diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-11-25 16:47:22 +0100 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-11-25 16:47:22 +0100 |
| commit | 1a0cba1099a554323391d7dc43004cbcaaf3ade8 (patch) | |
| tree | 7bf336e4acde626b03a1962d955a96b1070467ca | |
| parent | 8f67892f5ef63144f394b6913aeaa9ca3479d33d (diff) | |
| parent | f4898b9258c8365f3aae7fc945c3f156ec9f0ad4 (diff) | |
| download | forums-1a0cba1099a554323391d7dc43004cbcaaf3ade8.tar forums-1a0cba1099a554323391d7dc43004cbcaaf3ade8.tar.gz forums-1a0cba1099a554323391d7dc43004cbcaaf3ade8.tar.bz2 forums-1a0cba1099a554323391d7dc43004cbcaaf3ade8.tar.xz forums-1a0cba1099a554323391d7dc43004cbcaaf3ade8.zip | |
Merge branch 'develop-ascraeus' into develop
Conflicts:
build/build.xml
phpBB/includes/constants.php
phpBB/install/schemas/schema_data.sql
phpBB/styles/prosilver/style.cfg
phpBB/styles/subsilver2/style.cfg
| -rw-r--r-- | build/build.xml | 4 | ||||
| -rw-r--r-- | phpBB/docs/CHANGELOG.html | 154 | ||||
| -rw-r--r-- | phpBB/includes/startup.php | 28 | ||||
| -rw-r--r-- | phpBB/install/convertors/convert_phpbb20.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v31x/v312.php | 31 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v31x/v312rc1.php | 32 |
6 files changed, 189 insertions, 62 deletions
diff --git a/build/build.xml b/build/build.xml index 16798f0e97..01a1dbdb96 100644 --- a/build/build.xml +++ b/build/build.xml @@ -3,8 +3,8 @@ <project name="phpBB" description="The phpBB forum software" default="all" basedir="../"> <!-- a few settings for the build --> <property name="newversion" value="3.2.0-a1-dev" /> - <property name="prevversion" value="3.1.1" /> - <property name="olderversions" value="3.0.12, 3.1.0-a1, 3.1.0-a2, 3.1.0-a3, 3.1.0-b1, 3.1.0-b2, 3.1.0-b3, 3.1.0-b4, 3.1.0-RC1, 3.1.0-RC2, 3.1.0-RC3, 3.1.0-RC4, 3.1.0-RC5, 3.1.0-RC6, 3.1.0" /> + <property name="prevversion" value="3.1.2" /> + <property name="olderversions" value="3.0.12, 3.1.0-a1, 3.1.0-a2, 3.1.0-a3, 3.1.0-b1, 3.1.0-b2, 3.1.0-b3, 3.1.0-b4, 3.1.0-RC1, 3.1.0-RC2, 3.1.0-RC3, 3.1.0-RC4, 3.1.0-RC5, 3.1.0-RC6, 3.1.0, 3.1.1, 3.1.2-RC1" /> <!-- no configuration should be needed beyond this point --> <property name="oldversions" value="${olderversions}, ${prevversion}" /> diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 4d96aa4981..5cf98e20fc 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -46,6 +46,7 @@ <ol> <li><a href="#changelog">Changelog</a> <ol style="list-style-type: lower-roman;"> + <li><a href="#v311">Changes since 3.1.1</a></li> <li><a href="#v310">Changes since 3.1.0</a></li> <li><a href="#v310RC6">Changes since 3.1.0-RC6</a></li> <li><a href="#v310RC5">Changes since 3.1.0-RC5</a></li> @@ -101,7 +102,88 @@ <div class="content"> - <a name="v310"></a><h3>1.i. Changes since 3.1.0</h3> + <a name="v311"></a><h3>1.i. Changes since 3.1.1</h3> + + <h4>Security</h4> + <ul> + <li>[SECURITY-171] - Version helper does not properly escape version info</li> + <li>[SECURITY-169] - AJAX request with unexpected referrer causes infinite loop</li> + </ul> + + <h4>Bug</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10442">PHPBB3-10442</a>] - XHTML is invalid when a forum link without redirect counter is present</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10744">PHPBB3-10744</a>] - Prevent user from installing styles with reserved directory names</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11863">PHPBB3-11863</a>] - User registration settings show incorrectly as disabled when board-wide emails are disabled</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12703">PHPBB3-12703</a>] - Notification System sends exact same SQL query multiple times</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13083">PHPBB3-13083</a>] - Language correction in NO_ENTRIES in acp_logs</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13100">PHPBB3-13100</a>] - Don't display "delete reason" dialog for shadow-topics</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13193">PHPBB3-13193</a>] - Post counts in Private Messages should link to the user's posts</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13197">PHPBB3-13197</a>] - Group Avatar not deleted from users</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13204">PHPBB3-13204</a>] - Login flood control error supresses incorrect credential error</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13209">PHPBB3-13209</a>] - Boolean (Yes/No) custom profile field doesn't show given name</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13216">PHPBB3-13216</a>] - Datetime tests fail randomly</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13228">PHPBB3-13228</a>] - "Code: Select all" font-size too big in Private Messages</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13239">PHPBB3-13239</a>] - CanĀ“t upload Attachments on iOS</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13241">PHPBB3-13241</a>] - Topics are being duplicated in multipage forums</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13242">PHPBB3-13242</a>] - Validation error in Contact a Board Administrator</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13243">PHPBB3-13243</a>] - Debug error when clicking Re-check all versions on ACP manage extensions page</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13251">PHPBB3-13251</a>] - Database password containing special characters no longer accepted after upgrade to 3.1.0</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13253">PHPBB3-13253</a>] - MCP queue link in active topics search is missing</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13265">PHPBB3-13265</a>] - "Edit profile" link on view-own-profile page should only show if user has permission to edit</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13270">PHPBB3-13270</a>] - Upgrading from 3.0.12 to 3.1.1 does not display moderator soft delete permissions</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13277">PHPBB3-13277</a>] - Move Up & Down does not take work in Internet Explorer</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13280">PHPBB3-13280</a>] - $user->page['page'] - is invalid resulting in confirm_box() not working correctly</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13284">PHPBB3-13284</a>] - Message body not included in email topic message </li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13298">PHPBB3-13298</a>] - Use mysql_free_result to free result sets which were requested using mysql_query()</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13300">PHPBB3-13300</a>] - Jabber field still shown in profile when feature is disabled</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13301">PHPBB3-13301</a>] - Apache Authentication is probably broken</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13303">PHPBB3-13303</a>] - Migrator caught in loop calculating dependencies</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13315">PHPBB3-13315</a>] - Upgrade from 3.0.12 to 3.1.1 resets CAPTCHA selection</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13316">PHPBB3-13316</a>] - reCAPTCHA does not work on secured connection</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13318">PHPBB3-13318</a>] - login_username doesn't have multibyte parameter set to true</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13323">PHPBB3-13323</a>] - posting.php can pass invalid auth option to acl_get()</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13332">PHPBB3-13332</a>] - Insufficient information passed to password drivers for converted boards</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13337">PHPBB3-13337</a>] - Mark subforums read triggers error if subforums contain no topics</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13338">PHPBB3-13338</a>] - Some tests fail when run on their own</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13342">PHPBB3-13342</a>] - 310/captcha_plugins migration changes recaptcha to nogd</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13349">PHPBB3-13349</a>] - Incorrect entities used for breadcrumb separator in CSS</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13354">PHPBB3-13354</a>] - Unknown column 'topic_logs' in 'where clause' when deleting topic log in MCP</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13376">PHPBB3-13376</a>] - deregister_globals() does not work correctly when $_COOKIE['GLOBALS'] is specified</li> + </ul> + + <h4>Improvement</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12681">PHPBB3-12681</a>] - Cache the compiled routes and dump the url_generator</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12885">PHPBB3-12885</a>] - Wrong index page title when using Board Index text</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13023">PHPBB3-13023</a>] - [event] - Add Event posting_editor_buttons_custom_tags_before</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13133">PHPBB3-13133</a>] - Allow @vendor_extname in INCLUDECSS</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13182">PHPBB3-13182</a>] - [event] - Add posting.php core event to allow modifying the message before parsing</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13220">PHPBB3-13220</a>] - [event] - Add template events to memberlist_search.html</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13290">PHPBB3-13290</a>] - [event] - Add template event index_body_forumlist_body_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13294">PHPBB3-13294</a>] - [event] - Add message_parser.php core event for additional message handling before parsing</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13297">PHPBB3-13297</a>] - Add unicode modifier to url/email regular expression patterns</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13309">PHPBB3-13309</a>] - [event] - Add ACP template event acp_email_options_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13310">PHPBB3-13310</a>] - [event] - Add core event core.acp_email_modify_sql</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13326">PHPBB3-13326</a>] - Add viewtopic_url variable to a viewtopic event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13328">PHPBB3-13328</a>] - [event] - Add event core.mcp_view_forum_modify_sql</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13347">PHPBB3-13347</a>] - [event] - Add new template events to acp_forums.html</li> + </ul> + + <h4>New Feature</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12962">PHPBB3-12962</a>] - Use phantomjs and webdriver for UI testing</li> + </ul> + + <h4>Task</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13324">PHPBB3-13324</a>] - Composer no longer downloads sami/sami and fabpot/goutte</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13325">PHPBB3-13325</a>] - Make installing dependencies for tests more user friendly or optional</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13331">PHPBB3-13331</a>] - Sami run as part of phing MUST NOT switch branches</li> + </ul> + + + <a name="v310"></a><h3>1.ii. Changes since 3.1.0</h3> <h4>Security</h4> <ul> @@ -119,7 +201,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13262">PHPBB3-13262</a>] - Add note to docs about htaccess file when upgrading 3.0 to 3.1</li> </ul> - <a name="v310RC6"></a><h3>1.i. Changes since 3.1.0-RC6</h3> + <a name="v310RC6"></a><h3>1.iii. Changes since 3.1.0-RC6</h3> <h4>Bug</h4> <ul> @@ -147,7 +229,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13215">PHPBB3-13215</a>] - Update Symfony Components to 2.3.21</li> </ul> - <a name="v310RC5"></a><h3>1.ii. Changes since 3.1.0-RC5</h3> + <a name="v310RC5"></a><h3>1.iv. Changes since 3.1.0-RC5</h3> <h4>Bug</h4> <ul> @@ -188,7 +270,7 @@ </ul> - <a name="v310RC4"></a><h3>1.iii. Changes since 3.1.0-RC4</h3> + <a name="v310RC4"></a><h3>1.v. Changes since 3.1.0-RC4</h3> <h4>Bug</h4> <ul> @@ -255,7 +337,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13123">PHPBB3-13123</a>] - Add events to allow post blocking and post pre/past processing</li> </ul> - <a name="v310RC3"></a><h3>1.iv. Changes since 3.1.0-RC3</h3> + <a name="v310RC3"></a><h3>1.vi. Changes since 3.1.0-RC3</h3> <h4>Bug</h4> <ul> @@ -345,7 +427,7 @@ </ul> - <a name="v310RC2"></a><h3>1.v. Changes since 3.1.0-RC2</h3> + <a name="v310RC2"></a><h3>1.vii. Changes since 3.1.0-RC2</h3> <h4>Bug</h4> <ul> @@ -469,7 +551,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12948">PHPBB3-12948</a>] - Remove Travis CI "broken opcache on PHP 5.5.7 and 5.5.8" workaround.</li> </ul> - <a name="v310RC1"></a><h3>1.vi. Changes since 3.1.0-RC1</h3> + <a name="v310RC1"></a><h3>1.viii. Changes since 3.1.0-RC1</h3> <h4>Bug</h4> <ul> @@ -540,7 +622,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12829">PHPBB3-12829</a>] - Remove check for pgsql 8.3/8.2</li> </ul> - <a name="v310b4"></a><h3>1.vii. Changes since 3.1.0-b4</h3> + <a name="v310b4"></a><h3>1.ix. Changes since 3.1.0-b4</h3> <h4>Bug</h4> <ul> @@ -660,7 +742,7 @@ </ul> - <a name="v310b3"></a><h3>1.viii. Changes since 3.1.0-b3</h3> + <a name="v310b3"></a><h3>1.x. Changes since 3.1.0-b3</h3> <h4>Bug</h4> <ul> @@ -767,7 +849,7 @@ </ul> - <a name="v310b2"></a><h3>1.ix. Changes since 3.1.0-b2</h3> + <a name="v310b2"></a><h3>1.xi. Changes since 3.1.0-b2</h3> <h4>Bug</h4> <ul> @@ -932,7 +1014,7 @@ </ul> - <a name="v310b1"></a><h3>1.x. Changes since 3.1.0-b1</h3> + <a name="v310b1"></a><h3>1.xii. Changes since 3.1.0-b1</h3> <h4>Bug</h4> <ul> @@ -1000,7 +1082,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12302">PHPBB3-12302</a>] - Upgrade composer.phar to 1.0.0-alpha8</li> </ul> - <a name="v310a3"></a><h3>1.xi. Changes since 3.1.0-a3</h3> + <a name="v310a3"></a><h3>1.xiii. Changes since 3.1.0-a3</h3> <h4>Bug</h4> <ul> @@ -1147,7 +1229,7 @@ </ul> - <a name="v310a2"></a><h3>1.xii. Changes since 3.1.0-a2</h3> + <a name="v310a2"></a><h3>1.xiv. Changes since 3.1.0-a2</h3> <h4>Bug</h4> <ul> @@ -1255,7 +1337,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12147">PHPBB3-12147</a>] - Remove Travis CI notification configuration</li> </ul> - <a name="v310a1"></a><h3>1.xiii. Changes since 3.1.0-a1</h3> + <a name="v310a1"></a><h3>1.xv. Changes since 3.1.0-a1</h3> <h4>Bug</h4> <ul> @@ -1331,7 +1413,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11998">PHPBB3-11998</a>] - Add console / command line client environment </li> </ul> - <a name="v30x"></a><h3>1.xiv. Changes since 3.0.x</h3> + <a name="v30x"></a><h3>1.xvi. Changes since 3.0.x</h3> <h4>Bug</h4> <ul> @@ -2012,7 +2094,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11913">PHPBB3-11913</a>] - Apply reorganisation of download.phpbb.com to build_announcement.php</li> </ul> - <a name="v3011"></a><h3>1.xv. Changes since 3.0.11</h3> + <a name="v3011"></a><h3>1.xvii. Changes since 3.0.11</h3> <h4>Bug</h4> <ul> @@ -2167,7 +2249,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11753">PHPBB3-11753</a>] - Upgrade mysql_upgrader.php schema data.</li> </ul> - <a name="v3010"></a><h3>1.xvi. Changes since 3.0.10</h3> + <a name="v3010"></a><h3>1.xviii. Changes since 3.0.10</h3> <h4>Bug</h4> <ul> @@ -2292,7 +2374,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10909">PHPBB3-10909</a>] - Update Travis Test Configuration: Travis no longer supports PHP 5.3.2</li> </ul> - <a name="v309"></a><h3>1.xvii. Changes since 3.0.9</h3> + <a name="v309"></a><h3>1.xix. Changes since 3.0.9</h3> <h4>Bug</h4> <ul> @@ -2428,7 +2510,7 @@ <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10480">PHPBB3-10480</a>] - Automate changelog building</li> </ul> - <a name="v308"></a><h3>1.xviii. Changes since 3.0.8</h3> + <a name="v308"></a><h3>1.xx. Changes since 3.0.8</h3> <h4> Bug </h4> @@ -2796,7 +2878,7 @@ </ul> - <a name="v307-PL1"></a><h3>1.xix. Changes since 3.0.7-PL1</h3> + <a name="v307-PL1"></a><h3>1.xxi. Changes since 3.0.7-PL1</h3> <h4> Security </h4> <ul> @@ -3254,13 +3336,13 @@ </ul> - <a name="v307"></a><h3>1.xx. Changes since 3.0.7</h3> + <a name="v307"></a><h3>1.xxii. Changes since 3.0.7</h3> <ul> <li>[Sec] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)</li> </ul> - <a name="v306"></a><h3>1.xxi. Changes since 3.0.6</h3> + <a name="v306"></a><h3>1.xxiii. Changes since 3.0.6</h3> <ul> <li>[Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)</li> @@ -3364,7 +3446,7 @@ </ul> - <a name="v305"></a><h3>1.xxii. Changes since 3.0.5</h3> + <a name="v305"></a><h3>1.xxiv. Changes since 3.0.5</h3> <ul> <li>[Fix] Allow whitespaces in avatar gallery names. (Bug #44955)</li> @@ -3586,7 +3668,7 @@ <li>[Feature] Send anonymous statistical information to phpBB on installation and update (optional).</li> </ul> - <a name="v304"></a><h3>1.xxiii. Changes since 3.0.4</h3> + <a name="v304"></a><h3>1.xxv. Changes since 3.0.4</h3> <ul> <li>[Fix] Delete user entry from ban list table upon user deletion (Bug #40015 - Patch by TerraFrost)</li> @@ -3675,7 +3757,7 @@ <li>[Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen)</li> </ul> - <a name="v303"></a><h3>1.xxiv. Changes since 3.0.3</h3> + <a name="v303"></a><h3>1.xxvi. Changes since 3.0.3</h3> <ul> <li>[Fix] Allow mixed-case template directories to be inherited (Bug #36725)</li> @@ -3707,7 +3789,7 @@ <li>[Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)</li> </ul> - <a name="v302"></a><h3>1.xxv. Changes since 3.0.2</h3> + <a name="v302"></a><h3>1.xxvii. Changes since 3.0.2</h3> <ul> <li>[Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048)</li> @@ -3806,7 +3888,7 @@ <li>[Sec Precaution] Stricter validation of the HTTP_HOST header (Thanks to Techie-Micheal et al for pointing out possible issues in derived code)</li> </ul> - <a name="v301"></a><h3>1.xxvi. Changes since 3.0.1</h3> + <a name="v301"></a><h3>1.xxviii. Changes since 3.0.1</h3> <ul> <li>[Fix] Ability to set permissions on non-mysql dbms (Bug #24955)</li> @@ -3854,7 +3936,7 @@ <li>[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)</li> </ul> - <a name="v300"></a><h3>1.xxvii. Changes since 3.0.0</h3> + <a name="v300"></a><h3>1.xxix. Changes since 3.0.0</h3> <ul> <li>[Change] Validate birthdays (Bug #15004)</li> @@ -3925,7 +4007,7 @@ <li>[Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)</li> </ul> - <a name="v30rc8"></a><h3>1.xxviii. Changes since 3.0.RC8</h3> + <a name="v30rc8"></a><h3>1.xxx. Changes since 3.0.RC8</h3> <ul> <li>[Fix] Cleaned usernames contain only single spaces, so "a_name" and "a__name" are treated as the same name (Bug #15634)</li> @@ -3934,7 +4016,7 @@ <li>[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)</li> </ul> - <a name="v30rc7"></a><h3>1.xxix. Changes since 3.0.RC7</h3> + <a name="v30rc7"></a><h3>1.xxxi. Changes since 3.0.RC7</h3> <ul> <li>[Fix] Fixed MSSQL related bug in the update system</li> @@ -3969,7 +4051,7 @@ <li>[Fix] No duplication of active topics (Bug #15474)</li> </ul> - <a name="v30rc6"></a><h3>1.xxx. Changes since 3.0.RC6</h3> + <a name="v30rc6"></a><h3>1.xxxii. Changes since 3.0.RC6</h3> <ul> <li>[Fix] Submitting language changes using acp_language (Bug #14736)</li> @@ -3979,7 +4061,7 @@ <li>[Fix] Able to request new password (Bug #14743)</li> </ul> - <a name="v30rc5"></a><h3>1.xxxi. Changes since 3.0.RC5</h3> + <a name="v30rc5"></a><h3>1.xxxiii. Changes since 3.0.RC5</h3> <ul> <li>[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.</li> @@ -4042,7 +4124,7 @@ <li>[Sec] New password hashing mechanism for storing passwords (#i42)</li> </ul> - <a name="v30rc4"></a><h3>1.xxxii. Changes since 3.0.RC4</h3> + <a name="v30rc4"></a><h3>1.xxxiv. Changes since 3.0.RC4</h3> <ul> <li>[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)</li> @@ -4093,7 +4175,7 @@ <li>[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)</li> </ul> - <a name="v30rc3"></a><h3>1.xxxiii. Changes since 3.0.RC3</h3> + <a name="v30rc3"></a><h3>1.xxxv. Changes since 3.0.RC3</h3> <ul> <li>[Fix] Fixing some subsilver2 and prosilver style issues</li> @@ -4202,7 +4284,7 @@ </ul> - <a name="v30rc2"></a><h3>1.xxxiv. Changes since 3.0.RC2</h3> + <a name="v30rc2"></a><h3>1.xxxvi. Changes since 3.0.RC2</h3> <ul> <li>[Fix] Re-allow searching within the memberlist</li> @@ -4248,7 +4330,7 @@ </ul> - <a name="v30rc1"></a><h3>1.xxxv. Changes since 3.0.RC1</h3> + <a name="v30rc1"></a><h3>1.xxxvii. Changes since 3.0.RC1</h3> <ul> <li>[Fix] (X)HTML issues within the templates (Bug #11255, #11255)</li> diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index 50fcd11bee..2885c80541 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -69,31 +69,13 @@ function deregister_globals() { if (isset($not_unset[$varname])) { - // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) - if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) + // Hacking attempt. No point in continuing. + if (isset($_COOKIE[$varname])) { - exit; - } - else - { - $cookie = &$_COOKIE; - while (isset($cookie['GLOBALS'])) - { - if (!is_array($cookie['GLOBALS'])) - { - break; - } - - foreach ($cookie['GLOBALS'] as $registered_var => $value) - { - if (!isset($not_unset[$registered_var])) - { - unset($GLOBALS[$registered_var]); - } - } - $cookie = &$cookie['GLOBALS']; - } + echo "Clear your cookies. "; } + echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals."; + exit; } unset($GLOBALS[$varname]); diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index effd72aeff..da53d2c143 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms); $convertor_data = array( 'forum_name' => 'phpBB 2.0.x', 'version' => '1.0.3', - 'phpbb_version' => '3.1.1', + 'phpbb_version' => '3.1.2', 'author' => '<a href="https://www.phpbb.com/">phpBB Limited</a>', 'dbms' => $dbms, 'dbhost' => $dbhost, diff --git a/phpBB/phpbb/db/migration/data/v31x/v312.php b/phpBB/phpbb/db/migration/data/v31x/v312.php new file mode 100644 index 0000000000..12a3ec3ae6 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v312.php @@ -0,0 +1,31 @@ +<?php +/** + * + * This file is part of the phpBB Forum Software package. + * + * @copyright (c) phpBB Limited <https://www.phpbb.com> + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\db\migration\data\v31x; + +class v312 extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v31x\v312rc1', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.2')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v31x/v312rc1.php b/phpBB/phpbb/db/migration/data/v31x/v312rc1.php new file mode 100644 index 0000000000..d4b133fc01 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v312rc1.php @@ -0,0 +1,32 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class v312rc1 extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v31x\v311', + '\phpbb\db\migration\data\v31x\m_softdelete_global', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.2-RC1')), + ); + } +} |