diff options
| -rw-r--r-- | build/build_helper.php | 2 | ||||
| -rw-r--r-- | phpBB/adm/index.php | 2 | ||||
| -rw-r--r-- | phpBB/adm/style/acp_forums.html | 4 | ||||
| -rw-r--r-- | phpBB/adm/style/acp_users_overview.html | 8 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_ldap.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 16 | ||||
| -rw-r--r-- | phpBB/includes/functions_profile_fields.php | 14 | ||||
| -rw-r--r-- | phpBB/language/en/ucp.php | 1 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/overall_header.html | 2 | ||||
| -rw-r--r-- | tests/profile/custom_test.php | 55 | ||||
| -rw-r--r-- | tests/profile/fixtures/profile_fields.xml | 31 |
11 files changed, 122 insertions, 15 deletions
diff --git a/build/build_helper.php b/build/build_helper.php index 94fc0ff3b5..2d9b86b3c3 100644 --- a/build/build_helper.php +++ b/build/build_helper.php @@ -177,7 +177,7 @@ class build_package } // Is binary? - if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9_-]+\/\1 differ/i', $line, $match)) + if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9._-]+\/\1 differ/i', $line, $match)) { $binary[] = trim($match[1]); } diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 74e51a8696..68508bc353 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -276,7 +276,7 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) $size = (int) $tpl_type[1]; $maxlength = (int) $tpl_type[2]; - $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '" />'; + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; break; case 'dimension': diff --git a/phpBB/adm/style/acp_forums.html b/phpBB/adm/style/acp_forums.html index 9201736085..8577c08860 100644 --- a/phpBB/adm/style/acp_forums.html +++ b/phpBB/adm/style/acp_forums.html @@ -166,11 +166,11 @@ </dl> <dl> <dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <dl> <dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <!-- IF S_FORUM_PASSWORD_SET --> <dl> diff --git a/phpBB/adm/style/acp_users_overview.html b/phpBB/adm/style/acp_users_overview.html index 911dcad293..9237e45daf 100644 --- a/phpBB/adm/style/acp_users_overview.html +++ b/phpBB/adm/style/acp_users_overview.html @@ -43,19 +43,19 @@ </dl> <dl> <dt><label for="user_email">{L_EMAIL}:</label></dt> - <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" /></dd> + <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" autocomplete="off" /></dd> </dl> <dl> <dt><label for="email_confirm">{L_CONFIRM_EMAIL}:</label><br /><span>{L_CONFIRM_EMAIL_EXPLAIN}</span></dt> - <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" /></dd> + <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="new_password">{L_NEW_PASSWORD}:</label><br /><span>{L_CHANGE_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="new_password" name="new_password" value="" /></dd> + <dd><input type="password" id="new_password" name="new_password" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="password_confirm">{L_CONFIRM_PASSWORD}:</label><br /><span>{L_CONFIRM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="password_confirm" name="password_confirm" value="" /></dd> + <dd><input type="password" id="password_confirm" name="password_confirm" value="" autocomplete="off" /></dd> </dl> <p class="quick"> diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e8c957aaa3..5dfa74ddab 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -335,7 +335,7 @@ function acp_ldap(&$new) </dl> <dl> <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt> - <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd> + <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd> </dl> '; diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index c48eb6d102..b8d9e0b92e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3464,7 +3464,7 @@ function get_preg_expression($mode) * Depends on whether installed PHP version supports unicode properties * * @param string $word word template to be replaced -* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode +* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode * * @return string $preg_expr regex to use with word censor */ @@ -3574,7 +3574,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') // but until 5.3.3 it only works for MX records // See: http://bugs.php.net/bug.php?id=51844 - // Call checkdnsrr() if + // Call checkdnsrr() if // we're looking for an MX record or // we're not on Windows or // we're running a PHP version where #51844 has been fixed @@ -3594,7 +3594,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows, // but on Windows it does not work reliable for AAAA records before PHP 5.3.1 - // Call dns_get_record() if + // Call dns_get_record() if // we're not looking for an AAAA record or // we're not on Windows or // we're running a PHP version where AAAA lookups work reliable @@ -3624,7 +3624,7 @@ function phpbb_checkdnsrr($host, $type = 'MX') foreach ($resultset as $result) { if ( - isset($result['host']) && $result['host'] == $host && + isset($result['host']) && $result['host'] == $host && isset($result['type']) && $result['type'] == $type ) { @@ -4452,6 +4452,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); } + $s_search_hidden_fields = array(); + if ($_SID) + { + $s_search_hidden_fields['sid'] = $_SID; + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4541,6 +4547,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false, + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), + 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 78fe049f40..1eae2a9ad6 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -149,7 +149,18 @@ class custom_profile case FIELD_DROPDOWN: $field_value = (int) $field_value; - + + // retrieve option lang data if necessary + if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']])) + { + $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false); + } + + if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value])) + { + return 'FIELD_INVALID_VALUE'; + } + if ($field_value == $field_data['field_novalue'] && $field_data['field_required']) { return 'FIELD_REQUIRED'; @@ -302,6 +313,7 @@ class custom_profile switch ($cp_result) { case 'FIELD_INVALID_DATE': + case 'FIELD_INVALID_VALUE': case 'FIELD_REQUIRED': $error = sprintf($user->lang[$cp_result], $row['lang_name']); break; diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index ad7c1ccbff..c1e3c06c43 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -195,6 +195,7 @@ $lang = array_merge($lang, array( 'FIELD_INVALID_CHARS_ALPHA_ONLY' => 'The field “%s” has invalid characters, only alphanumeric characters are allowed.', 'FIELD_INVALID_CHARS_SPACERS_ONLY' => 'The field “%s” has invalid characters, only alphanumeric, space or -+_[] characters are allowed.', 'FIELD_INVALID_DATE' => 'The field “%s” has an invalid date.', + 'FIELD_INVALID_VALUE' => 'The field “%s” has an invalid value.', 'FOE_MESSAGE' => 'Message from foe', 'FOES_EXPLAIN' => 'Foes are users which will be ignored by default. Posts by these users will not be fully visible. Personal messages from foes are still permitted. Please note that you cannot ignore moderators or administrators.', diff --git a/phpBB/styles/prosilver/template/overall_header.html b/phpBB/styles/prosilver/template/overall_header.html index 51fff0735a..05ddc48123 100644 --- a/phpBB/styles/prosilver/template/overall_header.html +++ b/phpBB/styles/prosilver/template/overall_header.html @@ -114,7 +114,7 @@ <!-- IF S_DISPLAY_SEARCH and not S_IN_SEARCH --> <div id="search-box"> - <form action="{U_SEARCH}" method="post" id="search"> + <form action="{U_SEARCH}" method="get" id="search"> <fieldset> <input name="keywords" id="keywords" type="text" maxlength="128" title="{L_SEARCH_KEYWORDS}" class="inputbox search" value="<!-- IF SEARCH_WORDS-->{SEARCH_WORDS}<!-- ELSE -->{L_SEARCH_MINI}<!-- ENDIF -->" onclick="if(this.value=='{LA_SEARCH_MINI}')this.value='';" onblur="if(this.value=='')this.value='{LA_SEARCH_MINI}';" /> <input class="button2" value="{L_SEARCH}" type="submit" /><br /> diff --git a/tests/profile/custom_test.php b/tests/profile/custom_test.php new file mode 100644 index 0000000000..0e0a851243 --- /dev/null +++ b/tests/profile/custom_test.php @@ -0,0 +1,55 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +require_once dirname(__FILE__) . '/../../phpBB/includes/functions_profile_fields.php'; + +class phpbb_profile_custom_test extends phpbb_database_test_case +{ + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/profile_fields.xml'); + } + + static public function dropdownFields() + { + return array( + // note, there is an offset of 1 between option_id (0-indexed) + // in the database and values (1-indexed) to avoid problems with + // transmitting 0 in an HTML form + // required, value, expected + array(1, '0', 'FIELD_INVALID_VALUE', 'Required field should throw error for out-of-range value'), + array(1, '1', 'FIELD_REQUIRED', 'Required field should throw error for default value'), + array(1, '2', false, 'Required field should accept non-default value'), + array(0, '0', 'FIELD_INVALID_VALUE', 'Optional field should throw error for out-of-range value'), + array(0, '1', false, 'Optional field should accept default value'), + array(0, '2', false, 'Optional field should accept non-default value'), + ); + } + + /** + * @dataProvider dropdownFields + */ + public function test_dropdown_validate($field_required, $field_value, $expected, $description) + { + global $db; + $db = $this->new_dbal(); + + $field_data = array( + 'field_id' => 1, + 'lang_id' => 1, + 'field_novalue' => 1, + 'field_required' => $field_required, + ); + + $cp = new custom_profile; + $result = $cp->validate_profile_field(FIELD_DROPDOWN, &$field_value, $field_data); + + $this->assertEquals($expected, $result, $description); + } +} diff --git a/tests/profile/fixtures/profile_fields.xml b/tests/profile/fixtures/profile_fields.xml new file mode 100644 index 0000000000..0b2929f625 --- /dev/null +++ b/tests/profile/fixtures/profile_fields.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_profile_fields_lang"> + <column>field_id</column> + <column>lang_id</column> + <column>option_id</column> + <column>field_type</column> + <column>lang_value</column> + <row> + <value>1</value> + <value>1</value> + <value>0</value> + <value>5</value> + <value>Default Option</value> + </row> + <row> + <value>1</value> + <value>1</value> + <value>1</value> + <value>5</value> + <value>First Alternative</value> + </row> + <row> + <value>1</value> + <value>1</value> + <value>2</value> + <value>5</value> + <value>Third Alternative</value> + </row> + </table> +</dataset> |