diff options
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/captcha/non_gd.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/session.php | 124 | ||||
| -rw-r--r-- | phpBB/phpbb/textformatter/s9e/link_helper.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/textformatter/s9e/parser.php | 20 |
4 files changed, 97 insertions, 55 deletions
diff --git a/phpBB/phpbb/captcha/non_gd.php b/phpBB/phpbb/captcha/non_gd.php index 3818672f17..8105187ed9 100644 --- a/phpBB/phpbb/captcha/non_gd.php +++ b/phpBB/phpbb/captcha/non_gd.php @@ -78,7 +78,7 @@ class non_gd for ($j = 0; $j < $code_len; $j++) { - $image .= $this->randomise(substr($hold_chars[$code{$j}][$i - $offset_y - 1], 1), $char_widths[$j]); + $image .= $this->randomise(substr($hold_chars[$code[$j]][$i - $offset_y - 1], 1), $char_widths[$j]); } for ($j = $offset_x + $img_width; $j < $this->width; $j++) @@ -117,7 +117,7 @@ class non_gd $end = strlen($scanline) - ceil($width/2); for ($i = (int) floor($width / 2); $i < $end; $i++) { - $pixel = ord($scanline{$i}); + $pixel = ord($scanline[$i]); if ($pixel < 190) { @@ -129,7 +129,7 @@ class non_gd } else { - $new_line .= $scanline{$i}; + $new_line .= $scanline[$i]; } } diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 7c76c08b73..6851bc8188 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -954,72 +954,96 @@ class session { global $db, $config, $phpbb_container, $phpbb_dispatcher; - $batch_size = 10; - if (!$this->time_now) { $this->time_now = time(); } - // Firstly, delete guest sessions - $sql = 'DELETE FROM ' . SESSIONS_TABLE . ' - WHERE session_user_id = ' . ANONYMOUS . ' - AND session_time < ' . (int) ($this->time_now - $config['session_length']); - $db->sql_query($sql); + /** + * Get expired sessions for registered users, only most recent for each user + * Inner SELECT gets most recent expired sessions for unique session_user_id + * Outer SELECT gets data for them + */ + $sql_select = 'SELECT s1.session_page, s1.session_user_id, s1.session_time AS recent_time + FROM ' . SESSIONS_TABLE . ' AS s1 + INNER JOIN ( + SELECT session_user_id, MAX(session_time) AS recent_time + FROM ' . SESSIONS_TABLE . ' + WHERE session_time < ' . ($this->time_now - (int) $config['session_length']) . ' + AND session_user_id <> ' . ANONYMOUS . ' + GROUP BY session_user_id + ) AS s2 + ON s1.session_user_id = s2.session_user_id + AND s1.session_time = s2.recent_time'; + + switch ($db->get_sql_layer()) + { + case 'sqlite3': + if (phpbb_version_compare($db->sql_server_info(true), '3.8.3', '>=')) + { + // For SQLite versions 3.8.3+ which support Common Table Expressions (CTE) + $sql = "WITH s3 (session_page, session_user_id, session_time) AS ($sql_select) + UPDATE " . USERS_TABLE . ' + SET (user_lastpage, user_lastvisit) = (SELECT session_page, session_time FROM s3 WHERE session_user_id = user_id) + WHERE EXISTS (SELECT session_user_id FROM s3 WHERE session_user_id = user_id)'; + $db->sql_query($sql); - // Get expired sessions, only most recent for each user - $sql = 'SELECT session_user_id, session_page, MAX(session_time) AS recent_time - FROM ' . SESSIONS_TABLE . ' - WHERE session_time < ' . ($this->time_now - $config['session_length']) . ' - GROUP BY session_user_id, session_page'; - $result = $db->sql_query_limit($sql, $batch_size); + break; + } - $del_user_id = array(); - $del_sessions = 0; + // No break, for SQLite versions prior to 3.8.3 and Oracle + case 'oracle': + $result = $db->sql_query($sql_select); + while ($row = $db->sql_fetchrow($result)) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_lastvisit = ' . (int) $row['recent_time'] . ", user_lastpage = '" . $db->sql_escape($row['session_page']) . "' + WHERE user_id = " . (int) $row['session_user_id']; + $db->sql_query($sql); + } + $db->sql_freeresult($result); + break; - while ($row = $db->sql_fetchrow($result)) - { - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_lastvisit = ' . (int) $row['recent_time'] . ", user_lastpage = '" . $db->sql_escape($row['session_page']) . "' - WHERE user_id = " . (int) $row['session_user_id']; - $db->sql_query($sql); + case 'mysqli': + $sql = 'UPDATE ' . USERS_TABLE . " u, + ($sql_select) s3 + SET u.user_lastvisit = s3.recent_time, u.user_lastpage = s3.session_page + WHERE u.user_id = s3.session_user_id"; + $db->sql_query($sql); + break; - $del_user_id[] = (int) $row['session_user_id']; - $del_sessions++; + default: + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_lastvisit = s3.recent_time, user_lastpage = s3.session_page + FROM ($sql_select) s3 + WHERE user_id = s3.session_user_id"; + $db->sql_query($sql); + break; } - $db->sql_freeresult($result); - if (count($del_user_id)) + // Delete all expired sessions + $sql = 'DELETE FROM ' . SESSIONS_TABLE . ' + WHERE session_time < ' . ($this->time_now - (int) $config['session_length']); + $db->sql_query($sql); + + // Update gc timer + $config->set('session_last_gc', $this->time_now, false); + + if ($config['max_autologin_time']) { - // Delete expired sessions - $sql = 'DELETE FROM ' . SESSIONS_TABLE . ' - WHERE ' . $db->sql_in_set('session_user_id', $del_user_id) . ' - AND session_time < ' . ($this->time_now - $config['session_length']); + $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' + WHERE last_login < ' . (time() - (86400 * (int) $config['max_autologin_time'])); $db->sql_query($sql); } - if ($del_sessions < $batch_size) - { - // Less than 10 users, update gc timer ... else we want gc - // called again to delete other sessions - $config->set('session_last_gc', $this->time_now, false); + // only called from CRON; should be a safe workaround until the infrastructure gets going + /* @var \phpbb\captcha\factory $captcha_factory */ + $captcha_factory = $phpbb_container->get('captcha.factory'); + $captcha_factory->garbage_collect($config['captcha_plugin']); - if ($config['max_autologin_time']) - { - $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' - WHERE last_login < ' . (time() - (86400 * (int) $config['max_autologin_time'])); - $db->sql_query($sql); - } - - // only called from CRON; should be a safe workaround until the infrastructure gets going - /* @var $captcha_factory \phpbb\captcha\factory */ - $captcha_factory = $phpbb_container->get('captcha.factory'); - $captcha_factory->garbage_collect($config['captcha_plugin']); - - $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' - WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); - $db->sql_query($sql); - } + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); + $db->sql_query($sql); /** * Event to trigger extension on session_gc diff --git a/phpBB/phpbb/textformatter/s9e/link_helper.php b/phpBB/phpbb/textformatter/s9e/link_helper.php index 483794a83e..1cd5dd2fa7 100644 --- a/phpBB/phpbb/textformatter/s9e/link_helper.php +++ b/phpBB/phpbb/textformatter/s9e/link_helper.php @@ -61,7 +61,7 @@ class link_helper $text = substr($parser->getText(), $start, $length); // Create a tag that consumes the link's text and make it depends on this tag - $link_text_tag = $parser->addSelfClosingTag('LINK_TEXT', $start, $length); + $link_text_tag = $parser->addSelfClosingTag('LINK_TEXT', $start, $length, 10); $link_text_tag->setAttribute('text', $text); $tag->cascadeInvalidationTo($link_text_tag); } diff --git a/phpBB/phpbb/textformatter/s9e/parser.php b/phpBB/phpbb/textformatter/s9e/parser.php index a36fc63141..f7e4668980 100644 --- a/phpBB/phpbb/textformatter/s9e/parser.php +++ b/phpBB/phpbb/textformatter/s9e/parser.php @@ -15,6 +15,7 @@ namespace phpbb\textformatter\s9e; use s9e\TextFormatter\Parser\AttributeFilters\UrlFilter; use s9e\TextFormatter\Parser\Logger; +use s9e\TextFormatter\Parser\Tag; /** * s9e\TextFormatter\Parser adapter @@ -219,7 +220,7 @@ class parser implements \phpbb\textformatter\parser_interface { $errors[] = array($msg, $context['max_' . strtolower($m[1])]); } - else if ($msg === 'Tag is disabled') + else if ($msg === 'Tag is disabled' && $this->is_a_bbcode($context['tag'])) { $name = strtolower($context['tag']->getName()); $errors[] = array('UNAUTHORISED_BBCODE', '[' . $name . ']'); @@ -396,4 +397,21 @@ class parser implements \phpbb\textformatter\parser_interface return $url; } + + /** + * Test whether given tag consumes text that looks like BBCode-styled markup + * + * @param Tag $tag Original tag + * @return bool + */ + protected function is_a_bbcode(Tag $tag) + { + if ($tag->getLen() < 3) + { + return false; + } + $markup = substr($this->parser->getText(), $tag->getPos(), $tag->getLen()); + + return (bool) preg_match('(^\\[\\w++.*?\\]$)s', $markup); + } } |