diff options
author | Joas Schilling <nickvergessen@gmx.de> | 2013-07-30 01:06:11 +0200 |
---|---|---|
committer | Joas Schilling <nickvergessen@gmx.de> | 2013-07-30 01:06:11 +0200 |
commit | 91392c728826c38fd625a80c4e855d373b6866e1 (patch) | |
tree | 96b25a8d6198ef058cc32cd78f81ed0ebbc294b5 | |
parent | 5f3f41d6d6fb5c997ab7b70482fef542a5534b6a (diff) | |
parent | 09de06cf15071fd88a1bf3554007aab2a4faadf4 (diff) | |
download | forums-91392c728826c38fd625a80c4e855d373b6866e1.tar forums-91392c728826c38fd625a80c4e855d373b6866e1.tar.gz forums-91392c728826c38fd625a80c4e855d373b6866e1.tar.bz2 forums-91392c728826c38fd625a80c4e855d373b6866e1.tar.xz forums-91392c728826c38fd625a80c4e855d373b6866e1.zip |
Merge remote-tracking branch 'phpbb/develop' into ticket/11574
* phpbb/develop: (130 commits)
[ticket/11638] Changed the layout to match the other similar commits
[ticket/11640] removed the space that I wonder what it was doing there.
[ticket/11749] Move event after all template data has been defined
[ticket/10917] Variable used only once so delete it
[ticket/10917] Revert use of phpbb wrapper
[ticket/11749] Template events for topic_list_row_pre/append
[ticket/11749] PHP Events for viewforum.php
[ticket/11749] PHP Events for search.php
[ticket/11740] Update FAQ to include Ideas Centre
[ticket/11062] If user's language is english there is no further work needed
[ticket/11062] Load new strings from user's language file if provided
[ticket/10917] Using phpbb wrapper
[ticket/10917] Fixed notice that files are out of date when updating to an unreleased version
[ticket/11741] Fix empty brackets and remove bullet
[ticket/11638] Removed the unneeded reset.
[ticket/11638] Use the $parse_flags like the other commits
[ticket/11638] Reverted to use the $parse tags way as the other ones
[ticket/11638] Updated: bitwise $parse_flags use optionset()
[ticket/11656] Made the check for the bitfield just like other PR's
[ticket/11667] Use @inheritdoc
...
72 files changed, 2177 insertions, 570 deletions
diff --git a/phpBB/adm/style/ajax.js b/phpBB/adm/style/ajax.js index 6f21dfa6ac..efb0639f1b 100644 --- a/phpBB/adm/style/ajax.js +++ b/phpBB/adm/style/ajax.js @@ -127,8 +127,10 @@ phpbb.addAjaxCallback('activate_deactivate', function(res) { * The removes the parent row of the link or form that triggered the callback, * and is good for stuff like the removal of forums. */ -phpbb.addAjaxCallback('row_delete', function() { - $(this).parents('tr').remove(); +phpbb.addAjaxCallback('row_delete', function(res) { + if (res.SUCCESS !== false) { + $(this).parents('tr').remove(); + } }); diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index c1579cfb57..8abc413a5a 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -8,6 +8,12 @@ imports: - { resource: auth_providers.yml } services: + acl.permissions: + class: phpbb_permissions + arguments: + - @dispatcher + - @user + auth: class: phpbb_auth @@ -239,6 +245,9 @@ services: - %tables.notifications% - %tables.user_notifications% + php_ini: + class: phpbb_php_ini + request: class: phpbb_request diff --git a/phpBB/docs/events.md b/phpBB/docs/events.md index 3723bf7b3f..855f238653 100644 --- a/phpBB/docs/events.md +++ b/phpBB/docs/events.md @@ -114,6 +114,24 @@ simple_footer_after * Location: styles/prosilver/template/simple_footer.html * Purpose: Add content directly prior to the `</body>` tag of the simple footer +topiclist_row_prepend +=== +* Locations: + + styles/prosilver/template/search_results.html + + styles/prosilver/template/viewforum_body.html + + styles/subsilver2/template/search_results.html + + styles/subsilver2/template/viewforum_body.html +* Purpose: Add content into topic rows (inside the elements containing topic titles) + +topiclist_row_append +=== +* Locations: + + styles/prosilver/template/search_results.html + + styles/prosilver/template/viewforum_body.html + + styles/subsilver2/template/search_results.html + + styles/subsilver2/template/viewforum_body.html +* Purpose: Add content into topic rows (inside the elements containing topic titles) + ucp_pm_viewmessage_print_head_append === * Location: styles/prosilver/template/ucp_pm_viewmessage_print.html diff --git a/phpBB/download/file.php b/phpBB/download/file.php index cf7128b25b..5a091db7c7 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -41,7 +41,7 @@ if (isset($_GET['avatar'])) exit; } - require($phpbb_root_path . 'includes/class_loader.' . $phpEx); + require($phpbb_root_path . 'phpbb/class_loader.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx); require($phpbb_root_path . 'includes/functions.' . $phpEx); @@ -50,7 +50,7 @@ if (isset($_GET['avatar'])) require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx); // Setup class loader first - $phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}includes/", $phpEx); + $phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}phpbb/", $phpEx); $phpbb_class_loader->register(); $phpbb_class_loader_ext = new phpbb_class_loader('phpbb_ext_', "{$phpbb_root_path}ext/", $phpEx); $phpbb_class_loader_ext->register(); diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index a1e681b29c..7a1d30196d 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -379,6 +379,7 @@ class acp_modules $json_response->send(array( 'MESSAGE_TITLE' => $user->lang('ERROR'), 'MESSAGE_TEXT' => implode('<br />', $errors), + 'SUCCESS' => false, )); } diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php index e830479389..17e48d6576 100644 --- a/phpBB/includes/acp/acp_permission_roles.php +++ b/phpBB/includes/acp/acp_permission_roles.php @@ -25,7 +25,7 @@ class acp_permission_roles function main($id, $mode) { - global $db, $user, $auth, $template, $cache; + global $db, $user, $auth, $template, $cache, $phpbb_container; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -306,6 +306,8 @@ class acp_permission_roles trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } + $phpbb_permissions = $phpbb_container->get('acl.permissions'); + $template->assign_vars(array( 'S_EDIT' => true, @@ -314,9 +316,8 @@ class acp_permission_roles 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], - 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], - ) - ); + 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type), + )); // We need to fill the auth options array with ACL_NO options ;) $sql = 'SELECT auth_option_id, auth_option @@ -456,7 +457,9 @@ class acp_permission_roles */ function display_auth_options($auth_options) { - global $template, $user; + global $template, $user, $phpbb_container; + + $phpbb_permissions = $phpbb_container->get('acl.permissions'); $content_array = $categories = array(); $key_sort_array = array(0); @@ -473,7 +476,7 @@ class acp_permission_roles foreach ($content_array as $cat => $cat_array) { $template->assign_block_vars('auth', array( - 'CAT_NAME' => $user->lang['permission_cat'][$cat], + 'CAT_NAME' => $phpbb_permissions->get_category_lang($cat), 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false, 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, @@ -488,8 +491,8 @@ class acp_permission_roles 'S_NO' => ($allowed == ACL_NO) ? true : false, 'FIELD_NAME' => $permission, - 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) - ); + 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission), + )); } } } diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index a64765f4f5..ed7159996a 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -22,15 +22,18 @@ class acp_permissions { var $u_action; var $permission_dropdown; + protected $permissions; function main($id, $mode) { - global $db, $user, $auth, $template, $cache; + global $db, $user, $auth, $template, $cache, $phpbb_container; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); + $this->permissions = $phpbb_container->get('acl.permissions'); + $auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); @@ -49,7 +52,7 @@ class acp_permissions if ($user_id && isset($auth_admin->acl_options['id'][$permission]) && $auth->acl_get('a_viewauth')) { - $this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']); + $this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $this->permissions->get_permission_lang($permission)); $this->permission_trace($user_id, $forum_id, $permission); return; } @@ -512,7 +515,7 @@ class acp_permissions $template->assign_vars(array( 'S_PERMISSION_DROPDOWN' => (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type, $permission_scope) : false, - 'L_PERMISSION_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], + 'L_PERMISSION_TYPE' => $this->permissions->get_type_lang($permission_type), 'U_ACTION' => $this->u_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields) @@ -587,7 +590,7 @@ class acp_permissions */ function build_permission_dropdown($options, $default_option, $permission_scope) { - global $user, $auth; + global $auth; $s_dropdown_options = ''; foreach ($options as $setting) @@ -598,7 +601,7 @@ class acp_permissions } $selected = ($setting == $default_option) ? ' selected="selected"' : ''; - $l_setting = (isset($user->lang['permission_type'][$permission_scope][$setting])) ? $user->lang['permission_type'][$permission_scope][$setting] : $user->lang['permission_type'][$setting]; + $l_setting = $this->permissions->get_type_lang($setting, $permission_scope); $s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $l_setting . '</option>'; } @@ -979,7 +982,7 @@ class acp_permissions $back = request_var('back', 0); $template->assign_vars(array( - 'PERMISSION' => $user->lang['acl_' . $permission]['lang'], + 'PERMISSION' => $this->permissions->get_permission_lang($permission), 'PERMISSION_USERNAME' => $userdata['username'], 'FORUM_NAME' => $forum_name, diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 6b1da46a12..4ade9cab13 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -261,7 +261,8 @@ class auth_admin extends phpbb_auth */ function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true) { - global $template, $user, $db, $phpbb_root_path, $phpEx; + global $template, $user, $db, $phpbb_root_path, $phpEx, $phpbb_container; + $phpbb_permissions = $phpbb_container->get('acl.permissions'); // Define names for template loops, might be able to be set $tpl_pmask = 'p_mask'; @@ -269,7 +270,7 @@ class auth_admin extends phpbb_auth $tpl_category = 'category'; $tpl_mask = 'mask'; - $l_acl_type = (isset($user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)])) ? $user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)] : 'ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type); + $l_acl_type = $phpbb_permissions->get_type_lang($permission_type, (($local) ? 'local' : 'global')); // Allow trace for viewing permissions and in user mode $show_trace = ($mode == 'view' && $user_mode == 'user') ? true : false; @@ -1100,7 +1101,9 @@ class auth_admin extends phpbb_auth */ function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id, $show_trace = false, $s_view) { - global $template, $user, $phpbb_admin_path, $phpEx; + global $template, $user, $phpbb_admin_path, $phpEx, $phpbb_container; + + $phpbb_permissions = $phpbb_container->get('acl.permissions'); @reset($category_array); while (list($cat, $cat_array) = each($category_array)) @@ -1110,8 +1113,8 @@ class auth_admin extends phpbb_auth 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false, - 'CAT_NAME' => $user->lang['permission_cat'][$cat]) - ); + 'CAT_NAME' => $phpbb_permissions->get_category_lang($cat), + )); /* Sort permissions by name (more naturaly and user friendly than sorting by a primary key) * Commented out due to it's memory consumption and time needed @@ -1145,8 +1148,8 @@ class auth_admin extends phpbb_auth 'U_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '', 'UA_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '', - 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) - ); + 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission), + )); } else { @@ -1163,8 +1166,8 @@ class auth_admin extends phpbb_auth 'U_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '', 'UA_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '', - 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) - ); + 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission), + )); } } } @@ -1176,7 +1179,9 @@ class auth_admin extends phpbb_auth */ function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array) { - global $user; + global $user, $phpbb_container; + + $phpbb_permissions = $phpbb_container->get('acl.permissions'); foreach ($key_sort_array as $forum_id) { @@ -1191,20 +1196,12 @@ class auth_admin extends phpbb_auth @reset($permissions); while (list($permission, $auth_setting) = each($permissions)) { - if (!isset($user->lang['acl_' . $permission])) - { - $user->lang['acl_' . $permission] = array( - 'cat' => 'misc', - 'lang' => '{ acl_' . $permission . ' }' - ); - } - - $cat = $user->lang['acl_' . $permission]['cat']; + $cat = $phpbb_permissions->get_permission_category($permission); // Build our categories array if (!isset($categories[$cat])) { - $categories[$cat] = $user->lang['permission_cat'][$cat]; + $categories[$cat] = $phpbb_permissions->get_category_lang($cat); } // Build our content array diff --git a/phpBB/includes/captcha/captcha_factory.php b/phpBB/includes/captcha/captcha_factory.php index 1ed8e119b5..fac45087e3 100644 --- a/phpBB/includes/captcha/captcha_factory.php +++ b/phpBB/includes/captcha/captcha_factory.php @@ -50,7 +50,8 @@ class phpbb_captcha_factory { include($phpbb_root_path . "includes/captcha/plugins/{$name}_plugin." . $phpEx); } - call_user_func(array($name, 'garbage_collect'), 0); + $captcha = self::get_instance($name); + $captcha->garbage_collect(0); } /** diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 03565c27bb..103cc81205 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1995,6 +1995,10 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } } + $first_post_has_topic_info = ($post_mode == 'edit_first_post' && + (($post_visibility == ITEM_DELETED && $data['topic_posts_softdeleted'] == 1) || + ($post_visibility == ITEM_UNAPPROVED && $data['topic_posts_unapproved'] == 1) || + ($post_visibility == ITEM_APPROVED && $data['topic_posts_approved'] == 1))); // Fix the post's and topic's visibility and first/last post information, when the post is edited if (($post_mode != 'post' && $post_mode != 'reply') && $data['post_visibility'] != $post_visibility) { @@ -2007,7 +2011,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u $phpbb_content_visibility = $phpbb_container->get('content.visibility'); $phpbb_content_visibility->set_post_visibility($post_visibility, $data['post_id'], $data['topic_id'], $data['forum_id'], $user->data['user_id'], time(), '', $is_starter, $is_latest); } - else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || ($post_mode == 'edit_first_post' && !$data['topic_replies'])) + else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $first_post_has_topic_info) { if ($post_visibility == ITEM_APPROVED || $data['topic_visibility'] == $post_visibility) { diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 14278a2529..5fc6de8e02 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -2018,14 +2018,11 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode $decoded_message = bbcode_nl2br($decoded_message); } - - if ($row['bbcode_bitfield']) - { - $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']); - } - - $message = bbcode_nl2br($message); - $message = smiley_text($message, !$row['enable_smilies']); + + $parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); + $parse_flags |= ($row['enable_smilies'] ? OPTION_FLAG_SMILIES : 0); + + $message = generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, false); $subject = censor_text($subject); diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index 4ef477775d..bb21d3d377 100644 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -289,19 +289,8 @@ class mcp_warn // We want to make the message available here as a reminder // Parse the message and subject - $message = censor_text($user_row['post_text']); - - // Second parse bbcode here - if ($user_row['bbcode_bitfield']) - { - include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - - $bbcode = new bbcode($user_row['bbcode_bitfield']); - $bbcode->bbcode_second_pass($message, $user_row['bbcode_uid'], $user_row['bbcode_bitfield']); - } - - $message = bbcode_nl2br($message); - $message = smiley_text($message); + $parse_flags = OPTION_FLAG_SMILIES | ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); + $message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true); // Generate the appropriate user information for the user we are looking at if (!function_exists('phpbb_get_user_avatar')) diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index 7c3286c1d1..f24578da84 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -267,7 +267,7 @@ class ucp_prefs $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']); - $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views'); + $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_posts_approved', 's' => 't.topic_title', 'v' => 't.topic_views'); // Post ordering options $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 70fbfe46fb..7bc7ac8191 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -38,7 +38,7 @@ class ucp_register include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); $coppa = $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false; - $agreed = (int) $request->variable('agreed', false); + $agreed = $request->variable('agreed', false); $submit = $request->is_set_post('submit'); $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name); @@ -63,7 +63,7 @@ class ucp_register $submit = false; // Setting back agreed to let the user view the agreement in his/her language - $agreed = ($request->variable('change_lang', false)) ? 0 : $agreed; + $agreed = false; } $user->lang_name = $user_lang = $use_lang; @@ -89,7 +89,7 @@ class ucp_register $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; $s_hidden_fields = array( - 'change_lang' => $change_lang, + 'change_lang' => '', ); // If we change the language, we want to pass on some more possible parameter. diff --git a/phpBB/install/install_update.php b/phpBB/install/install_update.php index a8abfc7cfc..dce0134730 100644 --- a/phpBB/install/install_update.php +++ b/phpBB/install/install_update.php @@ -57,7 +57,6 @@ class install_update extends module var $new_location; var $latest_version; var $current_version; - var $unequal_version; var $update_to_version; @@ -87,7 +86,6 @@ class install_update extends module $this->tpl_name = 'install_update'; $this->page_title = 'UPDATE_INSTALLATION'; - $this->unequal_version = false; $this->old_location = $phpbb_root_path . 'install/update/old/'; $this->new_location = $phpbb_root_path . 'install/update/new/'; @@ -199,8 +197,6 @@ class install_update extends module // Check if the update files are actually meant to update from the current version if ($this->current_version != $this->update_info['version']['from']) { - $this->unequal_version = true; - $template->assign_vars(array( 'S_ERROR' => true, 'ERROR_MSG' => sprintf($user->lang['INCOMPATIBLE_UPDATE_FILES'], $this->current_version, $this->update_info['version']['from'], $this->update_info['version']['to']), @@ -208,10 +204,8 @@ class install_update extends module } // Check if the update files stored are for the latest version... - if ($this->latest_version != $this->update_info['version']['to']) + if (version_compare(strtolower($this->latest_version), strtolower($this->update_info['version']['to']), '>')) { - $this->unequal_version = true; - $template->assign_vars(array( 'S_WARNING' => true, 'WARNING_MSG' => sprintf($user->lang['OLD_UPDATE_FILES'], $this->update_info['version']['from'], $this->update_info['version']['to'], $this->latest_version)) @@ -230,7 +224,14 @@ class install_update extends module if ($this->test_update === false) { // What about the language file? Got it updated? - if (in_array('language/en/install.' . $phpEx, $this->update_info['files'])) + if (in_array('language/' . $language . '/install.' . $phpEx, $this->update_info['files'])) + { + $lang = array(); + include($this->new_location . 'language/' . $language . '/install.' . $phpEx); + // this is the user's language.. just merge it + $user->lang = array_merge($user->lang, $lang); + } + if ($language != 'en' && in_array('language/en/install.' . $phpEx, $this->update_info['files'])) { $lang = array(); include($this->new_location . 'language/en/install.' . $phpEx); @@ -284,7 +285,7 @@ class install_update extends module )); // Print out version the update package updates to - if ($this->unequal_version) + if ($this->latest_version != $this->update_info['version']['to']) { $template->assign_var('PACKAGE_VERSION', $this->update_info['version']['to']); } diff --git a/phpBB/language/en/acp/permissions_phpbb.php b/phpBB/language/en/acp/permissions_phpbb.php index 98679ad544..5ea151f6ea 100644 --- a/phpBB/language/en/acp/permissions_phpbb.php +++ b/phpBB/language/en/acp/permissions_phpbb.php @@ -33,209 +33,175 @@ if (empty($lang) || !is_array($lang)) // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine /** -* MODDERS PLEASE NOTE +* EXTENSION-DEVELOPERS PLEASE NOTE * -* You are able to put your permission sets into a separate file too by -* prefixing the new file with permissions_ and putting it into the acp -* language folder. -* -* An example of how the file could look like: -* -* <code> -* -* if (empty($lang) || !is_array($lang)) -* { -* $lang = array(); -* } -* -* // Adding new category -* $lang['permission_cat']['bugs'] = 'Bugs'; -* -* // Adding new permission set -* $lang['permission_type']['bug_'] = 'Bug Permissions'; -* -* // Adding the permissions -* $lang = array_merge($lang, array( -* 'acl_bug_view' => array('lang' => 'Can view bug reports', 'cat' => 'bugs'), -* 'acl_bug_post' => array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here -* )); -* -* </code> +* You are able to put your permission sets into your extension. +* The permissions logic should be added via the 'core.permissions' event. +* You can easily add new permission categories, types and permissions, by +* simply merging them into the respective arrays. +* The respective language strings should be added into a language file, that +* start with 'permissions_', so they are automatically loaded within the ACP. */ -// Define categories and permission types $lang = array_merge($lang, array( - 'permission_cat' => array( - 'actions' => 'Actions', - 'content' => 'Content', - 'forums' => 'Forums', - 'misc' => 'Misc', - 'permissions' => 'Permissions', - 'pm' => 'Private messages', - 'polls' => 'Polls', - 'post' => 'Post', - 'post_actions' => 'Post actions', - 'posting' => 'Posting', - 'profile' => 'Profile', - 'settings' => 'Settings', - 'topic_actions' => 'Topic actions', - 'user_group' => 'Users & Groups', - ), - - // With defining 'global' here we are able to specify what is printed out if the permission is within the global scope. - 'permission_type' => array( - 'u_' => 'User permissions', - 'a_' => 'Admin permissions', - 'm_' => 'Moderator permissions', - 'f_' => 'Forum permissions', - 'global' => array( - 'm_' => 'Global moderator permissions', - ), - ), + 'ACL_CAT_ACTIONS' => 'Actions', + 'ACL_CAT_CONTENT' => 'Content', + 'ACL_CAT_FORUMS' => 'Forums', + 'ACL_CAT_MISC' => 'Misc', + 'ACL_CAT_PERMISSIONS' => 'Permissions', + 'ACL_CAT_PM' => 'Private messages', + 'ACL_CAT_POLLS' => 'Polls', + 'ACL_CAT_POST' => 'Post', + 'ACL_CAT_POST_ACTIONS' => 'Post actions', + 'ACL_CAT_POSTING' => 'Posting', + 'ACL_CAT_PROFILE' => 'Profile', + 'ACL_CAT_SETTINGS' => 'Settings', + 'ACL_CAT_TOPIC_ACTIONS' => 'Topic actions', + 'ACL_CAT_USER_GROUP' => 'Users & Groups', )); // User Permissions $lang = array_merge($lang, array( - 'acl_u_viewprofile' => array('lang' => 'Can view profiles, memberlist and online list', 'cat' => 'profile'), - 'acl_u_chgname' => array('lang' => 'Can change username', 'cat' => 'profile'), - 'acl_u_chgpasswd' => array('lang' => 'Can change password', 'cat' => 'profile'), - 'acl_u_chgemail' => array('lang' => 'Can change email address', 'cat' => 'profile'), - 'acl_u_chgavatar' => array('lang' => 'Can change avatar', 'cat' => 'profile'), - 'acl_u_chggrp' => array('lang' => 'Can change default usergroup', 'cat' => 'profile'), - 'acl_u_chgprofileinfo' => array('lang' => 'Can change profile field information', 'cat' => 'profile'), - - 'acl_u_attach' => array('lang' => 'Can attach files', 'cat' => 'post'), - 'acl_u_download' => array('lang' => 'Can download files', 'cat' => 'post'), - 'acl_u_savedrafts' => array('lang' => 'Can save drafts', 'cat' => 'post'), - 'acl_u_chgcensors' => array('lang' => 'Can disable word censors', 'cat' => 'post'), - 'acl_u_sig' => array('lang' => 'Can use signature', 'cat' => 'post'), - - 'acl_u_sendpm' => array('lang' => 'Can send private messages', 'cat' => 'pm'), - 'acl_u_masspm' => array('lang' => 'Can send messages to multiple users', 'cat' => 'pm'), - 'acl_u_masspm_group'=> array('lang' => 'Can send messages to groups', 'cat' => 'pm'), - 'acl_u_readpm' => array('lang' => 'Can read private messages', 'cat' => 'pm'), - 'acl_u_pm_edit' => array('lang' => 'Can edit own private messages', 'cat' => 'pm'), - 'acl_u_pm_delete' => array('lang' => 'Can remove private messages from own folder', 'cat' => 'pm'), - 'acl_u_pm_forward' => array('lang' => 'Can forward private messages', 'cat' => 'pm'), - 'acl_u_pm_emailpm' => array('lang' => 'Can email private messages', 'cat' => 'pm'), - 'acl_u_pm_printpm' => array('lang' => 'Can print private messages', 'cat' => 'pm'), - 'acl_u_pm_attach' => array('lang' => 'Can attach files in private messages', 'cat' => 'pm'), - 'acl_u_pm_download' => array('lang' => 'Can download files in private messages', 'cat' => 'pm'), - 'acl_u_pm_bbcode' => array('lang' => 'Can use BBCode in private messages', 'cat' => 'pm'), - 'acl_u_pm_smilies' => array('lang' => 'Can use smilies in private messages', 'cat' => 'pm'), - 'acl_u_pm_img' => array('lang' => 'Can use [img] BBCode tag in private messages', 'cat' => 'pm'), - 'acl_u_pm_flash' => array('lang' => 'Can use [flash] BBCode tag in private messages', 'cat' => 'pm'), - - 'acl_u_sendemail' => array('lang' => 'Can send emails', 'cat' => 'misc'), - 'acl_u_sendim' => array('lang' => 'Can send instant messages', 'cat' => 'misc'), - 'acl_u_ignoreflood' => array('lang' => 'Can ignore flood limit', 'cat' => 'misc'), - 'acl_u_hideonline' => array('lang' => 'Can hide online status', 'cat' => 'misc'), - 'acl_u_viewonline' => array('lang' => 'Can view hidden online users', 'cat' => 'misc'), - 'acl_u_search' => array('lang' => 'Can search board', 'cat' => 'misc'), + 'ACL_U_VIEWPROFILE' => 'Can view profiles, memberlist and online list', + 'ACL_U_CHGNAME' => 'Can change username', + 'ACL_U_CHGPASSWD' => 'Can change password', + 'ACL_U_CHGEMAIL' => 'Can change email address', + 'ACL_U_CHGAVATAR' => 'Can change avatar', + 'ACL_U_CHGGRP' => 'Can change default usergroup', + 'ACL_U_CHGPROFILEINFO' => 'Can change profile field information', + + 'ACL_U_ATTACH' => 'Can attach files', + 'ACL_U_DOWNLOAD' => 'Can download files', + 'ACL_U_SAVEDRAFTS' => 'Can save drafts', + 'ACL_U_CHGCENSORS' => 'Can disable word censors', + 'ACL_U_SIG' => 'Can use signature', + + 'ACL_U_SENDPM' => 'Can send private messages', + 'ACL_U_MASSPM' => 'Can send messages to multiple users', + 'ACL_U_MASSPM_GROUP'=> 'Can send messages to groups', + 'ACL_U_READPM' => 'Can read private messages', + 'ACL_U_PM_EDIT' => 'Can edit own private messages', + 'ACL_U_PM_DELETE' => 'Can remove private messages from own folder', + 'ACL_U_PM_FORWARD' => 'Can forward private messages', + 'ACL_U_PM_EMAILPM' => 'Can email private messages', + 'ACL_U_PM_PRINTPM' => 'Can print private messages', + 'ACL_U_PM_ATTACH' => 'Can attach files in private messages', + 'ACL_U_PM_DOWNLOAD' => 'Can download files in private messages', + 'ACL_U_PM_BBCODE' => 'Can use BBCode in private messages', + 'ACL_U_PM_SMILIES' => 'Can use smilies in private messages', + 'ACL_U_PM_IMG' => 'Can use [img] BBCode tag in private messages', + 'ACL_U_PM_FLASH' => 'Can use [flash] BBCode tag in private messages', + + 'ACL_U_SENDEMAIL' => 'Can send emails', + 'ACL_U_SENDIM' => 'Can send instant messages', + 'ACL_U_IGNOREFLOOD' => 'Can ignore flood limit', + 'ACL_U_HIDEONLINE' => 'Can hide online status', + 'ACL_U_VIEWONLINE' => 'Can view hidden online users', + 'ACL_U_SEARCH' => 'Can search board', )); // Forum Permissions $lang = array_merge($lang, array( - 'acl_f_list' => array('lang' => 'Can see forum', 'cat' => 'actions'), - 'acl_f_read' => array('lang' => 'Can read forum', 'cat' => 'actions'), - 'acl_f_search' => array('lang' => 'Can search the forum', 'cat' => 'actions'), - 'acl_f_subscribe' => array('lang' => 'Can subscribe forum', 'cat' => 'actions'), - 'acl_f_print' => array('lang' => 'Can print topics', 'cat' => 'actions'), - 'acl_f_email' => array('lang' => 'Can email topics', 'cat' => 'actions'), - 'acl_f_bump' => array('lang' => 'Can bump topics', 'cat' => 'actions'), - 'acl_f_user_lock' => array('lang' => 'Can lock own topics', 'cat' => 'actions'), - 'acl_f_download' => array('lang' => 'Can download files', 'cat' => 'actions'), - 'acl_f_report' => array('lang' => 'Can report posts', 'cat' => 'actions'), - - 'acl_f_post' => array('lang' => 'Can start new topics', 'cat' => 'post'), - 'acl_f_sticky' => array('lang' => 'Can post stickies', 'cat' => 'post'), - 'acl_f_announce' => array('lang' => 'Can post announcements', 'cat' => 'post'), - 'acl_f_reply' => array('lang' => 'Can reply to topics', 'cat' => 'post'), - 'acl_f_edit' => array('lang' => 'Can edit own posts', 'cat' => 'post'), - 'acl_f_delete' => array('lang' => 'Can permanently delete own posts', 'cat' => 'post'), - 'acl_f_softdelete' => array('lang' => 'Can soft delete own posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', 'cat' => 'post'), - 'acl_f_ignoreflood' => array('lang' => 'Can ignore flood limit', 'cat' => 'post'), - 'acl_f_postcount' => array('lang' => 'Increment post counter<br /><em>Please note that this setting only affects new posts.</em>', 'cat' => 'post'), - 'acl_f_noapprove' => array('lang' => 'Can post without approval', 'cat' => 'post'), - - 'acl_f_attach' => array('lang' => 'Can attach files', 'cat' => 'content'), - 'acl_f_icons' => array('lang' => 'Can use topic/post icons', 'cat' => 'content'), - 'acl_f_bbcode' => array('lang' => 'Can use BBCode', 'cat' => 'content'), - 'acl_f_flash' => array('lang' => 'Can use [flash] BBCode tag', 'cat' => 'content'), - 'acl_f_img' => array('lang' => 'Can use [img] BBCode tag', 'cat' => 'content'), - 'acl_f_sigs' => array('lang' => 'Can use signatures', 'cat' => 'content'), - 'acl_f_smilies' => array('lang' => 'Can use smilies', 'cat' => 'content'), - - 'acl_f_poll' => array('lang' => 'Can create polls', 'cat' => 'polls'), - 'acl_f_vote' => array('lang' => 'Can vote in polls', 'cat' => 'polls'), - 'acl_f_votechg' => array('lang' => 'Can change existing vote', 'cat' => 'polls'), + 'ACL_F_LIST' => 'Can see forum', + 'ACL_F_READ' => 'Can read forum', + 'ACL_F_SEARCH' => 'Can search the forum', + 'ACL_F_SUBSCRIBE' => 'Can subscribe forum', + 'ACL_F_PRINT' => 'Can print topics', + 'ACL_F_EMAIL' => 'Can email topics', + 'ACL_F_BUMP' => 'Can bump topics', + 'ACL_F_USER_LOCK' => 'Can lock own topics', + 'ACL_F_DOWNLOAD' => 'Can download files', + 'ACL_F_REPORT' => 'Can report posts', + + 'ACL_F_POST' => 'Can start new topics', + 'ACL_F_STICKY' => 'Can post stickies', + 'ACL_F_ANNOUNCE' => 'Can post announcements', + 'ACL_F_REPLY' => 'Can reply to topics', + 'ACL_F_EDIT' => 'Can edit own posts', + 'ACL_F_DELETE' => 'Can permanently delete own posts', + 'ACL_F_SOFTDELETE' => 'Can soft delete own posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', + 'ACL_F_IGNOREFLOOD' => 'Can ignore flood limit', + 'ACL_F_POSTCOUNT' => 'Increment post counter<br /><em>Please note that this setting only affects new posts.</em>', + 'ACL_F_NOAPPROVE' => 'Can post without approval', + + 'ACL_F_ATTACH' => 'Can attach files', + 'ACL_F_ICONS' => 'Can use topic/post icons', + 'ACL_F_BBCODE' => 'Can use BBCode', + 'ACL_F_FLASH' => 'Can use [flash] BBCode tag', + 'ACL_F_IMG' => 'Can use [img] BBCode tag', + 'ACL_F_SIGS' => 'Can use signatures', + 'ACL_F_SMILIES' => 'Can use smilies', + + 'ACL_F_POLL' => 'Can create polls', + 'ACL_F_VOTE' => 'Can vote in polls', + 'ACL_F_VOTECHG' => 'Can change existing vote', )); // Moderator Permissions $lang = array_merge($lang, array( - 'acl_m_edit' => array('lang' => 'Can edit posts', 'cat' => 'post_actions'), - 'acl_m_delete' => array('lang' => 'Can permanently delete posts', 'cat' => 'post_actions'), - 'acl_m_softdelete' => array('lang' => 'Can soft delete posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', 'cat' => 'post_actions'), - 'acl_m_approve' => array('lang' => 'Can approve and restore posts', 'cat' => 'post_actions'), - 'acl_m_report' => array('lang' => 'Can close and delete reports', 'cat' => 'post_actions'), - 'acl_m_chgposter' => array('lang' => 'Can change post author', 'cat' => 'post_actions'), - - 'acl_m_move' => array('lang' => 'Can move topics', 'cat' => 'topic_actions'), - 'acl_m_lock' => array('lang' => 'Can lock topics', 'cat' => 'topic_actions'), - 'acl_m_split' => array('lang' => 'Can split topics', 'cat' => 'topic_actions'), - 'acl_m_merge' => array('lang' => 'Can merge topics', 'cat' => 'topic_actions'), - - 'acl_m_info' => array('lang' => 'Can view post details', 'cat' => 'misc'), - 'acl_m_warn' => array('lang' => 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', 'cat' => 'misc'), // This moderator setting is only global (and not local) - 'acl_m_ban' => array('lang' => 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', 'cat' => 'misc'), // This moderator setting is only global (and not local) + 'ACL_M_EDIT' => 'Can edit posts', + 'ACL_M_DELETE' => 'Can permanently delete posts', + 'ACL_M_SOFTDELETE' => 'Can soft delete posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', + 'ACL_M_APPROVE' => 'Can approve posts', + 'ACL_M_REPORT' => 'Can close and delete reports', + 'ACL_M_CHGPOSTER' => 'Can change post author', + + 'ACL_M_MOVE' => 'Can move topics', + 'ACL_M_LOCK' => 'Can lock topics', + 'ACL_M_SPLIT' => 'Can split topics', + 'ACL_M_MERGE' => 'Can merge topics', + + 'ACL_M_INFO' => 'Can view post details', + 'ACL_M_WARN' => 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local) + 'ACL_M_BAN' => 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local) )); // Admin Permissions $lang = array_merge($lang, array( - 'acl_a_board' => array('lang' => 'Can alter board settings/check for updates', 'cat' => 'settings'), - 'acl_a_server' => array('lang' => 'Can alter server/communication settings', 'cat' => 'settings'), - 'acl_a_jabber' => array('lang' => 'Can alter Jabber settings', 'cat' => 'settings'), - 'acl_a_phpinfo' => array('lang' => 'Can view php settings', 'cat' => 'settings'), - - 'acl_a_forum' => array('lang' => 'Can manage forums', 'cat' => 'forums'), - 'acl_a_forumadd' => array('lang' => 'Can add new forums', 'cat' => 'forums'), - 'acl_a_forumdel' => array('lang' => 'Can delete forums', 'cat' => 'forums'), - 'acl_a_prune' => array('lang' => 'Can prune forums', 'cat' => 'forums'), - - 'acl_a_icons' => array('lang' => 'Can alter topic/post icons and smilies', 'cat' => 'posting'), - 'acl_a_words' => array('lang' => 'Can alter word censors', 'cat' => 'posting'), - 'acl_a_bbcode' => array('lang' => 'Can define BBCode tags', 'cat' => 'posting'), - 'acl_a_attach' => array('lang' => 'Can alter attachment related settings', 'cat' => 'posting'), - - 'acl_a_user' => array('lang' => 'Can manage users<br /><em>This also includes seeing the users browser agent within the viewonline list.</em>', 'cat' => 'user_group'), - 'acl_a_userdel' => array('lang' => 'Can delete/prune users', 'cat' => 'user_group'), - 'acl_a_group' => array('lang' => 'Can manage groups', 'cat' => 'user_group'), - 'acl_a_groupadd' => array('lang' => 'Can add new groups', 'cat' => 'user_group'), - 'acl_a_groupdel' => array('lang' => 'Can delete groups', 'cat' => 'user_group'), - 'acl_a_ranks' => array('lang' => 'Can manage ranks', 'cat' => 'user_group'), - 'acl_a_profile' => array('lang' => 'Can manage custom profile fields', 'cat' => 'user_group'), - 'acl_a_names' => array('lang' => 'Can manage disallowed names', 'cat' => 'user_group'), - 'acl_a_ban' => array('lang' => 'Can manage bans', 'cat' => 'user_group'), - - 'acl_a_viewauth' => array('lang' => 'Can view permission masks', 'cat' => 'permissions'), - 'acl_a_authgroups' => array('lang' => 'Can alter permissions for individual groups', 'cat' => 'permissions'), - 'acl_a_authusers' => array('lang' => 'Can alter permissions for individual users', 'cat' => 'permissions'), - 'acl_a_fauth' => array('lang' => 'Can alter forum permission class', 'cat' => 'permissions'), - 'acl_a_mauth' => array('lang' => 'Can alter moderator permission class', 'cat' => 'permissions'), - 'acl_a_aauth' => array('lang' => 'Can alter admin permission class', 'cat' => 'permissions'), - 'acl_a_uauth' => array('lang' => 'Can alter user permission class', 'cat' => 'permissions'), - 'acl_a_roles' => array('lang' => 'Can manage roles', 'cat' => 'permissions'), - 'acl_a_switchperm' => array('lang' => 'Can use others permissions', 'cat' => 'permissions'), - - 'acl_a_styles' => array('lang' => 'Can manage styles', 'cat' => 'misc'), - 'acl_a_extensions' => array('lang' => 'Can manage extensions', 'cat' => 'misc'), - 'acl_a_viewlogs' => array('lang' => 'Can view logs', 'cat' => 'misc'), - 'acl_a_clearlogs' => array('lang' => 'Can clear logs', 'cat' => 'misc'), - 'acl_a_modules' => array('lang' => 'Can manage modules', 'cat' => 'misc'), - 'acl_a_language' => array('lang' => 'Can manage language packs', 'cat' => 'misc'), - 'acl_a_email' => array('lang' => 'Can send mass email', 'cat' => 'misc'), - 'acl_a_bots' => array('lang' => 'Can manage bots', 'cat' => 'misc'), - 'acl_a_reasons' => array('lang' => 'Can manage report/denial reasons', 'cat' => 'misc'), - 'acl_a_backup' => array('lang' => 'Can backup/restore database', 'cat' => 'misc'), - 'acl_a_search' => array('lang' => 'Can manage search backends and settings', 'cat' => 'misc'), + 'ACL_A_BOARD' => 'Can alter board settings/check for updates', + 'ACL_A_SERVER' => 'Can alter server/communication settings', + 'ACL_A_JABBER' => 'Can alter Jabber settings', + 'ACL_A_PHPINFO' => 'Can view php settings', + + 'ACL_A_FORUM' => 'Can manage forums', + 'ACL_A_FORUMADD' => 'Can add new forums', + 'ACL_A_FORUMDEL' => 'Can delete forums', + 'ACL_A_PRUNE' => 'Can prune forums', + + 'ACL_A_ICONS' => 'Can alter topic/post icons and smilies', + 'ACL_A_WORDS' => 'Can alter word censors', + 'ACL_A_BBCODE' => 'Can define BBCode tags', + 'ACL_A_ATTACH' => 'Can alter attachment related settings', + + 'ACL_A_USER' => 'Can manage users<br /><em>This also includes seeing the users browser agent within the viewonline list.</em>', + 'ACL_A_USERDEL' => 'Can delete/prune users', + 'ACL_A_GROUP' => 'Can manage groups', + 'ACL_A_GROUPADD' => 'Can add new groups', + 'ACL_A_GROUPDEL' => 'Can delete groups', + 'ACL_A_RANKS' => 'Can manage ranks', + 'ACL_A_PROFILE' => 'Can manage custom profile fields', + 'ACL_A_NAMES' => 'Can manage disallowed names', + 'ACL_A_BAN' => 'Can manage bans', + + 'ACL_A_VIEWAUTH' => 'Can view permission masks', + 'ACL_A_AUTHGROUPS' => 'Can alter permissions for individual groups', + 'ACL_A_AUTHUSERS' => 'Can alter permissions for individual users', + 'ACL_A_FAUTH' => 'Can alter forum permission class', + 'ACL_A_MAUTH' => 'Can alter moderator permission class', + 'ACL_A_AAUTH' => 'Can alter admin permission class', + 'ACL_A_UAUTH' => 'Can alter user permission class', + 'ACL_A_ROLES' => 'Can manage roles', + 'ACL_A_SWITCHPERM' => 'Can use others permissions', + + 'ACL_A_STYLES' => 'Can manage styles', + 'ACL_A_EXTENSIONS' => 'Can manage extensions', + 'ACL_A_VIEWLOGS' => 'Can view logs', + 'ACL_A_CLEARLOGS' => 'Can clear logs', + 'ACL_A_MODULES' => 'Can manage modules', + 'ACL_A_LANGUAGE' => 'Can manage language packs', + 'ACL_A_EMAIL' => 'Can send mass email', + 'ACL_A_BOTS' => 'Can manage bots', + 'ACL_A_REASONS' => 'Can manage report/denial reasons', + 'ACL_A_BACKUP' => 'Can backup/restore database', + 'ACL_A_SEARCH' => 'Can manage search backends and settings', )); diff --git a/phpBB/language/en/help_faq.php b/phpBB/language/en/help_faq.php index 68dc05f992..94e6622685 100644 --- a/phpBB/language/en/help_faq.php +++ b/phpBB/language/en/help_faq.php @@ -332,7 +332,7 @@ $help = array( ), array( 0 => 'Why isn’t X feature available?', - 1 => 'This software was written by and licensed through phpBB Group. If you believe a feature needs to be added, or you want to report a bug, please visit the phpBB <a href="http://area51.phpbb.com/">Area51</a> website, where you will find resources to do so.' + 1 => 'This software was written by and licensed through phpBB Group. If you believe a feature needs to be added please visit the <a href="https://www.phpbb.com/ideas/">phpBB Ideas Centre</a>, where you can upvote existing ideas or suggest new features.' ), array( 0 => 'Who do I contact about abusive and/or legal matters related to this board?', diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 46136dbdd4..26f920fe5a 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -561,17 +561,8 @@ switch ($mode) if ($member['user_sig']) { - $member['user_sig'] = censor_text($member['user_sig']); - - if ($member['user_sig_bbcode_bitfield']) - { - include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode(); - $bbcode->bbcode_second_pass($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield']); - } - - $member['user_sig'] = bbcode_nl2br($member['user_sig']); - $member['user_sig'] = smiley_text($member['user_sig']); + $parse_flags = ($member['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $member['user_sig'] = generate_text_for_display($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield'], $parse_flags, true); } $poster_avatar = phpbb_get_user_avatar($member); diff --git a/phpBB/phpbb/avatar/driver/remote.php b/phpBB/phpbb/avatar/driver/remote.php index 7da58107a1..d629a490fd 100644 --- a/phpBB/phpbb/avatar/driver/remote.php +++ b/phpBB/phpbb/avatar/driver/remote.php @@ -93,7 +93,7 @@ class phpbb_avatar_driver_remote extends phpbb_avatar_driver // Make sure getimagesize works... if (function_exists('getimagesize')) { - if (($width <= 0 || $height <= 0) && (($image_data = getimagesize($url)) === false)) + if (($width <= 0 || $height <= 0) && (($image_data = @getimagesize($url)) === false)) { $error[] = 'UNABLE_GET_IMAGE_SIZE'; return false; diff --git a/phpBB/phpbb/feed/overall.php b/phpBB/phpbb/feed/overall.php index 869df7cde0..224d97ec03 100644 --- a/phpBB/phpbb/feed/overall.php +++ b/phpBB/phpbb/feed/overall.php @@ -72,7 +72,7 @@ class phpbb_feed_overall extends phpbb_feed_post_base ), ), 'WHERE' => $this->db->sql_in_set('p.topic_id', $topic_ids) . ' - AND ' . $this->content_visibility->get_visibility_sql('post', array(), 'p.') . ' + AND ' . $this->content_visibility->get_forums_visibility_sql('post', $forum_ids, 'p.') . ' AND p.post_time >= ' . $min_post_time . ' AND u.user_id = p.poster_id', 'ORDER_BY' => 'p.post_time DESC', diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php index 36f958ac60..bb1753d823 100644 --- a/phpBB/phpbb/feed/topic.php +++ b/phpBB/phpbb/feed/topic.php @@ -43,7 +43,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base function open() { - $sql = 'SELECT f.forum_options, f.forum_password, t.topic_id, t.forum_id, t.topic_visibility, t.topic_title, t.topic_time, t.topic_views, t.topic_replies, t.topic_type + $sql = 'SELECT f.forum_options, f.forum_password, t.topic_id, t.forum_id, t.topic_visibility, t.topic_title, t.topic_time, t.topic_views, t.topic_posts_approved, t.topic_type FROM ' . TOPICS_TABLE . ' t LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = t.forum_id) @@ -60,7 +60,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base $this->forum_id = (int) $this->topic_data['forum_id']; // Make sure topic is either approved or user authed - if (!$this->topic_data['topic_approved'] && !$this->auth->acl_get('m_approve', $this->forum_id)) + if ($this->topic_data['topic_visibility'] != ITEM_APPROVED && !$this->auth->acl_get('m_approve', $this->forum_id)) { trigger_error('SORRY_AUTH_READ'); } diff --git a/phpBB/phpbb/permissions.php b/phpBB/phpbb/permissions.php new file mode 100644 index 0000000000..0fbacdad8a --- /dev/null +++ b/phpBB/phpbb/permissions.php @@ -0,0 +1,340 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2013 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +/** +* DO NOT CHANGE +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +class phpbb_permissions +{ + /** + * Event dispatcher object + * @var phpbb_event_dispatcher + */ + protected $dispatcher; + + /** + * User object + * @var phpbb_user + */ + protected $user; + + /** + * Constructor + * + * @param phpbb_event_dispatcher $phpbb_dispatcher Event dispatcher + * @param phpbb_user $user User Object + * @return null + */ + public function __construct(phpbb_event_dispatcher $phpbb_dispatcher, phpbb_user $user) + { + $this->dispatcher = $phpbb_dispatcher; + $this->user = $user; + + $categories = $this->categories; + $types = $this->types; + $permissions = $this->permissions; + + /** + * Allows to specify additional permission categories, types and permissions + * + * @event core.permissions + * @var array types Array with permission types (a_, u_, m_, etc.) + * @var array categories Array with permission categories (pm, post, settings, misc, etc.) + * @var array permissions Array with permissions. Each Permission has the following layout: + * '<type><permission>' => array( + * 'lang' => 'Language Key with a Short description', // Optional, if not set, + * // the permissions identifier '<type><permission>' is used with + * // all uppercase. + * 'cat' => 'Identifier of the category, the permission should be displayed in', + * ), + * Example: + * 'u_viewprofile' => array( + * 'lang' => 'ACL_U_VIEWPROFILE', + * 'cat' => 'profile', + * ), + * @since 3.1-A1 + */ + $vars = array('types', 'categories', 'permissions'); + extract($phpbb_dispatcher->trigger_event('core.permissions', compact($vars))); + + $this->categories = $categories; + $this->types = $types; + $this->permissions = $permissions; + } + + /** + * Returns an array with all the permission categories (pm, post, settings, misc, etc.) + * + * @return array Layout: cat-identifier => Language key + */ + public function get_categories() + { + return $this->categories; + } + + /** + * Returns the language string of a permission category + * + * @param string $category Identifier of the category + * @return string Language string + */ + public function get_category_lang($category) + { + return $this->user->lang($this->categories[$category]); + } + + /** + * Returns an array with all the permission types (a_, u_, m_, etc.) + * + * @return array Layout: type-identifier => Language key + */ + public function get_types() + { + return $this->types; + } + + /** + * Returns the language string of a permission type + * + * @param string $type Identifier of the type + * @param mixed $scope Scope of the type (should be 'global', 'local' or false) + * @return string Language string + */ + public function get_type_lang($type, $scope = false) + { + if ($scope && isset($this->types[$scope][$type])) + { + $lang_key = $this->types[$scope][$type]; + } + else if (isset($this->types[$type])) + { + $lang_key = $this->types[$type]; + } + else + { + $lang_key = 'ACL_TYPE_' . strtoupper(($scope) ? $scope . '_' . $type : $type); + } + + return $this->user->lang($lang_key); + } + + /** + * Returns an array with all the permissions. + * Each Permission has the following layout: + * '<type><permission>' => array( + * 'lang' => 'Language Key with a Short description', // Optional, if not set, + * // the permissions identifier '<type><permission>' is used with + * // all uppercase. + * 'cat' => 'Identifier of the category, the permission should be displayed in', + * ), + * Example: + * 'u_viewprofile' => array( + * 'lang' => 'ACL_U_VIEWPROFILE', + * 'cat' => 'profile', + * ), + * + * @return array + */ + public function get_permissions() + { + return $this->permissions; + } + + /** + * Returns the category of a permission + * + * @param string $permission Identifier of the permission + * @return string Returns the category identifier of the permission + */ + public function get_permission_category($permission) + { + return (isset($this->permissions[$permission]['cat'])) ? $this->permissions[$permission]['cat'] : 'misc'; + } + + /** + * Returns the language string of a permission + * + * @param string $permission Identifier of the permission + * @return string Language string + */ + public function get_permission_lang($permission) + { + return (isset($this->permissions[$permission]['lang'])) ? $this->user->lang($this->permissions[$permission]['lang']) : $this->user->lang('ACL_' . strtoupper($permission)); + } + + protected $types = array( + 'u_' => 'ACL_TYPE_U_', + 'a_' => 'ACL_TYPE_A_', + 'm_' => 'ACL_TYPE_M_', + 'f_' => 'ACL_TYPE_F_', + 'global' => array( + 'm_' => 'ACL_TYPE_GLOBAL_M_', + ), + ); + + protected $categories = array( + 'actions' => 'ACL_CAT_ACTIONS', + 'content' => 'ACL_CAT_CONTENT', + 'forums' => 'ACL_CAT_FORUMS', + 'misc' => 'ACL_CAT_MISC', + 'permissions' => 'ACL_CAT_PERMISSIONS', + 'pm' => 'ACL_CAT_PM', + 'polls' => 'ACL_CAT_POLLS', + 'post' => 'ACL_CAT_POST', + 'post_actions' => 'ACL_CAT_POST_ACTIONS', + 'posting' => 'ACL_CAT_POSTING', + 'profile' => 'ACL_CAT_PROFILE', + 'settings' => 'ACL_CAT_SETTINGS', + 'topic_actions' => 'ACL_CAT_TOPIC_ACTIONS', + 'user_group' => 'ACL_CAT_USER_GROUP', + ); + + protected $permissions = array( + // User Permissions + 'u_viewprofile' => array('lang' => 'ACL_U_VIEWPROFILE', 'cat' => 'profile'), + 'u_chgname' => array('lang' => 'ACL_U_CHGNAME', 'cat' => 'profile'), + 'u_chgpasswd' => array('lang' => 'ACL_U_CHGPASSWD', 'cat' => 'profile'), + 'u_chgemail' => array('lang' => 'ACL_U_CHGEMAIL', 'cat' => 'profile'), + 'u_chgavatar' => array('lang' => 'ACL_U_CHGAVATAR', 'cat' => 'profile'), + 'u_chggrp' => array('lang' => 'ACL_U_CHGGRP', 'cat' => 'profile'), + 'u_chgprofileinfo' => array('lang' => 'ACL_U_CHGPROFILEINFO', 'cat' => 'profile'), + + 'u_attach' => array('lang' => 'ACL_U_ATTACH', 'cat' => 'post'), + 'u_download' => array('lang' => 'ACL_U_DOWNLOAD', 'cat' => 'post'), + 'u_savedrafts' => array('lang' => 'ACL_U_SAVEDRAFTS', 'cat' => 'post'), + 'u_chgcensors' => array('lang' => 'ACL_U_CHGCENSORS', 'cat' => 'post'), + 'u_sig' => array('lang' => 'ACL_U_SIG', 'cat' => 'post'), + + 'u_sendpm' => array('lang' => 'ACL_U_SENDPM', 'cat' => 'pm'), + 'u_masspm' => array('lang' => 'ACL_U_MASSPM', 'cat' => 'pm'), + 'u_masspm_group'=> array('lang' => 'ACL_U_MASSPM_GROUP', 'cat' => 'pm'), + 'u_readpm' => array('lang' => 'ACL_U_READPM', 'cat' => 'pm'), + 'u_pm_edit' => array('lang' => 'ACL_U_PM_EDIT', 'cat' => 'pm'), + 'u_pm_delete' => array('lang' => 'ACL_U_PM_DELETE', 'cat' => 'pm'), + 'u_pm_forward' => array('lang' => 'ACL_U_PM_FORWARD', 'cat' => 'pm'), + 'u_pm_emailpm' => array('lang' => 'ACL_U_PM_EMAILPM', 'cat' => 'pm'), + 'u_pm_printpm' => array('lang' => 'ACL_U_PM_PRINTPM', 'cat' => 'pm'), + 'u_pm_attach' => array('lang' => 'ACL_U_PM_ATTACH', 'cat' => 'pm'), + 'u_pm_download' => array('lang' => 'ACL_U_PM_DOWNLOAD', 'cat' => 'pm'), + 'u_pm_bbcode' => array('lang' => 'ACL_U_PM_BBCODE', 'cat' => 'pm'), + 'u_pm_smilies' => array('lang' => 'ACL_U_PM_SMILIES', 'cat' => 'pm'), + 'u_pm_img' => array('lang' => 'ACL_U_PM_IMG', 'cat' => 'pm'), + 'u_pm_flash' => array('lang' => 'ACL_U_PM_FLASH', 'cat' => 'pm'), + + 'u_sendemail' => array('lang' => 'ACL_U_SENDEMAIL', 'cat' => 'misc'), + 'u_sendim' => array('lang' => 'ACL_U_SENDIM', 'cat' => 'misc'), + 'u_ignoreflood' => array('lang' => 'ACL_U_IGNOREFLOOD', 'cat' => 'misc'), + 'u_hideonline' => array('lang' => 'ACL_U_HIDEONLINE', 'cat' => 'misc'), + 'u_viewonline' => array('lang' => 'ACL_U_VIEWONLINE', 'cat' => 'misc'), + 'u_search' => array('lang' => 'ACL_U_SEARCH', 'cat' => 'misc'), + + // Forum Permissions + 'f_list' => array('lang' => 'ACL_F_LIST', 'cat' => 'actions'), + 'f_read' => array('lang' => 'ACL_F_READ', 'cat' => 'actions'), + 'f_search' => array('lang' => 'ACL_F_SEARCH', 'cat' => 'actions'), + 'f_subscribe' => array('lang' => 'ACL_F_SUBSCRIBE', 'cat' => 'actions'), + 'f_print' => array('lang' => 'ACL_F_PRINT', 'cat' => 'actions'), + 'f_email' => array('lang' => 'ACL_F_EMAIL', 'cat' => 'actions'), + 'f_bump' => array('lang' => 'ACL_F_BUMP', 'cat' => 'actions'), + 'f_user_lock' => array('lang' => 'ACL_F_USER_LOCK', 'cat' => 'actions'), + 'f_download' => array('lang' => 'ACL_F_DOWNLOAD', 'cat' => 'actions'), + 'f_report' => array('lang' => 'ACL_F_REPORT', 'cat' => 'actions'), + + 'f_post' => array('lang' => 'ACL_F_POST', 'cat' => 'post'), + 'f_sticky' => array('lang' => 'ACL_F_STICKY', 'cat' => 'post'), + 'f_announce' => array('lang' => 'ACL_F_ANNOUNCE', 'cat' => 'post'), + 'f_reply' => array('lang' => 'ACL_F_REPLY', 'cat' => 'post'), + 'f_edit' => array('lang' => 'ACL_F_EDIT', 'cat' => 'post'), + 'f_delete' => array('lang' => 'ACL_F_DELETE', 'cat' => 'post'), + 'f_ignoreflood' => array('lang' => 'ACL_F_IGNOREFLOOD', 'cat' => 'post'), + 'f_postcount' => array('lang' => 'ACL_F_POSTCOUNT', 'cat' => 'post'), + 'f_noapprove' => array('lang' => 'ACL_F_NOAPPROVE', 'cat' => 'post'), + + 'f_attach' => array('lang' => 'ACL_F_ATTACH', 'cat' => 'content'), + 'f_icons' => array('lang' => 'ACL_F_ICONS', 'cat' => 'content'), + 'f_bbcode' => array('lang' => 'ACL_F_BBCODE', 'cat' => 'content'), + 'f_flash' => array('lang' => 'ACL_F_FLASH', 'cat' => 'content'), + 'f_img' => array('lang' => 'ACL_F_IMG', 'cat' => 'content'), + 'f_sigs' => array('lang' => 'ACL_F_SIGS', 'cat' => 'content'), + 'f_smilies' => array('lang' => 'ACL_F_SMILIES', 'cat' => 'content'), + + 'f_poll' => array('lang' => 'ACL_F_POLL', 'cat' => 'polls'), + 'f_vote' => array('lang' => 'ACL_F_VOTE', 'cat' => 'polls'), + 'f_votechg' => array('lang' => 'ACL_F_VOTECHG', 'cat' => 'polls'), + + // Moderator Permissions + 'm_edit' => array('lang' => 'ACL_M_EDIT', 'cat' => 'post_actions'), + 'm_delete' => array('lang' => 'ACL_M_DELETE', 'cat' => 'post_actions'), + 'm_approve' => array('lang' => 'ACL_M_APPROVE', 'cat' => 'post_actions'), + 'm_report' => array('lang' => 'ACL_M_REPORT', 'cat' => 'post_actions'), + 'm_chgposter' => array('lang' => 'ACL_M_CHGPOSTER', 'cat' => 'post_actions'), + + 'm_move' => array('lang' => 'ACL_M_MOVE', 'cat' => 'topic_actions'), + 'm_lock' => array('lang' => 'ACL_M_LOCK', 'cat' => 'topic_actions'), + 'm_split' => array('lang' => 'ACL_M_SPLIT', 'cat' => 'topic_actions'), + 'm_merge' => array('lang' => 'ACL_M_MERGE', 'cat' => 'topic_actions'), + + 'm_info' => array('lang' => 'ACL_M_INFO', 'cat' => 'misc'), + 'm_warn' => array('lang' => 'ACL_M_WARN', 'cat' => 'misc'), + 'm_ban' => array('lang' => 'ACL_M_BAN', 'cat' => 'misc'), + + // Admin Permissions + 'a_board' => array('lang' => 'ACL_A_BOARD', 'cat' => 'settings'), + 'a_server' => array('lang' => 'ACL_A_SERVER', 'cat' => 'settings'), + 'a_jabber' => array('lang' => 'ACL_A_JABBER', 'cat' => 'settings'), + 'a_phpinfo' => array('lang' => 'ACL_A_PHPINFO', 'cat' => 'settings'), + + 'a_forum' => array('lang' => 'ACL_A_FORUM', 'cat' => 'forums'), + 'a_forumadd' => array('lang' => 'ACL_A_FORUMADD', 'cat' => 'forums'), + 'a_forumdel' => array('lang' => 'ACL_A_FORUMDEL', 'cat' => 'forums'), + 'a_prune' => array('lang' => 'ACL_A_PRUNE', 'cat' => 'forums'), + + 'a_icons' => array('lang' => 'ACL_A_ICONS', 'cat' => 'posting'), + 'a_words' => array('lang' => 'ACL_A_WORDS', 'cat' => 'posting'), + 'a_bbcode' => array('lang' => 'ACL_A_BBCODE', 'cat' => 'posting'), + 'a_attach' => array('lang' => 'ACL_A_ATTACH', 'cat' => 'posting'), + + 'a_user' => array('lang' => 'ACL_A_USER', 'cat' => 'user_group'), + 'a_userdel' => array('lang' => 'ACL_A_USERDEL', 'cat' => 'user_group'), + 'a_group' => array('lang' => 'ACL_A_GROUP', 'cat' => 'user_group'), + 'a_groupadd' => array('lang' => 'ACL_A_GROUPADD', 'cat' => 'user_group'), + 'a_groupdel' => array('lang' => 'ACL_A_GROUPDEL', 'cat' => 'user_group'), + 'a_ranks' => array('lang' => 'ACL_A_RANKS', 'cat' => 'user_group'), + 'a_profile' => array('lang' => 'ACL_A_PROFILE', 'cat' => 'user_group'), + 'a_names' => array('lang' => 'ACL_A_NAMES', 'cat' => 'user_group'), + 'a_ban' => array('lang' => 'ACL_A_BAN', 'cat' => 'user_group'), + + 'a_viewauth' => array('lang' => 'ACL_A_VIEWAUTH', 'cat' => 'permissions'), + 'a_authgroups' => array('lang' => 'ACL_A_AUTHGROUPS', 'cat' => 'permissions'), + 'a_authusers' => array('lang' => 'ACL_A_AUTHUSERS', 'cat' => 'permissions'), + 'a_fauth' => array('lang' => 'ACL_A_FAUTH', 'cat' => 'permissions'), + 'a_mauth' => array('lang' => 'ACL_A_MAUTH', 'cat' => 'permissions'), + 'a_aauth' => array('lang' => 'ACL_A_AAUTH', 'cat' => 'permissions'), + 'a_uauth' => array('lang' => 'ACL_A_UAUTH', 'cat' => 'permissions'), + 'a_roles' => array('lang' => 'ACL_A_ROLES', 'cat' => 'permissions'), + 'a_switchperm' => array('lang' => 'ACL_A_SWITCHPERM', 'cat' => 'permissions'), + + 'a_styles' => array('lang' => 'ACL_A_STYLES', 'cat' => 'misc'), + 'a_extensions' => array('lang' => 'ACL_A_EXTENSIONS', 'cat' => 'misc'), + 'a_viewlogs' => array('lang' => 'ACL_A_VIEWLOGS', 'cat' => 'misc'), + 'a_clearlogs' => array('lang' => 'ACL_A_CLEARLOGS', 'cat' => 'misc'), + 'a_modules' => array('lang' => 'ACL_A_MODULES', 'cat' => 'misc'), + 'a_language' => array('lang' => 'ACL_A_LANGUAGE', 'cat' => 'misc'), + 'a_email' => array('lang' => 'ACL_A_EMAIL', 'cat' => 'misc'), + 'a_bots' => array('lang' => 'ACL_A_BOTS', 'cat' => 'misc'), + 'a_reasons' => array('lang' => 'ACL_A_REASONS', 'cat' => 'misc'), + 'a_backup' => array('lang' => 'ACL_A_BACKUP', 'cat' => 'misc'), + 'a_search' => array('lang' => 'ACL_A_SEARCH', 'cat' => 'misc'), + ); +} diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index e0585b1523..dc33786666 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -1022,7 +1022,8 @@ class phpbb_session { include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx); } - phpbb_captcha_factory::garbage_collect($config['captcha_plugin']); + $captcha_factory = new phpbb_captcha_factory(); + $captcha_factory->garbage_collect($config['captcha_plugin']); $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); diff --git a/phpBB/phpbb/template/twig/lexer.php b/phpBB/phpbb/template/twig/lexer.php index 46412ad048..4f88147542 100644 --- a/phpBB/phpbb/template/twig/lexer.php +++ b/phpBB/phpbb/template/twig/lexer.php @@ -126,10 +126,14 @@ class phpbb_template_twig_lexer extends Twig_Lexer { $callback = function($matches) { - // Remove any quotes that may have been used in different implementations - // E.g. DEFINE $TEST = 'blah' vs INCLUDE foo - // Replace {} with start/end to parse variables (' ~ TEST ~ '.html) - $matches[2] = str_replace(array('"', "'", '{', '}'), array('', '', "' ~ ", " ~ '"), $matches[2]); + // Remove matching quotes at the beginning/end if a statement; + // E.g. 'asdf'"' -> asdf'" + // E.g. "asdf'"" -> asdf'" + // E.g. 'asdf'" -> 'asdf'" + $matches[2] = preg_replace('#^([\'"])?(.+?)\1$#', '$2', $matches[2]); + + // Replace template variables with start/end to parse variables (' ~ TEST ~ '.html) + $matches[2] = preg_replace('#{([a-zA-Z0-9_\.$]+)}#', "'~ \$1 ~'", $matches[2]); // Surround the matches in single quotes ('' ~ TEST ~ '.html') return "<!-- {$matches[1]} '{$matches[2]}' -->"; @@ -219,19 +223,20 @@ class phpbb_template_twig_lexer extends Twig_Lexer { $callback = function($matches) { + $inner = $matches[2]; // Replace $TEST with definition.TEST - $matches[1] = preg_replace('#\s\$([a-zA-Z_0-9]+)#', ' definition.$1', $matches[1]); + $inner = preg_replace('#\s\$([a-zA-Z_0-9]+)#', ' definition.$1', $inner); // Replace .test with test|length - $matches[1] = preg_replace('#\s\.([a-zA-Z_0-9\.]+)#', ' $1|length', $matches[1]); + $inner = preg_replace('#\s\.([a-zA-Z_0-9\.]+)#', ' $1|length', $inner); - return '<!-- IF' . $matches[1] . '-->'; + return "<!-- {$matches[1]}IF{$inner}-->"; }; // Replace our "div by" with Twig's divisibleby (Twig does not like test names with spaces) $code = preg_replace('# div by ([0-9]+)#', ' divisibleby($1)', $code); - return preg_replace_callback('#<!-- IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code); + return preg_replace_callback('#<!-- (ELSE)?IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code); } /** diff --git a/phpBB/phpbb/template/twig/node/includeasset.php b/phpBB/phpbb/template/twig/node/includeasset.php index 990b1c984f..1cab416c79 100644 --- a/phpBB/phpbb/template/twig/node/includeasset.php +++ b/phpBB/phpbb/template/twig/node/includeasset.php @@ -7,7 +7,7 @@ * */ -class phpbb_template_twig_node_includeasset extends Twig_Node +abstract class phpbb_template_twig_node_includeasset extends Twig_Node { /** @var Twig_Environment */ protected $environment; @@ -57,4 +57,19 @@ class phpbb_template_twig_node_includeasset extends Twig_Node ->raw("\n');\n") ; } + + /** + * Get the definition name + * + * @return string (e.g. 'SCRIPTS') + */ + abstract public function get_definition_name(); + + /** + * Append the output code for the asset + * + * @param Twig_Compiler A Twig_Compiler instance + * @return null + */ + abstract protected function append_asset(Twig_Compiler $compiler); } diff --git a/phpBB/phpbb/template/twig/node/includecss.php b/phpBB/phpbb/template/twig/node/includecss.php index 01fda44aad..a9d9b46d69 100644 --- a/phpBB/phpbb/template/twig/node/includecss.php +++ b/phpBB/phpbb/template/twig/node/includecss.php @@ -9,16 +9,17 @@ class phpbb_template_twig_node_includecss extends phpbb_template_twig_node_includeasset { + /** + * {@inheritdoc} + */ public function get_definition_name() { return 'STYLESHEETS'; } /** - * Compiles the node to PHP. - * - * @param Twig_Compiler A Twig_Compiler instance - */ + * {@inheritdoc} + */ public function append_asset(Twig_Compiler $compiler) { $compiler diff --git a/phpBB/phpbb/template/twig/node/includejs.php b/phpBB/phpbb/template/twig/node/includejs.php index fdf2bea3ed..2b4b55fb0a 100644 --- a/phpBB/phpbb/template/twig/node/includejs.php +++ b/phpBB/phpbb/template/twig/node/includejs.php @@ -9,16 +9,17 @@ class phpbb_template_twig_node_includejs extends phpbb_template_twig_node_includeasset { + /** + * {@inheritdoc} + */ public function get_definition_name() { return 'SCRIPTS'; } /** - * Compiles the node to PHP. - * - * @param Twig_Compiler A Twig_Compiler instance - */ + * {@inheritdoc} + */ protected function append_asset(Twig_Compiler $compiler) { $config = $this->environment->get_phpbb_config(); diff --git a/phpBB/report.php b/phpBB/report.php index 3f2e7a91ff..c9ca57ecbe 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -147,7 +147,7 @@ else if ($config['enable_post_confirm'] && !$user->data['is_registered']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); - $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REPORT); } @@ -157,10 +157,13 @@ $s_hidden_fields = ''; // Submit report? if ($submit && $reason_id) { - $visual_confirmation_response = $captcha->validate(); - if ($visual_confirmation_response) + if (isset($captcha)) { - $error[] = $visual_confirmation_response; + $visual_confirmation_response = $captcha->validate(); + if ($visual_confirmation_response) + { + $error[] = $visual_confirmation_response; + } } $sql = 'SELECT * diff --git a/phpBB/search.php b/phpBB/search.php index 2429c81dae..40c0b9a8ce 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -366,7 +366,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) { $sql = "SELECT p.post_id FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t - WHERE t.topic_replies = 0 + WHERE t.topic_posts_approved = 1 AND p.topic_id = t.topic_id $last_post_time AND $m_approve_posts_fid_sql @@ -378,7 +378,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) { $sql = 'SELECT DISTINCT ' . $sort_by_sql[$sort_key] . ", p.topic_id FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t - WHERE t.topic_replies = 0 + WHERE t.topic_posts_approved = 1 AND t.topic_moved_id = 0 AND p.topic_id = t.topic_id $last_post_time @@ -687,6 +687,18 @@ if ($keywords || $author || $author_id || $search_id || $submit) $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); } + /** + * Event to modify the SQL query before the topic data is retrieved + * + * @event core.search_get_topic_data + * @var string sql_select The SQL SELECT string used by search to get topic data + * @var string sql_from The SQL FROM string used by search to get topic data + * @var string sql_where The SQL WHERE string used by search to get topic data + * @since 3.1-A1 + */ + $vars = array('sql_select', 'sql_from', 'sql_where'); + extract($phpbb_dispatcher->trigger_event('core.search_get_topic_data', compact($vars))); + $sql = "SELECT $sql_select FROM $sql_from WHERE $sql_where"; @@ -989,7 +1001,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) ); } - $template->assign_block_vars('searchresults', array_merge($tpl_ary, array( + $tpl_ary = array_merge($tpl_ary, array( 'FORUM_ID' => $forum_id, 'TOPIC_ID' => $result_topic_id, 'POST_ID' => ($show_results == 'posts') ? $row['post_id'] : false, @@ -1001,9 +1013,22 @@ if ($keywords || $author || $author_id || $search_id || $submit) 'U_VIEW_TOPIC' => $view_topic_url, 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id), - 'U_VIEW_POST' => (!empty($row['post_id'])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=" . $row['topic_id'] . '&p=' . $row['post_id'] . (($u_hilit) ? '&hilit=' . $u_hilit : '')) . '#p' . $row['post_id'] : '') + 'U_VIEW_POST' => (!empty($row['post_id'])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=" . $row['topic_id'] . '&p=' . $row['post_id'] . (($u_hilit) ? '&hilit=' . $u_hilit : '')) . '#p' . $row['post_id'] : '', )); + /** + * Modify the topic data before it is assigned to the template + * + * @event core.search_modify_tpl_ary + * @var array row Array with topic data + * @var array tpl_ary Template block array with topic data + * @since 3.1-A1 + */ + $vars = array('row', 'tpl_ary'); + extract($phpbb_dispatcher->trigger_event('core.search_modify_tpl_ary', compact($vars))); + + $template->assign_block_vars('searchresults', $tpl_ary); + if ($show_results == 'topics') { phpbb_generate_template_pagination($template, $view_topic_url, 'searchresults.pagination', 'start', $replies + 1, $config['posts_per_page'], 1, true, true); diff --git a/phpBB/styles/prosilver/template/editor.js b/phpBB/styles/prosilver/template/editor.js index 235cc0025b..4c70ee345f 100644 --- a/phpBB/styles/prosilver/template/editor.js +++ b/phpBB/styles/prosilver/template/editor.js @@ -301,7 +301,7 @@ function colorPalette(dir, width, height) { var r = 0, g = 0, b = 0, - numberList = new Array(6); + numberList = new Array(6), color = '', html = ''; diff --git a/phpBB/styles/prosilver/template/search_results.html b/phpBB/styles/prosilver/template/search_results.html index f0424c45db..54e8867526 100644 --- a/phpBB/styles/prosilver/template/search_results.html +++ b/phpBB/styles/prosilver/template/search_results.html @@ -63,6 +63,7 @@ <dt <!-- IF searchresults.TOPIC_ICON_IMG -->style="background-image: url({T_ICONS_PATH}{searchresults.TOPIC_ICON_IMG}); background-repeat: no-repeat;"<!-- ENDIF --> title="{searchresults.TOPIC_FOLDER_IMG_ALT}"> <div class="list-inner"> + <!-- EVENT topiclist_row_prepend --> <!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}">{NEWEST_POST_IMG}</a> <!-- ENDIF --> <a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a> {searchresults.ATTACH_ICON_IMG} <!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED --><a href="{searchresults.U_MCP_QUEUE}">{searchresults.UNAPPROVED_IMG}</a> <!-- ENDIF --> @@ -83,6 +84,7 @@ </div> <!-- ENDIF --> {L_POST_BY_AUTHOR} {searchresults.TOPIC_AUTHOR_FULL} » {searchresults.FIRST_POST_TIME} » {L_IN} <a href="{searchresults.U_VIEW_FORUM}">{searchresults.FORUM_TITLE}</a> + <!-- EVENT topiclist_row_append --> </div> </dt> diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index 69b0608a64..ecd993d7fb 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -144,6 +144,7 @@ <dl class="icon {topicrow.TOPIC_IMG_STYLE}"> <dt<!-- IF topicrow.TOPIC_ICON_IMG and S_TOPIC_ICONS --> style="background-image: url({T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}); background-repeat: no-repeat;"<!-- ENDIF --> title="{topicrow.TOPIC_FOLDER_IMG_ALT}"> <div class="list-inner"> + <!-- EVENT topiclist_row_prepend --> <!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}">{NEWEST_POST_IMG}</a> <!-- ENDIF --><a href="{topicrow.U_VIEW_TOPIC}" class="topictitle">{topicrow.TOPIC_TITLE}</a> <!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED --><a href="{topicrow.U_MCP_QUEUE}">{topicrow.UNAPPROVED_IMG}</a> <!-- ENDIF --> <!-- IF topicrow.S_TOPIC_DELETED --><a href="{topicrow.U_MCP_QUEUE}">{DELETED_IMG}</a> <!-- ENDIF --> @@ -164,6 +165,7 @@ <!-- ENDIF --> <!-- IF topicrow.ATTACH_ICON_IMG -->{topicrow.ATTACH_ICON_IMG} <!-- ENDIF -->{L_POST_BY_AUTHOR} {topicrow.TOPIC_AUTHOR_FULL} » {topicrow.FIRST_POST_TIME} <!-- IF topicrow.S_POST_GLOBAL and FORUM_ID != topicrow.FORUM_ID --> » {L_IN} <a href="{topicrow.U_VIEW_FORUM}">{topicrow.FORUM_NAME}</a><!-- ENDIF --> + <!-- EVENT topiclist_row_append --> </div> </dt> <dd class="posts">{topicrow.REPLIES} <dfn>{L_REPLIES}</dfn></dd> diff --git a/phpBB/styles/prosilver/theme/common.css b/phpBB/styles/prosilver/theme/common.css index e58386de45..a2b8034187 100644 --- a/phpBB/styles/prosilver/theme/common.css +++ b/phpBB/styles/prosilver/theme/common.css @@ -758,6 +758,10 @@ p.rules a { clear: both; } +#notification_list ul li:before, #notification_list ul li:after { + display: none; +} + #notification_list > .header { padding: 0 10px; font-family: Arial, "Helvetica Neue", Helvetica, Arial, sans-serif; diff --git a/phpBB/styles/subsilver2/template/overall_header.html b/phpBB/styles/subsilver2/template/overall_header.html index bc2307154b..b0d7ce6fab 100644 --- a/phpBB/styles/subsilver2/template/overall_header.html +++ b/phpBB/styles/subsilver2/template/overall_header.html @@ -154,8 +154,8 @@ function marklist(id, name, state) <table width="100%" cellspacing="0"> <tr> <td class="genmed"> - <!-- IF S_NOTIFICATIONS_DISPLAY --> - [ <a href="{U_VIEW_ALL_NOTIFICATIONS}" id="notification_list_button">{NOTIFICATIONS_COUNT}</a> ] • + <!-- IF S_NOTIFICATIONS_DISPLAY and not S_IS_BOT and S_USER_LOGGED_IN --> + [ <a href="{U_VIEW_ALL_NOTIFICATIONS}" id="notification_list_button">{NOTIFICATIONS_COUNT}</a> ] <div id="notification_list" class="notification_list"> <div class="row1 header"> {L_NOTIFICATIONS} diff --git a/phpBB/styles/subsilver2/template/search_results.html b/phpBB/styles/subsilver2/template/search_results.html index d98079de20..19ba0b196a 100644 --- a/phpBB/styles/subsilver2/template/search_results.html +++ b/phpBB/styles/subsilver2/template/search_results.html @@ -34,6 +34,7 @@ <!-- ENDIF --> </td> <td class="row1"> + <!-- EVENT topiclist_row_prepend --> <!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF --> {searchresults.ATTACH_ICON_IMG} <a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a> <!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED --> @@ -58,6 +59,7 @@ ] </p> <!-- ENDIF --> <p class="gensmall">{L_IN} <a href="{searchresults.U_VIEW_FORUM}">{searchresults.FORUM_TITLE}</a></p> + <!-- EVENT topiclist_row_append --> </td> <td class="row2" width="100" align="center"><p class="topicauthor">{searchresults.TOPIC_AUTHOR_FULL}</p></td> <td class="row1" width="50" align="center"><p class="topicdetails">{searchresults.TOPIC_REPLIES}</p></td> diff --git a/phpBB/styles/subsilver2/template/viewforum_body.html b/phpBB/styles/subsilver2/template/viewforum_body.html index d07e9a1372..dfbe0a605b 100644 --- a/phpBB/styles/subsilver2/template/viewforum_body.html +++ b/phpBB/styles/subsilver2/template/viewforum_body.html @@ -40,6 +40,7 @@ <td class="row1" width="25" align="center"><!-- IF topicrow.TOPIC_ICON_IMG --><img src="{T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}" width="{topicrow.TOPIC_ICON_IMG_WIDTH}" height="{topicrow.TOPIC_ICON_IMG_HEIGHT}" alt="" title="" /><!-- ENDIF --></td> <!-- ENDIF --> <td class="row1"> + <!-- EVENT topiclist_row_prepend --> <!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF --> {topicrow.ATTACH_ICON_IMG} <!-- IF topicrow.S_HAS_POLL or topicrow.S_TOPIC_MOVED --><b>{topicrow.TOPIC_TYPE}</b> <!-- ENDIF --><a title="{L_POSTED}{L_COLON} {topicrow.FIRST_POST_TIME}" href="{topicrow.U_VIEW_TOPIC}"class="topictitle">{topicrow.TOPIC_TITLE}</a> <!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED --> @@ -63,6 +64,7 @@ <!-- END pagination --> ] </p> <!-- ENDIF --> + <!-- EVENT topiclist_row_append --> </td> <td class="row2" width="130" align="center"><p class="topicauthor">{topicrow.TOPIC_AUTHOR_FULL}</p></td> <td class="row1" width="50" align="center"><p class="topicdetails">{topicrow.REPLIES}</p></td> @@ -203,6 +205,7 @@ <td class="row1" width="25" align="center"><!-- IF topicrow.TOPIC_ICON_IMG --><img src="{T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}" width="{topicrow.TOPIC_ICON_IMG_WIDTH}" height="{topicrow.TOPIC_ICON_IMG_HEIGHT}" alt="" title="" /><!-- ENDIF --></td> <!-- ENDIF --> <td class="row1"> + <!-- EVENT topiclist_row_prepend --> <!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF --> {topicrow.ATTACH_ICON_IMG} <!-- IF topicrow.S_HAS_POLL or topicrow.S_TOPIC_MOVED --><b>{topicrow.TOPIC_TYPE}</b> <!-- ENDIF --><a title="{L_POSTED}{L_COLON} {topicrow.FIRST_POST_TIME}" href="{topicrow.U_VIEW_TOPIC}" class="topictitle">{topicrow.TOPIC_TITLE}</a> <!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED --> @@ -227,6 +230,7 @@ ] </p> <!-- ENDIF --> <!-- IF topicrow.S_POST_GLOBAL and FORUM_ID != topicrow.FORUM_ID --><p class="gensmall">{L_IN} <a href="{topicrow.U_VIEW_FORUM}">{topicrow.FORUM_NAME}</a></p><!-- ENDIF --> + <!-- EVENT topiclist_row_append --> </td> <td class="row2" width="130" align="center"><p class="topicauthor">{topicrow.TOPIC_AUTHOR_FULL}</p></td> <td class="row1" width="50" align="center"><p class="topicdetails">{topicrow.REPLIES}</p></td> diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 5a59e021b3..1fa2030671 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -372,6 +372,16 @@ $sql_array = array( 'LEFT_JOIN' => array(), ); +/** +* Event to modify the SQL query before the topic data is retrieved +* +* @event core.viewforum_get_topic_data +* @var array sql_array The SQL array to get the data of all topics +* @since 3.1-A1 +*/ +$vars = array('sql_array'); +extract($phpbb_dispatcher->trigger_event('core.viewforum_get_topic_data', compact($vars))); + $sql_approved = ' AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.'); if ($user->data['is_registered']) @@ -554,6 +564,17 @@ if (sizeof($shadow_topic_list)) $sql = 'SELECT * FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list)); + + /** + * Event to modify the SQL query before the shadowtopic data is retrieved + * + * @event core.viewforum_get_shadowtopic_data + * @var string sql The SQL string to get the data of any shadowtopics + * @since 3.1-A1 + */ + $vars = array('sql'); + extract($phpbb_dispatcher->trigger_event('core.viewforum_get_shadowtopic_data', compact($vars))); + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 1e444f47ad..9510b047ca 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -832,39 +832,14 @@ if (!empty($topic_data['poll_start'])) $poll_total += $poll_option['poll_option_total']; } - if ($poll_info[0]['bbcode_bitfield']) - { - $poll_bbcode = new bbcode(); - } - else - { - $poll_bbcode = false; - } + $parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; for ($i = 0, $size = sizeof($poll_info); $i < $size; $i++) { - $poll_info[$i]['poll_option_text'] = censor_text($poll_info[$i]['poll_option_text']); - - if ($poll_bbcode !== false) - { - $poll_bbcode->bbcode_second_pass($poll_info[$i]['poll_option_text'], $poll_info[$i]['bbcode_uid'], $poll_option['bbcode_bitfield']); - } - - $poll_info[$i]['poll_option_text'] = bbcode_nl2br($poll_info[$i]['poll_option_text']); - $poll_info[$i]['poll_option_text'] = smiley_text($poll_info[$i]['poll_option_text']); - } - - $topic_data['poll_title'] = censor_text($topic_data['poll_title']); - - if ($poll_bbcode !== false) - { - $poll_bbcode->bbcode_second_pass($topic_data['poll_title'], $poll_info[0]['bbcode_uid'], $poll_info[0]['bbcode_bitfield']); + $poll_info[$i]['poll_option_text'] = generate_text_for_display($poll_info[$i]['poll_option_text'], $poll_info[$i]['bbcode_uid'], $poll_option['bbcode_bitfield'], $parse_flags, true); } - $topic_data['poll_title'] = bbcode_nl2br($topic_data['poll_title']); - $topic_data['poll_title'] = smiley_text($topic_data['poll_title']); - - unset($poll_bbcode); + $topic_data['poll_title'] = generate_text_for_display($topic_data['poll_title'], $poll_info[0]['bbcode_uid'], $poll_info[0]['bbcode_bitfield'], $parse_flags, true); foreach ($poll_info as $poll_option) { @@ -1406,29 +1381,13 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) // End signature parsing, only if needed if ($user_cache[$poster_id]['sig'] && $row['enable_sig'] && empty($user_cache[$poster_id]['sig_parsed'])) { - $user_cache[$poster_id]['sig'] = censor_text($user_cache[$poster_id]['sig']); - - if ($user_cache[$poster_id]['sig_bbcode_bitfield']) - { - $bbcode->bbcode_second_pass($user_cache[$poster_id]['sig'], $user_cache[$poster_id]['sig_bbcode_uid'], $user_cache[$poster_id]['sig_bbcode_bitfield']); - } - - $user_cache[$poster_id]['sig'] = bbcode_nl2br($user_cache[$poster_id]['sig']); - $user_cache[$poster_id]['sig'] = smiley_text($user_cache[$poster_id]['sig']); - $user_cache[$poster_id]['sig_parsed'] = true; + $parse_flags = ($user_cache[$poster_id]['sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $user_cache[$poster_id]['sig'] = generate_text_for_display($user_cache[$poster_id]['sig'], $user_cache[$poster_id]['sig_bbcode_uid'], $user_cache[$poster_id]['sig_bbcode_bitfield'], $parse_flags, true); } // Parse the message and subject - $message = censor_text($row['post_text']); - - // Second parse bbcode here - if ($row['bbcode_bitfield']) - { - $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']); - } - - $message = bbcode_nl2br($message); - $message = smiley_text($message); + $parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true); if (!empty($attachments[$row['post_id']])) { diff --git a/tests/functional/avatar_acp_groups_test.php b/tests/functional/avatar_acp_groups_test.php new file mode 100644 index 0000000000..9fdc29cc76 --- /dev/null +++ b/tests/functional/avatar_acp_groups_test.php @@ -0,0 +1,63 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/common_avatar_test.php'; + +/** + * @group functional + */ +class phpbb_functional_avatar_acp_groups_test extends phpbb_functional_common_avatar_test +{ + public function get_url() + { + return 'adm/index.php?i=acp_groups&mode=manage&action=edit&g=5'; + } + + public function avatar_acp_groups_data() + { + return array( + // Correct Gravatar + array( + 'GROUP_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_gravatar_email' => 'test@example.com', + 'avatar_gravatar_width' => 80, + 'avatar_gravatar_height' => 80, + ), + ), + // Gravatar with incorrect size + array( + 'The submitted avatar is 120 wide and 120 high. Avatars must be at least 20 wide and 20 high, but no larger than 90 wide and 90 high.', + 'avatar_driver_gravatar', + array( + 'avatar_gravatar_email' => 'test@example.com', + 'avatar_gravatar_width' => 120, + 'avatar_gravatar_height' => 120, + ), + ), + // Delete avatar image to reset group settings + array( + 'GROUP_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_delete' => array('tick', ''), + ), + ), + ); + } + + /** + * @dataProvider avatar_acp_groups_data + */ + public function test_avatar_acp_groups($expected, $avatar_type, $data) + { + $this->assert_avatar_submit($expected, $avatar_type, $data); + } +} diff --git a/tests/functional/avatar_acp_users_test.php b/tests/functional/avatar_acp_users_test.php new file mode 100644 index 0000000000..0afd05e530 --- /dev/null +++ b/tests/functional/avatar_acp_users_test.php @@ -0,0 +1,61 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/common_avatar_test.php'; + +/** + * @group functional + */ +class phpbb_functional_avatar_acp_users_test extends phpbb_functional_common_avatar_test +{ + public function get_url() + { + return 'adm/index.php?i=acp_users&u=2&mode=avatar'; + } + + public function avatar_acp_users_data() + { + return array( + // Gravatar with incorrect email + array( + 'EMAIL_INVALID_EMAIL', + 'avatar_driver_gravatar', + array( + 'avatar_gravatar_email' => 'test.example.com', + 'avatar_gravatar_width' => 80, + 'avatar_gravatar_height' => 80, + ), + ), + // Remote avatar with correct link + array( + 'USER_AVATAR_UPDATED', + 'avatar_driver_upload', + array( + 'avatar_upload_url' => 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg', + ), + ), + // Reset avatar settings + array( + 'USER_AVATAR_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_delete' => array('tick', ''), + ), + ), + ); + } + + /** + * @dataProvider avatar_acp_users_data + */ + public function test_avatar_acp_users($expected, $avatar_type, $data) + { + $this->assert_avatar_submit($expected, $avatar_type, $data); + } +} diff --git a/tests/functional/avatar_ucp_groups_test.php b/tests/functional/avatar_ucp_groups_test.php new file mode 100644 index 0000000000..233b7d36e1 --- /dev/null +++ b/tests/functional/avatar_ucp_groups_test.php @@ -0,0 +1,71 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/common_avatar_test.php'; + +/** + * @group functional + */ +class phpbb_functional_avatar_ucp_groups_test extends phpbb_functional_common_avatar_test +{ + public function get_url() + { + return 'ucp.php?i=ucp_groups&mode=manage&action=edit&g=5'; + } + + public function avatar_ucp_groups_data() + { + return array( + // Incorrect URL + array( + 'AVATAR_URL_INVALID', + 'avatar_driver_upload', + array( + 'avatar_upload_url' => 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0?s=80', + ), + ), + /* + // Does not work due to DomCrawler issue + // Valid file upload + array( + 'GROUP_UPDATED', + 'avatar_driver_upload', + array( + 'avatar_upload_file' => array('upload', $this->path . 'valid.jpg'), + ), + ), + */ + // Correct remote avatar + array( + 'GROUP_UPDATED', + 'avatar_driver_remote', + array( + 'avatar_remote_url' => 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg', + 'avatar_remote_width' => 80, + 'avatar_remote_height' => 80, + ), + ), + array( + 'GROUP_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_delete' => array('tick', ''), + ), + ), + ); + } + + /** + * @dataProvider avatar_ucp_groups_data + */ + public function test_avatar_ucp_groups($expected, $avatar_type, $data) + { + $this->assert_avatar_submit($expected, $avatar_type, $data); + } +} diff --git a/tests/functional/avatar_ucp_users_test.php b/tests/functional/avatar_ucp_users_test.php new file mode 100644 index 0000000000..f828559e0d --- /dev/null +++ b/tests/functional/avatar_ucp_users_test.php @@ -0,0 +1,78 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/common_avatar_test.php'; + +/** + * @group functional + */ +class phpbb_functional_avatar_ucp_users_test extends phpbb_functional_common_avatar_test +{ + public function get_url() + { + return 'ucp.php?i=ucp_profile&mode=avatar'; + } + + public function avatar_ucp_groups_data() + { + return array( + // Gravatar with correct settings + array( + 'PROFILE_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_gravatar_email' => 'test@example.com', + 'avatar_gravatar_width' => 80, + 'avatar_gravatar_height' => 80, + ), + ), + // Wrong driver selected + array( + 'NO_AVATAR_SELECTED', + 'avatar_driver_upload', + array( + 'avatar_remote_url' => 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg', + 'avatar_remote_width' => 80, + 'avatar_remote_height' => 80, + ), + ), + array( + 'PROFILE_UPDATED', + 'avatar_driver_gravatar', + array( + 'avatar_delete' => array('tick', ''), + ), + ), + ); + } + + /** + * @dataProvider avatar_ucp_groups_data + */ + public function test_avatar_ucp_groups($expected, $avatar_type, $data) + { + $this->assert_avatar_submit($expected, $avatar_type, $data); + } + + public function test_display_upload_avatar() + { + $this->assert_avatar_submit('PROFILE_UPDATED', + 'avatar_driver_upload', + array( + 'avatar_upload_url' => 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg', + ) + ); + + $crawler = self::request('GET', $this->get_url() . '&sid=' . $this->sid); + $avatar_link = $crawler->filter('img')->attr('src'); + $crawler = self::request('GET', $avatar_link . '&sid=' . $this->sid, array(), false); + $content = self::$client->getResponse()->getContent(); + self::assertEquals(false, stripos(trim($content), 'debug'), 'Output contains debug message'); + } +} diff --git a/tests/functional/browse_test.php b/tests/functional/browse_test.php index 18a2ad9464..c3be301762 100644 --- a/tests/functional/browse_test.php +++ b/tests/functional/browse_test.php @@ -29,4 +29,11 @@ class phpbb_functional_browse_test extends phpbb_functional_test_case $crawler = self::request('GET', 'viewtopic.php?t=1'); $this->assertGreaterThan(0, $crawler->filter('.postbody')->count()); } + + public function test_feed() + { + $crawler = self::request('GET', 'feed.php', array(), false); + self::assert_response_xml(); + $this->assertGreaterThan(0, $crawler->filter('entry')->count()); + } } diff --git a/tests/functional/common_avatar_test.php b/tests/functional/common_avatar_test.php new file mode 100644 index 0000000000..c0f21d07c2 --- /dev/null +++ b/tests/functional/common_avatar_test.php @@ -0,0 +1,80 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * @group functional + */ +abstract class phpbb_functional_common_avatar_test extends phpbb_functional_test_case +{ + private $path; + private $form_content; + + abstract function get_url(); + + public function setUp() + { + parent::setUp(); + $this->path = __DIR__ . '/fixtures/files/'; + $this->login(); + $this->admin_login(); + $this->add_lang(array('acp/board', 'ucp', 'acp/users', 'acp/groups')); + $this->set_acp_settings(); + } + + private function set_acp_settings() + { + $crawler = self::request('GET', 'adm/index.php?i=acp_board&mode=avatar&sid=' . $this->sid); + // Check the default entries we should have + $this->assertContainsLang('ALLOW_GRAVATAR', $crawler->text()); + $this->assertContainsLang('ALLOW_REMOTE', $crawler->text()); + $this->assertContainsLang('ALLOW_AVATARS', $crawler->text()); + $this->assertContainsLang('ALLOW_LOCAL', $crawler->text()); + + // Now start setting the needed settings + $form = $crawler->selectButton($this->lang('SUBMIT'))->form(); + $form['config[allow_avatar_local]']->select(1); + $form['config[allow_avatar_gravatar]']->select(1); + $form['config[allow_avatar_remote]']->select(1); + $form['config[allow_avatar_remote_upload]']->select(1); + $crawler = self::submit($form); + $this->assertContainsLang('CONFIG_UPDATED', $crawler->text()); + } + + public function assert_avatar_submit($expected, $type, $data, $button_text = 'SUBMIT') + { + $crawler = self::request('GET', $this->get_url() . '&sid=' . $this->sid); + + // Test if setting a gravatar avatar properly works + $form = $crawler->selectButton($this->lang($button_text))->form(); + $form['avatar_driver']->select($type); + + foreach ($data as $key => $value) + { + if (is_array($value)) + { + $form[$key]->$value[0]($value[1]); + } + else + { + $form[$key]->setValue($value); + } + } + + $crawler = self::submit($form); + + try + { + $this->assertContainsLang($expected, $crawler->text()); + } + catch (Exception $e) + { + $this->assertContains($expected, $crawler->text()); + } + } +} diff --git a/tests/functional/extension_permission_lang_test.php b/tests/functional/extension_permission_lang_test.php index 6c1720735c..19adb89819 100644 --- a/tests/functional/extension_permission_lang_test.php +++ b/tests/functional/extension_permission_lang_test.php @@ -18,6 +18,7 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t static protected $fixtures = array( 'foo/bar/language/en/', + 'foo/bar/event/', ); static public function setUpBeforeClass() @@ -75,6 +76,6 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t $this->assertContains('Can attach files', $crawler->filter('body')->text()); // language from ext/foo/bar/language/en/permissions_foo.php - $this->assertContains('Can view foo', $crawler->filter('body')->text()); + $this->assertContains('Can view foobar', $crawler->filter('body')->text()); } } diff --git a/tests/functional/fixtures/ext/foo/bar/event/permission_listener.php b/tests/functional/fixtures/ext/foo/bar/event/permission_listener.php new file mode 100644 index 0000000000..6986755f71 --- /dev/null +++ b/tests/functional/fixtures/ext/foo/bar/event/permission_listener.php @@ -0,0 +1,40 @@ +<?php + +/** +* +* @package testing +* @copyright (c) 2013 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +/** +* @ignore +*/ + +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Event listener +*/ +use Symfony\Component\EventDispatcher\EventSubscriberInterface; + +class phpbb_ext_foo_bar_event_permission_listener implements EventSubscriberInterface +{ + static public function getSubscribedEvents() + { + return array( + 'core.permissions' => 'add_permissions', + ); + } + + public function add_permissions($event) + { + $permissions = $event['permissions']; + $permissions['u_foo'] = array('lang' => 'ACL_U_FOOBAR', 'cat' => 'post'); + $event['permissions'] = $permissions; + } +} diff --git a/tests/functional/fixtures/ext/foo/bar/language/en/permissions_foo.php b/tests/functional/fixtures/ext/foo/bar/language/en/permissions_foo.php index cd4b9a32d1..64b497c394 100644 --- a/tests/functional/fixtures/ext/foo/bar/language/en/permissions_foo.php +++ b/tests/functional/fixtures/ext/foo/bar/language/en/permissions_foo.php @@ -1,6 +1,5 @@ <?php -// Admin Permissions $lang = array_merge($lang, array( - 'acl_u_foo' => array('lang' => 'Can view foo', 'cat' => 'misc'), + 'ACL_U_FOOBAR' => 'Can view foobar with permission foo', )); diff --git a/tests/functional/report_post_captcha.php b/tests/functional/report_post_captcha_test.php index af713775c5..8283465041 100644 --- a/tests/functional/report_post_captcha.php +++ b/tests/functional/report_post_captcha_test.php @@ -12,13 +12,6 @@ */ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_case { - public function test_user_report_post() - { - $this->login(); - $crawler = self::request('GET', 'report.php?f=2&p=1'); - $this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); - } - public function test_guest_report_post() { $crawler = self::request('GET', 'report.php?f=2&p=1'); @@ -31,6 +24,18 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca $this->set_reporting_guest(-1); } + public function test_user_report_post() + { + $this->login(); + $crawler = self::request('GET', 'report.php?f=2&p=1'); + $this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); + + $this->add_lang('mcp'); + $form = $crawler->selectButton($this->lang('SUBMIT'))->form(); + $crawler = self::submit($form); + $this->assertContains($this->lang('POST_REPORTED_SUCCESS'), $crawler->text()); + } + protected function set_reporting_guest($report_post_allowed) { $this->login(); diff --git a/tests/mock/auth_provider.php b/tests/mock/auth_provider.php new file mode 100644 index 0000000000..9d002334d6 --- /dev/null +++ b/tests/mock/auth_provider.php @@ -0,0 +1,53 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +/** + * Mock auth provider class with basic functions to help test sessions. + */ +class phpbb_mock_auth_provider implements phpbb_auth_provider_interface +{ + function init() + { + return null; + } + + function login($username, $password) + { + return array( + 'status' => "", + 'error_msg' => "", + 'user_row' => "", + ); + } + + function autologin() + { + return array(); + } + + function acp() + { + return array(); + } + + function logout($data, $new_session) + { + return null; + } + + function validate_session($user) + { + return null; + } + + public function get_acp_template($new_config) + { + return null; + } +} diff --git a/tests/mock/session_testable.php b/tests/mock/session_testable.php index 56ff8c8b32..283f9af192 100644 --- a/tests/mock/session_testable.php +++ b/tests/mock/session_testable.php @@ -58,5 +58,9 @@ class phpbb_mock_session_testable extends phpbb_session } } } + + public function setup() + { + } } diff --git a/tests/session/check_ban_test.php b/tests/session/check_ban_test.php new file mode 100644 index 0000000000..8d6c9a866d --- /dev/null +++ b/tests/session/check_ban_test.php @@ -0,0 +1,78 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_check_ban_test extends phpbb_session_test_case +{ + protected $user_id = 4; + protected $key_id = 4; + protected $session; + protected $backup_cache; + + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_banlist.xml'); + } + + static function check_banned_data() + { + return array( + array('All false values, should not be banned', + false, false, false, false, /* should be banned? -> */ false), + array('Matching values in the database, should be banned', + 4, '127.0.0.1', 'bar@example.org', true, /* should be banned? -> */ true), + array('IP Banned, should be banned', + false, '127.1.1.1', false, false, /* should be banned? -> */ true), + ); + } + + public function setUp() + { + parent::setUp(); + // Get session here so that config is mocked correctly + $this->session = $this->session_factory->get_session($this->db); + global $cache, $config, $phpbb_root_path, $phpEx; + $this->backup_cache = $cache; + // Change the global cache object for this test because + // the mock cache object does not hit the database as is needed + // for this test. + $cache = new phpbb_cache_service( + new phpbb_cache_driver_file(), + $config, + $this->db, + $phpbb_root_path, + $phpEx + ); + } + + public function tearDown() + { + parent::tearDown(); + // Set cache back to what it was before the test changed it + global $cache; + $cache = $this->backup_cache; + } + + /** @dataProvider check_banned_data */ + public function test_check_is_banned($test_msg, $user_id, $user_ips, $user_email, $return, $should_be_banned) + { + try + { + $is_banned = $this->session->check_ban($user_id, $user_ips, $user_email, $return); + } + catch (PHPUnit_Framework_Error_Notice $e) + { + // User error was triggered, user must have been banned + $is_banned = true; + } + + $this->assertEquals($should_be_banned, $is_banned, $test_msg); + } +} diff --git a/tests/session/check_isvalid_test.php b/tests/session/check_isvalid_test.php new file mode 100644 index 0000000000..760e2a6f24 --- /dev/null +++ b/tests/session/check_isvalid_test.php @@ -0,0 +1,61 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2013 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_check_isvalid_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml'); + } + + protected function access_with($session_id, $user_id, $user_agent, $ip) + { + $this->session_factory->merge_test_data($session_id, $user_id, $user_agent, $ip); + + $session = $this->session_factory->get_session($this->db); + $session->page = array('page' => 'page', 'forum' => 0); + + $session->session_begin(); + $this->session_factory->check($this); + return $session; + } + + public function test_session_valid_session_exists() + { + $session = $this->access_with('bar_session000000000000000000000', '4', 'user agent', '127.0.0.1'); + $session->check_cookies($this, array()); + + $this->check_sessions_equals(array( + array('session_id' => 'anon_session00000000000000000000', 'session_user_id' => 1), + array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), + ), + 'If a request comes with a valid session id with matching user agent and IP, no new session should be created.' + ); + } + + public function test_session_invalid_make_new_annon_session() + { + $session = $this->access_with('anon_session00000000000000000000', '4', 'user agent', '127.0.0.1'); + $session->check_cookies($this, array( + 'u' => array('1', null), + 'k' => array(null, null), + 'sid' => array($session->session_id, null), + )); + + $this->check_sessions_equals(array( + array('session_id' => $session->session_id, 'session_user_id' => 1), // use generated SID + array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), + ), + 'If a request comes with a valid session id and IP but different user id and user agent, + a new anonymous session is created and the session matching the supplied session id is deleted.' + ); + } +} diff --git a/tests/session/continue_test.php b/tests/session/continue_test.php deleted file mode 100644 index e5a7f7a4a1..0000000000 --- a/tests/session/continue_test.php +++ /dev/null @@ -1,133 +0,0 @@ -<?php -/** -* -* @package testing -* @copyright (c) 2011 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 -* -*/ - -require_once dirname(__FILE__) . '/testable_factory.php'; - -class phpbb_session_continue_test extends phpbb_database_test_case -{ - public function getDataSet() - { - return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_full.xml'); - } - - static public function session_begin_attempts() - { - // The session_id field is defined as CHAR(32) in the database schema. - // Thus the data we put in session_id fields has to have a length of 32 characters on stricter DBMSes. - // Thus we fill those strings up with zeroes until they have a string length of 32. - - return array( - array( - 'bar_session000000000000000000000', '4', 'user agent', '127.0.0.1', - array( - array('session_id' => 'anon_session00000000000000000000', 'session_user_id' => 1), - array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), - ), - array(), - 'If a request comes with a valid session id with matching user agent and IP, no new session should be created.', - ), - array( - 'anon_session00000000000000000000', '4', 'user agent', '127.0.0.1', - array( - array('session_id' => '__new_session_id__', 'session_user_id' => 1), // use generated SID - array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), - ), - array( - 'u' => array('1', null), - 'k' => array(null, null), - 'sid' => array('__new_session_id__', null), - ), - 'If a request comes with a valid session id and IP but different user id and user agent, a new anonymous session is created and the session matching the supplied session id is deleted.', - ), - ); - } - - /** - * @dataProvider session_begin_attempts - */ - public function test_session_begin_valid_session($session_id, $user_id, $user_agent, $ip, $expected_sessions, $expected_cookies, $message) - { - global $phpbb_container, $phpbb_root_path, $phpEx; - - $db = $this->new_dbal(); - $config = new phpbb_config(array()); - $request = $this->getMock('phpbb_request'); - $user = $this->getMock('phpbb_user'); - - $auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx); - $phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface'); - $phpbb_container->expects($this->any()) - ->method('get') - ->with('auth.provider.db') - ->will($this->returnValue($auth_provider)); - - $session_factory = new phpbb_session_testable_factory; - $session_factory->set_cookies(array( - '_sid' => $session_id, - '_u' => $user_id, - )); - $session_factory->merge_config_data(array( - 'session_length' => time(), // need to do this to allow sessions started at time 0 - )); - $session_factory->merge_server_data(array( - 'HTTP_USER_AGENT' => $user_agent, - 'REMOTE_ADDR' => $ip, - )); - - $session = $session_factory->get_session($db); - $session->page = array('page' => 'page', 'forum' => 0); - - $session->session_begin(); - - $sql = 'SELECT session_id, session_user_id - FROM phpbb_sessions - ORDER BY session_user_id'; - - $expected_sessions = $this->replace_session($expected_sessions, $session->session_id); - $expected_cookies = $this->replace_session($expected_cookies, $session->session_id); - - $this->assertSqlResultEquals( - $expected_sessions, - $sql, - $message - ); - - $session->check_cookies($this, $expected_cookies); - - $session_factory->check($this); - } - - /** - * Replaces recursively the value __new_session_id__ with the given session - * id. - * - * @param array $array An array of data - * @param string $session_id The new session id to use instead of the - * placeholder. - * @return array The input array with all occurances of __new_session_id__ - * replaced. - */ - public function replace_session($array, $session_id) - { - foreach ($array as $key => &$value) - { - if ($value === '__new_session_id__') - { - $value = $session_id; - } - - if (is_array($value)) - { - $value = $this->replace_session($value, $session_id); - } - } - - return $array; - } -} diff --git a/tests/session/create_test.php b/tests/session/create_test.php new file mode 100644 index 0000000000..442445599b --- /dev/null +++ b/tests/session/create_test.php @@ -0,0 +1,43 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_create_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml'); + } + + static function bot($bot_agent, $user_id, $bot_ip) + { + return array(array( + 'bot_agent' => $bot_agent, + 'user_id' => $user_id, + 'bot_ip' => $bot_ip, + )); + } + + function test_bot_session() + { + $output = $this->session_facade->session_create( + false, + false, + false, + false, + array(), + 'user agent', + '127.0.0.1', + self::bot('user agent', 13, '127.0.0.1'), + '' + ); + $this->assertEquals(true, $output->data['is_bot'], 'should be a bot'); + } +} diff --git a/tests/session/creation_test.php b/tests/session/creation_test.php deleted file mode 100644 index fde76d6b06..0000000000 --- a/tests/session/creation_test.php +++ /dev/null @@ -1,69 +0,0 @@ -<?php -/** -* -* @package testing -* @copyright (c) 2011 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 -* -*/ - -require_once dirname(__FILE__) . '/testable_factory.php'; - -class phpbb_session_creation_test extends phpbb_database_test_case -{ - public function getDataSet() - { - return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_empty.xml'); - } - - // also see security/extract_current_page.php - - public function test_login_session_create() - { - global $phpbb_container, $phpbb_root_path, $phpEx; - - $db = $this->new_dbal(); - $config = new phpbb_config(array()); - $request = $this->getMock('phpbb_request'); - $user = $this->getMock('phpbb_user'); - - $auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx); - $phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface'); - $phpbb_container->expects($this->any()) - ->method('get') - ->with('auth.provider.db') - ->will($this->returnValue($auth_provider)); - - $session_factory = new phpbb_session_testable_factory; - - $session = $session_factory->get_session($db); - $session->page = array('page' => 'page', 'forum' => 0); - - $session->session_create(3); - - $sql = 'SELECT session_user_id - FROM phpbb_sessions'; - - $this->assertSqlResultEquals( - array(array('session_user_id' => 3)), - $sql, - 'Check if exactly one session for user id 3 was created' - ); - - $one_year_in_seconds = 365 * 24 * 60 * 60; - $cookie_expire = $session->time_now + $one_year_in_seconds; - - $session->check_cookies($this, array( - 'u' => array(null, $cookie_expire), - 'k' => array(null, $cookie_expire), - 'sid' => array($session->session_id, $cookie_expire), - )); - - global $SID, $_SID; - $this->assertEquals($session->session_id, $_SID); - $this->assertEquals('?sid=' . $session->session_id, $SID); - - $session_factory->check($this); - } -} - diff --git a/tests/session/extract_hostname_test.php b/tests/session/extract_hostname_test.php new file mode 100644 index 0000000000..bd183fd438 --- /dev/null +++ b/tests/session/extract_hostname_test.php @@ -0,0 +1,51 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_extract_hostname_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml'); + } + + static public function extract_current_hostname_data() + { + return array ( + // [Input] $host, $server_name_config, $cookie_domain_config, [Expected] $output + // If host is ip use that + // ipv4 + array('127.0.0.1', 'skipped.org', 'skipped.org', '127.0.0.1'), + // ipv6 + array('::1', 'skipped.org', 'skipped.org', ':'), + array('2002::3235:51f9', 'skipped.org', 'skipped.org', '2002::3235'), + // If no host but server name matches cookie_domain use that + array('', 'example.org', 'example.org', 'example.org'), + // If there is a host uri use that + array('example.org', false, false, 'example.org'), + // 'best approach' guessing + array('', 'example.org', false, 'example.org'), + array('', false, '127.0.0.1', '127.0.0.1'), + array('', false, false, php_uname('n')), + ); + } + + /** @dataProvider extract_current_hostname_data */ + function test_extract_current_hostname($host, $server_name_config, $cookie_domain_config, $expected) + { + $output = $this->session_facade->extract_current_hostname( + $host, + $server_name_config, + $cookie_domain_config + ); + + $this->assertEquals($expected, $output); + } +} diff --git a/tests/session/extract_page_test.php b/tests/session/extract_page_test.php new file mode 100644 index 0000000000..f4ae8de021 --- /dev/null +++ b/tests/session/extract_page_test.php @@ -0,0 +1,115 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_extract_page_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml'); + } + + static public function extract_current_page_data() + { + return array( + array( + './', + '/phpBB/index.php', + '', + '/phpBB/', + array( + 'page_name' => 'index.php', + 'page_dir' => '', + 'query_string' => '', + 'script_path' => '/phpBB/', + 'root_script_path' => '/phpBB/', + 'page' => 'index.php', + 'forum' => 0, + ), + ), + array( + './', + '/phpBB/ucp.php', + 'mode=login', + '/phpBB/ucp.php?mode=login', + array( + 'page_name' => 'ucp.php', + 'page_dir' => '', + 'query_string' => 'mode=login', + 'script_path' => '/phpBB/', + 'root_script_path' => '/phpBB/', + 'page' => 'ucp.php?mode=login', + 'forum' => 0, + ), + ), + array( + './', + '/phpBB/ucp.php', + 'mode=register', + '/phpBB/ucp.php?mode=register', + array( + 'page_name' => 'ucp.php', + 'page_dir' => '', + 'query_string' => 'mode=register', + 'script_path' => '/phpBB/', + 'root_script_path' => '/phpBB/', + 'page' => 'ucp.php?mode=register', + 'forum' => 0, + ), + ), + array( + './', + '/phpBB/ucp.php', + 'mode=register', + '/phpBB/ucp.php?mode=register', + array( + 'page_name' => 'ucp.php', + 'page_dir' => '', + 'query_string' => 'mode=register', + 'script_path' => '/phpBB/', + 'root_script_path' => '/phpBB/', + 'page' => 'ucp.php?mode=register', + 'forum' => 0, + ), + ), + array( + './../', + '/phpBB/adm/index.php', + 'sid=e7215d958cdd41a6fc13509bebe53e42', + '/phpBB/adm/index.php?sid=e7215d958cdd41a6fc13509bebe53e42', + array( + 'page_name' => 'index.php', + //'page_dir' => 'adm', + // ^-- Ignored because .. returns different directory in live vs testing + 'query_string' => '', + 'script_path' => '/phpBB/adm/', + 'root_script_path' => '/phpBB/', + //'page' => 'adm/index.php', + 'forum' => 0, + ), + ), + ); + } + + /** @dataProvider extract_current_page_data */ + function test_extract_current_page($root_path, $php_self, $query_string, $request_uri, $expected) + { + $output = $this->session_facade->extract_current_page( + $root_path, + $php_self, + $query_string, + $request_uri + ); + + // This compares the result of the output. + // Any keys that are not in the expected array are overwritten by the output (aka not checked). + $this->assert_array_content_equals(array_merge($output, $expected), $output); + } +} diff --git a/tests/session/fixtures/sessions_banlist.xml b/tests/session/fixtures/sessions_banlist.xml new file mode 100644 index 0000000000..9422fc0665 --- /dev/null +++ b/tests/session/fixtures/sessions_banlist.xml @@ -0,0 +1,66 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_users"> + <column>user_id</column> + <column>username_clean</column> + <column>user_permissions</column> + <column>user_sig</column> + <column>user_occ</column> + <column>user_interests</column> + <row> + <value>1</value> + <value>anonymous</value> + <value></value> + <value></value> + <value></value> + <value></value> + </row> + </table> + <table name="phpbb_sessions"> + <column>session_id</column> + <column>session_user_id</column> + <column>session_ip</column> + <column>session_browser</column> + <column>session_admin</column> + <row> + <value>bar_session000000000000000000000</value> + <value>4</value> + <value>127.0.0.1</value> + <value>user agent</value> + <value>1</value> + </row> + </table> + <table name="phpbb_banlist"> + <column>ban_id</column> + <column>ban_userid</column> + <column>ban_ip</column> + <column>ban_email</column> + <column>ban_start</column> + <column>ban_end</column> + <column>ban_exclude</column> + <column>ban_reason</column> + <column>ban_give_reason</column> + <row> + <value>2</value> + <value>4</value> + <value>127.0.0.1</value> + <value>bar@example.org</value> + <value>1111</value> + <value>0</value> + <value>0</value> + <value>HAHAHA</value> + <value>1</value> + </row> + <row> + <value>3</value> + <value>0</value> + <value>127.1.1.1</value> + <value></value> + <value>1111</value> + <value>0</value> + <value>0</value> + <value>HAHAHA</value> + <value>1</value> + </row> + </table> +</dataset> diff --git a/tests/session/fixtures/sessions_full.xml b/tests/session/fixtures/sessions_full.xml index 509687f4d2..6bbaf1c9d5 100644 --- a/tests/session/fixtures/sessions_full.xml +++ b/tests/session/fixtures/sessions_full.xml @@ -37,17 +37,20 @@ <column>session_user_id</column> <column>session_ip</column> <column>session_browser</column> + <column>session_admin</column> <row> <value>anon_session00000000000000000000</value> <value>1</value> <value>127.0.0.1</value> <value>anonymous user agent</value> + <value>0</value> </row> <row> <value>bar_session000000000000000000000</value> <value>4</value> <value>127.0.0.1</value> <value>user agent</value> + <value>1</value> </row> </table> </dataset> diff --git a/tests/session/fixtures/sessions_garbage.xml b/tests/session/fixtures/sessions_garbage.xml new file mode 100644 index 0000000000..23c44a975b --- /dev/null +++ b/tests/session/fixtures/sessions_garbage.xml @@ -0,0 +1,58 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_users"> + <column>user_id</column> + <column>username_clean</column> + <column>user_permissions</column> + <column>user_sig</column> + <column>user_occ</column> + <column>user_interests</column> + <row> + <value>4</value> + <value>bar</value> + <value></value> + <value></value> + <value></value> + <value></value> + </row> + </table> + <table name="phpbb_sessions"> + <column>session_id</column> + <column>session_user_id</column> + <column>session_ip</column> + <column>session_browser</column> + <column>session_admin</column> + <row> + <value>anon_session00000000000000000000</value> + <value>1</value> + <value>127.0.0.1</value> + <value>anonymous user agent</value> + <value>0</value> + </row> + <row> + <value>bar_session000000000000000000000</value> + <value>4</value> + <value>127.0.0.1</value> + <value>user agent</value> + <value>1</value> + </row> + </table> + <table name="phpbb_login_attempts"> + <column>attempt_ip</column> + <column>attempt_browser</column> + <column>attempt_forwarded_for</column> + <column>attempt_time</column> + <column>user_id</column> + <column>username</column> + <column>username_clean</column> + <row> + <value>127.0.0.1</value> + <value>browser</value> + <value></value> + <value>0001</value> + <value>4</value> + <value>bar</value> + <value>bar</value> + </row> + </table> +</dataset> diff --git a/tests/session/fixtures/sessions_key.xml b/tests/session/fixtures/sessions_key.xml new file mode 100644 index 0000000000..246d284557 --- /dev/null +++ b/tests/session/fixtures/sessions_key.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_sessions_keys"> + <column>key_id</column> + <column>user_id</column> + <column>last_ip</column> + <column>last_login</column> + <row> + <value>a87ff679a2f3e71d9181a67b7542122c</value> + <value>4</value> + <value>127.0.0.1</value> + <value>0</value> + </row> + </table> + <table name="phpbb_sessions"> + <column>session_id</column> + <column>session_user_id</column> + <column>session_ip</column> + <column>session_browser</column> + <row> + <value>bar_session000000000000000000000</value> + <value>4</value> + <value>127.0.0.1</value> + <value>user agent</value> + <value>1</value> + </row> + </table> + <table name="phpbb_users"> + <column>user_id</column> + <column>username_clean</column> + <column>user_permissions</column> + <column>user_sig</column> + <column>user_occ</column> + <column>user_interests</column> + <row> + <value>4</value> + <value>bar</value> + <value></value> + <value></value> + <value></value> + <value></value> + </row> + </table> +</dataset> diff --git a/tests/session/garbage_collection_test.php b/tests/session/garbage_collection_test.php new file mode 100644 index 0000000000..e7d01785dd --- /dev/null +++ b/tests/session/garbage_collection_test.php @@ -0,0 +1,53 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_garbage_collection_test extends phpbb_session_test_case +{ + public $session; + + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_garbage.xml'); + } + + public function setUp() + { + parent::setUp(); + $this->session = $this->session_factory->get_session($this->db); + } + + public function test_cleanup_all() + { + $this->check_sessions_equals( + array( + array( + 'session_id' => 'anon_session00000000000000000000', + 'session_user_id' => 1, + ), + array( + 'session_id' => 'bar_session000000000000000000000', + 'session_user_id' => 4, + ), + ), + 'Before test, should have some sessions.' + ); + // Set session length so it clears all + global $config; + $config['session_length'] = 0; + // There is an error unless the captcha plugin is set + $config['captcha_plugin'] = 'phpbb_captcha_nogd'; + $this->session->session_gc(); + $this->check_sessions_equals( + array(), + 'After setting session time to 0, should remove all.' + ); + } +} diff --git a/tests/session/session_key_test.php b/tests/session/session_key_test.php new file mode 100644 index 0000000000..1cf2101385 --- /dev/null +++ b/tests/session/session_key_test.php @@ -0,0 +1,51 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_login_keys_test extends phpbb_session_test_case +{ + protected $user_id = 4; + protected $key_id = 4; + + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_key.xml'); + } + + public function test_set_key_manually() + { + // With AutoLogin setup + $this->session_factory->merge_config_data(array('allow_autologin' => true)); + $session = $this->session_factory->get_session($this->db); + // Using a user_id and key that is already in the database + $session->cookie_data['u'] = $this->user_id; + $session->cookie_data['k'] = $this->key_id; + // Try to access session + $session->session_create($this->user_id, false, $this->user_id); + + $this->assertEquals($this->user_id, $session->data['user_id'], "session should automatically login"); + } + + public function test_reset_keys() + { + // With AutoLogin setup + $this->session_factory->merge_config_data(array('allow_autologin' => true)); + $session = $this->session_factory->get_session($this->db); + // Reset of the keys for this user + $session->reset_login_keys($this->user_id); + // Using a user_id and key that was in the database (before reset) + $session->cookie_data['u'] = $this->user_id; + $session->cookie_data['k'] = $this->key_id; + // Try to access session + $session->session_create($this->user_id, false, $this->user_id); + + $this->assertNotEquals($this->user_id, $session->data['user_id'], "session should be cleared"); + } +} diff --git a/tests/session/testable_facade.php b/tests/session/testable_facade.php new file mode 100644 index 0000000000..9f0a3c5f59 --- /dev/null +++ b/tests/session/testable_facade.php @@ -0,0 +1,142 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/testable_factory.php'; +require_once dirname(__FILE__) . '/../../phpBB/phpbb/session.php'; + +/** + * This class exists to expose session.php's functions in a more testable way. + * + * Since many functions in session.php have global variables inside the function, + * this exposes those functions through a testable facade that uses + * testable_factory's mock global variables to modify global variables used in + * the functions. + * + * This is using the facade pattern to provide a testable "front" to the + * functions in sessions.php. + * + */ +class phpbb_session_testable_facade +{ + protected $db; + protected $session_factory; + + function __construct($db, $session_factory) + { + $this->db = $db; + $this->session_factory = $session_factory; + } + + function extract_current_page( + $root_path, + $php_self, + $query_string, + $request_uri + ) + { + $this->session_factory->get_session($this->db); + global $request; + $request->overwrite('PHP_SELF', $php_self, phpbb_request_interface::SERVER); + $request->overwrite('QUERY_STRING', $query_string, phpbb_request_interface::SERVER); + $request->overwrite('REQUEST_URI', $request_uri, phpbb_request_interface::SERVER); + return phpbb_session::extract_current_page($root_path); + } + + function extract_current_hostname( + $host, + $server_name_config, + $cookie_domain_config + ) + { + $session = $this->session_factory->get_session($this->db); + global $config, $request; + $config['server_name'] = $server_name_config; + $config['cookie_domain'] = $cookie_domain_config; + $request->overwrite('SERVER_NAME', $host, phpbb_request_interface::SERVER); + $request->overwrite('Host', $host, phpbb_request_interface::SERVER); + // Note: There is a php_uname function used as a fallthrough + // that this function doesn't override + return $session->extract_current_hostname(); + } + + /** + * + * This function has a lot of dependencies, so instead of naming them all, + * just ask for overrides + * + * @param update_session_page Boolean of whether to set page of the session + * @param config_overrides An array of overrides for the global config object + * @param request_overrides An array of overrides for the global request object + * @return boolean False if the user is identified, otherwise true. + */ + function session_begin( + $update_session_page = true, + $config_overrides = array(), + $request_overrides = array(), + $cookies_overrides = array() + ) + { + $this->session_factory->merge_config_data($config_overrides); + $this->session_factory->merge_server_data($request_overrides); + $this->session_factory->set_cookies($cookies_overrides); + $session = $this->session_factory->get_session($this->db); + $session->session_begin($update_session_page); + return $session; + } + + function session_create( + $user_id = false, + $set_admin = false, + $persist_login = false, + $viewonline = true, + array $config_overrides = array(), + $user_agent = 'user agent', + $ip_address = '127.0.0.1', + array $bot_overrides = array(), + $uri_sid = "" + ) + { + $this->session_factory->merge_config_data($config_overrides); + // Bots + $this->session_factory->merge_cache_data(array('_bots' => $bot_overrides)); + global $request; + $session = $this->session_factory->get_session($this->db); + $session->browser = $user_agent; + $session->ip = $ip_address; + // Uri sid + if ($uri_sid) + { + $_GET['sid'] = $uri_sid; + } + $session->session_create($user_id, $set_admin, $persist_login, $viewonline); + return $session; + } + + function validate_referer( + $check_script_path, + $referer, + $host, + $force_server_vars, + $server_port, + $server_name, + $root_script_path + ) + { + $session = $this->session_factory->get_session($this->db); + global $config, $request; + $session->referer = $referer; + $session->page['root_script_path'] = $root_script_path; + $session->host = $host; + $config['force_server_vars'] = $force_server_vars; + $config['server_name'] = $server_name; + $request->overwrite('SERVER_PORT', $server_port, phpbb_request_interface::SERVER); + return $session->validate_referer($check_script_path); + } +} + diff --git a/tests/session/testable_factory.php b/tests/session/testable_factory.php index 1e2b194ece..8733ce15ef 100644 --- a/tests/session/testable_factory.php +++ b/tests/session/testable_factory.php @@ -2,11 +2,14 @@ /** * * @package testing -* @copyright (c) 2011 phpBB Group +* @copyright (c) 2013 phpBB Group * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ +require_once dirname(__FILE__) . '/../mock/container_builder.php'; +require_once dirname(__FILE__) . '/../mock/auth_provider.php'; + /** * This class exists to setup an instance of phpbb's session class for testing. * @@ -16,6 +19,7 @@ */ class phpbb_session_testable_factory { + protected $container; protected $config_data; protected $cache_data; protected $cookies; @@ -65,7 +69,7 @@ class phpbb_session_testable_factory public function get_session(phpbb_db_driver $dbal) { // set up all the global variables used by session - global $SID, $_SID, $db, $config, $cache, $request; + global $SID, $_SID, $db, $config, $cache, $request, $phpbb_container; $request = $this->request = new phpbb_mock_request( array(), @@ -83,6 +87,12 @@ class phpbb_session_testable_factory $cache = $this->cache = new phpbb_mock_cache($this->get_cache_data()); $SID = $_SID = null; + $phpbb_container = $this->container = new phpbb_mock_container_builder(); + $phpbb_container->set( + 'auth.provider.db', + new phpbb_mock_auth_provider() + ); + $session = new phpbb_mock_session_testable; return $session; } @@ -165,6 +175,32 @@ class phpbb_session_testable_factory } /** + * Set cookies, merge config and server data in one step. + * + * New values overwrite old ones. + * + * @param $session_id + * @param $user_id + * @param $user_agent + * @param $ip + * @param int $time + */ + public function merge_test_data($session_id, $user_id, $user_agent, $ip, $time = 0) + { + $this->set_cookies(array( + '_sid' => $session_id, + '_u' => $user_id, + )); + $this->merge_config_data(array( + 'session_length' => time() + $time, // need to do this to allow sessions started at time 0 + )); + $this->merge_server_data(array( + 'HTTP_USER_AGENT' => $user_agent, + 'REMOTE_ADDR' => $ip, + )); + } + + /** * Retrieve all server variables to be passed to the session. * * @return array Server variables diff --git a/tests/session/unset_admin_test.php b/tests/session/unset_admin_test.php new file mode 100644 index 0000000000..1d5b1759ab --- /dev/null +++ b/tests/session/unset_admin_test.php @@ -0,0 +1,48 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_unset_admin_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml'); + } + + function get_test_session() + { + return $this->session_facade->session_begin( + true, + // Config + array( + 'session_length' => time(), // need to do this to allow sessions started at time 0 + ), + // Server + array( + 'HTTP_USER_AGENT' => "user agent", + 'REMOTE_ADDR' => "127.0.0.1", + ), + // Cookies + array( + '_sid' => 'bar_session000000000000000000000', + '_u' => 4, + ) + ); + } + + public function test_unset_admin() + { + $session = $this->get_test_session(); + $this->assertEquals(1, $session->data['session_admin'], 'should be an admin before test starts'); + $session->unset_admin(); + $session = $this->get_test_session(); + $this->assertEquals(0, $session->data['session_admin'], 'should be not be an admin after unset_admin'); + } +} diff --git a/tests/session/validate_referrer_test.php b/tests/session/validate_referrer_test.php new file mode 100644 index 0000000000..a302229287 --- /dev/null +++ b/tests/session/validate_referrer_test.php @@ -0,0 +1,70 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php'; + +class phpbb_session_validate_referrer_test extends phpbb_session_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml'); + } + + static function referrer_inputs() + { + $ex = "example.org"; + $alt = "example.com"; + return array( + // checkpath referrer host forcevars port servername rootpath pass? + // 0 Referrer or host wasn't collected, therefore should validate + array(false, '', $ex, false, 80, $ex, '', true), + array(false, $ex, '', false, 80, $ex, '', true), + // 2 Referrer doesn't match host or server_name + array(false, $alt, $ex, false, 80, $ex, '', false), + // 3 Everything should check out + array(false, $ex, $ex, false, 80, $ex, '', true), + // 4 Check Script Path + array(true, $ex, $ex, false, 80, $ex, '', true), + array(true, "$ex/foo", $ex, false, 80, $ex, "/foo", true), + array(true, "$ex/bar", $ex, false, 80, $ex, "/foo", false), + // 7 Port (This is not checked unless path is checked) + array(true, "$ex:80/foo", "$ex:80", false, 80, "$ex:80", "/foo", true), + array(true, "$ex:80/bar", "$ex:80", false, 80, "$ex:80", "/foo", false), + array(true, "$ex:79/foo", "$ex:81", false, 81, "$ex:81", "/foo", false), + ); + } + + /** @dataProvider referrer_inputs */ + function test_referrer_inputs( + $check_script_path, + $referrer, + $host, + $force_server_vars, + $server_port, + $server_name, + $root_script_path, + $pass_or_fail + ) + { + // Referrer needs http:// because it's going to get stripped in function. + $referrer = $referrer ? 'http://' . $referrer : ''; + $this->assertEquals( + $pass_or_fail, + $this->session_facade->validate_referer( + $check_script_path, + $referrer, + $host, + $force_server_vars, + $server_port, + $server_name, + $root_script_path + ), + "referrer should" . ($pass_or_fail ? '' : "n't") . " be validated"); + } +} diff --git a/tests/template/template_test.php b/tests/template/template_test.php index 802f0c19ba..dd9ba21c26 100644 --- a/tests/template/template_test.php +++ b/tests/template/template_test.php @@ -151,7 +151,7 @@ class phpbb_template_template_test extends phpbb_template_template_test_case array(), array('loop' => array(array(), array(), array(), array(), array(), array(), array()), 'test' => array(array()), 'test.deep' => array(array()), 'test.deep.defines' => array(array())), array(), - "xyz\nabc\nabc\nbar\nbar\nabc", + "xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?", ), array( 'define_advanced.html', diff --git a/tests/template/templates/define.html b/tests/template/templates/define.html index 4e6d0ee793..66e874ca63 100644 --- a/tests/template/templates/define.html +++ b/tests/template/templates/define.html @@ -2,8 +2,15 @@ {$VALUE} <!-- DEFINE $VALUE = 'abc' --> {$VALUE} +<!-- IF $VALUE != 'abc' --> +$VALUE != 'abc' +<!-- ELSEIF $VALUE == 'abc' --> +$VALUE == 'abc' +<!-- ENDIF --> <!-- INCLUDE define_include.html --> {$INCLUDED_VALUE} {$VALUE} <!-- UNDEFINE $VALUE --> {$VALUE} +<!-- DEFINE $VALUE = 'test!@#$%^&*()_-=+{}[]:;",<.>/?' --> +{$VALUE} diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index ed307c3ce2..de3611c4cc 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -747,6 +747,27 @@ class phpbb_functional_test_case extends phpbb_test_case self::assertStringStartsWith('<!DOCTYPE', trim($content), 'Output found before DOCTYPE specification.'); } + /* + * Perform some basic assertions for an xml page + * + * Checks for debug/error output before the actual page content and the status code + * + * @param mixed $status_code Expected status code, false to disable check + * @return null + */ + static public function assert_response_xml($status_code = 200) + { + if ($status_code !== false) + { + self::assert_response_status_code($status_code); + } + + // Any output before the xml opening means there was an error + $content = self::$client->getResponse()->getContent(); + self::assertNotContains('[phpBB Debug]', $content); + self::assertStringStartsWith('<?xml', trim($content), 'Output found before XML specification.'); + } + /** * Heuristic function to check that the response is success. * diff --git a/tests/test_framework/phpbb_session_test_case.php b/tests/test_framework/phpbb_session_test_case.php new file mode 100644 index 0000000000..e6a2b03bba --- /dev/null +++ b/tests/test_framework/phpbb_session_test_case.php @@ -0,0 +1,36 @@ +<?php +/** + * + * @package testing + * @copyright (c) 2013 phpBB Group + * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 + * + */ + +require_once dirname(__FILE__) . '/../session/testable_factory.php'; +require_once dirname(__FILE__) . '/../session/testable_facade.php'; + +abstract class phpbb_session_test_case extends phpbb_database_test_case +{ + protected $session_factory; + protected $session_facade; + protected $db; + + function setUp() + { + parent::setUp(); + $this->session_factory = new phpbb_session_testable_factory; + $this->db = $this->new_dbal(); + $this->session_facade = + new phpbb_session_testable_facade($this->db, $this->session_factory); + } + + protected function check_sessions_equals($expected_sessions, $message) + { + $sql = 'SELECT session_id, session_user_id + FROM phpbb_sessions + ORDER BY session_user_id'; + + $this->assertSqlResultEquals($expected_sessions, $sql, $message); + } +} diff --git a/travis/phpunit-postgres-travis.xml b/travis/phpunit-postgres-travis.xml index 9f281b4c21..c397882d3c 100644 --- a/travis/phpunit-postgres-travis.xml +++ b/travis/phpunit-postgres-travis.xml @@ -17,9 +17,6 @@ <exclude>tests/functional</exclude> <exclude>tests/lint_test.php</exclude> </testsuite> - <testsuite name="phpBB Lint Test"> - <file>tests/lint_test.php</file> - </testsuite> <testsuite name="phpBB Functional Tests"> <directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory> </testsuite> |