5 files changed, 63 insertions, 37 deletions
diff --git a/phpBB/phpbb/avatar/driver/local.php b/phpBB/phpbb/avatar/driver/local.php
index 8888686b2d..36087f8ba0 100644
--- a/phpBB/phpbb/avatar/driver/local.php
+++ b/phpBB/phpbb/avatar/driver/local.php
@@ -23,8 +23,10 @@ class local extends \phpbb\avatar\driver\driver
 	*/
 	public function get_data($row)
 	{
+		$root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $this->path_helper->get_web_root_path();
+
 		return array(
-			'src' => $this->path_helper->get_web_root_path() . $this->config['avatar_gallery_path'] . '/' . $row['avatar'],
+			'src' => $root_path . $this->config['avatar_gallery_path'] . '/' . $row['avatar'],
 			'width' => $row['avatar_width'],
 			'height' => $row['avatar_height'],
 		);
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php
index 003b23659f..ee36243844 100644
--- a/phpBB/phpbb/avatar/driver/upload.php
+++ b/phpBB/phpbb/avatar/driver/upload.php
@@ -48,8 +48,10 @@ class upload extends \phpbb\avatar\driver\driver
 	*/
 	public function get_data($row, $ignore_config = false)
 	{
+		$root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $this->path_helper->get_web_root_path();
+
 		return array(
-			'src' => $this->path_helper->get_web_root_path() . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'],
+			'src' => $root_path . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'],
 			'width' => $row['avatar_width'],
 			'height' => $row['avatar_height'],
 		);
diff --git a/phpBB/phpbb/captcha/plugins/qa.php b/phpBB/phpbb/captcha/plugins/qa.php
index a7ba994cc3..04052b3406 100644
--- a/phpBB/phpbb/captcha/plugins/qa.php
+++ b/phpBB/phpbb/captcha/plugins/qa.php
@@ -125,7 +125,7 @@ class qa
 	*/
 	public function is_available()
 	{
-		global $config, $db, $phpbb_root_path, $phpEx, $user;
+		global $config, $db, $user;
 
 		// load language file for pretty display in the ACP dropdown
 		$user->add_lang('captcha_qa');
@@ -263,7 +263,7 @@ class qa
 	*/
 	function garbage_collect($type = 0)
 	{
-		global $db, $config;
+		global $db;
 
 		$sql = 'SELECT c.confirm_id
 			FROM ' . $this->table_qa_confirm . ' c
@@ -310,8 +310,6 @@ class qa
 
 		$db_tool = new \phpbb\db\tools($db);
 
-		$tables = array($this->table_captcha_questions, $this->table_captcha_answers, $this->table_qa_confirm);
-
 		$schemas = array(
 				$this->table_captcha_questions		=> array (
 					'COLUMNS' => array(
@@ -366,7 +364,7 @@ class qa
 	*/
 	function validate()
 	{
-		global $config, $db, $user;
+		global $user;
 
 		$error = '';
 
@@ -414,7 +412,7 @@ class qa
 
 		if (!sizeof($this->question_ids))
 		{
-			return false;
+			return;
 		}
 		$this->confirm_id = md5(unique_id($user->ip));
 		$this->question = (int) array_rand($this->question_ids);
@@ -440,7 +438,7 @@ class qa
 
 		if (!sizeof($this->question_ids))
 		{
-			return false;
+			return;
 		}
 
 		$this->question = (int) array_rand($this->question_ids);
@@ -611,8 +609,8 @@ class qa
 	*/
 	function acp_page($id, &$module)
 	{
-		global $db, $user, $auth, $template;
-		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+		global $user, $template;
+		global $config;
 
 		$user->add_lang('acp/board');
 		$user->add_lang('captcha_qa');
@@ -674,11 +672,7 @@ class qa
 		else
 		{
 			// okay, show the editor
-			$error = false;
-			$input_question = request_var('question_text', '', true);
-			$input_answers = request_var('answers', '', true);
-			$input_lang = request_var('lang_iso', '', true);
-			$input_strict = request_var('strict', false);
+			$question_input = $this->acp_get_question_input();
 			$langs = $this->get_languages();
 
 			foreach ($langs as $lang => $entry)
@@ -697,13 +691,11 @@ class qa
 			{
 				if ($question = $this->acp_get_question_data($question_id))
 				{
-					$answers = (isset($input_answers[$lang])) ? $input_answers[$lang] : implode("\n", $question['answers']);
-
 					$template->assign_vars(array(
-						'QUESTION_TEXT'		=> ($input_question) ? $input_question : $question['question_text'],
-						'LANG_ISO'			=> ($input_lang) ? $input_lang : $question['lang_iso'],
-						'STRICT'			=> (isset($_REQUEST['strict'])) ? $input_strict : $question['strict'],
-						'ANSWERS'			=> $answers,
+						'QUESTION_TEXT'		=> ($question_input['question_text']) ? $question_input['question_text'] : $question['question_text'],
+						'LANG_ISO'			=> ($question_input['lang_iso']) ? $question_input['lang_iso'] : $question['lang_iso'],
+						'STRICT'			=> (isset($_REQUEST['strict'])) ? $question_input['strict'] : $question['strict'],
+						'ANSWERS'			=> implode("\n", $question['answers']),
 					));
 				}
 				else
@@ -714,18 +706,16 @@ class qa
 			else
 			{
 				$template->assign_vars(array(
-					'QUESTION_TEXT'		=> $input_question,
-					'LANG_ISO'			=> $input_lang,
-					'STRICT'			=> $input_strict,
-					'ANSWERS'			=> $input_answers,
+					'QUESTION_TEXT'		=> $question_input['question_text'],
+					'LANG_ISO'			=> $question_input['lang_iso'],
+					'STRICT'			=> $question_input['strict'],
+					'ANSWERS'			=> (is_array($question_input['answers'])) ? implode("\n", $question_input['answers']) : '',
 				));
 			}
 
 			if ($submit && check_form_key($form_key))
 			{
-				$data = $this->acp_get_question_input();
-
-				if (!$this->validate_input($data))
+				if (!$this->validate_input($question_input))
 				{
 					$template->assign_vars(array(
 						'S_ERROR'			=> true,
@@ -735,11 +725,11 @@ class qa
 				{
 					if ($question_id)
 					{
-						$this->acp_update_question($data, $question_id);
+						$this->acp_update_question($question_input, $question_id);
 					}
 					else
 					{
-						$this->acp_add_question($data);
+						$this->acp_add_question($question_input);
 					}
 
 					add_log('admin', 'LOG_CONFIG_VISUAL');
@@ -819,6 +809,8 @@ class qa
 
 			return $question;
 		}
+
+		return false;
 	}
 
 	/**
@@ -827,13 +819,21 @@ class qa
 	function acp_get_question_input()
 	{
 		$answers = utf8_normalize_nfc(request_var('answers', '', true));
+
+		// Convert answers into array and filter if answers are set
+		if (strlen($answers))
+		{
+			$answers = array_filter(array_map('trim', explode("\n", $answers)), function ($value) {
+				return $value !== '';
+			});
+		}
+
 		$question = array(
 			'question_text'	=> request_var('question_text', '', true),
 			'strict'		=> request_var('strict', false),
 			'lang_iso'		=> request_var('lang_iso', ''),
-			'answers'		=> (strlen($answers)) ? explode("\n", $answers) : '',
+			'answers'		=> $answers,
 		);
-
 		return $question;
 	}
 
diff --git a/phpBB/phpbb/content_visibility.php b/phpBB/phpbb/content_visibility.php
index 700009da6a..0ba0489cb7 100644
--- a/phpBB/phpbb/content_visibility.php
+++ b/phpBB/phpbb/content_visibility.php
@@ -237,7 +237,7 @@ class content_visibility
 			if (!sizeof($forum_ids))
 			{
 				// The user can see all posts/topics in all specified forums
-				return $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums);
+				return $where_sql . $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums) . ')';
 			}
 			else
 			{
@@ -248,8 +248,8 @@ class content_visibility
 		else
 		{
 			// The user is just a normal user
-			return $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
-				AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true);
+			return $where_sql . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
+				AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true) . ')';
 		}
 
 		$where_sql .= '(' . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
diff --git a/phpBB/phpbb/db/migration/data/v310/avatars.php b/phpBB/phpbb/db/migration/data/v310/avatars.php
index 2698adeed5..9b03a8fa94 100644
--- a/phpBB/phpbb/db/migration/data/v310/avatars.php
+++ b/phpBB/phpbb/db/migration/data/v310/avatars.php
@@ -17,7 +17,29 @@ class avatars extends \phpbb\db\migration\migration
 {
 	public function effectively_installed()
 	{
-		return isset($this->config['allow_avatar_gravatar']);
+		// Get current avatar type of guest user
+		$sql = 'SELECT user_avatar_type
+			FROM ' . $this->table_prefix . 'users
+			WHERE user_id = ' . ANONYMOUS;
+		$result = $this->db->sql_query($sql);
+		$backup_type = $this->db->sql_fetchfield('user_avatar_type');
+		$this->db->sql_freeresult($result);
+
+		// Try to set avatar type to string
+		$sql = 'UPDATE ' . $this->table_prefix . "users
+			SET user_avatar_type = 'avatar.driver.upload'
+			WHERE user_id = " . ANONYMOUS;
+		$this->db->sql_return_on_error(true);
+		$effectively_installed = $this->db->sql_query($sql);
+		$this->db->sql_return_on_error();
+
+		// Restore avatar type of guest user to previous state
+		$sql = 'UPDATE ' . $this->table_prefix . "users
+			SET user_avatar_type = '{$backup_type}'
+			WHERE user_id = " . ANONYMOUS;
+		$this->db->sql_query($sql);
+
+		return $effectively_installed !== false;
 	}
 
 	static public function depends_on()