aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--build/build.xml21
-rw-r--r--phpBB/includes/bbcode.php7
-rw-r--r--phpBB/includes/functions_content.php3
-rw-r--r--phpBB/includes/functions_transfer.php55
-rw-r--r--phpBB/styles/subsilver2/template/attachment.html2
-rw-r--r--phpBB/viewtopic.php14
-rw-r--r--tests/network/ftp_fsock_pasv_epsv_test.php63
7 files changed, 138 insertions, 27 deletions
diff --git a/build/build.xml b/build/build.xml
index 78dbdd379c..7cfb5d0bf8 100644
--- a/build/build.xml
+++ b/build/build.xml
@@ -49,19 +49,16 @@
--coverage-clover build/logs/clover.xml
--coverage-html build/coverage"
passthru="true" />
+ </target>
-
- <!-- Does not allow changing the working directory to tests/
- so this approach does not work for us unfortunately
- <phpunit codecoverage="true" haltonfailure="true">
- <formatter todir="build/logs" type="xml"/>
- <batchtest>
- <fileset dir="tests">
- <include name="all_tests.php"/>
- </fileset>
- </batchtest>
- </phpunit>
- -->
+ <target name="test-slow" depends="clean,prepare">
+ <exec dir="."
+ command="phpunit --log-junit build/logs/phpunit.xml
+ --configuration phpunit.xml.all
+ --group slow
+ --coverage-clover build/logs/clover-slow.xml
+ --coverage-html build/coverage-slow"
+ passthru="true" />
</target>
<target name="docs">
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index d77bb3c4a7..9356e3e9b4 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -584,6 +584,13 @@ class bbcode
$code = str_replace("\t", '&nbsp; &nbsp;', $code);
$code = str_replace(' ', '&nbsp; ', $code);
$code = str_replace(' ', ' &nbsp;', $code);
+ $code = str_replace("\n ", "\n&nbsp;", $code);
+
+ // keep space at the beginning
+ if (!empty($code) && $code[0] == ' ')
+ {
+ $code = '&nbsp;' . substr($code, 1);
+ }
// remove newline at the beginning
if (!empty($code) && $code[0] == "\n")
diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php
index b7650ecd6a..b34976db2a 100644
--- a/phpBB/includes/functions_content.php
+++ b/phpBB/includes/functions_content.php
@@ -691,6 +691,9 @@ function censor_text($text)
return '';
}
+ // Strip control characters
+ $text = preg_replace('/[\x00-\x0f]/', '', $text);
+
// We moved the word censor checks in here because we call this function quite often - and then only need to do the check once
if (!isset($censors) || !is_array($censors))
{
diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php
index 046abede8e..5ab7a87efd 100644
--- a/phpBB/includes/functions_transfer.php
+++ b/phpBB/includes/functions_transfer.php
@@ -808,23 +808,56 @@ class ftp_fsock extends transfer
*/
function _open_data_connection()
{
- $this->_send_command('PASV', '', false);
-
- if (!$ip_port = $this->_check_command(true))
+ // Try to find out whether we have a IPv4 or IPv6 (control) connection
+ if (function_exists('stream_socket_get_name'))
{
- return false;
+ $socket_name = stream_socket_get_name($this->connection, true);
+ $server_ip = substr($socket_name, 0, strrpos($socket_name, ':'));
}
- // open the connection to start sending the file
- if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp))
+ if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip))
{
- // bad ip and port
- return false;
+ // Passive mode
+ $this->_send_command('PASV', '', false);
+
+ if (!$ip_port = $this->_check_command(true))
+ {
+ return false;
+ }
+
+ // open the connection to start sending the file
+ if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp))
+ {
+ // bad ip and port
+ return false;
+ }
+
+ $temp = explode(',', $temp[0]);
+ $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
+ $server_port = $temp[4] * 256 + $temp[5];
+ }
+ else
+ {
+ // Extended Passive Mode - RFC2428
+ $this->_send_command('EPSV', '', false);
+
+ if (!$epsv_response = $this->_check_command(true))
+ {
+ return false;
+ }
+
+ // Response looks like "229 Entering Extended Passive Mode (|||12345|)"
+ // where 12345 is the tcp port for the data connection
+ if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match))
+ {
+ return false;
+ }
+ $server_port = (int) $match[1];
+
+ // fsockopen expects IPv6 address in square brackets
+ $server_ip = "[$server_ip]";
}
- $temp = explode(',', $temp[0]);
- $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
- $server_port = $temp[4] * 256 + $temp[5];
$errno = 0;
$errstr = '';
diff --git a/phpBB/styles/subsilver2/template/attachment.html b/phpBB/styles/subsilver2/template/attachment.html
index b5b547b2e6..fca620b481 100644
--- a/phpBB/styles/subsilver2/template/attachment.html
+++ b/phpBB/styles/subsilver2/template/attachment.html
@@ -72,7 +72,7 @@
<param name="controller" value="true">
<param name="autoplay" value="false" />
<param name="type" value="video/quicktime">
- <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false">
+ <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false"></embed>
</object>
<!-- ELSEIF _file.S_RM_FILE -->
<object id="rmstream_{_file.ATTACH_ID}" classid="clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA" width="200" height="50">
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index f1ab30aad3..203b8586ce 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -196,7 +196,7 @@ if ($db->sql_layer === 'firebird')
// The FROM-Order is quite important here, else t.* columns can not be correctly bound.
if ($post_id)
{
- $sql_array['SELECT'] .= ', p.post_approved, p.post_time';
+ $sql_array['SELECT'] .= ', p.post_approved, p.post_time, p.post_id';
$sql_array['FROM'][POSTS_TABLE] = 'p';
}
@@ -317,8 +317,16 @@ if ($post_id)
$sql = 'SELECT COUNT(p.post_id) AS prev_posts
FROM ' . POSTS_TABLE . " p
WHERE p.topic_id = {$topic_data['topic_id']}
- " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . '
- AND ' . (($sort_dir == 'd') ? "p.post_time >= {$topic_data['post_time']}" : "p.post_time <= {$topic_data['post_time']}");
+ " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '');
+
+ if ($sort_dir == 'd')
+ {
+ $sql .= " AND (p.post_time > {$topic_data['post_time']} OR (p.post_time = {$topic_data['post_time']} AND p.post_id >= {$topic_data['post_id']}))";
+ }
+ else
+ {
+ $sql .= " AND (p.post_time < {$topic_data['post_time']} OR (p.post_time = {$topic_data['post_time']} AND p.post_id <= {$topic_data['post_id']}))";
+ }
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
diff --git a/tests/network/ftp_fsock_pasv_epsv_test.php b/tests/network/ftp_fsock_pasv_epsv_test.php
new file mode 100644
index 0000000000..6ad811e3ca
--- /dev/null
+++ b/tests/network/ftp_fsock_pasv_epsv_test.php
@@ -0,0 +1,63 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2011 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_transfer.php';
+
+/**
+* @group slow
+*/
+class phpbb_network_ftp_fsock_pasv_epsv_test extends phpbb_test_case
+{
+ static protected $ipv4;
+
+ static public function setUpBeforeClass()
+ {
+ $hostname = 'ftp.debian.org.';
+ self::$ipv4 = gethostbyname($hostname);
+
+ if (self::$ipv4 == $hostname)
+ {
+ self::markTestSkipped("Got no A record back from DNS query for $hostname");
+ }
+ }
+
+ public function test_pasv()
+ {
+ // PASV
+ $this->assert_ls_contains_debian(self::$ipv4);
+ }
+
+ public function test_epsv()
+ {
+ $ipv4 = self::$ipv4;
+ // EPSV
+ $this->assert_ls_contains_debian("[::ffff:$ipv4]");
+ }
+
+ protected function assert_ls_contains_debian($hostname)
+ {
+ $o = $this->get_object($hostname);
+ $result = $o->_init();
+ // This test may fail on IPv6 addresses if IPv6 support is
+ // not available. PHP must be compiled with IPv6 support enabled,
+ // and your operating system must be configured for IPv6 as well.
+ if ($result !== true)
+ {
+ $this->markTestSkipped("Failed to connect to $hostname: $result");
+ }
+ $this->assertContains('debian', $o->_ls());
+ $o->_close();
+ }
+
+ protected function get_object($hostname)
+ {
+ return new ftp_fsock($hostname, 'anonymous', 'anonymous@localhost.tld', '/');
+ }
+}
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-18 10:29:55 +0000