'TITLE' => $role_description, + 'SELECTED' => $role_id == $current_role_id, + )); } if (!$current_role_id && $mode != 'view') @@ -594,7 +593,6 @@ class auth_admin extends \phpbb\auth\auth $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( 'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'], 'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'], - 'S_ROLE_OPTIONS' => $s_role_options, 'S_CUSTOM' => $s_custom_permissions, 'UG_ID' => $ug_id, 'FORUM_ID' => $forum_id) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index dcbf33a3c4..41d4ec40fe 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -110,7 +110,18 @@ class bbcode $undid_bbcode_specialchars = true; } - $message = preg_replace($preg['search'], $preg['replace'], $message); + foreach ($preg['search'] as $key => $search) + { + if (is_callable($preg['replace'][$key])) + { + $message = preg_replace_callback($search, $preg['replace'][$key], $message); + } + else + { + $message = preg_replace($search, $preg['replace'][$key], $message); + } + } + $preg = array('search' => array(), 'replace' => array()); } } @@ -214,7 +225,9 @@ class bbcode '[/quote:$uid]' => $this->bbcode_tpl('quote_close', $bbcode_id) ), 'preg' => array( - '#\[quote(?:="(.*?)")?:$uid\]((?!\[quote(?:=".*?")?:$uid\]).)?#ise' => "\$this->bbcode_second_pass_quote('\$1', '\$2')" + '#\[quote(?:="(.*?)")?:$uid\]((?!\[quote(?:=".*?")?:$uid\]).)?#is' => function ($match) { + return $this->bbcode_second_pass_quote($match[1], $match[2]); + }, ) ); break; @@ -293,7 +306,9 @@ class bbcode case 8: $this->bbcode_cache[$bbcode_id] = array( 'preg' => array( - '#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#ise' => "\$this->bbcode_second_pass_code('\$1', '\$2')", + '#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#is' => function ($match) { + return $this->bbcode_second_pass_code($match[1], $match[2]); + }, ) ); break; @@ -303,7 +318,9 @@ class bbcode 'preg' => array( '#(\[\/?(list|\*):[mou]?:?$uid\])[\n]{1}#' => "\$1", '#(\[list=([^\[]+):$uid\])[\n]{1}#' => "\$1", - '#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_list('\$1')", + '#\[list=([^\[]+):$uid\]#' => function ($match) { + return $this->bbcode_list($match[1]); + }, ), 'str' => array( '[list:$uid]' => $this->bbcode_tpl('ulist_open_default', $bbcode_id), @@ -387,7 +404,9 @@ class bbcode } // Replace {L_*} lang strings - $bbcode_tpl = preg_replace('/{L_([A-Z0-9_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $bbcode_tpl); + $bbcode_tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { + return (!empty($user->lang[$match[1]])) ? $user->lang($match[1]) : ucwords(strtolower(str_replace('_', ' ', $match[1]))); + }, $bbcode_tpl); if (!empty($rowset[$bbcode_id]['second_pass_replace'])) { @@ -511,7 +530,9 @@ class bbcode 'email' => array('{EMAIL}' => '$1', '{DESCRIPTION}' => '$2') ); - $tpl = preg_replace('/{L_([A-Z0-9_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $tpl); + $tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { + return (!empty($user->lang[$match[1]])) ? $user->lang($match[1]) : ucwords(strtolower(str_replace('_', ' ', $match[1]))); + }, $tpl); if (!empty($replacements[$tpl_name])) { diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b722c30416..bb4fc5dbae 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -686,6 +686,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ { $forum_id = array($forum_id); } + else + { + $forum_id = array_unique($forum_id); + } /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); @@ -3953,13 +3957,14 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) * @param array $user_row Row from the users table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false) +function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'user'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -3968,13 +3973,14 @@ function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = * @param array $group_row Row from the groups table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false) +function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'group'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -3983,10 +3989,11 @@ function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config * @param array $row Row cleaned by \phpbb\avatar\manager::clean_row * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_avatar($row, $alt, $ignore_config = false) +function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false) { global $user, $config, $cache, $phpbb_root_path, $phpEx; global $request; @@ -4025,7 +4032,28 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false) if (!empty($avatar_data['src'])) { - $html = '<img src="' . $avatar_data['src'] . '" ' . + if ($lazy) + { + // Determine board url - we may need it later + $board_url = generate_board_url() . '/'; + // This path is sent with the base template paths in the assign_vars() + // call below. We need to correct it in case we are accessing from a + // controller because the web paths will be incorrect otherwise. + $phpbb_path_helper = $phpbb_container->get('path_helper'); + $corrected_path = $phpbb_path_helper->get_web_root_path(); + + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; + + $theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme'; + + $src = 'src="' . $theme . '/images/no_avatar.gif" data-src="' . $avatar_data['src'] . '"'; + } + else + { + $src = 'src="' . $avatar_data['src'] . '"'; + } + + $html = '<img class="avatar" ' . $src . ($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') . ($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') . 'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />'; diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index 6d59b513af..eea18a0c47 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -245,8 +245,13 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) switch ($tpl_type[0]) { - case 'text': case 'password': + if ($new[$config_key] !== '') + { + // replace passwords with asterixes + $new[$config_key] = '********'; + } + case 'text': case 'url': case 'email': case 'color': diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index fce4bf841b..7ca1f621ff 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -500,7 +500,7 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png') */ function move_topics($topic_ids, $forum_id, $auto_sync = true) { - global $db; + global $db, $phpbb_dispatcher; if (empty($topic_ids)) { @@ -534,6 +534,27 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true) } $table_ary = array(TOPICS_TABLE, POSTS_TABLE, LOG_TABLE, DRAFTS_TABLE, TOPICS_TRACK_TABLE); + + /** + * Perform additional actions before topics move + * + * @event core.move_topics_before_query + * @var array table_ary Array of tables from which forum_id will be updated for all rows that hold the moved topics + * @var array topic_ids Array of the moved topic ids + * @var string forum_id The forum id from where the topics are moved + * @var array forum_ids Array of the forums where the topics are moving (includes also forum_id) + * @var bool auto_sync Whether or not to perform auto sync + * @since 3.1.5-RC1 + */ + $vars = array( + 'table_ary', + 'topic_ids', + 'forum_id', + 'forum_ids', + 'auto_sync', + ); + extract($phpbb_dispatcher->trigger_event('core.move_topics_before_query', compact($vars))); + foreach ($table_ary as $table) { $sql = "UPDATE $table @@ -921,7 +942,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 31019061a9..4b085a6050 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -30,10 +30,11 @@ if (!defined('IN_PHPBB')) * @param string $avatar_height Height of users avatar * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar image */ -function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false) +function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { // map arguments to new function phpbb_get_avatar() $row = array( @@ -43,7 +44,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $ 'avatar_height' => $avatar_height, ); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index ad693f4019..0a25ae8c36 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -966,7 +966,7 @@ function get_remote_avatar_dim($src, $axis) $protocol = (isset($url_info['scheme'])) ? $url_info['scheme'] : 'http'; if (empty($port)) { - switch(strtolower($protocol)) + switch (strtolower($protocol)) { case 'ftp': $port = 21; diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index f89068327c..3a96119dbe 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -150,7 +150,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); - $forum_tracking_info = array(); + $forum_tracking_info = $valid_categories = array(); $branch_root_id = $root_data['forum_id']; /* @var $phpbb_content_visibility \phpbb\content_visibility */ @@ -251,6 +251,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod } } + // Fill list of categories with forums + if (isset($forum_rows[$row['parent_id']])) + { + $valid_categories[$row['parent_id']] = true; + } + // if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id) { @@ -268,6 +274,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $branch_root_id = $forum_id; } $forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id']; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; $forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time']; } else if ($row['forum_type'] != FORUM_CAT) @@ -309,6 +316,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name']; $forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour']; $forum_rows[$parent_id]['forum_id_last_post'] = $forum_id; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; } } @@ -405,6 +413,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Category if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT) { + // Do not display categories without any forums to display + if (!isset($valid_categories[$row['forum_id']])) + { + continue; + } + $cat_row = array( 'S_IS_CAT' => true, 'FORUM_ID' => $row['forum_id'], @@ -523,8 +537,15 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Create last post link information, if appropriate if ($row['forum_last_post_id']) { - $last_post_subject = $row['forum_last_post_subject']; - $last_post_subject_truncated = truncate_string(censor_text($last_post_subject), 30, 255, false, $user->lang['ELLIPSIS']); + if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post'])) + { + $last_post_subject = censor_text($row['forum_last_post_subject']); + $last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']); + } + else + { + $last_post_subject = $last_post_subject_truncated = ''; + } $last_post_time = $user->format_date($row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } @@ -584,7 +605,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false, 'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false, 'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false, - 'S_DISPLAY_SUBJECT' => ($last_post_subject && $config['display_last_subject'] && !$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? true : false, + 'S_DISPLAY_SUBJECT' => ($last_post_subject !== '' && $config['display_last_subject']) ? true : false, 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false, 'FORUM_ID' => $row['forum_id'], @@ -597,8 +618,8 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', - 'LAST_POST_SUBJECT' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? censor_text($last_post_subject) : "", - 'LAST_POST_SUBJECT_TRUNCATED' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? $last_post_subject_truncated : "", + 'LAST_POST_SUBJECT' => $last_post_subject, + 'LAST_POST_SUBJECT_TRUNCATED' => $last_post_subject_truncated, 'LAST_POST_TIME' => $last_post_time, 'LAST_POSTER' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index fcab667cb2..a1ace42c32 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1552,7 +1552,14 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u return false; } - $current_time = time(); + if (!empty($data['post_time'])) + { + $current_time = $data['post_time']; + } + else + { + $current_time = time(); + } if ($mode == 'post') { @@ -1754,6 +1761,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_type' => $topic_type, 'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0, 'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, + 'topic_status' => (isset($data['topic_status'])) ? $data['topic_status'] : ITEM_UNLOCKED, ); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) @@ -2226,7 +2234,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 85b6f2be62..45263ad018 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -502,6 +502,9 @@ function user_delete($mode, $user_ids, $retain_username = true) $num_users_delta = 0; + // Get auth provider collection in case accounts might need to be unlinked + $provider_collection = $phpbb_container->get('auth.provider_collection'); + // Some things need to be done in the loop (if the query changes based // on which user is currently being deleted) $added_guest_posts = 0; @@ -512,6 +515,38 @@ function user_delete($mode, $user_ids, $retain_username = true) avatar_delete('user', $user_row); } + // Unlink accounts + foreach ($provider_collection as $provider_name => $auth_provider) + { + $provider_data = $auth_provider->get_auth_link_data($user_id); + + if ($provider_data !== null) + { + $link_data = array( + 'user_id' => $user_id, + 'link_method' => 'user_delete', + ); + + // BLOCK_VARS might contain hidden fields necessary for unlinking accounts + if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS'])) + { + foreach ($provider_data['BLOCK_VARS'] as $provider_service) + { + if (!array_key_exists('HIDDEN_FIELDS', $provider_service)) + { + $provider_service['HIDDEN_FIELDS'] = array(); + } + + $auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS'])); + } + } + else + { + $auth_provider->unlink_account($link_data); + } + } + } + // Decrement number of users if this user is active if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) { @@ -1385,7 +1420,7 @@ function user_ipwhois($ip) $match = array(); // Test for referrals from $whois_host to other whois databases, roll on rwhois - if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match)) + if (preg_match('#ReferralServer:[\x20]*whois://(.+)#im', $ipwhois, $match)) { if (strpos($match[1], ':') !== false) { diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index e8ab0167f5..2659a4bf01 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -1188,7 +1188,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '', function mcp_fork_topic($topic_ids) { global $auth, $user, $db, $template, $config; - global $phpEx, $phpbb_root_path, $phpbb_log, $request; + global $phpEx, $phpbb_root_path, $phpbb_log, $request, $phpbb_dispatcher; if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_'))) { @@ -1266,7 +1266,7 @@ function mcp_fork_topic($topic_ids) } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); $search_mode = 'post'; if ($error) diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index b70dfbb514..f7983c57bf 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -26,6 +26,7 @@ function mcp_post_details($id, $mode, $action) { global $phpEx, $phpbb_root_path, $config, $request; global $template, $db, $user, $auth, $cache; + global $phpbb_dispatcher; $user->add_lang('posting'); @@ -106,6 +107,21 @@ function mcp_post_details($id, $mode, $action) } break; + + default: + + /** + * This event allows you to handle custom post moderation options + * + * @event core.mcp_post_additional_options + * @var string action Post moderation action name + * @var array post_info Information on the affected post + * @since 3.1.5-RC1 + */ + $vars = array('action', 'post_info'); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_additional_options', compact($vars))); + + break; } // Set some vars @@ -197,7 +213,7 @@ function mcp_post_details($id, $mode, $action) $l_deleted_by = ''; } - $template->assign_vars(array( + $mcp_post_template_data = array( 'U_MCP_ACTION' => "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters 'U_POST_ACTION' => "$url&i=$id&mode=post_details", // Use this for action parameters 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"), @@ -249,7 +265,32 @@ function mcp_post_details($id, $mode, $action) 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '', 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '', - )); + ); + + $s_additional_opts = false; + + /** + * Event to add/modify MCP post template data + * + * @event core.mcp_post_template_data + * @var array post_info Array with the post information + * @var array mcp_post_template_data Array with the MCP post template data + * @var array attachments Array with the post attachments, if any + * @var bool s_additional_opts Must be set to true in extension if additional options are presented in MCP post panel + * @since 3.1.5-RC1 + */ + $vars = array( + 'post_info', + 'mcp_post_template_data', + 'attachments', + 's_additional_opts', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_template_data', compact($vars))); + + $template->assign_vars($mcp_post_template_data); + $template->assign_var('S_MCP_POST_ADDITIONAL_OPTS', $s_additional_opts); + + unset($mcp_post_template_data); // Get User Notes $log_data = array(); @@ -497,7 +538,7 @@ function change_poster(&$post_info, $userdata) { // We do some additional checks in the module to ensure it can actually be utilised $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$error && method_exists($search, 'destroy_cache')) { diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index cbd2282e96..72733f3d0c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -83,7 +83,14 @@ class bbcode_firstpass extends bbcode // it should not demand recompilation if (preg_match($regexp, $this->message)) { - $this->message = preg_replace($regexp, $replacement, $this->message); + if (is_callable($replacement)) + { + $this->message = preg_replace_callback($regexp, $replacement, $this->message); + } + else + { + $this->message = preg_replace($regexp, $replacement, $this->message); + } $bitfield->set($bbcode_data['bbcode_id']); } } @@ -123,6 +130,8 @@ class bbcode_firstpass extends bbcode static $rowset; + $bbcode_class = $this; + // This array holds all bbcode data. BBCodes will be processed in this // order, so it is important to keep [code] in first position and // [quote] in second position. @@ -132,19 +141,71 @@ class bbcode_firstpass extends bbcode // To perform custom validation in extension, use $this->validate_bbcode_by_extension() // method which accepts variable number of parameters $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->bbcode_strong('\$1')")), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uise' => "\$this->bbcode_size('\$1', '\$2')")), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uise' => "\$this->bbcode_color('\$1', '\$2')")), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uise' => "\$this->bbcode_underline('\$1')")), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uise' => "\$this->bbcode_parse_list('\$0')")), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uise' => "\$this->validate_email('\$1', '\$2')")), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#uie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_code($match[1], $match[2]); + } + )), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_quote($match[0]); + } + )), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_attachment($match[1], $match[2]); + } + )), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_strong($match[1]); + } + )), + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_italic($match[1]); + } + )), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) use($bbcode_class) + { + return $bbcode_class->validate_url($match[2], ($match[3]) ? $match[3] : $match[4]); + } + )), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_img($match[1]); + } + )), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_size($match[1], $match[2]); + } + )), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_color($match[1], $match[2]); + } + )), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_underline($match[1]); + } + )), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_parse_list($match[0]); + } + )), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->validate_email($match[1], $match[2]); + } + )), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_flash($match[1], $match[2], $match[3]); + } + )) ); // Zero the parsed items array @@ -747,7 +808,9 @@ class bbcode_firstpass extends bbcode } // To let the parser not catch tokens within quote_username quotes we encode them before we start this... - $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in); + $in = preg_replace_callback('#quote="(.*?)"\]#i', function ($match) { + return 'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), $match[1]) . '"]'; + }, $in); $tok = ']'; $out = '['; @@ -1536,7 +1599,9 @@ class parse_message extends bbcode_firstpass ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) { + return '[attachment='.($match[1] + 1).']' . $match[2] . '[/attachment]'; + }, $this->message); $this->filename_data['filecomment'] = ''; @@ -1604,7 +1669,9 @@ class parse_message extends bbcode_firstpass } unset($this->attachment_data[$index]); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) use($index) { + return ($match[1] == $index) ? '' : (($match[1] > $index) ? '[attachment=' . ($match[1] - 1) . ']' . $match[2] . '[/attachment]' : $match[0]); + }, $this->message); // Reindex Array $this->attachment_data = array_values($this->attachment_data); @@ -1648,7 +1715,9 @@ class parse_message extends bbcode_firstpass ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) { + return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]'; + }, $this->message); $this->filename_data['filecomment'] = ''; if (isset($this->plupload) && $this->plupload->is_active()) diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index c90fd79366..5900016c39 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -90,7 +90,11 @@ if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) } else { - @set_magic_quotes_runtime(0); + if (get_magic_quotes_runtime()) + { + // Deactivate + @set_magic_quotes_runtime(0); + } // Be paranoid with passed vars if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index b778ffdf12..6d0d4f06a6 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -55,11 +55,11 @@ class ucp_notifications $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) { @@ -183,13 +183,13 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { $template->assign_block_vars($block, array( 'GROUP_NAME' => $user->lang($group), )); - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { $template->assign_block_vars($block, array( 'TYPE' => $type, @@ -200,7 +200,7 @@ class ucp_notifications 'SUBSCRIBED' => (isset($subscriptions[$type])) ? true : false, )); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block . '.notification_methods', array( 'METHOD' => $method_data['id'], @@ -230,7 +230,7 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block, array( 'METHOD' => $method_data['id'], diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 4ff27e8cf1..0989539a0f 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -55,7 +55,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $address_list = $request->variable('address_list', array('' => array(0 => ''))); - $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; @@ -69,6 +68,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; + $submit = $request->is_set_post('post') && !$refresh && !$preview; $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; @@ -942,10 +942,10 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $message_link = ''; } $quote_text = $phpbb_container->get('text_formatter.utils')->generate_quote( - censor_text(trim($message_parser->message)), + censor_text($message_parser->message), array('author' => $quote_username) ); - $message_parser->message = $message_link . $quote_text . "\n"; + $message_parser->message = $message_link . $quote_text . "\n\n"; } if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) @@ -974,7 +974,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to'])); $quote_text = $phpbb_container->get('text_formatter.utils')->generate_quote( - censor_text(trim($message_parser->message)), + censor_text($message_parser->message), array('author' => $quote_username) ); $message_parser->message = implode("\n", $forward_text) . "\n\n" . $quote_text; diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 9c21971bf8..b674a457c1 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -507,7 +507,9 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $rule_lang = $action_lang = $check_lang = array(); // Build all three language arrays - preg_replace('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$user->lang['PM_\\2']['\\3']", array_keys(get_defined_constants())); + preg_replace_callback('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#', function ($match) use(&$rule_lang, &$action_lang, &$check_lang, $user) { + ${strtolower($match[2]) . '_lang'}[constant($match[1])] = $user->lang['PM_' . $match[2]][$match[3]]; + }, array_keys(get_defined_constants())); /* Rule Ordering: |