diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rwxr-xr-x | build/package.php | 8 | ||||
| -rw-r--r-- | build/webpi/install/mssql.sql | 39 | ||||
| -rw-r--r-- | build/webpi/install/mysql.sql | 15 | ||||
| -rw-r--r-- | build/webpi/manifest.xml | 13 | ||||
| -rw-r--r-- | build/webpi/parameters.xml | 226 | ||||
| -rwxr-xr-x | git-tools/hooks/pre-commit | 9 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_reasons.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions_profile_fields.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/message_parser.php | 2 | ||||
| -rw-r--r-- | phpBB/search.php | 1 | ||||
| -rw-r--r-- | phpBB/web.config | 27 |
14 files changed, 342 insertions, 4 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000000..3e0f454e0c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +phpBB/cache/*.php +*~
\ No newline at end of file diff --git a/build/package.php b/build/package.php index 7cb30bd493..a0da6404c6 100755 --- a/build/package.php +++ b/build/package.php @@ -518,6 +518,14 @@ foreach ($compress_programs as $extension => $compress_command) $package->run_command('md5sum ./release_files/' . $package->get('release_filename') . '.' . $extension . ' > ./release_files/' . $package->get('release_filename') . '.' . $extension . '.md5'); } +// Microsoft Web PI packaging +$package->begin_status('Packaging phpBB for Microsoft WebPI'); +$file = './release_files/' . $package->get('release_filename') . '.webpi.zip'; +$package->run_command("rm -v $file"); +$package->run_command('cp -p ./release_files/' . $package->get('release_filename') . ".zip $file"); +$package->run_command('cd ./../webpi && ' . $compress_programs['zip'] . " ./../new_version/$file *"); +$package->run_command("md5sum $file > $file.md5"); + // verify results chdir($package->locations['root']); $package->begin_status('********** Verifying packages **********'); diff --git a/build/webpi/install/mssql.sql b/build/webpi/install/mssql.sql new file mode 100644 index 0000000000..9c0b46678a --- /dev/null +++ b/build/webpi/install/mssql.sql @@ -0,0 +1,39 @@ +/**********************************************************************/ +/* Install.SQL */ +/* Creates a login and makes the user a member of db roles */ +/* */ +/**********************************************************************/ + +-- Declare variables for database name, username and password +DECLARE @dbName sysname, + @dbUser sysname, + @dbPwd nvarchar(max); + +-- Set variables for database name, username and password +SET @dbName = 'PlaceHolderForDb'; +SET @dbUser = 'PlaceHolderForUser'; +SET @dbPwd = 'PlaceHolderForPassword'; + +DECLARE @cmd nvarchar(max) + +-- Create login +IF( SUSER_SID(@dbUser) is null ) +BEGIN + print '-- Creating login ' + SET @cmd = N'CREATE LOGIN ' + quotename(@dbUser) + N' WITH PASSWORD ='''+ replace(@dbPwd, '''', '''''') + N'''' + EXEC(@cmd) +END + +-- Create database user and map to login +-- and add user to the datareader, datawriter, ddladmin and securityadmin roles +-- +SET @cmd = N'USE ' + quotename(@DBName) + N'; +IF( NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = ''' + replace(@dbUser, '''', '''''') + N''')) +BEGIN + print ''-- Creating user''; + CREATE USER ' + quotename(@dbUser) + N' FOR LOGIN ' + quotename(@dbUser) + N'; + print ''-- Adding user''; + EXEC sp_addrolemember ''db_owner'', ''' + replace(@dbUser, '''', '''''') + N'''; +END' +EXEC(@cmd) +GO diff --git a/build/webpi/install/mysql.sql b/build/webpi/install/mysql.sql new file mode 100644 index 0000000000..5c9d8cd922 --- /dev/null +++ b/build/webpi/install/mysql.sql @@ -0,0 +1,15 @@ +USE PlaceHolderForDb$$ + +DROP PROCEDURE IF EXISTS add_user $$ + +CREATE PROCEDURE add_user() +BEGIN +DECLARE EXIT HANDLER FOR 1044 BEGIN END; +GRANT ALL PRIVILEGES ON PlaceHolderForDb.* to 'PlaceHolderForUser'@'PlaceHolderForServer' IDENTIFIED BY 'PlaceHolderForPassword'; +FLUSH PRIVILEGES; +END +$$ + +CALL add_user() $$ + +DROP PROCEDURE IF EXISTS add_user $$ diff --git a/build/webpi/manifest.xml b/build/webpi/manifest.xml new file mode 100644 index 0000000000..947377893b --- /dev/null +++ b/build/webpi/manifest.xml @@ -0,0 +1,13 @@ +<msdeploy.iisapp> + <iisapp path="phpBB3" /> + + <dbmysql path="install/mysql.sql" commandDelimiter="$$" removeCommandDelimiter="true" /> + + <dbfullsql path="install/mssql.sql" /> + + <setAcl path="phpBB3/cache" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/files" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/store" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/images/avatars/upload" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/config.php" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" setAclResourceType="File" /> +</msdeploy.iisapp> diff --git a/build/webpi/parameters.xml b/build/webpi/parameters.xml new file mode 100644 index 0000000000..994247e48e --- /dev/null +++ b/build/webpi/parameters.xml @@ -0,0 +1,226 @@ +<parameters> + <parameter + name="AppPath" + defaultValue="Default Web Site/phpBB3" + tags="iisapp"> + + <parameterEntry + type="ProviderPath" + scope="iisapp" + match="phpBB3" /> + </parameter> + + <parameter + name="aclCache" + description="Sets the ACL on the cache/ folder" + defaultValue="{AppPath}/cache" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/cache" /> + </parameter> + + <parameter + name="aclFiles" + description="Sets the ACL on the files/ folder" + defaultValue="{AppPath}/files" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/files" /> + </parameter> + + <parameter + name="aclStore" + description="Sets the ACL on the store/ folder" + defaultValue="{AppPath}/store" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/store" /> + </parameter> + + <parameter + name="aclAvatarUpload" + description="Sets the ACL on the avatars/upload/ folder" + defaultValue="{AppPath}/images/avatars/upload" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/images/avatars/upload" /> + </parameter> + + <parameter + name="aclConfig" + description="Sets the ACL on the config.php file" + defaultValue="{AppPath}/config.php" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/config.php" /> + </parameter> + + <parameter + name="DatabaseServer" + description="Enter the database server" + defaultValue=".\SQLExpress" + tags="SQL, dbServer" > + </parameter> + + <parameter + name="DatabaseName" + description="Database name for your application." + defaultValue="phpbb" + tags="SQL, dbName"> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForDb" /> + </parameter> + + <parameter + name="DatabaseAdministrator" + description="Database server administartor username." + defaultValue="sa" + tags="SQL, DbAdminUsername" > + </parameter> + + <parameter + name="DatabaseAdministratorPassword" + description="Database server administrator password." + tags="Password,SQL,DbAdminPassword"> + </parameter> + + <parameter + name="Database Username" + description="Username to access your database." + defaultValue="phpbb" + tags="SQL, DbUsername"> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForUser" /> + </parameter> + + <parameter + name="Database Password" + description="Password for your phpBB database. (Must be at least 8 characters, contain at least one lower case letter, one upper case letter and one digit)" + tags="New, Password,SQL, DbUserPassword"> + + <parameterValidation + type = "RegularExpression" + validationString = "^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$" /> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForPassword" /> + </parameter> + + <parameter + name="ConnectionString" + description="Automatically sets the connection string for the connection request." + defaultValue="Server={DatabaseServer};Database={DatabaseName};uid={DatabaseAdministrator};Pwd={DatabaseAdministratorPassword};" + tags="Hidden,SQLConnectionString,Validate"> + + <parameterEntry + type="ProviderPath" + scope="dbfullsql" + match="install/mssql.sql" /> + </parameter> + + <parameter + name="SQL Database type" + description="SQL database type" + defaultValue="mssql" + tags="SQL,Hidden"> + </parameter> + + <parameter + name="MySQL Database Server" + description="Enter the hostname" + defaultValue="localhost" + tags="MySQL, dbServer"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForServer" /> + </parameter> + + <parameter + name="Application Database Name" + description="Database Name for your application." + defaultValue="phpbb" + tags="MySQL, dbName"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForDb" /> + </parameter> + + <parameter + name="MySQL Database Administrator" + description="Database administrator username." + defaultValue="root" + tags="MySQL, DbAdminUsername" > + </parameter> + + <parameter + name="MySQL Database Administrator Password" + description="Database administrator password." + tags="Password,MySQL,DbAdminPassword" > + </parameter> + + <parameter + name="phpBB Database Username" + description="Username to access your phpBB database." + defaultValue="phpbb" + tags="MySQL, DbUsername"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForUser" /> + </parameter> + + <parameter + name="MySQL Database Password" + description="Password for your phpBB database. (Minimum 4 characters)" + tags="New, Password,MySQL,DbUserPassword"> + + <parameterValidation + type = "RegularExpression" + validationString = "^.{4,}$" /> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForPassword" /> + </parameter> + + <parameter + name="MySQLConnectionString" + description="Automatically sets the connection string for the connection request." + defaultValue="Server={MySQL Database Server};Database={Application Database Name};uid={MySQL Database Administrator};Pwd={MySQL Database Administrator Password};" + tags="Hidden,MySQLConnectionString,Validate"> + + <parameterEntry + type="ProviderPath" + scope="dbmysql" + match="install/mysql.sql" /> + </parameter> +</parameters> diff --git a/git-tools/hooks/pre-commit b/git-tools/hooks/pre-commit index 23ab8d6cdb..9719b91746 100755 --- a/git-tools/hooks/pre-commit +++ b/git-tools/hooks/pre-commit @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/sh # # A hook to disallow php syntax errors to be committed # by running php -l (lint) on them. It requires php-cli @@ -27,7 +27,10 @@ fi error=0 errors="" -IFS=$'\n' +# dash does not support $'\n': +# http://forum.soft32.com/linux2/Bug-409179-DASH-Settings-IFS-work-properly-ftopict70039.html +IFS=' +' # get a list of staged files for line in $(git diff-index --cached --full-index $against) do @@ -59,7 +62,7 @@ do then error=1 # Swap back in correct filenames - errors+=${result//in - on/"$filename"} + errors=$(echo "$errors"; echo "$result" |sed -e "s@in - on@in $filename on@g") fi done unset IFS diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index abfad2b90b..0582d6204e 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -394,6 +394,7 @@ class acp_database case 'mssql': case 'mssql_odbc': + case 'mssqlnative': while (($sql = $fgetd($fp, "GO\n", $read, $seek, $eof)) !== false) { $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index fc08c7e8e8..2288a0728b 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -1480,6 +1480,7 @@ class acp_profile case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // We are defining the biggest common value, because of the possibility to edit the min/max values of each field. $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] "; diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php index 8d7bc88769..dbc9fcb6cc 100644 --- a/phpBB/includes/acp/acp_reasons.php +++ b/phpBB/includes/acp/acp_reasons.php @@ -233,6 +233,7 @@ class acp_reasons // Standard? What's that? case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16) diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 61e3587158..fa1cc98e10 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -366,6 +366,7 @@ class custom_profile case 'sqlite': case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $right_delim = ']'; $left_delim = '['; break; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 50aad8588a..952b55cc8c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -300,7 +300,7 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) { - $stats = @getimagesize($in); + $stats = @getimagesize(htmlspecialchars_decode($in)); if ($stats === false) { diff --git a/phpBB/search.php b/phpBB/search.php index ab2221a96e..7a9ab82f93 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -1155,6 +1155,7 @@ if ($auth->acl_get('a_search')) case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $sql = 'SELECT search_time, search_keywords FROM ' . SEARCH_RESULTS_TABLE . ' WHERE DATALENGTH(search_keywords) > 0 diff --git a/phpBB/web.config b/phpBB/web.config new file mode 100644 index 0000000000..128fe3c98f --- /dev/null +++ b/phpBB/web.config @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="cache" /> + <add segment="files" /> + <add segment="store" /> + <add segment="config.php" /> + <add segment="common.php" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + <location path="images/avatars"> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="upload" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + </location> +</configuration> |