aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/functions.php')
-rw-r--r--phpBB/includes/functions.php77
1 files changed, 53 insertions, 24 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index ac25f24ddd..8e3f62230a 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2401,6 +2401,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
echo '<html dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '">';
echo '<head>';
echo '<meta charset="utf-8">';
+ echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';
echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&amp;', $url) . '" />';
echo '<title>' . $user->lang['REDIRECT'] . '</title>';
echo '</head>';
@@ -2821,6 +2822,21 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
$user->setup();
}
+ /**
+ * This event allows an extension to modify the login process
+ *
+ * @event core.login_box_before
+ * @var string redirect Redirect string
+ * @var string l_explain Explain language string
+ * @var string l_success Success language string
+ * @var bool admin Is admin?
+ * @var bool s_display Display full login form?
+ * @var string err Error string
+ * @since 3.1.9-RC1
+ */
+ $vars = array('redirect', 'l_explain', 'l_success', 'admin', 's_display', 'err');
+ extract($phpbb_dispatcher->trigger_event('core.login_box_before', compact($vars)));
+
// Print out error if user tries to authenticate as an administrator without having the privileges...
if ($admin && !$auth->acl_get('a_'))
{
@@ -2833,7 +2849,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
trigger_error('NO_AUTH_ADMIN');
}
- if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external'))
+ if (empty($err) && ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external')))
{
// Get credential
if ($admin)
@@ -2902,11 +2918,11 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
*
* @event core.login_box_redirect
* @var string redirect Redirect string
- * @var boolean admin Is admin?
- * @var bool return If true, do not redirect but return the sanitized URL.
+ * @var bool admin Is admin?
* @since 3.1.0-RC5
+ * @changed 3.1.9-RC1 Removed undefined return variable
*/
- $vars = array('redirect', 'admin', 'return');
+ $vars = array('redirect', 'admin');
extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars)));
// append/replace SID (may change during the session for AOL users)
@@ -3982,6 +3998,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
echo '<html dir="ltr">';
echo '<head>';
echo '<meta charset="utf-8">';
+ echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';
echo '<title>' . $msg_title . '</title>';
echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
@@ -4264,10 +4281,14 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
if (sizeof($online_users['online_users']))
{
- $sql = 'SELECT username, username_clean, user_id, user_type, user_allow_viewonline, user_colour
- FROM ' . USERS_TABLE . '
- WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . '
- ORDER BY username_clean ASC';
+ $sql_ary = array(
+ 'SELECT' => 'u.username, u.username_clean, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour',
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ ),
+ 'WHERE' => $db->sql_in_set('u.user_id', $online_users['online_users']),
+ 'ORDER_BY' => 'u.username_clean ASC',
+ );
/**
* Modify SQL query to obtain online users data
@@ -4279,13 +4300,14 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
* @var string item Restrict online users to a certain
* session item, e.g. forum for
* session_forum_id
- * @var string sql SQL query to obtain users online data
+ * @var array sql_ary SQL query array to obtain users online data
* @since 3.1.4-RC1
+ * @changed 3.1.7-RC1 Change sql query into array and adjust var accordingly. Allows extension authors the ability to adjust the sql_ary.
*/
- $vars = array('online_users', 'item_id', 'item', 'sql');
+ $vars = array('online_users', 'item_id', 'item', 'sql_ary');
extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars)));
- $result = $db->sql_query($sql);
+ $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
$rowset = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
@@ -4299,7 +4321,7 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
$row['username'] = '<em>' . $row['username'] . '</em>';
}
- if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline'))
+ if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline') || $row['user_id'] === $user->data['user_id'])
{
$user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
}
@@ -4848,7 +4870,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false)
return $html;
}
- $avatar_data = $driver->get_data($row, $ignore_config);
+ $avatar_data = $driver->get_data($row);
}
else
{
@@ -4904,7 +4926,7 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false)
/**
* Generate page header
*/
-function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum')
+function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum', $send_headers = true)
{
global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
global $phpbb_dispatcher, $request, $phpbb_container, $phpbb_admin_path;
@@ -4964,6 +4986,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
}
}
+ $user->update_session_infos();
+
// Generate logged in/logged out status
if ($user->data['user_id'] != ANONYMOUS)
{
@@ -5242,17 +5266,22 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
'SITE_LOGO_IMG' => $user->img('site_logo'),
));
- // An array of http headers that phpbb will set. The following event may override these.
- $http_headers = array(
- // application/xhtml+xml not used because of IE
- 'Content-type' => 'text/html; charset=UTF-8',
- 'Cache-Control' => 'private, no-cache="set-cookie"',
- 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT',
- );
- if (!empty($user->data['is_bot']))
+ $http_headers = array();
+
+ if ($send_headers)
{
- // Let reverse proxies know we detected a bot.
- $http_headers['X-PHPBB-IS-BOT'] = 'yes';
+ // An array of http headers that phpbb will set. The following event may override these.
+ $http_headers += array(
+ // application/xhtml+xml not used because of IE
+ 'Content-type' => 'text/html; charset=UTF-8',
+ 'Cache-Control' => 'private, no-cache="set-cookie"',
+ 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT',
+ );
+ if (!empty($user->data['is_bot']))
+ {
+ // Let reverse proxies know we detected a bot.
+ $http_headers['X-PHPBB-IS-BOT'] = 'yes';
+ }
}
/**