diff options
38 files changed, 864 insertions, 582 deletions
diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 95539bd45d..8abf278edc 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -406,7 +406,9 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $cfg_array[$config_name] = (int) $cfg_array[$config_name]; break; + // Relative path (appended $phpbb_root_path) case 'rpath': + case 'rwpath': if (!$cfg_array[$config_name]) { break; @@ -426,9 +428,11 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $destination = ''; } - $cfg_array[$config_name] = $destination; + $cfg_array[$config_name] = trim($destination); + // Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir... case 'path': + case 'wpath': if (!$cfg_array[$config_name]) { @@ -437,6 +441,13 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $cfg_array[$config_name] = trim($cfg_array[$config_name]); + // Make sure no NUL byte is present... + if (strpos($cfg_array[$config_name], '\0') !== false || strpos($cfg_array[$config_name], '%00') !== false) + { + $cfg_array[$config_name] = ''; + break; + } + if (!file_exists($phpbb_root_path . $cfg_array[$config_name])) { $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]); @@ -447,6 +458,15 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]); } + // Check if the path is writeable + if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath') + { + if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_writeable($phpbb_root_path . $cfg_array[$config_name])) + { + $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITEABLE'], $cfg_array[$config_name]); + } + } + break; } } diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index 96c46eca22..a490ed4cae 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -1870,7 +1870,6 @@ function get_schema_struct() 'user_notify_pm' => array('BOOL', 1), 'user_notify_type' => array('TINT:4', 0), 'user_allow_pm' => array('BOOL', 1), - 'user_allow_email' => array('BOOL', 1), 'user_allow_viewonline' => array('BOOL', 1), 'user_allow_viewemail' => array('BOOL', 1), 'user_allow_massemail' => array('BOOL', 1), diff --git a/phpBB/docs/AUTHORS b/phpBB/docs/AUTHORS index 8120424fc5..24072f19b6 100644 --- a/phpBB/docs/AUTHORS +++ b/phpBB/docs/AUTHORS @@ -23,20 +23,21 @@ phpBB Developers : Ashe (Ludovic Arnaud) - [10/2002 - 11/2003, 06/2006 - ] BartVB (Bart van Bragt) - [11/2000 - 03/2006] -Original subSilver by subBlue Design, Tom Beddard, © 2001 phpBB Group +Original subSilver by subBlue Design, Tom Beddard, (c) 2001 phpBB Group phpBB3 contains code from the following applications: LGPL licenced: -Smarty © 2001, 2002 by ispi of Lincoln, Inc, http://smarty.php.net/ -Text_Diff-0.2.1 http://pear.php.net/package/Text_Diff +Smarty (c) 2001, 2002 by ispi of Lincoln, Inc, http://smarty.php.net/ GPL licenced: -phpMyAdmin © 2001,2003 phpMyAdmin Devel team, http://www.phpmyadmin.net/ -Jabber class © 2003 Carlo Zottmann, http://phpjabber.g-blog.net -Chora: Copyright 2000-2006, The Horde Project. http://horde.org/chora/ -Horde Project: Copyright 2000-2006, The Horde Project. http://horde.org/ +phpMyAdmin (c) 2001,2003 phpMyAdmin Devel team, http://www.phpmyadmin.net/ +Jabber Class (c) 2004 Nathan Fritz, http://cjphp.netflint.net +Chora (c) 2000-2006, The Horde Project. http://horde.org/chora/ +Horde Project (c) 2000-2006, The Horde Project. http://horde.org/ PHP License, version 3.0: -Pear © 2001-2004 PHP Group, http://pear.php.net +Pear (c) 2001-2004 PHP Group, http://pear.php.net + +Text_Diff-0.2.1 http://pear.php.net/package/Text_Diff diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 91d7c024f3..74373af86b 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -89,7 +89,7 @@ class acp_attachments 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), - 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'path', 'type' => 'text:25:100', 'explain' => true), + 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index b968b9bf56..8dbf70ccb1 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -27,7 +27,7 @@ class acp_board $action = request_var('action', ''); $submit = (isset($_POST['submit'])) ? true : false; - // Validation types are: string, int, bool, rpath, path + // Validation types are: string, int, bool, rpath (relative), rwpath (realtive, writeable), path (relative path, but able to escape the root), wpath (writeable) switch ($mode) { case 'settings': @@ -93,7 +93,7 @@ class acp_board 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int', 'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 'avatar_min' => array('lang' => 'MIN_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), 'avatar_max' => array('lang' => 'MAX_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), - 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), + 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rwpath', 'type' => 'text:20:255', 'explain' => true), 'avatar_gallery_path' => array('lang' => 'AVATAR_GALLERY_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true) ) ); @@ -279,7 +279,7 @@ class acp_board 'legend2' => 'PATH_SETTINGS', 'smilies_path' => array('lang' => 'SMILIES_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'icons_path' => array('lang' => 'ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), - 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'path', 'type' => 'text:20:255', 'explain' => true), + 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'ranks_path' => array('lang' => 'RANKS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'legend3' => 'SERVER_URL_SETTINGS', diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index 05db9fa95b..9a26a3595d 100755 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -58,16 +58,7 @@ class acp_inactive if ($action == 'activate') { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - - foreach ($mark as $user_id) - { - user_active_flip($user_id, USER_INACTIVE); - } - - set_config('num_users', $config['num_users'] + sizeof($mark), true); - - // Update latest username - update_last_username(); + user_active_flip('activate', $mark); } else if ($action == 'delete') { diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index b55ac27fea..afb2ba329a 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -44,16 +44,9 @@ class acp_jabber $jab_resource = request_var('jab_resource', $config['jab_resource']); $jab_package_size = request_var('jab_package_size', $config['jab_package_size']); - $jabber = new jabber(); + $jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_resource); $error = array(); - // Setup the basis vars for jabber connection - $jabber->server = $jab_host; - $jabber->port = ($jab_port) ? $jab_port : 5222; - $jabber->username = $jab_username; - $jabber->password = $jab_password; - $jabber->resource = $jab_resource; - $message = $user->lang['JAB_SETTINGS_CHANGED']; $log = 'JAB_SETTINGS_CHANGED'; diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 36eac665c2..f9f08ee694 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -70,7 +70,7 @@ class acp_permissions if ($select_all_groups) { // Add default groups to selection - $sql_and = (!$config['coppa_enable']) ? " AND group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? " AND group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . ' diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 7c789e4773..8fe9e10bae 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -267,11 +267,7 @@ class acp_prune { if ($action == 'deactivate') { - foreach ($user_ids as $user_id) - { - user_active_flip($user_id, USER_NORMAL, false, false, INACTIVE_MANUAL, true); - } - + user_active_flip('deactivate', $user_ids); $l_log = 'LOG_PRUNE_USER_DEAC'; } else if ($action == 'delete') diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 06a6f3c97a..bd28662a42 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -174,7 +174,7 @@ class acp_users if (confirm_box(true)) { - user_delete($delete_type, $user_id); + user_delete($delete_type, $user_id, $user_row['username']); add_log('admin', 'LOG_USER_DELETED', $user_row['username']); trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action)); @@ -205,6 +205,11 @@ class acp_users trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + $ban = array(); switch ($action) @@ -256,6 +261,16 @@ class acp_users trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + + if ($user_row['user_type'] == USER_IGNORE) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + if ($config['email_enable']) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); @@ -267,9 +282,14 @@ class acp_users $key_len = ($key_len > 6) ? $key_len : 6; $user_actkey = substr($user_actkey, 0, $key_len); - if ($user_row['user_type'] != USER_INACTIVE) + if ($user_row['user_type'] == USER_NORMAL) { - user_active_flip($user_id, $user_row['user_type'], $user_actkey, $user_row['username'], INACTIVE_MANUAL); + user_active_flip('deactivate', $user_id, INACTIVE_REMIND); + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '" . $db->sql_escape($user_actkey) . "' + WHERE user_id = $user_id"; + $db->sql_query($sql); } $messenger = new messenger(false); @@ -311,24 +331,23 @@ class acp_users trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - user_active_flip($user_id, $user_row['user_type'], false, $user_row['username'], INACTIVE_MANUAL); - - $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; - $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; - - add_log('user', $user_id, $log . '_USER'); - - if ($user_row['user_type'] == USER_INACTIVE) + if ($user_row['user_type'] == USER_FOUNDER) { - set_config('num_users', $config['num_users'] + 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - else + + if ($user_row['user_type'] == USER_IGNORE) { - set_config('num_users', $config['num_users'] - 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - // Update latest username - update_last_username(); + user_active_flip('flip', $user_id); + + $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; + $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; + + add_log('admin', $log, $user_row['username']); + add_log('user', $user_id, $log . '_USER'); trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -783,9 +802,21 @@ class acp_users } else { - $quick_tool_ary = array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP', 'active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'), 'delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); + $quick_tool_ary = array(); + + if ($user_row['user_type'] != USER_FOUNDER) + { + $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP'); + } + + if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE) + { + $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE')); + } + + $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); - if ($config['email_enable']) + if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE)) { $quick_tool_ary['reactivate'] = 'FORCE'; } @@ -807,7 +838,7 @@ class acp_users 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false, - 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE) ? true : false, + 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false, 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'), 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}", @@ -1854,11 +1885,11 @@ class acp_users $s_group_options = ''; while ($row = $db->sql_fetchrow($result)) { - if (!$config['coppa_enable'] && in_array($row['group_name'], array('INACTIVE_COPPA', 'REGISTERED_COPPA'))) + if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA') { continue; } - + $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index c578881c3f..5e927ce439 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -714,7 +714,7 @@ class auth $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($username) . "'"; + WHERE LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -738,11 +738,36 @@ class auth // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { + $old_session_id = $user->session_id; + + if ($admin) + { + global $SID, $_SID; + + $cookie_expire = time() - 31536000; + $user->set_cookie('u', '', $cookie_expire); + $user->set_cookie('sid', '', $cookie_expire); + unset($cookie_expire); + + $SID = '?sid='; + $user->session_id = $_SID = ''; + } + $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); // Successful session creation if ($result === true) { + // If admin re-authentication we remove the old session entry because a new one has been created... + if ($admin) + { + // the login array is used because the user ids do not differ for re-authentication + $sql = 'DELETE FROM ' . SESSIONS_TABLE . " + WHERE session_id = '" . $db->sql_escape($old_session_id) . "' + AND session_user_id = {$login['user_row']['user_id']}"; + $db->sql_query($sql); + } + return array( 'status' => LOGIN_SUCCESS, 'error_msg' => false, diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 42d3c41463..0ed3ad8d84 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -27,12 +27,11 @@ define('USER_NORMAL', 0); define('USER_INACTIVE', 1); define('USER_IGNORE', 2); define('USER_FOUNDER', 3); -//define('USER_BOT', 2); -//define('USER_GUEST', 4); define('INACTIVE_REGISTER', 1); define('INACTIVE_PROFILE', 2); define('INACTIVE_MANUAL', 3); +define('INACTIVE_REMIND', 4); // ACL define('ACL_NEVER', 0); diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php index 15158bbb59..1901bd4270 100644 --- a/phpBB/includes/db/mysql.php +++ b/phpBB/includes/db/mysql.php @@ -33,6 +33,8 @@ if (!defined('SQL_LAYER')) */ class dbal_mysql extends dbal { + var $mysql_version; + /** * Connect to server * @access public @@ -51,14 +53,14 @@ class dbal_mysql extends dbal if (@mysql_select_db($this->dbname)) { // Determine what version we are using and if it natively supports UNICODE - $mysql_version = mysql_get_server_info($this->db_connect_id); + $this->mysql_version = mysql_get_server_info($this->db_connect_id); - if (version_compare($mysql_version, '4.1.3', '>=')) + if (version_compare($this->mysql_version, '4.1.3', '>=')) { define('SQL_LAYER', 'mysql4'); @mysql_query("SET NAMES 'utf8'", $this->db_connect_id); } - else if (version_compare($mysql_version, '4.0.0', '>=')) + else if (version_compare($this->mysql_version, '4.0.0', '>=')) { define('SQL_LAYER', 'mysql4'); } @@ -79,7 +81,7 @@ class dbal_mysql extends dbal */ function sql_server_info() { - return 'MySQL ' . @mysql_get_server_info($this->db_connect_id); + return 'MySQL ' . $this->mysql_version; } /** diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8ada82cffe..a5e6570116 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1913,7 +1913,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false, - 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx"), // Needs to stay index.$phpEx because we are within the admin directory + 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index b346e09a2b..2119b86740 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -207,7 +207,7 @@ function group_select_options($group_id, $exclude_ids = false) global $db, $user, $config; $exclude_sql = ($exclude_ids !== false && sizeof($exclude_ids)) ? 'WHERE ' . $db->sql_in_set('group_id', array_map('intval', $exclude_ids), true) : ''; - $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . " @@ -245,6 +245,7 @@ function get_forum_list($acl_list = 'f_list', $id_only = true, $postable_only = ORDER BY left_id ASC'; $result = $db->sql_query($sql, $expire_time); + $forum_rows = array(); while ($row = $db->sql_fetchrow($result)) { $forum_rows[] = $row; @@ -2343,7 +2344,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $sql = 'SELECT user_id, username, user_regdate, user_lastvisit, user_inactive_time, user_inactive_reason FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : '') . " + (($limit_days) ? " AND user_inactive_time >= $limit_days" : '') . " ORDER BY $sort_by"; $result = $db->sql_query_limit($sql, $limit, $offset); @@ -2363,15 +2364,19 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li case INACTIVE_MANUAL: $row['inactive_reason'] = $user->lang['INACTIVE_REASON_MANUAL']; break; + + case INACTIVE_REMIND: + $row['inactive_reason'] = $user->lang['INACTIVE_REASON_REMIND']; + break; } $users[] = $row; } - $sql = 'SELECT count(user_id) AS user_count + $sql = 'SELECT COUNT(user_id) AS user_count FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : ''); + (($limit_days) ? " AND user_inactive_time >= $limit_days" : ''); $result = $db->sql_query($sql); $user_count = (int) $db->sql_fetchfield('user_count'); $db->sql_freeresult($result); diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 9efe17dc6b..1bdeb6eb40 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -3,23 +3,24 @@ * * @package phpBB3 * @version $Id$ -* @copyright (c) 2005 phpBB Group +* @copyright (c) 2006 phpBB Group * @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** * -* Class.Jabber.PHP v0.4 -* (c) 2002 Carlo "Gossip" Zottmann -* http://phpjabber.g-blog.net *** gossip@jabber.g-blog.net +* Class.Jabber.PHP v0.4.2 +* (c) 2004 Nathan "Fritzy" Fritz +* http://cjphp.netflint.net *** fritzy@netflint.net * -* The FULL documentation and examples for this software can be found at -* http://phpjabber.g-blog.net (not many doc comments in here, sorry) +* This is a bugfix version, specifically for those who can't get +* 0.4 to work on Jabberd2 servers. * -* last modified: 27.04.2003 13:01:53 CET -* -* Modified by members of the phpBB Group +* last modified: 24.03.2004 13:01:53 +* +* Modified by phpBB Development Team +* version: v0.4.3a * * @package phpBB3 */ @@ -36,13 +37,14 @@ class jabber var $delay_disconnect; var $stream_id; - var $roster; + + var $enable_logging; + var $log_array; var $iq_sleep_timer; var $last_ping_time; var $packet_queue; - var $subscription_queue; var $iq_version_name; var $iq_version_os; @@ -60,17 +62,24 @@ class jabber /** * Constructor */ - function jabber() + function jabber($server, $port, $username, $password, $resource) { - $this->port = '5222'; - $this->resource = NULL; - $this->packet_queue = $this->subscription_queue = array(); + $this->server = ($server) ? $server : 'localhost'; + $this->port = ($port) ? $port : '5222'; + $this->username = $username; + $this->password = $password; + $this->resource = ($resource) ? $resource : NULL; + + $this->enable_logging = true; + $this->log_array = array(); + + $this->packet_queue = array(); $this->iq_sleep_timer = $this->delay_disconnect = 1; $this->returned_keep_alive = true; $this->txnid = 0; - $this->iq_version_name = "Class.Jabber.PHP -- http://phpjabber.g-blog.net -- by Carlo 'Gossip' Zottmann, gossip@jabber.g-blog.net"; + $this->iq_version_name = "Class.Jabber.PHP -- http://cjphp.netflint.net -- by Nathan 'Fritzy' Fritz, fritz@netflint.net"; $this->iq_version_version = '0.4'; $this->iq_version_os = $_SERVER['SERVER_SOFTWARE']; @@ -104,7 +113,7 @@ class jabber if ($this->connector->open_socket($this->server, $this->port)) { $this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n"); - $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'>\n"); + $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"); sleep(2); @@ -115,11 +124,13 @@ class jabber } else { + $this->add_to_log('ERROR: connect() #1'); return false; } } else { + $this->add_to_log('ERROR: connect() #2'); return false; } } @@ -139,55 +150,12 @@ class jabber } /** - * Cruise Control - */ - function cruise_control($seconds = -1) - { - $count = 0; - - while ($count != $seconds) - { - $this->listen(); - - do - { - $packet = $this->get_first_from_queue(); - - if ($packet) - { - $this->call_handler($packet); - } - } - while (sizeof($this->packet_queue) > 1); - - $count += 0.25; - usleep(250000); - - if ($this->last_ping_time != date('H:i')) - { - // Modified by Nathan Fritz - if ($this->returned_keep_alive == false) - { - $this->connected = false; - //EVENT: Disconnected - } - - $this->returned_keep_alive = false; - $this->keep_alive_id = 'keep_alive_' . time(); - $this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control'); - $this->last_ping_time = date('H:i'); - } - } - - return true; - } - - /** * Send authentication request */ function send_auth() { $this->auth_id = 'auth_' . md5(time() . $_SERVER['REMOTE_ADDR']); + $this->resource = ($this->resource != NULL) ? $this->resource : ('Class.Jabber.PHP ' . md5($this->auth_id)); $this->jid = "{$this->username}@{$this->server}/{$this->resource}"; // request available authentication methods @@ -197,6 +165,7 @@ class jabber // was a result returned? if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) { + // yes, now check for auth method availability in descending order (best to worst) if (isset($packet['iq']['#']['query'][0]['#']['sequence'][0]['#']) && isset($packet['iq']['#']['query'][0]['#']['token'][0]['#'])) { // auth_0k @@ -212,10 +181,16 @@ class jabber // plain text return $this->_sendauth_plaintext(); } + else + { + $this->add_to_log('ERROR: send_auth() #2 - No auth method available!'); + return false; + } } else { // no result returned + $this->add_to_log('ERROR: send_auth() #1'); return false; } } @@ -319,86 +294,15 @@ class jabber { $xml = trim($xml); - return ($this->connector->write_to_socket($xml)) ? true : false; - } - - /** - * get the transport registration fields - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration_details($transport) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) + if ($this->connector->write_to_socket($xml)) { - $res = array(); - - foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) - { - if ($element != 'instructions' && $element != 'key') - { - $res[] = $element; - } - } - - return $res; - } - else - { - return 3; - } - } - - /** - * register with the transport - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration($transport, $details) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) - { - // just in case a key was passed back from the server - $key = $this->get_info_from_iq_key($packet); - unset($packet); - - $payload = ($key) ? "<key>$key</key>\n" : ''; - foreach ($details as $element => $value) - { - $payload .= "<$element>$value</$element>\n"; - } - - $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", "jabber:iq:register", $payload); - - if ($this->get_info_from_iq_type($packet) == 'result') - { - if (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) - { - $return_code = 1; - } - else - { - $return_code = 2; - } - } - else if ($this->get_info_from_iq_type($packet) == 'error') - { - if (isset($packet['iq']['#']['error'][0]['#'])) - { - $return_code = "Error " . $packet['iq']['#']['error'][0]['@']['code'] . ": " . $packet['iq']['#']['error'][0]['#']; - // ERROR: TransportRegistration() - } - } - - return $return_code; + $this->add_to_log('SEND: ' . $xml); + return true; } else { - return 3; + $this->add_to_log('ERROR: send_packet() #1'); + return false; } } @@ -418,11 +322,12 @@ class jabber if ($incoming != '') { + $this->add_to_log('RECV: ' . $incoming); $temp = $this->_split_incoming($incoming); - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) + for ($i = 0, $size = sizeof($temp); $i < $size; $i++) { - $this->packet_queue[] = $this->xmlize($temp[$a]); + $this->packet_queue[] = $this->xmlize($temp[$i]); } } @@ -454,12 +359,12 @@ class jabber $xml = "<message to='$to' type='$type' id='$id'>\n"; - if (isset($content['subject']) && $content['subject']) + if (!empty($content['subject'])) { $xml .= '<subject>' . $content['subject'] . "</subject>\n"; } - if (isset($content['thread']) && $content['thread']) + if (!empty($content['thread'])) { $xml .= '<thread>' . $content['thread'] . "</thread>\n"; } @@ -468,10 +373,18 @@ class jabber $xml .= $payload; $xml .= "</message>\n"; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_message() #1'); + } } else { + $this->add_to_log('ERROR: send_message() #2'); return false; } } @@ -492,7 +405,15 @@ class jabber $xml .= ($status || $show || $priority) ? "</presence>\n" : ''; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_presence() #1'); + return false; + } } /** @@ -579,11 +500,63 @@ class jabber else { $this->handler_not_implemented($packet); + $this->add_to_log("ERROR: call_handler() #1 - neither method nor function $funcmeth() available"); } } } /** + * Cruise Control + */ + function cruise_control($seconds = -1) + { + $count = 0; + + while ($count != $seconds) + { + $this->listen(); + + do + { + $packet = $this->get_first_from_queue(); + + if ($packet) + { + $this->call_handler($packet); + } + } + while (sizeof($this->packet_queue) > 1); + + $count += 0.25; + usleep(250000); + + if (($this->last_ping_time + 180) < time()) + { + // Modified by Nathan Fritz + if ($this->returned_keep_alive == false) + { + $this->connected = false; + $this->add_to_log('EVENT: Disconnected'); + } + + if ($this->returned_keep_alive == true) + { + $this->connected = true; + } + + $this->returned_keep_alive = false; + + $this->keep_alive_id = 'keep_alive_' . time(); + // $this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control'); + $this->send_packet("<iq type='get' from='{$this->username}@{$this->server}/{$this->resource}' to='{$this->server}' id='{$this->keep_alive_id}'><query xmlns='jabber:iq:time' /></iq>"); + $this->last_ping_time = time(); + } + } + + return true; + } + + /** * Send iq */ function send_iq($to = NULL, $type = 'get', $id = NULL, $xmlns = NULL, $payload = NULL, $from = NULL) @@ -592,12 +565,13 @@ class jabber { unset($type); + $this->add_to_log("ERROR: send_iq() #2 - type must be 'get', 'set', 'result' or 'error'"); return false; } else if ($id && $xmlns) { $xml = "<iq type='$type' id='$id'"; - $xml .= ($to) ? " to='$to'" : ''; + $xml .= ($to) ? " to='" . htmlspecialchars($to) . "'" : ''; $xml .= ($from) ? " from='$from'" : ''; $xml .= "> <query xmlns='$xmlns'> @@ -613,10 +587,109 @@ class jabber } else { + $this->add_to_log('ERROR: send_iq() #1 - to, id and xmlns are mandatory'); return false; } } + /** + * get the transport registration fields + * method written by Steve Blinch, http://www.blitzaffe.com + */ + function transport_registration_details($transport) + { + $this->txnid++; + $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid); + + if ($packet) + { + $res = array(); + + foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) + { + if ($element != 'instructions' && $element != 'key') + { + $res[] = $element; + } + } + + return $res; + } + else + { + return 3; + } + } + + /** + * register with the transport + * method written by Steve Blinch, http://www.blitzaffe.com + */ + function transport_registration($transport, $details) + { + $this->txnid++; + $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid); + + if ($packet) + { + // just in case a key was passed back from the server + $key = $this->get_info_from_iq_key($packet); + unset($packet); + + $payload = ($key) ? "<key>$key</key>\n" : ''; + foreach ($details as $element => $value) + { + $payload .= "<$element>$value</$element>\n"; + } + + $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", 'jabber:iq:register', $payload); + + if ($this->get_info_from_iq_type($packet) == 'result') + { + $return_code = (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) ? 1 : 2; + } + else if ($this->get_info_from_iq_type($packet) == 'error') + { + if (isset($packet['iq']['#']['error'][0]['#'])) + { + $return_code = 'Error ' . $packet['iq']['#']['error'][0]['@']['code'] . ': ' . $packet['iq']['#']['error'][0]['#']; + $this->add_to_log('ERROR: transport_registration()'); + } + } + + return $return_code; + } + else + { + return 3; + } + } + + /** + * Return log + */ + function get_log() + { + if ($this->enable_logging && sizeof($this->log_array)) + { + return implode("\n\n", $this->log_array); + } + + return ''; + } + + /** + * Add information to log + */ + function add_to_log($string) + { + if ($this->enable_logging) + { + $this->log_array[] = htmlspecialchars($string); + } + } + + // ====================================================================== // private methods // ====================================================================== @@ -634,7 +707,7 @@ class jabber $zerok_hash = sha1($zerok_hash . $zerok_token); // repeat as often as needed - for ($a = 0; $a < $zerok_sequence; $a++) + for ($i = 0; $i < $zerok_sequence; $i++) { $zerok_hash = sha1($zerok_hash); } @@ -646,7 +719,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_ok() #1'); + return false; + } } /** @@ -662,7 +743,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_digest() #1'); + return false; + } } /** @@ -678,7 +767,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_plaintext() #1'); + return false; + } } /** @@ -695,6 +792,12 @@ class jabber } $incoming = trim($incoming); + + if ($incoming != '') + { + $this->add_to_log('RECV: ' . $incoming); + } + return $this->xmlize($incoming); } @@ -708,40 +811,82 @@ class jabber if (is_array($incoming_array)) { - if ($incoming_array['stream:stream']['@']['from'] == $this->server - && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' - && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') + if ($incoming_array['stream:stream']['@']['from'] == $this->server && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') { $this->stream_id = $incoming_array['stream:stream']['@']['id']; - return true; + if ($incoming_array['stream:stream']['#']['stream:features'][0]['#']['starttls'][0]['@']['xmlns'] == 'urn:ietf:params:xml:ns:xmpp-tls') + { + return $this->_starttls(); + } + else + { + return true; + } } else { + $this->add_to_log('ERROR: _check_connected() #1'); return false; } } else { + $this->add_to_log('ERROR: _check_connected() #2'); return false; } } /** - * Split incoming packet + * Start TLS/SSL session if supported (PHP5.1) * @access private */ - function _split_incoming($incoming) + function _starttls() { - $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); - $array = array(); + if (!function_exists('stream_socket_enable_crypto') || !function_exists('stream_get_meta_data') || !function_exists('socket_set_blocking')) + { + $this->add_to_log('WARNING: TLS is not available'); + return true; + } - for ($a = 1; $a < sizeof($temp); $a = $a + 2) + $this->send_packet("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\n"); + sleep(2); + $incoming_array = $this->_listen_incoming(); + + if (!is_array($incoming_array)) { - $array[] = '<' . $temp[$a] . $temp[($a + 1)]; + $this->add_to_log('ERROR: _starttls() #1'); + return false; } - return $array; + if ($incoming_array['proceed']['@']['xmlns'] != 'urn:ietf:params:xml:ns:xmpp-tls') + { + $this->add_to_log('ERROR: _starttls() #2'); + return false; + } + + $meta = stream_get_meta_data($this->connector->active_socket); + socket_set_blocking($this->connector->active_socket, 1); + + if (!stream_socket_enable_crypto($this->connector->active_socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) + { + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + $this->add_to_log('ERROR: _starttls() #3'); + return false; + } + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + + $this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n"); + $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"); + sleep(2); + + if (!$this->_check_connected()) + { + $this->add_to_log('ERROR: _starttls() #4'); + return false; + } + + return true; } /** @@ -760,6 +905,23 @@ class jabber } /** + * Split incoming packet + * @access private + */ + function _split_incoming($incoming) + { + $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); + $array = array(); + + for ($i = 1, $size = sizeof($temp); $i < $size; $i += 2) + { + $array[] = '<' . $temp[$i] . $temp[($i + 1)]; + } + + return $array; + } + + /** * Recursively prepares the strings in an array to be used in XML data. * @access private */ @@ -844,6 +1006,14 @@ class jabber } /** + * Get info from message (xmlns) + */ + function get_info_from_message_xmlns($packet = NULL) + { + return (is_array($packet)) ? $packet['message']['#']['x'] : false; + } + + /** * Get info from message (error) */ function get_info_from_message_error($packet = NULL) @@ -902,19 +1072,48 @@ class jabber // ====================================================================== /** - * return message (from) + * Message type normal */ function handler_message_normal($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type normal) from $from"); + } + + /** + * Message type chat + */ + function handler_message_chat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type chat) from $from"); + } + + /** + * Message type groupchat + */ + function handler_message_groupchat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type groupchat) from $from"); } /** - * return error (from) + * Message type headline + */ + function handler_message_headline($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type headline) from $from"); + } + + /** + * Message type error */ function handler_message_error($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type error) from $from"); } // ====================================================================== @@ -922,6 +1121,42 @@ class jabber // ====================================================================== /** + * application version updates + */ + function handler_iq_jabber_iq_autoupdate($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:autoupdate from $from"); + } + + /** + * interactive server component properties + */ + function handler_iq_jabber_iq_agent($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agent from $from"); + } + + /** + * method to query interactive server components + */ + function handler_iq_jabber_iq_agents($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agents from $from"); + } + + /** * simple client authentication */ function handler_iq_jabber_iq_auth($packet) @@ -930,6 +1165,31 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:auth from $from"); + } + + /** + * out of band data + */ + function handler_iq_jabber_iq_oob($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:oob from $from"); + } + + /** + * method to store private data on the server + */ + function handler_iq_jabber_iq_private($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:private from $from"); } /** @@ -941,19 +1201,89 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:register from $from"); + } + + /** + * client roster management + */ + function handler_iq_jabber_iq_roster($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:roster from $from"); + } + + /** + * method for searching a user database + */ + function handler_iq_jabber_iq_search($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:search from $from"); } /** - * keepalive method, added by Nathan Fritz + * method for requesting the current time */ - function handler_iq_($packet) + function handler_iq_jabber_iq_time($packet) { if ($this->keep_alive_id == $this->get_info_from_iq_id($packet)) { $this->returned_keep_alive = true; + $this->connected = true; + + $this->add_to_log('EVENT: Keep-Alive returned, connection alive.'); + } + + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'time_' . time(); + + if ($type == 'get') + { + $payload = '<utc>' . gmdate("Ydm\TH:i:s") . '</utc><tz>' . date('T') . '</tz><display>' . date("Y/d/m h:i:s A") . '</display>'; + $this->send_iq($from, 'result', $id, 'jabber:iq:time', $payload); } + + $this->add_to_log("EVENT: jabber:iq:time (type $type) from $from"); + } + + /** + */ + function handler_iq_error($packet) + { + // We'll do something with these later. This is a placeholder so that errors don't bounce back and forth. } - + + /** + * method for requesting version + */ + function handler_iq_jabber_iq_version($packet) + { + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'version_' . time(); + + if ($type == 'get') + { + $payload = "<name>{$this->iq_version_name}</name> + <os>{$this->iq_version_os}</os> + <version>{$this->iq_version_version}</version>"; + + //$this->SendIq($from, 'result', $id, "jabber:iq:version", $payload); + } + + $this->add_to_log("EVENT: jabber:iq:version (type $type) from $from -- DISABLED"); + } + // ====================================================================== // Generic handlers // ====================================================================== @@ -968,28 +1298,34 @@ class jabber $id = call_user_func(array(&$this, 'get_info_from_' . strtolower($packet_type) . '_id'), $packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: Unrecognized <$packet_type/> from $from"); } + // ====================================================================== // Third party code // m@d pr0ps to the coders ;) + // ====================================================================== /** * xmlize() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ - function xmlize($data) + function xmlize($data, $skip_white = 1, $encoding = 'UTF-8') { + $data = trim($data); + $vals = $index = $array = array(); - $parser = @xml_parser_create(); - @xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); - @xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); - @xml_parse_into_struct($parser, $data, $vals, $index); - @xml_parser_free($parser); + $parser = xml_parser_create($encoding); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); + xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, $skip_white); + xml_parse_into_struct($parser, $data, $vals, $index); + xml_parser_free($parser); $i = 0; - $tagname = $vals[$i]['tag']; - $array[$tagname]['@'] = $vals[$i]['attributes']; + + $array[$tagname]['@'] = (isset($vals[$i]['attributes'])) ? $vals[$i]['attributes'] : array(); $array[$tagname]['#'] = $this->_xml_depth($vals, $i); return $array; @@ -997,47 +1333,51 @@ class jabber /** * _xml_depth() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ function _xml_depth($vals, &$i) { $children = array(); - if (isset($vals[$i]['value']) && $vals[$i]['value']) + if (isset($vals[$i]['value'])) { - array_push($children, trim($vals[$i]['value'])); + array_push($children, $vals[$i]['value']); } while (++$i < sizeof($vals)) { switch ($vals[$i]['type']) { - case 'cdata': - array_push($children, trim($vals[$i]['value'])); - break; + case 'open': - case 'complete': - $tagname = $vals[$i]['tag']; + $tagname = (isset($vals[$i]['tag'])) ? $vals[$i]['tag'] : ''; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? trim($vals[$i]['value']) : ''; - if (isset($vals[$i]['attributes']) && $vals[$i]['attributes']) + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; } + + $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); + break; - case 'open': + case 'cdata': + array_push($children, $vals[$i]['value']); + break; + + case 'complete': + $tagname = $vals[$i]['tag']; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - if ($vals[$i]['attributes']) + $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? $vals[$i]['value'] : array(); + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); - } - else - { - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); } + break; case 'close': @@ -1050,8 +1390,9 @@ class jabber } /** - * traverse_xmlize() - * (c) acebone@f2s.com, a HUGE help! + * TraverseXMLize() + * @author acebone@f2s.com + * @copyright acebone@f2s.com, a HUGE help! */ function traverse_xmlize($array, $arr_name = 'array', $level = 0) { @@ -1060,7 +1401,7 @@ class jabber echo '<pre>'; } - while (list($key, $val) = @each($array)) + foreach ($array as $key => $val) { if (is_array($val)) { @@ -1068,7 +1409,7 @@ class jabber } else { - echo '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n"; + $GLOBALS['traverse_array'][] = '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n"; } } @@ -1076,117 +1417,13 @@ class jabber { echo '</pre>'; } - } -} - -/** -* make_xml -* Currently not in use -* @package phpBB3 -class make_xml extends jabber -{ - var $nodes; - - function make_xml() - { - $nodes = array(); - } - - function add_packet_details($string, $value = NULL) - { - if (preg_match('#\(([0-9]*)\)$#i', $string)) - { - $string .= '/["#"]'; - } - - $temp = @explode('/', $string); - - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) - { - $temp[$a] = preg_replace('#^[@]{1}([a-z0-9_]*)$#i', '["@"]["\1"]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)\(([0-9]*)\)$/i', '["\1"][\2]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)$#i', '["\1"]', $temp[$a]); - } - - $node = implode('', $temp); - // Yeahyeahyeah, I know it's ugly... get over it. ;) - echo '$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";<br/>'; - eval('$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";'); - } - - function build_packet($array = NULL) - { - if (!$array) - { - $array = $this->nodes; - } - - if (is_array($array)) - { - array_multisort($array, SORT_ASC, SORT_STRING); - - foreach ($array as $key => $value) - { - if (is_array($value) && $key == '@') - { - foreach ($value as $subkey => $subvalue) - { - $subvalue = htmlspecialchars($subvalue); - $text .= " $subkey='$subvalue'"; - } - - $text .= ">\n"; - - } - else if ($key == '#') - { - $text .= htmlspecialchars($value); - } - else if (is_array($value)) - { - for ($a = 0, $size = sizeof($value); $a < $size; $a++) - { - $text .= "<$key"; - - if (!$this->_preg_grep_keys('#^@#', $value[$a])) - { - $text .= '>'; - } - - $text .= $this->build_packet($value[$a]); - $text .= "</$key>\n"; - } - } - else - { - $value = htmlspecialchars($value); - $text .= "<$key>$value</$key>\n"; - } - } - - return $text; - } - - return false; - } - - function _preg_grep_keys($pattern, $array) - { - foreach ($array as $key => $val) - { - if (preg_match($pattern, $key)) - { - $newarray[$key] = $val; - } - } - return (is_array($newarray)) ? $newarray : false; + return 1; } } -*/ /** -* connector +* Jabber Connector * @package phpBB3 */ class cjp_standard_connector @@ -1198,7 +1435,21 @@ class cjp_standard_connector */ function open_socket($server, $port) { - if ($this->active_socket = @fsockopen($server, $port, $err, $err2, 5)) + if (function_exists('dns_get_record')) + { + $record = dns_get_record("_xmpp-client._tcp.$server", DNS_SRV); + + if (!empty($record)) + { + $server = $record[0]['target']; + $port = $record[0]['port']; + } + } + + $errno = 0; + $errstr = ''; + + if ($this->active_socket = @fsockopen($server, $port, $errno, $errstr, 5)) { @socket_set_blocking($this->active_socket, 0); @socket_set_timeout($this->active_socket, 31536000); @@ -1233,9 +1484,7 @@ class cjp_standard_connector function read_from_socket($chunksize) { $buffer = @fread($this->active_socket, $chunksize); - - //$buffer = (STRIP) ? stripslashes($buffer) : $buffer; - //@set_magic_quotes_runtime(get_magic_quotes_gpc()); + $buffer = (STRIP) ? stripslashes($buffer) : $buffer; return $buffer; } diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 983ec7f0a5..0edf294063 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -417,13 +417,7 @@ class messenger if (!$use_queue) { include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -557,13 +551,7 @@ class queue } include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -603,14 +591,19 @@ class queue $message = 'Method: [ ' . (($config['smtp_delivery']) ? 'SMTP' : 'PHP') . ' ]<br /><br />' . $err_msg . '<br /><br /><u>CALLING PAGE</u><br /><br />' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); messenger::error('EMAIL', $message); - continue 3; + continue 2; } break; case 'jabber': foreach ($addresses as $address) { - $this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)); + if ($this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)) === false) + { + $message = 'Method: [ JABBER ]<br /><br />' . $this->jabber->get_log() . '<br /><br /><u>CALLING PAGE</u><br /><br />' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); + messenger::error('JABBER', $message); + continue 3; + } } break; } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a24e26fe20..6e6cc1020e 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1899,7 +1899,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u trigger_error('NO_SUCH_SEARCH_MODULE'); } - require("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + require_once("{$phpbb_root_path}includes/search/$search_type.$phpEx"); $error = false; $search = new $search_type($error); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 1c05e48ae3..b8b4c6a6dd 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -141,10 +141,6 @@ function user_add($user_row, $cp_data = false) 'user_type' => $user_row['user_type'], ); - /** - * @todo user_allow_email is not used anywhere. Think about removing it. - */ - // These are the additional vars able to be specified $additional_vars = array( 'user_permissions' => '', @@ -182,7 +178,6 @@ function user_add($user_row, $cp_data = false) 'user_notify_pm' => 1, 'user_notify_type' => NOTIFY_EMAIL, 'user_allow_pm' => 1, - 'user_allow_email' => 1, 'user_allow_viewonline' => 1, 'user_allow_viewemail' => 1, 'user_allow_massemail' => 1, @@ -265,23 +260,34 @@ function user_delete($mode, $user_id, $post_username = false) switch ($mode) { case 'retain': + + if ($post_username === false) + { + $post_username = $user->lang['GUEST']; + } + $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET forum_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . ", forum_last_poster_colour = '' + SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = '' WHERE forum_last_poster_id = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . POSTS_TABLE . ' - SET poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", post_username = '" . $db->sql_escape($post_username) . "'" : '') . " + SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "' WHERE poster_id = $user_id"; $db->sql_query($sql); + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_edit_user = ' . ANONYMOUS . " + WHERE post_edit_user = $user_id"; + $db->sql_query($sql); + $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_poster = ' . ANONYMOUS . " + SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = '' WHERE topic_poster = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . " + SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = '' WHERE topic_last_poster_id = $user_id"; $db->sql_query($sql); break; @@ -413,99 +419,96 @@ function user_delete($mode, $user_id, $post_username = false) set_config('num_users', $config['num_users'] - 1, true); - // Adjust last post info... - - $db->sql_transaction('commit'); return false; } /** -* Flips user_type from active to inactive and vice versa, handles -* group membership updates +* Flips user_type from active to inactive and vice versa, handles group membership updates +* +* @param string $mode can be flip for flipping from active/inactive, activate or deactivate */ -function user_active_flip($user_id, $user_type, $user_actkey = false, $username = false, $reason = 0, $no_log = false) +function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) { - global $db, $user, $auth; + global $config, $db, $user; - $sql = 'SELECT group_id, group_name - FROM ' . GROUPS_TABLE . " - WHERE group_name IN ('REGISTERED', 'REGISTERED_COPPA', 'INACTIVE', 'INACTIVE_COPPA')"; - $result = $db->sql_query($sql); + $deactivated = $activated = 0; + $sql_statements = array(); - $group_id_ary = array(); - while ($row = $db->sql_fetchrow($result)) + if (!is_array($user_id_ary)) { - $group_id_ary[$row['group_name']] = $row['group_id']; + $user_id_ary = array($user_id_ary); } - $db->sql_freeresult($result); - $sql = 'SELECT group_id - FROM ' . USER_GROUP_TABLE . " - WHERE user_id = $user_id"; + if (!sizeof($user_id_ary)) + { + return; + } + + $sql = 'SELECT user_id, group_id, user_type, user_inactive_reason + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', $user_id_ary); $result = $db->sql_query($sql); - $group_name = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; while ($row = $db->sql_fetchrow($result)) { - if ($name = array_search($row['group_id'], $group_id_ary)) + $sql_ary = array(); + + if ($row['user_type'] == USER_IGNORE || $row['user_type'] == USER_FOUNDER || + ($mode == 'activate' && $row['user_type'] != USER_INACTIVE) || + ($mode == 'deactivate' && $row['user_type'] == USER_INACTIVE)) { - $group_name = $name; - break; + continue; } - } - $db->sql_freeresult($result); - - $current_group = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; - $switch_group = ($user_type == USER_NORMAL) ? 'INACTIVE' : 'REGISTERED'; - $new_group_id = $group_id_ary[str_replace($current_group, $switch_group, $group_name)]; + if ($row['user_type'] == USER_INACTIVE) + { + $activated++; + } + else + { + $deactivated++; - $sql = 'UPDATE ' . USER_GROUP_TABLE . " - SET group_id = $new_group_id - WHERE user_id = $user_id - AND group_id = " . $group_id_ary[$group_name]; - $db->sql_query($sql); + // Remove the users session key... + $user->reset_login_keys($row['user_id']); + } - $sql_ary = array( - 'user_type' => ($user_type == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, - 'user_inactive_time' => ($user_type == USER_NORMAL) ? time() : 0, - 'user_inactive_reason' => ($user_type == USER_NORMAL) ? $reason : 0, - ); + $sql_ary += array( + 'user_type' => ($row['user_type'] == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, + 'user_inactive_time' => ($row['user_type'] == USER_NORMAL) ? time() : 0, + 'user_inactive_reason' => ($row['user_type'] == USER_NORMAL) ? $reason : 0, + ); - if ($user_actkey !== false) - { - $sql_ary['user_actkey'] = $user_actkey; + $sql_statements[$row['user_id']] = $sql_ary; } + $db->sql_freeresult($result); - $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - // Set the users default group from inactive to registered or registered to inactive - // only if the group id changed... - group_set_user_default($new_group_id, array($user_id)); - - $auth->acl_clear_prefetch($user_id); - - if (!$no_log) + if (sizeof($sql_statements)) { - if ($username === false) + foreach ($sql_statements as $user_id => $sql_ary) { - $sql = 'SELECT username - FROM ' . USERS_TABLE . " - WHERE user_id = $user_id"; - $result = $db->sql_query($sql); - $username = (string) $db->sql_fetchfield('username'); - $db->sql_freeresult($result); + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user_id; + $db->sql_query($sql); } - $log = ($user_type == USER_NORMAL) ? 'LOG_USER_INACTIVE' : 'LOG_USER_ACTIVE'; - add_log('admin', $log, $username); + $auth->acl_clear_prefetch(array_keys($sql_statements)); } - return false; + if ($deactivated) + { + set_config('num_users', $config['num_users'] - $deactivated, true); + } + + if ($activated) + { + set_config('num_users', $config['num_users'] + $activated, true); + } + + // Update latest username + update_last_username(); } /** diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b0237c2f3f..41708d19ab 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -127,9 +127,6 @@ class session * * @param bool $update_session_page if true the session page gets updated. * This can be set to circumvent certain scripts to update the users last visited page. - * - * @todo Introduce further user types, bot, guest - * @todo Change user_type (as above) to a bitfield? user_type & USER_FOUNDER for example */ function session_begin($update_session_page = true) { @@ -148,9 +145,6 @@ class session if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u'])) { - // Switch to request_var ... can this cause issues, can a _GET/_POST param - // be used to poison this? Not sure that it makes any difference in terms of - // the end result, be it a cookie or param. $this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0, false, true); $this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '', false, true); $this->session_id = request_var($config['cookie_name'] . '_sid', '', false, true); @@ -265,7 +259,6 @@ class session $db->sql_query($sql); } - // Ultimately to be removed $this->data['is_registered'] = ($this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false; @@ -275,7 +268,10 @@ class session else { // Added logging temporarly to help debug bugs... - add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + if (defined('DEBUG_EXTRA')) + { + add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + } } } } @@ -374,7 +370,7 @@ class session $sql = 'SELECT u.* FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k WHERE u.user_id = ' . (int) $this->cookie_data['u'] . ' - AND u.user_type <> ' . USER_INACTIVE . " + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ") AND k.user_id = u.user_id AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'"; $result = $db->sql_query($sql); @@ -389,7 +385,7 @@ class session $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->cookie_data['u'] . ' - AND user_type <> ' . USER_INACTIVE; + AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $this->data = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -439,18 +435,14 @@ class session // session exists in which case session_id will also be set // Is user banned? Are they excluded? Won't return on ban, exists within method - // @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time if ($this->data['user_type'] != USER_FOUNDER) { $this->check_ban($this->data['user_id'], $this->ip); } - // - // Do away with ultimately? - $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS) ? true : false; + + $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = ($bot) ? true : false; - // - // // If our friend is a bot, we re-assign a previously assigned session if ($this->data['is_bot'] && $bot === $this->data['user_id'] && $this->data['session_id']) @@ -493,8 +485,8 @@ class session } } - // @todo Change this ... check for "... && user_type & USER_NORMAL" ? $session_autologin = (($this->cookie_data['k'] || $persist_login) && $this->data['is_registered']) ? true : false; + $set_admin = ($set_admin && $this->data['is_registered']) ? true : false; // Create or update the session $sql_ary = array( @@ -734,20 +726,11 @@ class session { global $config; - if (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') - { - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path']); - } - else - { - // Firefox does not allow setting cookies with a domain containing no periods. - if (strpos($config['cookie_domain'], '.') === false) - { - $config['cookie_domain'] = '.' . $config['cookie_domain']; - } + $name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata); + $expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime); + $domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain']; - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); - } + header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false); } /** @@ -1020,15 +1003,20 @@ class user extends session $this->timezone = $config['board_timezone'] * 3600; $this->dst = $config['board_dst'] * 3600; -/* Browser-specific language setting removed - might re-appear later + /** + * If a guest user is surfing, we try to guess his/her language first by obtaining the browser language + * @todo if re-enabled we need to make sure only those languages installed are checked if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + foreach ($accept_lang_ary as $accept_lang) { // Set correct format ... guess full xx_YY form $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1039,6 +1027,8 @@ class user extends session { // No match on xx_YY so try xx $accept_lang = substr($accept_lang, 0, 2); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1048,7 +1038,7 @@ class user extends session } } } -*/ + */ } // We include common language file here to not load it every time a custom language file is included diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index b3c857b5d8..a6c1f82529 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -53,7 +53,6 @@ class ucp_activate if ($update_password) { $sql_ary = array( - 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '' @@ -69,12 +68,12 @@ class ucp_activate { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - // Now we need to demote the user from the inactive group and add him to the registered group - user_active_flip($user_row['user_id'], $user_row['user_type'], '', $user_row['username'], 0, true); + user_active_flip('activate', $user_row['user_id']); - // Update last username - update_last_username(); - set_config('num_users', $config['num_users'] + 1, true); + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '' + WHERE user_id = {$user_row['user_id']}"; + $db->sql_query($sql); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 15c7699253..011b87ddf2 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -120,7 +120,7 @@ class ucp_profile add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email); } - if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) + if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) { include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); @@ -185,11 +185,10 @@ class ucp_profile $messenger->save_queue(); + user_active_flip('deactivate', $user_id, INACTIVE_PROFILE); + $sql_ary += array( - 'user_type' => USER_INACTIVE, 'user_actkey' => $user_actkey, - 'user_inactive_reason' => INACTIVE_PROFILE, - 'user_inactive_time' => time(), ); } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 49246ca4c0..e3e1315721 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -220,9 +220,7 @@ class ucp_register $server_url = generate_board_url(); // Which group by default? - $group_reg = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; - $group_inactive = ($coppa) ? 'INACTIVE_COPPA' : 'INACTIVE'; - $group_name = ($config['require_activation'] == USER_ACTIVATION_NONE || !$config['email_enable']) ? $group_reg : $group_inactive; + $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 84ce3fe9b7..63d3aea790 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -46,7 +46,7 @@ class ucp_resend trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } - // Determine coppa status on group (INACTIVE(_COPPA)) + // Determine coppa status on group (REGISTERED(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; @@ -59,7 +59,7 @@ class ucp_resend trigger_error('NO_GROUP'); } - $coppa = ($row['group_name'] == 'INACTIVE_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; + $coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index fae340805e..e622e226ad 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -701,7 +701,6 @@ function prepare_column_data($dbms, $column_data) $sql .= ' COLLATE UNICODE'; } - $sql .= ",\n"; break; case 'mssql': diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 3f0b74320a..bd53016009 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -886,7 +886,7 @@ class install_install extends module $server_port = ($server_port !== '') ? $server_port : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT')); $server_protocol = ($server_protocol !== '') ? $server_protocol : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://'); $cookie_secure = ($cookie_secure !== '') ? $cookie_secure : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? true : false); - + foreach ($this->advanced_config_options as $config_key => $vars) { if (!is_array($vars) && strpos($config_key, 'legend') === false) @@ -964,6 +964,12 @@ class install_install extends module $cookie_domain = ($server_name != '') ? $server_name : (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + // Try to come up with the best solution for cookie domain... + if (strpos($cookie_domain, 'www.') === 0) + { + $cookie_domain = str_replace('www.', '.', $cookie_domain); + } + // If we get here and the extension isn't loaded it should be safe to just go ahead and load it if (!@extension_loaded($this->available_dbms[$dbms]['MODULE'])) { @@ -983,6 +989,19 @@ class install_install extends module // NOTE: trigger_error does not work here. $db->return_on_error = true; + // If mysql is chosen, we need to adjust the schema filename slightly to reflect the correct version. ;) + if ($dbms == 'mysql') + { + if (SQL_LAYER == 'mysql4' && version_compare($db->mysql_version, '4.1.3', '>=')) + { + $this->available_dbms[$dbms]['SCHEMA'] .= '_41'; + } + else + { + $this->available_dbms[$dbms]['SCHEMA'] .= '_40'; + } + } + // Ok we have the db info go ahead and read in the relevant schema // and work on building the table $dbms_schema = 'schemas/' . $this->available_dbms[$dbms]['SCHEMA'] . '_schema.sql'; @@ -1649,33 +1668,31 @@ class install_install extends module switch ($dbms) { case 'mysql': - case 'mysql4': case 'mysqli': - if (stristr($table_prefix, '-') !== false) + if (strpos($table_prefix, '-') !== false) { $error[] = $lang['INST_ERR_PREFIX_INVALID']; return false; } + + // no break; + case 'postgres': $prefix_length = 36; - break; case 'mssql': case 'mssql_odbc': $prefix_length = 90; - break; case 'sqlite': $prefix_length = 200; - break; case 'firebird': case 'oracle': $prefix_length = 6; - break; } @@ -1696,10 +1713,9 @@ class install_install extends module switch ($dbms) { case 'mysql': - case 'mysql4': case 'mysqli': case 'sqlite': - $sql = "SHOW TABLES"; + $sql = 'SHOW TABLES'; $field = "Tables_in_{$dbname}"; break; @@ -1755,13 +1771,6 @@ class install_install extends module // Make sure that the user has selected a sensible DBAL for the DBMS actually installed switch ($dbms) { - case 'mysql4': - if (version_compare(mysql_get_server_info($db->db_connect_id), '4.0.0', '<')) - { - $error[] = $lang['INST_ERR_DB_NO_MYSQL4']; - } - break; - case 'mysqli': if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) { @@ -1787,9 +1796,11 @@ class install_install extends module WHERE RDB$SYSTEM_FLAG IS NULL AND RDB$FUNCTION_NAME = 'CHAR_LENGTH'"; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); // if its a UDF, its too old - if ($db->sql_fetchrow($result)) + if ($row) { $error[] = $lang['INST_ERR_DB_NO_FIREBIRD']; } @@ -1797,14 +1808,13 @@ class install_install extends module { $sql = "SELECT FIRST 0 char_length('') FROM RDB\$DATABASE"; - $result2 = $db->sql_query($sql); - if (!$result2) // This can only fail if char_length is not defined + $result = $db->sql_query($sql); + if (!$result) // This can only fail if char_length is not defined { $error[] = $lang['INST_ERR_DB_NO_FIREBIRD']; } - $db->sql_freeresult($result2); + $db->sql_freeresult($result); } - $db->sql_freeresult($result); } break; @@ -1819,7 +1829,6 @@ class install_install extends module { $stats[$row['parameter']] = $row['value']; } - $db->sql_freeresult($result); if (version_compare($stats['NLS_RDBMS_VERSION'], '9.2', '<') && $stats['NLS_CHARACTERSET'] !== 'UTF8') @@ -1831,9 +1840,7 @@ class install_install extends module case 'postgres': $sql = "SHOW server_encoding;"; $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); if ($row['server_encoding'] !== 'UNICODE' && $row['server_encoding'] !== 'UTF8') @@ -1949,24 +1956,16 @@ class install_install extends module 'DRIVER' => 'firebird' ), 'mysqli' => array( - 'LABEL' => 'MySQL 4.1.x/5.x (MySQLi)', + 'LABEL' => 'MySQL with MySQLi Extension', 'SCHEMA' => 'mysql_41', 'MODULE' => 'mysqli', 'DELIM' => ';', 'COMMENTS' => 'remove_remarks', 'DRIVER' => 'mysqli' ), - 'mysql4' => array( - 'LABEL' => 'MySQL 4.x/MySQL 5.x', - 'SCHEMA' => 'mysql_41', - 'MODULE' => 'mysql', - 'DELIM' => ';', - 'COMMENTS' => 'remove_remarks', - 'DRIVER' => 'mysql' - ), 'mysql' => array( 'LABEL' => 'MySQL', - 'SCHEMA' => 'mysql_40', + 'SCHEMA' => 'mysql', 'MODULE' => 'mysql', 'DELIM' => ';', 'COMMENTS' => 'remove_remarks', diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index bf6497df2f..48f9934815 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -1403,7 +1403,6 @@ CREATE TABLE phpbb_users ( user_notify_pm INTEGER DEFAULT 1 NOT NULL, user_notify_type INTEGER DEFAULT 0 NOT NULL, user_allow_pm INTEGER DEFAULT 1 NOT NULL, - user_allow_email INTEGER DEFAULT 1 NOT NULL, user_allow_viewonline INTEGER DEFAULT 1 NOT NULL, user_allow_viewemail INTEGER DEFAULT 1 NOT NULL, user_allow_massemail INTEGER DEFAULT 1 NOT NULL, diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index 2170adca2a..fe7c91abb2 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -1645,7 +1645,6 @@ CREATE TABLE [phpbb_users] ( [user_notify_pm] [int] DEFAULT (1) NOT NULL , [user_notify_type] [int] DEFAULT (0) NOT NULL , [user_allow_pm] [int] DEFAULT (1) NOT NULL , - [user_allow_email] [int] DEFAULT (1) NOT NULL , [user_allow_viewonline] [int] DEFAULT (1) NOT NULL , [user_allow_viewemail] [int] DEFAULT (1) NOT NULL , [user_allow_massemail] [int] DEFAULT (1) NOT NULL , diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index b688f91aeb..bf8167a61c 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -1005,7 +1005,6 @@ CREATE TABLE phpbb_users ( user_notify_pm tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_notify_type tinyint(4) DEFAULT '0' NOT NULL, user_allow_pm tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, - user_allow_email tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_viewonline tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_viewemail tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_massemail tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index 78f365045a..a99e5ba830 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -1005,7 +1005,6 @@ CREATE TABLE phpbb_users ( user_notify_pm tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_notify_type tinyint(4) DEFAULT '0' NOT NULL, user_allow_pm tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, - user_allow_email tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_viewonline tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_viewemail tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, user_allow_massemail tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index 7e1522e56b..79b24786d7 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -1814,7 +1814,6 @@ CREATE TABLE phpbb_users ( user_notify_pm number(1) DEFAULT '1' NOT NULL, user_notify_type number(4) DEFAULT '0' NOT NULL, user_allow_pm number(1) DEFAULT '1' NOT NULL, - user_allow_email number(1) DEFAULT '1' NOT NULL, user_allow_viewonline number(1) DEFAULT '1' NOT NULL, user_allow_viewemail number(1) DEFAULT '1' NOT NULL, user_allow_massemail number(1) DEFAULT '1' NOT NULL, diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index bc1f81df98..7d110077c9 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -1265,7 +1265,6 @@ CREATE TABLE phpbb_users ( user_notify_pm INT2 DEFAULT '1' NOT NULL CHECK (user_notify_pm >= 0), user_notify_type INT2 DEFAULT '0' NOT NULL, user_allow_pm INT2 DEFAULT '1' NOT NULL CHECK (user_allow_pm >= 0), - user_allow_email INT2 DEFAULT '1' NOT NULL CHECK (user_allow_email >= 0), user_allow_viewonline INT2 DEFAULT '1' NOT NULL CHECK (user_allow_viewonline >= 0), user_allow_viewemail INT2 DEFAULT '1' NOT NULL CHECK (user_allow_viewemail >= 0), user_allow_massemail INT2 DEFAULT '1' NOT NULL CHECK (user_allow_massemail >= 0), diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 1748c88d12..0fb1c33349 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -405,12 +405,10 @@ INSERT INTO phpbb_forums (forum_name, forum_desc, left_id, right_id, parent_id, INSERT INTO phpbb_users (user_type, group_id, username, user_regdate, user_password, user_email, user_lang, user_style, user_rank, user_colour, user_posts, user_permissions, user_ip, user_birthday, user_lastpage, user_last_confirm_key, user_post_sortby_type, user_post_sortby_dir, user_topic_sortby_type, user_topic_sortby_dir, user_avatar, user_sig, user_sig_bbcode_uid, user_from, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_website, user_occ, user_interests, user_actkey, user_newpasswd) VALUES (2, 1, 'Anonymous', 0, '', '', 'en', 1, 0, '', 0, '', '', '', '', '', 't', 'a', 't', 'd', '', '', '', '', '', '', '', '', '', '', '', '', '', ''); # -- username: Admin password: admin (change this or remove it once everything is working!) -INSERT INTO phpbb_users (user_type, group_id, username, user_regdate, user_password, user_email, user_lang, user_style, user_rank, user_colour, user_posts, user_permissions, user_ip, user_birthday, user_lastpage, user_last_confirm_key, user_post_sortby_type, user_post_sortby_dir, user_topic_sortby_type, user_topic_sortby_dir, user_avatar, user_sig, user_sig_bbcode_uid, user_from, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_website, user_occ, user_interests, user_actkey, user_newpasswd) VALUES (3, 7, 'Admin', 0, '21232f297a57a5a743894a0e4a801fc3', 'admin@yourdomain.com', 'en', 1, 1, 'AA0000', 1, '', '', '', '', '', 't', 'a', 't', 'd', '', '', '', '', '', '', '', '', '', '', '', '', '', ''); +INSERT INTO phpbb_users (user_type, group_id, username, user_regdate, user_password, user_email, user_lang, user_style, user_rank, user_colour, user_posts, user_permissions, user_ip, user_birthday, user_lastpage, user_last_confirm_key, user_post_sortby_type, user_post_sortby_dir, user_topic_sortby_type, user_topic_sortby_dir, user_avatar, user_sig, user_sig_bbcode_uid, user_from, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_website, user_occ, user_interests, user_actkey, user_newpasswd) VALUES (3, 5, 'Admin', 0, '21232f297a57a5a743894a0e4a801fc3', 'admin@yourdomain.com', 'en', 1, 1, 'AA0000', 1, '', '', '', '', '', 't', 'a', 't', 'd', '', '', '', '', '', '', '', '', '', '', '', '', '', ''); # -- Groups INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('GUESTS', 3, '', 0, '', '', ''); -INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('INACTIVE', 3, '', 0, '', '', ''); -INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('INACTIVE_COPPA', 3, '', 0, '', '', ''); INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('REGISTERED', 3, '', 0, '', '', ''); INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('REGISTERED_COPPA', 3, '', 0, '', '', ''); INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, group_avatar, group_desc, group_desc_uid) VALUES ('GLOBAL_MODERATORS', 3, '00AA00', 1, '', '', ''); @@ -419,9 +417,9 @@ INSERT INTO phpbb_groups (group_name, group_type, group_colour, group_legend, gr # -- User -> Group INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (1, 1, 0, 0); +INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (2, 2, 0, 0); INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (4, 2, 0, 0); -INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (6, 2, 0, 0); -INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (7, 2, 0, 1); +INSERT INTO phpbb_user_group (group_id, user_id, user_pending, group_leader) VALUES (5, 2, 0, 1); # -- Ranks INSERT INTO phpbb_ranks (rank_title, rank_min, rank_special, rank_image) VALUES ('Site Admin', 0, 1, ''); @@ -506,50 +504,46 @@ INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, INSERT INTO phpbb_acl_users (user_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (2, 0, 0, 5, 0); # ADMINISTRATOR Group - full user features -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (7, 0, 0, 5, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 0, 0, 5, 0); # ADMINISTRATOR Group - standard admin -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (7, 0, 0, 1, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 0, 0, 1, 0); # REGISTERED and REGISTERED_COPPA having standard user features -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 0, 0, 6, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 0, 0, 6, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (2, 0, 0, 6, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (3, 0, 0, 6, 0); # GLOBAL_MODERATORS having full user features -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (6, 0, 0, 5, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 0, 0, 5, 0); # GLOBAL_MODERATORS having full global moderator access -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (6, 0, 0, 10, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 0, 0, 10, 0); # Giving all groups read only access to the first category # since administrators and moderators are already within the registered users group we do not need to set them here INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (1, 1, 0, 17, 0); INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (2, 1, 0, 17, 0); INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (3, 1, 0, 17, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 1, 0, 17, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 1, 0, 17, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (8, 1, 0, 17, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (6, 1, 0, 17, 0); # Giving access to the first forum -# guests, inactive and inactive_coppa having read only access +# guests having read only access INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (1, 2, 0, 17, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (2, 2, 0, 17, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (3, 2, 0, 17, 0); # registered and registered_coppa having standard access -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 2, 0, 15, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 2, 0, 15, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (2, 2, 0, 15, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (3, 2, 0, 15, 0); # global moderators having standard access + polls -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (6, 2, 0, 21, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (4, 2, 0, 21, 0); # administrators having full forum and full moderator access -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (7, 2, 0, 14, 0); -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (7, 2, 0, 10, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 2, 0, 14, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (5, 2, 0, 10, 0); # Bots having bot access -INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (8, 2, 0, 19, 0); +INSERT INTO phpbb_acl_groups (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (6, 2, 0, 19, 0); # -- Demo Topic diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index fde2206db3..ea716ee4ae 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -976,7 +976,6 @@ CREATE TABLE phpbb_users ( user_notify_pm INTEGER UNSIGNED NOT NULL DEFAULT '1', user_notify_type tinyint(4) NOT NULL DEFAULT '0', user_allow_pm INTEGER UNSIGNED NOT NULL DEFAULT '1', - user_allow_email INTEGER UNSIGNED NOT NULL DEFAULT '1', user_allow_viewonline INTEGER UNSIGNED NOT NULL DEFAULT '1', user_allow_viewemail INTEGER UNSIGNED NOT NULL DEFAULT '1', user_allow_massemail INTEGER UNSIGNED NOT NULL DEFAULT '1', diff --git a/phpBB/language/en/acp/common.php b/phpBB/language/en/acp/common.php index 925878ba61..55edf78a56 100644 --- a/phpBB/language/en/acp/common.php +++ b/phpBB/language/en/acp/common.php @@ -204,8 +204,9 @@ $lang = array_merge($lang, array( 'DEACTIVATE' => 'Deactivate', 'DIMENSIONS' => 'Dimensions', - 'DIRECTORY_DOES_NOT_EXIST' => 'The entered directory "%s" does not exist.', + 'DIRECTORY_DOES_NOT_EXIST' => 'The entered path "%s" does not exist.', 'DIRECTORY_NOT_DIR' => 'The entered path "%s" is not a directory.', + 'DIRECTORY_NOT_WRITEABLE' => 'The entered path "%s" is not writeable.', 'DISABLE' => 'Disable', 'DOWNLOAD' => 'Download', 'DOWNLOAD_AS' => 'Download as', @@ -341,6 +342,7 @@ $lang = array_merge($lang, array( 'INACTIVE_REASON_MANUAL' => 'Account deactivated by administrator', 'INACTIVE_REASON_PROFILE' => 'Profile details changed', 'INACTIVE_REASON_REGISTER' => 'Newly registered account', + 'INACTIVE_REASON_REMIND' => 'Forced user account reactivation', 'INACTIVE_REASON_UNKNOWN' => 'Unknown', 'INACTIVE_USERS' => 'Inactive Users', 'INACTIVE_USERS_EXPLAIN' => 'This is a list of users who have registered but whos accounts are inactive. You can activate, delete or remind (by sending an email) these users if you wish.', diff --git a/phpBB/language/en/acp/users.php b/phpBB/language/en/acp/users.php index 6f2595682c..9745aa853a 100644 --- a/phpBB/language/en/acp/users.php +++ b/phpBB/language/en/acp/users.php @@ -36,8 +36,13 @@ $lang = array_merge($lang, array( 'BAN_SUCCESSFUL' => 'Ban entered successfully.', + 'CANNOT_BAN_FOUNDER' => 'You are not allowed to ban founder accounts.', 'CANNOT_BAN_YOURSELF' => 'You are not allowed to ban yourself.', + 'CANNOT_DEACTIVATE_BOT' => 'You are not allowed to deactivate bot accounts. Please deactivate the bot instead.', + 'CANNOT_DEACTIVATE_FOUNDER' => 'You are not allowed to deactivate founder accounts.', 'CANNOT_DEACTIVATE_YOURSELF' => 'You are not allowed to deactivate your own account.', + 'CANNOT_FORCE_REACT_BOT' => 'You are not allowed to force reactivation on bot accounts. Please deactivate the bot instead.', + 'CANNOT_FORCE_REACT_FOUNDER' => 'You are not allowed to force reactivation on founder accounts.', 'CANNOT_FORCE_REACT_YOURSELF' => 'You are not allowed to force reactivation of your own account.', 'CANNOT_REMOVE_ANONYMOUS' => 'You are not able to remove the guest user account.', 'CANNOT_REMOVE_YOURSELF' => 'You are not allowed to remove your own user account.', diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index c10b9219e9..05ae2133ef 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -214,8 +214,6 @@ $lang = array_merge($lang, array( 'G_ADMINISTRATORS' => 'Administrators', 'G_BOTS' => 'Bots', 'G_GUESTS' => 'Guests', - 'G_INACTIVE' => 'Unapproved Users', - 'G_INACTIVE_COPPA' => 'Unapproved COPPA Users', 'G_REGISTERED' => 'Registered Users', 'G_REGISTERED_COPPA' => 'Registered COPPA Users', 'G_GLOBAL_MODERATORS' => 'Global Moderators', diff --git a/phpBB/language/en/install.php b/phpBB/language/en/install.php index 0933f95aa6..dcb96a1c7c 100755 --- a/phpBB/language/en/install.php +++ b/phpBB/language/en/install.php @@ -92,15 +92,14 @@ $lang = array_merge($lang, array( 'DEV_NO_TEST_FILE' => 'No value has been specified for the test_file variable in the convertor. If you are a user of this convertor, you should not be seeing this error, please report this message to the convertor author. If you are a convertor author, you must specify the name of a file which exists in the source forum to allow the path to it to be verified.', 'DIRECTORIES_AND_FILES' => 'Directory and file setup', 'DISABLE_KEYS' => 'Disabling keys', - 'DLL_FIREBIRD' => 'Firebird 1.5+', + 'DLL_FIREBIRD' => 'Firebird', 'DLL_FTP' => 'Remote FTP support [ Installation ]', 'DLL_GD' => 'GD graphics support [ Visual Confirmation ]', 'DLL_MBSTRING' => 'Multi-byte character support', 'DLL_MSSQL' => 'MSSQL Server 2000+', 'DLL_MSSQL_ODBC' => 'MSSQL Server 2000+ via ODBC', - 'DLL_MYSQL' => 'MySQL 3.23.x/4.x', - 'DLL_MYSQL4' => 'MySQL 4.x/5.x', - 'DLL_MYSQLI' => 'MySQL 4.1.x/5.x with MySQLi Extension', + 'DLL_MYSQL' => 'MySQL', + 'DLL_MYSQLI' => 'MySQL with MySQLi Extension', 'DLL_ORACLE' => 'Oracle', 'DLL_POSTGRES' => 'PostgreSQL 7.x/8.x', 'DLL_SQLITE' => 'SQLite', |