aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb')
-rw-r--r--phpBB/phpbb/avatar/driver/local.php4
-rw-r--r--phpBB/phpbb/avatar/driver/remote.php18
-rw-r--r--phpBB/phpbb/cron/manager.php1
-rw-r--r--phpBB/phpbb/db/migration/data/v30x/release_3_0_5_rc1.php5
-rw-r--r--phpBB/phpbb/db/migration/data/v310/contact_admin_form.php5
-rw-r--r--phpBB/phpbb/session.php65
-rw-r--r--phpBB/phpbb/version_helper.php2
7 files changed, 67 insertions, 33 deletions
diff --git a/phpBB/phpbb/avatar/driver/local.php b/phpBB/phpbb/avatar/driver/local.php
index 07b3ed59de..8888686b2d 100644
--- a/phpBB/phpbb/avatar/driver/local.php
+++ b/phpBB/phpbb/avatar/driver/local.php
@@ -154,7 +154,7 @@ class local extends \phpbb\avatar\driver\driver
*/
protected function get_avatar_list($user)
{
- $avatar_list = ($this->cache == null) ? false : $this->cache->get('avatar_local_list');
+ $avatar_list = ($this->cache == null) ? false : $this->cache->get('_avatar_local_list');
if ($avatar_list === false)
{
@@ -192,7 +192,7 @@ class local extends \phpbb\avatar\driver\driver
if ($this->cache != null)
{
- $this->cache->put('avatar_local_list', $avatar_list, 86400);
+ $this->cache->put('_avatar_local_list', $avatar_list, 86400);
}
}
diff --git a/phpBB/phpbb/avatar/driver/remote.php b/phpBB/phpbb/avatar/driver/remote.php
index 1bd7f6c927..4b0ee3f06f 100644
--- a/phpBB/phpbb/avatar/driver/remote.php
+++ b/phpBB/phpbb/avatar/driver/remote.php
@@ -130,8 +130,24 @@ class remote extends \phpbb\avatar\driver\driver
{
// Timeout after 1 second
stream_set_timeout($file_stream, 1);
+ // read some data to ensure headers are present
+ fread($file_stream, 1024);
$meta = stream_get_meta_data($file_stream);
- foreach ($meta['wrapper_data'] as $header)
+
+ if (isset($meta['wrapper_data']['headers']) && is_array($meta['wrapper_data']['headers']))
+ {
+ $headers = $meta['wrapper_data']['headers'];
+ }
+ else if (isset($meta['wrapper_data']) && is_array($meta['wrapper_data']))
+ {
+ $headers = $meta['wrapper_data'];
+ }
+ else
+ {
+ $headers = array();
+ }
+
+ foreach ($headers as $header)
{
$header = preg_split('/ /', $header, 2);
if (strtr(strtolower(trim($header[0], ':')), '_', '-') === 'content-type')
diff --git a/phpBB/phpbb/cron/manager.php b/phpBB/phpbb/cron/manager.php
index 5c8ac04b77..079ce8107e 100644
--- a/phpBB/phpbb/cron/manager.php
+++ b/phpBB/phpbb/cron/manager.php
@@ -73,6 +73,7 @@ class manager
*/
public function find_one_ready_task()
{
+ shuffle($this->tasks);
foreach ($this->tasks as $task)
{
if ($task->is_ready())
diff --git a/phpBB/phpbb/db/migration/data/v30x/release_3_0_5_rc1.php b/phpBB/phpbb/db/migration/data/v30x/release_3_0_5_rc1.php
index f593c32181..2cc7786046 100644
--- a/phpBB/phpbb/db/migration/data/v30x/release_3_0_5_rc1.php
+++ b/phpBB/phpbb/db/migration/data/v30x/release_3_0_5_rc1.php
@@ -55,6 +55,9 @@ class release_3_0_5_rc1 extends \phpbb\db\migration\migration
public function hash_old_passwords()
{
+ global $phpbb_container;
+
+ $passwords_manager = $phpbb_container->get('passwords.manager');
$sql = 'SELECT user_id, user_password
FROM ' . $this->table_prefix . 'users
WHERE user_pass_convert = 1';
@@ -65,7 +68,7 @@ class release_3_0_5_rc1 extends \phpbb\db\migration\migration
if (strlen($row['user_password']) == 32)
{
$sql_ary = array(
- 'user_password' => phpbb_hash($row['user_password']),
+ 'user_password' => '$CP$' . $passwords_manager->hash($row['user_password'], 'passwords.driver.salted_md5'),
);
$this->sql_query('UPDATE ' . $this->table_prefix . 'users SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $row['user_id']);
diff --git a/phpBB/phpbb/db/migration/data/v310/contact_admin_form.php b/phpBB/phpbb/db/migration/data/v310/contact_admin_form.php
index c2dd09ddf6..5736369f1a 100644
--- a/phpBB/phpbb/db/migration/data/v310/contact_admin_form.php
+++ b/phpBB/phpbb/db/migration/data/v310/contact_admin_form.php
@@ -20,6 +20,11 @@ class contact_admin_form extends \phpbb\db\migration\migration
return isset($this->config['contact_admin_form_enable']);
}
+ static public function depends_on()
+ {
+ return array('\phpbb\db\migration\data\v310\config_db_text');
+ }
+
public function update_data()
{
return array(
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index cf8ea1877e..477e91efd6 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -577,6 +577,43 @@ class session
}
}
+ $provider_collection = $phpbb_container->get('auth.provider_collection');
+ $provider = $provider_collection->get_provider();
+ $this->data = $provider->autologin();
+
+ if ($user_id !== false && sizeof($this->data) && $this->data['user_id'] != $user_id)
+ {
+ $this->data = array();
+ }
+
+ if (sizeof($this->data))
+ {
+ $this->cookie_data['k'] = '';
+ $this->cookie_data['u'] = $this->data['user_id'];
+ }
+
+ // If we're presented with an autologin key we'll join against it.
+ // Else if we've been passed a user_id we'll grab data based on that
+ if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
+ {
+ $sql = 'SELECT u.*
+ FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
+ WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
+ AND k.user_id = u.user_id
+ AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
+ $result = $db->sql_query($sql);
+ $user_data = $db->sql_fetchrow($result);
+
+ if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+ {
+ $this->data = $user_data;
+ $bot = false;
+ }
+
+ $db->sql_freeresult($result);
+ }
+
if ($user_id !== false && !sizeof($this->data))
{
$this->cookie_data['k'] = '';
@@ -591,34 +628,6 @@ class session
$db->sql_freeresult($result);
$bot = false;
}
- else if (!$bot)
- {
- $provider_collection = $phpbb_container->get('auth.provider_collection');
- $provider = $provider_collection->get_provider();
- $this->data = $provider->autologin();
-
- if (sizeof($this->data))
- {
- $this->cookie_data['k'] = '';
- $this->cookie_data['u'] = $this->data['user_id'];
- }
-
- // If we're presented with an autologin key we'll join against it.
- // Else if we've been passed a user_id we'll grab data based on that
- if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
- {
- $sql = 'SELECT u.*
- FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
- WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
- AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
- AND k.user_id = u.user_id
- AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
- $result = $db->sql_query($sql);
- $this->data = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- $bot = false;
- }
- }
// Bot user, if they have a SID in the Request URI we need to get rid of it
// otherwise they'll index this page with the SID, duplicate content oh my!
diff --git a/phpBB/phpbb/version_helper.php b/phpBB/phpbb/version_helper.php
index 968a57428f..96386f6d04 100644
--- a/phpBB/phpbb/version_helper.php
+++ b/phpBB/phpbb/version_helper.php
@@ -239,7 +239,7 @@ class version_helper
*/
public function get_versions($force_update = false, $force_cache = false)
{
- $cache_file = 'versioncheck_' . $this->host . $this->path . $this->file;
+ $cache_file = '_versioncheck_' . $this->host . $this->path . $this->file;
$info = $this->cache->get($cache_file);
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-14 09:20:07 +0000