diff options
| -rw-r--r-- | phpBB/adm/style/install_update.html | 18 | ||||
| -rw-r--r-- | phpBB/config/services.yml | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 2 | ||||
| -rw-r--r-- | phpBB/install/install_update.php | 44 | ||||
| -rw-r--r-- | phpBB/language/en/acp/board.php | 4 | ||||
| -rw-r--r-- | phpBB/language/en/acp/common.php | 2 | ||||
| -rw-r--r-- | phpBB/language/en/install.php | 4 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/console/command/extension/enable.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/db/driver/mysqli.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/profilefield_base_migration.php | 3 | ||||
| -rw-r--r-- | phpBB/phpbb/profilefields/lang_helper.php | 61 | ||||
| -rw-r--r-- | phpBB/phpbb/profilefields/type/type_bool.php | 11 | ||||
| -rw-r--r-- | phpBB/phpbb/profilefields/type/type_dropdown.php | 13 | ||||
| -rw-r--r-- | tests/auth/fixtures/oauth_tokens.xml | 6 | ||||
| -rw-r--r-- | tests/auth/phpbb_not_a_token.php | 23 | ||||
| -rw-r--r-- | tests/auth/provider_oauth_token_storage_test.php | 18 |
17 files changed, 175 insertions, 45 deletions
diff --git a/phpBB/adm/style/install_update.html b/phpBB/adm/style/install_update.html index f0df138641..2faa2bb6fa 100644 --- a/phpBB/adm/style/install_update.html +++ b/phpBB/adm/style/install_update.html @@ -348,6 +348,24 @@ <!-- ENDIF --> + <!-- IF .deleted --> + <h2>{L_FILES_DELETED}</h2> + <p>{L_FILES_DELETED_EXPLAIN}</p> + + <fieldset> + <legend><img src="{T_IMAGE_PATH}icon_delete.gif" alt="{L_STATUS_DELETED}" /></legend> + <!-- BEGIN deleted --> + <dl> + <dt style="width: 60%;"><strong><!-- IF deleted.DIR_PART -->{deleted.DIR_PART}<br /><!-- ENDIF -->{deleted.FILE_PART}</strong></dt> + <dd style="margin-{S_CONTENT_FLOW_BEGIN}: 60%;"> + <!-- IF not deleted.S_BINARY -->[<a href="{deleted.U_SHOW_DIFF}" onclick="diff_popup(this.href); return false;">{deleted.L_SHOW_DIFF}</a>]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --> + </dd> + </dl> + <!-- END deleted --> + </fieldset> + + <!-- ENDIF --> + <br /> <fieldset class="quick"> diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index 3743daa075..72eeae9b15 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -255,7 +255,6 @@ services: arguments: - @auth - @config - - @config_text - @dbal.conn - @user - %core.root_path% diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 74df9240a1..1811748c2f 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -410,7 +410,7 @@ class acp_board 'ip_check' => array('lang' => 'IP_VALID', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true), 'browser_check' => array('lang' => 'BROWSER_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'forwarded_for_check' => array('lang' => 'FORWARDED_FOR_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'referer_validation' => array('lang' => 'REFERER_VALID', 'validate' => 'int:0:3','type' => 'custom', 'method' => 'select_ref_check', 'explain' => true), + 'referer_validation' => array('lang' => 'REFERRER_VALID', 'validate' => 'int:0:3','type' => 'custom', 'method' => 'select_ref_check', 'explain' => true), 'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,), diff --git a/phpBB/install/install_update.php b/phpBB/install/install_update.php index ab5fcc3f2b..c6f771a7d5 100644 --- a/phpBB/install/install_update.php +++ b/phpBB/install/install_update.php @@ -396,7 +396,7 @@ class install_update extends module 'S_COLLECTED' => (int) $update_list['status'], 'S_TO_COLLECT' => sizeof($this->update_info['files']), 'L_IN_PROGRESS' => $user->lang['COLLECTING_FILE_DIFFS'], - 'L_IN_PROGRESS_EXPLAIN' => sprintf($user->lang['NUMBER_OF_FILES_COLLECTED'], (int) $update_list['status'], sizeof($this->update_info['files'])), + 'L_IN_PROGRESS_EXPLAIN' => sprintf($user->lang['NUMBER_OF_FILES_COLLECTED'], (int) $update_list['status'], sizeof($this->update_info['files']) + sizeof($this->update_info['deleted'])), )); return; @@ -422,7 +422,7 @@ class install_update extends module // Now assign the list to the template foreach ($update_list as $status => $filelist) { - if ($status == 'no_update' || !sizeof($filelist) || $status == 'status') + if ($status == 'no_update' || !sizeof($filelist) || $status == 'status' || $status == 'status_deleted') { continue; } @@ -489,7 +489,7 @@ class install_update extends module $all_up_to_date = true; foreach ($update_list as $status => $filelist) { - if ($status != 'up_to_date' && $status != 'custom' && $status != 'status' && sizeof($filelist)) + if ($status != 'up_to_date' && $status != 'custom' && $status != 'status' && $status != 'status_deleted' && sizeof($filelist)) { $all_up_to_date = false; break; @@ -831,7 +831,7 @@ class install_update extends module foreach ($update_list as $status => $files) { - if ($status == 'up_to_date' || $status == 'no_update' || $status == 'status') + if ($status == 'up_to_date' || $status == 'no_update' || $status == 'status' || $status == 'status_deleted') { continue; } @@ -1221,6 +1221,16 @@ class install_update extends module $this->page_title = 'VIEWING_FILE_CONTENTS'; break; + + case 'deleted': + + $diff = $this->return_diff(array(), $phpbb_root_path . $original_file); + + $template->assign_var('S_DIFF_NEW_FILE', true); + $diff_mode = 'inline'; + $this->page_title = 'VIEWING_FILE_CONTENTS'; + + break; } $diff_mode_options = ''; @@ -1266,7 +1276,9 @@ class install_update extends module 'new_conflict' => array(), 'conflict' => array(), 'no_update' => array(), + 'deleted' => array(), 'status' => 0, + 'status_deleted'=> 0, ); } @@ -1345,7 +1357,31 @@ class install_update extends module $update_list['status']++; } + foreach ($this->update_info['deleted'] as $index => $file) + { + if (is_int($update_list['status_deleted']) && $index < $update_list['status_deleted']) + { + continue; + } + + if ($num_bytes_processed >= 500 * 1024) + { + return; + } + + if (file_exists($phpbb_root_path . $file)) + { + $update_list['deleted'][] = array('filename' => $file, 'custom' => false, 'as_expected' => false); + $num_bytes_processed += filesize($phpbb_root_path . $file); + } + + $update_list['status_deleted']++; + $update_list['status']++; + } + + $update_list['status_deleted'] = -1; $update_list['status'] = -1; + /* if (!sizeof($this->update_info['files'])) { return $update_list; diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 638e9907ac..d451bdd515 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -524,8 +524,8 @@ $lang = array_merge($lang, array( 'PASS_TYPE_SYMBOL' => 'Must contain symbols', 'REF_HOST' => 'Only validate host', 'REF_PATH' => 'Also validate path', - 'REFERER_VALID' => 'Validate Referer', - 'REFERER_VALID_EXPLAIN' => 'If enabled, the referer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.', + 'REFERRER_VALID' => 'Validate Referrer', + 'REFERRER_VALID_EXPLAIN' => 'If enabled, the referrer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.', 'TPL_ALLOW_PHP' => 'Allow php in templates', 'TPL_ALLOW_PHP_EXPLAIN' => 'If this option is enabled, <code>PHP</code> and <code>INCLUDEPHP</code> statements will be recognised and parsed in templates.', )); diff --git a/phpBB/language/en/acp/common.php b/phpBB/language/en/acp/common.php index 8470014161..b374e39367 100644 --- a/phpBB/language/en/acp/common.php +++ b/phpBB/language/en/acp/common.php @@ -702,7 +702,7 @@ $lang = array_merge($lang, array( 'LOG_REASON_REMOVED' => '<strong>Removed report/denial reason</strong><br />» %s', 'LOG_REASON_UPDATED' => '<strong>Updated report/denial reason</strong><br />» %s', - 'LOG_REFERER_INVALID' => '<strong>Referer validation failed</strong><br />»Referer was “<em>%1$s</em>”. The request was rejected and the session killed.', + 'LOG_REFERER_INVALID' => '<strong>Referrer validation failed</strong><br />»Referrer was “<em>%1$s</em>”. The request was rejected and the session killed.', 'LOG_RESET_DATE' => '<strong>Board start date reset</strong>', 'LOG_RESET_ONLINE' => '<strong>Most users online reset</strong>', 'LOG_RESYNC_FILES_STATS' => '<strong>File statistics resynchronised</strong>', diff --git a/phpBB/language/en/install.php b/phpBB/language/en/install.php index 2b7f377f5b..39e4a42611 100644 --- a/phpBB/language/en/install.php +++ b/phpBB/language/en/install.php @@ -427,6 +427,8 @@ $lang = array_merge($lang, array( 'FILE_USED' => 'Information used from', // Single file 'FILES_CONFLICT' => 'Conflict files', 'FILES_CONFLICT_EXPLAIN' => 'The following files are modified and do not represent the original files from the old version. phpBB determined that these files create conflicts if they are tried to be merged. Please investigate the conflicts and try to manually resolve them or continue the update choosing the preferred merging method. If you resolve the conflicts manually check the files again after you modified them. You are also able to choose between the preferred merge method for every file. The first one will result in a file where the conflicting lines from your old file will be lost, the other one will result in losing the changes from the newer file.', + 'FILES_DELETED' => 'Deleted files', + 'FILES_DELETED_EXPLAIN' => 'The following files do not exist in the new version. These files have to be deleted from your installation.', 'FILES_MODIFIED' => 'Modified files', 'FILES_MODIFIED_EXPLAIN' => 'The following files are modified and do not represent the original files from the old version. The updated file will be a merge between your modifications and the new file.', 'FILES_NEW' => 'New files', @@ -497,6 +499,7 @@ $lang = array_merge($lang, array( 'SELECT_DOWNLOAD_FORMAT' => 'Select download archive format', 'SELECT_FTP_SETTINGS' => 'Select FTP settings', 'SHOW_DIFF_CONFLICT' => 'Show differences/conflicts', + 'SHOW_DIFF_DELETED' => 'Show file contents', 'SHOW_DIFF_FINAL' => 'Show resulting file', 'SHOW_DIFF_MODIFIED' => 'Show merged differences', 'SHOW_DIFF_NEW' => 'Show file contents', @@ -510,6 +513,7 @@ $lang = array_merge($lang, array( 'STAGE_UPDATE_FILES' => 'Update files', 'STAGE_VERSION_CHECK' => 'Version check', 'STATUS_CONFLICT' => 'Modified file producing conflicts', + 'STATUS_DELETED' => 'Deleted file', 'STATUS_MODIFIED' => 'Modified file', 'STATUS_NEW' => 'New file', 'STATUS_NEW_CONFLICT' => 'Conflicting new file', diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index fe1a376cfe..023cf402ca 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -266,7 +266,7 @@ class token_storage implements TokenStorageInterface // Ensure that the token was serialized/unserialized correctly if (!($token instanceof TokenInterface)) { - $this->clearToken(); + $this->clearToken($data['provider']); throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } diff --git a/phpBB/phpbb/console/command/extension/enable.php b/phpBB/phpbb/console/command/extension/enable.php index d0d0c9f1cc..86a034cdf4 100644 --- a/phpBB/phpbb/console/command/extension/enable.php +++ b/phpBB/phpbb/console/command/extension/enable.php @@ -39,7 +39,7 @@ class enable extends command if ($this->manager->is_enabled($name)) { - $this->log->add('admin', ANONYMOUS, '', 'LOG_EXTENSION_ENABLE', time(), array($name)); + $this->log->add('admin', ANONYMOUS, '', 'LOG_EXT_ENABLE', time(), array($name)); $output->writeln("<info>Successfully enabled extension $name</info>"); return 0; } diff --git a/phpBB/phpbb/db/driver/mysqli.php b/phpBB/phpbb/db/driver/mysqli.php index 8fc306b2cc..2ed08211ad 100644 --- a/phpBB/phpbb/db/driver/mysqli.php +++ b/phpBB/phpbb/db/driver/mysqli.php @@ -61,7 +61,11 @@ class mysqli extends \phpbb\db\driver\mysql_base } $this->db_connect_id = mysqli_init(); - @mysqli_real_connect($this->db_connect_id, $this->server, $this->user, $sqlpassword, $this->dbname, $port, $socket, MYSQLI_CLIENT_FOUND_ROWS); + + if (!@mysqli_real_connect($this->db_connect_id, $this->server, $this->user, $sqlpassword, $this->dbname, $port, $socket, MYSQLI_CLIENT_FOUND_ROWS)) + { + $this->db_connect_id = ''; + } if ($this->db_connect_id && $this->dbname != '') { diff --git a/phpBB/phpbb/db/migration/profilefield_base_migration.php b/phpBB/phpbb/db/migration/profilefield_base_migration.php index 9cdd5d0927..d416a9b228 100644 --- a/phpBB/phpbb/db/migration/profilefield_base_migration.php +++ b/phpBB/phpbb/db/migration/profilefield_base_migration.php @@ -79,12 +79,13 @@ abstract class profilefield_base_migration extends \phpbb\db\migration\migration $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $this->db->sql_query($sql); + $lang_name = (strpos($this->profilefield_name, 'phpbb_') === 0) ? strtoupper(substr($this->profilefield_name, 6)) : strtoupper($this->profilefield_name); while ($lang_id = (int) $this->db->sql_fetchfield('lang_id')) { $insert_buffer->insert(array( 'field_id' => $field_id, 'lang_id' => $lang_id, - 'lang_name' => strtoupper(substr($this->profilefield_name, 6)),// Remove phpbb_ from field name + 'lang_name' => $lang_name, 'lang_explain' => '', 'lang_default_value' => '', )); diff --git a/phpBB/phpbb/profilefields/lang_helper.php b/phpBB/phpbb/profilefields/lang_helper.php index c055931181..2e353722b2 100644 --- a/phpBB/phpbb/profilefields/lang_helper.php +++ b/phpBB/phpbb/profilefields/lang_helper.php @@ -49,43 +49,50 @@ class lang_helper } /** - * Get language entries for options and store them here for later use + * Loads preview options into language entries for options + * + * @param int $field_id + * @param int $lang_id + * @param mixed $preview_options */ - public function get_option_lang($field_id, $lang_id, $field_type, $preview_options) + public function load_preview_options($field_id, $lang_id, $preview_options) { - if ($preview_options !== false) - { - $lang_options = (!is_array($preview_options)) ? explode("\n", $preview_options) : $preview_options; + $lang_options = (!is_array($preview_options)) ? explode("\n", $preview_options) : $preview_options; - foreach ($lang_options as $num => $var) + foreach ($lang_options as $num => $var) + { + if (!isset($this->options_lang[$field_id])) + { + $this->options_lang[$field_id] = array(); + } + if (!isset($this->options_lang[$field_id][$lang_id])) { - if (!isset($this->options_lang[$field_id])) - { - $this->options_lang[$field_id] = array(); - } - if (!isset($this->options_lang[$field_id][$lang_id])) - { - $this->options_lang[$field_id][$lang_id] = array(); - } - $this->options_lang[$field_id][$lang_id][($num + 1)] = $var; + $this->options_lang[$field_id][$lang_id] = array(); } + $this->options_lang[$field_id][$lang_id][($num + 1)] = $var; } - else - { - $sql = 'SELECT option_id, lang_value + } + + /** + * Fetches language entries for options from DB + * + * @param int $lang_id + */ + public function load_option_lang($lang_id) + { + $sql = 'SELECT field_id, option_id, lang_value FROM ' . $this->language_table . ' - WHERE field_id = ' . (int) $field_id . ' - AND lang_id = ' . (int) $lang_id . " - AND field_type = '" . $this->db->sql_escape($field_type) . "' + WHERE lang_id = ' . (int) $lang_id . " ORDER BY option_id"; - $result = $this->db->sql_query($sql); - while ($row = $this->db->sql_fetchrow($result)) - { - $this->options_lang[$field_id][$lang_id][($row['option_id'] + 1)] = $row['lang_value']; - } - $this->db->sql_freeresult($result); + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + $this->options_lang[$row['field_id']][$lang_id][($row['option_id'] + 1)] = $row['lang_value']; } + + $this->db->sql_freeresult($result); } /** diff --git a/phpBB/phpbb/profilefields/type/type_bool.php b/phpBB/phpbb/profilefields/type/type_bool.php index eb8d3e47d6..f67e58ee3a 100644 --- a/phpBB/phpbb/profilefields/type/type_bool.php +++ b/phpBB/phpbb/profilefields/type/type_bool.php @@ -155,7 +155,7 @@ class type_bool extends type_base if (!$this->lang_helper->is_set($field_id, $lang_id)) { - $this->lang_helper->get_option_lang($field_id, $lang_id, FIELD_BOOL, false); + $this->lang_helper->load_option_lang($lang_id); } if (!$field_value && $field_data['field_show_novalue']) @@ -203,7 +203,14 @@ class type_bool extends type_base { if (!$this->lang_helper->is_set($profile_row['field_id'], $profile_row['lang_id'], 1)) { - $this->lang_helper->get_option_lang($profile_row['field_id'], $profile_row['lang_id'], $this->get_service_name(), $preview_options); + if ($preview_options) + { + $this->lang_helper->load_preview_options($profile_row['field_id'], $profile_row['lang_id'], $preview_options); + } + else + { + $this->lang_helper->load_option_lang($profile_row['lang_id']); + } } $options = $this->lang_helper->get($profile_row['field_id'], $profile_row['lang_id']); diff --git a/phpBB/phpbb/profilefields/type/type_dropdown.php b/phpBB/phpbb/profilefields/type/type_dropdown.php index 52c9fcf86a..118ddf1f37 100644 --- a/phpBB/phpbb/profilefields/type/type_dropdown.php +++ b/phpBB/phpbb/profilefields/type/type_dropdown.php @@ -135,7 +135,7 @@ class type_dropdown extends type_base // retrieve option lang data if necessary if (!$this->lang_helper->is_set($field_data['field_id'], $field_data['lang_id'], 1)) { - $this->lang_helper->get_option_lang($field_data['field_id'], $field_data['lang_id'], $this->get_service_name(), false); + $this->lang_helper->load_option_lang($field_data['lang_id']); } if (!$this->lang_helper->is_set($field_data['field_id'], $field_data['lang_id'], $field_value)) @@ -160,7 +160,7 @@ class type_dropdown extends type_base $lang_id = $field_data['lang_id']; if (!$this->lang_helper->is_set($field_id, $lang_id)) { - $this->lang_helper->get_option_lang($field_id, $lang_id, $this->get_service_name(), false); + $this->lang_helper->load_option_lang($lang_id); } if ($field_value == $field_data['field_novalue'] && !$field_data['field_show_novalue']) @@ -199,7 +199,14 @@ class type_dropdown extends type_base if (!$this->lang_helper->is_set($profile_row['field_id'], $profile_row['lang_id'], 1)) { - $this->lang_helper->get_option_lang($profile_row['field_id'], $profile_row['lang_id'], $this->get_service_name(), $preview_options); + if ($preview_options) + { + $this->lang_helper->load_preview_options($profile_row['field_id'], $profile_row['lang_id'], $preview_options); + } + else + { + $this->lang_helper->load_option_lang($profile_row['lang_id']); + } } $profile_row['field_value'] = (int) $value; diff --git a/tests/auth/fixtures/oauth_tokens.xml b/tests/auth/fixtures/oauth_tokens.xml index 9bfb5a4422..6c82e94e62 100644 --- a/tests/auth/fixtures/oauth_tokens.xml +++ b/tests/auth/fixtures/oauth_tokens.xml @@ -5,6 +5,12 @@ <column>session_id</column> <column>provider</column> <column>oauth_token</column> + <row> + <value>1</value> + <value>abcd</value> + <value>auth.provider.oauth.service.testing</value> + <value>{"token_class":"phpbb_not_a_token","accessToken":"error","refreshToken":0,"endOfLife":null,"extraParams":null}</value> + </row> </table> </dataset> diff --git a/tests/auth/phpbb_not_a_token.php b/tests/auth/phpbb_not_a_token.php new file mode 100644 index 0000000000..61cc14fa10 --- /dev/null +++ b/tests/auth/phpbb_not_a_token.php @@ -0,0 +1,23 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +class phpbb_not_a_token +{ + public function __construct($param1, $param2, $param3, $param4) + { + } + + public function setEndOfLife() + { + } +} diff --git a/tests/auth/provider_oauth_token_storage_test.php b/tests/auth/provider_oauth_token_storage_test.php index ec28e546bd..45daa9816b 100644 --- a/tests/auth/provider_oauth_token_storage_test.php +++ b/tests/auth/provider_oauth_token_storage_test.php @@ -13,6 +13,8 @@ use OAuth\OAuth2\Token\StdOAuth2Token; +require_once dirname(__FILE__) . '/phpbb_not_a_token.php'; + class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case { protected $db; @@ -73,6 +75,22 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c $this->assertEquals($token, $stored_token); } + public function test_retrieveAccessToken_wrong_token() + { + $this->user->data['session_id'] = 'abcd'; + try + { + $this->token_storage->retrieveAccessToken($this->service_name); + $this->fail('The token can not be deserialized and an exception should be thrown.'); + } + catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e) + { + } + + $row = $this->get_token_row_by_session_id('abcd'); + $this->assertFalse($row); + } + public function test_retrieveAccessToken_from_db() { $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); |