diff options
Diffstat (limited to 'phpBB/includes')
27 files changed, 302 insertions, 236 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index a7ea57b753..f8af1b86e1 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -175,12 +175,21 @@ class acp_ban } $result = $db->sql_query($sql); - $banned_options = ''; + $banned_options = $excluded_options = array(); $ban_length = $ban_reasons = $ban_give_reasons = array(); while ($row = $db->sql_fetchrow($result)) { - $banned_options .= '<option' . (($row['ban_exclude']) ? ' class="sep"' : '') . ' value="' . $row['ban_id'] . '">' . $row[$field] . '</option>'; + $option = '<option value="' . $row['ban_id'] . '">' . $row[$field] . '</option>'; + + if ($row['ban_exclude']) + { + $excluded_options[] = $option; + } + else + { + $banned_options[] = $option; + } $time_length = ($row['ban_end']) ? ($row['ban_end'] - $row['ban_start']) / 60 : 0; @@ -241,11 +250,26 @@ class acp_ban } } + $options = ''; + if ($excluded_options) + { + $options .= '<optgroup label="' . $user->lang['OPTIONS_EXCLUDED'] . '">'; + $options .= implode('', $excluded_options); + $options .= '</optgroup>'; + } + + if ($banned_options) + { + $options .= '<optgroup label="' . $user->lang['OPTIONS_BANNED'] . '">'; + $options .= implode('', $banned_options); + $options .= '</optgroup>'; + } + $template->assign_vars(array( 'S_BAN_END_OPTIONS' => $ban_end_options, - 'S_BANNED_OPTIONS' => ($banned_options) ? true : false, - 'BANNED_OPTIONS' => $banned_options) - ); + 'S_BANNED_OPTIONS' => ($banned_options || $excluded_options) ? true : false, + 'BANNED_OPTIONS' => $options, + )); } } diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 3ed5f40368..f437dca8f9 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -234,7 +234,7 @@ class acp_board 'max_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:8:180', 'type' => false, 'method' => false, 'explain' => false,), 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,), - 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_acc_activation', 'explain' => true), + 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'select', 'method' => 'select_acc_activation', 'explain' => true), 'new_member_post_limit' => array('lang' => 'NEW_MEMBER_POST_LIMIT', 'validate' => 'int:0:255', 'type' => 'text:4:4', 'explain' => true, 'append' => ' ' . $user->lang['POSTS']), 'new_member_group_default'=> array('lang' => 'NEW_MEMBER_GROUP_DEFAULT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'min_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:1', 'type' => 'custom:5:180', 'method' => 'username_length', 'explain' => true), @@ -383,6 +383,8 @@ class acp_board 'referer_validation' => array('lang' => 'REFERER_VALID', 'validate' => 'int:0:3','type' => 'custom', 'method' => 'select_ref_check', 'explain' => true), 'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,), + 'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true), 'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true), 'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']), 'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true), @@ -768,24 +770,28 @@ class acp_board /** * Select account activation method */ - function select_acc_activation($value, $key = '') + function select_acc_activation($selected_value, $value) { global $user, $config; - $radio_ary = array( - USER_ACTIVATION_DISABLE => 'ACC_DISABLE', - USER_ACTIVATION_NONE => 'ACC_NONE', + $act_ary = array( + 'ACC_DISABLE' => USER_ACTIVATION_DISABLE, + 'ACC_NONE' => USER_ACTIVATION_NONE, ); - if ($config['email_enable']) { - $radio_ary[USER_ACTIVATION_SELF] = 'ACC_USER'; - $radio_ary[USER_ACTIVATION_ADMIN] = 'ACC_ADMIN'; - } + $act_ary['ACC_USER'] = USER_ACTIVATION_SELF; + $act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN; + } + $act_options = ''; - $radio_text = h_radio('config[require_activation]', $radio_ary, $value, 'require_activation', $key, '<br />'); + foreach ($act_ary as $key => $value) + { + $selected = ($selected_value == $value) ? ' selected="selected"' : ''; + $act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>'; + } - return $radio_text; + return $act_options; } /** diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 1893eed14f..469a367bba 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -96,7 +96,7 @@ class acp_captcha } else if ($submit) { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING); + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } else { diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 193dd001c0..62bcd43a47 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -221,6 +221,7 @@ class acp_database case 'submit': $delete = request_var('delete', ''); $file = request_var('file', ''); + $download = request_var('download', ''); if (!preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches)) { @@ -247,10 +248,8 @@ class acp_database confirm_box(false, $user->lang['DELETE_SELECTED_BACKUP'], build_hidden_fields(array('delete' => $delete, 'file' => $file))); } } - else + else if ($download || confirm_box(true)) { - $download = request_var('download', ''); - if ($download) { $name = $matches[0]; @@ -411,6 +410,10 @@ class acp_database trigger_error($user->lang['RESTORE_SUCCESS'] . adm_back_link($this->u_action)); break; } + else if (!$download) + { + confirm_box(false, $user->lang['RESTORE_SELECTED_BACKUP'], build_hidden_fields(array('file' => $file))); + } default: $methods = array('sql'); diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index e98b7a19a5..df0d44c0c5 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -195,10 +195,7 @@ class acp_email $messenger->template('admin_send_email', $used_lang); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->subject(htmlspecialchars_decode($subject)); $messenger->set_mail_priority($priority); diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index c93cbc457f..f3f332d707 100644 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -118,10 +118,7 @@ class acp_inactive $messenger->to($row['user_email'], $row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($row['username'])) @@ -209,10 +206,7 @@ class acp_inactive $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($row['username']), diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index 598b390302..d560cdd0c5 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -919,6 +919,9 @@ class acp_language $default_lang_id = (int) $db->sql_fetchfield('lang_id'); $db->sql_freeresult($result); + // We want to notify the admin that custom profile fields need to be updated for the new language. + $notify_cpf_update = false; + // From the mysql documentation: // Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14. // Due to this we stay on the safe side if we do the insertion "the manual way" @@ -932,6 +935,7 @@ class acp_language { $row['lang_id'] = $lang_id; $db->sql_query('INSERT INTO ' . PROFILE_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row)); + $notify_cpf_update = true; } $db->sql_freeresult($result); @@ -944,12 +948,15 @@ class acp_language { $row['lang_id'] = $lang_id; $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row)); + $notify_cpf_update = true; } $db->sql_freeresult($result); add_log('admin', 'LOG_LANGUAGE_PACK_INSTALLED', $lang_pack['name']); - trigger_error(sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']) . adm_back_link($this->u_action)); + $message = sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']); + $message .= ($notify_cpf_update) ? '<br /><br />' . $user->lang['LANGUAGE_PACK_CPF_UPDATE'] : ''; + trigger_error($message . adm_back_link($this->u_action)); break; diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 6d1c02248a..c8df21f5a9 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -600,6 +600,17 @@ class acp_main $template->assign_var('S_WRITABLE_CONFIG', (bool) (@fileperms($phpbb_root_path . 'config.' . $phpEx) & 0x0002)); } + if (extension_loaded('mbstring')) + { + $template->assign_vars(array( + 'S_MBSTRING_LOADED' => true, + 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)), + 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0), + 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'), + 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'), + )); + } + // Fill dbms version if not yet filled if (empty($config['dbms_version'])) { diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 3bc8c86500..d7b0484af8 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -99,11 +99,11 @@ parse_css_file = {PARSE_CSS_FILE} $this->template_cfg .= ' # Some configuration options -# -# You can use this function to inherit templates from another template. -# The template of the given name has to be installed. -# Templates cannot inherit from inheriting templates. -#'; +# Template inheritance +# See http://blog.phpbb.com/2008/07/31/templating-just-got-easier/ +# Set value to empty or this template name to ignore template inheritance. +inherit_from = {INHERIT_FROM} +'; $this->imageset_keys = array( 'logos' => array( @@ -540,12 +540,14 @@ parse_css_file = {PARSE_CSS_FILE} global $user, $template, $db, $config, $phpbb_root_path, $phpEx; $sql_from = ''; + $sql_sort = 'LOWER(' . $mode . '_name)'; $style_count = array(); switch ($mode) { case 'style': $sql_from = STYLES_TABLE; + $sql_sort = 'style_active DESC, ' . $sql_sort; $sql = 'SELECT user_style, COUNT(user_style) AS style_count FROM ' . USERS_TABLE . ' @@ -571,6 +573,9 @@ parse_css_file = {PARSE_CSS_FILE} case 'imageset': $sql_from = STYLES_IMAGESET_TABLE; break; + + default: + trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING); } $l_prefix = strtoupper($mode); @@ -594,7 +599,8 @@ parse_css_file = {PARSE_CSS_FILE} ); $sql = "SELECT * - FROM $sql_from"; + FROM $sql_from + ORDER BY $sql_sort ASC"; $result = $db->sql_query($sql); $installed = array(); @@ -630,6 +636,8 @@ parse_css_file = {PARSE_CSS_FILE} 'NAME' => $row[$mode . '_name'], 'STYLE_COUNT' => ($mode == 'style' && isset($style_count[$row['style_id']])) ? $style_count[$row['style_id']] : 0, + + 'S_INACTIVE' => ($mode == 'style' && !$row['style_active']) ? true : false, ) ); } @@ -1634,6 +1642,13 @@ parse_css_file = {PARSE_CSS_FILE} trigger_error($user->lang['NO_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING); } + $s_only_component = $this->display_component_options($mode, $style_row[$mode . '_id'], $style_row); + + if ($s_only_component) + { + trigger_error($user->lang['ONLY_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING); + } + if ($update) { if ($mode == 'style') @@ -1678,8 +1693,6 @@ parse_css_file = {PARSE_CSS_FILE} trigger_error($user->lang[$message] . adm_back_link($this->u_action)); } - $this->display_component_options($mode, $style_row[$mode . '_id'], $style_row); - $this->page_title = 'DELETE_' . $l_prefix; $template->assign_vars(array( @@ -1765,11 +1778,14 @@ parse_css_file = {PARSE_CSS_FILE} /** * Display the options which can be used to replace a style/template/theme/imageset + * + * @return boolean Returns true if the component is the only component and can not be deleted. */ function display_component_options($component, $component_id, $style_row = false, $style_id = false) { global $db, $template, $user; + $is_only_component = true; $component_in_use = array(); if ($component != 'style') { @@ -1801,6 +1817,9 @@ parse_css_file = {PARSE_CSS_FILE} $s_options = ''; if (($component != 'style') && empty($component_in_use)) { + // If it is not in use, there must be another component + $is_only_component = false; + $sql = "SELECT {$component}_id, {$component}_name FROM $sql_from WHERE {$component}_id = {$component_id}"; @@ -1824,6 +1843,7 @@ parse_css_file = {PARSE_CSS_FILE} { if ($row[$component . '_id'] != $component_id) { + $is_only_component = false; $s_options .= '<option value="' . $row[$component . '_id'] . '">' . sprintf($user->lang['REPLACE_WITH_OPTION'], $row[$component . '_name']) . '</option>'; } else if ($component != 'style') @@ -1851,6 +1871,8 @@ parse_css_file = {PARSE_CSS_FILE} } } } + + return $is_only_component; } /** @@ -2025,9 +2047,7 @@ parse_css_file = {PARSE_CSS_FILE} // Export template core code if ($mode == 'template' || $inc_template) { - $template_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}'), array($mode, $style_row['template_name'], $style_row['template_copyright'], $config['version']), $this->template_cfg); - - $use_template_name = ''; + $use_template_name = $style_row['template_name']; // Add the inherit from variable, depending on it's use... if ($style_row['template_inherits_id']) @@ -2041,7 +2061,8 @@ parse_css_file = {PARSE_CSS_FILE} $db->sql_freeresult($result); } - $template_cfg .= ($use_template_name) ? "\ninherit_from = $use_template_name" : "\n#inherit_from = "; + $template_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}', '{INHERIT_FROM}'), array($mode, $style_row['template_name'], $style_row['template_copyright'], $config['version'], $use_template_name), $this->template_cfg); + $template_cfg .= "\n\nbbcode_bitfield = {$style_row['bbcode_bitfield']}"; $data[] = array( diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index abf1481000..363c900edc 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -348,10 +348,7 @@ class acp_users $messenger->to($user_row['user_email'], $user_row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), @@ -406,10 +403,7 @@ class acp_users $messenger->to($user_row['user_email'], $user_row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username'])) @@ -2345,47 +2339,62 @@ class acp_users } /** - * Optionset replacement for this module based on $user->optionset + * Set option bit field for user options in a user row array. + * + * Optionset replacement for this module based on $user->optionset. + * + * @param array $user_row Row from the users table. + * @param int $key Option key, as defined in $user->keyoptions property. + * @param bool $value True to set the option, false to clear the option. + * @param int $data Current bit field value, or false to use $user_row['user_options'] + * @return int|bool If $data is false, the bit field is modified and + * written back to $user_row['user_options'], and + * return value is true if the bit field changed and + * false otherwise. If $data is not false, the new + * bitfield value is returned. */ function optionset(&$user_row, $key, $value, $data = false) { global $user; - $var = ($data) ? $data : $user_row['user_options']; + $var = ($data !== false) ? $data : $user_row['user_options']; - if ($value && !($var & 1 << $user->keyoptions[$key])) - { - $var += 1 << $user->keyoptions[$key]; - } - else if (!$value && ($var & 1 << $user->keyoptions[$key])) - { - $var -= 1 << $user->keyoptions[$key]; - } - else - { - return ($data) ? $var : false; - } + $new_var = phpbb_optionset($user->keyoptions[$key], $value, $var); - if (!$data) + if ($data === false) { - $user_row['user_options'] = $var; - return true; + if ($new_var != $var) + { + $user_row['user_options'] = $new_var; + return true; + } + else + { + return false; + } } else { - return $var; + return $new_var; } } /** - * Optionget replacement for this module based on $user->optionget + * Get option bit field from user options in a user row array. + * + * Optionget replacement for this module based on $user->optionget. + * + * @param array $user_row Row from the users table. + * @param int $key option key, as defined in $user->keyoptions property. + * @param int $data bit field value to use, or false to use $user_row['user_options'] + * @return bool true if the option is set in the bit field, false otherwise */ function optionget(&$user_row, $key, $data = false) { global $user; - $var = ($data) ? $data : $user_row['user_options']; - return ($var & 1 << $user->keyoptions[$key]) ? true : false; + $var = ($data !== false) ? $data : $user_row['user_options']; + return phpbb_optionget($user->keyoptions[$key], $var); } } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 03b1102602..a0444ea594 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -25,7 +25,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.0.10-dev'); +define('PHPBB_VERSION', '3.0.11-dev'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index 9b45c085a2..230c9c8ed7 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -609,7 +609,7 @@ class dbal } } - $sql .= $this->_sql_custom_build('FROM', implode(', ', $table_array)); + $sql .= $this->_sql_custom_build('FROM', implode(' CROSS JOIN ', $table_array)); if (!empty($array['LEFT_JOIN'])) { @@ -662,12 +662,7 @@ class dbal // The DEBUG_EXTRA constant is for development only! if ((isset($auth) && $auth->acl_get('a_')) || defined('IN_INSTALL') || defined('DEBUG_EXTRA')) { - // Print out a nice backtrace... - $backtrace = get_backtrace(); - $message .= ($sql) ? '<br /><br />SQL<br /><br />' . htmlspecialchars($sql) : ''; - $message .= ($backtrace) ? '<br /><br />BACKTRACE<br />' . $backtrace : ''; - $message .= '<br />'; } else { diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8017c379f3..0320230a7d 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1880,7 +1880,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s */ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false) { - global $db, $tracking_topics, $user, $config; + global $db, $tracking_topics, $user, $config, $auth; // Determine the users last forum mark time if not given. if ($mark_time_forum === false) @@ -1903,6 +1903,10 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti } } + // Handle update of unapproved topics info. + // Only update for moderators having m_approve permission for the forum. + $sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1'; + // Check the forum for any left unread topics. // If there are none, we mark the forum as read. if ($config['load_db_lastread'] && $user->data['is_registered']) @@ -1918,7 +1922,8 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ') WHERE t.forum_id = ' . $forum_id . ' AND t.topic_last_post_time > ' . $mark_time_forum . ' - AND t.topic_moved_id = 0 + AND t.topic_moved_id = 0 ' . + $sql_update_unapproved . ' AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time) GROUP BY t.forum_id'; $result = $db->sql_query_limit($sql, 1); @@ -1938,11 +1943,12 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti } else { - $sql = 'SELECT topic_id - FROM ' . TOPICS_TABLE . ' - WHERE forum_id = ' . $forum_id . ' - AND topic_last_post_time > ' . $mark_time_forum . ' - AND topic_moved_id = 0'; + $sql = 'SELECT t.topic_id + FROM ' . TOPICS_TABLE . ' t + WHERE t.forum_id = ' . $forum_id . ' + AND t.topic_last_post_time > ' . $mark_time_forum . ' + AND t.topic_moved_id = 0 ' . + $sql_update_unapproved; $result = $db->sql_query($sql); $check_forum = $tracking_topics['tf'][$forum_id]; @@ -3316,6 +3322,11 @@ function parse_cfg_file($filename, $lines = false) $parsed_items[$key] = $value; } + + if (isset($parsed_items['inherit_from']) && isset($parsed_items['name']) && $parsed_items['inherit_from'] == $parsed_items['name']) + { + unset($parsed_items['inherit_from']); + } return $parsed_items; } @@ -3486,6 +3497,10 @@ function get_preg_expression($mode) $inline = ($mode == 'relative_url') ? ')' : ''; return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?"; break; + + case 'table_prefix': + return '#^[a-zA-Z][a-zA-Z0-9_]*$#'; + break; } return ''; @@ -3843,11 +3858,23 @@ function msg_handler($errno, $msg_text, $errfile, $errline) } } + $log_text = $msg_text; + $backtrace = get_backtrace(); + if ($backtrace) + { + $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace; + } + + if (defined('IN_INSTALL') || defined('DEBUG_EXTRA') || isset($auth) && $auth->acl_get('a_')) + { + $msg_text = $log_text; + } + if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) { // let's avoid loops $db->sql_return_on_error(true); - add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $msg_text); + add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text); $db->sql_return_on_error(false); } @@ -4368,7 +4395,7 @@ function phpbb_http_login($param) */ function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum') { - global $db, $config, $template, $SID, $_SID, $user, $auth, $phpEx, $phpbb_root_path; + global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; if (defined('HEADER_INC')) { @@ -4521,6 +4548,15 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $s_search_hidden_fields['sid'] = $_SID; } + if (!empty($_EXTRA_URL)) + { + foreach ($_EXTRA_URL as $url_param) + { + $url_param = explode('=', $url_param, 2); + $s_search_hidden_fields[$url_param[0]] = $url_param[1]; + } + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4612,11 +4648,11 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), - 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', - 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', - 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', - 'T_IMAGESET_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset', - 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->lang_name, + 'T_THEME_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme', + 'T_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template', + 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . rawurlencode($user->theme['template_inherit_path']) . '/template' : "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template', + 'T_IMAGESET_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset', + 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['imageset_path']) . '/imageset/' . $user->lang_name, 'T_IMAGES_PATH' => "{$web_path}images/", 'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/", 'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/", @@ -4624,13 +4660,13 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->lang_name), + 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->lang_name), 'T_STYLESHEET_NAME' => $user->theme['theme_name'], - 'T_THEME_NAME' => $user->theme['theme_path'], - 'T_TEMPLATE_NAME' => $user->theme['template_path'], - 'T_SUPER_TEMPLATE_NAME' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path'], - 'T_IMAGESET_NAME' => $user->theme['imageset_path'], + 'T_THEME_NAME' => rawurlencode($user->theme['theme_path']), + 'T_TEMPLATE_NAME' => rawurlencode($user->theme['template_path']), + 'T_SUPER_TEMPLATE_NAME' => rawurlencode((isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path']), + 'T_IMAGESET_NAME' => rawurlencode($user->theme['imageset_path']), 'T_IMAGESET_LANG_NAME' => $user->data['user_lang'], 'T_IMAGES' => 'images', 'T_SMILIES' => $config['smilies_path'], diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 513b7a68b2..0e1a11b4aa 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2294,41 +2294,6 @@ function auto_prune($forum_id, $prune_mode, $prune_flags, $prune_days, $prune_fr } /** -* remove_comments will strip the sql comment lines out of an uploaded sql file -* specifically for mssql and postgres type files in the install.... -*/ -function remove_comments(&$output) -{ - $lines = explode("\n", $output); - $output = ''; - - // try to keep mem. use down - $linecount = sizeof($lines); - - $in_comment = false; - for ($i = 0; $i < $linecount; $i++) - { - if (trim($lines[$i]) == '/*') - { - $in_comment = true; - } - - if (!$in_comment) - { - $output .= $lines[$i] . "\n"; - } - - if (trim($lines[$i]) == '*/') - { - $in_comment = false; - } - } - - unset($lines); - return $output; -} - -/** * Cache moderators, called whenever permissions are changed via admin_permissions. Changes of username * and group names must be carried through for the moderators table */ @@ -2609,7 +2574,11 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $db->sql_freeresult($result); } - if ($log_count == 0) + // $log_count may be false here if false was passed in for it, + // because in this case we did not run the COUNT() query above. + // If we ran the COUNT() query and it returned zero rows, return; + // otherwise query for logs below. + if ($log_count === 0) { // Save the queries, because there are no logs to display return 0; diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 4a359dcade..3b26f417e9 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -424,7 +424,8 @@ function import_avatar_gallery($gallery_name = '', $subdirs_as_galleries = false $relative_path = empty($convert->convertor['source_path_absolute']); - if (empty($convert->convertor['avatar_gallery_path'])) + // check for trailing slash + if (rtrim($convert->convertor['avatar_gallery_path'], '/') === '') { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_GALLERY_PATH'], 'import_avatar_gallery()'), __LINE__, __FILE__); } @@ -588,7 +589,8 @@ function import_attachment($source, $use_target = false) global $convert, $phpbb_root_path, $config, $user; - if (empty($convert->convertor['upload_path'])) + // check for trailing slash + if (rtrim($convert->convertor['upload_path'], '/') === '') { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_UPLOAD_DIR'], 'import_attachment()'), __LINE__, __FILE__); } @@ -647,7 +649,8 @@ function import_smiley($source, $use_target = false) global $convert, $phpbb_root_path, $config, $user; - if (!isset($convert->convertor['smilies_path'])) + // check for trailing slash + if (rtrim($convert->convertor['smilies_path'], '/') === '') { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_SMILIES_PATH'], 'import_smiley()'), __LINE__, __FILE__); } @@ -667,7 +670,8 @@ function import_avatar($source, $use_target = false, $user_id = false) global $convert, $phpbb_root_path, $config, $user; - if (!isset($convert->convertor['avatar_path'])) + // check for trailing slash + if (rtrim($convert->convertor['avatar_path'], '/') === '') { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_AVATAR_PATH'], 'import_avatar()'), __LINE__, __FILE__); } diff --git a/phpBB/includes/functions_install.php b/phpBB/includes/functions_install.php index 2c640e0999..6caa5c943f 100644 --- a/phpBB/includes/functions_install.php +++ b/phpBB/includes/functions_install.php @@ -50,7 +50,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'firebird', 'MODULE' => 'interbase', 'DELIM' => ';;', - 'COMMENTS' => 'remove_remarks', 'DRIVER' => 'firebird', 'AVAILABLE' => true, '2.0.x' => false, @@ -60,7 +59,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'mysql_41', 'MODULE' => 'mysqli', 'DELIM' => ';', - 'COMMENTS' => 'remove_remarks', 'DRIVER' => 'mysqli', 'AVAILABLE' => true, '2.0.x' => true, @@ -70,7 +68,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'mysql', 'MODULE' => 'mysql', 'DELIM' => ';', - 'COMMENTS' => 'remove_remarks', 'DRIVER' => 'mysql', 'AVAILABLE' => true, '2.0.x' => true, @@ -80,7 +77,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'mssql', 'MODULE' => 'mssql', 'DELIM' => 'GO', - 'COMMENTS' => 'remove_comments', 'DRIVER' => 'mssql', 'AVAILABLE' => true, '2.0.x' => true, @@ -90,7 +86,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'mssql', 'MODULE' => 'odbc', 'DELIM' => 'GO', - 'COMMENTS' => 'remove_comments', 'DRIVER' => 'mssql_odbc', 'AVAILABLE' => true, '2.0.x' => true, @@ -100,7 +95,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'mssql', 'MODULE' => 'sqlsrv', 'DELIM' => 'GO', - 'COMMENTS' => 'remove_comments', 'DRIVER' => 'mssqlnative', 'AVAILABLE' => true, '2.0.x' => false, @@ -110,7 +104,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'oracle', 'MODULE' => 'oci8', 'DELIM' => '/', - 'COMMENTS' => 'remove_comments', 'DRIVER' => 'oracle', 'AVAILABLE' => true, '2.0.x' => false, @@ -120,7 +113,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'postgres', 'MODULE' => 'pgsql', 'DELIM' => ';', - 'COMMENTS' => 'remove_comments', 'DRIVER' => 'postgres', 'AVAILABLE' => true, '2.0.x' => true, @@ -130,7 +122,6 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'SCHEMA' => 'sqlite', 'MODULE' => 'sqlite', 'DELIM' => ';', - 'COMMENTS' => 'remove_remarks', 'DRIVER' => 'sqlite', 'AVAILABLE' => true, '2.0.x' => false, @@ -473,11 +464,17 @@ function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix, } /** -* remove_remarks will strip the sql comment lines out of an uploaded sql file +* Removes comments from schema files */ -function remove_remarks(&$sql) +function remove_comments($sql) { + // Remove /* */ comments (http://ostermiller.org/findcomment.html) + $sql = preg_replace('#/\*(.|[\r\n])*?\*/#', "\n", $sql); + + // Remove # style comments $sql = preg_replace('/\n{2,}/', "\n", preg_replace('/^#.*$/m', "\n", $sql)); + + return $sql; } /** diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 08c686d9e3..6549693333 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -163,6 +163,22 @@ class messenger } /** + * Adds X-AntiAbuse headers + * + * @param array $config Configuration array + * @param user $user A user object + * + * @return null + */ + function anti_abuse_headers($config, $user) + { + $this->headers('X-AntiAbuse: Board servername - ' . mail_encode($config['server_name'])); + $this->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $this->headers('X-AntiAbuse: Username - ' . mail_encode($user->data['username'])); + $this->headers('X-AntiAbuse: User IP - ' . $user->ip); + } + + /** * Set the email priority */ function set_mail_priority($priority = MAIL_NORMAL_PRIORITY) @@ -552,7 +568,7 @@ class messenger if (!$use_queue) { include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx); - $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']); + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']); if (!$this->jabber->connect()) { @@ -753,7 +769,7 @@ class queue } include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx); - $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']); + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']); if (!$this->jabber->connect()) { @@ -1006,7 +1022,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false) } // Let me in. This function handles the complete authentication process - if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], $config['smtp_password'], $config['smtp_auth_method'])) + if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password']), $config['smtp_auth_method'])) { $smtp->close_session($err_msg); return false; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a641afbaed..77d92e26e2 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1870,9 +1870,9 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u case 'edit_topic': case 'edit_first_post': - if (isset($poll['poll_options']) && !empty($poll['poll_options'])) + if (isset($poll['poll_options'])) { - $poll_start = ($poll['poll_start']) ? $poll['poll_start'] : $current_time; + $poll_start = ($poll['poll_start'] || empty($poll['poll_options'])) ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { @@ -2075,11 +2075,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } // Update Poll Tables - if (isset($poll['poll_options']) && !empty($poll['poll_options'])) + if (isset($poll['poll_options'])) { $cur_poll_options = array(); - if ($poll['poll_start'] && $mode == 'edit') + if ($mode == 'edit') { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . ' diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 4c34bc92ca..c40ceb088f 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -1607,7 +1607,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) // Send Notifications if ($mode != 'edit') { - pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message']); + pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message'], $data['msg_id']); } return $data['msg_id']; @@ -1616,7 +1616,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) /** * PM Notification */ -function pm_notification($mode, $author, $recipients, $subject, $message) +function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; @@ -1688,8 +1688,9 @@ function pm_notification($mode, $author, $recipients, $subject, $message) 'AUTHOR_NAME' => htmlspecialchars_decode($author), 'USERNAME' => htmlspecialchars_decode($addr['name']), - 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox") - ); + 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox", + 'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=view&p=$msg_id", + )); $messenger->send($addr['method']); } diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index c419da5574..764461fa53 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -216,6 +216,7 @@ class mcp_queue 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], + 'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id), 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '', )); @@ -778,6 +779,8 @@ function disapprove_post($post_id_list, $id, $mode) if (!$row || (!$reason && strtolower($row['reason_title']) == 'other')) { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; + unset($_REQUEST['confirm_key']); + unset($_POST['confirm_key']); unset($_POST['confirm']); } else diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 39d9fbd4af..def5422be2 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -148,6 +148,7 @@ class mcp_reports $message = bbcode_nl2br($message); $message = smiley_text($message); + $report['report_text'] = make_clickable(bbcode_nl2br($report['report_text'])); if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) { diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index caadcbafaa..a894242a39 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1507,7 +1507,6 @@ class user extends session // Able to add new options (up to id 31) var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17); - var $keyvalues = array(); /** * Constructor to set the lang path @@ -2337,47 +2336,51 @@ class user extends session } /** - * Get option bit field from user options + * Get option bit field from user options. + * + * @param int $key option key, as defined in $keyoptions property. + * @param int $data bit field value to use, or false to use $this->data['user_options'] + * @return bool true if the option is set in the bit field, false otherwise */ function optionget($key, $data = false) { - if (!isset($this->keyvalues[$key])) - { - $var = ($data) ? $data : $this->data['user_options']; - $this->keyvalues[$key] = ($var & 1 << $this->keyoptions[$key]) ? true : false; - } - - return $this->keyvalues[$key]; + $var = ($data !== false) ? $data : $this->data['user_options']; + return phpbb_optionget($this->keyoptions[$key], $var); } /** - * Set option bit field for user options + * Set option bit field for user options. + * + * @param int $key Option key, as defined in $keyoptions property. + * @param bool $value True to set the option, false to clear the option. + * @param int $data Current bit field value, or false to use $this->data['user_options'] + * @return int|bool If $data is false, the bit field is modified and + * written back to $this->data['user_options'], and + * return value is true if the bit field changed and + * false otherwise. If $data is not false, the new + * bitfield value is returned. */ function optionset($key, $value, $data = false) { - $var = ($data) ? $data : $this->data['user_options']; + $var = ($data !== false) ? $data : $this->data['user_options']; - if ($value && !($var & 1 << $this->keyoptions[$key])) - { - $var += 1 << $this->keyoptions[$key]; - } - else if (!$value && ($var & 1 << $this->keyoptions[$key])) - { - $var -= 1 << $this->keyoptions[$key]; - } - else - { - return ($data) ? $var : false; - } + $new_var = phpbb_optionset($this->keyoptions[$key], $value, $var); - if (!$data) + if ($data === false) { - $this->data['user_options'] = $var; - return true; + if ($new_var != $var) + { + $this->data['user_options'] = $new_var; + return true; + } + else + { + return false; + } } else { - return $var; + return $new_var; } } diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index b00c1b9f52..82c1937919 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -117,10 +117,7 @@ class ucp_activate $messenger->to($user_row['user_email'], $user_row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username'])) diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index c675928a5b..447b6ebe87 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -243,7 +243,7 @@ class ucp_pm $num_not_moved = $num_removed = 0; $release = request_var('release', 0); - if ($user->data['user_new_privmsg'] && $action == 'view_folder') + if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) { $return = place_pm_into_folder($global_privmsgs_rules, $release); $num_not_moved = $return['not_moved']; diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index c099e3b3fa..d35d13b6c1 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -78,14 +78,14 @@ class ucp_profile $error = validate_data($data, $check_ary); - if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) + if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) { - $error[] = 'NEW_PASSWORD_ERROR'; + $error[] = ($data['email_confirm']) ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY'; } - if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && !phpbb_check_hash($data['cur_password'], $user->data['user_password'])) + if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) { - $error[] = 'CUR_PASSWORD_ERROR'; + $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY'; } // Only check the new password against the previous password if there have been no errors @@ -94,9 +94,9 @@ class ucp_profile $error[] = 'SAME_PASSWORD_ERROR'; } - if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) + if (!phpbb_check_hash($data['cur_password'], $user->data['user_password'])) { - $error[] = 'NEW_EMAIL_ERROR'; + $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY'; } if (!check_form_key('ucp_reg_details')) @@ -150,10 +150,7 @@ class ucp_profile $messenger->to($data['email'], $data['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 13b9945851..6ad3a55589 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -155,8 +155,8 @@ class ucp_register $this->tpl_name = 'ucp_agreement'; return; } - - + + // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { @@ -165,24 +165,8 @@ class ucp_register $captcha->init(CONFIRM_REG); } - // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 - $timezone = date('Z') / 3600; - $is_dst = date('I'); - - if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1)) - { - $timezone = ($is_dst) ? $timezone - 1 : $timezone; - - if (!isset($user->lang['tz_zones'][(string) $timezone])) - { - $timezone = $config['board_timezone']; - } - } - else - { - $is_dst = $config['board_dst']; - $timezone = $config['board_timezone']; - } + $is_dst = $config['board_dst']; + $timezone = $config['board_timezone']; $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), @@ -366,10 +350,7 @@ class ucp_register $messenger->to($data['email'], $data['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 39e9be24a1..4d181dba49 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -94,10 +94,7 @@ class ucp_resend $messenger->template(($coppa) ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), @@ -133,10 +130,7 @@ class ucp_resend $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); - $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); - $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); - $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); - $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username']), |