14 files changed, 226 insertions, 63 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index a5e80e1f6d..ab9492b7ba 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -435,7 +435,7 @@ class acp_board
 		$cfg_array = (isset($_REQUEST['config'])) ? utf8_normalize_nfc(request_var('config', array('' => ''), true)) : $this->new_config;
 		$error = array();
 
-		// We validate the complete config if whished
+		// We validate the complete config if wished
 		validate_config_vars($display_vars['vars'], $cfg_array, $error);
 
 		if ($submit && !check_form_key($form_key))
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index 73c4f92976..b672e212bf 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -69,7 +69,7 @@ function login_db(&$username, &$password)
 	if ($show_captcha)
 	{
 		// Visual Confirmation handling
-		if (!class_exists('phpbb_captcha_factory'))
+		if (!class_exists('phpbb_captcha_factory', false))
 		{
 			global $phpbb_root_path, $phpEx;
 			include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
@@ -90,7 +90,7 @@ function login_db(&$username, &$password)
 		{
 			$captcha->reset();
 		}
-		
+
 	}
 
 	// If the password convert flag is set we need to convert it
diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php
index 6e899adc16..a326074c14 100644
--- a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php
@@ -19,7 +19,7 @@ if (!defined('IN_PHPBB'))
 /**
 * Placeholder for autoload
 */
-if (!class_exists('phpbb_default_captcha'))
+if (!class_exists('phpbb_default_captcha', false))
 {
 	include($phpbb_root_path . 'includes/captcha/plugins/captcha_abstract.' . $phpEx);
 }
diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_wave_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_wave_plugin.php
index 2f55d15efd..8ac0262302 100644
--- a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_wave_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_wave_plugin.php
@@ -19,7 +19,7 @@ if (!defined('IN_PHPBB'))
 /**
 * Placeholder for autoload
 */
-if (!class_exists('phpbb_default_captcha'))
+if (!class_exists('phpbb_default_captcha', false))
 {
 	include($phpbb_root_path . 'includes/captcha/plugins/captcha_abstract.' . $phpEx);
 }
diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php
index ac30ed4297..834d2a7f12 100644
--- a/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php
@@ -19,7 +19,7 @@ if (!defined('IN_PHPBB'))
 /**
 * Placeholder for autoload
 */
-if (!class_exists('phpbb_default_captcha'))
+if (!class_exists('phpbb_default_captcha', false))
 {
 	include($phpbb_root_path . 'includes/captcha/plugins/captcha_abstract.' . $phpEx);
 }
diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
index 49a64b9339..c0cdc83fa1 100644
--- a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
@@ -87,7 +87,7 @@ class phpbb_captcha_qa
 			}
 			$db->sql_freeresult($result);
 		}
-	
+
 		// okay, if there is a confirm_id, we try to load that confirm's state. If not, we try to find one
 		if (!$this->load_answer() && (!$this->load_confirm_id() || !$this->load_answer()))
 		{
@@ -113,7 +113,7 @@ class phpbb_captcha_qa
 	{
 		global $db, $phpbb_root_path, $phpEx;
 
-		if (!class_exists('phpbb_db_tools'))
+		if (!class_exists('phpbb_db_tools', false))
 		{
 			include("$phpbb_root_path/includes/db/db_tools.$phpEx");
 		}
@@ -365,12 +365,12 @@ class phpbb_captcha_qa
 		global $config, $db, $user;
 
 		$error = '';
-		
+
 		if (!sizeof($this->question_ids))
 		{
 			return false;
 		}
-		
+
 		if (!$this->confirm_id)
 		{
 			$error = $user->lang['CONFIRM_QUESTION_WRONG'];
@@ -434,7 +434,7 @@ class phpbb_captcha_qa
 	function reselect_question()
 	{
 		global $db, $user;
-		
+
 		if (!sizeof($this->question_ids))
 		{
 			return false;
@@ -482,8 +482,8 @@ class phpbb_captcha_qa
 		global $db, $user;
 
 		$sql = 'SELECT confirm_id
-			FROM ' . CAPTCHA_QA_CONFIRM_TABLE . " 
-			WHERE 
+			FROM ' . CAPTCHA_QA_CONFIRM_TABLE . "
+			WHERE
 				session_id = '" . $db->sql_escape($user->session_id) . "'
 				AND lang_iso = '" . $db->sql_escape($this->question_lang) . "'
 				AND confirm_type = " . $this->type;
@@ -505,7 +505,7 @@ class phpbb_captcha_qa
 	function load_answer()
 	{
 		global $db, $user;
-		
+
 		if (!strlen($this->confirm_id) || !sizeof($this->question_ids))
 		{
 			return false;
@@ -990,9 +990,9 @@ class phpbb_captcha_qa
 
 		return $langs;
 	}
-	
-	
-	
+
+
+
 	/**
 	*  See if there is a question other than the one we have
 	*/
diff --git a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
index 0f0bfc4156..dad39867dc 100644
--- a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
@@ -16,7 +16,7 @@ if (!defined('IN_PHPBB'))
 	exit;
 }
 
-if (!class_exists('phpbb_default_captcha'))
+if (!class_exists('phpbb_default_captcha', false))
 {
 	// we need the classic captcha code for tracking solutions and attempts
 	include($phpbb_root_path . 'includes/captcha/plugins/captcha_abstract.' . $phpEx);
diff --git a/phpBB/includes/class_loader.php b/phpBB/includes/class_loader.php
new file mode 100644
index 0000000000..5df654799a
--- /dev/null
+++ b/phpBB/includes/class_loader.php
@@ -0,0 +1,162 @@
+<?php
+/**
+*
+* @package phpBB3
+* @version $Id$
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* The class loader resolves class names to file system paths and loads them if
+* necessary.
+*
+* Classes have to be of the form phpbb_(dir_)*(classpart_)*, so directory names
+* must never contain underscores. Example: phpbb_dir_subdir_class_name is a
+* valid class name, while phpbb_dir_sub_dir_class_name is not.
+*
+* If every part of the class name is a directory, the last directory name is
+* also used as the filename, e.g. phpbb_dir would resolve to dir/dir.php.
+*
+* @package phpBB3
+*/
+class phpbb_class_loader
+{
+	private $phpbb_root_path;
+	private $php_ext;
+	private $cache;
+	private $cached_paths = array();
+
+	/**
+	* Creates a new phpbb_class_loader, which loads files with the given
+	* file extension from the given phpbb root path.
+	*
+	* @param string $phpbb_root_path phpBB's root directory containing includes/
+	* @param string $php_ext         The file extension for PHP files
+	*/
+	public function __construct($phpbb_root_path, $php_ext = '.php', $cache = null)
+	{
+		$this->phpbb_root_path = $phpbb_root_path;
+		$this->php_ext = $php_ext;
+
+		$this->set_cache($cache);
+	}
+
+	/**
+	* Provide the class loader with a cache to store paths. If set to null, the
+	* the class loader will resolve paths by checking for the existance of every
+	* directory in the class name every time.
+	*
+	* @param acm $cache An implementation of the phpBB cache interface.
+	*/
+	public function set_cache($cache = null)
+	{
+		if ($cache)
+		{
+			$this->cached_paths = $cache->get('class_loader');
+
+			if ($this->cached_paths === false)
+			{
+				$this->cached_paths = array();
+			}
+		}
+
+		$this->cache = $cache;
+	}
+
+	/**
+	* Registers the class loader as an autoloader using SPL.
+	*/
+	public function register()
+	{
+		spl_autoload_register(array($this, 'load_class'));
+	}
+
+	/**
+	* Removes the class loader from the SPL autoloader stack.
+	*/
+	public function unregister()
+	{
+		spl_autoload_unregister(array($this, 'load_class'));
+	}
+
+	/**
+	* Resolves a phpBB class name to a relative path which can be included.
+	*
+	* @param string       $class The class name to resolve, must have a phpbb_
+	*                            prefix
+	* @return string|bool        A relative path to the file containing the
+	*                            class or false if looking it up failed.
+	*/
+	public function resolve_path($class)
+	{
+		$path_prefix = $this->phpbb_root_path . 'includes/';
+
+		if (isset($this->cached_paths[$class]))
+		{
+			return $path_prefix . $this->cached_paths[$class] . $this->php_ext;
+		}
+
+		if (!preg_match('/phpbb_[a-zA-Z0-9_]+/', $class))
+		{
+			return false;
+		}
+
+		$parts = explode('_', substr($class, 6));
+
+		$dirs = '';
+
+		for ($i = 0, $n = sizeof($parts); $i < $n && is_dir($path_prefix . $dirs . $parts[$i]); $i++)
+		{
+			$dirs .= $parts[$i] . '/';
+		}
+
+		// no file name left => use last dir name as file name
+		if ($i == sizeof($parts))
+		{
+			$parts[] = $parts[$i - 1];
+		}
+
+		$relative_path = $dirs . implode(array_slice($parts, $i, sizeof($parts) - $i), '_');
+
+		if (!file_exists($path_prefix . $relative_path . $this->php_ext))
+		{
+			return false;
+		}
+
+		if ($this->cache)
+		{
+			$this->cached_paths[$class] = $relative_path;
+			$this->cache->put('class_loader', $this->cached_paths);
+		}
+
+		return $path_prefix . $relative_path . $this->php_ext;
+	}
+
+	/**
+	* Resolves a class name to a path and then includes it.
+	*
+	* @param string $class The class name which is being loaded.
+	*/
+	public function load_class($class)
+	{
+		if (substr($class, 0, 6) === 'phpbb_')
+		{
+			$path = $this->resolve_path($class);
+
+			if ($path)
+			{
+				require $path;
+			}
+		}
+	}
+}
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 9aec98dce2..1c5e0b63a1 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2038,7 +2038,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
 	// Make sure $per_page is a valid value
 	$per_page = ($per_page <= 0) ? 1 : $per_page;
 
-	$seperator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>';
+	$separator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>';
 	$total_pages = ceil($num_items / $per_page);
 
 	if ($total_pages == 1 || !$num_items)
@@ -2056,29 +2056,29 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
 		$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
 		$end_cnt = max(min($total_pages, $on_page + 4), 6);
 
-		$page_string .= ($start_cnt > 1) ? ' ... ' : $seperator;
+		$page_string .= ($start_cnt > 1) ? ' ... ' : $separator;
 
 		for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
 		{
 			$page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
 			if ($i < $end_cnt - 1)
 			{
-				$page_string .= $seperator;
+				$page_string .= $separator;
 			}
 		}
 
-		$page_string .= ($end_cnt < $total_pages) ? ' ... ' : $seperator;
+		$page_string .= ($end_cnt < $total_pages) ? ' ... ' : $separator;
 	}
 	else
 	{
-		$page_string .= $seperator;
+		$page_string .= $separator;
 
 		for ($i = 2; $i < $total_pages; $i++)
 		{
 			$page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>';
 			if ($i < $total_pages)
 			{
-				$page_string .= $seperator;
+				$page_string .= $separator;
 			}
 		}
 	}
@@ -2862,7 +2862,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 {
 	global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config;
 
-	if (!class_exists('phpbb_captcha_factory'))
+	if (!class_exists('phpbb_captcha_factory', false))
 	{
 		include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
 	}
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index 6fd87db663..cbea0a1e77 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -564,26 +564,27 @@ function get_supported_image_types($type = false)
 			switch ($type)
 			{
 				// GIF
-				case 1:
+				case IMAGETYPE_GIF:
 					$new_type = ($format & IMG_GIF) ? IMG_GIF : false;
 				break;
 
 				// JPG, JPC, JP2
-				case 2:
-				case 9:
-				case 10:
-				case 11:
-				case 12:
+				case IMAGETYPE_JPEG:
+				case IMAGETYPE_JPC:
+				case IMAGETYPE_JPEG2000:
+				case IMAGETYPE_JP2:
+				case IMAGETYPE_JPX:
+				case IMAGETYPE_JB2:
 					$new_type = ($format & IMG_JPG) ? IMG_JPG : false;
 				break;
 
 				// PNG
-				case 3:
+				case IMAGETYPE_PNG:
 					$new_type = ($format & IMG_PNG) ? IMG_PNG : false;
 				break;
 
 				// WBMP
-				case 15:
+				case IMAGETYPE_WBMP:
 					$new_type = ($format & IMG_WBMP) ? IMG_WBMP : false;
 				break;
 			}
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index 7f09cc1640..983ccdfc82 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -976,7 +976,7 @@ class fileupload
 
 
 	/**
-	* Check for allowed extension
+	* Check for bad content (IE mime-sniffing)
 	*/
 	function valid_content(&$file)
 	{
@@ -989,22 +989,22 @@ class fileupload
 	function image_types()
 	{
 		return array(
-			1 => array('gif'),
-			2 => array('jpg', 'jpeg'),
-			3 => array('png'),
-			4 => array('swf'),
-			5 => array('psd'),
-			6 => array('bmp'),
-			7 => array('tif', 'tiff'),
-			8 => array('tif', 'tiff'),
-			9 => array('jpg', 'jpeg'),
-			10 => array('jpg', 'jpeg'),
-			11 => array('jpg', 'jpeg'),
-			12 => array('jpg', 'jpeg'),
-			13 => array('swc'),
-			14 => array('iff'),
-			15 => array('wbmp'),
-			16 => array('xbm'),
+			IMAGETYPE_GIF		=> array('gif'),
+			IMAGETYPE_JPEG		=> array('jpg', 'jpeg'),
+			IMAGETYPE_PNG		=> array('png'),
+			IMAGETYPE_SWF		=> array('swf'),
+			IMAGETYPE_PSD		=> array('psd'),
+			IMAGETYPE_BMP		=> array('bmp'),
+			IMAGETYPE_TIFF_II	=> array('tif', 'tiff'),
+			IMAGETYPE_TIFF_MM	=> array('tif', 'tiff'),
+			IMAGETYPE_JPC		=> array('jpg', 'jpeg'),
+			IMAGETYPE_JP2		=> array('jpg', 'jpeg'),
+			IMAGETYPE_JPX		=> array('jpg', 'jpeg'),
+			IMAGETYPE_JB2		=> array('jpg', 'jpeg'),
+			IMAGETYPE_SWC		=> array('swc'),
+			IMAGETYPE_IFF		=> array('iff'),
+			IMAGETYPE_WBMP		=> array('wbmp'),
+			IMAGETYPE_XBM		=> array('xbm'),
 		);
 	}
 }
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index f2c80705ba..0eecc903e5 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1774,15 +1774,15 @@ function validate_jabber($jid)
 		return false;
 	}
 
-	$seperator_pos = strpos($jid, '@');
+	$separator_pos = strpos($jid, '@');
 
-	if ($seperator_pos === false)
+	if ($separator_pos === false)
 	{
 		return 'WRONG_DATA';
 	}
 
-	$username = substr($jid, 0, $seperator_pos);
-	$realm = substr($jid, $seperator_pos + 1);
+	$username = substr($jid, 0, $separator_pos);
+	$realm = substr($jid, $separator_pos + 1);
 
 	if (strlen($username) == 0 || strlen($realm) < 3)
 	{
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index aa2293c630..d4eac553e9 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -39,7 +39,7 @@ class session
 	*
 	* @param string $root_path current root path (phpbb_root_path)
 	*/
-	function extract_current_page($root_path)
+	static function extract_current_page($root_path)
 	{
 		$page_array = array();
 
@@ -983,7 +983,7 @@ class session
 			}
 
 			// only called from CRON; should be a safe workaround until the infrastructure gets going
-			if (!class_exists('phpbb_captcha_factory'))
+			if (!class_exists('phpbb_captcha_factory', false))
 			{
 				include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx);
 			}
diff --git a/phpBB/includes/utf/utf_normalizer.php b/phpBB/includes/utf/utf_normalizer.php
index a77952499a..78684df69c 100644
--- a/phpBB/includes/utf/utf_normalizer.php
+++ b/phpBB/includes/utf/utf_normalizer.php
@@ -77,7 +77,7 @@ class utf_normalizer
 	* @param	string	&$str	The dirty string
 	* @return	string			The same string, all shiny and cleaned-up
 	*/
-	function cleanup(&$str)
+	static function cleanup(&$str)
 	{
 		// The string below is the list of all autorized characters, sorted by frequency in latin text
 		$pos = strspn($str, "\x20\x65\x69\x61\x73\x6E\x74\x72\x6F\x6C\x75\x64\x5D\x5B\x63\x6D\x70\x27\x0A\x67\x7C\x68\x76\x2E\x66\x62\x2C\x3A\x3D\x2D\x71\x31\x30\x43\x32\x2A\x79\x78\x29\x28\x4C\x39\x41\x53\x2F\x50\x22\x45\x6A\x4D\x49\x6B\x33\x3E\x35\x54\x3C\x44\x34\x7D\x42\x7B\x38\x46\x77\x52\x36\x37\x55\x47\x4E\x3B\x4A\x7A\x56\x23\x48\x4F\x57\x5F\x26\x21\x4B\x3F\x58\x51\x25\x59\x5C\x09\x5A\x2B\x7E\x5E\x24\x40\x60\x7F\x0D");
@@ -119,7 +119,7 @@ class utf_normalizer
 	* @param	string	&$str	Unchecked UTF string
 	* @return	string			The string, validated and in normal form
 	*/
-	function nfc(&$str)
+	static function nfc(&$str)
 	{
 		$pos = strspn($str, UTF8_ASCII_RANGE);
 		$len = strlen($str);
@@ -151,7 +151,7 @@ class utf_normalizer
 	* @param	string	&$str	Unchecked UTF string
 	* @return	string			The string, validated and in normal form
 	*/
-	function nfkc(&$str)
+	static function nfkc(&$str)
 	{
 		$pos = strspn($str, UTF8_ASCII_RANGE);
 		$len = strlen($str);
@@ -183,7 +183,7 @@ class utf_normalizer
 	* @param	string	&$str	Unchecked UTF string
 	* @return	string			The string, validated and in normal form
 	*/
-	function nfd(&$str)
+	static function nfd(&$str)
 	{
 		$pos = strspn($str, UTF8_ASCII_RANGE);
 		$len = strlen($str);
@@ -209,7 +209,7 @@ class utf_normalizer
 	* @param	string	&$str	Unchecked UTF string
 	* @return	string			The string, validated and in normal form
 	*/
-	function nfkd(&$str)
+	static function nfkd(&$str)
 	{
 		$pos = strspn($str, UTF8_ASCII_RANGE);
 		$len = strlen($str);
@@ -242,7 +242,7 @@ class utf_normalizer
 	*
 	* @access	private
 	*/
-	function recompose($str, $pos, $len, &$qc, &$decomp_map)
+	static function recompose($str, $pos, $len, &$qc, &$decomp_map)
 	{
 		global $utf_combining_class, $utf_canonical_comp, $utf_jamo_type, $utf_jamo_index;
 
@@ -944,7 +944,7 @@ class utf_normalizer
 	*
 	* @access	private
 	*/
-	function decompose($str, $pos, $len, &$decomp_map)
+	static function decompose($str, $pos, $len, &$decomp_map)
 	{
 		global $utf_combining_class;