diff options
Diffstat (limited to 'phpBB/includes/functions.php')
-rw-r--r-- | phpBB/includes/functions.php | 77 |
1 files changed, 53 insertions, 24 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ac25f24ddd..8e3f62230a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2401,6 +2401,7 @@ function redirect($url, $return = false, $disable_cd_check = false) echo '<html dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '">'; echo '<head>'; echo '<meta charset="utf-8">'; + echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">'; echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&', $url) . '" />'; echo '<title>' . $user->lang['REDIRECT'] . '</title>'; echo '</head>'; @@ -2821,6 +2822,21 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $user->setup(); } + /** + * This event allows an extension to modify the login process + * + * @event core.login_box_before + * @var string redirect Redirect string + * @var string l_explain Explain language string + * @var string l_success Success language string + * @var bool admin Is admin? + * @var bool s_display Display full login form? + * @var string err Error string + * @since 3.1.9-RC1 + */ + $vars = array('redirect', 'l_explain', 'l_success', 'admin', 's_display', 'err'); + extract($phpbb_dispatcher->trigger_event('core.login_box_before', compact($vars))); + // Print out error if user tries to authenticate as an administrator without having the privileges... if ($admin && !$auth->acl_get('a_')) { @@ -2833,7 +2849,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa trigger_error('NO_AUTH_ADMIN'); } - if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external')) + if (empty($err) && ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external'))) { // Get credential if ($admin) @@ -2902,11 +2918,11 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa * * @event core.login_box_redirect * @var string redirect Redirect string - * @var boolean admin Is admin? - * @var bool return If true, do not redirect but return the sanitized URL. + * @var bool admin Is admin? * @since 3.1.0-RC5 + * @changed 3.1.9-RC1 Removed undefined return variable */ - $vars = array('redirect', 'admin', 'return'); + $vars = array('redirect', 'admin'); extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars))); // append/replace SID (may change during the session for AOL users) @@ -3982,6 +3998,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo '<html dir="ltr">'; echo '<head>'; echo '<meta charset="utf-8">'; + echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">'; echo '<title>' . $msg_title . '</title>'; echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n"; echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } '; @@ -4264,10 +4281,14 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' if (sizeof($online_users['online_users'])) { - $sql = 'SELECT username, username_clean, user_id, user_type, user_allow_viewonline, user_colour - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . ' - ORDER BY username_clean ASC'; + $sql_ary = array( + 'SELECT' => 'u.username, u.username_clean, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour', + 'FROM' => array( + USERS_TABLE => 'u', + ), + 'WHERE' => $db->sql_in_set('u.user_id', $online_users['online_users']), + 'ORDER_BY' => 'u.username_clean ASC', + ); /** * Modify SQL query to obtain online users data @@ -4279,13 +4300,14 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' * @var string item Restrict online users to a certain * session item, e.g. forum for * session_forum_id - * @var string sql SQL query to obtain users online data + * @var array sql_ary SQL query array to obtain users online data * @since 3.1.4-RC1 + * @changed 3.1.7-RC1 Change sql query into array and adjust var accordingly. Allows extension authors the ability to adjust the sql_ary. */ - $vars = array('online_users', 'item_id', 'item', 'sql'); + $vars = array('online_users', 'item_id', 'item', 'sql_ary'); extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars))); - $result = $db->sql_query($sql); + $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); $rowset = $db->sql_fetchrowset($result); $db->sql_freeresult($result); @@ -4299,7 +4321,7 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' $row['username'] = '<em>' . $row['username'] . '</em>'; } - if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline')) + if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline') || $row['user_id'] === $user->data['user_id']) { $user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); } @@ -4848,7 +4870,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false) return $html; } - $avatar_data = $driver->get_data($row, $ignore_config); + $avatar_data = $driver->get_data($row); } else { @@ -4904,7 +4926,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false) /** * Generate page header */ -function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum') +function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum', $send_headers = true) { global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; global $phpbb_dispatcher, $request, $phpbb_container, $phpbb_admin_path; @@ -4964,6 +4986,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id = } } + $user->update_session_infos(); + // Generate logged in/logged out status if ($user->data['user_id'] != ANONYMOUS) { @@ -5242,17 +5266,22 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'SITE_LOGO_IMG' => $user->img('site_logo'), )); - // An array of http headers that phpbb will set. The following event may override these. - $http_headers = array( - // application/xhtml+xml not used because of IE - 'Content-type' => 'text/html; charset=UTF-8', - 'Cache-Control' => 'private, no-cache="set-cookie"', - 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', - ); - if (!empty($user->data['is_bot'])) + $http_headers = array(); + + if ($send_headers) { - // Let reverse proxies know we detected a bot. - $http_headers['X-PHPBB-IS-BOT'] = 'yes'; + // An array of http headers that phpbb will set. The following event may override these. + $http_headers += array( + // application/xhtml+xml not used because of IE + 'Content-type' => 'text/html; charset=UTF-8', + 'Cache-Control' => 'private, no-cache="set-cookie"', + 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', + ); + if (!empty($user->data['is_bot'])) + { + // Let reverse proxies know we detected a bot. + $http_headers['X-PHPBB-IS-BOT'] = 'yes'; + } } /** |