diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_main.php | 18 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_update.php | 60 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 41 | ||||
| -rw-r--r-- | phpBB/includes/functions_module.php | 25 |
6 files changed, 74 insertions, 92 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 10fbde8c9b..2c0eb95cd5 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -28,7 +28,7 @@ class acp_board { global $db, $user, $auth, $template; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; - global $cache, $phpbb_container; + global $cache, $phpbb_container, $phpbb_dispatcher; $user->add_lang('acp/board'); @@ -456,6 +456,18 @@ class acp_board break; } + /** + * Event to add and/or modify acp_board configurations + * + * @event core.acp_board_config_edit_add + * @var array display_vars Array of config values to display and process + * @var string mode Mode of the config page we are displaying + * @var boolean submit Do we display the form or process the submission + * @since 3.1.0-a4 + */ + $vars = array('display_vars', 'mode', 'submit'); + extract($phpbb_dispatcher->trigger_event('core.acp_board_config_edit_add', compact($vars))); + if (isset($display_vars['lang'])) { $user->add_lang($display_vars['lang']); diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index f01cba0bcc..fd45027b49 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -25,7 +25,7 @@ class acp_main function main($id, $mode) { global $config, $db, $cache, $user, $auth, $template, $request; - global $phpbb_root_path, $phpbb_admin_path, $phpEx; + global $phpbb_root_path, $phpbb_admin_path, $phpEx, $phpbb_container; // Show restore permissions notice if ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) @@ -432,17 +432,19 @@ class acp_main )); } - $latest_version_info = false; - if (($latest_version_info = obtain_latest_version_info(request_var('versioncheck_force', false))) === false) + $version_helper = $phpbb_container->get('version_helper'); + try { - $template->assign_var('S_VERSIONCHECK_FAIL', true); + $recheck = $request->variable('versioncheck_force', false); + $updates_available = $version_helper->get_suggested_updates($recheck); + + $template->assign_var('S_VERSION_UP_TO_DATE', empty($updates_available)); } - else + catch (\RuntimeException $e) { - $latest_version_info = explode("\n", $latest_version_info); - $template->assign_vars(array( - 'S_VERSION_UP_TO_DATE' => phpbb_version_compare(trim($latest_version_info[0]), $config['version'], '<='), + 'S_VERSIONCHECK_FAIL' => true, + 'VERSIONCHECK_FAIL_REASON' => ($e->getMessage() !== $user->lang('VERSIONCHECK_FAIL')) ? $e->getMessage() : '', )); } diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php index 6b5407067d..e50409bd37 100644 --- a/phpBB/includes/acp/acp_update.php +++ b/phpBB/includes/acp/acp_update.php @@ -24,64 +24,42 @@ class acp_update function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; - global $phpbb_root_path, $phpbb_admin_path, $phpEx; + global $config, $user, $template, $request; + global $phpbb_root_path, $phpEx, $phpbb_container; $user->add_lang('install'); $this->tpl_name = 'acp_update'; $this->page_title = 'ACP_VERSION_CHECK'; - // Get current and latest version - $errstr = ''; - $errno = 0; - - $info = obtain_latest_version_info(request_var('versioncheck_force', false)); - - if (empty($info)) + $version_helper = $phpbb_container->get('version_helper'); + try { - trigger_error('VERSIONCHECK_FAIL', E_USER_WARNING); + $recheck = $request->variable('versioncheck_force', false); + $updates_available = $version_helper->get_suggested_updates($recheck); } + catch (\RuntimeException $e) + { + $template->assign_var('S_VERSIONCHECK_FAIL', true); - $info = explode("\n", $info); - $latest_version = trim($info[0]); - - $announcement_url = trim($info[1]); - $announcement_url = (strpos($announcement_url, '&') === false) ? str_replace('&', '&', $announcement_url) : $announcement_url; - $update_link = append_sid($phpbb_root_path . 'install/index.' . $phpEx, 'mode=update'); + $updates_available = array(); + } - // next feature release - $next_feature_version = $next_feature_announcement_url = false; - if (isset($info[2]) && trim($info[2]) !== '') + foreach ($updates_available as $branch => $version_data) { - $next_feature_version = trim($info[2]); - $next_feature_announcement_url = trim($info[3]); + $template->assign_block_vars('updates_available', $version_data); } - // Determine automatic update... - $sql = 'SELECT config_value - FROM ' . CONFIG_TABLE . " - WHERE config_name = 'version_update_from'"; - $result = $db->sql_query($sql); - $version_update_from = (string) $db->sql_fetchfield('config_value'); - $db->sql_freeresult($result); - - $current_version = (!empty($version_update_from)) ? $version_update_from : $config['version']; + $update_link = append_sid($phpbb_root_path . 'install/index.' . $phpEx, 'mode=update'); $template->assign_vars(array( - 'S_UP_TO_DATE' => phpbb_version_compare($latest_version, $config['version'], '<='), - 'S_UP_TO_DATE_AUTO' => phpbb_version_compare($latest_version, $current_version, '<='), - 'S_VERSION_CHECK' => true, - 'U_ACTION' => $this->u_action, - 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), + 'S_UP_TO_DATE' => empty($updates_available), + 'U_ACTION' => $this->u_action, + 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), - 'LATEST_VERSION' => $latest_version, - 'CURRENT_VERSION' => $config['version'], - 'AUTO_VERSION' => $version_update_from, - 'NEXT_FEATURE_VERSION' => $next_feature_version, + 'CURRENT_VERSION' => $config['version'], - 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $announcement_url, $update_link), - 'UPGRADE_INSTRUCTIONS' => $next_feature_version ? $user->lang('UPGRADE_INSTRUCTIONS', $next_feature_version, $next_feature_announcement_url) : false, + 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $update_link), )); } } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 5e5f508b6b..ebd676b17a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3123,7 +3123,7 @@ function parse_cfg_file($filename, $lines = false) } // Determine first occurrence, since in values the equal sign is allowed - $key = strtolower(trim(substr($line, 0, $delim_pos))); + $key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos)))); $value = trim(substr($line, $delim_pos + 1)); if (in_array($value, array('off', 'false', '0'))) @@ -3140,7 +3140,11 @@ function parse_cfg_file($filename, $lines = false) } else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"')) { - $value = substr($value, 1, sizeof($value)-2); + $value = htmlspecialchars(substr($value, 1, sizeof($value)-2)); + } + else + { + $value = htmlspecialchars($value); } $parsed_items[$key] = $value; diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 0e28b48d8a..b31b268db7 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3041,7 +3041,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port return $file_info; } -/** +/* * Tidy Warnings * Remove all warnings which have now expired from the database * The duration of a warning can be defined by the administrator @@ -3151,45 +3151,6 @@ function add_permission_language() } /** - * Obtains the latest version information - * - * @param bool $force_update Ignores cached data. Defaults to false. - * @param bool $warn_fail Trigger a warning if obtaining the latest version information fails. Defaults to false. - * @param int $ttl Cache version information for $ttl seconds. Defaults to 86400 (24 hours). - * - * @return string | false Version info on success, false on failure. - */ -function obtain_latest_version_info($force_update = false, $warn_fail = false, $ttl = 86400) -{ - global $cache; - - $info = $cache->get('versioncheck'); - - if ($info === false || $force_update) - { - $errstr = ''; - $errno = 0; - - $info = get_remote_file('version.phpbb.com', '/phpbb', - ((defined('PHPBB_QA')) ? '30x_qa.txt' : '30x.txt'), $errstr, $errno); - - if (empty($info)) - { - $cache->destroy('versioncheck'); - if ($warn_fail) - { - trigger_error($errstr, E_USER_WARNING); - } - return false; - } - - $cache->put('versioncheck', $info, $ttl); - } - - return $info; -} - -/** * Enables a particular flag in a bitfield column of a given table. * * @param string $table_name The table to update diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index dca010518b..e043883145 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -125,8 +125,17 @@ class p_master // Clean up module cache array to only let survive modules the user can access $right_id = false; + + $hide_categories = array(); foreach ($this->module_cache['modules'] as $key => $row) { + // When the module has no mode (category) we check whether it has visible children + // before listing it as well. + if (!$row['module_mode']) + { + $hide_categories[(int) $row['module_id']] = $key; + } + // Not allowed to view module? if (!$this->module_auth_self($row['module_auth'])) { @@ -161,6 +170,22 @@ class p_master $right_id = $row['right_id']; continue; } + + if ($row['module_mode']) + { + // The parent category has a visible child + // So remove it and all its parents from the hide array + unset($hide_categories[(int) $row['parent_id']]); + foreach ($this->module_cache['parents'][$row['module_id']] as $module_id => $row_id) + { + unset($hide_categories[$module_id]); + } + } + } + + foreach ($hide_categories as $module_id => $row_id) + { + unset($this->module_cache['modules'][$row_id]); } // Re-index (this is needed, else we are not able to array_slice later) |