aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_attachments.php2
-rw-r--r--phpBB/includes/acp/acp_bbcodes.php183
-rw-r--r--phpBB/includes/acp/acp_board.php63
-rw-r--r--phpBB/includes/acp/acp_database.php2
-rw-r--r--phpBB/includes/acp/acp_extensions.php202
-rw-r--r--phpBB/includes/acp/acp_forums.php14
-rw-r--r--phpBB/includes/acp/acp_help_phpbb.php11
-rw-r--r--phpBB/includes/acp/acp_main.php2
-rw-r--r--phpBB/includes/acp/acp_permissions.php4
-rw-r--r--phpBB/includes/acp/acp_reasons.php2
-rw-r--r--phpBB/includes/acp/acp_users.php11
-rw-r--r--phpBB/includes/acp/auth.php21
-rw-r--r--phpBB/includes/bbcode.php2
-rw-r--r--phpBB/includes/compatibility_globals.php8
-rw-r--r--phpBB/includes/constants.php6
-rw-r--r--phpBB/includes/diff/engine.php6
-rw-r--r--phpBB/includes/functions.php391
-rw-r--r--phpBB/includes/functions_acp.php2
-rw-r--r--phpBB/includes/functions_admin.php45
-rw-r--r--phpBB/includes/functions_compatibility.php190
-rw-r--r--phpBB/includes/functions_compress.php4
-rw-r--r--phpBB/includes/functions_content.php20
-rw-r--r--phpBB/includes/functions_convert.php18
-rw-r--r--phpBB/includes/functions_display.php44
-rw-r--r--phpBB/includes/functions_download.php26
-rw-r--r--phpBB/includes/functions_module.php12
-rw-r--r--phpBB/includes/functions_posting.php34
-rw-r--r--phpBB/includes/functions_transfer.php4
-rw-r--r--phpBB/includes/functions_user.php14
-rw-r--r--phpBB/includes/mcp/mcp_logs.php2
-rw-r--r--phpBB/includes/mcp/mcp_notes.php2
-rw-r--r--phpBB/includes/mcp/mcp_topic.php4
-rw-r--r--phpBB/includes/mcp/mcp_warn.php2
-rw-r--r--phpBB/includes/message_parser.php3
-rw-r--r--phpBB/includes/questionnaire/questionnaire.php8
-rw-r--r--phpBB/includes/startup.php6
-rw-r--r--phpBB/includes/ucp/ucp_groups.php16
-rw-r--r--phpBB/includes/ucp/ucp_profile.php7
-rw-r--r--phpBB/includes/ucp/ucp_register.php34
-rw-r--r--phpBB/includes/ucp/ucp_remind.php174
-rw-r--r--phpBB/includes/ucp/ucp_resend.php2
41 files changed, 566 insertions, 1037 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php
index 94e3660de8..feeccbe853 100644
--- a/phpBB/includes/acp/acp_attachments.php
+++ b/phpBB/includes/acp/acp_attachments.php
@@ -610,7 +610,6 @@ class acp_attachments
$cat_lang = array(
ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
- ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
);
$group_id = $request->variable('g', 0);
@@ -1385,7 +1384,6 @@ class acp_attachments
$types = array(
ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'],
ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'],
- ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
);
if ($group_id)
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index bd8df6a63b..5e39055f50 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -157,7 +157,7 @@ class acp_bbcodes
* @var string bbcode_tpl The bbcode HTML replacement string
* @var string bbcode_helpline The bbcode help line string
* @var array hidden_fields Array of hidden fields for use when
- * submitting form when $warn_text is true
+ * submitting form when $warn_unsafe is true
* @since 3.1.0-a3
*/
$vars = array(
@@ -172,14 +172,25 @@ class acp_bbcodes
);
extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars)));
- $warn_text = preg_match('%<[^>]*\{text[\d]*\}[^>]*>%i', $bbcode_tpl);
+ $acp_utils = $phpbb_container->get('text_formatter.acp_utils');
+ $bbcode_info = $acp_utils->analyse_bbcode($bbcode_match, $bbcode_tpl);
+ $warn_unsafe = ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_UNSAFE);
- if (!$warn_text && !check_form_key($form_key))
+ if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_TEMPLATE)
+ {
+ trigger_error($user->lang['BBCODE_INVALID_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+ if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_DEFINITION)
+ {
+ trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
+ if (!$warn_unsafe && !check_form_key($form_key))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
- if (!$warn_text || confirm_box(true))
+ if (!$warn_unsafe || confirm_box(true))
{
$data = $this->build_regexp($bbcode_match, $bbcode_tpl);
@@ -196,7 +207,10 @@ class acp_bbcodes
$db->sql_freeresult($result);
// Grab the end, interrogate the last closing tag
- if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)))
+ if (isset($info['test']) && $info['test'] === '1'
+ || in_array(strtolower($data['bbcode_tag']), $hard_coded)
+ || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded))
+ )
{
trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -446,144 +460,7 @@ class acp_bbcodes
function build_regexp(&$bbcode_match, &$bbcode_tpl)
{
$bbcode_match = trim($bbcode_match);
- $bbcode_tpl = trim($bbcode_tpl);
-
- // Allow unicode characters for URL|LOCAL_URL|RELATIVE_URL|INTTEXT tokens
- $utf8 = preg_match('/(URL|LOCAL_URL|RELATIVE_URL|INTTEXT)/', $bbcode_match);
-
- $fp_match = preg_quote($bbcode_match, '!');
- $fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $bbcode_match);
- $fp_replace = preg_replace('#\[/(.*?)\]$#', '[/$1:$uid]', $fp_replace);
-
- $sp_match = preg_quote($bbcode_match, '!');
- $sp_match = preg_replace('#^\\\\\[(.*?)\\\\\]#', '\[$1:$uid\]', $sp_match);
- $sp_match = preg_replace('#\\\\\[/(.*?)\\\\\]$#', '\[/$1:$uid\]', $sp_match);
- $sp_replace = $bbcode_tpl;
-
- // @todo Make sure to change this too if something changed in message parsing
- $tokens = array(
- 'URL' => array(
- '!(?:(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))!ie' => "\$this->bbcode_specialchars(('\$1') ? '\$1' : 'http://\$2')"
- ),
- 'LOCAL_URL' => array(
- '!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')"
- ),
- 'RELATIVE_URL' => array(
- '!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')"
- ),
- 'EMAIL' => array(
- '!(' . get_preg_expression('email') . ')!ie' => "\$this->bbcode_specialchars('$1')"
- ),
- 'TEXT' => array(
- '!(.*?)!es' => "str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', '&#39;', '&#40;', '&#41;'), trim('\$1'))"
- ),
- 'SIMPLETEXT' => array(
- '!([a-zA-Z0-9-+.,_ ]+)!' => "$1"
- ),
- 'INTTEXT' => array(
- '!([\p{L}\p{N}\-+,_. ]+)!u' => "$1"
- ),
- 'IDENTIFIER' => array(
- '!([a-zA-Z0-9-_]+)!' => "$1"
- ),
- 'COLOR' => array(
- '!([a-z]+|#[0-9abcdef]+)!i' => '$1'
- ),
- 'NUMBER' => array(
- '!([0-9]+)!' => '$1'
- )
- );
-
- $sp_tokens = array(
- 'URL' => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)',
- 'LOCAL_URL' => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
- 'RELATIVE_URL' => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
- 'EMAIL' => '(' . get_preg_expression('email') . ')',
- 'TEXT' => '(.*?)',
- 'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)',
- 'INTTEXT' => '([\p{L}\p{N}\-+,_. ]+)',
- 'IDENTIFIER' => '([a-zA-Z0-9-_]+)',
- 'COLOR' => '([a-zA-Z]+|#[0-9abcdefABCDEF]+)',
- 'NUMBER' => '([0-9]+)',
- );
-
- $pad = 0;
- $modifiers = 'i';
- $modifiers .= ($utf8) ? 'u' : '';
-
- if (preg_match_all('/\{(' . implode('|', array_keys($tokens)) . ')[0-9]*\}/i', $bbcode_match, $m))
- {
- foreach ($m[0] as $n => $token)
- {
- $token_type = $m[1][$n];
-
- reset($tokens[strtoupper($token_type)]);
- list($match, $replace) = each($tokens[strtoupper($token_type)]);
-
- // Pad backreference numbers from tokens
- if (preg_match_all('/(?<!\\\\)\$([0-9]+)/', $replace, $repad))
- {
- $repad = $pad + count(array_unique($repad[0]));
- $replace = preg_replace_callback('/(?<!\\\\)\$([0-9]+)/', function ($match) use ($pad) {
- return '${' . ($match[1] + $pad) . '}';
- }, $replace);
- $pad = $repad;
- }
-
- // Obtain pattern modifiers to use and alter the regex accordingly
- $regex = preg_replace('/!(.*)!([a-z]*)/', '$1', $match);
- $regex_modifiers = preg_replace('/!(.*)!([a-z]*)/', '$2', $match);
-
- for ($i = 0, $size = strlen($regex_modifiers); $i < $size; ++$i)
- {
- if (strpos($modifiers, $regex_modifiers[$i]) === false)
- {
- $modifiers .= $regex_modifiers[$i];
-
- if ($regex_modifiers[$i] == 'e')
- {
- $fp_replace = "'" . str_replace("'", "\\'", $fp_replace) . "'";
- }
- }
-
- if ($regex_modifiers[$i] == 'e')
- {
- $replace = "'.$replace.'";
- }
- }
-
- $fp_match = str_replace(preg_quote($token, '!'), $regex, $fp_match);
- $fp_replace = str_replace($token, $replace, $fp_replace);
-
- $sp_match = str_replace(preg_quote($token, '!'), $sp_tokens[$token_type], $sp_match);
-
- // Prepend the board url to local relative links
- $replace_prepend = ($token_type === 'LOCAL_URL') ? generate_board_url() . '/' : '';
-
- $sp_replace = str_replace($token, $replace_prepend . '${' . ($n + 1) . '}', $sp_replace);
- }
-
- $fp_match = '!' . $fp_match . '!' . $modifiers;
- $sp_match = '!' . $sp_match . '!s' . (($utf8) ? 'u' : '');
-
- if (strpos($fp_match, 'e') !== false)
- {
- $fp_replace = str_replace("'.'", '', $fp_replace);
- $fp_replace = str_replace(".''.", '.', $fp_replace);
- }
- }
- else
- {
- // No replacement is present, no need for a second-pass pattern replacement
- // A simple str_replace will suffice
- $fp_match = '!' . $fp_match . '!' . $modifiers;
- $sp_match = $fp_replace;
- $sp_replace = '';
- }
-
- // Lowercase tags
$bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+).*/i', '$1', $bbcode_match);
- $bbcode_search = preg_replace('/.*?\[([a-z0-9_-]+).*/i', '$1', $bbcode_match);
if (!preg_match('/^[a-zA-Z0-9_-]+$/', $bbcode_tag))
{
@@ -591,25 +468,13 @@ class acp_bbcodes
trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
- $fp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) {
- return strtolower($match[0]);
- }, $fp_match);
- $fp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) {
- return strtolower($match[0]);
- }, $fp_replace);
- $sp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) {
- return strtolower($match[0]);
- }, $sp_match);
- $sp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) {
- return strtolower($match[0]);
- }, $sp_replace);
-
return array(
'bbcode_tag' => $bbcode_tag,
- 'first_pass_match' => $fp_match,
- 'first_pass_replace' => $fp_replace,
- 'second_pass_match' => $sp_match,
- 'second_pass_replace' => $sp_replace
+ 'first_pass_match' => '/(?!)/',
+ 'first_pass_replace' => '',
+ // Use a non-matching, valid regexp to effectively disable this BBCode
+ 'second_pass_match' => '/(?!)/',
+ 'second_pass_replace' => ''
);
}
}
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index 0730b4e285..cd72a8748a 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -85,34 +85,26 @@ class acp_board
$display_vars = array(
'title' => 'ACP_BOARD_FEATURES',
'vars' => array(
- 'legend1' => 'ACP_BOARD_FEATURES',
- 'allow_privmsg' => array('lang' => 'BOARD_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'allow_topic_notify' => array('lang' => 'ALLOW_TOPIC_NOTIFY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_forum_notify' => array('lang' => 'ALLOW_FORUM_NOTIFY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_namechange' => array('lang' => 'ALLOW_NAME_CHANGE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_pm_report' => array('lang' => 'ALLOW_PM_REPORT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'allow_bbcode' => array('lang' => 'ALLOW_BBCODE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_smilies' => array('lang' => 'ALLOW_SMILIES', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_sig' => array('lang' => 'ALLOW_SIG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'legend1' => 'ACP_BOARD_FEATURES',
+ 'allow_privmsg' => array('lang' => 'BOARD_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'allow_topic_notify' => array('lang' => 'ALLOW_TOPIC_NOTIFY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_forum_notify' => array('lang' => 'ALLOW_FORUM_NOTIFY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_namechange' => array('lang' => 'ALLOW_NAME_CHANGE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_pm_report' => array('lang' => 'ALLOW_PM_REPORT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'allow_bbcode' => array('lang' => 'ALLOW_BBCODE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_smilies' => array('lang' => 'ALLOW_SMILIES', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
+ 'allow_sig' => array('lang' => 'ALLOW_SIG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'allow_board_notifications' => array('lang' => 'ALLOW_BOARD_NOTIFICATIONS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'allow_nocensors' => array('lang' => 'ALLOW_NO_CENSORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'allow_bookmarks' => array('lang' => 'ALLOW_BOOKMARKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'allow_birthdays' => array('lang' => 'ALLOW_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'display_last_subject' => array('lang' => 'DISPLAY_LAST_SUBJECT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'custom', 'method' => 'quick_reply', 'explain' => true),
-
- 'legend2' => 'ACP_LOAD_SETTINGS',
- 'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'load_moderators' => array('lang' => 'YES_MODERATORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'load_cpf_pm' => array('lang' => 'LOAD_CPF_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'load_cpf_viewprofile' => array('lang' => 'LOAD_CPF_VIEWPROFILE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
- 'load_cpf_viewtopic' => array('lang' => 'LOAD_CPF_VIEWTOPIC', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
-
- 'legend3' => 'ACP_SUBMIT_CHANGES',
+ 'allow_nocensors' => array('lang' => 'ALLOW_NO_CENSORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'allow_bookmarks' => array('lang' => 'ALLOW_BOOKMARKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'allow_birthdays' => array('lang' => 'ALLOW_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'display_last_subject' => array('lang' => 'DISPLAY_LAST_SUBJECT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'display_unapproved_posts' => array('lang' => 'DISPLAY_UNAPPROVED_POSTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'custom', 'method' => 'quick_reply', 'explain' => true),
+
+ 'legend2' => 'ACP_SUBMIT_CHANGES',
)
);
break;
@@ -263,7 +255,6 @@ class acp_board
'vars' => array(
'legend1' => 'GENERAL_SETTINGS',
'max_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:8:180', 'type' => false, 'method' => false, 'explain' => false,),
- 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),
'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'select', 'method' => 'select_acc_activation', 'explain' => true),
'new_member_post_limit' => array('lang' => 'NEW_MEMBER_POST_LIMIT', 'validate' => 'int:0:255', 'type' => 'number:0:255', 'explain' => true, 'append' => ' ' . $user->lang['POSTS']),
@@ -426,7 +417,6 @@ class acp_board
'remote_upload_verify' => array('lang' => 'UPLOAD_CERT_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
- 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),
'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true),
'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
@@ -540,13 +530,16 @@ class acp_board
if ($submit)
{
- if (strpos($data['type'], 'password') === 0 && $config_value === '********')
+ if (isset($data['type']) && strpos($data['type'], 'password') === 0 && $config_value === '********')
{
- // Do not update password fields if the content is ********,
- // because that is the password replacement we use to not
- // send the password to the output
+ /**
+ * Do not update password fields if the content is ********,
+ * because that is the password replacement we use to not
+ * send the password to the output
+ */
continue;
}
+
$config->set($config_name, $config_value);
if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable']))
@@ -904,13 +897,13 @@ class acp_board
}
/**
- * Maximum/Minimum password length
+ * Minimum password length
*/
function password_length($value, $key)
{
global $user;
- return '<input id="' . $key . '" type="number" min="1" max="999" name="config[min_pass_chars]" value="' . $value . '" /> ' . $user->lang['MIN_CHARS'] . '&nbsp;&nbsp;<input type="number" min="8" max="255" name="config[max_pass_chars]" value="' . $this->new_config['max_pass_chars'] . '" /> ' . $user->lang['MAX_CHARS'];
+ return '<input id="' . $key . '" type="number" min="1" max="999" name="config[min_pass_chars]" value="' . $value . '" /> ' . $user->lang['MIN_CHARS'];
}
/**
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index 677fce7217..c1c748832b 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -248,8 +248,6 @@ class acp_database
switch ($db->get_sql_layer())
{
- case 'mysql':
- case 'mysql4':
case 'mysqli':
case 'sqlite3':
while (($sql = $fgetd($fp, ";\n", $read, $seek, $eof)) !== false)
diff --git a/phpBB/includes/acp/acp_extensions.php b/phpBB/includes/acp/acp_extensions.php
index a1cb2108e7..86966541be 100644
--- a/phpBB/includes/acp/acp_extensions.php
+++ b/phpBB/includes/acp/acp_extensions.php
@@ -38,7 +38,7 @@ class acp_extensions
private $phpbb_container;
private $php_ini;
- function main()
+ function main($id, $mode)
{
// Start the page
global $config, $user, $template, $request, $phpbb_extension_manager, $phpbb_root_path, $phpbb_log, $phpbb_dispatcher, $phpbb_container;
@@ -172,23 +172,27 @@ class acp_extensions
}
$extension = $this->ext_manager->get_extension($ext_name);
- if (!$extension->is_enableable())
- {
- trigger_error($this->user->lang['EXTENSION_NOT_ENABLEABLE'] . adm_back_link($this->u_action), E_USER_WARNING);
- }
+
+ $this->check_is_enableable($extension);
if ($this->ext_manager->is_enabled($ext_name))
{
redirect($this->u_action);
}
- $this->tpl_name = 'acp_ext_enable';
-
- $this->template->assign_vars(array(
- 'PRE' => true,
- 'L_CONFIRM_MESSAGE' => $this->user->lang('EXTENSION_ENABLE_CONFIRM', $md_manager->get_metadata('display-name')),
- 'U_ENABLE' => $this->u_action . '&amp;action=enable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('enable.' . $ext_name),
- ));
+ if (confirm_box(true))
+ {
+ redirect($this->u_action . '&amp;action=enable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('enable.' . $ext_name));
+ }
+ else
+ {
+ confirm_box(false, $this->user->lang('EXTENSION_ENABLE_CONFIRM', $md_manager->get_metadata('display-name')), build_hidden_fields(array(
+ 'i' => $id,
+ 'mode' => $mode,
+ 'action' => 'enable_pre',
+ 'ext_name' => $ext_name,
+ )));
+ }
break;
case 'enable':
@@ -203,10 +207,8 @@ class acp_extensions
}
$extension = $this->ext_manager->get_extension($ext_name);
- if (!$extension->is_enableable())
- {
- trigger_error($this->user->lang['EXTENSION_NOT_ENABLEABLE'] . adm_back_link($this->u_action), E_USER_WARNING);
- }
+
+ $this->check_is_enableable($extension);
try
{
@@ -215,9 +217,8 @@ class acp_extensions
// Are we approaching the time limit? If so we want to pause the update and continue after refreshing
if ((time() - $start_time) >= $safe_time_limit)
{
- $this->template->assign_var('S_NEXT_STEP', true);
-
meta_refresh(0, $this->u_action . '&amp;action=enable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('enable.' . $ext_name));
+ trigger_error('EXTENSION_ENABLE_IN_PROGRESS', E_USER_NOTICE);
}
}
@@ -233,14 +234,29 @@ class acp_extensions
}
catch (\phpbb\db\migration\exception $e)
{
- $this->template->assign_var('MIGRATOR_ERROR', $e->getLocalisedMessage($this->user));
+ trigger_error($this->user->lang('MIGRATION_EXCEPTION_ERROR', $e->getLocalisedMessage($this->user)), E_USER_WARNING);
}
- $this->tpl_name = 'acp_ext_enable';
+ if ($this->request->is_ajax())
+ {
+ $actions = $this->output_actions('enabled', [
+ 'DISABLE' => $this->u_action . '&amp;action=disable_pre&amp;ext_name=' . urlencode($ext_name),
+ ]);
+
+ $data = [
+ 'EXT_ENABLE_SUCCESS' => true,
+ 'ACTIONS' => $actions,
+ 'REFRESH_DATA' => [
+ 'url' => '',
+ 'time' => 0,
+ ],
+ ];
+
+ $json_response = new \phpbb\json_response;
+ $json_response->send($data);
+ }
- $this->template->assign_vars(array(
- 'U_RETURN' => $this->u_action . '&amp;action=list',
- ));
+ trigger_error($this->user->lang('EXTENSION_ENABLE_SUCCESS') . adm_back_link($this->u_action), E_USER_NOTICE);
break;
case 'disable_pre':
@@ -249,13 +265,19 @@ class acp_extensions
redirect($this->u_action);
}
- $this->tpl_name = 'acp_ext_disable';
-
- $this->template->assign_vars(array(
- 'PRE' => true,
- 'L_CONFIRM_MESSAGE' => $this->user->lang('EXTENSION_DISABLE_CONFIRM', $md_manager->get_metadata('display-name')),
- 'U_DISABLE' => $this->u_action . '&amp;action=disable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('disable.' . $ext_name),
- ));
+ if (confirm_box(true))
+ {
+ redirect($this->u_action . '&amp;action=disable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('disable.' . $ext_name));
+ }
+ else
+ {
+ confirm_box(false, $this->user->lang('EXTENSION_DISABLE_CONFIRM', $md_manager->get_metadata('display-name')), build_hidden_fields(array(
+ 'i' => $id,
+ 'mode' => $mode,
+ 'action' => 'disable_pre',
+ 'ext_name' => $ext_name,
+ )));
+ }
break;
case 'disable':
@@ -272,15 +294,32 @@ class acp_extensions
$this->template->assign_var('S_NEXT_STEP', true);
meta_refresh(0, $this->u_action . '&amp;action=disable&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('disable.' . $ext_name));
+ trigger_error('EXTENSION_DISABLE_IN_PROGRESS', E_USER_NOTICE);
}
}
$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_EXT_DISABLE', time(), array($ext_name));
- $this->tpl_name = 'acp_ext_disable';
+ if ($this->request->is_ajax())
+ {
+ $actions = $this->output_actions('disabled', [
+ 'ENABLE' => $this->u_action . '&amp;action=enable_pre&amp;ext_name=' . urlencode($ext_name),
+ 'DELETE_DATA' => $this->u_action . '&amp;action=delete_data_pre&amp;ext_name=' . urlencode($ext_name),
+ ]);
+
+ $data = [
+ 'EXT_DISABLE_SUCCESS' => true,
+ 'ACTIONS' => $actions,
+ 'REFRESH_DATA' => [
+ 'url' => '',
+ 'time' => 0,
+ ],
+ ];
+
+ $json_response = new \phpbb\json_response;
+ $json_response->send($data);
+ }
- $this->template->assign_vars(array(
- 'U_RETURN' => $this->u_action . '&amp;action=list',
- ));
+ trigger_error($this->user->lang('EXTENSION_DISABLE_SUCCESS') . adm_back_link($this->u_action), E_USER_NOTICE);
break;
case 'delete_data_pre':
@@ -288,13 +327,20 @@ class acp_extensions
{
redirect($this->u_action);
}
- $this->tpl_name = 'acp_ext_delete_data';
- $this->template->assign_vars(array(
- 'PRE' => true,
- 'L_CONFIRM_MESSAGE' => $this->user->lang('EXTENSION_DELETE_DATA_CONFIRM', $md_manager->get_metadata('display-name')),
- 'U_PURGE' => $this->u_action . '&amp;action=delete_data&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('delete_data.' . $ext_name),
- ));
+ if (confirm_box(true))
+ {
+ redirect($this->u_action . '&amp;action=delete_data&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('delete_data.' . $ext_name));
+ }
+ else
+ {
+ confirm_box(false, $this->user->lang('EXTENSION_DELETE_DATA_CONFIRM', $md_manager->get_metadata('display-name')), build_hidden_fields(array(
+ 'i' => $id,
+ 'mode' => $mode,
+ 'action' => 'delete_data_pre',
+ 'ext_name' => $ext_name,
+ )));
+ }
break;
case 'delete_data':
@@ -313,20 +359,36 @@ class acp_extensions
$this->template->assign_var('S_NEXT_STEP', true);
meta_refresh(0, $this->u_action . '&amp;action=delete_data&amp;ext_name=' . urlencode($ext_name) . '&amp;hash=' . generate_link_hash('delete_data.' . $ext_name));
+ trigger_error('EXTENSION_DELETE_DATA_IN_PROGRESS', E_USER_NOTICE);
}
}
$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_EXT_PURGE', time(), array($ext_name));
}
catch (\phpbb\db\migration\exception $e)
{
- $this->template->assign_var('MIGRATOR_ERROR', $e->getLocalisedMessage($this->user));
+ trigger_error($this->user->lang('MIGRATION_EXCEPTION_ERROR', $e->getLocalisedMessage($this->user)), E_USER_WARNING);
}
- $this->tpl_name = 'acp_ext_delete_data';
+ if ($this->request->is_ajax())
+ {
+ $actions = $this->output_actions('disabled', [
+ 'ENABLE' => $this->u_action . '&amp;action=enable_pre&amp;ext_name=' . urlencode($ext_name),
+ ]);
+
+ $data = [
+ 'EXT_DELETE_DATA_SUCCESS' => true,
+ 'ACTIONS' => $actions,
+ 'REFRESH_DATA' => [
+ 'url' => '',
+ 'time' => 0,
+ ],
+ ];
+
+ $json_response = new \phpbb\json_response;
+ $json_response->send($data);
+ }
- $this->template->assign_vars(array(
- 'U_RETURN' => $this->u_action . '&amp;action=list',
- ));
+ trigger_error($this->user->lang('EXTENSION_DELETE_DATA_SUCCESS') . adm_back_link($this->u_action), E_USER_NOTICE);
break;
case 'details':
@@ -605,17 +667,37 @@ class acp_extensions
*
* @param string $block
* @param array $actions
+ * @return array List of actions to be performed on the extension
*/
private function output_actions($block, $actions)
{
- foreach ($actions as $lang => $url)
+ $vars_ary = array();
+ foreach ($actions as $lang => $options)
{
- $this->template->assign_block_vars($block . '.actions', array(
+ $url = $options;
+ if (is_array($options))
+ {
+ $url = $options['url'];
+ }
+
+ $vars = array(
'L_ACTION' => $this->user->lang('EXTENSION_' . $lang),
'L_ACTION_EXPLAIN' => (isset($this->user->lang['EXTENSION_' . $lang . '_EXPLAIN'])) ? $this->user->lang('EXTENSION_' . $lang . '_EXPLAIN') : '',
'U_ACTION' => $url,
- ));
+ 'ACTION_AJAX' => 'ext_' . strtolower($lang),
+ );
+
+ if (isset($options['color']))
+ {
+ $vars['COLOR'] = $options['color'];
+ }
+
+ $this->template->assign_block_vars($block . '.actions', $vars);
+
+ $vars_ary[] = $vars;
}
+
+ return $vars_ary;
}
/**
@@ -662,4 +744,28 @@ class acp_extensions
));
}
}
+
+ /**
+ * Checks whether the extension can be enabled. Triggers error if not.
+ * Error message can be set by the extension.
+ *
+ * @param \phpbb\extension\extension_interface $extension Extension to check
+ */
+ protected function check_is_enableable(\phpbb\extension\extension_interface $extension)
+ {
+ $message = $extension->is_enableable();
+ if ($message !== true)
+ {
+ if (empty($message))
+ {
+ $message = $this->user->lang('EXTENSION_NOT_ENABLEABLE');
+ }
+ else if (is_array($message))
+ {
+ $message = implode('<br>', $message);
+ }
+
+ trigger_error($message . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+ }
}
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php
index 22c775b7c3..ba3901f67a 100644
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@@ -131,11 +131,12 @@ class acp_forums
'forum_rules_link' => $request->variable('forum_rules_link', ''),
'forum_image' => $request->variable('forum_image', ''),
'forum_style' => $request->variable('forum_style', 0),
- 'display_subforum_list' => $request->variable('display_subforum_list', false),
- 'display_on_index' => $request->variable('display_on_index', false),
+ 'display_subforum_list' => $request->variable('display_subforum_list', true),
+ 'display_subforum_limit'=> $request->variable('display_subforum_limit', false),
+ 'display_on_index' => $request->variable('display_on_index', true),
'forum_topics_per_page' => $request->variable('topics_per_page', 0),
'enable_indexing' => $request->variable('enable_indexing', true),
- 'enable_icons' => $request->variable('enable_icons', false),
+ 'enable_icons' => $request->variable('enable_icons', true),
'enable_prune' => $request->variable('enable_prune', false),
'enable_post_review' => $request->variable('enable_post_review', true),
'enable_quick_reply' => $request->variable('enable_quick_reply', false),
@@ -454,10 +455,11 @@ class acp_forums
'forum_image' => '',
'forum_style' => 0,
'display_subforum_list' => true,
- 'display_on_index' => false,
+ 'display_subforum_limit' => false,
+ 'display_on_index' => true,
'forum_topics_per_page' => 0,
'enable_indexing' => true,
- 'enable_icons' => false,
+ 'enable_icons' => true,
'enable_prune' => false,
'prune_days' => 7,
'prune_viewed' => 7,
@@ -676,6 +678,7 @@ class acp_forums
'S_ENABLE_INDEXING' => ($forum_data['enable_indexing']) ? true : false,
'S_TOPIC_ICONS' => ($forum_data['enable_icons']) ? true : false,
'S_DISPLAY_SUBFORUM_LIST' => ($forum_data['display_subforum_list']) ? true : false,
+ 'S_DISPLAY_SUBFORUM_LIMIT' => ($forum_data['display_subforum_limit']) ? true : false,
'S_DISPLAY_ON_INDEX' => ($forum_data['display_on_index']) ? true : false,
'S_PRUNE_ENABLE' => ($forum_data['enable_prune']) ? true : false,
'S_PRUNE_SHADOW_ENABLE' => ($forum_data['enable_shadow_prune']) ? true : false,
@@ -1901,7 +1904,6 @@ class acp_forums
switch ($db->get_sql_layer())
{
- case 'mysql4':
case 'mysqli':
// Delete everything else and thank MySQL for offering multi-table deletion
diff --git a/phpBB/includes/acp/acp_help_phpbb.php b/phpBB/includes/acp/acp_help_phpbb.php
index a36b36eddc..798cff5cee 100644
--- a/phpBB/includes/acp/acp_help_phpbb.php
+++ b/phpBB/includes/acp/acp_help_phpbb.php
@@ -32,7 +32,7 @@ class acp_help_phpbb
include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx);
}
- $collect_url = "https://www.phpbb.com/stats/receive_stats.php";
+ $collect_url = "https://www.phpbb.com/statistics/send";
$this->tpl_name = 'acp_help_phpbb';
$this->page_title = 'ACP_HELP_PHPBB';
@@ -90,13 +90,15 @@ class acp_help_phpbb
if (!empty($response))
{
- if ((strpos($response, 'Thank you') !== false || strpos($response, 'Flood protection') !== false))
+ $decoded_response = json_decode(htmlspecialchars_decode($response), true);
+
+ if ($decoded_response && isset($decoded_response['status']) && $decoded_response['status'] == 'ok')
{
trigger_error($user->lang('THANKS_SEND_STATISTICS') . adm_back_link($this->u_action));
}
else
{
- trigger_error($user->lang('FAIL_SEND_STATISTICS') . adm_back_link($this->u_action));
+ trigger_error($user->lang('FAIL_SEND_STATISTICS') . adm_back_link($this->u_action), E_USER_WARNING);
}
}
@@ -106,7 +108,8 @@ class acp_help_phpbb
$template->assign_vars(array(
'U_COLLECT_STATS' => $collect_url,
'S_COLLECT_STATS' => (!empty($config['help_send_statistics'])) ? true : false,
- 'RAW_DATA' => $collector->get_data_for_form(),
+ 'S_STATS' => $collector->get_data_raw(),
+ 'S_STATS_DATA' => json_encode($collector->get_data_raw()),
'U_ACP_MAIN' => append_sid("{$phpbb_admin_path}index.$phpEx"),
'U_ACTION' => $this->u_action,
// Pass earliest time we should try to send stats again
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index 8f169d15a7..27fac54777 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -657,7 +657,7 @@ class acp_main
}
// Warn if install is still present
- if (file_exists($phpbb_root_path . 'install') && !is_file($phpbb_root_path . 'install'))
+ if (!defined('IN_INSTALL') && !$phpbb_container->getParameter('allow_install_dir') && file_exists($phpbb_root_path . 'install') && !is_file($phpbb_root_path . 'install'))
{
$template->assign_var('S_REMOVE_INSTALL', true);
}
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index e683b1972e..59bf366c1b 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -694,8 +694,8 @@ class acp_permissions
}
// We loop through the auth settings defined in our submit
- list($ug_id, ) = each($psubmit);
- list($forum_id, ) = each($psubmit[$ug_id]);
+ $ug_id = key($psubmit);
+ $forum_id = key($psubmit[$ug_id]);
$settings = $request->variable('setting', array(0 => array(0 => array('' => 0))), false, \phpbb\request\request_interface::POST);
if (empty($settings) || empty($settings[$ug_id]) || empty($settings[$ug_id][$forum_id]))
diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php
index dfb2ccbfd3..f3f82bdfca 100644
--- a/phpBB/includes/acp/acp_reasons.php
+++ b/phpBB/includes/acp/acp_reasons.php
@@ -222,8 +222,6 @@ class acp_reasons
{
// The ugly one!
case 'mysqli':
- case 'mysql4':
- case 'mysql':
// Change the reports using this reason to 'other'
$sql = 'UPDATE ' . REPORTS_TABLE . '
SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index fd4b5e8c24..6993c86279 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -844,9 +844,9 @@ class acp_users
// Validation data - we do not check the password complexity setting here
$check_ary = array(
'new_password' => array(
- array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ array('string', true, $config['min_pass_chars'], 0),
array('password')),
- 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ 'password_confirm' => array('string', true, $config['min_pass_chars'], 0),
);
// Check username if altered
@@ -966,10 +966,7 @@ class acp_users
if ($update_email !== false)
{
- $sql_ary += array(
- 'user_email' => $update_email,
- 'user_email_hash' => phpbb_email_hash($update_email),
- );
+ $sql_ary += ['user_email' => $update_email];
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_EMAIL', false, array(
'reportee_id' => $user_id,
@@ -1130,7 +1127,7 @@ class acp_users
$template->assign_vars(array(
'L_NAME_CHARS_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
- 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
+ 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
'L_POSTS_IN_QUEUE' => $user->lang('NUM_POSTS_IN_QUEUE', $user_row['posts_in_queue']),
'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php
index b414a3121a..f203f9d3ba 100644
--- a/phpBB/includes/acp/auth.php
+++ b/phpBB/includes/acp/auth.php
@@ -460,8 +460,7 @@ class auth_admin extends \phpbb\auth\auth
'S_GROUP_MODE' => ($user_mode == 'group') ? true : false)
);
- @reset($content_array);
- while (list($ug_id, $ug_array) = each($content_array))
+ foreach ($content_array as $ug_id => $ug_array)
{
// Build role dropdown options
$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
@@ -471,8 +470,7 @@ class auth_admin extends \phpbb\auth\auth
$s_role_options = '';
$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
- @reset($roles);
- while (list($role_id, $role_row) = each($roles))
+ foreach ($roles as $role_id => $role_row)
{
$role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
@@ -559,8 +557,7 @@ class auth_admin extends \phpbb\auth\auth
'S_GROUP_MODE' => ($user_mode == 'group') ? true : false)
);
- @reset($content_array);
- while (list($forum_id, $forum_array) = each($content_array))
+ foreach ($content_array as $forum_id => $forum_array)
{
// Build role dropdown options
$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
@@ -570,8 +567,7 @@ class auth_admin extends \phpbb\auth\auth
$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
$s_role_options = '';
- @reset($roles);
- while (list($role_id, $role_row) = each($roles))
+ foreach ($roles as $role_id => $role_row)
{
$role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
@@ -1138,8 +1134,7 @@ class auth_admin extends \phpbb\auth\auth
/* @var $phpbb_permissions \phpbb\permissions */
$phpbb_permissions = $phpbb_container->get('acl.permissions');
- @reset($category_array);
- while (list($cat, $cat_array) = each($category_array))
+ foreach ($category_array as $cat => $cat_array)
{
if (!$phpbb_permissions->category_defined($cat))
{
@@ -1169,8 +1164,7 @@ class auth_admin extends \phpbb\auth\auth
}
unset($key_array, $values_array);
*/
- @reset($cat_array['permissions']);
- while (list($permission, $allowed) = each($cat_array['permissions']))
+ foreach ($cat_array['permissions'] as $permission => $allowed)
{
if (!$phpbb_permissions->permission_defined($permission))
{
@@ -1237,8 +1231,7 @@ class auth_admin extends \phpbb\auth\auth
$permissions = $permission_row[$forum_id];
ksort($permissions);
- @reset($permissions);
- while (list($permission, $auth_setting) = each($permissions))
+ foreach ($permissions as $permission => $auth_setting)
{
$cat = $phpbb_permissions->get_permission_category($permission);
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index c31b63a403..21c630d495 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -44,7 +44,7 @@ class bbcode
/**
* Init bbcode cache entries if bitfield is specified
*
- * @param string $bbcode_bitfield The bbcode bitfield
+ * @param string $bitfield The bbcode bitfield
*/
function bbcode_set_bitfield($bitfield = '')
{
diff --git a/phpBB/includes/compatibility_globals.php b/phpBB/includes/compatibility_globals.php
index ad394e3782..15880d4bc8 100644
--- a/phpBB/includes/compatibility_globals.php
+++ b/phpBB/includes/compatibility_globals.php
@@ -18,6 +18,14 @@ if (!defined('IN_PHPBB'))
exit;
}
+//
+// Deprecated globals
+//
+define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files - @deprecated 3.3
+
/**
* Sets compatibility globals in the global scope
*
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index ff3bbbc543..9508ce5cfc 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
*/
// phpBB Version
-@define('PHPBB_VERSION', '3.2.9');
+@define('PHPBB_VERSION', '3.3.0');
// QA-related
// define('PHPBB_QA', 1);
@@ -171,11 +171,7 @@ define('CONFIRM_REPORT', 4);
// Categories - Attachments
define('ATTACHMENT_CATEGORY_NONE', 0);
define('ATTACHMENT_CATEGORY_IMAGE', 1); // Inline Images
-define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming - @deprecated 3.2
-define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming - @deprecated 3.2
define('ATTACHMENT_CATEGORY_THUMB', 4); // Not used within the database, only while displaying posts
-define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files
-define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files - @deprecated 3.2
// BBCode UID length
define('BBCODE_UID_LEN', 8);
diff --git a/phpBB/includes/diff/engine.php b/phpBB/includes/diff/engine.php
index 757fdadde9..0d73db02da 100644
--- a/phpBB/includes/diff/engine.php
+++ b/phpBB/includes/diff/engine.php
@@ -285,8 +285,9 @@ class diff_engine
$matches = $ymatches[$line];
reset($matches);
- while (list(, $y) = each($matches))
+ while ($y = current($matches))
{
+ next($matches);
if (empty($this->in_seq[$y]))
{
$k = $this->_lcs_pos($y);
@@ -296,8 +297,9 @@ class diff_engine
}
// no reset() here
- while (list(, $y) = each($matches))
+ while ($y = current($matches))
{
+ next($matches);
if ($y > $this->seq[$k - 1])
{
// Optimization: this is a common case: next match is just replacing previous match.
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index c9f589c174..9759eabb5a 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -52,18 +52,6 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path)
}
/**
-* Casts a variable to the given type.
-*
-* @deprecated
-*/
-function set_var(&$result, $var, $type, $multibyte = false)
-{
- // no need for dependency injection here, if you have the object, call the method yourself!
- $type_cast_helper = new \phpbb\request\type_cast_helper();
- $type_cast_helper->set_var($result, $var, $type, $multibyte);
-}
-
-/**
* Generates an alphanumeric random string of given length
*
* @param int $num_chars Length of random string, defaults to 8.
@@ -276,18 +264,6 @@ function still_on_time($extra_time = 15)
}
/**
-* Hashes an email address to a big integer
-*
-* @param string $email Email address
-*
-* @return string Unsigned Big Integer
-*/
-function phpbb_email_hash($email)
-{
- return sprintf('%u', crc32(strtolower($email))) . strlen($email);
-}
-
-/**
* Wrapper for version_compare() that allows using uppercase A and B
* for alpha and beta releases.
*
@@ -2288,6 +2264,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
$err = '';
$form_name = 'login';
+ $username = $autologin = false;
// Make sure user->setup() has been called
if (!$user->is_setup())
@@ -2528,11 +2505,14 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
+ /** @var \phpbb\controller\helper $controller_helper */
+ $controller_helper = $phpbb_container->get('controller.helper');
+
$login_box_template_data = array(
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $l_explain,
- 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '',
+ 'U_SEND_PASSWORD' => ($config['email_enable']) ? $controller_helper->route('phpbb_ucp_forgot_password_controller') : '',
'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '',
'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'),
'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'),
@@ -2860,10 +2840,13 @@ function get_preg_expression($mode)
// Whoa these look impressive!
// The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses
// can be found in the develop directory
+
+ // @deprecated
case 'ipv4':
return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#';
break;
+ // @deprecated
case 'ipv6':
return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i';
break;
@@ -2989,331 +2972,26 @@ function short_ipv6($ip, $length)
* @return mixed false if specified address is not valid,
* string otherwise
*/
-function phpbb_ip_normalise($address)
+function phpbb_ip_normalise(string $address)
{
- $address = trim($address);
+ $ip_normalised = false;
- if (empty($address) || !is_string($address))
+ if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
{
- return false;
+ $ip_normalised = $address;
}
-
- if (preg_match(get_preg_expression('ipv4'), $address))
+ else if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
{
- return $address;
- }
-
- return phpbb_inet_ntop(phpbb_inet_pton($address));
-}
+ $ip_normalised = inet_ntop(inet_pton($address));
-/**
-* Wrapper for inet_ntop()
-*
-* Converts a packed internet address to a human readable representation
-* inet_ntop() is supported by PHP since 5.1.0, since 5.3.0 also on Windows.
-*
-* @param string $in_addr A 32bit IPv4, or 128bit IPv6 address.
-*
-* @return mixed false on failure,
-* string otherwise
-*/
-function phpbb_inet_ntop($in_addr)
-{
- $in_addr = bin2hex($in_addr);
-
- switch (strlen($in_addr))
- {
- case 8:
- return implode('.', array_map('hexdec', str_split($in_addr, 2)));
-
- case 32:
- if (substr($in_addr, 0, 24) === '00000000000000000000ffff')
- {
- return phpbb_inet_ntop(pack('H*', substr($in_addr, 24)));
- }
-
- $parts = str_split($in_addr, 4);
- $parts = preg_replace('/^0+(?!$)/', '', $parts);
- $ret = implode(':', $parts);
-
- $matches = array();
- preg_match_all('/(?<=:|^)(?::?0){2,}/', $ret, $matches, PREG_OFFSET_CAPTURE);
- $matches = $matches[0];
-
- if (empty($matches))
- {
- return $ret;
- }
-
- $longest_match = '';
- $longest_match_offset = 0;
- foreach ($matches as $match)
- {
- if (strlen($match[0]) > strlen($longest_match))
- {
- $longest_match = $match[0];
- $longest_match_offset = $match[1];
- }
- }
-
- $ret = substr_replace($ret, '', $longest_match_offset, strlen($longest_match));
-
- if ($longest_match_offset == strlen($ret))
- {
- $ret .= ':';
- }
-
- if ($longest_match_offset == 0)
- {
- $ret = ':' . $ret;
- }
-
- return $ret;
-
- default:
- return false;
- }
-}
-
-/**
-* Wrapper for inet_pton()
-*
-* Converts a human readable IP address to its packed in_addr representation
-* inet_pton() is supported by PHP since 5.1.0, since 5.3.0 also on Windows.
-*
-* @param string $address A human readable IPv4 or IPv6 address.
-*
-* @return mixed false if address is invalid,
-* in_addr representation of the given address otherwise (string)
-*/
-function phpbb_inet_pton($address)
-{
- $ret = '';
- if (preg_match(get_preg_expression('ipv4'), $address))
- {
- foreach (explode('.', $address) as $part)
- {
- $ret .= ($part <= 0xF ? '0' : '') . dechex($part);
- }
-
- return pack('H*', $ret);
- }
-
- if (preg_match(get_preg_expression('ipv6'), $address))
- {
- $parts = explode(':', $address);
- $missing_parts = 8 - count($parts) + 1;
-
- if (substr($address, 0, 2) === '::')
- {
- ++$missing_parts;
- }
-
- if (substr($address, -2) === '::')
- {
- ++$missing_parts;
- }
-
- $embedded_ipv4 = false;
- $last_part = end($parts);
-
- if (preg_match(get_preg_expression('ipv4'), $last_part))
+ // If is ipv4
+ if (stripos($ip_normalised, '::ffff:') === 0)
{
- $parts[count($parts) - 1] = '';
- $last_part = phpbb_inet_pton($last_part);
- $embedded_ipv4 = true;
- --$missing_parts;
+ $ip_normalised = substr($ip_normalised, 7);
}
-
- foreach ($parts as $i => $part)
- {
- if (strlen($part))
- {
- $ret .= str_pad($part, 4, '0', STR_PAD_LEFT);
- }
- else if ($i && $i < count($parts) - 1)
- {
- $ret .= str_repeat('0000', $missing_parts);
- }
- }
-
- $ret = pack('H*', $ret);
-
- if ($embedded_ipv4)
- {
- $ret .= $last_part;
- }
-
- return $ret;
}
- return false;
-}
-
-/**
-* Wrapper for php's checkdnsrr function.
-*
-* @param string $host Fully-Qualified Domain Name
-* @param string $type Resource record type to lookup
-* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME
-* Other types may work or may not work
-*
-* @return mixed true if entry found,
-* false if entry not found,
-* null if this function is not supported by this environment
-*
-* Since null can also be returned, you probably want to compare the result
-* with === true or === false,
-*/
-function phpbb_checkdnsrr($host, $type = 'MX')
-{
- // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)
- if (substr($host, -1) == '.')
- {
- $host_fqdn = $host;
- $host = substr($host, 0, -1);
- }
- else
- {
- $host_fqdn = $host . '.';
- }
- // $host has format some.host.example.com
- // $host_fqdn has format some.host.example.com.
-
- // If we're looking for an A record we can use gethostbyname()
- if ($type == 'A' && function_exists('gethostbyname'))
- {
- return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true;
- }
-
- if (function_exists('checkdnsrr'))
- {
- return checkdnsrr($host_fqdn, $type);
- }
-
- if (function_exists('dns_get_record'))
- {
- // dns_get_record() expects an integer as second parameter
- // We have to convert the string $type to the corresponding integer constant.
- $type_constant = 'DNS_' . $type;
- $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY;
-
- // dns_get_record() might throw E_WARNING and return false for records that do not exist
- $resultset = @dns_get_record($host_fqdn, $type_param);
-
- if (empty($resultset) || !is_array($resultset))
- {
- return false;
- }
- else if ($type_param == DNS_ANY)
- {
- // $resultset is a non-empty array
- return true;
- }
-
- foreach ($resultset as $result)
- {
- if (
- isset($result['host']) && $result['host'] == $host &&
- isset($result['type']) && $result['type'] == $type
- )
- {
- return true;
- }
- }
-
- return false;
- }
-
- // If we're on Windows we can still try to call nslookup via exec() as a last resort
- if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec'))
- {
- @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output);
-
- // If output is empty, the nslookup failed
- if (empty($output))
- {
- return NULL;
- }
-
- foreach ($output as $line)
- {
- $line = trim($line);
-
- if (empty($line))
- {
- continue;
- }
-
- // Squash tabs and multiple whitespaces to a single whitespace.
- $line = preg_replace('/\s+/', ' ', $line);
-
- switch ($type)
- {
- case 'MX':
- if (stripos($line, "$host MX") === 0)
- {
- return true;
- }
- break;
-
- case 'NS':
- if (stripos($line, "$host nameserver") === 0)
- {
- return true;
- }
- break;
-
- case 'TXT':
- if (stripos($line, "$host text") === 0)
- {
- return true;
- }
- break;
-
- case 'CNAME':
- if (stripos($line, "$host canonical name") === 0)
- {
- return true;
- }
- break;
-
- default:
- case 'AAAA':
- // AAAA records returned by nslookup on Windows XP/2003 have this format.
- // Later Windows versions use the A record format below for AAAA records.
- if (stripos($line, "$host AAAA IPv6 address") === 0)
- {
- return true;
- }
- // No break
-
- case 'A':
- if (!empty($host_matches))
- {
- // Second line
- if (stripos($line, "Address: ") === 0)
- {
- return true;
- }
- else
- {
- $host_matches = false;
- }
- }
- else if (stripos($line, "Name: $host") === 0)
- {
- // First line
- $host_matches = true;
- }
- break;
- }
- }
-
- return false;
- }
-
- return NULL;
+ return $ip_normalised;
}
// Handler, header and footer
@@ -3325,6 +3003,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
{
global $cache, $db, $auth, $template, $config, $user, $request;
global $phpbb_root_path, $msg_title, $msg_long_text, $phpbb_log;
+ global $phpbb_container;
// Do not display notices if we suppress them via @
if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE)
@@ -3345,7 +3024,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
// Check the error reporting level and return if the error level does not match
// If DEBUG is defined the default level is E_ALL
- if (($errno & ((defined('DEBUG')) ? E_ALL : error_reporting())) == 0)
+ if (($errno & ($phpbb_container->getParameter('debug.show_errors') ? E_ALL : error_reporting())) == 0)
{
return;
}
@@ -3403,7 +3082,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
$log_text .= '<br /><br />BACKTRACE<br />' . $backtrace;
}
- if (defined('IN_INSTALL') || defined('DEBUG') || isset($auth) && $auth->acl_get('a_'))
+ if (defined('IN_INSTALL') || ($phpbb_container != null && $phpbb_container->getParameter('debug.show_errors')) || isset($auth) && $auth->acl_get('a_'))
{
$msg_text = $log_text;
@@ -4291,7 +3970,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
}
else
{
- $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login');
+ $redirect = $request->variable('redirect', rawurlencode($user->page['page']));
+ $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login&amp;redirect=' . $redirect);
$l_login_logout = $user->lang['LOGIN'];
}
@@ -4439,7 +4119,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
/**
* Workaround for missing template variable in pre phpBB 3.2.6 styles.
- * @deprecated 3.2.7 (To be removed: 3.3.0-a1)
+ * @deprecated 3.2.7 (To be removed: 4.0.0-a1)
*/
$form_token_login = $template->retrieve_var('S_FORM_TOKEN_LOGIN');
if (!empty($form_token_login))
@@ -4566,7 +4246,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
'T_STYLESHEET_LINK' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/stylesheet.css?assets_version=' . $config['assets_version'],
'T_STYLESHEET_LANG_LINK'=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/' . $user->lang_name . '/stylesheet.css?assets_version=' . $config['assets_version'],
'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
- 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery.min.js?assets_version=" . $config['assets_version'],
+ 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery-3.4.1.min.js?assets_version=" . $config['assets_version'],
'S_ALLOW_CDN' => !empty($config['allow_cdn']),
'S_COOKIE_NOTICE' => !empty($config['cookie_notice']),
@@ -4638,7 +4318,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
*/
function phpbb_check_and_display_sql_report(\phpbb\request\request_interface $request, \phpbb\auth\auth $auth, \phpbb\db\driver\driver_interface $db)
{
- if ($request->variable('explain', false) && $auth->acl_get('a_') && defined('DEBUG'))
+ global $phpbb_container;
+
+ if ($phpbb_container->getParameter('debug.sql_explain') && $request->variable('explain', false) && $auth->acl_get('a_'))
{
$db->sql_report('display');
}
@@ -4656,19 +4338,22 @@ function phpbb_check_and_display_sql_report(\phpbb\request\request_interface $re
*/
function phpbb_generate_debug_output(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\auth\auth $auth, \phpbb\user $user, \phpbb\event\dispatcher_interface $phpbb_dispatcher)
{
+ global $phpbb_container;
+
$debug_info = array();
// Output page creation time
- if (defined('PHPBB_DISPLAY_LOAD_TIME'))
+ if ($phpbb_container->getParameter('debug.load_time'))
{
if (isset($GLOBALS['starttime']))
{
$totaltime = microtime(true) - $GLOBALS['starttime'];
$debug_info[] = sprintf('<span title="SQL time: %.3fs / PHP time: %.3fs">Time: %.3fs</span>', $db->get_sql_time(), ($totaltime - $db->get_sql_time()), $totaltime);
}
+ }
- $debug_info[] = sprintf('<span title="Cached: %d">Queries: %d</span>', $db->sql_num_queries(true), $db->sql_num_queries());
-
+ if ($phpbb_container->getParameter('debug.memory'))
+ {
$memory_usage = memory_get_peak_usage();
if ($memory_usage)
{
@@ -4676,16 +4361,18 @@ function phpbb_generate_debug_output(\phpbb\db\driver\driver_interface $db, \php
$debug_info[] = 'Peak Memory Usage: ' . $memory_usage;
}
- }
- if (defined('DEBUG'))
- {
$debug_info[] = 'GZIP: ' . (($config['gzip_compress'] && @extension_loaded('zlib')) ? 'On' : 'Off');
if ($user->load)
{
$debug_info[] = 'Load: ' . $user->load;
}
+ }
+
+ if ($phpbb_container->getParameter('debug.sql_explain'))
+ {
+ $debug_info[] = sprintf('<span title="Cached: %d">Queries: %d</span>', $db->sql_num_queries(true), $db->sql_num_queries());
if ($auth->acl_get('a_'))
{
diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php
index a2014a7d5b..4926351461 100644
--- a/phpBB/includes/functions_acp.php
+++ b/phpBB/includes/functions_acp.php
@@ -177,7 +177,7 @@ function adm_page_footer($copyright_html = true)
'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
'S_COPYRIGHT_HTML' => $copyright_html,
'CREDIT_LINE' => $user->lang('POWERED_BY', '<a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Limited'),
- 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$phpbb_root_path}assets/javascript/jquery.min.js",
+ 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$phpbb_root_path}assets/javascript/jquery-3.4.1.min.js",
'S_ALLOW_CDN' => !empty($config['allow_cdn']),
'VERSION' => $config['version'])
);
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index cc82fdbda3..4629706048 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -1191,28 +1191,6 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
}
/**
-* Delete Attachments
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*
-* @param string $mode can be: post|message|topic|attach|user
-* @param mixed $ids can be: post_ids, message_ids, topic_ids, attach_ids, user_ids
-* @param bool $resync set this to false if you are deleting posts or topics
-*/
-function delete_attachments($mode, $ids, $resync = true)
-{
- global $phpbb_container;
-
- /** @var \phpbb\attachment\manager $attachment_manager */
- $attachment_manager = $phpbb_container->get('attachment.manager');
- $num_deleted = $attachment_manager->delete($mode, $ids, $resync);
-
- unset($attachment_manager);
-
- return $num_deleted;
-}
-
-/**
* Deletes shadow topics pointing to a specified forum.
*
* @param int $forum_id The forum id
@@ -1324,23 +1302,6 @@ function update_posted_info(&$topic_ids)
}
/**
-* Delete attached file
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*/
-function phpbb_unlink($filename, $mode = 'file', $entry_removed = false)
-{
- global $phpbb_container;
-
- /** @var \phpbb\attachment\manager $attachment_manager */
- $attachment_manager = $phpbb_container->get('attachment.manager');
- $unlink = $attachment_manager->unlink($filename, $mode, $entry_removed);
- unset($attachment_manager);
-
- return $unlink;
-}
-
-/**
* All-encompasing sync function
*
* Exaples:
@@ -1423,7 +1384,6 @@ function sync($mode, $where_type = '', $where_ids = '', $resync_parents = false,
$db->sql_transaction('begin');
switch ($db->get_sql_layer())
{
- case 'mysql4':
case 'mysqli':
$sql = 'DELETE FROM ' . TOPICS_TABLE . '
USING ' . TOPICS_TABLE . ' t1, ' . TOPICS_TABLE . " t2
@@ -2722,8 +2682,7 @@ function phpbb_update_foes($db, $auth, $group_id = false, $user_id = false)
switch ($db->get_sql_layer())
{
case 'mysqli':
- case 'mysql4':
- $sql = 'DELETE ' . (($db->get_sql_layer() === 'mysqli' || version_compare($db->sql_server_info(true), '4.1', '>=')) ? 'z.*' : ZEBRA_TABLE) . '
+ $sql = 'DELETE z.*
FROM ' . ZEBRA_TABLE . ' z, ' . USER_GROUP_TABLE . ' ug
WHERE z.zebra_id = ug.user_id
AND z.foe = 1
@@ -2879,8 +2838,6 @@ function get_database_size()
// This code is heavily influenced by a similar routine in phpMyAdmin 2.2.0
switch ($db->get_sql_layer())
{
- case 'mysql':
- case 'mysql4':
case 'mysqli':
$sql = 'SELECT VERSION() AS mysql_version';
$result = $db->sql_query($sql);
diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php
index e95fa40a58..92e24c055c 100644
--- a/phpBB/includes/functions_compatibility.php
+++ b/phpBB/includes/functions_compatibility.php
@@ -22,7 +22,7 @@ if (!defined('IN_PHPBB'))
/**
* Get user avatar
*
-* @deprecated 3.1.0-a1 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a1 (To be removed: 4.0.0)
*
* @param string $avatar Users assigned avatar name
* @param int $avatar_type Type of avatar
@@ -50,7 +50,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $
/**
* Hash the password
*
-* @deprecated 3.1.0-a2 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a2 (To be removed: 4.0.0)
*
* @param string $password Password to be hashed
*
@@ -68,7 +68,7 @@ function phpbb_hash($password)
/**
* Check for correct password
*
-* @deprecated 3.1.0-a2 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a2 (To be removed: 4.0.0)
*
* @param string $password The password in plain text
* @param string $hash The stored password hash
@@ -92,7 +92,7 @@ function phpbb_check_hash($password, $hash)
* @param string $path Path to clean
* @return string Cleaned path
*
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function phpbb_clean_path($path)
{
@@ -136,7 +136,7 @@ function phpbb_clean_path($path)
*
* @return string Returns the options for timezone selector only
*
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function tz_select($default = '', $truncate = false)
{
@@ -150,7 +150,7 @@ function tz_select($default = '', $truncate = false)
* via admin_permissions. Changes of usernames and group names
* must be carried through for the moderators table.
*
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
* @return null
*/
function cache_moderators()
@@ -162,7 +162,7 @@ function cache_moderators()
/**
* Removes moderators and administrators from foe lists.
*
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
* @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore
* @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore
* @return null
@@ -182,7 +182,7 @@ function update_foes($group_id = false, $user_id = false)
* @param string &$rank_img the rank image as full img tag is stored here after execution
* @param string &$rank_img_src the rank image source is stored here after execution
*
-* @deprecated 3.1.0-RC5 (To be removed: 3.3.0)
+* @deprecated 3.1.0-RC5 (To be removed: 4.0.0)
*
* Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false
*/
@@ -232,7 +232,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
*
* @return int|bool Returns the log_id, if the entry was added to the database, false otherwise.
*
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function add_log()
{
@@ -280,7 +280,7 @@ function add_log()
*
* @return null
*
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function set_config($config_name, $config_value, $is_dynamic = false, \phpbb\config\config $set_config = null)
{
@@ -310,7 +310,7 @@ function set_config($config_name, $config_value, $is_dynamic = false, \phpbb\con
*
* @return null
*
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function set_config_count($config_name, $increment, $is_dynamic = false, \phpbb\config\config $set_config = null)
{
@@ -331,7 +331,7 @@ function set_config_count($config_name, $increment, $is_dynamic = false, \phpbb\
* See {@link \phpbb\request\request_interface::variable \phpbb\request\request_interface::variable} for
* documentation of this function's use.
*
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
* @param mixed $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
@@ -389,7 +389,7 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false, $
/**
* Get tables of a database
*
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
*/
function get_tables($db)
{
@@ -492,7 +492,7 @@ function phpbb_realpath($path)
* @param $number int|float The number we want to get the plural case for. Float numbers are floored.
* @return int The plural-case we need to use for the number plural-rule combination
*
- * @deprecated 3.2.0-dev (To be removed: 3.3.0)
+ * @deprecated 3.2.0-dev (To be removed: 4.0.0)
*/
function phpbb_get_plural_form($rule, $number)
{
@@ -511,3 +511,165 @@ function phpbb_pcre_utf8_support()
{
return true;
}
+
+/**
+ * Casts a variable to the given type.
+ *
+ * @deprecated 3.1 (To be removed 4.0.0)
+ */
+function set_var(&$result, $var, $type, $multibyte = false)
+{
+ // no need for dependency injection here, if you have the object, call the method yourself!
+ $type_cast_helper = new \phpbb\request\type_cast_helper();
+ $type_cast_helper->set_var($result, $var, $type, $multibyte);
+}
+
+/**
+ * Delete Attachments
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ *
+ * @param string $mode can be: post|message|topic|attach|user
+ * @param mixed $ids can be: post_ids, message_ids, topic_ids, attach_ids, user_ids
+ * @param bool $resync set this to false if you are deleting posts or topics
+ */
+function delete_attachments($mode, $ids, $resync = true)
+{
+ global $phpbb_container;
+
+ /** @var \phpbb\attachment\manager $attachment_manager */
+ $attachment_manager = $phpbb_container->get('attachment.manager');
+ $num_deleted = $attachment_manager->delete($mode, $ids, $resync);
+
+ unset($attachment_manager);
+
+ return $num_deleted;
+}
+
+/**
+ * Delete attached file
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ */
+function phpbb_unlink($filename, $mode = 'file', $entry_removed = false)
+{
+ global $phpbb_container;
+
+ /** @var \phpbb\attachment\manager $attachment_manager */
+ $attachment_manager = $phpbb_container->get('attachment.manager');
+ $unlink = $attachment_manager->unlink($filename, $mode, $entry_removed);
+ unset($attachment_manager);
+
+ return $unlink;
+}
+
+/**
+ * Display reasons
+ *
+ * @deprecated 3.2.0-dev (To be removed: 4.0.0)
+ */
+function display_reasons($reason_id = 0)
+{
+ global $phpbb_container;
+
+ $phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
+}
+
+/**
+ * Upload Attachment - filedata is generated here
+ * Uses upload class
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ *
+ * @param string $form_name The form name of the file upload input
+ * @param int $forum_id The id of the forum
+ * @param bool $local Whether the file is local or not
+ * @param string $local_storage The path to the local file
+ * @param bool $is_message Whether it is a PM or not
+ * @param array $local_filedata A filespec object created for the local file
+ *
+ * @return array File data array
+ */
+function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false)
+{
+ global $phpbb_container;
+
+ /** @var \phpbb\attachment\manager $attachment_manager */
+ $attachment_manager = $phpbb_container->get('attachment.manager');
+ $file = $attachment_manager->upload($form_name, $forum_id, $local, $local_storage, $is_message, $local_filedata);
+ unset($attachment_manager);
+
+ return $file;
+}
+
+/**
+* Wrapper for php's checkdnsrr function.
+*
+* @param string $host Fully-Qualified Domain Name
+* @param string $type Resource record type to lookup
+* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME
+* Other types may work or may not work
+*
+* @return mixed true if entry found,
+* false if entry not found,
+* null if this function is not supported by this environment
+*
+* Since null can also be returned, you probably want to compare the result
+* with === true or === false,
+*
+* @deprecated 3.3.0-b2 (To be removed: 4.0.0)
+*/
+function phpbb_checkdnsrr($host, $type = 'MX')
+{
+ return checkdnsrr($host, $type);
+}
+
+/*
+ * Wrapper for inet_ntop()
+ *
+ * Converts a packed internet address to a human readable representation
+ * inet_ntop() is supported by PHP since 5.1.0, since 5.3.0 also on Windows.
+ *
+ * @param string $in_addr A 32bit IPv4, or 128bit IPv6 address.
+ *
+ * @return mixed false on failure,
+ * string otherwise
+ *
+ * @deprecated 3.3.0-b2 (To be removed: 4.0.0)
+ */
+function phpbb_inet_ntop($in_addr)
+{
+ return inet_ntop($in_addr);
+}
+
+/**
+ * Wrapper for inet_pton()
+ *
+ * Converts a human readable IP address to its packed in_addr representation
+ * inet_pton() is supported by PHP since 5.1.0, since 5.3.0 also on Windows.
+ *
+ * @param string $address A human readable IPv4 or IPv6 address.
+ *
+ * @return mixed false if address is invalid,
+ * in_addr representation of the given address otherwise (string)
+ *
+ * @deprecated 3.3.0-b2 (To be removed: 4.0.0)
+ */
+function phpbb_inet_pton($address)
+{
+ return inet_pton($address);
+}
+
+/**
+ * Hashes an email address to a big integer
+ *
+ * @param string $email Email address
+ *
+ * @return string Unsigned Big Integer
+ *
+ * @deprecated 3.3.0-b2 (To be removed: 4.0.0)
+ */
+function phpbb_email_hash($email)
+{
+ return sprintf('%u', crc32(strtolower($email))) . strlen($email);
+}
diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php
index e86da77b38..56d64d37fb 100644
--- a/phpBB/includes/functions_compress.php
+++ b/phpBB/includes/functions_compress.php
@@ -305,8 +305,8 @@ class compress_zip extends compress
}
}
}
- // This is a directory, we are not writting files
- continue;
+ // This is a directory, we are not writing files
+ continue 2;
}
else
{
diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php
index 2542be5e02..fd014c741e 100644
--- a/phpBB/includes/functions_content.php
+++ b/phpBB/includes/functions_content.php
@@ -1245,11 +1245,6 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
$display_cat = ATTACHMENT_CATEGORY_NONE;
}
- if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
- {
- $display_cat = ATTACHMENT_CATEGORY_NONE;
- }
-
$download_link = append_sid("{$phpbb_root_path}download/file.$phpEx", 'id=' . $attachment['attach_id']);
$l_downloaded_viewed = 'VIEWED_COUNTS';
@@ -1281,21 +1276,6 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
$update_count_ary[] = $attachment['attach_id'];
break;
- // Macromedia Flash Files
- case ATTACHMENT_CATEGORY_FLASH:
- list($width, $height) = @getimagesize($filename);
-
- $block_array += array(
- 'S_FLASH_FILE' => true,
- 'WIDTH' => $width,
- 'HEIGHT' => $height,
- 'U_VIEW_LINK' => $download_link . '&amp;view=1',
- );
-
- // Viewed/Heared File ... update the download count
- $update_count_ary[] = $attachment['attach_id'];
- break;
-
default:
$l_downloaded_viewed = 'DOWNLOAD_COUNTS';
diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php
index 2cfbe9541d..96e108792d 100644
--- a/phpBB/includes/functions_convert.php
+++ b/phpBB/includes/functions_convert.php
@@ -207,16 +207,6 @@ function get_group_id($group_name)
}
/**
-* Generate the email hash stored in the users table
-*
-* Note: Deprecated, calls should directly go to phpbb_email_hash()
-*/
-function gen_email_hash($email)
-{
- return phpbb_email_hash($email);
-}
-
-/**
* Convert a boolean into the appropriate phpBB constant indicating whether the topic is locked
*/
function is_topic_locked($bool)
@@ -1219,7 +1209,8 @@ function get_config()
if (is_array($convert->config_schema['table_format']))
{
$convert_config = array();
- list($key, $val) = each($convert->config_schema['table_format']);
+ $key = key($convert->config_schema['table_format']);
+ $val = current($convert->config_schema['table_format']);
do
{
@@ -1647,11 +1638,6 @@ function mass_auth($ug_type, $forum_id, $ug_id, $acl_list, $setting = ACL_NO)
case 'insert':
switch ($db->get_sql_layer())
{
- case 'mysql':
- case 'mysql4':
- $sql = 'VALUES ' . implode(', ', preg_replace('#^(.*?)$#', '(\1)', $sql_subary));
- break;
-
case 'sqlite3':
case 'mssqlnative':
$sql = implode(' UNION ALL ', preg_replace('#^(.*?)$#', 'SELECT \1', $sql_subary));
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index e4adce14fc..44478dbe49 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -30,6 +30,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$forum_rows = $subforums = $forum_ids = $forum_ids_moderator = $forum_moderators = $active_forum_ary = array();
$parent_id = $visible_forums = 0;
+ $parent_subforum_limit = false;
// Mark forums read?
$mark_read = $request->variable('mark', '');
@@ -266,6 +267,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
// Direct child of current branch
$parent_id = $forum_id;
+ $parent_subforum_limit = $row['display_subforum_limit'];
$forum_rows[$forum_id] = $row;
if ($row['forum_type'] == FORUM_CAT && $row['parent_id'] == $root_data['forum_id'])
@@ -278,7 +280,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
}
else if ($row['forum_type'] != FORUM_CAT)
{
- $subforums[$parent_id][$forum_id]['display'] = ($row['display_on_index']) ? true : false;
+ $subforums[$parent_id][$forum_id]['display'] = ($row['display_on_index'] && (!$parent_subforum_limit || $parent_id == $row['parent_id']));
$subforums[$parent_id][$forum_id]['name'] = $row['forum_name'];
$subforums[$parent_id][$forum_id]['orig_forum_last_post_time'] = $row['forum_last_post_time'];
$subforums[$parent_id][$forum_id]['children'] = array();
@@ -786,25 +788,25 @@ function generate_forum_nav(&$forum_data_ary)
}
$navlinks_parents[] = array(
- 'S_IS_CAT' => ($parent_type == FORUM_CAT) ? true : false,
- 'S_IS_LINK' => ($parent_type == FORUM_LINK) ? true : false,
- 'S_IS_POST' => ($parent_type == FORUM_POST) ? true : false,
- 'FORUM_NAME' => $parent_name,
- 'FORUM_ID' => $parent_forum_id,
- 'MICRODATA' => $microdata_attr . '="' . $parent_forum_id . '"',
- 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id),
+ 'S_IS_CAT' => ($parent_type == FORUM_CAT) ? true : false,
+ 'S_IS_LINK' => ($parent_type == FORUM_LINK) ? true : false,
+ 'S_IS_POST' => ($parent_type == FORUM_POST) ? true : false,
+ 'BREADCRUMB_NAME' => $parent_name,
+ 'FORUM_ID' => $parent_forum_id,
+ 'MICRODATA' => $microdata_attr . '="' . $parent_forum_id . '"',
+ 'U_BREADCRUMB' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id),
);
}
}
$navlinks = array(
- 'S_IS_CAT' => ($forum_data_ary['forum_type'] == FORUM_CAT) ? true : false,
- 'S_IS_LINK' => ($forum_data_ary['forum_type'] == FORUM_LINK) ? true : false,
- 'S_IS_POST' => ($forum_data_ary['forum_type'] == FORUM_POST) ? true : false,
- 'FORUM_NAME' => $forum_data_ary['forum_name'],
- 'FORUM_ID' => $forum_data_ary['forum_id'],
- 'MICRODATA' => $microdata_attr . '="' . $forum_data_ary['forum_id'] . '"',
- 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data_ary['forum_id']),
+ 'S_IS_CAT' => ($forum_data_ary['forum_type'] == FORUM_CAT) ? true : false,
+ 'S_IS_LINK' => ($forum_data_ary['forum_type'] == FORUM_LINK) ? true : false,
+ 'S_IS_POST' => ($forum_data_ary['forum_type'] == FORUM_POST) ? true : false,
+ 'BREADCRUMB_NAME' => $forum_data_ary['forum_name'],
+ 'FORUM_ID' => $forum_data_ary['forum_id'],
+ 'MICRODATA' => $microdata_attr . '="' . $forum_data_ary['forum_id'] . '"',
+ 'U_BREADCRUMB' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data_ary['forum_id']),
);
$forum_template_data = array(
@@ -1151,18 +1153,6 @@ function display_custom_bbcodes()
}
/**
-* Display reasons
-*
-* @deprecated 3.2.0-dev
-*/
-function display_reasons($reason_id = 0)
-{
- global $phpbb_container;
-
- $phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
-}
-
-/**
* Display user activity (action forum/topic)
*/
function display_user_activity(&$userdata_ary)
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 1f409be58c..d2d3924dd8 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -206,28 +206,20 @@ function send_file_to_browser($attachment, $upload_dir, $category)
header('X-Content-Type-Options: nosniff');
}
- if ($category == ATTACHMENT_CATEGORY_FLASH && $request->variable('view', 0) === 1)
+ if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
{
- // We use content-disposition: inline for flash files and view=1 to let it correctly play with flash player 10 - any other disposition will fail to play inline
- header('Content-Disposition: inline');
+ header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
+ if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
+ {
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
+ }
}
else
{
- if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
- {
- header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
- if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
- {
- header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
- }
- }
- else
+ header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
+ if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
{
- header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
- if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
- {
- header('X-Download-Options: noopen');
- }
+ header('X-Download-Options: noopen');
}
}
diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php
index 88dafc4300..e90c11f884 100644
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@@ -123,7 +123,7 @@ class p_master
// We "could" build a true tree with this function - maybe mod authors want to use this...
// Functions for traversing and manipulating the tree are not available though
- // We might re-structure the module system to use true trees in 3.2.x...
+ // We might re-structure the module system to use true trees in 4.0
// $tree = $this->build_tree($this->module_cache['modules'], $this->module_cache['parents']);
// Clean up module cache array to only let survive modules the user can access
@@ -445,7 +445,7 @@ class p_master
break;
default:
- if (!preg_match('#(?:' . implode(array_keys($valid_tokens), ')|(?:') . ')#', $token))
+ if (!preg_match('#(?:' . implode(')|(?:', array_keys($valid_tokens)) . ')#', $token))
{
$token = '';
}
@@ -933,6 +933,14 @@ class p_master
'U_TITLE' => $u_title
);
+ if (isset($this->module_cache['parents'][$item_ary['id']]) || $item_ary['id'] == $this->p_id)
+ {
+ $template->assign_block_vars('navlinks', array(
+ 'BREADCRUMB_NAME' => $item_ary['lang'],
+ 'U_BREADCRUMB' => $u_title,
+ ));
+ }
+
$template->assign_block_vars($use_tabular_offset, array_merge($tpl_ary, array_change_key_case($item_ary, CASE_UPPER)));
}
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index 1956f65666..45eda4ba17 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -433,34 +433,6 @@ function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL)
//
// Attachment related functions
//
-
-/**
-* Upload Attachment - filedata is generated here
-* Uses upload class
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*
-* @param string $form_name The form name of the file upload input
-* @param int $forum_id The id of the forum
-* @param bool $local Whether the file is local or not
-* @param string $local_storage The path to the local file
-* @param bool $is_message Whether it is a PM or not
-* @param array $local_filedata A filespec object created for the local file
-*
-* @return array File data array
-*/
-function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false)
-{
- global $phpbb_container;
-
- /** @var \phpbb\attachment\manager $attachment_manager */
- $attachment_manager = $phpbb_container->get('attachment.manager');
- $file = $attachment_manager->upload($form_name, $forum_id, $local, $local_storage, $is_message, $local_filedata);
- unset($attachment_manager);
-
- return $file;
-}
-
/**
* Calculate the needed size for Thumbnail
*/
@@ -677,12 +649,6 @@ function create_thumbnail($source, $destination, $mimetype)
imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
}
- // If we are in safe mode create the destination file prior to using the gd functions to circumvent a PHP bug
- if (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on')
- {
- @touch($destination);
- }
-
switch ($type['format'])
{
case IMG_GIF:
diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php
index 7427b89917..f0070b4b1e 100644
--- a/phpBB/includes/functions_transfer.php
+++ b/phpBB/includes/functions_transfer.php
@@ -810,7 +810,7 @@ class ftp_fsock extends transfer
$server_ip = substr($socket_name, 0, strrpos($socket_name, ':'));
}
- if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip))
+ if (isset($server_ip) && filter_var($server_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) // ipv4
{
// Passive mode
$this->_send_command('PASV', '', false);
@@ -831,7 +831,7 @@ class ftp_fsock extends transfer
$server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
$server_port = $temp[4] * 256 + $temp[5];
}
- else
+ else // ipv6
{
// Extended Passive Mode - RFC2428
$this->_send_command('EPSV', '', false);
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index e0b6a9d0c6..dc6e09268a 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -204,7 +204,6 @@ function user_add($user_row, $cp_data = false, $notifications_data = null)
'username_clean' => $username_clean,
'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '',
'user_email' => strtolower($user_row['user_email']),
- 'user_email_hash' => phpbb_email_hash($user_row['user_email']),
'group_id' => $user_row['group_id'],
'user_type' => $user_row['user_type'],
);
@@ -1455,12 +1454,7 @@ function user_unban($mode, $ban)
*/
function user_ipwhois($ip)
{
- if (empty($ip))
- {
- return '';
- }
-
- if (!preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip))
+ if (!filter_var($ip, FILTER_VALIDATE_IP))
{
return '';
}
@@ -1910,7 +1904,7 @@ function phpbb_validate_email($email, $config = null)
{
list(, $domain) = explode('@', $email);
- if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false)
+ if (checkdnsrr($domain, 'A') === false && checkdnsrr($domain, 'MX') === false)
{
return 'DOMAIN_NO_MX_RECORD';
}
@@ -1953,9 +1947,9 @@ function validate_user_email($email, $allowed_email = false)
if (!$config['allow_emailreuse'])
{
- $sql = 'SELECT user_email_hash
+ $sql = 'SELECT user_email
FROM ' . USERS_TABLE . "
- WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email));
+ WHERE user_email = '" . $db->sql_escape($email) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php
index 79f9d35ebe..dc098fceed 100644
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@@ -44,7 +44,7 @@ class mcp_logs
if (is_array($action))
{
- list($action, ) = each($action);
+ $action = key($action);
}
else
{
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index a4c2356a43..74bd1f1f62 100644
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -42,7 +42,7 @@ class mcp_notes
if (is_array($action))
{
- list($action, ) = each($action);
+ $action = key($action);
}
$this->page_title = 'MCP_NOTES';
diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php
index 83ad56f3e4..77db5f3ed0 100644
--- a/phpBB/includes/mcp/mcp_topic.php
+++ b/phpBB/includes/mcp/mcp_topic.php
@@ -242,7 +242,7 @@ function mcp_topic_view($id, $mode, $action)
);
extract($phpbb_dispatcher->trigger_event('core.mcp_topic_modify_post_data', compact($vars)));
- foreach ($rowset as $i => $row)
+ foreach ($rowset as $current_row_number => $row)
{
$message = $row['post_text'];
$post_subject = ($row['post_subject'] != '') ? $row['post_subject'] : $topic_info['topic_title'];
@@ -336,7 +336,7 @@ function mcp_topic_view($id, $mode, $action)
}
}
- unset($rowset[$i]);
+ unset($rowset[$current_row_number]);
}
// Display topic icons for split topic
diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php
index df175133fc..7a8599fedd 100644
--- a/phpBB/includes/mcp/mcp_warn.php
+++ b/phpBB/includes/mcp/mcp_warn.php
@@ -41,7 +41,7 @@ class mcp_warn
if (is_array($action))
{
- list($action, ) = each($action);
+ $action = key($action);
}
$this->page_title = 'MCP_WARN';
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index e1c28223dc..d6214c4614 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -46,6 +46,7 @@ class bbcode_firstpass extends bbcode
var $message = '';
var $warn_msg = array();
var $parsed_items = array();
+ var $mode;
/**
* Parse BBCode
@@ -1128,8 +1129,6 @@ class parse_message extends bbcode_firstpass
var $allow_quote_bbcode = true;
var $allow_url_bbcode = true;
- var $mode;
-
/**
* The plupload object used for dealing with attachments
* @var \phpbb\plupload\plupload
diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php
index 2f80582918..ec2e6fea5d 100644
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@@ -68,7 +68,7 @@ class phpbb_questionnaire_data_collector
function get_data_for_form()
{
- return base64_encode(serialize($this->get_data_raw()));
+ return base64_encode(json_encode($this->get_data_raw()));
}
/**
@@ -110,7 +110,6 @@ class phpbb_questionnaire_php_data_provider
'version' => PHP_VERSION,
'sapi' => PHP_SAPI,
'int_size' => defined('PHP_INT_SIZE') ? PHP_INT_SIZE : '',
- 'safe_mode' => (int) @ini_get('safe_mode'),
'open_basedir' => (int) @ini_get('open_basedir'),
'memory_limit' => @ini_get('memory_limit'),
'allow_url_fopen' => (int) @ini_get('allow_url_fopen'),
@@ -121,13 +120,11 @@ class phpbb_questionnaire_php_data_provider
'disable_functions' => @ini_get('disable_functions'),
'disable_classes' => @ini_get('disable_classes'),
'enable_dl' => (int) @ini_get('enable_dl'),
- 'magic_quotes_gpc' => (int) @ini_get('magic_quotes_gpc'),
- 'register_globals' => (int) @ini_get('register_globals'),
'filter.default' => @ini_get('filter.default'),
'zend.ze1_compatibility_mode' => (int) @ini_get('zend.ze1_compatibility_mode'),
'unicode.semantics' => (int) @ini_get('unicode.semantics'),
'zend_thread_safty' => (int) function_exists('zend_thread_id'),
- 'extensions' => get_loaded_extensions(),
+ 'extensions' => implode(',', get_loaded_extensions()),
);
}
}
@@ -405,7 +402,6 @@ class phpbb_questionnaire_phpbb_data_provider
'max_login_attempts' => true,
'max_name_chars' => true,
'max_num_search_keywords' => true,
- 'max_pass_chars' => true,
'max_poll_options' => true,
'max_post_chars' => true,
'max_post_font_size' => true,
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php
index 66f85657a5..5ead3b7fbb 100644
--- a/phpBB/includes/startup.php
+++ b/phpBB/includes/startup.php
@@ -23,11 +23,11 @@ $level = E_ALL & ~E_NOTICE & ~E_DEPRECATED;
error_reporting($level);
/**
-* Minimum Requirement: PHP 5.4.0
+* Minimum Requirement: PHP 7.1.3
*/
-if (version_compare(PHP_VERSION, '5.4') < 0)
+if (version_compare(PHP_VERSION, '7.1.3', '<'))
{
- die('You are running an unsupported PHP version. Please upgrade to PHP 5.4.0 or higher before trying to install or update to phpBB 3.2');
+ die('You are running an unsupported PHP version. Please upgrade to PHP 7.1.3 or higher before trying to install or update to phpBB 3.3');
}
// Register globals and magic quotes have been dropped in PHP 5.4 so no need for extra checks
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index cf6e049748..6eba3a03a9 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -136,7 +136,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
@@ -240,7 +240,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -460,7 +460,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -754,7 +754,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -884,7 +884,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -911,7 +911,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -990,7 +990,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -1051,7 +1051,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 36ab3d0463..dca7e7eeb7 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -70,9 +70,9 @@ class ucp_profile
// Do not check cur_password, it is the old one.
$check_ary = array(
'new_password' => array(
- array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ array('string', true, $config['min_pass_chars'], 0),
array('password')),
- 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ 'password_confirm' => array('string', true, $config['min_pass_chars'], 0),
'email' => array(
array('string', false, 6, 60),
array('user_email')),
@@ -131,7 +131,6 @@ class ucp_profile
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'],
- 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? $passwords_manager->hash($data['new_password']) : $user->data['user_password'],
);
@@ -267,7 +266,7 @@ class ucp_profile
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
- 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
+ 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 03ac63b12b..00fa8034f9 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -276,9 +276,9 @@ class ucp_register
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', '')),
'new_password' => array(
- array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
+ array('string', false, $config['min_pass_chars'], 0),
array('password')),
- 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
+ 'password_confirm' => array('string', false, $config['min_pass_chars'], 0),
'email' => array(
array('string', false, 6, 60),
array('user_email')),
@@ -452,6 +452,9 @@ class ucp_register
{
$message = $user->lang['ACCOUNT_ADDED'];
$email_template = 'user_welcome';
+
+ // Autologin after registration
+ $user->session_create($user_id, 0, false, 1);
}
if ($config['email_enable'])
@@ -600,6 +603,31 @@ class ucp_register
break;
}
+ /* @var $provider_collection \phpbb\auth\provider_collection */
+ $provider_collection = $phpbb_container->get('auth.provider_collection');
+ $auth_provider = $provider_collection->get_provider();
+
+ $auth_provider_data = $auth_provider->get_login_data();
+ if ($auth_provider_data)
+ {
+ if (isset($auth_provider_data['VARS']))
+ {
+ $template->assign_vars($auth_provider_data['VARS']);
+ }
+
+ if (isset($auth_provider_data['BLOCK_VAR_NAME']))
+ {
+ foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars)
+ {
+ $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars);
+ }
+ }
+
+ $template->assign_vars(array(
+ 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'],
+ ));
+ }
+
// Assign template vars for timezone select
phpbb_timezone_select($template, $user, $data['tz'], true);
@@ -611,7 +639,7 @@ class ucp_register
'L_REG_COND' => $l_reg_cond,
'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
- 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
+ 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
'S_LANG_OPTIONS' => language_select($data['lang']),
'S_TZ_PRESELECT' => !$submit,
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
deleted file mode 100644
index e50428bfea..0000000000
--- a/phpBB/includes/ucp/ucp_remind.php
+++ /dev/null
@@ -1,174 +0,0 @@
-<?php
-/**
-*
-* This file is part of the phpBB Forum Software package.
-*
-* @copyright (c) phpBB Limited <https://www.phpbb.com>
-* @license GNU General Public License, version 2 (GPL-2.0)
-*
-* For full copyright and license information, please see
-* the docs/CREDITS.txt file.
-*
-*/
-
-/**
-* @ignore
-*/
-if (!defined('IN_PHPBB'))
-{
- exit;
-}
-
-/**
-* ucp_remind
-* Sending password reminders
-*/
-class ucp_remind
-{
- var $u_action;
-
- function main($id, $mode)
- {
- global $config, $phpbb_root_path, $phpEx, $request;
- global $db, $user, $template, $phpbb_container, $phpbb_dispatcher;
-
- if (!$config['allow_password_reset'])
- {
- trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'));
- }
-
- $username = $request->variable('username', '', true);
- $email = strtolower($request->variable('email', ''));
- $submit = (isset($_POST['submit'])) ? true : false;
-
- add_form_key('ucp_remind');
-
- if ($submit)
- {
- if (!check_form_key('ucp_remind'))
- {
- trigger_error('FORM_INVALID');
- }
-
- if (empty($email))
- {
- trigger_error('NO_EMAIL_USER');
- }
-
- $sql_array = array(
- 'SELECT' => 'user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason',
- 'FROM' => array(USERS_TABLE => 'u'),
- 'WHERE' => "user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'" .
- (!empty($username) ? " AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : ''),
- );
-
- /**
- * Change SQL query for fetching user data
- *
- * @event core.ucp_remind_modify_select_sql
- * @var string email User's email from the form
- * @var string username User's username from the form
- * @var array sql_array Fully assembled SQL query with keys SELECT, FROM, WHERE
- * @since 3.1.11-RC1
- */
- $vars = array(
- 'email',
- 'username',
- 'sql_array',
- );
- extract($phpbb_dispatcher->trigger_event('core.ucp_remind_modify_select_sql', compact($vars)));
-
- $sql = $db->sql_build_query('SELECT', $sql_array);
- $result = $db->sql_query_limit($sql, 2); // don't waste resources on more rows than we need
- $rowset = $db->sql_fetchrowset($result);
-
- if (count($rowset) > 1)
- {
- $db->sql_freeresult($result);
-
- $template->assign_vars(array(
- 'USERNAME_REQUIRED' => true,
- 'EMAIL' => $email,
- ));
- }
- else
- {
- $message = $user->lang['PASSWORD_UPDATED_IF_EXISTED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
-
- if (empty($rowset))
- {
- trigger_error($message);
- }
-
- $user_row = $rowset[0];
- $db->sql_freeresult($result);
-
- if (!$user_row)
- {
- trigger_error($message);
- }
-
- if ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE)
- {
- trigger_error($message);
- }
-
- // Check users permissions
- $auth2 = new \phpbb\auth\auth();
- $auth2->acl($user_row);
-
- if (!$auth2->acl_get('u_chgpasswd'))
- {
- trigger_error($message);
- }
-
- $server_url = generate_board_url();
-
- // Make password at least 8 characters long, make it longer if admin wants to.
- // gen_rand_string() however has a limit of 12 or 13.
- $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));
-
- // For the activation key a random length between 6 and 10 will do.
- $user_actkey = gen_rand_string(mt_rand(6, 10));
-
- // Instantiate passwords manager
- /* @var $manager \phpbb\passwords\manager */
- $passwords_manager = $phpbb_container->get('passwords.manager');
-
- $sql = 'UPDATE ' . USERS_TABLE . "
- SET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'
- WHERE user_id = " . $user_row['user_id'];
- $db->sql_query($sql);
-
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
-
- $messenger = new messenger(false);
-
- $messenger->template('user_activate_passwd', $user_row['user_lang']);
-
- $messenger->set_addresses($user_row);
-
- $messenger->anti_abuse_headers($config, $user);
-
- $messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username']),
- 'PASSWORD' => htmlspecialchars_decode($user_password),
- 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
- );
-
- $messenger->send($user_row['user_notify_type']);
-
- trigger_error($message);
- }
- }
-
- $template->assign_vars(array(
- 'USERNAME' => $username,
- 'EMAIL' => $email,
- 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword'))
- );
-
- $this->tpl_name = 'ucp_remind';
- $this->page_title = 'UCP_REMIND';
- }
-}
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 44c54100cd..55923668d4 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -47,7 +47,7 @@ class ucp_resend
$sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "
- WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'
+ WHERE user_email = '" . $db->sql_escape($email) . "'
AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);