diff options
Diffstat (limited to 'phpBB/includes')
43 files changed, 1015 insertions, 179 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 2873b48fa4..67fba1094d 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -153,7 +153,7 @@ class acp_attachments 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), - 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'path', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), + 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'absolute_path', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), ) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 63e2647f02..4a1c74fd77 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -500,7 +500,7 @@ class acp_board } // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... - foreach ($display_vars['vars'] as $config_name => $null) + foreach ($display_vars['vars'] as $config_name => $data) { if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) { @@ -514,7 +514,8 @@ class acp_board if ($config_name == 'guest_style') { - if (isset($cfg_array[$config_name])) { + if (isset($cfg_array[$config_name])) + { $this->guest_style_set($cfg_array[$config_name]); } continue; @@ -531,6 +532,13 @@ class acp_board if ($submit) { + if (strpos($data['type'], 'password') === 0 && $config_value === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } set_config($config_name, $config_value); if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable'])) @@ -559,6 +567,7 @@ class acp_board $old_auth_config = array(); foreach ($auth_providers as $provider) { + /** @var \phpbb\auth\provider\provider_interface $provider */ if ($fields = $provider->acp()) { // Check if we need to create config fields for this plugin and save config when submit was pressed @@ -574,6 +583,14 @@ class acp_board continue; } + if (substr($field, -9) === '_password' && $cfg_array[$field] === '********') + { + // Do not update password fields if the content is ********, + // because that is the password replacement we use to not + // send the password to the output + continue; + } + $old_auth_config[$field] = $this->new_config[$field]; $config_value = $cfg_array[$field]; $this->new_config[$field] = $config_value; diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 0c52f82459..9666ac5b6e 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -1173,6 +1173,7 @@ class postgres_extractor extends base_extractor $this->flush($sql_data . ";\n"); } } + $db->sql_freeresult($result); $sql_data = '-- Table: ' . $table_name . "\n"; $sql_data .= "DROP TABLE $table_name;\n"; @@ -1557,7 +1558,7 @@ class mssql_extractor extends base_extractor { $this->write_data_mssql($table_name); } - else if($db->get_sql_layer() === 'mssqlnative') + else if ($db->get_sql_layer() === 'mssqlnative') { $this->write_data_mssqlnative($table_name); } diff --git a/phpBB/includes/acp/acp_extensions.php b/phpBB/includes/acp/acp_extensions.php index 89fdc8b863..a3849d8ba1 100644 --- a/phpBB/includes/acp/acp_extensions.php +++ b/phpBB/includes/acp/acp_extensions.php @@ -76,7 +76,7 @@ class acp_extensions { $md_manager->get_metadata('all'); } - catch(\phpbb\extension\exception $e) + catch (\phpbb\extension\exception $e) { trigger_error($e, E_USER_WARNING); } @@ -174,11 +174,6 @@ class acp_extensions trigger_error($user->lang['EXTENSION_NOT_ENABLEABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } - if ($phpbb_extension_manager->is_enabled($ext_name)) - { - redirect($this->u_action); - } - try { while ($phpbb_extension_manager->enable_step($ext_name)) @@ -357,7 +352,7 @@ class acp_extensions $enabled_extension_meta_data[$name]['S_VERSIONCHECK'] = true; $enabled_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name')); } - catch(\phpbb\extension\exception $e) + catch (\phpbb\extension\exception $e) { $this->template->assign_block_vars('disabled', array( 'META_DISPLAY_NAME' => $this->user->lang('EXTENSION_INVALID_LIST', $name, $e), @@ -374,6 +369,7 @@ class acp_extensions foreach ($enabled_extension_meta_data as $name => $block_vars) { + $block_vars['NAME'] = $name; $block_vars['U_DETAILS'] = $this->u_action . '&action=details&ext_name=' . urlencode($name); $this->template->assign_block_vars('enabled', $block_vars); @@ -413,7 +409,7 @@ class acp_extensions $disabled_extension_meta_data[$name]['S_VERSIONCHECK'] = true; $disabled_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name')); } - catch(\phpbb\extension\exception $e) + catch (\phpbb\extension\exception $e) { $this->template->assign_block_vars('disabled', array( 'META_DISPLAY_NAME' => $this->user->lang('EXTENSION_INVALID_LIST', $name, $e), @@ -430,6 +426,7 @@ class acp_extensions foreach ($disabled_extension_meta_data as $name => $block_vars) { + $block_vars['NAME'] = $name; $block_vars['U_DETAILS'] = $this->u_action . '&action=details&ext_name=' . urlencode($name); $this->template->assign_block_vars('disabled', $block_vars); @@ -472,7 +469,7 @@ class acp_extensions $available_extension_meta_data[$name]['S_VERSIONCHECK'] = true; $available_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name')); } - catch(\phpbb\extension\exception $e) + catch (\phpbb\extension\exception $e) { $this->template->assign_block_vars('disabled', array( 'META_DISPLAY_NAME' => $this->user->lang('EXTENSION_INVALID_LIST', $name, $e), @@ -489,6 +486,7 @@ class acp_extensions foreach ($available_extension_meta_data as $name => $block_vars) { + $block_vars['NAME'] = $name; $block_vars['U_DETAILS'] = $this->u_action . '&action=details&ext_name=' . urlencode($name); $this->template->assign_block_vars('disabled', $block_vars); diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index adf5de44f5..7e664c6263 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1786,7 +1786,7 @@ class acp_forums */ function delete_forum_content($forum_id) { - global $db, $config, $phpbb_root_path, $phpEx; + global $db, $config, $phpbb_root_path, $phpEx, $phpbb_dispatcher; include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); @@ -1918,6 +1918,24 @@ class acp_forums $table_ary = array(FORUMS_ACCESS_TABLE, FORUMS_TRACK_TABLE, FORUMS_WATCH_TABLE, LOG_TABLE, MODERATOR_CACHE_TABLE, POSTS_TABLE, TOPICS_TABLE, TOPICS_TRACK_TABLE); + /** + * Perform additional actions before forum content deletion + * + * @event core.delete_forum_content_before_query + * @var array table_ary Array of tables from which all rows will be deleted that hold the forum_id + * @var int forum_id the forum id + * @var array topic_ids Array of the topic ids from the forum to be deleted + * @var array post_counts Array of counts of posts in the forum, by poster_id + * @since 3.1.6-RC1 + */ + $vars = array( + 'table_ary', + 'forum_id', + 'topic_ids', + 'post_counts', + ); + extract($phpbb_dispatcher->trigger_event('core.delete_forum_content_before_query', compact($vars))); + foreach ($table_ary as $table) { $db->sql_query("DELETE FROM $table WHERE forum_id = $forum_id"); diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index 8d2e9d41a3..284543acd3 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -107,7 +107,10 @@ class acp_jabber set_config('jab_host', $jab_host); set_config('jab_port', $jab_port); set_config('jab_username', $jab_username); - set_config('jab_password', $jab_password); + if ($jab_password !== '********') + { + set_config('jab_password', $jab_password); + } set_config('jab_package_size', $jab_package_size); set_config('jab_use_ssl', $jab_use_ssl); @@ -122,7 +125,7 @@ class acp_jabber 'JAB_HOST' => $jab_host, 'JAB_PORT' => ($jab_port) ? $jab_port : '', 'JAB_USERNAME' => $jab_username, - 'JAB_PASSWORD' => $jab_password, + 'JAB_PASSWORD' => $jab_password !== '' ? '********' : '', 'JAB_PACKAGE_SIZE' => $jab_package_size, 'JAB_USE_SSL' => $jab_use_ssl, 'S_CAN_USE_SSL' => jabber::can_use_ssl(), diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 48ca05a118..f6d728ffed 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -632,7 +632,7 @@ class acp_main { $error = false; $search_type = $config['search_type']; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$search->index_created()) { diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index 97c1f62077..43668b8ad5 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -31,7 +31,7 @@ class acp_profile { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -369,6 +369,32 @@ class acp_profile 'field_is_contact', ); + /** + * Event to add initialization for new profile field table fields + * + * @event core.acp_profile_create_edit_init + * @var string action create|edit + * @var int step Configuration step (1|2|3) + * @var bool submit Form has been submitted + * @var bool save Configuration should be saved + * @var string field_type Type of the field we are dealing with + * @var array field_row Array of data about the field + * @var array exclude Array of excluded fields by step + * @var array visibility_ary Array of fields that are visibility related + * @since 3.1.6-RC1 + */ + $vars = array( + 'action', + 'step', + 'submit', + 'save', + 'field_type', + 'field_row', + 'exclude', + 'visibility_ary', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_init', compact($vars))); + $options = $profile_field->prepare_options_form($exclude, $visibility_ary); $cp->vars['field_ident'] = ($action == 'create' && $step == 1) ? utf8_clean_string(request_var('field_ident', $field_row['field_ident'], true)) : request_var('field_ident', $field_row['field_ident']); @@ -644,6 +670,33 @@ class acp_profile break; } + $field_data = $cp->vars; + /** + * Event to add template variables for new profile field table fields + * + * @event core.acp_profile_create_edit_after + * @var string action create|edit + * @var int step Configuration step (1|2|3) + * @var bool submit Form has been submitted + * @var bool save Configuration should be saved + * @var string field_type Type of the field we are dealing with + * @var array field_data Array of data about the field + * @var array s_hidden_fields Array of hidden fields in case this needs modification + * @var array options Array of options specific to this step + * @since 3.1.6-RC1 + */ + $vars = array( + 'action', + 'step', + 'submit', + 'save', + 'field_type', + 'field_data', + 's_hidden_fields', + 'options', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_after', compact($vars))); + $template->assign_vars(array( 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); @@ -810,7 +863,7 @@ class acp_profile */ function save_profile_field(&$cp, $field_type, $action = 'create') { - global $db, $config, $user, $phpbb_container; + global $db, $config, $user, $phpbb_container, $phpbb_dispatcher; $field_id = request_var('field_id', 0); @@ -852,6 +905,25 @@ class acp_profile 'field_contact_url' => $cp->vars['field_contact_url'], ); + $field_data = $cp->vars; + /** + * Event to modify profile field configuration data before saving to database + * + * @event core.acp_profile_create_edit_save_before + * @var string action create|edit + * @var string field_type Type of the field we are dealing with + * @var array field_data Array of data about the field + * @var array profile_fields Array of fields to be sent to the database + * @since 3.1.6-RC1 + */ + $vars = array( + 'action', + 'field_type', + 'field_data', + 'profile_fields', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_save_before', compact($vars))); + if ($action == 'create') { $profile_fields += array( diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 6eb213fd7a..e17399e3d9 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -506,9 +506,9 @@ class acp_prune WHERE ug.group_id = ' . (int) $group_id . ' AND ug.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . ' - AND ug.user_pending = 0 ' . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . ' - AND u.user_id = ug.user_id'; + AND ug.user_pending = 0 + AND u.user_id = ug.user_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : ''); $result = $db->sql_query($sql); // we're performing an intersection operation, so all the relevant users @@ -532,10 +532,10 @@ class acp_prune $sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE u.user_id <> ' . ANONYMOUS . ' - AND u.user_type <> ' . USER_FOUNDER . - ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' + AND u.user_type <> ' . USER_FOUNDER . ' AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . ' AND u.user_id = p.poster_id + ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' GROUP BY p.poster_id HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue; $result = $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index eddc6871f8..abb8301507 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -449,7 +449,6 @@ class acp_search $search = null; $error = false; - $search_options = ''; foreach ($search_types as $type) { if ($this->init_search($type, $search, $error) || !method_exists($search, 'index_created')) @@ -599,7 +598,7 @@ class acp_search */ function init_search($type, &$search, &$error) { - global $phpbb_root_path, $phpEx, $user, $auth, $config, $db; + global $phpbb_root_path, $phpEx, $user, $auth, $config, $db, $phpbb_dispatcher; if (!class_exists($type) || !method_exists($type, 'keyword_search')) { @@ -608,7 +607,7 @@ class acp_search } $error = false; - $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); return $error; } diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 6bd27a8bca..a36a6c1ecd 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -995,7 +995,7 @@ class acp_styles // Assign template variables $this->template->assign_block_vars('styles_list', $row); - foreach($actions as $action) + foreach ($actions as $action) { $this->template->assign_block_vars('styles_list.actions', $action); } diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 503f137433..644beda77b 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1430,6 +1430,18 @@ class acp_users $error[] = 'FORM_INVALID'; } + /** + * Validate profile data in ACP before submitting to the database + * + * @event core.acp_users_profile_validate + * @var bool submit Flag indicating if submit button has been pressed + * @var array data Array with user profile data + * @var array error Array with the form errors + * @since 3.1.4-RC1 + */ + $vars = array('submit', 'data', 'error'); + extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_validate', compact($vars))); + if (!sizeof($error)) { $sql_ary = array( @@ -1445,9 +1457,10 @@ class acp_users * @var array data Array with user profile data * @var int user_id The user id * @var array user_row Array with the full user data + * @var array sql_ary Array with sql data * @since 3.1.4-RC1 */ - $vars = array('cp_data', 'data', 'user_id', 'user_row'); + $vars = array('cp_data', 'data', 'user_id', 'user_row', 'sql_ary'); extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_modify_sql_ary', compact($vars))); $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 905e981cdc..52c45499b2 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -1113,6 +1113,11 @@ class auth_admin extends \phpbb\auth\auth @reset($category_array); while (list($cat, $cat_array) = each($category_array)) { + if (!$phpbb_permissions->category_defined($cat)) + { + continue; + } + $template->assign_block_vars($tpl_cat, array( 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false, 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, @@ -1139,6 +1144,11 @@ class auth_admin extends \phpbb\auth\auth @reset($cat_array['permissions']); while (list($permission, $allowed) = each($cat_array['permissions'])) { + if (!$phpbb_permissions->permission_defined($permission)) + { + continue; + } + if ($s_view) { $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array( diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index 5f6dcde448..86390c0901 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -182,6 +182,8 @@ class bbcode $db->sql_freeresult($result); } + // To perform custom second pass in extension, use $this->bbcode_second_pass_by_extension() + // method which accepts variable number of parameters foreach ($bbcode_ids as $bbcode_id) { switch ($bbcode_id) @@ -613,4 +615,36 @@ class bbcode return $code; } + + /** + * Function to perform custom bbcode second pass by extensions + * can be used to assign bbcode pattern replacement + * Example: '#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_second_pass_by_extension('\$1')" + * + * Accepts variable number of parameters + * + * @return mixed Second pass result + */ + function bbcode_second_pass_by_extension() + { + global $phpbb_dispatcher; + + $return = false; + $params_array = func_get_args(); + + /** + * Event to perform bbcode second pass with + * the custom validating methods provided by extensions + * + * @event core.bbcode_second_pass_by_extension + * @var array params_array Array with the function parameters + * @var mixed return Second pass result to return + * + * @since 3.1.5-RC1 + */ + $vars = array('params_array', 'return'); + extract($phpbb_dispatcher->trigger_event('core.bbcode_second_pass_by_extension', compact($vars))); + + return $return; + } } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 321a87b4b0..ab943c2f86 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.1.4-dev'); +define('PHPBB_VERSION', '3.1.7-dev'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4159af5678..80d6e22bb7 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1159,7 +1159,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ /** * This event is used for performing actions directly before marking forums, * topics or posts as read. - * + * * It is also possible to prevent the marking. For that, the $should_markread parameter * should be set to FALSE. * @@ -1258,6 +1258,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ { $forum_id = array($forum_id); } + else + { + $forum_id = array_unique($forum_id); + } $phpbb_notifications = $phpbb_container->get('notification_manager'); @@ -2309,7 +2313,7 @@ function redirect($url, $return = false, $disable_cd_check = false) // Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work) if (!$disable_cd_check && $url_parts['host'] !== $user->host) { - $url = generate_board_url(); + trigger_error('INSECURE_REDIRECT', E_USER_ERROR); } } else if ($url[0] == '/') @@ -2347,7 +2351,7 @@ function redirect($url, $return = false, $disable_cd_check = false) // Clean URL and check if we go outside the forum directory $url = $phpbb_path_helper->clean_url($url); - if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false) + if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0) { trigger_error('INSECURE_REDIRECT', E_USER_ERROR); } @@ -2389,7 +2393,7 @@ function redirect($url, $return = false, $disable_cd_check = false) } // Redirect via an HTML form for PITA webservers - if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE'))) + if (@preg_match('#WebSTAR|Xitami#', getenv('SERVER_SOFTWARE'))) { header('Refresh: 0; URL=' . $url); @@ -2544,13 +2548,19 @@ function phpbb_request_http_version() { global $request; + $version = ''; if ($request && $request->server('SERVER_PROTOCOL')) { - return $request->server('SERVER_PROTOCOL'); + $version = $request->server('SERVER_PROTOCOL'); } else if (isset($_SERVER['SERVER_PROTOCOL'])) { - return $_SERVER['SERVER_PROTOCOL']; + $version = $_SERVER['SERVER_PROTOCOL']; + } + + if (!empty($version) && is_string($version) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $version)) + { + return $version; } return 'HTTP/1.0'; @@ -2920,19 +2930,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa // Special cases... determine switch ($result['status']) { - case LOGIN_ERROR_ATTEMPTS: - - $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_LOGIN); - // $captcha->reset(); - - $template->assign_vars(array( - 'CAPTCHA_TEMPLATE' => $captcha->get_template(), - )); - - $err = $user->lang[$result['error_msg']]; - break; - case LOGIN_ERROR_PASSWORD_CONVERT: $err = sprintf( $user->lang[$result['error_msg']], @@ -2943,6 +2940,17 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa ); break; + case LOGIN_ERROR_ATTEMPTS: + + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + // $captcha->reset(); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + // no break; + // Username, password, etc... default: $err = $user->lang[$result['error_msg']]; @@ -4247,9 +4255,10 @@ function obtain_users_online($item_id = 0, $item = 'forum') */ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum') { - global $config, $db, $user, $auth; + global $config, $db, $user, $auth, $phpbb_dispatcher; - $user_online_link = $online_userlist = ''; + $guests_online = $hidden_online = $l_online_users = $online_userlist = $visible_online = ''; + $user_online_link = $rowset = array(); // Need caps version of $item for language-strings $item_caps = strtoupper($item); @@ -4259,9 +4268,28 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . ' ORDER BY username_clean ASC'; + + /** + * Modify SQL query to obtain online users data + * + * @event core.obtain_users_online_string_sql + * @var array online_users Array with online users data + * from obtain_users_online() + * @var int item_id Restrict online users to item id + * @var string item Restrict online users to a certain + * session item, e.g. forum for + * session_forum_id + * @var string sql SQL query to obtain users online data + * @since 3.1.4-RC1 + */ + $vars = array('online_users', 'item_id', 'item', 'sql'); + extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars))); + $result = $db->sql_query($sql); + $rowset = $db->sql_fetchrowset($result); + $db->sql_freeresult($result); - while ($row = $db->sql_fetchrow($result)) + foreach ($rowset as $row) { // User is logged in and therefore not a guest if ($row['user_id'] != ANONYMOUS) @@ -4273,13 +4301,12 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline')) { - $user_online_link = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); - $online_userlist .= ($online_userlist != '') ? ', ' . $user_online_link : $user_online_link; + $user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); } } } - $db->sql_freeresult($result); } + $online_userlist = implode(', ', $user_online_link); if (!$online_userlist) { @@ -4312,6 +4339,33 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' $l_online_users = $user->lang('ONLINE_USERS_TOTAL', (int) $online_users['total_online'], $visible_online, $hidden_online); } + /** + * Modify online userlist data + * + * @event core.obtain_users_online_string_modify + * @var array online_users Array with online users data + * from obtain_users_online() + * @var int item_id Restrict online users to item id + * @var string item Restrict online users to a certain + * session item, e.g. forum for + * session_forum_id + * @var array rowset Array with online users data + * @var array user_online_link Array with online users items (usernames) + * @var string online_userlist String containing users online list + * @var string l_online_users String with total online users count info + * @since 3.1.4-RC1 + */ + $vars = array( + 'online_users', + 'item_id', + 'item', + 'rowset', + 'user_online_link', + 'online_userlist', + 'l_online_users', + ); + extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_modify', compact($vars))); + return array( 'online_userlist' => $online_userlist, 'l_online_users' => $l_online_users, @@ -4729,13 +4783,14 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) * @param array $user_row Row from the users table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false) +function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'user'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -4744,13 +4799,14 @@ function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = * @param array $group_row Row from the groups table * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false) +function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false, $lazy = false) { $row = \phpbb\avatar\manager::clean_row($user_row, 'group'); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** @@ -4759,14 +4815,15 @@ function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config * @param array $row Row cleaned by \phpbb\avatar\manager::clean_row * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar html */ -function phpbb_get_avatar($row, $alt, $ignore_config = false) +function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false) { global $user, $config, $cache, $phpbb_root_path, $phpEx; global $request; - global $phpbb_container; + global $phpbb_container, $phpbb_dispatcher; if (!$config['allow_avatar'] && !$ignore_config) { @@ -4780,7 +4837,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false) ); $phpbb_avatar_manager = $phpbb_container->get('avatar.manager'); - $driver = $phpbb_avatar_manager->get_driver($row['avatar_type'], $ignore_config); + $driver = $phpbb_avatar_manager->get_driver($row['avatar_type'], !$ignore_config); $html = ''; if ($driver) @@ -4791,7 +4848,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false) return $html; } - $avatar_data = $driver->get_data($row, $ignore_config); + $avatar_data = $driver->get_data($row); } else { @@ -4800,12 +4857,47 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false) if (!empty($avatar_data['src'])) { - $html = '<img src="' . $avatar_data['src'] . '" ' . + if ($lazy) + { + // Determine board url - we may need it later + $board_url = generate_board_url() . '/'; + // This path is sent with the base template paths in the assign_vars() + // call below. We need to correct it in case we are accessing from a + // controller because the web paths will be incorrect otherwise. + $phpbb_path_helper = $phpbb_container->get('path_helper'); + $corrected_path = $phpbb_path_helper->get_web_root_path(); + + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; + + $theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme'; + + $src = 'src="' . $theme . '/images/no_avatar.gif" data-src="' . $avatar_data['src'] . '"'; + } + else + { + $src = 'src="' . $avatar_data['src'] . '"'; + } + + $html = '<img class="avatar" ' . $src . ' ' . ($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') . ($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') . 'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />'; } + /** + * Event to modify HTML <img> tag of avatar + * + * @event core.get_avatar_after + * @var array row Row cleaned by \phpbb\avatar\manager::clean_row + * @var string alt Optional language string for alt tag within image, can be a language key or text + * @var bool ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP + * @var array avatar_data The HTML attributes for avatar <img> tag + * @var string html The HTML <img> tag of generated avatar + * @since 3.1.6-RC1 + */ + $vars = array('row', 'alt', 'ignore_config', 'avatar_data', 'html'); + extract($phpbb_dispatcher->trigger_event('core.get_avatar_after', compact($vars))); + return $html; } diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index e30c6da505..d566336d26 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -245,8 +245,13 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) switch ($tpl_type[0]) { - case 'text': case 'password': + if ($new[$config_key] !== '') + { + // replace passwords with asterixes + $new[$config_key] = '********'; + } + case 'text': case 'url': case 'email': case 'color': @@ -550,6 +555,9 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $cfg_array[$config_name] = trim($destination); + // Absolute file path + case 'absolute_path': + case 'absolute_path_writable': // Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir... case 'path': case 'wpath': @@ -568,20 +576,22 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) break; } - if (!file_exists($phpbb_root_path . $cfg_array[$config_name])) + $path = in_array($config_definition['validate'], array('wpath', 'path', 'rpath', 'rwpath')) ? $phpbb_root_path . $cfg_array[$config_name] : $cfg_array[$config_name]; + + if (!file_exists($path)) { $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]); } - if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_dir($phpbb_root_path . $cfg_array[$config_name])) + if (file_exists($path) && !is_dir($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]); } // Check if the path is writable - if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath') + if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath' || $config_definition['validate'] === 'absolute_path_writable') { - if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !phpbb_is_writable($phpbb_root_path . $cfg_array[$config_name])) + if (file_exists($path) && !phpbb_is_writable($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]); } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index b016659541..afd3dce730 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -500,7 +500,7 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png') */ function move_topics($topic_ids, $forum_id, $auto_sync = true) { - global $db; + global $db, $phpbb_dispatcher; if (empty($topic_ids)) { @@ -534,6 +534,27 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true) } $table_ary = array(TOPICS_TABLE, POSTS_TABLE, LOG_TABLE, DRAFTS_TABLE, TOPICS_TRACK_TABLE); + + /** + * Perform additional actions before topics move + * + * @event core.move_topics_before_query + * @var array table_ary Array of tables from which forum_id will be updated for all rows that hold the moved topics + * @var array topic_ids Array of the moved topic ids + * @var string forum_id The forum id from where the topics are moved + * @var array forum_ids Array of the forums where the topics are moving (includes also forum_id) + * @var bool auto_sync Whether or not to perform auto sync + * @since 3.1.5-RC1 + */ + $vars = array( + 'table_ary', + 'topic_ids', + 'forum_id', + 'forum_ids', + 'auto_sync', + ); + extract($phpbb_dispatcher->trigger_event('core.move_topics_before_query', compact($vars))); + foreach ($table_ary as $table) { $sql = "UPDATE $table @@ -618,7 +639,7 @@ function move_posts($post_ids, $topic_id, $auto_sync = true) */ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_sync = true, $call_delete_posts = true) { - global $db, $config, $phpbb_container; + global $db, $config, $phpbb_container, $phpbb_dispatcher; $approved_topics = 0; $forum_ids = $topic_ids = array(); @@ -672,6 +693,20 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s $table_ary = array(BOOKMARKS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, POLL_VOTES_TABLE, POLL_OPTIONS_TABLE, TOPICS_WATCH_TABLE, TOPICS_TABLE); + /** + * Perform additional actions before topic(s) deletion + * + * @event core.delete_topics_before_query + * @var array table_ary Array of tables from which all rows will be deleted that hold a topic_id occuring in topic_ids + * @var array topic_ids Array of topic ids to delete + * @since 3.1.4-RC1 + */ + $vars = array( + 'table_ary', + 'topic_ids', + ); + extract($phpbb_dispatcher->trigger_event('core.delete_topics_before_query', compact($vars))); + foreach ($table_ary as $table) { $sql = "DELETE FROM $table @@ -680,6 +715,18 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s } unset($table_ary); + /** + * Perform additional actions after topic(s) deletion + * + * @event core.delete_topics_after_query + * @var array topic_ids Array of topic ids that were deleted + * @since 3.1.4-RC1 + */ + $vars = array( + 'topic_ids', + ); + extract($phpbb_dispatcher->trigger_event('core.delete_topics_after_query', compact($vars))); + $moved_topic_ids = array(); // update the other forums @@ -894,7 +941,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 43952ae57a..b59c7376e9 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -30,10 +30,11 @@ if (!defined('IN_PHPBB')) * @param string $avatar_height Height of users avatar * @param string $alt Optional language string for alt tag within image, can be a language key or text * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP +* @param bool $lazy If true, will be lazy loaded (requires JS) * * @return string Avatar image */ -function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false) +function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false) { // map arguments to new function phpbb_get_avatar() $row = array( @@ -43,7 +44,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $ 'avatar_height' => $avatar_height, ); - return phpbb_get_avatar($row, $alt, $ignore_config); + return phpbb_get_avatar($row, $alt, $ignore_config, $lazy); } /** diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 61ab4721c4..b380273f0c 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -966,7 +966,7 @@ function get_remote_avatar_dim($src, $axis) $protocol = (isset($url_info['scheme'])) ? $url_info['scheme'] : 'http'; if (empty($port)) { - switch(strtolower($protocol)) + switch (strtolower($protocol)) { case 'ftp': $port = 21; diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 31cf43e599..4881dde6f5 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -150,7 +150,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); - $forum_tracking_info = array(); + $forum_tracking_info = $valid_categories = array(); $branch_root_id = $root_data['forum_id']; $phpbb_content_visibility = $phpbb_container->get('content.visibility'); @@ -250,6 +250,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod } } + // Fill list of categories with forums + if (isset($forum_rows[$row['parent_id']])) + { + $valid_categories[$row['parent_id']] = true; + } + // if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id) { @@ -267,6 +273,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $branch_root_id = $forum_id; } $forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id']; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; $forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time']; } else if ($row['forum_type'] != FORUM_CAT) @@ -308,6 +315,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name']; $forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour']; $forum_rows[$parent_id]['forum_id_last_post'] = $forum_id; + $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; } } @@ -375,6 +383,28 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod get_moderators($forum_moderators, $forum_ids_moderator); } + /** + * Event to perform additional actions before the forum list is being generated + * + * @event core.display_forums_before + * @var array active_forum_ary Array with forum data to display active topics + * @var bool display_moderators Flag indicating if we display forum moderators + * @var array forum_moderators Array with forum moderators list + * @var array forum_rows Data array of all forums we display + * @var bool return_moderators Flag indicating if moderators list should be returned + * @var array root_data Array with the root forum data + * @since 3.1.4-RC1 + */ + $vars = array( + 'active_forum_ary', + 'display_moderators', + 'forum_moderators', + 'forum_rows', + 'return_moderators', + 'root_data', + ); + extract($phpbb_dispatcher->trigger_event('core.display_forums_before', compact($vars))); + // Used to tell whatever we have to create a dummy category or not. $last_catless = true; foreach ($forum_rows as $row) @@ -382,6 +412,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Category if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT) { + // Do not display categories without any forums to display + if (!isset($valid_categories[$row['forum_id']])) + { + continue; + } + $cat_row = array( 'S_IS_CAT' => true, 'FORUM_ID' => $row['forum_id'], @@ -500,8 +536,15 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod // Create last post link information, if appropriate if ($row['forum_last_post_id']) { - $last_post_subject = $row['forum_last_post_subject']; - $last_post_subject_truncated = truncate_string(censor_text($last_post_subject), 30, 255, false, $user->lang['ELLIPSIS']); + if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post'])) + { + $last_post_subject = censor_text($row['forum_last_post_subject']); + $last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']); + } + else + { + $last_post_subject = $last_post_subject_truncated = ''; + } $last_post_time = $user->format_date($row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } @@ -561,7 +604,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false, 'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false, 'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false, - 'S_DISPLAY_SUBJECT' => ($last_post_subject && $config['display_last_subject'] && !$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? true : false, + 'S_DISPLAY_SUBJECT' => ($last_post_subject !== '' && $config['display_last_subject']) ? true : false, 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false, 'FORUM_ID' => $row['forum_id'], @@ -574,8 +617,8 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', - 'LAST_POST_SUBJECT' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? censor_text($last_post_subject) : "", - 'LAST_POST_SUBJECT_TRUNCATED' => (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? $last_post_subject_truncated : "", + 'LAST_POST_SUBJECT' => $last_post_subject, + 'LAST_POST_SUBJECT_TRUNCATED' => $last_post_subject_truncated, 'LAST_POST_TIME' => $last_post_time, 'LAST_POSTER' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), @@ -710,13 +753,15 @@ function generate_forum_rules(&$forum_data) function generate_forum_nav(&$forum_data) { global $db, $user, $template, $auth, $config; - global $phpEx, $phpbb_root_path; + global $phpEx, $phpbb_root_path, $phpbb_dispatcher; if (!$auth->acl_get('f_list', $forum_data['forum_id'])) { return; } + $navlinks = $navlinks_parents = $forum_template_data = array(); + // Get forum parents $forum_parents = get_forum_parents($forum_data); @@ -735,35 +780,59 @@ function generate_forum_nav(&$forum_data) continue; } - $template->assign_block_vars('navlinks', array( + $navlinks_parents[] = array( 'S_IS_CAT' => ($parent_type == FORUM_CAT) ? true : false, 'S_IS_LINK' => ($parent_type == FORUM_LINK) ? true : false, 'S_IS_POST' => ($parent_type == FORUM_POST) ? true : false, 'FORUM_NAME' => $parent_name, 'FORUM_ID' => $parent_forum_id, 'MICRODATA' => $microdata_attr . '="' . $parent_forum_id . '"', - 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id)) + 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id), ); } } - $template->assign_block_vars('navlinks', array( + $navlinks = array( 'S_IS_CAT' => ($forum_data['forum_type'] == FORUM_CAT) ? true : false, 'S_IS_LINK' => ($forum_data['forum_type'] == FORUM_LINK) ? true : false, 'S_IS_POST' => ($forum_data['forum_type'] == FORUM_POST) ? true : false, 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_ID' => $forum_data['forum_id'], 'MICRODATA' => $microdata_attr . '="' . $forum_data['forum_id'] . '"', - 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id'])) + 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id']), ); - $template->assign_vars(array( + $forum_template_data = array( 'FORUM_ID' => $forum_data['forum_id'], 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_DESC' => generate_text_for_display($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options']), 'S_ENABLE_FEEDS_FORUM' => ($config['feed_forum'] && $forum_data['forum_type'] == FORUM_POST && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $forum_data['forum_options'])) ? true : false, - )); + ); + + /** + * Event to modify the navlinks text + * + * @event core.generate_forum_nav + * @var array forum_data Array with the forum data + * @var array forum_template_data Array with generic forum template data + * @var string microdata_attr The microdata attribute + * @var array navlinks_parents Array with the forum parents navlinks data + * @var array navlinks Array with the forum navlinks data + * @since 3.1.5-RC1 + */ + $vars = array( + 'forum_data', + 'forum_template_data', + 'microdata_attr', + 'navlinks_parents', + 'navlinks', + ); + extract($phpbb_dispatcher->trigger_event('core.generate_forum_nav', compact($vars))); + + $template->assign_block_vars_array('navlinks', $navlinks_parents); + $template->assign_block_vars('navlinks', $navlinks); + $template->assign_vars($forum_template_data); return; } @@ -1427,7 +1496,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, * @param array $user_data the current stored users data * @param int $user_posts the users number of posts * -* @return array An associative array containing the rank title (title), the rank image source (img) and the rank image as full img tag (img) +* @return array An associative array containing the rank title (title), the rank image as full img tag (img) and the rank image source (img_src) * * Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false */ diff --git a/phpBB/includes/functions_mcp.php b/phpBB/includes/functions_mcp.php index 4a03ea8f13..1e08864bdc 100644 --- a/phpBB/includes/functions_mcp.php +++ b/phpBB/includes/functions_mcp.php @@ -368,7 +368,7 @@ function phpbb_get_pm_data($pm_ids) */ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE') { - global $db, $user, $auth, $template; + global $db, $user, $auth, $template, $phpbb_dispatcher; $sort_days = request_var('st', 0); $min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0; @@ -388,7 +388,7 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by if (!$auth->acl_get('m_approve', $forum_id)) { - $sql .= 'AND topic_visibility = ' . ITEM_APPROVED; + $sql .= ' AND topic_visibility = ' . ITEM_APPROVED; } break; @@ -404,7 +404,7 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by if (!$auth->acl_get('m_approve', $forum_id)) { - $sql .= 'AND post_visibility = ' . ITEM_APPROVED; + $sql .= ' AND post_visibility = ' . ITEM_APPROVED; } break; @@ -423,28 +423,6 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by AND t.topic_id = p.topic_id AND t.topic_visibility <> p.post_visibility'; - /** - * This event allows you to control the SQL query to retrieve the list of unapproved and deleted posts - * - * @event core.mcp_sorting_unapproved_deleted_posts_query_before - * @var string sql The current SQL search string - * @var int forum_id The forum id of the posts the user is trying to access - * @var int topic_id The topic id of the posts the user is trying to access - * @var int min_time Integer with the minimum post time that the user is searching for - * @var int visibility_const Integer with one of the possible ITEM_* constant values - * @var string where_sql Extra information included in the WHERE clause. It must end with "WHERE" or "AND" or "OR" - * @since 3.1.4-RC1 - */ - $vars = array( - 'sql', - 'forum_id', - 'topic_id', - 'min_time', - 'visibility_const', - 'where_sql', - ); - extract($phpbb_dispatcher->trigger_event('core.mcp_sorting_unapproved_deleted_posts_query_before', compact($vars))); - if ($min_time) { $sql .= ' AND post_time >= ' . $min_time; @@ -575,6 +553,56 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by break; } + // Default total to -1 to allow editing by the event + $total = -1; + + /** + * This event allows you to control the SQL query used to get the total number + * of reports the user can access. + * + * This total is used for the pagination and for displaying the total number + * of reports to the user + * + * + * @event core.mcp_sorting_query_before + * @var string sql The current SQL search string + * @var string mode An id related to the module(s) the user is viewing + * @var string type Which kind of information is this being used for displaying. Posts, topics, etc... + * @var int forum_id The forum id of the posts the user is trying to access, if not 0 + * @var int topic_id The topic id of the posts the user is trying to access, if not 0 + * @var int sort_days The max age of the oldest report to be shown, in days + * @var string sort_key The way the user has decided to sort the data. + * The valid values must be in the keys of the sort_by_* variables + * @var string sort_dir Either 'd' for "DESC" or 'a' for 'ASC' in the SQL query + * @var int limit_days The possible max ages of the oldest report for the user to choose, in days. + * @var array sort_by_sql SQL text (values) for the possible names of the ways of sorting data (keys). + * @var array sort_by_text Language text (values) for the possible names of the ways of sorting data (keys). + * @var int min_time Integer with the minimum post time that the user is searching for + * @var int limit_time_sql Time limiting options used in the SQL query. + * @var int total The total number of reports that exist. Only set if you want to override the result + * @var string where_sql Extra information included in the WHERE clause. It must end with "WHERE" or "AND" or "OR". + * Set to "WHERE" and set total above -1 to override the total value + * @since 3.1.4-RC1 + */ + $vars = array( + 'sql', + 'mode', + 'type', + 'forum_id', + 'topic_id', + 'sort_days', + 'sort_key', + 'sort_dir', + 'limit_days', + 'sort_by_sql', + 'sort_by_text', + 'min_time', + 'limit_time_sql', + 'total', + 'where_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_sorting_query_before', compact($vars))); + if (!isset($sort_by_sql[$sort_key])) { $sort_key = $default_key; @@ -606,7 +634,7 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by $total = (int) $db->sql_fetchfield('total'); $db->sql_freeresult($result); } - else + else if ($total < -1) { $total = -1; } diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index fbac3e6f1d..ae393739b9 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -902,6 +902,8 @@ class queue fclose($fp); phpbb_chmod($this->cache_file, CHMOD_READ | CHMOD_WRITE); + + $this->data = array(); } $lock->release(); diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index fe9bcdb9d1..90d59cfd1e 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -976,7 +976,7 @@ class p_master * * @param string $class module class (acp/mcp/ucp) * @param string $name module name (class name of the module, or its basename - * phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra) + * phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra) * @param string $mode mode, as passed through to the module * */ @@ -1086,7 +1086,7 @@ class p_master ->core_path('language/' . $user->lang_name . '/mods/') ->find(); - $lang_files = array_unique(array_merge($user_lang_files, $english_lang_files, $default_lang_files)); + $lang_files = array_merge($english_lang_files, $default_lang_files, $user_lang_files); foreach ($lang_files as $lang_file => $ext_name) { $user->add_lang_ext($ext_name, $lang_file); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a06d6f4c35..75d77285a0 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -310,6 +310,7 @@ function posting_gen_topic_icons($mode, $icon_id) { $template->assign_block_vars('topic_icon', array( 'ICON_ID' => $id, + 'ICON_NAME' => $data['img'], 'ICON_IMG' => $root_path . $config['icons_path'] . '/' . $data['img'], 'ICON_WIDTH' => $data['width'], 'ICON_HEIGHT' => $data['height'], @@ -1542,7 +1543,14 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u return false; } - $current_time = time(); + if (!empty($data['post_time'])) + { + $current_time = $data['post_time']; + } + else + { + $current_time = time(); + } if ($mode == 'post') { @@ -1738,6 +1746,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_type' => $topic_type, 'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0, 'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, + 'topic_status' => (isset($data['topic_status'])) ? $data['topic_status'] : ITEM_UNLOCKED, ); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) @@ -2209,7 +2218,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index f179b2fd70..89bc31fa25 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -213,6 +213,8 @@ class filespec */ static public function get_extension($filename) { + $filename = utf8_basename($filename); + if (strpos($filename, '.') === false) { return ''; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 9cd662027e..c46653db9e 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -500,6 +500,9 @@ function user_delete($mode, $user_ids, $retain_username = true) $num_users_delta = 0; + // Get auth provider collection in case accounts might need to be unlinked + $provider_collection = $phpbb_container->get('auth.provider_collection'); + // Some things need to be done in the loop (if the query changes based // on which user is currently being deleted) $added_guest_posts = 0; @@ -510,6 +513,38 @@ function user_delete($mode, $user_ids, $retain_username = true) avatar_delete('user', $user_row); } + // Unlink accounts + foreach ($provider_collection as $provider_name => $auth_provider) + { + $provider_data = $auth_provider->get_auth_link_data($user_id); + + if ($provider_data !== null) + { + $link_data = array( + 'user_id' => $user_id, + 'link_method' => 'user_delete', + ); + + // BLOCK_VARS might contain hidden fields necessary for unlinking accounts + if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS'])) + { + foreach ($provider_data['BLOCK_VARS'] as $provider_service) + { + if (!array_key_exists('HIDDEN_FIELDS', $provider_service)) + { + $provider_service['HIDDEN_FIELDS'] = array(); + } + + $auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS'])); + } + } + else + { + $auth_provider->unlink_account($link_data); + } + } + } + // Decrement number of users if this user is active if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) { @@ -1367,7 +1402,7 @@ function user_ipwhois($ip) $match = array(); // Test for referrals from $whois_host to other whois databases, roll on rwhois - if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match)) + if (preg_match('#ReferralServer:[\x20]*whois://(.+)#im', $ipwhois, $match)) { if (strpos($match[1], ':') !== false) { diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index c18ca1aa1d..6faf0de35b 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -35,15 +35,6 @@ function mcp_forum_view($id, $mode, $action, $forum_info) // merge_topic is the quickmod action, merge_topics is the mcp_forum action, and merge_select is the mcp_topic action $merge_select = ($action == 'merge_select' || $action == 'merge_topic' || $action == 'merge_topics') ? true : false; - if ($merge_select) - { - // Fixes a "bug" that makes forum_view use the same ordering as topic_view - $request->overwrite('sk', null); - $request->overwrite('sd', null); - $request->overwrite('sk', null, \phpbb\request\request_interface::POST); - $request->overwrite('sd', null, \phpbb\request\request_interface::POST); - } - $forum_id = $forum_info['forum_id']; $start = request_var('start', 0); $topic_id_list = request_var('topic_id_list', array(0)); @@ -77,6 +68,30 @@ function mcp_forum_view($id, $mode, $action, $forum_info) break; } + /** + * Get some data in order to execute other actions. + * + * @event core.mcp_forum_view_before + * @var string action The action + * @var array forum_info Array with forum infos + * @var int start Start value + * @var array topic_id_list Array of topics ids + * @var array post_id_list Array of posts ids + * @var array source_topic_ids Array of source topics ids + * @var int to_topic_id Array of destination topics ids + * @since 3.1.6-RC1 + */ + $vars = array( + 'action', + 'forum_info', + 'start', + 'topic_id_list', + 'post_id_list', + 'source_topic_ids', + 'to_topic_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_forum_view_before', compact($vars))); + $pagination = $phpbb_container->get('pagination'); $selected_ids = ''; diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index 500db55456..629b6fd275 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -41,10 +41,27 @@ function mcp_front_view($id, $mode, $action) if (!empty($forum_list)) { - $sql = 'SELECT COUNT(post_id) AS total - FROM ' . POSTS_TABLE . ' - WHERE ' . $db->sql_in_set('forum_id', $forum_list) . ' - AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)); + $sql_ary = array( + 'SELECT' => 'COUNT(post_id) AS total', + 'FROM' => array( + POSTS_TABLE => 'p', + ), + 'WHERE' => $db->sql_in_set('p.forum_id', $forum_list) . ' + AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) + ); + + /** + * Allow altering the query to get the number of unapproved posts + * + * @event core.mcp_front_queue_unapproved_total_before + * @var int sql_ary Query to get the total number of unapproved posts + * @var array forum_list List of forums to look for unapproved posts + * @since 3.1.5-RC1 + */ + $vars = array('sql_ary', 'forum_list'); + extract($phpbb_dispatcher->trigger_event('core.mcp_front_queue_unapproved_total_before', compact($vars))); + + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); $total = (int) $db->sql_fetchfield('total'); $db->sql_freeresult($result); @@ -157,6 +174,18 @@ function mcp_front_view($id, $mode, $action) AND r.pm_id = 0 AND r.report_closed = 0 AND ' . $db->sql_in_set('p.forum_id', $forum_list); + + /** + * Alter sql query to count the number of reported posts + * + * @event core.mcp_front_reports_count_query_before + * @var int sql The query string used to get the number of reports that exist + * @var array forum_list List of forums that contain the posts + * @since 3.1.5-RC1 + */ + $vars = array('sql', 'forum_list'); + extract($phpbb_dispatcher->trigger_event('core.mcp_front_reports_count_query_before', compact($vars))); + $result = $db->sql_query($sql); $total = (int) $db->sql_fetchfield('total'); $db->sql_freeresult($result); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index 1241b8bd0e..fc28968101 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -226,6 +226,31 @@ class mcp_main break; default: + if ($quickmod) + { + switch ($action) + { + case 'lock': + case 'unlock': + case 'make_announce': + case 'make_sticky': + case 'make_global': + case 'make_normal': + case 'make_onindex': + case 'move': + case 'fork': + case 'delete_topic': + trigger_error('TOPIC_NOT_EXIST'); + break; + + case 'lock_post': + case 'unlock_post': + case 'delete_post': + trigger_error('POST_NOT_EXIST'); + break; + } + } + trigger_error('NO_MODE', E_USER_ERROR); break; } @@ -1119,7 +1144,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '', function mcp_fork_topic($topic_ids) { global $auth, $user, $db, $template, $config; - global $phpEx, $phpbb_root_path; + global $phpEx, $phpbb_root_path, $phpbb_dispatcher; if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_'))) { @@ -1197,7 +1222,7 @@ function mcp_fork_topic($topic_ids) } $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); $search_mode = 'post'; if ($error) diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index 1687409198..7a93f73228 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -26,6 +26,7 @@ function mcp_post_details($id, $mode, $action) { global $phpEx, $phpbb_root_path, $config; global $template, $db, $user, $auth, $cache; + global $phpbb_dispatcher; $user->add_lang('posting'); @@ -106,6 +107,21 @@ function mcp_post_details($id, $mode, $action) } break; + + default: + + /** + * This event allows you to handle custom post moderation options + * + * @event core.mcp_post_additional_options + * @var string action Post moderation action name + * @var array post_info Information on the affected post + * @since 3.1.5-RC1 + */ + $vars = array('action', 'post_info'); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_additional_options', compact($vars))); + + break; } // Set some vars @@ -197,7 +213,7 @@ function mcp_post_details($id, $mode, $action) $l_deleted_by = ''; } - $template->assign_vars(array( + $mcp_post_template_data = array( 'U_MCP_ACTION' => "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters 'U_POST_ACTION' => "$url&i=$id&mode=post_details", // Use this for action parameters 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"), @@ -249,7 +265,32 @@ function mcp_post_details($id, $mode, $action) 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '', 'U_WHOIS' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '', - )); + ); + + $s_additional_opts = false; + + /** + * Event to add/modify MCP post template data + * + * @event core.mcp_post_template_data + * @var array post_info Array with the post information + * @var array mcp_post_template_data Array with the MCP post template data + * @var array attachments Array with the post attachments, if any + * @var bool s_additional_opts Must be set to true in extension if additional options are presented in MCP post panel + * @since 3.1.5-RC1 + */ + $vars = array( + 'post_info', + 'mcp_post_template_data', + 'attachments', + 's_additional_opts', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_post_template_data', compact($vars))); + + $template->assign_vars($mcp_post_template_data); + $template->assign_var('S_MCP_POST_ADDITIONAL_OPTS', $s_additional_opts); + + unset($mcp_post_template_data); // Get User Notes $log_data = array(); @@ -420,7 +461,7 @@ function mcp_post_details($id, $mode, $action) */ function change_poster(&$post_info, $userdata) { - global $auth, $db, $config, $phpbb_root_path, $phpEx, $user; + global $auth, $db, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher; if (empty($userdata) || $userdata['user_id'] == $post_info['user_id']) { @@ -497,7 +538,7 @@ function change_poster(&$post_info, $userdata) { // We do some additional checks in the module to ensure it can actually be utilised $error = false; - $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user); + $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if (!$error && method_exists($search, 'destroy_cache')) { @@ -518,6 +559,17 @@ function change_poster(&$post_info, $userdata) $post_info = $post_info[$post_id]; + /** + * This event allows you to perform additional tasks after changing a post's poster + * + * @event core.mcp_change_poster_after + * @var array userdata Information on a post's new poster + * @var array post_info Information on the affected post + * @since 3.1.6-RC1 + */ + $vars = array('userdata', 'post_info'); + extract($phpbb_dispatcher->trigger_event('core.mcp_change_poster_after', compact($vars))); + // Now add log entry add_log('mod', $post_info['forum_id'], $post_info['topic_id'], 'LOG_MCP_CHANGE_POSTER', $post_info['topic_title'], $from_username, $to_username); } diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 82c3bc9ab0..0ac6ea748e 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -283,6 +283,7 @@ class mcp_queue $template->assign_vars(array( 'S_MCP_QUEUE' => true, 'U_APPROVE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f=$forum_id"), + 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), 'S_POST_REPORTED' => $post_info['post_reported'], 'S_POST_UNAPPROVED' => $post_info['post_visibility'] == ITEM_UNAPPROVED || $post_info['post_visibility'] == ITEM_REAPPROVE, @@ -404,7 +405,7 @@ class mcp_queue $forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>'; foreach ($forum_list_approve as $row) { - $forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . $row['forum_name'] . '</option>'; + $forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat(' ', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>'; } $sort_days = $total = 0; diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 804d48ea97..fa2fed842f 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -73,18 +73,66 @@ class mcp_reports // closed reports are accessed by report id $report_id = request_var('r', 0); + $sql_ary = array( + 'SELECT' => 'r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour', - $sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour - FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u - WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . ' + 'FROM' => array( + REPORTS_TABLE => 'r', + REPORTS_REASONS_TABLE => 'rr', + USERS_TABLE => 'u', + ), + + 'WHERE' => (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . ' AND rr.reason_id = r.reason_id AND r.user_id = u.user_id - AND r.pm_id = 0 - ORDER BY report_closed ASC'; + AND r.pm_id = 0', + + 'ORDER_BY' => 'report_closed ASC', + ); + + /** + * Allow changing the query to obtain the user-submitted report. + * + * @event core.mcp_reports_report_details_query_before + * @var array sql_ary The array in the format of the query builder with the query + * @var mixed forum_id The forum_id, the number in the f GET parameter + * @var int post_id The post_id of the report being viewed (if 0, it is meaningless) + * @var int report_id The report_id of the report being viewed + * @since 3.1.5-RC1 + */ + $vars = array( + 'sql_ary', + 'forum_id', + 'post_id', + 'report_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_before', compact($vars))); + + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query_limit($sql, 1); $report = $db->sql_fetchrow($result); $db->sql_freeresult($result); + /** + * Allow changing the data obtained from the user-submitted report. + * + * @event core.mcp_reports_report_details_query_after + * @var array sql_ary The array in the format of the query builder with the query that had been executted + * @var mixed forum_id The forum_id, the number in the f GET parameter + * @var int post_id The post_id of the report being viewed (if 0, it is meaningless) + * @var int report_id The report_id of the report being viewed + * @var int report The query's resulting row. + * @since 3.1.5-RC1 + */ + $vars = array( + 'sql_ary', + 'forum_id', + 'post_id', + 'report_id', + 'report', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_after', compact($vars))); + if (!$report) { trigger_error('NO_REPORT'); @@ -489,6 +537,7 @@ function close_report($report_id_list, $mode, $action, $pm = false) { $post_id_list[] = $row[$id_column]; } + $db->sql_freeresult($result); $post_id_list = array_unique($post_id_list); if ($pm) diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index a3cffe51e6..2217f8fdeb 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -194,6 +194,30 @@ function mcp_topic_view($id, $mode, $action) } } + /** + * Event to modify the post data for the MCP topic review before assigning the posts + * + * @event core.mcp_topic_modify_post_data + * @var array attachments List of attachments post_id => array of attachments + * @var int forum_id The forum ID we are currently in + * @var int id ID of the tab we are displaying + * @var string mode Mode of the MCP page we are displaying + * @var array post_id_list Array with post ids we are going to display + * @var array rowset Array with the posts data + * @var int topic_id The topic ID we are currently reviewing + * @since 3.1.7-RC1 + */ + $vars = array( + 'attachments', + 'forum_id', + 'id', + 'mode', + 'post_id_list', + 'rowset', + 'topic_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_topic_modify_post_data', compact($vars))); + foreach ($rowset as $i => $row) { $message = $row['post_text']; @@ -259,6 +283,8 @@ function mcp_topic_view($id, $mode, $action) * @var int current_row_number Number of the post on this page * @var array post_row Template block array of the current post * @var array row Array with original post and user data + * @var array topic_info Array with topic data + * @var int total Total posts count * @since 3.1.4-RC1 */ $vars = array( @@ -270,6 +296,8 @@ function mcp_topic_view($id, $mode, $action) 'current_row_number', 'post_row', 'row', + 'topic_info', + 'total', ); extract($phpbb_dispatcher->trigger_event('core.mcp_topic_review_modify_row', compact($vars))); diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 04a2726d22..e63f6b822b 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -21,6 +21,19 @@ if (!defined('IN_PHPBB')) if (!class_exists('bbcode')) { + // The following lines are for extensions which include message_parser.php + // while $phpbb_root_path and $phpEx are out of the script scope + // which may lead to the 'Undefined variable' and 'failed to open stream' errors + if (!isset($phpbb_root_path)) + { + global $phpbb_root_path; + } + + if (!isset($phpEx)) + { + global $phpEx; + } + include($phpbb_root_path . 'includes/bbcode.' . $phpEx); } @@ -115,6 +128,9 @@ class bbcode_firstpass extends bbcode // [quote] in second position. // To parse multiline URL we enable dotall option setting only for URL text // but not for link itself, thus [url][/url] is not affected. + // + // To perform custom validation in extension, use $this->validate_bbcode_by_extension() + // method which accepts variable number of parameters $this->bbcodes = array( 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), @@ -775,28 +791,6 @@ class bbcode_firstpass extends bbcode else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') { $this->parsed_items['quote']++; - - // the buffer holds a valid opening tag - if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) - { - if ($config['max_quote_depth'] == 1) - { - // Depth 1 - no nesting is allowed - $error_ary['quote_depth'] = $user->lang('QUOTE_NO_NESTING'); - } - else - { - // There are too many nested quotes - $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); - } - - $out .= $buffer . $tok; - $tok = '[]'; - $buffer = ''; - - continue; - } - array_push($close_tags, '/quote:' . $this->bbcode_uid); if (isset($m[1]) && $m[1]) @@ -1261,6 +1255,12 @@ class parse_message extends bbcode_firstpass return $update_this_message ? $this->warn_msg : $return_message; } + // Remove quotes that are nested too deep + if ($config['max_quote_depth'] > 0) + { + $this->remove_nested_quotes($config['max_quote_depth']); + } + // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. // The maximum length check happened before any parsings. if ($mode === 'post' && utf8_clean_string($this->message) === '') @@ -1301,6 +1301,29 @@ class parse_message extends bbcode_firstpass $return_message = &$this->message; } + $text = $this->message; + $uid = $this->bbcode_uid; + + /** + * Event to modify the text before it is parsed + * + * @event core.modify_format_display_text_before + * @var string text The message text to parse + * @var string uid The bbcode uid + * @var bool allow_bbcode Do we allow bbcodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool update_this_message Do we update the internal message + * with the parsed result + * @since 3.1.6-RC1 + */ + $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); + extract($phpbb_dispatcher->trigger_event('core.modify_format_display_text_before', compact($vars))); + + $this->message = $text; + $this->bbcode_uid = $uid; + unset($text, $uid); + if ($this->message_status == 'plain') { // Force updating message - of course. @@ -1840,6 +1863,50 @@ class parse_message extends bbcode_firstpass } /** + * Remove nested quotes at given depth in current parsed message + * + * @param integer $max_depth Depth limit + * @return null + */ + public function remove_nested_quotes($max_depth) + { + // Capture all [quote] and [/quote] tags + preg_match_all('(\\[/?quote(?:="(.*?)")?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE); + + // Iterate over the quote tags to mark the ranges that must be removed + $depth = 0; + $ranges = array(); + $start_pos = 0; + foreach ($matches[0] as $match) + { + if ($match[0][1] === '/') + { + --$depth; + if ($depth == $max_depth) + { + $end_pos = $match[1] + strlen($match[0]); + $length = $end_pos - $start_pos; + $ranges[] = array($start_pos, $length); + } + } + else + { + ++$depth; + if ($depth == $max_depth + 1) + { + $start_pos = $match[1]; + } + } + } + + foreach (array_reverse($ranges) as $range) + { + list($start_pos, $length) = $range; + $this->message = substr_replace($this->message, '', $start_pos, $length); + } + } + + /** * Setter function for passing the plupload object * * @param \phpbb\plupload\plupload $plupload The plupload object @@ -1862,4 +1929,36 @@ class parse_message extends bbcode_firstpass { $this->mimetype_guesser = $mimetype_guesser; } + + /** + * Function to perform custom bbcode validation by extensions + * can be used in bbcode_init() to assign regexp replacement + * Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')") + * + * Accepts variable number of parameters + * + * @return mixed Validation result + */ + public function validate_bbcode_by_extension() + { + global $phpbb_dispatcher; + + $return = false; + $params_array = func_get_args(); + + /** + * Event to validate bbcode with the custom validating methods + * provided by extensions + * + * @event core.validate_bbcode_by_extension + * @var array params_array Array with the function parameters + * @var mixed return Validation result to return + * + * @since 3.1.5-RC1 + */ + $vars = array('params_array', 'return'); + extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars))); + + return $return; + } } diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index 2885c80541..7353b90d99 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -94,7 +94,11 @@ if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) } else { - @set_magic_quotes_runtime(0); + if (get_magic_quotes_runtime()) + { + // Deactivate + @set_magic_quotes_runtime(0); + } // Be paranoid with passed vars if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index 6e357b260a..1f5ce93277 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -30,7 +30,7 @@ class ucp_activate function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; - global $db, $user, $auth, $template, $phpbb_container; + global $db, $user, $auth, $template, $phpbb_container, $phpbb_dispatcher; $user_id = request_var('u', 0); $key = request_var('k', ''); @@ -143,6 +143,17 @@ class ucp_activate } } + /** + * This event can be used to modify data after user account's activation + * + * @event core.ucp_activate_after + * @var array user_row Array with some user data + * @var string message Language string of the message that will be displayed to the user + * @since 3.1.6-RC1 + */ + $vars = array('user_row', 'message'); + extract($phpbb_dispatcher->trigger_event('core.ucp_activate_after', compact($vars))); + meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); trigger_error($user->lang[$message]); } diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index b0aeaba227..66dc651447 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -52,11 +52,11 @@ class ucp_notifications $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) { @@ -180,13 +180,13 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { $template->assign_block_vars($block, array( 'GROUP_NAME' => $user->lang($group), )); - foreach($subscription_types as $type => $data) + foreach ($subscription_types as $type => $data) { $template->assign_block_vars($block, array( 'TYPE' => $type, @@ -197,7 +197,7 @@ class ucp_notifications 'SUBSCRIBED' => (isset($subscriptions[$type])) ? true : false, )); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block . '.notification_methods', array( 'METHOD' => $method_data['id'], @@ -227,7 +227,7 @@ class ucp_notifications { $notification_methods = $phpbb_notifications->get_subscription_methods(); - foreach($notification_methods as $method => $method_data) + foreach ($notification_methods as $method => $method_data) { $template->assign_block_vars($block, array( 'METHOD' => $method_data['id'], diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index f3b59186a6..8b7d42e9c9 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -55,7 +55,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $address_list = $request->variable('address_list', array('' => array(0 => ''))); - $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; @@ -69,6 +68,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; + $submit = $request->is_set_post('post') && !$refresh && !$preview; $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; @@ -90,6 +90,32 @@ function compose_pm($id, $mode, $action, $user_folders = array()) // we include the language file here $user->add_lang('viewtopic'); + /** + * Modify the default vars before composing a PM + * + * @event core.ucp_pm_compose_modify_data + * @var int msg_id post_id in the page request + * @var int to_user_id The id of whom the message is to + * @var int to_group_id The id of the group the message is to + * @var bool submit Whether the form has been submitted + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete Whether the user is deleting the PM + * @var int reply_to_all Value of reply_to_all request variable. + * @since 3.1.4-RC1 + */ + $vars = array( + 'msg_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_data', compact($vars))); + // Output PM_TO box if message composing if ($action != 'edit') { diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index d81c4ce7fe..d7b9b32dbf 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -265,7 +265,9 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) * @var array message_row Array with message data * @var array cp_row Array with senders custom profile field data * @var array msg_data Template array with message data + * @var array user_info User data of the sender * @since 3.1.0-a1 + * @changed 3.1.6-RC1 Added user_info into event */ $vars = array( 'id', @@ -276,6 +278,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'message_row', 'cp_row', 'msg_data', + 'user_info', ); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars))); diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index 1d3fb19f67..3c274b53c7 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -69,7 +69,7 @@ class ucp_prefs * @var array data Array with current ucp options data * @var array error Array with list of errors * @since 3.1.0-a1 - * @changed 3.1.4-rc1 Added error variable to the event + * @changed 3.1.4-RC1 Added error variable to the event */ $vars = array('submit', 'data', 'error'); extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_data', compact($vars))); diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index f05e8a50cf..8d8d42e742 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -114,6 +114,18 @@ class ucp_profile $error[] = 'FORM_INVALID'; } + /** + * Validate user data on editing registration data in UCP + * + * @event core.ucp_profile_reg_details_validate + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @var array error Array of any generated errors + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_reg_details_validate', compact($vars))); + if (!sizeof($error)) { $sql_ary = array( @@ -353,6 +365,18 @@ class ucp_profile $error[] = 'FORM_INVALID'; } + /** + * Validate user data on editing profile in UCP + * + * @event core.ucp_profile_validate_profile_info + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @var array error Array of any generated errors + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_validate_profile_info', compact($vars))); + if (!sizeof($error)) { $data['notify'] = $user->data['user_notify_type']; @@ -380,7 +404,7 @@ class ucp_profile * @event core.ucp_profile_info_modify_sql_ary * @var array cp_data Array with the user custom profile fields data * @var array data Array with user profile data - * @var array sql_ary user options data we update + * @var array sql_ary user options data we update * @since 3.1.4-RC1 */ $vars = array('cp_data', 'data', 'sql_ary'); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 0ee45b0706..3426af95d0 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -176,6 +176,16 @@ class ucp_register } unset($lang_row); + /** + * Allows to modify the agreements. + * + * To assign data to the template, use $template->assign_vars() + * + * @event core.ucp_register_agreement + * @since 3.1.6-RC1 + */ + $phpbb_dispatcher->dispatch('core.ucp_register_agreement'); + $this->tpl_name = 'ucp_agreement'; return; } |