aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--phpBB/language/en/common.php1
-rw-r--r--phpBB/phpbb/feed/attachments_base.php34
-rw-r--r--phpBB/phpbb/feed/forum.php2
-rw-r--r--phpBB/phpbb/feed/news.php2
-rw-r--r--phpBB/phpbb/feed/overall.php2
-rw-r--r--phpBB/phpbb/feed/topic.php2
-rw-r--r--phpBB/phpbb/feed/topics.php2
-rw-r--r--phpBB/phpbb/feed/topics_active.php2
-rw-r--r--tests/feed/attachments_base_test.php94
-rw-r--r--tests/feed/attachments_mock_feed.php31
10 files changed, 161 insertions, 11 deletions
diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php
index a2cfd958aa..b4b328e90d 100644
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@@ -336,6 +336,7 @@ $lang = array_merge($lang, array(
'INTERESTS' => 'Interests',
'INVALID_DIGEST_CHALLENGE' => 'Invalid digest challenge.',
'INVALID_EMAIL_LOG' => '<strong>%s</strong> possibly an invalid email address?',
+ 'INVALID_FEED_ATTACHMENTS' => 'The selected feed tried fetching attachments with invalid constraints.',
'INVALID_PLURAL_RULE' => 'The chosen plural rule is invalid. Valid values are integers between 0 and 15.',
'IP' => 'IP',
'IP_BLACKLISTED' => 'Your IP %1$s has been blocked because it is blacklisted. For details please see <a href="%2$s">%2$s</a>.',
diff --git a/phpBB/phpbb/feed/attachments_base.php b/phpBB/phpbb/feed/attachments_base.php
index 04812f1570..df8f29a626 100644
--- a/phpBB/phpbb/feed/attachments_base.php
+++ b/phpBB/phpbb/feed/attachments_base.php
@@ -25,8 +25,11 @@ abstract class attachments_base extends \phpbb\feed\base
/**
* Retrieve the list of attachments that may be displayed
+ *
+ * @param array $post_ids Specify for which post IDs to fetch the attachments (optional)
+ * @param array $topic_ids Specify for which topic IDs to fetch the attachments (optional)
*/
- protected function fetch_attachments()
+ protected function fetch_attachments($post_ids = array(), $topic_ids = array())
{
$sql_array = array(
'SELECT' => 'a.*',
@@ -37,7 +40,20 @@ abstract class attachments_base extends \phpbb\feed\base
'ORDER_BY' => 'a.filetime DESC, a.post_msg_id ASC',
);
- if (isset($this->topic_id))
+ if (!empty($post_ids))
+ {
+ $sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.post_msg_id', $post_ids);
+ }
+ else if (!empty($topic_ids))
+ {
+ if (isset($this->topic_id))
+ {
+ $topic_ids[] = $this->topic_id;
+ }
+
+ $sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.topic_id', $topic_ids);
+ }
+ else if (isset($this->topic_id))
{
$sql_array['WHERE'] .= 'AND a.topic_id = ' . (int) $this->topic_id;
}
@@ -51,6 +67,11 @@ abstract class attachments_base extends \phpbb\feed\base
);
$sql_array['WHERE'] .= 'AND t.forum_id = ' . (int) $this->forum_id;
}
+ else
+ {
+ // Do not allow querying the full attachments table
+ throw new \RuntimeException($this->user->lang('INVALID_FEED_ATTACHMENTS'));
+ }
$sql = $this->db->sql_build_query('SELECT', $sql_array);
$result = $this->db->sql_query($sql);
@@ -64,15 +85,6 @@ abstract class attachments_base extends \phpbb\feed\base
}
/**
- * {@inheritDoc}
- */
- public function open()
- {
- parent::open();
- $this->fetch_attachments();
- }
-
- /**
* Get attachments related to a given post
*
* @param $post_id int Post id
diff --git a/phpBB/phpbb/feed/forum.php b/phpBB/phpbb/feed/forum.php
index 7a2087c1cd..6aba12a147 100644
--- a/phpBB/phpbb/feed/forum.php
+++ b/phpBB/phpbb/feed/forum.php
@@ -112,6 +112,8 @@ class forum extends \phpbb\feed\post_base
return false;
}
+ parent::fetch_attachments(array(), $topic_ids);
+
$this->sql = array(
'SELECT' => 'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
'u.username, u.user_id',
diff --git a/phpBB/phpbb/feed/news.php b/phpBB/phpbb/feed/news.php
index a02c199d85..5d4786518b 100644
--- a/phpBB/phpbb/feed/news.php
+++ b/phpBB/phpbb/feed/news.php
@@ -83,6 +83,8 @@ class news extends \phpbb\feed\topic_base
return false;
}
+ parent::fetch_attachments($post_ids);
+
$this->sql = array(
'SELECT' => 'f.forum_id, f.forum_name,
t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views, t.topic_time, t.topic_last_post_time,
diff --git a/phpBB/phpbb/feed/overall.php b/phpBB/phpbb/feed/overall.php
index ab452f5386..1176a9c182 100644
--- a/phpBB/phpbb/feed/overall.php
+++ b/phpBB/phpbb/feed/overall.php
@@ -52,6 +52,8 @@ class overall extends \phpbb\feed\post_base
return false;
}
+ parent::fetch_attachments(array(), $topic_ids);
+
// Get the actual data
$this->sql = array(
'SELECT' => 'f.forum_id, f.forum_name, ' .
diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php
index 66c49e55cf..295bf3f795 100644
--- a/phpBB/phpbb/feed/topic.php
+++ b/phpBB/phpbb/feed/topic.php
@@ -91,6 +91,8 @@ class topic extends \phpbb\feed\post_base
function get_sql()
{
+ parent::fetch_attachments();
+
$this->sql = array(
'SELECT' => 'p.post_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
'u.username, u.user_id',
diff --git a/phpBB/phpbb/feed/topics.php b/phpBB/phpbb/feed/topics.php
index 2b9cb3501a..e6416bc064 100644
--- a/phpBB/phpbb/feed/topics.php
+++ b/phpBB/phpbb/feed/topics.php
@@ -55,6 +55,8 @@ class topics extends \phpbb\feed\topic_base
return false;
}
+ parent::fetch_attachments($post_ids);
+
$this->sql = array(
'SELECT' => 'f.forum_id, f.forum_name,
t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views, t.topic_time, t.topic_last_post_time,
diff --git a/phpBB/phpbb/feed/topics_active.php b/phpBB/phpbb/feed/topics_active.php
index 6d5eddfc16..3b751f3233 100644
--- a/phpBB/phpbb/feed/topics_active.php
+++ b/phpBB/phpbb/feed/topics_active.php
@@ -71,6 +71,8 @@ class topics_active extends \phpbb\feed\topic_base
return false;
}
+ parent::fetch_attachments($post_ids);
+
$this->sql = array(
'SELECT' => 'f.forum_id, f.forum_name,
t.topic_id, t.topic_title, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views,
diff --git a/tests/feed/attachments_base_test.php b/tests/feed/attachments_base_test.php
new file mode 100644
index 0000000000..c980dfd3d7
--- /dev/null
+++ b/tests/feed/attachments_base_test.php
@@ -0,0 +1,94 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+require_once(dirname(__FILE__) . '/attachments_mock_feed.php');
+
+class phpbb_feed_attachments_base_test extends phpbb_database_test_case
+{
+ protected $filesystem;
+
+ /** @var \phpbb_feed_attachments_mock_feed */
+ protected $attachments_mocks_feed;
+
+ public function getDataSet()
+ {
+ return $this->createXMLDataSet(dirname(__FILE__) . '/../extension/fixtures/extensions.xml');
+ }
+
+ public function setUp()
+ {
+ global $phpbb_root_path, $phpEx;
+
+ $this->filesystem = new \phpbb\filesystem();
+ $config = new \phpbb\config\config(array());
+ $user = new \phpbb\user('\phpbb\datetime');
+ $feed_helper = new \phpbb\feed\helper($config, $user, $phpbb_root_path, $phpEx);
+ $db = $this->new_dbal();
+ $cache = new \phpbb_mock_cache();
+ $auth = new \phpbb\auth\auth();
+ $content_visibility = new \phpbb\content_visibility(
+ $auth,
+ $config,
+ new \phpbb_mock_event_dispatcher(),
+ $db,
+ $user,
+ $phpbb_root_path,
+ $phpEx,
+ FORUMS_TABLE,
+ POSTS_TABLE,
+ TOPICS_TABLE,
+ USERS_TABLE
+ );
+
+ $this->attachments_mocks_feed = new \phpbb_feed_attachments_mock_feed(
+ $feed_helper,
+ $config,
+ $db,
+ $cache,
+ $user,
+ $auth,
+ $content_visibility,
+ new \phpbb_mock_event_dispatcher(),
+ $phpEx
+ );
+ }
+
+ public function data_fetch_attachments()
+ {
+ return array(
+ array(array(0), array(0)),
+ array(array(), array(1)),
+ array(array(), array(), 'RuntimeException')
+ );
+ }
+
+ /**
+ * @dataProvider data_fetch_attachments
+ */
+ public function test_fetch_attachments($post_ids, $topic_ids, $expected_exception = false)
+ {
+ $this->attachments_mocks_feed->post_ids = $post_ids;
+ $this->attachments_mocks_feed->topic_ids = $topic_ids;
+
+ if ($expected_exception !== false)
+ {
+ $this->setExpectedException($expected_exception);
+
+ $this->attachments_mocks_feed->get_sql();
+ }
+ else
+ {
+ $this->assertTrue($this->attachments_mocks_feed->get_sql());
+ }
+ }
+}
diff --git a/tests/feed/attachments_mock_feed.php b/tests/feed/attachments_mock_feed.php
new file mode 100644
index 0000000000..0e623fed24
--- /dev/null
+++ b/tests/feed/attachments_mock_feed.php
@@ -0,0 +1,31 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+/**
+ * Board wide feed (aka overall feed)
+ *
+ * This will give you the newest {$this->num_items} posts
+ * from the whole board.
+ */
+class phpbb_feed_attachments_mock_feed extends \phpbb\feed\attachments_base
+{
+ public $topic_ids = array();
+ public $post_ids = array();
+
+ function get_sql()
+ {
+ parent::fetch_attachments($this->post_ids, $this->topic_ids);
+
+ return true;
+ }
+}