diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_logs.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 38 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_queue.php | 45 |
3 files changed, 78 insertions, 7 deletions
diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index 8c3fb66a70..f9bb35791c 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -151,7 +151,7 @@ class acp_logs { $data = array(); - $checks = array('viewtopic', 'viewlogs', 'viewforum'); + $checks = array('viewpost', 'viewtopic', 'viewlogs', 'viewforum'); foreach ($checks as $check) { if (isset($row[$check]) && $row[$check]) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4aae84705b..292036d5a8 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -66,23 +66,29 @@ function set_var(&$result, $var, $type, $multibyte = false) /** * Generates an alphanumeric random string of given length * +* @param int $num_chars Length of random string, defaults to 8. +* This number should be less or equal than 64. +* * @return string */ function gen_rand_string($num_chars = 8) { // [a, z] + [0, 9] = 36 - return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars); + return substr(strtoupper(base_convert(bin2hex(random_bytes($num_chars + 1)), 16, 36)), 0, $num_chars); } /** * Generates a user-friendly alphanumeric random string of given length * We remove 0 and O so users cannot confuse those in passwords etc. * +* @param int $num_chars Length of random string, defaults to 8. +* This number should be less or equal than 64. +* * @return string */ function gen_rand_string_friendly($num_chars = 8) { - $rand_str = unique_id(); + $rand_str = bin2hex(random_bytes($num_chars + 1)); // Remove Z and Y from the base_convert(), replace 0 with Z and O with Y // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34 @@ -2463,7 +2469,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields = build_hidden_fields($s_hidden_fields); - $template->assign_vars(array( + $login_box_template_data = array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, @@ -2471,6 +2477,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), + 'UA_PRIVACY' => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy')), 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, @@ -2480,7 +2487,29 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa 'USERNAME_CREDENTIAL' => 'username', 'PASSWORD_CREDENTIAL' => ($admin) ? 'password_' . $credential : 'password', - )); + ); + + /** + * Event to add/modify login box template data + * + * @event core.login_box_modify_template_data + * @var int admin Flag whether user is admin + * @var string username User name + * @var int autologin Flag whether autologin is enabled + * @var string redirect Redirect URL + * @var array login_box_template_data Array with the login box template data + * @since 3.2.3-RC2 + */ + $vars = array( + 'admin', + 'username', + 'autologin', + 'redirect', + 'login_box_template_data', + ); + extract($phpbb_dispatcher->trigger_event('core.login_box_modify_template_data', compact($vars))); + + $template->assign_vars($login_box_template_data); page_header($user->lang['LOGIN']); @@ -4404,6 +4433,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'U_TEAM' => ($user->data['user_id'] != ANONYMOUS && !$auth->acl_get('u_viewprofile')) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=team'), 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), + 'UA_PRIVACY' => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy')), 'U_RESTORE_PERMISSIONS' => ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=restore_perm') : '', 'U_FEED' => $controller_helper->route('phpbb_feed_index'), diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 2e0a1cf9e6..4f1f9bb990 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -501,6 +501,29 @@ class mcp_queue AND t.topic_id = p.topic_id AND u.user_id = p.poster_id ORDER BY ' . $sort_order_sql; + + /** + * Alter sql query to get information on all posts in queue + * + * @event core.mcp_queue_get_posts_for_posts_query_before + * @var string sql String with the query to be executed + * @var array forum_list List of forums that contain the posts + * @var int visibility_const Integer with one of the possible ITEM_* constant values + * @var int topic_id topic_id in the page request + * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) + * @var string sort_order_sql String with the ORDER BY SQL code used in this query + * @since 3.2.3-RC2 + */ + $vars = array( + 'sql', + 'forum_list', + 'visibility_const', + 'topic_id', + 'limit_time_sql', + 'sort_order_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_for_posts_query_before', compact($vars))); + $result = $db->sql_query($sql); $post_data = $rowset = array(); @@ -588,7 +611,7 @@ class mcp_queue $row['post_username'] = $row['username'] ?: $user->lang['GUEST']; } - $template->assign_block_vars('postrow', array( + $post_row = array( 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), @@ -606,7 +629,25 @@ class mcp_queue 'TOPIC_TITLE' => $row['topic_title'], 'POST_TIME' => $user->format_date($row['post_time']), 'S_HAS_ATTACHMENTS' => $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment'], - )); + ); + + /** + * Alter sql query to get information on all topics in the list of forums provided. + * + * @event core.mcp_queue_get_posts_modify_post_row + * @var array post_row Template variables for current post + * @var array row Post data + * @var array forum_names Forum names + * @since 3.2.3-RC2 + */ + $vars = array( + 'post_row', + 'row', + 'forum_names', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_queue_get_posts_modify_post_row', compact($vars))); + + $template->assign_block_vars('postrow', $post_row); } unset($rowset, $forum_names); |