diff options
32 files changed, 801 insertions, 93 deletions
diff --git a/build/build.xml b/build/build.xml index cc29aec654..3a73e09410 100644 --- a/build/build.xml +++ b/build/build.xml @@ -2,9 +2,9 @@ <project name="phpBB" description="The phpBB forum software" default="all" basedir="../"> <!-- a few settings for the build --> - <property name="newversion" value="3.1.10" /> - <property name="prevversion" value="3.1.9" /> - <property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8" /> + <property name="newversion" value="3.1.11-RC1" /> + <property name="prevversion" value="3.1.10" /> + <property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9" /> <!-- no configuration should be needed beyond this point --> <property name="oldversions" value="${olderversions}, ${prevversion}" /> diff --git a/phpBB/config/console.yml b/phpBB/config/console.yml index 4118803663..55ffd358e4 100644 --- a/phpBB/config/console.yml +++ b/phpBB/config/console.yml @@ -151,3 +151,12 @@ services: - %passwords.algorithms% tags: - { name: console.command } + + console.command.fixup.fix_left_right_ids: + class: phpbb\console\command\fixup\fix_left_right_ids + arguments: + - @user + - @dbal.conn + - @cache.driver + tags: + - { name: console.command } diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 394d9536e8..a149e3d6c5 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -50,6 +50,7 @@ <ol> <li><a href="#changelog">Changelog</a> <ul> + <li><a href="#v3110">Changes since 3.1.10</a></li> <li><a href="#v319">Changes since 3.1.9</a></li> <li><a href="#v318">Changes since 3.1.8</a></li> <li><a href="#v317pl1">Changes since 3.1.7-PL1</a></li> @@ -119,6 +120,150 @@ <div class="content"> + <a name="v3110"></a><h3>Changes since 3.1.10</h3> + + <h4>Bug</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-7336">PHPBB3-7336</a>] - Words in new topic title aren't found by search after topic is split</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8116">PHPBB3-8116</a>] - Server timeout or browsercrash after viewing postdetails</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8301">PHPBB3-8301</a>] - admin log generate slow queries</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9590">PHPBB3-9590</a>] - Unable to update permissions for more than 6 forums at a time</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11076">PHPBB3-11076</a>] - Update notification in ACP for minimum PHP version missing essential information</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11483">PHPBB3-11483</a>] - Forced Activation needs looking at.</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11611">PHPBB3-11611</a>] - setup_github_network.php no longer creates a repository</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13247">PHPBB3-13247</a>] - Online indicator in post profile hides behind certain avatars</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13250">PHPBB3-13250</a>] - File cache does not write entries starting with _ and containing a slash</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13429">PHPBB3-13429</a>] - Changes tag in docblock of events should be unified</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13558">PHPBB3-13558</a>] - Error - stream_socket_enable_crypto()</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13757">PHPBB3-13757</a>] - Negative PM count</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14468">PHPBB3-14468</a>] - [php] - 'core.viewforum_modify_topics_data' add parameter forum_id</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14549">PHPBB3-14549</a>] - Correctly redirect back after topic merge in MCP</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14770">PHPBB3-14770</a>] - Plupload: WRONG_FILESIZE is used wrong</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14795">PHPBB3-14795</a>] - Topic merge bug</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14801">PHPBB3-14801</a>] - Search highlight option doesn't always highlight unicode strings</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14802">PHPBB3-14802</a>] - Empty/blank lines should not be additional poll options</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14806">PHPBB3-14806</a>] - Authentication for e-mail is not working</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14819">PHPBB3-14819</a>] - Soft deleted posts visible in topic review</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14821">PHPBB3-14821</a>] - Do not expect parsed HTML in kernel subscriber output</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14830">PHPBB3-14830</a>] - FORM_INVALID error on ACP search and CPF settings</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14831">PHPBB3-14831</a>] - Extension migration file fails</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14838">PHPBB3-14838</a>] - feeds.attachments_base - server 500 error for large attachment tables</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14844">PHPBB3-14844</a>] - BBcodes B and I return <strong> and <em> tags instead of CSS under inherited styles</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14859">PHPBB3-14859</a>] - PM report notifications only sent out to full Global Moderators</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14860">PHPBB3-14860</a>] - Broken link on subscriptions page on mobile devices</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14863">PHPBB3-14863</a>] - "Array" in message title when permanently deleting posts</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14864">PHPBB3-14864</a>] - ACP datefromat text input still has 30 max length while dateformat field had been expanded to 64</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14876">PHPBB3-14876</a>] - Multibyte message is not displayed properly on exception</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14877">PHPBB3-14877</a>] - CSS error in ".codebox code" definition</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14881">PHPBB3-14881</a>] - Problems using EVENT (overall_footer_content_after)</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14888">PHPBB3-14888</a>] - Missing check for disabled profile field types</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14889">PHPBB3-14889</a>] - Missing method declaration in profile fields type interface</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14890">PHPBB3-14890</a>] - Wrong validation of input field in profile field type string</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14906">PHPBB3-14906</a>] - Duplicated sig key in user_cache_data array</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14923">PHPBB3-14923</a>] - SQL PostgreSQL blocking errors during DB update installation</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14938">PHPBB3-14938</a>] - Inconsistent data results from ext_mgr->all_available() vs ext_mgr->is_available()</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14941">PHPBB3-14941</a>] - MySQL Fulltext search index creating still fails on InnoDB</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14943">PHPBB3-14943</a>] - Template loop access gives PHP error</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14953">PHPBB3-14953</a>] - Incorrect "order by" definition in ucp_pm_viewfolder</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14968">PHPBB3-14968</a>] - Version check marks 3.1.10 boards as outdated </li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14997">PHPBB3-14997</a>] - Bad Position for topiclist_row_topic_title_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14998">PHPBB3-14998</a>] - ACP Update link is incorrect!</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15003">PHPBB3-15003</a>] - When using mark all, disabled check boxes should not become checked</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15006">PHPBB3-15006</a>] - Permission inheritance with checkbox not working</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15011">PHPBB3-15011</a>] - Error not checked on metadata load failure</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15108">PHPBB3-15108</a>] - Duplicate code in request->overwrite</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15143">PHPBB3-15143</a>] - version check on branch is broken</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15146">PHPBB3-15146</a>] - Date profile field validation incorrect</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15150">PHPBB3-15150</a>] - Yabber SSL/TLS certification</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15186">PHPBB3-15186</a>] - The force_delete_allowed flag does not affect actual posts deletion ability</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15187">PHPBB3-15187</a>] - ACP Template files not purged during Extension Enable</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15246">PHPBB3-15246</a>] - Memcache driver incorrectly handles Unix sockets</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15248">PHPBB3-15248</a>] - Event core.modify_posting_auth does not honor its parameters</li> + </ul> + <h4>Improvement</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9211">PHPBB3-9211</a>] - List subforums-links separately in parent-forums' legend</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12749">PHPBB3-12749</a>] - core.submit_post_end add subject to the event data</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13457">PHPBB3-13457</a>] - New Hooks for ucp_main</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13459">PHPBB3-13459</a>] - New Template-Event in overall_header.html</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13479">PHPBB3-13479</a>] - Add hook for modifying highlighting on viewtopic</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13601">PHPBB3-13601</a>] - New event upon acl_clear_prefetch</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13603">PHPBB3-13603</a>] - New event upon index_body_online_block_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13605">PHPBB3-13605</a>] - New event upon ucp_pm_compose_predefined_message</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13608">PHPBB3-13608</a>] - New event upon ucp_restore_permissions</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13609">PHPBB3-13609</a>] - New event upon ucp_switch_permissions</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13845">PHPBB3-13845</a>] - Add event when user changes or delete avatar</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14119">PHPBB3-14119</a>] - [PHP] - (User) unban event request</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14239">PHPBB3-14239</a>] - [PHP] - Add event ucp_remind_modify_select_sql</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14331">PHPBB3-14331</a>] - Add rank calculation or result event access</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14520">PHPBB3-14520</a>] - [Template] - ucp_pm_viewmessage_message_body_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14522">PHPBB3-14522</a>] - [Template] - ucp_register_buttons_before</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14524">PHPBB3-14524</a>] - [PHP] - core.ucp_register_requests_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14733">PHPBB3-14733</a>] - Support increasing hashing cost factor</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14750">PHPBB3-14750</a>] - Fileupload form should not set invalid attributes for file input</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14758">PHPBB3-14758</a>] - ACP-Parameter "Maximum thumbnail width in pixel" should be "Maximum thumbnail width/heigth in pixel:"</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14759">PHPBB3-14759</a>] - Event core.mcp_main_modify_shadow_sql</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14760">PHPBB3-14760</a>] - Event core.mcp_main_modify_fork_sql</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14786">PHPBB3-14786</a>] - Add mcp_forum_actions_before/after events</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14804">PHPBB3-14804</a>] - Add core event to MCP after merging topics</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14805">PHPBB3-14805</a>] - Allow building package for previous versions on PHP 7</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14808">PHPBB3-14808</a>] - Add template event overall_header_searchbox_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14817">PHPBB3-14817</a>] - Add core event on includes/functions_download.php</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14825">PHPBB3-14825</a>] - Add OAuth events</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14827">PHPBB3-14827</a>] - Possibility to add multiple form keys</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14842">PHPBB3-14842</a>] - Avatar size 0 - unlimited</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14847">PHPBB3-14847</a>] - Add php event to add options in ACP Attachments</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14848">PHPBB3-14848</a>] - Add ACP template events after extensions list titles</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14849">PHPBB3-14849</a>] - Add ACP extension event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14850">PHPBB3-14850</a>] - Add core events for smilies</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14852">PHPBB3-14852</a>] - Add core event to the function build_header()</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14853">PHPBB3-14853</a>] - Add core event to allow modifying PM attachments download auth</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14855">PHPBB3-14855</a>] - Update notifications and PM alert bubbles</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14870">PHPBB3-14870</a>] - Add php events to modify list of PMs</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14872">PHPBB3-14872</a>] - Remove count versus sizeof restriction in coding guidelines</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14874">PHPBB3-14874</a>] - Error on sending a .pak smiley</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14882">PHPBB3-14882</a>] - Add core event to MCP after move posts sync</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14887">PHPBB3-14887</a>] - ACP profile step 1 lang specific event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14918">PHPBB3-14918</a>] - Provide quick access to extension version metadata</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14940">PHPBB3-14940</a>] - Add ACP template event acp_ext_details_end</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14957">PHPBB3-14957</a>] - Do not cache database config</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14958">PHPBB3-14958</a>] - Twig extension function lang() performs redundant template data copying</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15020">PHPBB3-15020</a>] - Add Events for mcp_topic_postrow_post_subject</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15059">PHPBB3-15059</a>] - Do not wrap content in code box</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15081">PHPBB3-15081</a>] - Add ACP template event acp_ext_details_notice</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15107">PHPBB3-15107</a>] - Add additional vars to event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15131">PHPBB3-15131</a>] - Add variable to the 'core.mcp_main_modify_fork_sql' event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15142">PHPBB3-15142</a>] - Extension Version Check Should Support Branches</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15151">PHPBB3-15151</a>] - ACP Cookie settings should contain explanatory text for all fields</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15199">PHPBB3-15199</a>] - Add core event to the function send() in the messenger</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15200">PHPBB3-15200</a>] - Allow extensions using custom templates for help/faq controllers </li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15205">PHPBB3-15205</a>] - Add template events to forumlist_body.html</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15219">PHPBB3-15219</a>] - Add cron to update passwords hashes to bcrypt</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15226">PHPBB3-15226</a>] - Add index for latest topics query in feeds</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15237">PHPBB3-15237</a>] - Unguarded includes functions_user</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15238">PHPBB3-15238</a>] - Add console command to fix left/right IDs for the forums and modules</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15241">PHPBB3-15241</a>] - Add ACP template event acp_profile_contact_last</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15250">PHPBB3-15250</a>] - Add core event to MCP at the end of merge_posts</li> + </ul> + <h4>New Feature</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12545">PHPBB3-12545</a>] - new pre-posting event</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13730">PHPBB3-13730</a>] - [PHP] - core.delete_post_end</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14390">PHPBB3-14390</a>] - [prosilver] - ucp_main_front_user_details_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14498">PHPBB3-14498</a>] - Not possible to deactivate display of "who is online" and birthdays for guests</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14662">PHPBB3-14662</a>] - [Template] - memberlist_team_username_prepend & append</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14868">PHPBB3-14868</a>] - [Template] - mcp_forum_modify_select_after</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14996">PHPBB3-14996</a>] - [event] - Add Event search_results_topictitle_after</li> + </ul> + <h4>Sub-task</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13149">PHPBB3-13149</a>] - [Event] - core.phpbb_log_get_topic_auth_sql_before</li> + </ul> + <h4>Task</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15178">PHPBB3-15178</a>] - Update 3.1.x dependencies</li> + </ul> + <a name="v319"></a><h3>Changes since 3.1.9</h3> <h4>Bug</h4> diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 9f8bbe74b8..19644327c2 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -148,7 +148,7 @@ <li>Oracle</li> </ul> </li> - <li><strong>PHP 5.3.3+</strong> and <strong>PHP < 7.0</strong> with support for the database you intend to use.</li> + <li><strong>PHP 5.3.3+</strong> and <strong>PHP < 7.0</strong> with support for the database you intend to use.</li> <li>The following PHP modules are required: <ul> <li>json</li> @@ -455,9 +455,21 @@ <a name="webserver_configuration"></a><h3>6.ii. Webserver configuration</h3> - <p>Depending on your web server, you may have to configure your server to deny web access to the <code>cache/</code>, <code>files/</code>, <code>store/</code> and other directories. This is to prevent users from accessing sensitive files.</p> + <p>Depending on your web server, you may have to configure your server to deny web access to the <code>cache/</code>, <code>files/</code>, <code>includes</code>, <code>phpbb</code>, <code>store/</code>, and <code>vendor</code> directories. This is to prevent users from accessing sensitive files.</p> - <p>For <strong>Apache</strong> there are <code>.htaccess</code> files already in place to do this for you. Similarly, for <strong>Windows</strong> based servers using <strong>IIS</strong> there are <code>web.config</code> files already in place to do this for you. For other webservers, you will have to adjust the configuration yourself. Sample files for <strong>nginx</strong> and <strong>lighttpd</strong> to help you get started may be found in <code>docs/</code> directory.</p> + <p> + For <strong>Apache</strong> there are <code>.htaccess</code> files already in place to do this for the most sensitive files and folders. We do however recommend to completely deny all access to the aforementioned folders and their respective subfolders in your Apache configuration.<br /> + On Apache 2.4, denying access to the <code>phpbb</code> folder in a phpBB instance located at <code>/var/www/html/</code> would be accomplished by adding the following access rules to the Apache configuration file (typically apache.conf): + <pre> +<Directory /var/www/html/phpbb/*> + Require all denied +</Directory> +<Directory /var/www/html/phpbb> + Require all denied +</Directory></pre> + <br /> + <p>The same settings can be applied to the other mentioned directories by replacing <code>phpbb</code> by the respective directory name. Please note that there are differences in syntax between Apache version <a href="https://httpd.apache.org/docs/2.2/howto/access.html">2.2</a> and <a href="https://httpd.apache.org/docs/2.4/howto/access.html">2.4</a>.</p> + <p>For <strong>Windows</strong> based servers using <strong>IIS</strong> there are <code>web.config</code> files already in place to do this for you. For other webservers, you will have to adjust the configuration yourself. Sample files for <strong>nginx</strong> and <strong>lighttpd</strong> to help you get started may be found in the <code>docs/</code> directory.</p> </div> diff --git a/phpBB/docs/assets/css/stylesheet.css b/phpBB/docs/assets/css/stylesheet.css index 192a6f9f79..c090ab7e07 100644 --- a/phpBB/docs/assets/css/stylesheet.css +++ b/phpBB/docs/assets/css/stylesheet.css @@ -115,6 +115,17 @@ code { padding: 0 4px; } +pre { + color: #006600; + font-weight: normal; + font-family: 'Courier New', monospace; + border-color: #D1D7DC; + border-width: 1px; + border-style: solid; + background-color: #FAFAFA; + padding: 0 4px +} + #wrap { padding: 0 20px; min-width: 650px; diff --git a/phpBB/docs/lighttpd.sample.conf b/phpBB/docs/lighttpd.sample.conf index 5b04122267..f5b509e002 100644 --- a/phpBB/docs/lighttpd.sample.conf +++ b/phpBB/docs/lighttpd.sample.conf @@ -37,7 +37,7 @@ $HTTP["host"] == "www.myforums.com" { accesslog.filename = "/var/log/lighttpd/access-www.myforums.com.log" # Deny access to internal phpbb files. - $HTTP["url"] =~ "^/(config\.php|common\.php|includes|cache|files|store|images/avatars/upload)" { + $HTTP["url"] =~ "^/(config\.php|common\.php|cache|files|images/avatars/upload|includes|phpbb|store|vendor)" { url.access-deny = ( "" ) } diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf index 2ead3552fd..bf33f4e73d 100644 --- a/phpBB/docs/nginx.sample.conf +++ b/phpBB/docs/nginx.sample.conf @@ -72,7 +72,7 @@ http { } # Deny access to internal phpbb files. - location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) { + location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|phpbb|store|vendor) { deny all; # deny was ignored before 0.8.40 for connections over IPv6. # Use internal directive to prohibit access on older versions. diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 23839e3d9a..79f5a6f30f 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.1.10'); +define('PHPBB_VERSION', '3.1.11-RC1'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ba448f3125..84178f74e4 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3442,6 +3442,11 @@ function get_preg_expression($mode) case 'path_remove_dot_trailing_slash': return '#^(?:(\.)?)+(?:(.+)?)+(?:([\\/\\\])$)#'; break; + + case 'semantic_version': + // Regular expression to match semantic versions by http://rgxdb.com/ + return '/(?<=^[Vv]|^)(?:(?<major>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<minor>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<patch>(?:0|[1-9](?:(?:0|[1-9])+)*))(?:-(?<prerelease>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*)))*))?(?:[+](?<build>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+)))*))?)$/'; + break; } return ''; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 32b0149701..9712b6e922 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -2691,16 +2691,54 @@ function phpbb_upload_popup($forum_style = 0) /** * Do the various checks required for removing posts as well as removing it +* +* @param int $forum_id The id of the forum +* @param int $topic_id The id of the topic +* @param int $post_id The id of the post +* @param array $post_data Array with the post data +* @param bool $is_soft The flag indicating whether it is the soft delete mode +* @param string $delete_reason Description for the post deletion reason +* +* @return null */ function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $is_soft = false, $delete_reason = '') { global $user, $auth, $config, $request; - global $phpbb_root_path, $phpEx; + global $phpbb_root_path, $phpEx, $phpbb_dispatcher; + $force_delete_allowed = $force_softdelete_allowed = false; $perm_check = ($is_soft) ? 'softdelete' : 'delete'; + /** + * This event allows to modify the conditions for the post deletion + * + * @event core.handle_post_delete_conditions + * @var int forum_id The id of the forum + * @var int topic_id The id of the topic + * @var int post_id The id of the post + * @var array post_data Array with the post data + * @var bool is_soft The flag indicating whether it is the soft delete mode + * @var string delete_reason Description for the post deletion reason + * @var bool force_delete_allowed Allow the user to delete the post (all permissions and conditions are ignored) + * @var bool force_softdelete_allowed Allow the user to softdelete the post (all permissions and conditions are ignored) + * @var string perm_check The deletion mode softdelete|delete + * @since 3.1.11-RC1 + */ + $vars = array( + 'forum_id', + 'topic_id', + 'post_id', + 'post_data', + 'is_soft', + 'delete_reason', + 'force_delete_allowed', + 'force_softdelete_allowed', + 'perm_check', + ); + extract($phpbb_dispatcher->trigger_event('core.handle_post_delete_conditions', compact($vars))); + // If moderator removing post or user itself removing post, present a confirmation screen - if ($auth->acl_get("m_$perm_check", $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get("f_$perm_check", $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time']))) + if ($force_delete_allowed || ($is_soft && $force_softdelete_allowed) || $auth->acl_get("m_$perm_check", $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get("f_$perm_check", $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time']))) { $s_hidden_fields = array( 'p' => $post_id, @@ -2757,10 +2795,10 @@ function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $ } else { - global $user, $template, $request; + global $template; - $can_delete = $auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id)); - $can_softdelete = $auth->acl_get('m_softdelete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_softdelete', $forum_id)); + $can_delete = $force_delete_allowed || ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id))); + $can_softdelete = $force_softdelete_allowed || ($auth->acl_get('m_softdelete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_softdelete', $forum_id))); $template->assign_vars(array( 'S_SOFTDELETED' => $post_data['post_visibility'] == ITEM_DELETED, diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 7dbe7787cb..d5415302c8 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -676,7 +676,7 @@ function split_topic($action, $topic_id, $to_forum_id, $subject) */ function merge_posts($topic_id, $to_topic_id) { - global $db, $template, $user, $phpEx, $phpbb_root_path, $auth; + global $db, $template, $user, $phpEx, $phpbb_root_path, $auth, $phpbb_dispatcher; if (!$to_topic_id) { @@ -777,6 +777,20 @@ function merge_posts($topic_id, $to_topic_id) $redirect = request_var('redirect', "{$phpbb_root_path}viewtopic.$phpEx?f=$to_forum_id&t=$to_topic_id"); $redirect = reapply_sid($redirect); + /** + * Perform additional actions after merging posts. + * + * @event core.mcp_topics_merge_posts_after + * @var int topic_id The topic ID from which posts are being moved + * @var int to_topic_id The topic ID to which posts are being moved + * @since 3.1.11-RC1 + */ + $vars = array( + 'topic_id', + 'to_topic_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_topics_merge_posts_after', compact($vars))); + meta_refresh(3, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_link); } diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php index 29d4199528..497bf6a2c4 100644 --- a/phpBB/includes/ucp/ucp_remind.php +++ b/phpBB/includes/ucp/ucp_remind.php @@ -41,8 +41,15 @@ class ucp_remind $email = strtolower(request_var('email', '')); $submit = (isset($_POST['submit'])) ? true : false; + add_form_key('ucp_remind'); + if ($submit) { + if (!check_form_key('ucp_remind')) + { + trigger_error('FORM_INVALID'); + } + $sql_array = array( 'SELECT' => 'user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason', 'FROM' => array(USERS_TABLE => 'u'), diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index 2afec68de6..4aca80188a 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms); $convertor_data = array( 'forum_name' => 'phpBB 2.0.x', 'version' => '1.0.3', - 'phpbb_version' => '3.1.10', + 'phpbb_version' => '3.1.11', 'author' => '<a href="https://www.phpbb.com/">phpBB Limited</a>', 'dbms' => $dbms, 'dbhost' => $dbhost, diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 3449829d8c..22a539e186 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -273,7 +273,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.10'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.11-RC1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400'); diff --git a/phpBB/language/en/acp/common.php b/phpBB/language/en/acp/common.php index 562b446f8a..f5591e7b1e 100644 --- a/phpBB/language/en/acp/common.php +++ b/phpBB/language/en/acp/common.php @@ -417,11 +417,14 @@ $lang = array_merge($lang, array( 'UPLOAD_DIR_SIZE' => 'Size of posted attachments', 'USERS_PER_DAY' => 'Users per day', - 'VALUE' => 'Value', - 'VERSIONCHECK_FAIL' => 'Failed to obtain latest version information.', - 'VERSIONCHECK_FORCE_UPDATE' => 'Re-Check version', - 'VIEW_ADMIN_LOG' => 'View administrator log', - 'VIEW_INACTIVE_USERS' => 'View inactive users', + 'VALUE' => 'Value', + 'VERSIONCHECK_FAIL' => 'Failed to obtain latest version information.', + 'VERSIONCHECK_FORCE_UPDATE' => 'Re-Check version', + 'VERSIONCHECK_INVALID_ENTRY' => 'Latest version information contains an unsupported entry.', + 'VERSIONCHECK_INVALID_URL' => 'Latest version information contains invalid URL.', + 'VERSIONCHECK_INVALID_VERSION' => 'Latest version information contains an invalid version.', + 'VIEW_ADMIN_LOG' => 'View administrator log', + 'VIEW_INACTIVE_USERS' => 'View inactive users', 'WELCOME_PHPBB' => 'Welcome to phpBB', 'WRITABLE_CONFIG' => 'Your config file (config.php) is currently world-writable. We strongly encourage you to change the permissions to 640 or at least to 644 (for example: <a href="http://en.wikipedia.org/wiki/Chmod" rel="external">chmod</a> 640 config.php).', diff --git a/phpBB/language/en/cli.php b/phpBB/language/en/cli.php index 27e72d5ccd..4e27be48cc 100644 --- a/phpBB/language/en/cli.php +++ b/phpBB/language/en/cli.php @@ -55,6 +55,7 @@ $lang = array_merge($lang, array( 'CLI_DESCRIPTION_DISABLE_EXTENSION' => 'Disables the specified extension.', 'CLI_DESCRIPTION_ENABLE_EXTENSION' => 'Enables the specified extension.', 'CLI_DESCRIPTION_FIND_MIGRATIONS' => 'Finds migrations that are not depended upon.', + 'CLI_DESCRIPTION_FIX_LEFT_RIGHT_IDS' => 'Repairs the tree structure of the forums and modules.', 'CLI_DESCRIPTION_GET_CONFIG' => 'Gets a configuration option’s value', 'CLI_DESCRIPTION_INCREMENT_CONFIG' => 'Increments a configuration option’s integer value', 'CLI_DESCRIPTION_LIST_EXTENSIONS' => 'Lists all extensions in the database and on the filesystem.', @@ -78,6 +79,7 @@ $lang = array_merge($lang, array( 'CLI_EXTENSIONS_DISABLED' => 'Disabled', 'CLI_EXTENSIONS_ENABLED' => 'Enabled', + 'CLI_FIXUP_FIX_LEFT_RIGHT_IDS_SUCCESS' => 'Successfully repaired the tree structure of the forums and modules.', 'CLI_FIXUP_RECALCULATE_EMAIL_HASH_SUCCESS' => 'Successfully recalculated all email hashes.', 'CLI_FIXUP_UPDATE_HASH_BCRYPT_SUCCESS' => 'Successfully updated outdated password hashes to bcrypt.' )); diff --git a/phpBB/phpbb/cache/driver/memcache.php b/phpBB/phpbb/cache/driver/memcache.php index caa82fb0b1..57f138f574 100644 --- a/phpBB/phpbb/cache/driver/memcache.php +++ b/phpBB/phpbb/cache/driver/memcache.php @@ -52,8 +52,8 @@ class memcache extends \phpbb\cache\driver\memory $this->memcache = new \Memcache; foreach (explode(',', PHPBB_ACM_MEMCACHE) as $u) { - $parts = explode('/', $u); - $this->memcache->addServer(trim($parts[0]), trim($parts[1])); + preg_match('#(.*)/(\d+)#', $u, $parts); + $this->memcache->addServer(trim($parts[1]), (int) trim($parts[2])); } $this->flags = (PHPBB_ACM_MEMCACHE_COMPRESS) ? MEMCACHE_COMPRESSED : 0; } diff --git a/phpBB/phpbb/cache/driver/memcached.php b/phpBB/phpbb/cache/driver/memcached.php index 105e763af4..a7da22d7e8 100644 --- a/phpBB/phpbb/cache/driver/memcached.php +++ b/phpBB/phpbb/cache/driver/memcached.php @@ -67,8 +67,8 @@ class memcached extends \phpbb\cache\driver\memory foreach (explode(',', PHPBB_ACM_MEMCACHE) as $u) { - $parts = explode('/', $u); - $this->memcached->addServer(trim($parts[0]), trim($parts[1])); + preg_match('#(.*)/(\d+)#', $u, $parts); + $this->memcache->addServer(trim($parts[1]), (int) trim($parts[2])); } } diff --git a/phpBB/phpbb/console/command/fixup/fix_left_right_ids.php b/phpBB/phpbb/console/command/fixup/fix_left_right_ids.php new file mode 100644 index 0000000000..f55e1761bc --- /dev/null +++ b/phpBB/phpbb/console/command/fixup/fix_left_right_ids.php @@ -0,0 +1,134 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\console\command\fixup; + +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; + +class fix_left_right_ids extends \phpbb\console\command\command +{ + /** @var \phpbb\user */ + protected $user; + + /** @var \phpbb\db\driver\driver_interface */ + protected $db; + + /** @var \phpbb\cache\driver\driver_interface */ + protected $cache; + + /** + * Constructor + * + * @param \phpbb\user $user User instance + * @param \phpbb\db\driver\driver_interface $db Database connection + * @param \phpbb\cache\driver\driver_interface $cache Cache instance + */ + public function __construct(\phpbb\user $user, \phpbb\db\driver\driver_interface $db, \phpbb\cache\driver\driver_interface $cache) + { + $this->user = $user; + $this->db = $db; + $this->cache = $cache; + + parent::__construct($user); + } + + /** + * {@inheritdoc} + */ + protected function configure() + { + $this + ->setName('fixup:fix-left-right-ids') + ->setDescription($this->user->lang('CLI_DESCRIPTION_FIX_LEFT_RIGHT_IDS')) + ; + } + + /** + * Executes the command fixup:fix-left-right-ids. + * + * Repairs the tree structure of the forums and modules. + * The code is mainly borrowed from Support toolkit for phpBB Olympus + * + * @param InputInterface $input An InputInterface instance + * @param OutputInterface $output An OutputInterface instance + * + * @return void + */ + protected function execute(InputInterface $input, OutputInterface $output) + { + // Fix Left/Right IDs for the modules table + $result = $this->db->sql_query('SELECT DISTINCT(module_class) FROM ' . MODULES_TABLE); + while ($row = $this->db->sql_fetchrow($result)) + { + $i = 1; + $where = array("module_class = '" . $this->db->sql_escape($row['module_class']) . "'"); + $this->fix_ids_tree($i, 'module_id', MODULES_TABLE, 0, $where); + } + $this->db->sql_freeresult($result); + + // Fix the Left/Right IDs for the forums table + $i = 1; + $this->fix_ids_tree($i, 'forum_id', FORUMS_TABLE); + + $this->cache->purge(); + + $output->writeln('<info>' . $this->user->lang('CLI_FIXUP_FIX_LEFT_RIGHT_IDS_SUCCESS') . '</info>'); + } + + /** + * Item's tree structure rebuild helper + * The item is either forum or ACP/MCP/UCP module + * + * @param int $i Item id offset index + * @param string $field The key field to fix, forum_id|module_id + * @param string $table The table name to perform, FORUMS_TABLE|MODULES_TABLE + * @param int $parent_id Parent item id + * @param array $where Additional WHERE clause condition + * + * @return bool True on rebuild success, false otherwise + */ + protected function fix_ids_tree(&$i, $field, $table, $parent_id = 0, $where = array()) + { + $changes_made = false; + $sql = 'SELECT * FROM ' . $table . ' + WHERE parent_id = ' . (int) $parent_id . + ((!empty($where)) ? ' AND ' . implode(' AND ', $where) : '') . ' + ORDER BY left_id ASC'; + $result = $this->db->sql_query($sql); + while ($row = $this->db->sql_fetchrow($result)) + { + // Update the left_id for the item + if ($row['left_id'] != $i) + { + $this->db->sql_query('UPDATE ' . $table . ' SET ' . $this->db->sql_build_array('UPDATE', array('left_id' => $i)) . " WHERE $field = " . (int) $row[$field]); + $changes_made = true; + } + $i++; + + // Go through children and update their left/right IDs + $changes_made = (($this->fix_ids_tree($i, $field, $table, $row[$field], $where)) || $changes_made) ? true : false; + + // Update the right_id for the item + if ($row['right_id'] != $i) + { + $this->db->sql_query('UPDATE ' . $table . ' SET ' . $this->db->sql_build_array('UPDATE', array('right_id' => $i)) . " WHERE $field = " . (int) $row[$field]); + $changes_made = true; + } + $i++; + } + $this->db->sql_freeresult($result); + + return $changes_made; + } +} diff --git a/phpBB/phpbb/db/migration/data/v30x/.htaccess b/phpBB/phpbb/db/migration/data/v30x/.htaccess new file mode 100644 index 0000000000..44242b5418 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v30x/.htaccess @@ -0,0 +1,33 @@ +# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from +# module mod_authz_host to a new module called mod_access_compat (which may be +# disabled) and a new "Require" syntax has been introduced to mod_authz_host. +# We could just conditionally provide both versions, but unfortunately Apache +# does not explicitly tell us its version if the module mod_version is not +# available. In this case, we check for the availability of module +# mod_authz_core (which should be on 2.4 or higher only) as a best guess. +<IfModule mod_version.c> + <IfVersion < 2.4> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfVersion> + <IfVersion >= 2.4> + <Files "*"> + Require all denied + </Files> + </IfVersion> +</IfModule> +<IfModule !mod_version.c> + <IfModule !mod_authz_core.c> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfModule> + <IfModule mod_authz_core.c> + <Files "*"> + Require all denied + </Files> + </IfModule> +</IfModule> diff --git a/phpBB/phpbb/db/migration/data/v310/.htaccess b/phpBB/phpbb/db/migration/data/v310/.htaccess new file mode 100644 index 0000000000..44242b5418 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v310/.htaccess @@ -0,0 +1,33 @@ +# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from +# module mod_authz_host to a new module called mod_access_compat (which may be +# disabled) and a new "Require" syntax has been introduced to mod_authz_host. +# We could just conditionally provide both versions, but unfortunately Apache +# does not explicitly tell us its version if the module mod_version is not +# available. In this case, we check for the availability of module +# mod_authz_core (which should be on 2.4 or higher only) as a best guess. +<IfModule mod_version.c> + <IfVersion < 2.4> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfVersion> + <IfVersion >= 2.4> + <Files "*"> + Require all denied + </Files> + </IfVersion> +</IfModule> +<IfModule !mod_version.c> + <IfModule !mod_authz_core.c> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfModule> + <IfModule mod_authz_core.c> + <Files "*"> + Require all denied + </Files> + </IfModule> +</IfModule> diff --git a/phpBB/phpbb/db/migration/data/v31x/.htaccess b/phpBB/phpbb/db/migration/data/v31x/.htaccess new file mode 100644 index 0000000000..44242b5418 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/.htaccess @@ -0,0 +1,33 @@ +# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from +# module mod_authz_host to a new module called mod_access_compat (which may be +# disabled) and a new "Require" syntax has been introduced to mod_authz_host. +# We could just conditionally provide both versions, but unfortunately Apache +# does not explicitly tell us its version if the module mod_version is not +# available. In this case, we check for the availability of module +# mod_authz_core (which should be on 2.4 or higher only) as a best guess. +<IfModule mod_version.c> + <IfVersion < 2.4> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfVersion> + <IfVersion >= 2.4> + <Files "*"> + Require all denied + </Files> + </IfVersion> +</IfModule> +<IfModule !mod_version.c> + <IfModule !mod_authz_core.c> + <Files "*"> + Order Allow,Deny + Deny from All + </Files> + </IfModule> + <IfModule mod_authz_core.c> + <Files "*"> + Require all denied + </Files> + </IfModule> +</IfModule> diff --git a/phpBB/phpbb/db/migration/data/v31x/v3111rc1.php b/phpBB/phpbb/db/migration/data/v31x/v3111rc1.php new file mode 100644 index 0000000000..259656283f --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v3111rc1.php @@ -0,0 +1,43 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class v3111rc1 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.1.11-RC1', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v31x\v3110', + '\phpbb\db\migration\data\v31x\add_log_time_index', + '\phpbb\db\migration\data\v31x\increase_size_of_emotion', + '\phpbb\db\migration\data\v31x\add_jabber_ssl_context_config_options', + '\phpbb\db\migration\data\v31x\add_smtp_ssl_context_config_options', + '\phpbb\db\migration\data\v31x\update_hashes', + '\phpbb\db\migration\data\v31x\remove_duplicate_migrations', + '\phpbb\db\migration\data\v31x\add_latest_topics_index', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.11-RC1')), + ); + } +} diff --git a/phpBB/phpbb/search/fulltext_mysql.php b/phpBB/phpbb/search/fulltext_mysql.php index f8bda9ae81..64a63e83e0 100644 --- a/phpBB/phpbb/search/fulltext_mysql.php +++ b/phpBB/phpbb/search/fulltext_mysql.php @@ -272,6 +272,27 @@ class fulltext_mysql extends \phpbb\search\base foreach ($this->split_words as $i => $word) { + // Check for not allowed search queries for InnoDB. + // We assume similar restrictions for MyISAM, which is usually even + // slower but not as restrictive as InnoDB. + // InnoDB full-text search does not support the use of a leading + // plus sign with wildcard ('+*'), a plus and minus sign + // combination ('+-'), or leading a plus and minus sign combination. + // InnoDB full-text search only supports leading plus or minus signs. + // For example, InnoDB supports '+apple' but does not support 'apple+'. + // Specifying a trailing plus or minus sign causes InnoDB to report + // a syntax error. InnoDB full-text search does not support the use + // of multiple operators on a single search word, as in this example: + // '++apple'. Use of multiple operators on a single search word + // returns a syntax error to standard out. + // Also, ensure that the wildcard character is only used at the + // end of the line as it's intended by MySQL. + if (preg_match('#^(\+[+-]|\+\*|.+[+-]$|.+\*(?!$))#', $word)) + { + unset($this->split_words[$i]); + continue; + } + $clean_word = preg_replace('#^[+\-|"]#', '', $word); // check word length diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index eb5543b50b..45e82df591 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -460,6 +460,9 @@ class session $this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false; $this->data['user_lang'] = basename($this->data['user_lang']); + // Is user banned? Are they excluded? Won't return on ban, exists within method + $this->check_ban_for_current_session($config); + return true; } } @@ -666,19 +669,7 @@ class session // session exists in which case session_id will also be set // Is user banned? Are they excluded? Won't return on ban, exists within method - if ($this->data['user_type'] != USER_FOUNDER) - { - if (!$config['forwarded_for_check']) - { - $this->check_ban($this->data['user_id'], $this->ip); - } - else - { - $ips = explode(' ', $this->forwarded_for); - $ips[] = $this->ip; - $this->check_ban($this->data['user_id'], $ips); - } - } + $this->check_ban_for_current_session($config); $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = ($bot) ? true : false; @@ -1268,9 +1259,6 @@ class session $message .= ($ban_row['ban_give_reason']) ? '<br /><br />' . sprintf($this->lang['BOARD_BAN_REASON'], $ban_row['ban_give_reason']) : ''; $message .= '<br /><br /><em>' . $this->lang['BAN_TRIGGERED_BY_' . strtoupper($ban_triggered_by)] . '</em>'; - // To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again - $this->session_kill(false); - // A very special case... we are within the cron script which is not supposed to print out the ban message... show blank page if (defined('IN_CRON')) { @@ -1279,6 +1267,9 @@ class session exit; } + // To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again + $this->session_kill(false); + trigger_error($message); } @@ -1286,6 +1277,28 @@ class session } /** + * Check the current session for bans + * + * @return true if session user is banned. + */ + protected function check_ban_for_current_session($config) + { + if (!defined('SKIP_CHECK_BAN') && $this->data['user_type'] != USER_FOUNDER) + { + if (!$config['forwarded_for_check']) + { + $this->check_ban($this->data['user_id'], $this->ip); + } + else + { + $ips = explode(' ', $this->forwarded_for); + $ips[] = $this->ip; + $this->check_ban($this->data['user_id'], $ips); + } + } + } + + /** * Check if ip is blacklisted * This should be called only where absolutely necessary * @@ -1576,7 +1589,7 @@ class session } // Only update session DB a minute or so after last update or if page changes - if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page'])) + if ($this->time_now - ((isset($this->data['session_time'])) ? $this->data['session_time'] : 0) > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page'])) { $sql_ary = array('session_time' => $this->time_now); diff --git a/phpBB/phpbb/version_helper.php b/phpBB/phpbb/version_helper.php index 9dc5a2e7c9..7e5edbf522 100644 --- a/phpBB/phpbb/version_helper.php +++ b/phpBB/phpbb/version_helper.php @@ -61,6 +61,23 @@ class version_helper /** @var \phpbb\user */ protected $user; + protected $version_schema = array( + 'stable' => array( + 'current' => 'version', + 'download' => 'url', + 'announcement' => 'url', + 'eol' => 'url', + 'security' => 'bool', + ), + 'unstable' => array( + 'current' => 'version', + 'download' => 'url', + 'announcement' => 'url', + 'eol' => 'url', + 'security' => 'bool', + ), + ); + /** * Constructor * @@ -404,9 +421,100 @@ class version_helper $info['stable'] = (empty($info['stable'])) ? array() : $info['stable']; $info['unstable'] = (empty($info['unstable'])) ? $info['stable'] : $info['unstable']; + $info = $this->validate_versions($info); + $this->cache->put($cache_file, $info, 86400); // 24 hours } return $info; } + + /** + * Validate versions info input + * + * @param array $versions_info Decoded json data array. Will be modified + * and cleaned by this method + * + * @return array Versions info array + */ + public function validate_versions($versions_info) + { + $array_diff = array_diff_key($versions_info, array($this->version_schema)); + + // Remove excessive data + if (count($array_diff) > 0) + { + $old_versions_info = $versions_info; + $versions_info = array( + 'stable' => !empty($old_versions_info['stable']) ? $old_versions_info['stable'] : array(), + 'unstable' => !empty($old_versions_info['unstable']) ? $old_versions_info['unstable'] : array(), + ); + unset($old_versions_info); + } + + foreach ($versions_info as $stability_type => &$versions_data) + { + foreach ($versions_data as $branch => &$version_data) + { + if (!preg_match('/^[0-9a-z\-\.]+$/i', $branch)) + { + unset($versions_data[$branch]); + continue; + } + + $stability_diff = array_diff_key($version_data, $this->version_schema[$stability_type]); + + if (count($stability_diff) > 0) + { + $old_version_data = $version_data; + $version_data = array(); + foreach ($this->version_schema[$stability_type] as $key => $value) + { + if (isset($old_version_data[$key])) + { + $version_data[$key] = $old_version_data[$key]; + } + } + unset($old_version_data); + } + + foreach ($version_data as $key => &$value) + { + if (!isset($this->version_schema[$stability_type][$key])) + { + unset($version_data[$key]); + throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_ENTRY')); + } + + switch ($this->version_schema[$stability_type][$key]) + { + case 'bool': + $value = (bool) $value; + break; + + case 'url': + if (!empty($value) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $value) && + !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $value)) + { + throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_URL')); + } + break; + + case 'version': + if (!empty($value) && !preg_match(get_preg_expression('semantic_version'), $value)) + { + throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_VERSION')); + } + break; + + default: + // Shouldn't be possible to trigger this + throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_ENTRY')); + } + } + } + } + + return $versions_info; + } } diff --git a/phpBB/posting.php b/phpBB/posting.php index 3ab78b5db5..35c1f84fa3 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -340,11 +340,6 @@ switch ($mode) $is_authed = true; $mode = 'soft_delete'; } - else if (!$is_authed) - { - // Display the same error message for softdelete we use for delete - $mode = 'delete'; - } break; } /** @@ -393,13 +388,13 @@ $vars = array( ); extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars))); -if (!$is_authed) +if (!$is_authed || !empty($error)) { - $check_auth = ($mode == 'quote') ? 'reply' : $mode; + $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode); if ($user->data['is_registered']) { - trigger_error('USER_CANNOT_' . strtoupper($check_auth)); + trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error)); } $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]; diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg index 300a83164b..019db11bc7 100644 --- a/phpBB/styles/prosilver/style.cfg +++ b/phpBB/styles/prosilver/style.cfg @@ -21,8 +21,8 @@ # General Information about this style name = prosilver copyright = © phpBB Limited, 2007 -style_version = 3.1.10 -phpbb_version = 3.1.10 +style_version = 3.1.11 +phpbb_version = 3.1.11 # Defining a different template bitfield # template_bitfield = lNg= diff --git a/phpBB/styles/subsilver2/style.cfg b/phpBB/styles/subsilver2/style.cfg index 4c9abcc02d..65d846402d 100644 --- a/phpBB/styles/subsilver2/style.cfg +++ b/phpBB/styles/subsilver2/style.cfg @@ -21,8 +21,8 @@ # General Information about this style name = subsilver2 copyright = © 2005 phpBB Limited -style_version = 3.1.10 -phpbb_version = 3.1.10 +style_version = 3.1.11 +phpbb_version = 3.1.11 # Defining a different template bitfield # template_bitfield = lNg= diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 378e2d8f97..103fc7f108 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -1812,7 +1812,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) $s_first_unread = $first_unread = true; } - $force_edit_allowed = $force_delete_allowed = false; + $force_edit_allowed = $force_delete_allowed = $force_softdelete_allowed = false; $s_cannot_edit = !$auth->acl_get('f_edit', $forum_id) || $user->data['user_id'] != $poster_id; $s_cannot_edit_time = $config['edit_time'] && $row['post_time'] <= time() - ($config['edit_time'] * 60); @@ -1842,7 +1842,9 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) * @var bool s_cannot_delete_lastpost User can not delete the post because it's not the last post of the topic * @var bool s_cannot_delete_locked User can not delete the post because it's locked * @var bool s_cannot_delete_time User can not delete the post because edit_time has passed + * @var bool force_softdelete_allowed Allow the user to ыoftdelete the post (all permissions and conditions are ignored) * @since 3.1.0-b4 + * @changed 3.1.11-RC1 Added force_softdelete_allowed var */ $vars = array( 'row', @@ -1856,6 +1858,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) 's_cannot_delete_lastpost', 's_cannot_delete_locked', 's_cannot_delete_time', + 'force_softdelete_allowed', ); extract($phpbb_dispatcher->trigger_event('core.viewtopic_modify_post_action_conditions', compact($vars))); @@ -1877,10 +1880,10 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) (!$s_cannot_delete && !$s_cannot_delete_lastpost && !$s_cannot_delete_time && !$s_cannot_delete_locked) )); - $softdelete_allowed = ($auth->acl_get('m_softdelete', $forum_id) || - ($auth->acl_get('f_softdelete', $forum_id) && $user->data['user_id'] == $poster_id)) && ($row['post_visibility'] != ITEM_DELETED); + $softdelete_allowed = $force_softdelete_allowed || (($auth->acl_get('m_softdelete', $forum_id) || + ($auth->acl_get('f_softdelete', $forum_id) && $user->data['user_id'] == $poster_id)) && ($row['post_visibility'] != ITEM_DELETED)); - $permanent_delete_allowed = ($auth->acl_get('m_delete', $forum_id) || + $permanent_delete_allowed = $force_delete_allowed || ($auth->acl_get('m_delete', $forum_id) || ($auth->acl_get('f_delete', $forum_id) && $user->data['user_id'] == $poster_id)); // Can this user receive a Private Message? diff --git a/phpBB/web.config b/phpBB/web.config index 99a1fe6023..d0a3cb33fe 100644 --- a/phpBB/web.config +++ b/phpBB/web.config @@ -18,7 +18,10 @@ <hiddenSegments> <add segment="cache" /> <add segment="files" /> + <add segment="includes" /> + <add segment="phpbb" /> <add segment="store" /> + <add segment="vendor" /> <add segment="config.php" /> <add segment="common.php" /> </hiddenSegments> diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index 65ae7646b9..b2d497b72a 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -37,21 +37,21 @@ class version_helper_remote_test extends \phpbb_test_case ->will($this->returnValue(false)); $this->file_downloader = new phpbb_mock_file_downloader(); + $this->user = new \phpbb\user('\phpbb\datetime'); + $this->user->add_lang('acp/common'); $this->version_helper = new \phpbb\version_helper( $this->cache, $config, $this->file_downloader, - new \phpbb\user('\phpbb\datetime') + $this->user ); - $this->user = new \phpbb\user('\phpbb\datetime'); - $this->user->add_lang('acp/common'); } public function provider_get_versions() { return array( - array('', false), - array('foobar', false), + array('', false, '', 'VERSIONCHECK_FAIL'), + array('foobar', false, '', 'VERSIONCHECK_FAIL'), array('{ "stable": { "1.0": { @@ -92,7 +92,7 @@ class version_helper_remote_test extends \phpbb_test_case "security": false } } -}', false), +}', false, '', 'VERSIONCHECK_FAIL'), array('{ "stable": { "1.0": { @@ -103,26 +103,7 @@ class version_helper_remote_test extends \phpbb_test_case "security": "<script>alert(\'foo\');</script>" } } -}', true, array ( - 'stable' => array ( - '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', - ), - ), - 'unstable' => array ( - '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', - ), - ), - )), +}', false, null, 'VERSIONCHECK_INVALID_VERSION'), array('{ "unstable": { "1.0": { @@ -133,25 +114,87 @@ class version_helper_remote_test extends \phpbb_test_case "security": "<script>alert(\'foo\');</script>" } } +}', false, null, 'VERSIONCHECK_INVALID_VERSION'), + array('{ + "unstable": { + "1.0<script>alert(\'foo\');</script>": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": "", + "security": "" + } + } +}', false, array('stable' => array(), 'unstable' => array()), 'VERSIONCHECK_INVALID_VERSION'), + array('{ + "\"\n<script>alert(\'foo\');</script>\n": "test", + "stable": { + "1.0": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false + } + } }', true, array ( + 'stable' => array ( + '1.0' => array ( + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'eol' => NULL, + 'security' => false, + ), + ), 'unstable' => array ( '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'eol' => NULL, + 'security' => false, ), ), - 'stable' => array(), )), + array('{ + "unstable": { + "1.0": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false, + "foobar": "<script>alert(\'test\');<script>" + } + } +}', true, array('stable' => array(), 'unstable' => array('1.0' => array( + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'security' => false, + ))), 'VERSIONCHECK_INVALID_ENTRY'), + array('{ + "unstable": { + "1.0": { + "current<script>alert(\'foo\');</script>": "1.0.1", + "download2": "https://www.phpbb.com/customise/db/download/104136", + "bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false, + "foobar": "<script>alert(\'test\');<script>" + } + } +}', true, array('stable' => array(), 'unstable' => array('1.0' => array( + 'security' => false, + ))), 'VERSIONCHECK_INVALID_ENTRY'), ); } /** * @dataProvider provider_get_versions */ - public function test_get_versions($input, $valid_data, $expected_return = '') + public function test_get_versions($input, $valid_data, $expected_return = '', $expected_exception = '') { $this->file_downloader->set($input); @@ -160,7 +203,7 @@ class version_helper_remote_test extends \phpbb_test_case try { $return = $this->version_helper->get_versions(); } catch (\RuntimeException $e) { - $this->assertEquals((string)$e->getMessage(), $this->user->lang('VERSIONCHECK_FAIL')); + $this->assertEquals((string)$e->getMessage(), $this->user->lang($expected_exception)); } } else |