1 files changed, 192 insertions, 40 deletions
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index 91365d4a72..4e17a1429c 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -73,6 +73,10 @@ if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
 	die("Please read: <a href='../docs/INSTALL.html'>INSTALL.html</a> before attempting to update.");
 }
 
+// In case $phpbb_adm_relative_path is not set (in case of an update), use the default.
+$phpbb_adm_relative_path = (isset($phpbb_adm_relative_path)) ? $phpbb_adm_relative_path : 'adm/';
+$phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : $phpbb_root_path . $phpbb_adm_relative_path;
+
 // Include files
 require($phpbb_root_path . 'includes/class_loader.' . $phpEx);
 
@@ -83,7 +87,6 @@ phpbb_require_updated('includes/functions_content.' . $phpEx, true);
 
 require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
 require($phpbb_root_path . 'includes/constants.' . $phpEx);
-require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
 require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 
 phpbb_require_updated('includes/db/db_tools.' . $phpEx);
@@ -106,18 +109,7 @@ $phpbb_class_loader_ext = new phpbb_class_loader('phpbb_ext_', "{$phpbb_root_pat
 $phpbb_class_loader_ext->register();
 
 // Set up container
-$phpbb_container = phpbb_create_dumped_container_unless_debug(
-	array(
-		new phpbb_di_extension_config($phpbb_root_path . 'config.' . $phpEx),
-		new phpbb_di_extension_core($phpbb_root_path),
-	),
-	array(
-		new phpbb_di_pass_collection_pass(),
-		new phpbb_di_pass_kernel_pass(),
-	),
-	$phpbb_root_path,
-	$phpEx
-);
+$phpbb_container = phpbb_create_default_container($phpbb_root_path, $phpEx);
 
 $phpbb_class_loader->set_cache($phpbb_container->get('cache.driver'));
 $phpbb_class_loader_ext->set_cache($phpbb_container->get('cache.driver'));
@@ -141,7 +133,8 @@ if (file_exists($phpbb_root_path . 'includes/hooks/index.' . $phpEx))
 	require($phpbb_root_path . 'includes/hooks/index.' . $phpEx);
 	$phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display')));
 
-	foreach ($cache->obtain_hooks() as $hook)
+	$phpbb_hook_finder = $phpbb_container->get('hook_finder');
+	foreach ($phpbb_hook_finder->find() as $hook)
 	{
 		@include($phpbb_root_path . 'includes/hooks/' . $hook . '.' . $phpEx);
 	}
@@ -194,7 +187,7 @@ include($phpbb_root_path . 'language/' . $language . '/install.' . $phpEx);
 $inline_update = (request_var('type', 0)) ? true : false;
 
 // To let set_config() calls succeed, we need to make the config array available globally
-$config = new phpbb_config_db($db, $cache->get_driver(), CONFIG_TABLE);
+$config = new phpbb_config_db($db, $phpbb_container->get('cache.driver'), CONFIG_TABLE);
 set_config(null, null, null, $config);
 set_config_count(null, null, null, $config);
 
@@ -232,7 +225,7 @@ if ($has_global && !$ga_forum_id)
 
 	<title><?php echo $lang['UPDATING_TO_LATEST_STABLE']; ?></title>
 
-	<link href="../adm/style/admin.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="<?php echo htmlspecialchars($phpbb_admin_path); ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
 	</head>
 
@@ -282,7 +275,7 @@ header('Content-type: text/html; charset=UTF-8');
 
 <title><?php echo $lang['UPDATING_TO_LATEST_STABLE']; ?></title>
 
-<link href="../adm/style/admin.css" rel="stylesheet" type="text/css" media="screen" />
+<link href="<?php echo htmlspecialchars($phpbb_admin_path); ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -581,7 +574,7 @@ else
 add_log('admin', 'LOG_UPDATE_DATABASE', $orig_version, $updates_to_version);
 
 // Now we purge the session table as well as all cache files
-$cache->purge();
+$phpbb_container->get('cache.driver')->purge();
 
 _print_footer();
 
@@ -818,6 +811,70 @@ function _add_modules($modules_to_install)
 	$_module->remove_cache_file();
 }
 
+/**
+* Add a new permission, optionally copy permission setting from another
+*
+* @param auth_admin $auth_admin auth_admin object
+* @param phpbb_db_driver $db Database object
+* @param string $permission_name Name of the permission to add
+* @param bool $is_global True is global, false is local
+* @param string $copy_from Optional permission name from which to copy
+* @return bool true on success, false on failure
+*/
+function _add_permission(auth_admin $auth_admin, phpbb_db_driver $db, $permission_name, $is_global = true, $copy_from = '')
+{
+	// Only add a permission that don't already exist
+	if (!empty($auth_admin->acl_options['id'][$permission_name]))
+	{
+		return true;
+	}
+
+	$permission_scope = $is_global ? 'global' : 'local';
+
+	$result = $auth_admin->acl_add_option(array(
+		$permission_scope => array($permission_name),
+	));
+
+	if (!$result)
+	{
+		return $result;
+	}
+
+	// The permission has been added, now we can copy it if needed
+	if ($copy_from && isset($auth_admin->acl_options['id'][$copy_from]))
+	{
+		$old_id = $auth_admin->acl_options['id'][$copy_from];
+		$new_id = $auth_admin->acl_options['id'][$permission_name];
+
+		$tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE);
+
+		foreach ($tables as $table)
+		{
+			$sql = 'SELECT *
+				FROM ' . $table . '
+				WHERE auth_option_id = ' . $old_id;
+			$result = _sql($sql, $errored, $error_ary);
+
+			$sql_ary = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$row['auth_option_id'] = $new_id;
+				$sql_ary[] = $row;
+			}
+			$db->sql_freeresult($result);
+
+			if (sizeof($sql_ary))
+			{
+				$db->sql_multi_insert($table, $sql_ary);
+			}
+		}
+
+		$auth_admin->acl_clear_prefetch();
+	}
+
+	return true;
+}
+
 /****************************************************************************
 * ADD YOUR DATABASE SCHEMA CHANGES HERE										*
 *****************************************************************************/
@@ -1150,7 +1207,7 @@ function database_update_info()
 *****************************************************************************/
 function change_database_data(&$no_updates, $version)
 {
-	global $db, $errored, $error_ary, $config, $phpbb_root_path, $phpEx, $db_tools;
+	global $db, $db_tools, $errored, $error_ary, $config, $table_prefix, $phpbb_root_path, $phpEx;
 
 	$update_helpers = new phpbb_update_helpers();
 
@@ -1467,8 +1524,6 @@ function change_database_data(&$no_updates, $version)
 				),
 			);
 
-			global $db_tools;
-
 			$statements = $db_tools->perform_schema_changes($changes);
 
 			foreach ($statements as $sql)
@@ -2110,26 +2165,41 @@ function change_database_data(&$no_updates, $version)
 			}
 			$db->sql_freeresult($result);
 
-			global $db_tools, $table_prefix;
-
-			// Recover from potentially broken Q&A CAPTCHA table on firebird
-			// Q&A CAPTCHA was uninstallable, so it's safe to remove these
-			// without data loss
+			/*
+			* Due to a bug, vanilla phpbb could not create captcha tables
+			* in 3.0.8 on firebird. It was possible for board administrators
+			* to adjust the code to work. If code was manually adjusted by
+			* board administrators, index names would not be the same as
+			* what 3.0.9 and newer expect. This code fragment drops captcha
+			* tables, destroying all entered Q&A captcha configuration, such
+			* that when Q&A is configured next the respective tables will be
+			* created with correct index names.
+			*
+			* If you wish to preserve your Q&A captcha configuration, you can
+			* manually rename indexes to the currently expected name:
+			* 	phpbb_captcha_questions_lang_iso	=> phpbb_captcha_questions_lang
+			* 	phpbb_captcha_answers_question_id	=> phpbb_captcha_answers_qid
+			*
+			* Again, this needs to be done only if a board was manually modified
+			* to fix broken captcha code.
+			*
 			if ($db_tools->sql_layer == 'firebird')
 			{
-				$tables = array(
-					$table_prefix . 'captcha_questions',
-					$table_prefix . 'captcha_answers',
-					$table_prefix . 'qa_confirm',
+				$changes = array(
+					'drop_tables'	=> array(
+						$table_prefix . 'captcha_questions',
+						$table_prefix . 'captcha_answers',
+						$table_prefix . 'qa_confirm',
+					),
 				);
-				foreach ($tables as $table)
+				$statements = $db_tools->perform_schema_changes($changes);
+
+				foreach ($statements as $sql)
 				{
-					if ($db_tools->sql_table_exists($table))
-					{
-						$db_tools->sql_table_drop($table);
-					}
+					_sql($sql, $errored, $error_ary);
 				}
 			}
+			*/
 
 			$no_updates = false;
 		break;
@@ -2462,6 +2532,12 @@ function change_database_data(&$no_updates, $version)
 				unset($next_legend);
 			}
 
+			// Rename styles module to Customise
+			$sql = 'UPDATE ' . MODULES_TABLE . "
+				SET module_langname = 'ACP_CAT_CUSTOMISE'
+				WHERE module_langname = 'ACP_CAT_STYLES'";
+			_sql($sql, $errored, $error_ary);
+
 			// Install modules
 			$modules_to_install = array(
 				'position'	=> array(
@@ -2499,10 +2575,67 @@ function change_database_data(&$no_updates, $version)
 					'auth'		=> '',
 					'cat'		=> 'UCP_PROFILE',
 				),
+				// To add a category, the mode and basename must be empty
+				// The mode is taken from the array key
+				'' => array(
+					'base'		=> '',
+					'class'		=> 'acp',
+					'title'		=> 'ACP_EXTENSION_MANAGEMENT',
+					'auth'		=> 'acl_a_extensions',
+					'cat'		=> 'ACP_CAT_CUSTOMISE',
+				),
+				'extensions'    => array(
+					'base'		=> 'acp_extensions',
+					'class'		=> 'acp',
+					'title'		=> 'ACP_EXTENSIONS',
+					'auth'		=> 'acl_a_extensions',
+					'cat'		=> 'ACP_EXTENSION_MANAGEMENT',
+				),
 			);
 
 			_add_modules($modules_to_install);
 
+			// We need a separate array for the new language sub heading
+			// because it requires another empty key
+			$modules_to_install = array(
+				'' => array(
+					'base'	=> '',
+					'class'	=> 'acp',
+					'title'	=> 'ACP_LANGUAGE',
+					'auth'	=> 'acl_a_language',
+					'cat'	=> 'ACP_CAT_CUSTOMISE',
+				),
+			);
+
+			_add_modules($modules_to_install);
+
+			// Move language management to new location in the Customise tab
+			// First get language module id
+			$sql = 'SELECT module_id FROM ' . MODULES_TABLE . "
+				WHERE module_basename = 'acp_language'";
+			$result = $db->sql_query($sql);
+			$language_module_id = $db->sql_fetchfield('module_id');
+			$db->sql_freeresult($result);
+			// Next get language management module id of the one just created
+			$sql = 'SELECT module_id FROM ' . MODULES_TABLE . "
+				WHERE module_langname = 'ACP_LANGUAGE'";
+			$result = $db->sql_query($sql);
+			$language_management_module_id = $db->sql_fetchfield('module_id');
+			$db->sql_freeresult($result);
+
+			if (!class_exists('acp_modules'))
+			{
+				include($phpbb_root_path . 'includes/acp/acp_modules.' . $phpEx);
+			}
+			// acp_modules calls adm_back_link, which is undefined at this point
+			if (!function_exists('adm_back_link'))
+			{
+				include($phpbb_root_path . 'includes/functions_acp.' . $phpEx);
+			}
+			$module_manager = new acp_modules();
+			$module_manager->module_class = 'acp';
+			$module_manager->move_module($language_module_id, $language_management_module_id);
+
 			$sql = 'DELETE FROM ' . MODULES_TABLE . "
 				WHERE (module_basename = 'styles' OR module_basename = 'acp_styles') AND (module_mode = 'imageset' OR module_mode = 'theme' OR module_mode = 'template')";
 			_sql($sql, $errored, $error_ary);
@@ -2734,8 +2867,6 @@ function change_database_data(&$no_updates, $version)
 				$config->set('display_last_subject', '1');
 			}
 
-			$no_updates = false;
-
 			if (!isset($config['assets_version']))
 			{
 				$config->set('assets_version', '1');
@@ -2764,7 +2895,11 @@ function change_database_data(&$no_updates, $version)
 				set_config('board_timezone', $update_helpers->convert_phpbb30_timezone($config['board_timezone'], $config['board_dst']));
 
 				// After we have calculated the timezones we can delete user_dst column from user table.
-				$db_tools->sql_column_remove(USERS_TABLE, 'user_dst');
+				$statements = $db_tools->sql_column_remove(USERS_TABLE, 'user_dst');
+				foreach ($statements as $sql)
+				{
+					_sql($sql, $errored, $error_ary);
+				}
 			}
 
 			if (!isset($config['site_home_url']))
@@ -2774,7 +2909,7 @@ function change_database_data(&$no_updates, $version)
 			}
 
 			// PHPBB3-10601: Make inbox default. Add basename to ucp's pm category
-			
+
 			// Get the category wanted while checking, at the same time, if this has already been applied
 			$sql = 'SELECT module_id, module_basename
 					FROM ' . MODULES_TABLE . "
@@ -2791,11 +2926,28 @@ function change_database_data(&$no_updates, $version)
 					SET module_basename = 'ucp_pm'
 					WHERE  module_id = " . (int) $row['module_id'];
 
-				_sql($sql, $errored, $error_ary);		
+				_sql($sql, $errored, $error_ary);
 			}
 			$db->sql_freeresult($result);
 			
 
+			// Add new permissions
+			include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
+			$auth_admin = new auth_admin();
+
+			_add_permission($auth_admin, $db, 'u_chgprofileinfo', true, 'u_sig');
+			_add_permission($auth_admin, $db, 'a_extensions', true, 'a_styles');
+
+			// Update the auth setting for the module
+			$sql = 'UPDATE ' . MODULES_TABLE . "
+				SET module_auth = 'acl_u_chgprofileinfo'
+				WHERE module_class = 'ucp'
+					AND module_basename = 'ucp_profile'
+					AND module_mode = 'profile_info'";
+			_sql($sql, $errored, $error_ary);
+
+			$no_updates = false;
+
 		break;
 	}
 }