diff options
Diffstat (limited to 'phpBB/includes')
119 files changed, 7055 insertions, 5029 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 3179be7de7..c62fefae46 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -61,6 +61,10 @@ class acp_attachments $l_title = 'ACP_ORPHAN_ATTACHMENTS'; break; + case 'manage': + $l_title = 'ACP_MANAGE_ATTACHMENTS'; + break; + default: trigger_error('NO_MODE', E_USER_ERROR); break; @@ -1043,6 +1047,230 @@ class acp_attachments $db->sql_freeresult($result); break; + + case 'manage': + + if ($submit) + { + $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); + + if (sizeof($delete_files)) + { + // Select those attachments we want to delete... + $sql = 'SELECT real_filename + FROM ' . ATTACHMENTS_TABLE . ' + WHERE ' . $db->sql_in_set('attach_id', $delete_files) . ' + AND is_orphan = 0'; + $result = $db->sql_query($sql); + while ($row = $db->sql_fetchrow($result)) + { + $deleted_filenames[] = $row['real_filename']; + } + $db->sql_freeresult($result); + + if ($num_deleted = delete_attachments('attach', $delete_files)) + { + if (sizeof($delete_files) != $num_deleted) + { + $error[] = $user->lang['FILES_GONE']; + } + add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $deleted_filenames)); + $notify[] = sprintf($user->lang['LOG_ATTACHMENTS_DELETED'], implode(', ', $deleted_filenames)); + } + else + { + $error[] = $user->lang['NO_FILES_TO_DELETE']; + } + } + } + + $template->assign_vars(array( + 'S_MANAGE' => true) + ); + + $start = request_var('start', 0); + + // Sort keys + $sort_days = request_var('st', 0); + $sort_key = request_var('sk', 't'); + $sort_dir = request_var('sd', 'd'); + + // Sorting + $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); + $sort_by_text = array('f' => $user->lang['FILENAME'], 't' => $user->lang['FILEDATE'], 's' => $user->lang['FILESIZE'], 'x' => $user->lang['EXTENSION'], 'd' => $user->lang['DOWNLOADS'],'p' => $user->lang['ATTACH_POST_TYPE'], 'u' => $user->lang['AUTHOR']); + $sort_by_sql = array('f' => 'a.real_filename', 't' => 'a.filetime', 's' => 'a.filesize', 'x' => 'a.extension', 'd' => 'a.download_count', 'p' => 'a.in_message', 'u' => 'u.username'); + + $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; + gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); + + $min_filetime = ($sort_days) ? (time() - ($sort_days * 86400)) : ''; + $limit_filetime = ($min_filetime) ? " AND a.filetime >= $min_filetime " : ''; + $start = ($sort_days && isset($_POST['sort'])) ? 0 : $start; + + $attachments_per_page = (int) $config['topics_per_page']; + + // Handle files stats resync + $action = request_var('action', ''); + $resync_files_stats = false; + if ($action && $action = 'stats') + { + if (!confirm_box(true)) + { + confirm_box(false, $user->lang['RESYNC_FILES_STATS_CONFIRM'], build_hidden_fields(array( + 'i' => $id, + 'mode' => $mode, + 'action' => $action, + ))); + } + else + { + $resync_files_stats = true; + add_log('admin', 'LOG_RESYNC_FILES_STATS'); + } + } + + // Check if files stats are accurate + $sql = 'SELECT COUNT(attach_id) as num_files + FROM ' . ATTACHMENTS_TABLE . ' + WHERE is_orphan = 0'; + $result = $db->sql_query($sql, 600); + $num_files_real = (int) $db->sql_fetchfield('num_files'); + if ($resync_files_stats === true) + { + set_config('num_files', $num_files_real, true); + } + $db->sql_freeresult($result); + + $sql = 'SELECT SUM(filesize) as upload_dir_size + FROM ' . ATTACHMENTS_TABLE . ' + WHERE is_orphan = 0'; + $result = $db->sql_query($sql, 600); + $total_size_real = (float) $db->sql_fetchfield('upload_dir_size'); + if ($resync_files_stats === true) + { + set_config('upload_dir_size', $total_size_real, true); + } + $db->sql_freeresult($result); + + // Get current files stats + $num_files = (int) $config['num_files']; + $total_size = (float) $config['upload_dir_size']; + + // Issue warning message if files stats are inaccurate + if (($num_files != $num_files_real) || ($total_size != $total_size_real)) + { + $error[] = sprintf($user->lang['FILES_STATS_WRONG'], $num_files_real, get_formatted_filesize($total_size_real)); + + $template->assign_vars(array( + 'S_ACTION_OPTIONS' => ($auth->acl_get('a_board')) ? true : false, + 'U_ACTION' => $this->u_action,) + ); + } + + // Make sure $start is set to the last page if it exceeds the amount + if ($start < 0 || $start > $num_files) + { + $start = ($start < 0) ? 0 : floor(($num_files - 1) / $attachments_per_page) * $attachments_per_page; + } + + // If the user is trying to reach the second half of the attachments list, fetch it starting from the end + $store_reverse = false; + $sql_limit = $attachments_per_page; + + if ($start > $num_files / 2) + { + $store_reverse = true; + + if ($start + $attachments_per_page > $num_files) + { + $sql_limit = min($attachments_per_page, max(1, $num_files - $start)); + } + + // Select the sort order. Add time sort anchor for non-time sorting cases + $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') : ''; + $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'ASC' : 'DESC') . $sql_sort_anchor; + $sql_start = max(0, $num_files - $sql_limit - $start); + } + else + { + // Select the sort order. Add time sort anchor for non-time sorting cases + $sql_sort_anchor = ($sort_key != 't') ? ', a.filetime ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') : ''; + $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC') . $sql_sort_anchor; + $sql_start = $start; + + } + + $attachments_list = array(); + + // Just get the files + $sql = 'SELECT a.*, u.username, u.user_colour, t.topic_title + FROM ' . ATTACHMENTS_TABLE . ' a + LEFT JOIN ' . USERS_TABLE . ' u ON (u.user_id = a.poster_id) + LEFT JOIN ' . TOPICS_TABLE . " t ON (a.topic_id = t.topic_id) + WHERE a.is_orphan = 0 + $limit_filetime + ORDER BY $sql_sort_order"; + $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); + + $i = ($store_reverse) ? $sql_limit - 1 : 0; + + // Store increment value in a variable to save some conditional calls + $i_increment = ($store_reverse) ? -1 : 1; + while ($attachment_row = $db->sql_fetchrow($result)) + { + $attachments_list[$i] = $attachment_row; + $i = $i + $i_increment; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'TOTAL_FILES' => $num_files, + 'TOTAL_SIZE' => get_formatted_filesize($total_size), + 'PAGINATION' => generate_pagination($this->u_action . "&$u_sort_param", $num_files, $attachments_per_page, $start, true), + + 'S_ON_PAGE' => on_page($num_files, $attachments_per_page, $start), + 'S_LIMIT_DAYS' => $s_limit_days, + 'S_SORT_KEY' => $s_sort_key, + 'S_SORT_DIR' => $s_sort_dir) + ); + + // Grab extensions + $extensions = $cache->obtain_attach_extensions(true); + + for ($i = 0, $end = sizeof($attachments_list); $i < $end; ++$i) + { + $row = $attachments_list[$i]; + + $row['extension'] = strtolower(trim((string) $row['extension'])); + $comment = ($row['attach_comment'] && !$row['in_message']) ? str_replace(array("\n", "\r"), array('<br />', "\n"), $row['attach_comment']) : ''; + $display_cat = $extensions[$row['extension']]['display_cat']; + $l_downloaded_viewed = ($display_cat == ATTACHMENT_CATEGORY_NONE) ? 'DOWNLOAD_COUNT' : 'VIEWED_COUNT'; + $l_download_count = (!isset($row['download_count']) || (int) $row['download_count'] == 0) ? $user->lang[$l_downloaded_viewed . '_NONE'] : (((int) $row['download_count'] == 1) ? sprintf($user->lang[$l_downloaded_viewed], $row['download_count']) : sprintf($user->lang[$l_downloaded_viewed . 'S'], $row['download_count'])); + + $template->assign_block_vars('attachments', array( + 'ATTACHMENT_POSTER' => get_username_string('full', (int) $row['poster_id'], (string) $row['username'], (string) $row['user_colour'], (string) $row['username']), + 'FILESIZE' => get_formatted_filesize((int) $row['filesize']), + 'FILETIME' => $user->format_date((int) $row['filetime']), + 'REAL_FILENAME' => (!$row['in_message']) ? utf8_wordwrap(utf8_basename((string) $row['real_filename']), 40, '<br />', true) : '', + 'PHYSICAL_FILENAME' => utf8_basename((string) $row['physical_filename']), + 'EXT_GROUP_NAME' => (!empty($extensions[$row['extension']]['group_name'])) ? $user->lang['EXT_GROUP_' . $extensions[$row['extension']]['group_name']] : '', + 'COMMENT' => $comment, + 'TOPIC_TITLE' => (!$row['in_message']) ? (string) $row['topic_title'] : '', + 'ATTACH_ID' => (int) $row['attach_id'], + 'POST_ID' => (int) $row['post_msg_id'], + 'TOPIC_ID' => (int) $row['topic_id'], + 'POST_IDS' => (!empty($post_ids[$row['attach_id']])) ? (int) $post_ids[$row['attach_id']] : '', + + 'L_DOWNLOAD_COUNT' => $l_download_count, + + 'S_IN_MESSAGE' => (bool) $row['in_message'], + + 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}", + 'U_FILE' => append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id'])) + ); + } + + break; } if (sizeof($error)) diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 00e68367fd..d881fc6bdc 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -175,12 +175,21 @@ class acp_ban } $result = $db->sql_query($sql); - $banned_options = ''; + $banned_options = $excluded_options = array(); $ban_length = $ban_reasons = $ban_give_reasons = array(); while ($row = $db->sql_fetchrow($result)) { - $banned_options .= '<option' . (($row['ban_exclude']) ? ' class="sep"' : '') . ' value="' . $row['ban_id'] . '">' . $row[$field] . '</option>'; + $option = '<option value="' . $row['ban_id'] . '">' . $row[$field] . '</option>'; + + if ($row['ban_exclude']) + { + $excluded_options[] = $option; + } + else + { + $banned_options[] = $option; + } $time_length = ($row['ban_end']) ? ($row['ban_end'] - $row['ban_start']) / 60 : 0; @@ -241,10 +250,25 @@ class acp_ban } } + $options = ''; + if ($excluded_options) + { + $options .= '<optgroup label="' . $user->lang['OPTIONS_EXCLUDED'] . '">'; + $options .= implode('', $excluded_options); + $options .= '</optgroup>'; + } + + if ($banned_options) + { + $options .= '<optgroup label="' . $user->lang['OPTIONS_BANNED'] . '">'; + $options .= implode('', $banned_options); + $options .= '</optgroup>'; + } + $template->assign_vars(array( 'S_BAN_END_OPTIONS' => $ban_end_options, - 'S_BANNED_OPTIONS' => ($banned_options) ? true : false, - 'BANNED_OPTIONS' => $banned_options) - ); + 'S_BANNED_OPTIONS' => ($banned_options || $excluded_options) ? true : false, + 'BANNED_OPTIONS' => $options, + )); } } diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index ecbaff6274..a9574628e1 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -317,7 +317,7 @@ class acp_bbcodes $bbcode_tpl = trim($bbcode_tpl); $utf8 = strpos($bbcode_match, 'INTTEXT') !== false; - $utf8_pcre_properties = pcre_utf8_support(); + $utf8_pcre_properties = phpbb_pcre_utf8_support(); $fp_match = preg_quote($bbcode_match, '!'); $fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $bbcode_match); diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 6821073749..890bac62b7 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -96,8 +96,10 @@ class acp_board 'load_moderators' => array('lang' => 'YES_MODERATORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), + 'load_cpf_pm' => array('lang' => 'LOAD_CPF_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_viewprofile' => array('lang' => 'LOAD_CPF_VIEWPROFILE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_viewtopic' => array('lang' => 'LOAD_CPF_VIEWTOPIC', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), + 'load_jquery_cdn' => array('lang' => 'LOAD_JQUERY_CDN', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'legend3' => 'ACP_SUBMIT_CHANGES', ) @@ -188,7 +190,7 @@ class acp_board 'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true), 'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:2:127', 'type' => 'text:4:4', 'explain' => false), 'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true), - 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true), + 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:1', 'type' => 'text:4:6', 'explain' => true), 'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true), 'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true), 'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'), @@ -327,6 +329,7 @@ class acp_board 'legend3' => 'CUSTOM_PROFILE_FIELDS', 'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), + 'load_cpf_pm' => array('lang' => 'LOAD_CPF_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_viewprofile' => array('lang' => 'LOAD_CPF_VIEWPROFILE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_viewtopic' => array('lang' => 'LOAD_CPF_VIEWTOPIC', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), @@ -387,6 +390,9 @@ class acp_board 'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true), 'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']), 'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true), + 'ip_login_limit_max' => array('lang' => 'IP_LOGIN_LIMIT_MAX', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true), + 'ip_login_limit_time' => array('lang' => 'IP_LOGIN_LIMIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']), + 'ip_login_limit_use_forwarded' => array('lang' => 'IP_LOGIN_LIMIT_USE_FORWARDED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'tpl_allow_php' => array('lang' => 'TPL_ALLOW_PHP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int:-1', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']), 'form_token_sid_guests' => array('lang' => 'FORM_SID_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), @@ -770,13 +776,20 @@ class acp_board { global $user, $config; - $radio_ary = array(USER_ACTIVATION_DISABLE => 'ACC_DISABLE', USER_ACTIVATION_NONE => 'ACC_NONE'); + $radio_ary = array( + USER_ACTIVATION_DISABLE => 'ACC_DISABLE', + USER_ACTIVATION_NONE => 'ACC_NONE', + ); + if ($config['email_enable']) { - $radio_ary += array(USER_ACTIVATION_SELF => 'ACC_USER', USER_ACTIVATION_ADMIN => 'ACC_ADMIN'); + $radio_ary[USER_ACTIVATION_SELF] = 'ACC_USER'; + $radio_ary[USER_ACTIVATION_ADMIN] = 'ACC_ADMIN'; } - return h_radio('config[require_activation]', $radio_ary, $value, $key); + $radio_text = h_radio('config[require_activation]', $radio_ary, $value, 'require_activation', $key, '<br />'); + + return $radio_text; } /** diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 8116fce6f0..f051781547 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -46,7 +46,7 @@ class acp_captcha // Delegate if ($configure) { - $config_captcha =& phpbb_captcha_factory::get_instance($selected); + $config_captcha = phpbb_captcha_factory::get_instance($selected); $config_captcha->acp_page($id, $this); } else @@ -78,11 +78,11 @@ class acp_captcha // sanity check if (isset($captchas['available'][$selected])) { - $old_captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $old_captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $old_captcha->uninstall(); set_config('captcha_plugin', $selected); - $new_captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $new_captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $new_captcha->install(); add_log('admin', 'LOG_CONFIG_VISUAL'); @@ -104,16 +104,16 @@ class acp_captcha foreach ($captchas['available'] as $value => $title) { $current = ($selected !== false && $value == $selected) ? ' selected="selected"' : ''; - $captcha_select .= '<option value="' . $value . '"' . $current . '>' . $user->lang[$title] . '</option>'; + $captcha_select .= '<option value="' . $value . '"' . $current . '>' . $user->lang($title) . '</option>'; } foreach ($captchas['unavailable'] as $value => $title) { $current = ($selected !== false && $value == $selected) ? ' selected="selected"' : ''; - $captcha_select .= '<option value="' . $value . '"' . $current . ' class="disabled-option">' . $user->lang[$title] . '</option>'; + $captcha_select .= '<option value="' . $value . '"' . $current . ' class="disabled-option">' . $user->lang($title) . '</option>'; } - $demo_captcha =& phpbb_captcha_factory::get_instance($selected); + $demo_captcha = phpbb_captcha_factory::get_instance($selected); foreach ($config_vars as $config_var => $options) { @@ -136,7 +136,7 @@ class acp_captcha { global $db, $user, $config; - $captcha =& phpbb_captcha_factory::get_instance($selected); + $captcha = phpbb_captcha_factory::get_instance($selected); $captcha->init(CONFIRM_REG); $captcha->execute_demo(); diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 96542986d3..38d4d3c8e4 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -221,6 +221,7 @@ class acp_database case 'submit': $delete = request_var('delete', ''); $file = request_var('file', ''); + $download = request_var('download', ''); if (!preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches)) { @@ -247,10 +248,8 @@ class acp_database confirm_box(false, $user->lang['DELETE_SELECTED_BACKUP'], build_hidden_fields(array('delete' => $delete, 'file' => $file))); } } - else + else if ($download || confirm_box(true)) { - $download = request_var('download', ''); - if ($download) { $name = $matches[0]; @@ -411,6 +410,10 @@ class acp_database trigger_error($user->lang['RESTORE_SUCCESS'] . adm_back_link($this->u_action)); break; } + else if (!$download) + { + confirm_box(false, $user->lang['RESTORE_SELECTED_BACKUP'], build_hidden_fields(array('file' => $file))); + } default: $methods = array('sql'); @@ -486,6 +489,8 @@ class base_extractor function base_extractor($download = false, $store = false, $format, $filename, $time) { + global $request; + $this->download = $download; $this->store = $store; $this->time = $time; @@ -530,7 +535,7 @@ class base_extractor break; case 'gzip': - if ((isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false) && strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'msie') === false) + if (strpos($request->header('Accept-Encoding'), 'gzip') !== false && strpos(strtolower($request->header('User-Agent')), 'msie') === false) { ob_start('ob_gzhandler'); } @@ -1580,7 +1585,7 @@ class mssql_extractor extends base_extractor } $this->flush($sql_data); } - + function write_data_mssqlnative($table_name) { global $db; @@ -1606,7 +1611,7 @@ class mssql_extractor extends base_extractor $row = new result_mssqlnative($result_fields); $i_num_fields = $row->num_fields(); - + for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = $row->field_type($i); @@ -1619,7 +1624,7 @@ class mssql_extractor extends base_extractor WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1"; $result2 = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result2); - + if (!empty($row2['has_identity'])) { $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n"; @@ -1683,8 +1688,8 @@ class mssql_extractor extends base_extractor $sql_data .= "\nSET IDENTITY_INSERT $table_name OFF\nGO\n"; } $this->flush($sql_data); - } - + } + function write_data_odbc($table_name) { global $db; diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php index e3496bfc8b..f29e902910 100644 --- a/phpBB/includes/acp/acp_disallow.php +++ b/phpBB/includes/acp/acp_disallow.php @@ -56,6 +56,18 @@ class acp_disallow trigger_error($user->lang['NO_USERNAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); } + $sql = 'SELECT disallow_id + FROM ' . DISALLOW_TABLE . " + WHERE disallow_username = '" . $db->sql_escape($disallowed_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + trigger_error($user->lang['DISALLOWED_ALREADY'] . adm_back_link($this->u_action), E_USER_WARNING); + } + $sql = 'INSERT INTO ' . DISALLOW_TABLE . ' ' . $db->sql_build_array('INSERT', array('disallow_username' => $disallowed_user)); $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index b4f0e50029..c7db4f7a39 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -82,23 +82,48 @@ class acp_email { if ($group_id) { - $sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type - FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug - WHERE ug.group_id = ' . $group_id . ' + $sql_ary = array( + 'SELECT' => 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type', + 'FROM' => array( + USERS_TABLE => 'u', + USER_GROUP_TABLE => 'ug', + ), + 'WHERE' => 'ug.group_id = ' . $group_id . ' AND ug.user_pending = 0 AND u.user_id = ug.user_id AND u.user_allow_massemail = 1 - AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') - ORDER BY u.user_lang, u.user_notify_type'; + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', + 'ORDER_BY' => 'u.user_lang, u.user_notify_type', + ); } else { - $sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang - FROM ' . USERS_TABLE . ' - WHERE user_allow_massemail = 1 - AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') - ORDER BY user_lang, user_notify_type'; + $sql_ary = array( + 'SELECT' => 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type', + 'FROM' => array( + USERS_TABLE => 'u', + ), + 'WHERE' => 'u.user_allow_massemail = 1 + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', + 'ORDER_BY' => 'u.user_lang, u.user_notify_type', + ); } + + // Mail banned or not + if (!isset($_REQUEST['mail_banned_flag'])) + { + $sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL + OR b.ban_exclude = 1)'; + $sql_ary['LEFT_JOIN'] = array( + array( + 'FROM' => array( + BANLIST_TABLE => 'b', + ), + 'ON' => 'u.user_id = b.ban_userid', + ), + ); + } + $sql = $db->sql_build_query('SELECT', $sql_ary); } $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); @@ -111,8 +136,9 @@ class acp_email $i = $j = 0; - // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit) - $max_chunk_size = 50; + // Send with BCC + // Maximum number of bcc recipients + $max_chunk_size = (int) $config['email_max_chunk_size']; $email_list = array(); $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 4d605e1b82..7fe8915ad1 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -212,15 +212,11 @@ class acp_forums $message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; - // Redirect to permissions - if ($auth->acl_get('a_fauth') && !$copied_permissions) - { - $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>'); - } - // redirect directly to permission settings screen if authed if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) { + $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>'); + meta_refresh(4, append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url)); } @@ -875,7 +871,7 @@ class acp_forums $errors = array(); - if (!$forum_data['forum_name']) + if ($forum_data['forum_name'] == '') { $errors[] = $user->lang['FORUM_NAME_EMPTY']; } diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index dde556c19e..9aa54bed89 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -415,6 +415,9 @@ class acp_groups // Only set the rank, colour, etc. if it's changed or if we're adding a new // group. This prevents existing group members being updated if no changes // were made. + // However there are some attributes that need to be set everytime, + // otherwise the group gets removed from the feature. + $set_attributes = array('legend', 'teampage'); $group_attributes = array(); $test_variables = array( @@ -435,7 +438,7 @@ class acp_groups foreach ($test_variables as $test => $type) { - if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) + if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || in_array($test, $set_attributes))) { settype($submit_ary[$test], $type); $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; @@ -832,7 +835,7 @@ class acp_groups case 'set_config_teampage': set_config('teampage_forums', request_var('teampage_forums', 0)); - set_config('teampage_multiple', request_var('teampage_multiple', 0)); + set_config('teampage_memberships', request_var('teampage_memberships', 0)); break; case 'add': @@ -913,11 +916,11 @@ class acp_groups 'U_ACTION_LEGEND' => $this->u_action . '&field=legend', 'U_ACTION_TEAMPAGE' => $this->u_action . '&field=teampage', - 'S_GROUP_SELECT_LEGEND' => $s_group_select_legend, - 'S_GROUP_SELECT_TEAMPAGE' => $s_group_select_teampage, - 'DISPLAY_FORUMS' => ($config['teampage_forums']) ? true : false, - 'DISPLAY_MULTIPLE' => ($config['teampage_multiple']) ? true : false, - 'LEGEND_SORT_GROUPNAME' => ($config['legend_sort_groupname']) ? true : false, + 'S_GROUP_SELECT_LEGEND' => $s_group_select_legend, + 'S_GROUP_SELECT_TEAMPAGE' => $s_group_select_teampage, + 'DISPLAY_FORUMS' => ($config['teampage_forums']) ? true : false, + 'DISPLAY_MEMBERSHIPS' => $config['teampage_memberships'], + 'LEGEND_SORT_GROUPNAME' => ($config['legend_sort_groupname']) ? true : false, )); } } diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index a525efb510..c848039c66 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -395,6 +395,10 @@ class acp_icons { // skip images where add wasn't checked } + else if (!file_exists($phpbb_root_path . $img_path . '/' . $image)) + { + $errors[$image] = 'SMILIE_NO_FILE'; + } else { if ($image_width[$image] == 0 || $image_height[$image] == 0) diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index e4fb695a11..0e4801f630 100644 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -301,7 +301,7 @@ class acp_inactive 'PAGINATION' => generate_pagination($this->u_action . "&$u_sort_param&users_per_page=$per_page", $inactive_count, $per_page, $start, true), 'USERS_PER_PAGE' => $per_page, - 'U_ACTION' => $this->u_action . '&start=' . $start, + 'U_ACTION' => $this->u_action . "&$u_sort_param&users_per_page=$per_page&start=$start", )); $this->tpl_name = 'acp_inactive'; diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index 8df8e5c8e5..91b48f013e 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -797,11 +797,6 @@ class acp_language $sql = 'DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . ' WHERE lang_id = ' . $lang_id; $db->sql_query($sql); - $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . " WHERE image_lang = '" . $db->sql_escape($row['lang_iso']) . "'"; - $result = $db->sql_query($sql); - - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - add_log('admin', 'LOG_LANGUAGE_PACK_DELETED', $row['lang_english_name']); trigger_error(sprintf($user->lang['LANGUAGE_PACK_DELETED'], $row['lang_english_name']) . adm_back_link($this->u_action)); @@ -866,66 +861,6 @@ class acp_language $db->sql_query('INSERT INTO ' . LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $lang_id = $db->sql_nextid(); - $valid_localized = array( - 'icon_back_top', 'icon_contact_aim', 'icon_contact_email', 'icon_contact_icq', 'icon_contact_jabber', 'icon_contact_msnm', 'icon_contact_pm', 'icon_contact_yahoo', 'icon_contact_www', 'icon_post_delete', 'icon_post_edit', 'icon_post_info', 'icon_post_quote', 'icon_post_report', 'icon_user_online', 'icon_user_offline', 'icon_user_profile', 'icon_user_search', 'icon_user_warn', 'button_pm_forward', 'button_pm_new', 'button_pm_reply', 'button_topic_locked', 'button_topic_new', 'button_topic_reply', - ); - - $sql_ary = array(); - - $sql = 'SELECT * - FROM ' . STYLES_IMAGESET_TABLE; - $result = $db->sql_query($sql); - while ($imageset_row = $db->sql_fetchrow($result)) - { - if (@file_exists("{$phpbb_root_path}styles/{$imageset_row['imageset_path']}/imageset/{$lang_pack['iso']}/imageset.cfg")) - { - $cfg_data_imageset_data = parse_cfg_file("{$phpbb_root_path}styles/{$imageset_row['imageset_path']}/imageset/{$lang_pack['iso']}/imageset.cfg"); - foreach ($cfg_data_imageset_data as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - if (in_array($image_name, $valid_localized)) - { - $sql_ary[] = array( - 'image_name' => (string) $image_name, - 'image_filename' => (string) $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $imageset_row['imageset_id'], - 'image_lang' => (string) $lang_pack['iso'], - ); - } - } - } - } - } - $db->sql_freeresult($result); - - if (sizeof($sql_ary)) - { - $db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary); - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - } - // Now let's copy the default language entries for custom profile fields for this new language - makes admin's life easier. $sql = 'SELECT lang_id FROM ' . LANG_TABLE . " @@ -934,6 +869,9 @@ class acp_language $default_lang_id = (int) $db->sql_fetchfield('lang_id'); $db->sql_freeresult($result); + // We want to notify the admin that custom profile fields need to be updated for the new language. + $notify_cpf_update = false; + // From the mysql documentation: // Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14. // Due to this we stay on the safe side if we do the insertion "the manual way" @@ -947,6 +885,7 @@ class acp_language { $row['lang_id'] = $lang_id; $db->sql_query('INSERT INTO ' . PROFILE_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row)); + $notify_cpf_update = true; } $db->sql_freeresult($result); @@ -959,12 +898,15 @@ class acp_language { $row['lang_id'] = $lang_id; $db->sql_query('INSERT INTO ' . PROFILE_FIELDS_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row)); + $notify_cpf_update = true; } $db->sql_freeresult($result); add_log('admin', 'LOG_LANGUAGE_PACK_INSTALLED', $lang_pack['name']); - trigger_error(sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']) . adm_back_link($this->u_action)); + $message = sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']); + $message .= ($notify_cpf_update) ? '<br /><br />' . $user->lang['LANGUAGE_PACK_CPF_UPDATE'] : ''; + trigger_error($message . adm_back_link($this->u_action)); break; diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index 90c1a10649..065a6d1c22 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -128,12 +128,12 @@ class acp_logs // Grab log data $log_data = array(); $log_count = 0; - view_log($mode, $log_data, $log_count, $config['topics_per_page'], $start, $forum_id, 0, 0, $sql_where, $sql_sort, $keywords); + $start = view_log($mode, $log_data, $log_count, $config['topics_per_page'], $start, $forum_id, 0, 0, $sql_where, $sql_sort, $keywords); $template->assign_vars(array( 'L_TITLE' => $l_title, 'L_EXPLAIN' => $l_title_explain, - 'U_ACTION' => $this->u_action, + 'U_ACTION' => $this->u_action . "&$u_sort_param$keywords_param&start=$start", 'S_ON_PAGE' => on_page($log_count, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&$u_sort_param$keywords_param", $log_count, $config['topics_per_page'], $start, true), diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index ac375838fd..6304ff9d47 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -415,11 +415,8 @@ class acp_main { $latest_version_info = explode("\n", $latest_version_info); - $latest_version = str_replace('rc', 'RC', strtolower(trim($latest_version_info[0]))); - $current_version = str_replace('rc', 'RC', strtolower($config['version'])); - $template->assign_vars(array( - 'S_VERSION_UP_TO_DATE' => version_compare($current_version, $latest_version, '<') ? false : true, + 'S_VERSION_UP_TO_DATE' => phpbb_version_compare(trim($latest_version_info[0]), $config['version'], '<='), )); } @@ -521,7 +518,7 @@ class acp_main 'U_ADMIN_LOG' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=logs&mode=admin'), 'U_INACTIVE_USERS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=inactive&mode=list'), 'U_VERSIONCHECK' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=update&mode=version_check'), - 'U_VERSIONCHECK_FORCE' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=1&versioncheck_force=1'), + 'U_VERSIONCHECK_FORCE' => append_sid("{$phpbb_admin_path}index.$phpEx", 'versioncheck_force=1'), 'S_ACTION_OPTIONS' => ($auth->acl_get('a_board')) ? true : false, 'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false, @@ -603,6 +600,17 @@ class acp_main $template->assign_var('S_WRITABLE_CONFIG', (bool) (@fileperms($phpbb_root_path . 'config.' . $phpEx) & 0x0002)); } + if (extension_loaded('mbstring')) + { + $template->assign_vars(array( + 'S_MBSTRING_LOADED' => true, + 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)), + 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0), + 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'), + 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'), + )); + } + // Fill dbms version if not yet filled if (empty($config['dbms_version'])) { diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index 52033b590c..e51b440d4d 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -111,7 +111,7 @@ class acp_modules } break; - + case 'enable': case 'disable': if (!$module_id) @@ -170,7 +170,7 @@ class acp_modules add_log('admin', 'LOG_MODULE_' . strtoupper($action), $this->lang_name($row['module_langname']), $move_module_name); $this->remove_cache_file(); } - + break; case 'quickadd': @@ -207,7 +207,7 @@ class acp_modules if (!sizeof($errors)) { $this->remove_cache_file(); - + trigger_error($user->lang['MODULE_ADDED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } } @@ -231,7 +231,7 @@ class acp_modules { trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - + $module_row = $this->get_module_row($module_id); // no break @@ -250,7 +250,7 @@ class acp_modules 'module_auth' => '', ); } - + $module_data = array(); $module_data['module_basename'] = request_var('module_basename', (string) $module_row['module_basename']); @@ -295,7 +295,7 @@ class acp_modules if (!sizeof($errors)) { $this->remove_cache_file(); - + trigger_error((($action == 'add') ? $user->lang['MODULE_ADDED'] : $user->lang['MODULE_EDITED']) . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } } @@ -316,7 +316,7 @@ class acp_modules } // Name options - $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $this->module_class . '_' . $option . ']</option>'; + $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $option . ']</option>'; $template->assign_block_vars('m_names', array('NAME' => $option, 'A_NAME' => addslashes($option))); @@ -327,7 +327,7 @@ class acp_modules { $s_mode_options .= '<option value="' . $m_mode . '"' . (($m_mode == $module_data['module_mode']) ? ' selected="selected"' : '') . '>' . $this->lang_name($m_values['title']) . '</option>'; } - + $template->assign_block_vars('m_names.modes', array( 'OPTION' => $m_mode, 'VALUE' => $this->lang_name($m_values['title']), @@ -336,7 +336,7 @@ class acp_modules ); } } - + $s_cat_option = '<option value="0"' . (($module_data['parent_id'] == 0) ? ' selected="selected"' : '') . '>' . $user->lang['NO_PARENT'] . '</option>'; $template->assign_vars(array_merge(array( @@ -349,7 +349,7 @@ class acp_modules 'U_EDIT_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'L_TITLE' => $user->lang[strtoupper($action) . '_MODULE'], - + 'MODULENAME' => $this->lang_name($module_data['module_langname']), 'ACTION' => $action, 'MODULE_ID' => $module_id, @@ -480,7 +480,7 @@ class acp_modules foreach ($module_infos as $option => $values) { // Name options - $s_install_options .= '<optgroup label="' . $this->lang_name($values['title']) . ' [' . $this->module_class . '_' . $option . ']">'; + $s_install_options .= '<optgroup label="' . $this->lang_name($values['title']) . ' [' . $option . ']">'; // Build module modes foreach ($values['modes'] as $m_mode => $m_values) @@ -516,7 +516,7 @@ class acp_modules $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - + if (!$row) { trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); @@ -524,14 +524,14 @@ class acp_modules return $row; } - + /** * Get available module information from module files */ function get_module_infos($module = '', $module_class = false) { global $phpbb_root_path, $phpEx; - + $module_class = ($module_class === false) ? $this->module_class : $module_class; $directory = $phpbb_root_path . 'includes/' . $module_class . '/info/'; @@ -539,57 +539,72 @@ class acp_modules if (!$module) { - $dh = @opendir($directory); + global $phpbb_extension_manager; - if (!$dh) - { - return $fileinfo; - } + $finder = $phpbb_extension_manager->get_finder(); + + $modules = $finder + ->extension_suffix('_module') + ->extension_directory("/$module_class") + ->core_path("includes/$module_class/info/") + ->core_prefix($module_class . '_') + ->get_classes(); - while (($file = readdir($dh)) !== false) + foreach ($modules as $module) { - // Is module? - if (preg_match('/^' . $module_class . '_.+\.' . $phpEx . '$/', $file)) - { - $class = str_replace(".$phpEx", '', $file) . '_info'; + $info_class = preg_replace('/_module$/', '_info', $module); - if (!class_exists($class)) + // If the class does not exist it might be following the old + // format. phpbb_acp_info_acp_foo needs to be turned into + // acp_foo_info and the respective file has to be included + // manually because it does not support auto loading + if (!class_exists($info_class)) + { + $info_class = str_replace("phpbb_{$module_class}_info_", '', $module) . '_info'; + if (file_exists($directory . $info_class . '.' . $phpEx)) { - include($directory . $file); + include($directory . $info_class . '.' . $phpEx); } + } - // Get module title tag - if (class_exists($class)) - { - $c_class = new $class(); - $module_info = $c_class->module(); - $fileinfo[str_replace($module_class . '_', '', $module_info['filename'])] = $module_info; - } + if (class_exists($info_class)) + { + $info = new $info_class(); + $module_info = $info->module(); + + $main_class = (isset($module_info['filename'])) ? $module_info['filename'] : $module; + + $fileinfo[$main_class] = $module_info; } } - closedir($dh); ksort($fileinfo); } else { - $filename = $module_class . '_' . basename($module); - $class = $module_class . '_' . basename($module) . '_info'; + $info_class = preg_replace('/_module$/', '_info', $module); - if (!class_exists($class)) + if (!class_exists($info_class)) { - include($directory . $filename . '.' . $phpEx); + if (file_exists($directory . $module . '.' . $phpEx)) + { + include($directory . $module . '.' . $phpEx); + } + $info_class = $module . '_info'; } // Get module title tag - if (class_exists($class)) + if (class_exists($info_class)) { - $c_class = new $class(); - $module_info = $c_class->module(); - $fileinfo[str_replace($module_class . '_', '', $module_info['filename'])] = $module_info; + $info = new $info_class(); + $module_info = $info->module(); + + $main_class = (isset($module_info['filename'])) ? $module_info['filename'] : $module; + + $fileinfo[$main_class] = $module_info; } } - + return $fileinfo; } @@ -721,7 +736,7 @@ class acp_modules // Sanitise for future path use, it's escaped as appropriate for queries $p_class = str_replace(array('.', '/', '\\'), '', basename($this->module_class)); - + $cache->destroy('_modules_' . $p_class); // Additionally remove sql cache diff --git a/phpBB/includes/acp/acp_php_info.php b/phpBB/includes/acp/acp_php_info.php index 03561f3e30..65150a40c5 100644 --- a/phpBB/includes/acp/acp_php_info.php +++ b/phpBB/includes/acp/acp_php_info.php @@ -67,6 +67,9 @@ class acp_php_info $output = preg_replace('#<img border="0"#i', '<img', $output); $output = str_replace(array('class="e"', 'class="v"', 'class="h"', '<hr />', '<font', '</font>'), array('class="row1"', 'class="row2"', '', '', '<span', '</span>'), $output); + // Fix invalid anchor names (eg "module_Zend Optimizer") + $output = preg_replace_callback('#<a name="([^"]+)">#', array($this, 'remove_spaces'), $output); + if (empty($output)) { trigger_error('NO_PHPINFO_AVAILABLE', E_USER_WARNING); @@ -79,4 +82,9 @@ class acp_php_info $template->assign_var('PHPINFO', $output); } + + function remove_spaces($matches) + { + return '<a name="' . str_replace(' ', '_', $matches[1]) . '">'; + } } diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index ca6a5f04d2..a18a01c44a 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -370,6 +370,7 @@ class acp_profile 'field_show_profile'=> 0, 'field_no_view' => 0, 'field_show_on_reg' => 0, + 'field_show_on_pm' => 0, 'field_show_on_vt' => 0, 'lang_name' => utf8_normalize_nfc(request_var('field_ident', '', true)), 'lang_explain' => '', @@ -381,7 +382,7 @@ class acp_profile // $exclude contains the data we gather in each step $exclude = array( - 1 => array('field_ident', 'lang_name', 'lang_explain', 'field_option_none', 'field_show_on_reg', 'field_show_on_vt', 'field_required', 'field_hide', 'field_show_profile', 'field_no_view'), + 1 => array('field_ident', 'lang_name', 'lang_explain', 'field_option_none', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_required', 'field_hide', 'field_show_profile', 'field_no_view'), 2 => array('field_length', 'field_maxlen', 'field_minlen', 'field_validation', 'field_novalue', 'field_default_value'), 3 => array('l_lang_name', 'l_lang_explain', 'l_lang_default_value', 'l_lang_options') ); @@ -407,6 +408,7 @@ class acp_profile $visibility_ary = array( 'field_required', 'field_show_on_reg', + 'field_show_on_pm', 'field_show_on_vt', 'field_show_profile', 'field_hide', @@ -734,6 +736,7 @@ class acp_profile 'S_STEP_ONE' => true, 'S_FIELD_REQUIRED' => ($cp->vars['field_required']) ? true : false, 'S_SHOW_ON_REG' => ($cp->vars['field_show_on_reg']) ? true : false, + 'S_SHOW_ON_PM' => ($cp->vars['field_show_on_pm']) ? true : false, 'S_SHOW_ON_VT' => ($cp->vars['field_show_on_vt']) ? true : false, 'S_FIELD_HIDE' => ($cp->vars['field_hide']) ? true : false, 'S_SHOW_PROFILE' => ($cp->vars['field_show_profile']) ? true : false, @@ -1050,6 +1053,7 @@ class acp_profile 'field_validation' => $cp->vars['field_validation'], 'field_required' => $cp->vars['field_required'], 'field_show_on_reg' => $cp->vars['field_show_on_reg'], + 'field_show_on_pm' => $cp->vars['field_show_on_pm'], 'field_show_on_vt' => $cp->vars['field_show_on_vt'], 'field_hide' => $cp->vars['field_hide'], 'field_show_profile' => $cp->vars['field_show_profile'], diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php index 5c05afbfad..41404db8e9 100644 --- a/phpBB/includes/acp/acp_ranks.php +++ b/phpBB/includes/acp/acp_ranks.php @@ -199,7 +199,7 @@ class acp_ranks 'RANK_TITLE' => (isset($ranks['rank_title'])) ? $ranks['rank_title'] : '', 'S_FILENAME_LIST' => $filename_list, 'RANK_IMAGE' => ($edit_img) ? $phpbb_root_path . $config['ranks_path'] . '/' . $edit_img : $phpbb_admin_path . 'images/spacer.gif', - 'S_SPECIAL_RANK' => (!isset($ranks['rank_special']) || $ranks['rank_special']) ? true : false, + 'S_SPECIAL_RANK' => (isset($ranks['rank_special']) && $ranks['rank_special']) ? true : false, 'MIN_POSTS' => (isset($ranks['rank_min']) && !$ranks['rank_special']) ? $ranks['rank_min'] : 0) ); diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index 27e636ddcc..ab604cd7cd 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -77,7 +77,8 @@ class acp_search continue; } - $name = ucfirst(strtolower(str_replace('_', ' ', $type))); + $name = $search->get_name(); + $selected = ($config['search_type'] == $type) ? ' selected="selected"' : ''; $search_options .= '<option value="' . $type . '"' . $selected . '>' . $name . '</option>'; @@ -275,7 +276,7 @@ class acp_search { trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING); } - $name = ucfirst(strtolower(str_replace('_', ' ', $this->state[0]))); + $name = $this->search->get_name(); $action = &$this->state[1]; @@ -384,17 +385,30 @@ class acp_search AND post_id <= ' . (int) ($post_counter + $this->batch_size); $result = $db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) + $buffer = $db->sql_buffer_nested_transactions(); + + if ($buffer) + { + $rows = $db->sql_fetchrowset($result); + $rows[] = false; // indicate end of array for while loop below + + $db->sql_freeresult($result); + } + + $i = 0; + while ($row = ($buffer ? $rows[$i++] : $db->sql_fetchrow($result))) { - // Indexing enabled for this forum or global announcement? - // Global announcements get indexed by default. - if (!$row['forum_id'] || (isset($forums[$row['forum_id']]) && $forums[$row['forum_id']])) + // Indexing enabled for this forum + if (isset($forums[$row['forum_id']]) && $forums[$row['forum_id']]) { $this->search->index('post', $row['post_id'], $row['post_text'], $row['post_subject'], $row['poster_id'], $row['forum_id']); } $row_count++; } - $db->sql_freeresult($result); + if (!$buffer) + { + $db->sql_freeresult($result); + } $post_counter += $this->batch_size; } @@ -441,7 +455,7 @@ class acp_search continue; } - $name = ucfirst(strtolower(str_replace('_', ' ', $type))); + $name = $search->get_name(); $data = array(); if (method_exists($search, 'index_stats')) @@ -540,27 +554,15 @@ class acp_search function get_search_types() { - global $phpbb_root_path, $phpEx; + global $phpbb_root_path, $phpEx, $phpbb_extension_manager; - $search_types = array(); + $finder = $phpbb_extension_manager->get_finder(); - $dp = @opendir($phpbb_root_path . 'includes/search'); - - if ($dp) - { - while (($file = readdir($dp)) !== false) - { - if ((preg_match('#\.' . $phpEx . '$#', $file)) && ($file != "search.$phpEx")) - { - $search_types[] = preg_replace('#^(.*?)\.' . $phpEx . '$#', '\1', $file); - } - } - closedir($dp); - - sort($search_types); - } - - return $search_types; + return $finder + ->extension_suffix('_backend') + ->extension_directory('/search') + ->core_path('includes/search/') + ->get_classes(); } function get_max_post_id() @@ -597,15 +599,7 @@ class acp_search { global $phpbb_root_path, $phpEx, $user; - if (!preg_match('#^\w+$#', $type) || !file_exists("{$phpbb_root_path}includes/search/$type.$phpEx")) - { - $error = $user->lang['NO_SUCH_SEARCH_MODULE']; - return $error; - } - - include_once("{$phpbb_root_path}includes/search/$type.$phpEx"); - - if (!class_exists($type)) + if (!class_exists($type) || !method_exists($type, 'get_name')) { $error = $user->lang['NO_SUCH_SEARCH_MODULE']; return $error; diff --git a/phpBB/includes/acp/acp_send_statistics.php b/phpBB/includes/acp/acp_send_statistics.php index aef67a8b1a..eb7154d114 100644 --- a/phpBB/includes/acp/acp_send_statistics.php +++ b/phpBB/includes/acp/acp_send_statistics.php @@ -16,8 +16,6 @@ if (!defined('IN_PHPBB')) exit; } -include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx); - /** * @package acp */ @@ -27,7 +25,9 @@ class acp_send_statistics function main($id, $mode) { - global $config, $template, $phpbb_admin_path, $phpEx; + global $config, $template, $phpbb_admin_path, $phpbb_root_path, $phpEx; + + include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx); $collect_url = "http://www.phpbb.com/stats/receive_stats.php"; diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 4f13ee376f..fc9acbbcb8 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -26,8 +26,6 @@ class acp_styles var $style_cfg; var $template_cfg; var $theme_cfg; - var $imageset_cfg; - var $imageset_keys; function main($id, $mode) { @@ -45,7 +43,7 @@ class acp_styles $bitfield->set(9); $bitfield->set(11); $bitfield->set(12); - define('TEMPLATE_BITFIELD', $bitfield->get_base64()); + $this->template_bitfield = $bitfield->get_base64(); unset($bitfield); $user->add_lang('acp/styles'); @@ -58,7 +56,7 @@ class acp_styles $style_id = request_var('id', 0); // Fill the configuration variables - $this->style_cfg = $this->template_cfg = $this->theme_cfg = $this->imageset_cfg = ' + $this->style_cfg = $this->template_cfg = $this->theme_cfg = ' # # phpBB {MODE} configuration file # @@ -83,19 +81,6 @@ copyright = {COPYRIGHT} version = {VERSION} '; - $this->theme_cfg .= ' -# Some configuration options - -# -# You have to turn this option on if you want to use the -# path template variables ({T_IMAGESET_PATH} for example) within -# your css file. -# This is mostly the case if you want to use language specific -# images within your css file. -# -parse_css_file = {PARSE_CSS_FILE} -'; - $this->template_cfg .= ' # Some configuration options @@ -105,33 +90,6 @@ parse_css_file = {PARSE_CSS_FILE} # Templates cannot inherit from inheriting templates. #'; - $this->imageset_keys = array( - 'logos' => array( - 'site_logo', - ), - 'buttons' => array( - 'icon_back_top', 'icon_contact_aim', 'icon_contact_email', 'icon_contact_icq', 'icon_contact_jabber', 'icon_contact_msnm', 'icon_contact_pm', 'icon_contact_yahoo', 'icon_contact_www', 'icon_post_delete', 'icon_post_edit', 'icon_post_info', 'icon_post_quote', 'icon_post_report', 'icon_user_online', 'icon_user_offline', 'icon_user_profile', 'icon_user_search', 'icon_user_warn', 'button_pm_forward', 'button_pm_new', 'button_pm_reply', 'button_topic_locked', 'button_topic_new', 'button_topic_reply', - ), - 'icons' => array( - 'icon_post_target', 'icon_post_target_unread', 'icon_topic_attach', 'icon_topic_latest', 'icon_topic_newest', 'icon_topic_reported', 'icon_topic_unapproved', 'icon_friend', 'icon_foe', - ), - 'forums' => array( - 'forum_link', 'forum_read', 'forum_read_locked', 'forum_read_subforum', 'forum_unread', 'forum_unread_locked', 'forum_unread_subforum', 'subforum_read', 'subforum_unread' - ), - 'folders' => array( - 'topic_moved', 'topic_read', 'topic_read_mine', 'topic_read_hot', 'topic_read_hot_mine', 'topic_read_locked', 'topic_read_locked_mine', 'topic_unread', 'topic_unread_mine', 'topic_unread_hot', 'topic_unread_hot_mine', 'topic_unread_locked', 'topic_unread_locked_mine', 'sticky_read', 'sticky_read_mine', 'sticky_read_locked', 'sticky_read_locked_mine', 'sticky_unread', 'sticky_unread_mine', 'sticky_unread_locked', 'sticky_unread_locked_mine', 'announce_read', 'announce_read_mine', 'announce_read_locked', 'announce_read_locked_mine', 'announce_unread', 'announce_unread_mine', 'announce_unread_locked', 'announce_unread_locked_mine', 'global_read', 'global_read_mine', 'global_read_locked', 'global_read_locked_mine', 'global_unread', 'global_unread_mine', 'global_unread_locked', 'global_unread_locked_mine', 'pm_read', 'pm_unread', - ), - 'polls' => array( - 'poll_left', 'poll_center', 'poll_right', - ), - 'ui' => array( - 'upload_bar', - ), - 'user' => array( - 'user_icon1', 'user_icon2', 'user_icon3', 'user_icon4', 'user_icon5', 'user_icon6', 'user_icon7', 'user_icon8', 'user_icon9', 'user_icon10', - ), - ); - // Execute overall actions switch ($action) { @@ -174,8 +132,6 @@ parse_css_file = {PARSE_CSS_FILE} { switch ($mode) { - case 'imageset': - return $this->edit_imageset($style_id); case 'template': return $this->edit_template($style_id); case 'theme': @@ -251,7 +207,7 @@ parse_css_file = {PARSE_CSS_FILE} switch ($action) { - // Refresh template data stored in db and clear cache + // Clear cache case 'refresh': $sql = 'SELECT * @@ -268,49 +224,13 @@ parse_css_file = {PARSE_CSS_FILE} if (confirm_box(true)) { - $template_refreshed = ''; - - // Only refresh database if the template is stored in the database - if ($template_row['template_storedb'] && file_exists("{$phpbb_root_path}styles/{$template_row['template_path']}/template/")) - { - $filelist = array('' => array()); - - $sql = 'SELECT template_filename, template_mtime - FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $style_id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { -// if (@filemtime("{$phpbb_root_path}styles/{$template_row['template_path']}/template/" . $row['template_filename']) > $row['template_mtime']) -// { - // get folder info from the filename - if (($slash_pos = strrpos($row['template_filename'], '/')) === false) - { - $filelist[''][] = $row['template_filename']; - } - else - { - $filelist[substr($row['template_filename'], 0, $slash_pos + 1)][] = substr($row['template_filename'], $slash_pos + 1, strlen($row['template_filename']) - $slash_pos - 1); - } -// } - } - $db->sql_freeresult($result); - - $this->store_templates('update', $style_id, $template_row['template_path'], $filelist); - unset($filelist); - - $template_refreshed = $user->lang['TEMPLATE_REFRESHED'] . '<br />'; - add_log('admin', 'LOG_TEMPLATE_REFRESHED', $template_row['template_name']); - } - $this->clear_template_cache($template_row); - trigger_error($template_refreshed . $user->lang['TEMPLATE_CACHE_CLEARED'] . adm_back_link($this->u_action)); + trigger_error($user->lang['TEMPLATE_CACHE_CLEARED'] . adm_back_link($this->u_action)); } else { - confirm_box(false, ($template_row['template_storedb']) ? $user->lang['CONFIRM_TEMPLATE_REFRESH'] : $user->lang['CONFIRM_TEMPLATE_CLEAR_CACHE'], build_hidden_fields(array( + confirm_box(false, $user->lang['CONFIRM_TEMPLATE_CLEAR_CACHE'], build_hidden_fields(array( 'i' => $id, 'mode' => $mode, 'action' => $action, @@ -325,208 +245,7 @@ parse_css_file = {PARSE_CSS_FILE} break; case 'theme': - - switch ($action) - { - // Refresh theme data stored in the database - case 'refresh': - - $sql = 'SELECT * - FROM ' . STYLES_THEME_TABLE . " - WHERE theme_id = $style_id"; - $result = $db->sql_query($sql); - $theme_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$theme_row) - { - trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - if (!$theme_row['theme_storedb']) - { - trigger_error($user->lang['THEME_ERR_REFRESH_FS'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - if (confirm_box(true)) - { - if ($theme_row['theme_storedb'] && file_exists("{$phpbb_root_path}styles/{$theme_row['theme_path']}/theme/stylesheet.css")) - { - // Save CSS contents - $sql_ary = array( - 'theme_mtime' => (int) filemtime("{$phpbb_root_path}styles/{$theme_row['theme_path']}/theme/stylesheet.css"), - 'theme_data' => $this->db_theme_data($theme_row) - ); - - $sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE theme_id = $style_id"; - $db->sql_query($sql); - - $cache->destroy('sql', STYLES_THEME_TABLE); - - add_log('admin', 'LOG_THEME_REFRESHED', $theme_row['theme_name']); - trigger_error($user->lang['THEME_REFRESHED'] . adm_back_link($this->u_action)); - } - } - else - { - confirm_box(false, $user->lang['CONFIRM_THEME_REFRESH'], build_hidden_fields(array( - 'i' => $id, - 'mode' => $mode, - 'action' => $action, - 'id' => $style_id - ))); - } - break; - } - - $this->frontend('theme', array('edit', 'details'), array('refresh', 'export', 'delete')); - break; - - case 'imageset': - - switch ($action) - { - case 'refresh': - - $sql = 'SELECT * - FROM ' . STYLES_IMAGESET_TABLE . " - WHERE imageset_id = $style_id"; - $result = $db->sql_query($sql); - $imageset_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$imageset_row) - { - trigger_error($user->lang['NO_IMAGESET'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - if (confirm_box(true)) - { - $sql_ary = array(); - - $imageset_definitions = array(); - foreach ($this->imageset_keys as $topic => $key_array) - { - $imageset_definitions = array_merge($imageset_definitions, $key_array); - } - - $cfg_data_imageset = parse_cfg_file("{$phpbb_root_path}styles/{$imageset_row['imageset_path']}/imageset/imageset.cfg"); - - $db->sql_transaction('begin'); - - $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . ' - WHERE imageset_id = ' . $style_id; - $result = $db->sql_query($sql); - - foreach ($cfg_data_imageset as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - if (in_array($image_name, $imageset_definitions)) - { - $sql_ary[] = array( - 'image_name' => (string) $image_name, - 'image_filename' => (string) $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $style_id, - 'image_lang' => '', - ); - } - } - } - - $sql = 'SELECT lang_dir - FROM ' . LANG_TABLE; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (@file_exists("{$phpbb_root_path}styles/{$imageset_row['imageset_path']}/imageset/{$row['lang_dir']}/imageset.cfg")) - { - $cfg_data_imageset_data = parse_cfg_file("{$phpbb_root_path}styles/{$imageset_row['imageset_path']}/imageset/{$row['lang_dir']}/imageset.cfg"); - foreach ($cfg_data_imageset_data as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - if (in_array($image_name, $imageset_definitions)) - { - $sql_ary[] = array( - 'image_name' => (string) $image_name, - 'image_filename' => (string) $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $style_id, - 'image_lang' => (string) $row['lang_dir'], - ); - } - } - } - } - } - $db->sql_freeresult($result); - - $db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary); - - $db->sql_transaction('commit'); - - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - - add_log('admin', 'LOG_IMAGESET_REFRESHED', $imageset_row['imageset_name']); - trigger_error($user->lang['IMAGESET_REFRESHED'] . adm_back_link($this->u_action)); - } - else - { - confirm_box(false, $user->lang['CONFIRM_IMAGESET_REFRESH'], build_hidden_fields(array( - 'i' => $id, - 'mode' => $mode, - 'action' => $action, - 'id' => $style_id - ))); - } - break; - } - - $this->frontend('imageset', array('edit', 'details'), array('refresh', 'export', 'delete')); + $this->frontend('theme', array('edit', 'details'), array('export', 'delete')); break; } } @@ -566,10 +285,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $l_prefix = strtoupper($mode); @@ -716,10 +431,10 @@ parse_css_file = {PARSE_CSS_FILE} $save_changes = (isset($_POST['save'])) ? true : false; // make sure template_file path doesn't go upwards - $template_file = str_replace('..', '.', $template_file); + $template_file = preg_replace('#\.{2,}#', '.', $template_file); // Retrieve some information about the template - $sql = 'SELECT template_storedb, template_path, template_name + $sql = 'SELECT template_path, template_name FROM ' . STYLES_TEMPLATE_TABLE . " WHERE template_id = $template_id"; $result = $db->sql_query($sql); @@ -731,6 +446,32 @@ parse_css_file = {PARSE_CSS_FILE} trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); } + // Get the filesystem location of the current file + $template_path = "{$phpbb_root_path}styles/{$template_info['template_path']}/template"; + $file = "$template_path/$template_file"; + + if ($template_file) + { + $l_not_writable = sprintf($user->lang['TEMPLATE_FILE_NOT_WRITABLE'], htmlspecialchars($template_file)) . adm_back_link($this->u_action); + + if ($safe_mode) + { + trigger_error($l_not_writable, E_USER_WARNING); + } + + if (file_exists($file) && is_file($file) && is_readable($file)) + { + if (!phpbb_is_writable($file)) + { + trigger_error($l_not_writable, E_USER_WARNING); + } + } + else + { + trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); + } + } + if ($save_changes && !check_form_key('acp_styles')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); @@ -743,50 +484,14 @@ parse_css_file = {PARSE_CSS_FILE} // save changes to the template if the user submitted any if ($save_changes && $template_file) { - // Get the filesystem location of the current file - $file = "{$phpbb_root_path}styles/{$template_info['template_path']}/template/$template_file"; - $additional = ''; - - // If the template is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && phpbb_is_writable($file)) + // Try to write the file + if (!($fp = @fopen($file, 'wb'))) { - if (!($fp = @fopen($file, 'wb'))) - { - // File exists and is writeable, but still not able to be written to - trigger_error(sprintf($user->lang['TEMPLATE_FILE_NOT_WRITABLE'], htmlspecialchars($template_file)) . adm_back_link($this->u_action), E_USER_WARNING); - } - fwrite($fp, $template_data); - fclose($fp); - } - else - { - $db->sql_transaction('begin'); - - // If it's not stored in the db yet, then update the template setting and store all template files in the db - if (!$template_info['template_storedb']) - { - if ($super = $this->get_super('template', $template_id)) - { - $this->store_in_db('template', $super['template_id']); - } - else - { - $this->store_in_db('template', $template_id); - } - - add_log('admin', 'LOG_TEMPLATE_EDIT_DETAILS', $template_info['template_name']); - $additional .= '<br />' . $user->lang['EDIT_TEMPLATE_STORED_DB']; - } - - // Update the template_data table entry for this template file - $sql = 'UPDATE ' . STYLES_TEMPLATE_DATA_TABLE . " - SET template_data = '" . $db->sql_escape($template_data) . "', template_mtime = " . time() . " - WHERE template_id = $template_id - AND template_filename = '" . $db->sql_escape($template_file) . "'"; - $db->sql_query($sql); - - $db->sql_transaction('commit'); + // File exists and is writeable, but still not able to be written to + trigger_error($l_not_writable, E_USER_WARNING); } + fwrite($fp, $template_data); + fclose($fp); // destroy the cached version of the template (filename without extension) $this->clear_template_cache($template_info, array(substr($template_file, 0, -5))); @@ -794,56 +499,22 @@ parse_css_file = {PARSE_CSS_FILE} $cache->destroy('sql', STYLES_TABLE); add_log('admin', 'LOG_TEMPLATE_EDIT', $template_info['template_name'], $template_file); - trigger_error($user->lang['TEMPLATE_FILE_UPDATED'] . $additional . adm_back_link($this->u_action . "&action=edit&id=$template_id&text_rows=$text_rows&template_file=$template_file")); + trigger_error($user->lang['TEMPLATE_FILE_UPDATED'] . adm_back_link($this->u_action . "&action=edit&id=$template_id&text_rows=$text_rows&template_file=$template_file")); } // Generate a category array containing template filenames - if (!$template_info['template_storedb']) - { - $template_path = "{$phpbb_root_path}styles/{$template_info['template_path']}/template"; - $filelist = filelist($template_path, '', 'html'); - $filelist[''] = array_diff($filelist[''], array('bbcode.html')); + $filelist = filelist($template_path, '', 'html'); + $filelist[''] = array_diff($filelist[''], array('bbcode.html')); - if ($template_file) - { - if (!file_exists($template_path . "/$template_file") || !($template_data = file_get_contents($template_path . "/$template_file"))) - { - trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); - } - } - } - else + if ($template_file) { - $sql = 'SELECT * - FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $template_id"; - $result = $db->sql_query($sql); + $template_data = file_get_contents($file); - $filelist = array('' => array()); - while ($row = $db->sql_fetchrow($result)) + if (!$template_data) { - $file_info = pathinfo($row['template_filename']); - - if (($file_info['basename'] != 'bbcode') && ($file_info['extension'] == 'html')) - { - if (($file_info['dirname'] == '.') || empty($file_info['dirname'])) - { - $filelist[''][] = $row['template_filename']; - } - else - { - $filelist[$file_info['dirname'] . '/'][] = $file_info['basename']; - } - } - - if ($row['template_filename'] == $template_file) - { - $template_data = $row['template_data']; - } + trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); } - $db->sql_freeresult($result); - unset($file_info); } if (empty($filelist[''])) @@ -1014,35 +685,6 @@ parse_css_file = {PARSE_CSS_FILE} adm_page_footer(); } - $filemtime = array(); - if ($template_row['template_storedb']) - { - $ids = array(); - if (isset($template_row['template_inherits_id']) && $template_row['template_inherits_id']) - { - $ids[] = $template_row['template_inherits_id']; - } - $ids[] = $template_row['template_id']; - - $filemtime = array(); - $file_template_db = array(); - - foreach ($ids as $id) - { - $sql = 'SELECT template_filename, template_mtime - FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $filemtime[$row['template_filename']] = $row['template_mtime']; - $file_template_db[$row['template_filename']] = $id; - } - $db->sql_freeresult($result); - } - } - // Get a list of cached template files and then retrieve additional information about them $file_ary = $this->template_cache_filelist($template_row['template_path']); @@ -1065,30 +707,10 @@ parse_css_file = {PARSE_CSS_FILE} $file_tpl = "{$phpbb_root_path}styles/{$template_row['template_path']}/template/$tpl_file.html"; $inherited = false; - if (isset($template_row['template_inherits_id']) && $template_row['template_inherits_id']) - { - if (!$template_row['template_storedb']) - { - if (!file_exists($file_tpl)) - { - $file_tpl = "{$phpbb_root_path}styles/{$template_row['template_inherit_path']}/template/$tpl_file.html"; - $inherited = true; - } - } - else - { - if ($file_template_db[$file . '.html'] == $template_row['template_inherits_id']) - { - $file_tpl = "{$phpbb_root_path}styles/{$template_row['template_inherit_path']}/template/$tpl_file.html"; - $inherited = true; - } - } - } - - // Correct the filename if it is stored in database and the file is in a subfolder. - if ($template_row['template_storedb']) + if (isset($template_row['template_inherits_id']) && $template_row['template_inherits_id'] && !file_exists($file_tpl)) { - $file = str_replace('.', '/', $file); + $file_tpl = "{$phpbb_root_path}styles/{$template_row['template_inherit_path']}/template/$tpl_file.html"; + $inherited = true; } $template->assign_block_vars('file', array( @@ -1098,10 +720,9 @@ parse_css_file = {PARSE_CSS_FILE} 'FILENAME' => $file, 'FILENAME_PATH' => $file_tpl, 'FILESIZE' => get_formatted_filesize(filesize("{$phpbb_root_path}cache/$filename")), - 'MODIFIED' => $user->format_date((!$template_row['template_storedb']) ? filemtime($file_tpl) : $filemtime[$file . '.html'])) - ); + 'MODIFIED' => $user->format_date(filemtime($file_tpl)), + )); } - unset($filemtime); $template->assign_vars(array( 'S_CACHE' => true, @@ -1135,7 +756,7 @@ parse_css_file = {PARSE_CSS_FILE} $theme_file = str_replace('..', '.', $theme_file); // Retrieve some information about the theme - $sql = 'SELECT theme_storedb, theme_path, theme_name, theme_data + $sql = 'SELECT theme_path, theme_name FROM ' . STYLES_THEME_TABLE . " WHERE theme_id = $theme_id"; $result = $db->sql_query($sql); @@ -1146,71 +767,62 @@ parse_css_file = {PARSE_CSS_FILE} } $db->sql_freeresult($result); - // save changes to the theme if the user submitted any - if ($save_changes) + // Get the filesystem location of the current file + $theme_path = "{$phpbb_root_path}styles/{$theme_info['theme_path']}/theme"; + $file = "$theme_path/$theme_file"; + + if ($theme_file) { - // Get the filesystem location of the current file - $file = "{$phpbb_root_path}styles/{$theme_info['theme_path']}/theme/$theme_file"; - $additional = ''; - $message = $user->lang['THEME_UPDATED']; + $l_not_writable = sprintf($user->lang['THEME_FILE_NOT_WRITABLE'], htmlspecialchars($theme_file)) . adm_back_link($this->u_action); - // If the theme is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && phpbb_is_writable($file)) + if ($safe_mode) { - if (!($fp = @fopen($file, 'wb'))) + trigger_error($l_not_writable, E_USER_WARNING); + } + + if (file_exists($file) && is_file($file) && is_readable($file)) + { + if (!phpbb_is_writable($file)) { - trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); + trigger_error($l_not_writable, E_USER_WARNING); } - fwrite($fp, $theme_data); - fclose($fp); } else { - // Write stylesheet to db - $sql_ary = array( - 'theme_mtime' => time(), - 'theme_storedb' => 1, - 'theme_data' => $this->db_theme_data($theme_info, $theme_data), - ); - $sql = 'UPDATE ' . STYLES_THEME_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' - WHERE theme_id = ' . $theme_id; - $db->sql_query($sql); + trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); + } + } - $cache->destroy('sql', STYLES_THEME_TABLE); + // save changes to the theme if the user submitted any + if ($save_changes && $theme_file) + { + $message = $user->lang['THEME_UPDATED']; - // notify the user if the theme was not stored in the db before his modification - if (!$theme_info['theme_storedb']) - { - add_log('admin', 'LOG_THEME_EDIT_DETAILS', $theme_info['theme_name']); - $message .= '<br />' . $user->lang['EDIT_THEME_STORED_DB']; - } + if (!($fp = @fopen($file, 'wb'))) + { + trigger_error($l_not_writable, E_USER_WARNING); } + fwrite($fp, $theme_data); + fclose($fp); + $cache->destroy('sql', STYLES_THEME_TABLE); - add_log('admin', (!$theme_info['theme_storedb']) ? 'LOG_THEME_EDIT_FILE' : 'LOG_THEME_EDIT', $theme_info['theme_name'], (!$theme_info['theme_storedb']) ? $theme_file : ''); + add_log('admin', 'LOG_THEME_EDIT_FILE', $theme_info['theme_name'], $theme_file); trigger_error($message . adm_back_link($this->u_action . "&action=edit&id=$theme_id&template_file=$theme_file&text_rows=$text_rows")); } // Generate a category array containing theme filenames - if (!$theme_info['theme_storedb']) - { - $theme_path = "{$phpbb_root_path}styles/{$theme_info['theme_path']}/theme"; + $filelist = filelist($theme_path, '', 'css'); - $filelist = filelist($theme_path, '', 'css'); + if ($theme_file) + { + $theme_data = file_get_contents($file); - if ($theme_file) + if (!$theme_data) { - if (!file_exists($theme_path . "/$theme_file") || !($theme_data = file_get_contents($theme_path . "/$theme_file"))) - { - trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); - } + trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); } } - else - { - $theme_data = &$theme_info['theme_data']; - } // Now create the categories $filelist_cats[''] = array(); @@ -1273,7 +885,6 @@ parse_css_file = {PARSE_CSS_FILE} $template->assign_vars(array( 'S_EDIT_THEME' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields(array('template_file' => $theme_file)), - 'S_THEME_IN_DB' => $theme_info['theme_storedb'], 'S_TEMPLATES' => $tpl_options, 'U_ACTION' => $this->u_action . "&action=edit&id=$theme_id&text_rows=$text_rows", @@ -1291,289 +902,12 @@ parse_css_file = {PARSE_CSS_FILE} 'SELECTED_TEMPLATE' => $theme_info['theme_name'], 'TEMPLATE_FILE' => $theme_file, 'TEMPLATE_DATA' => utf8_htmlspecialchars($theme_data), - 'TEXT_ROWS' => $text_rows) - ); - } - - /** - * Edit imagesets - * - * @param int $imageset_id specifies which imageset is being edited - */ - function edit_imageset($imageset_id) - { - global $db, $user, $phpbb_root_path, $cache, $template; - - $this->page_title = 'EDIT_IMAGESET'; - - if (!$imageset_id) - { - trigger_error($user->lang['NO_IMAGESET'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - $update = (isset($_POST['update'])) ? true : false; - - $imgname = request_var('imgname', 'site_logo'); - $imgname = preg_replace('#[^a-z0-9\-+_]#i', '', $imgname); - $sql_extra = $imgnamelang = ''; - - $sql = 'SELECT imageset_path, imageset_name - FROM ' . STYLES_IMAGESET_TABLE . " - WHERE imageset_id = $imageset_id"; - $result = $db->sql_query($sql); - $imageset_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$imageset_row) - { - trigger_error($user->lang['NO_IMAGESET'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - $imageset_path = $imageset_row['imageset_path']; - $imageset_name = $imageset_row['imageset_name']; - - if (strpos($imgname, '-') !== false) - { - list($imgname, $imgnamelang) = explode('-', $imgname); - $sql_extra = " AND image_lang IN ('" . $db->sql_escape($imgnamelang) . "', '')"; - } - - $sql = 'SELECT image_filename, image_width, image_height, image_lang, image_id - FROM ' . STYLES_IMAGESET_DATA_TABLE . " - WHERE imageset_id = $imageset_id - AND image_name = '" . $db->sql_escape($imgname) . "'$sql_extra"; - $result = $db->sql_query($sql); - $imageset_data_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $image_filename = $imageset_data_row['image_filename']; - $image_width = $imageset_data_row['image_width']; - $image_height = $imageset_data_row['image_height']; - $image_lang = $imageset_data_row['image_lang']; - $image_id = $imageset_data_row['image_id']; - $imgsize = ($imageset_data_row['image_width'] && $imageset_data_row['image_height']) ? 1 : 0; - - // Check to see whether the selected image exists in the table - $valid_name = ($update) ? false : true; - - foreach ($this->imageset_keys as $category => $img_ary) - { - if (in_array($imgname, $img_ary)) - { - $valid_name = true; - break; - } - } - - if ($update && isset($_POST['imgpath']) && $valid_name) - { - // If imgwidth and imgheight are non-zero grab the actual size - // from the image itself ... we ignore width settings for the poll center image - $imgwidth = request_var('imgwidth', 0); - $imgheight = request_var('imgheight', 0); - $imgsize = request_var('imgsize', 0); - $imgpath = request_var('imgpath', ''); - $imgpath = str_replace('..', '.', $imgpath); - - // If no dimensions selected, we reset width and height to 0 ;) - if (!$imgsize) - { - $imgwidth = $imgheight = 0; - } - - $imglang = ''; - - if ($imgpath && !file_exists("{$phpbb_root_path}styles/$imageset_path/imageset/$imgpath")) - { - trigger_error($user->lang['NO_IMAGE_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - // Determine width/height. If dimensions included and no width/height given, we detect them automatically... - if ($imgsize && $imgpath) - { - if (!$imgwidth || !$imgheight) - { - list($imgwidth_file, $imgheight_file) = getimagesize("{$phpbb_root_path}styles/$imageset_path/imageset/$imgpath"); - $imgwidth = ($imgwidth) ? $imgwidth : $imgwidth_file; - $imgheight = ($imgheight) ? $imgheight : $imgheight_file; - } - $imgwidth = ($imgname != 'poll_center') ? (int) $imgwidth : 0; - $imgheight = (int) $imgheight; - } - - if (strpos($imgpath, '/') !== false) - { - list($imglang, $imgfilename) = explode('/', $imgpath); - } - else - { - $imgfilename = $imgpath; - } - - $sql_ary = array( - 'image_filename' => (string) $imgfilename, - 'image_width' => (int) $imgwidth, - 'image_height' => (int) $imgheight, - 'image_lang' => (string) $imglang, - ); - - // already exists - if ($imageset_data_row) - { - $sql = 'UPDATE ' . STYLES_IMAGESET_DATA_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE image_id = $image_id"; - $db->sql_query($sql); - } - // does not exist - else if (!$imageset_data_row) - { - $sql_ary['image_name'] = $imgname; - $sql_ary['imageset_id'] = (int) $imageset_id; - $db->sql_query('INSERT INTO ' . STYLES_IMAGESET_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); - } - - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - - add_log('admin', 'LOG_IMAGESET_EDIT', $imageset_name); - - $template->assign_var('SUCCESS', true); - - $image_filename = $imgfilename; - $image_width = $imgwidth; - $image_height = $imgheight; - $image_lang = $imglang; - } - - $imglang = ''; - $imagesetlist = array('nolang' => array(), 'lang' => array()); - $langs = array(); - - $dir = "{$phpbb_root_path}styles/$imageset_path/imageset"; - $dp = @opendir($dir); - - if ($dp) - { - while (($file = readdir($dp)) !== false) - { - if ($file[0] != '.' && strtoupper($file) != 'CVS' && !is_file($dir . '/' . $file) && !is_link($dir . '/' . $file)) - { - $langs[] = $file; - } - else if (preg_match('#\.(?:gif|jpg|png)$#', $file)) - { - $imagesetlist['nolang'][] = $file; - } - } - - if ($sql_extra) - { - $dp2 = @opendir("$dir/$imgnamelang"); - - if ($dp2) - { - while (($file2 = readdir($dp2)) !== false) - { - if (preg_match('#\.(?:gif|jpg|png)$#', $file2)) - { - $imagesetlist['lang'][] = "$imgnamelang/$file2"; - } - } - closedir($dp2); - } - } - closedir($dp); - } - - // Generate list of image options - $img_options = ''; - foreach ($this->imageset_keys as $category => $img_ary) - { - $template->assign_block_vars('category', array( - 'NAME' => $user->lang['IMG_CAT_' . strtoupper($category)] - )); - - foreach ($img_ary as $img) - { - if ($category == 'buttons') - { - foreach ($langs as $language) - { - $template->assign_block_vars('category.images', array( - 'SELECTED' => ($img == $imgname && $language == $imgnamelang), - 'VALUE' => $img . '-' . $language, - 'TEXT' => $user->lang['IMG_' . strtoupper($img)] . ' [ ' . $language . ' ]' - )); - } - } - else - { - $template->assign_block_vars('category.images', array( - 'SELECTED' => ($img == $imgname), - 'VALUE' => $img, - 'TEXT' => (($category == 'custom') ? $img : $user->lang['IMG_' . strtoupper($img)]) - )); - } - } - } - - // Make sure the list of possible images is sorted alphabetically - sort($imagesetlist['lang']); - sort($imagesetlist['nolang']); - - $image_found = false; - $img_val = ''; - foreach ($imagesetlist as $type => $img_ary) - { - if ($type !== 'lang' || $sql_extra) - { - $template->assign_block_vars('imagesetlist', array( - 'TYPE' => ($type == 'lang') - )); - } - - foreach ($img_ary as $img) - { - $imgtext = preg_replace('/^([^\/]+\/)/', '', $img); - $selected = (!empty($imgname) && strpos($image_filename, $imgtext) !== false); - if ($selected) - { - $image_found = true; - $img_val = htmlspecialchars($img); - } - $template->assign_block_vars('imagesetlist.images', array( - 'SELECTED' => $selected, - 'TEXT' => $imgtext, - 'VALUE' => htmlspecialchars($img) - )); - } - } - - $imgsize_bool = (!empty($imgname) && $image_width && $image_height) ? true : false; - $image_request = '../styles/' . $imageset_path . '/imageset/' . ($image_lang ? $imgnamelang . '/' : '') . $image_filename; - - $template->assign_vars(array( - 'S_EDIT_IMAGESET' => true, - 'L_TITLE' => $user->lang[$this->page_title], - 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'], - 'IMAGE_OPTIONS' => $img_options, - 'IMAGE_SIZE' => $image_width, - 'IMAGE_HEIGHT' => $image_height, - 'IMAGE_REQUEST' => (empty($image_filename)) ? 'images/no_image.png' : $image_request, - 'U_ACTION' => $this->u_action . "&action=edit&id=$imageset_id", - 'U_BACK' => $this->u_action, - 'NAME' => $imageset_name, - 'A_NAME' => addslashes($imageset_name), - 'PATH' => $imageset_path, - 'A_PATH' => addslashes($imageset_path), - 'ERROR' => !$valid_name, - 'IMG_SRC' => ($image_found) ? '../styles/' . $imageset_path . '/imageset/' . $img_val : 'images/no_image.png', - 'IMAGE_SELECT' => $image_found + 'TEXT_ROWS' => $text_rows, )); } /** - * Remove style/template/theme/imageset + * Remove style/template/theme */ function remove($mode, $style_id) { @@ -1587,23 +921,18 @@ parse_css_file = {PARSE_CSS_FILE} { case 'style': $sql_from = STYLES_TABLE; - $sql_select = 'style_id, style_name, template_id, theme_id, imageset_id'; + $sql_select = 'style_id, style_name, template_id, theme_id'; $sql_where = 'AND style_active = 1'; break; case 'template': $sql_from = STYLES_TEMPLATE_TABLE; - $sql_select = 'template_id, template_name, template_path, template_storedb'; + $sql_select = 'template_id, template_name, template_path'; break; case 'theme': $sql_from = STYLES_THEME_TABLE; - $sql_select = 'theme_id, theme_name, theme_path, theme_storedb'; - break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - $sql_select = 'imageset_id, imageset_name, imageset_path'; + $sql_select = 'theme_id, theme_name, theme_path'; break; } @@ -1657,7 +986,7 @@ parse_css_file = {PARSE_CSS_FILE} } // Remove the components - $components = array('template', 'theme', 'imageset'); + $components = array('template', 'theme'); foreach ($components as $component) { $new_id = request_var('new_' . $component . '_id', 0); @@ -1706,7 +1035,7 @@ parse_css_file = {PARSE_CSS_FILE} } /** - * Remove template/theme/imageset entry from the database + * Remove template/theme entry from the database */ function remove_component($component, $component_id, $new_id, $style_id = false) { @@ -1730,13 +1059,6 @@ parse_css_file = {PARSE_CSS_FILE} return; } - if ($component == 'imageset') - { - $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . " - WHERE imageset_id = $component_id"; - $db->sql_query($sql); - } - switch ($component) { case 'template': @@ -1746,10 +1068,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE;; - break; } $sql = "DELETE FROM $sql_from @@ -1763,7 +1081,7 @@ parse_css_file = {PARSE_CSS_FILE} } /** - * Display the options which can be used to replace a style/template/theme/imageset + * Display the options which can be used to replace a style/template/theme */ function display_component_options($component, $component_id, $style_row = false, $style_id = false) { @@ -1791,10 +1109,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $s_options = ''; @@ -1843,7 +1157,7 @@ parse_css_file = {PARSE_CSS_FILE} $template->assign_var('S_REPLACE_OPTIONS', $s_options); if ($component == 'style') { - $components = array('template', 'theme', 'imageset'); + $components = array('template', 'theme'); foreach ($components as $component) { $this->display_component_options($component, $style_row[$component . '_id'], false, $component_id, true); @@ -1905,7 +1219,6 @@ parse_css_file = {PARSE_CSS_FILE} $inc_template = request_var('inc_template', 0); $inc_theme = request_var('inc_theme', 0); - $inc_imageset = request_var('inc_imageset', 0); $store = request_var('store', 0); $format = request_var('format', ''); @@ -1931,7 +1244,7 @@ parse_css_file = {PARSE_CSS_FILE} switch ($mode) { case 'style': - if ($update && ($inc_template + $inc_theme + $inc_imageset) < 1) + if ($update && ($inc_template + $inc_theme) < 1) { $error[] = $user->lang['STYLE_ERR_MORE_ELEMENTS']; } @@ -1941,9 +1254,8 @@ parse_css_file = {PARSE_CSS_FILE} $sql_select = 's.style_id, s.style_name, s.style_copyright'; $sql_select .= ($inc_template) ? ', t.*' : ', t.template_name'; $sql_select .= ($inc_theme) ? ', c.*' : ', c.theme_name'; - $sql_select .= ($inc_imageset) ? ', i.*' : ', i.imageset_name'; - $sql_from = STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i'; - $sql_where = "s.style_id = $style_id AND t.template_id = s.template_id AND c.theme_id = s.theme_id AND i.imageset_id = s.imageset_id"; + $sql_from = STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c'; + $sql_where = "s.style_id = $style_id AND t.template_id = s.template_id AND c.theme_id = s.theme_id"; $l_prefix = 'STYLE'; break; @@ -1967,16 +1279,6 @@ parse_css_file = {PARSE_CSS_FILE} $l_prefix = 'THEME'; break; - - case 'imageset': - $name = 'imageset_name'; - - $sql_select = '*'; - $sql_from = STYLES_IMAGESET_TABLE; - $sql_where = "imageset_id = $style_id"; - - $l_prefix = 'IMAGESET'; - break; } if ($update && !sizeof($error)) @@ -1993,7 +1295,7 @@ parse_css_file = {PARSE_CSS_FILE} trigger_error($user->lang['NO_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING); } - $var_ary = array('style_id', 'style_name', 'style_copyright', 'template_id', 'template_name', 'template_path', 'template_copyright', 'template_storedb', 'template_inherits_id', 'bbcode_bitfield', 'theme_id', 'theme_name', 'theme_path', 'theme_copyright', 'theme_storedb', 'theme_mtime', 'theme_data', 'imageset_id', 'imageset_name', 'imageset_path', 'imageset_copyright'); + $var_ary = array('style_id', 'style_name', 'style_copyright', 'template_id', 'template_name', 'template_path', 'template_copyright', 'template_inherits_id', 'bbcode_bitfield', 'theme_id', 'theme_name', 'theme_path', 'theme_copyright'); foreach ($var_ary as $var) { @@ -2011,7 +1313,6 @@ parse_css_file = {PARSE_CSS_FILE} $style_cfg .= (!$inc_template) ? "\nrequired_template = {$style_row['template_name']}" : ''; $style_cfg .= (!$inc_theme) ? "\nrequired_theme = {$style_row['theme_name']}" : ''; - $style_cfg .= (!$inc_imageset) ? "\nrequired_imageset = {$style_row['imageset_name']}" : ''; $data[] = array( 'src' => $style_cfg, @@ -2049,31 +1350,12 @@ parse_css_file = {PARSE_CSS_FILE} ); // This is potentially nasty memory-wise ... - if (!$style_row['template_storedb']) - { - $files[] = array( - 'src' => "styles/{$style_row['template_path']}/template/", - 'prefix-' => "styles/{$style_row['template_path']}/", - 'prefix+' => false, - 'exclude' => 'template.cfg' - ); - } - else - { - $sql = 'SELECT template_filename, template_data - FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = {$style_row['template_id']}"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $data[] = array( - 'src' => $row['template_data'], - 'prefix' => 'template/' . $row['template_filename'] - ); - } - $db->sql_freeresult($result); - } + $files[] = array( + 'src' => "styles/{$style_row['template_path']}/template/", + 'prefix-' => "styles/{$style_row['template_path']}/", + 'prefix+' => false, + 'exclude' => 'template.cfg' + ); unset($template_cfg); } @@ -2086,130 +1368,21 @@ parse_css_file = {PARSE_CSS_FILE} $items = $cache->obtain_cfg_items($style_row); $items = $items['theme']; - if (!isset($items['parse_css_file'])) - { - $items['parse_css_file'] = 'off'; - } - - $theme_cfg = str_replace(array('{PARSE_CSS_FILE}'), array($items['parse_css_file']), $theme_cfg); - $files[] = array( 'src' => "styles/{$style_row['theme_path']}/theme/", 'prefix-' => "styles/{$style_row['theme_path']}/", 'prefix+' => false, - 'exclude' => ($style_row['theme_storedb']) ? 'stylesheet.css,theme.cfg' : 'theme.cfg' + 'exclude' => 'theme.cfg', ); $data[] = array( 'src' => $theme_cfg, - 'prefix' => 'theme/theme.cfg' + 'prefix' => 'theme/theme.cfg', ); - if ($style_row['theme_storedb']) - { - $data[] = array( - 'src' => $style_row['theme_data'], - 'prefix' => 'theme/stylesheet.css' - ); - } - unset($items, $theme_cfg); } - // Export imageset core code - if ($mode == 'imageset' || $inc_imageset) - { - $imageset_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}'), array($mode, $style_row['imageset_name'], $style_row['imageset_copyright'], $config['version']), $this->imageset_cfg); - - $imageset_main = array(); - - $sql = 'SELECT image_filename, image_name, image_height, image_width - FROM ' . STYLES_IMAGESET_DATA_TABLE . " - WHERE imageset_id = $style_id - AND image_lang = ''"; - $result = $db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) - { - $imageset_main[$row['image_name']] = $row['image_filename'] . ($row['image_height'] ? '*' . $row['image_height']: '') . ($row['image_width'] ? '*' . $row['image_width']: ''); - } - $db->sql_freeresult($result); - - foreach ($this->imageset_keys as $topic => $key_array) - { - foreach ($key_array as $key) - { - if (isset($imageset_main[$key])) - { - $imageset_cfg .= "\nimg_" . $key . ' = ' . str_replace("styles/{$style_row['imageset_path']}/imageset/", '{PATH}', $imageset_main[$key]); - } - } - } - - $files[] = array( - 'src' => "styles/{$style_row['imageset_path']}/imageset/", - 'prefix-' => "styles/{$style_row['imageset_path']}/", - 'prefix+' => false, - 'exclude' => 'imageset.cfg' - ); - - $data[] = array( - 'src' => trim($imageset_cfg), - 'prefix' => 'imageset/imageset.cfg' - ); - - end($data); - - $imageset_root = "{$phpbb_root_path}styles/{$style_row['imageset_path']}/imageset/"; - - if ($dh = @opendir($imageset_root)) - { - while (($fname = readdir($dh)) !== false) - { - if ($fname[0] != '.' && $fname != 'CVS' && is_dir("$imageset_root$fname")) - { - $files[key($files)]['exclude'] .= ',' . $fname . '/imageset.cfg'; - } - } - closedir($dh); - } - - $imageset_lang = array(); - - $sql = 'SELECT image_filename, image_name, image_height, image_width, image_lang - FROM ' . STYLES_IMAGESET_DATA_TABLE . " - WHERE imageset_id = $style_id - AND image_lang <> ''"; - $result = $db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) - { - $imageset_lang[$row['image_lang']][$row['image_name']] = $row['image_filename'] . ($row['image_height'] ? '*' . $row['image_height']: '') . ($row['image_width'] ? '*' . $row['image_width']: ''); - } - $db->sql_freeresult($result); - - foreach ($imageset_lang as $lang => $imageset_localized) - { - $imageset_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}'), array($mode, $style_row['imageset_name'], $style_row['imageset_copyright'], $config['version']), $this->imageset_cfg); - - foreach ($this->imageset_keys as $topic => $key_array) - { - foreach ($key_array as $key) - { - if (isset($imageset_localized[$key])) - { - $imageset_cfg .= "\nimg_" . $key . ' = ' . str_replace("styles/{$style_row['imageset_path']}/imageset/", '{PATH}', $imageset_localized[$key]); - } - } - } - - $data[] = array( - 'src' => trim($imageset_cfg), - 'prefix' => 'imageset/' . $lang . '/imageset.cfg' - ); - } - - unset($imageset_cfg); - } - switch ($format) { case 'tar': @@ -2334,7 +1507,7 @@ parse_css_file = {PARSE_CSS_FILE} $l_type = strtoupper($mode); $error = array(); - $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE, 'imageset' => STYLES_IMAGESET_TABLE); + $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE); switch ($mode) { @@ -2349,10 +1522,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $sql = "SELECT * @@ -2376,11 +1545,9 @@ parse_css_file = {PARSE_CSS_FILE} $template_id = request_var('template_id', 0); $theme_id = request_var('theme_id', 0); - $imageset_id = request_var('imageset_id', 0); $style_active = request_var('style_active', 0); $style_default = request_var('style_default', 0); - $store_db = request_var('store_db', 0); // If the admin selected the style to be the default style, but forgot to activate it... we will do it for him if ($style_default) @@ -2396,7 +1563,7 @@ parse_css_file = {PARSE_CSS_FILE} $conflict = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if ($mode == 'style' && (!$template_id || !$theme_id || !$imageset_id)) + if ($mode == 'style' && (!$template_id || !$theme_id)) { $error[] = $user->lang['STYLE_ERR_NO_IDS']; } @@ -2411,29 +1578,6 @@ parse_css_file = {PARSE_CSS_FILE} $error[] = $user->lang[$l_type . '_ERR_STYLE_NAME']; } - if ($mode === 'theme' || $mode === 'template') - { - // a rather elaborate check we have to do here once to avoid trouble later - $check = "{$phpbb_root_path}styles/" . $style_row["{$mode}_path"] . (($mode === 'theme') ? '/theme/stylesheet.css' : '/template'); - if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !phpbb_is_writable($check))) - { - $error[] = $user->lang['EDIT_' . strtoupper($mode) . '_STORED_DB']; - $store_db = 1; - } - - // themes which have to be parsed have to go into db - if ($mode == 'theme') - { - $cfg = parse_cfg_file("{$phpbb_root_path}styles/" . $style_row["{$mode}_path"] . "/theme/theme.cfg"); - - if (isset($cfg['parse_css_file']) && $cfg['parse_css_file'] && !$store_db) - { - $error[] = $user->lang['EDIT_THEME_STORE_PARSED']; - $store_db = 1; - } - } - } - if (!sizeof($error)) { // Check length settings @@ -2454,9 +1598,7 @@ parse_css_file = {PARSE_CSS_FILE} $style_row = array_merge($style_row, array( 'template_id' => $template_id, 'theme_id' => $theme_id, - 'imageset_id' => $imageset_id, 'style_active' => $style_active, - $mode . '_storedb' => $store_db, $mode . '_name' => $name, $mode . '_copyright' => $copyright) ); @@ -2477,81 +1619,14 @@ parse_css_file = {PARSE_CSS_FILE} $sql_ary += array( 'template_id' => (int) $template_id, 'theme_id' => (int) $theme_id, - 'imageset_id' => (int) $imageset_id, 'style_active' => (int) $style_active, ); break; - case 'imageset': - break; - case 'theme': - - if ($style_row['theme_storedb'] != $store_db) - { - $theme_data = ''; - - if (!$style_row['theme_storedb']) - { - $theme_data = $this->db_theme_data($style_row); - } - else if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css")) - { - $store_db = 1; - $theme_data = $style_row['theme_data']; - - if ($fp = @fopen("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css", 'wb')) - { - $store_db = (@fwrite($fp, str_replace("styles/{$style_row['theme_path']}/theme/", './', $theme_data))) ? 0 : 1; - } - fclose($fp); - } - - $sql_ary += array( - 'theme_mtime' => ($store_db) ? filemtime("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css") : 0, - 'theme_storedb' => $store_db, - 'theme_data' => ($store_db) ? $theme_data : '', - ); - } break; case 'template': - - if ($style_row['template_storedb'] != $store_db) - { - if ($super = $this->get_super($mode, $style_row['template_id'])) - { - $error[] = (sprintf($user->lang["{$l_type}_INHERITS"], $super['template_name'])); - $sql_ary = array(); - } - else - { - if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template")) - { - $err = $this->store_in_fs('template', $style_row['template_id']); - if ($err) - { - $error += $err; - } - } - else if ($store_db) - { - $this->store_in_db('template', $style_row['template_id']); - } - else - { - // We no longer store within the db, but are also not able to update the file structure - // Since the admin want to switch this, we adhere to his decision. But we also need to remove the cache - $sql = 'DELETE FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $style_id"; - $db->sql_query($sql); - } - - $sql_ary += array( - 'template_storedb' => $store_db, - ); - } - } break; } @@ -2618,16 +1693,12 @@ parse_css_file = {PARSE_CSS_FILE} 'S_STYLE' => ($mode == 'style') ? true : false, 'S_TEMPLATE' => ($mode == 'template') ? true : false, 'S_THEME' => ($mode == 'theme') ? true : false, - 'S_IMAGESET' => ($mode == 'imageset') ? true : false, - 'S_STORE_DB' => (isset($style_row[$mode . '_storedb'])) ? $style_row[$mode . '_storedb'] : 0, - 'S_STORE_DB_DISABLED' => (isset($style_row[$mode . '_inherits_id'])) ? $style_row[$mode . '_inherits_id'] : 0, 'S_STYLE_ACTIVE' => (isset($style_row['style_active'])) ? $style_row['style_active'] : 0, 'S_STYLE_DEFAULT' => (isset($style_row['style_default'])) ? $style_row['style_default'] : 0, 'S_SUPERTEMPLATE' => (isset($style_row[$mode . '_inherits_id']) && $style_row[$mode . '_inherits_id']) ? $super['template_name'] : 0, 'S_TEMPLATE_OPTIONS' => ($mode == 'style') ? $template_options : '', 'S_THEME_OPTIONS' => ($mode == 'style') ? $theme_options : '', - 'S_IMAGESET_OPTIONS' => ($mode == 'style') ? $imageset_options : '', 'U_ACTION' => $this->u_action . '&action=details&id=' . $style_id, 'U_BACK' => $this->u_action, @@ -2635,8 +1706,6 @@ parse_css_file = {PARSE_CSS_FILE} 'L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'], 'L_NAME' => $user->lang[$l_type . '_NAME'], - 'L_LOCATION' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION'] : '', - 'L_LOCATION_EXPLAIN' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION_EXPLAIN'] : '', 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 'NAME' => $style_row[$mode . '_name'], @@ -2723,84 +1792,6 @@ parse_css_file = {PARSE_CSS_FILE} } /** - * Store template files into db - */ - function store_templates($mode, $style_id, $template_path, $filelist) - { - global $phpbb_root_path, $phpEx, $db; - - $template_path = $template_path . '/template/'; - $includes = array(); - foreach ($filelist as $pathfile => $file_ary) - { - foreach ($file_ary as $file) - { - if (!($fp = @fopen("{$phpbb_root_path}styles/$template_path$pathfile$file", 'r'))) - { - trigger_error("Could not open {$phpbb_root_path}styles/$template_path$pathfile$file", E_USER_ERROR); - } - - $filesize = filesize("{$phpbb_root_path}styles/$template_path$pathfile$file"); - - if ($filesize) - { - $template_data = fread($fp, $filesize); - } - - fclose($fp); - - if (!$filesize) - { - // File is empty - continue; - } - - if (preg_match_all('#<!-- INCLUDE (.*?\.html) -->#is', $template_data, $matches)) - { - foreach ($matches[1] as $match) - { - $includes[trim($match)][] = $file; - } - } - } - } - - foreach ($filelist as $pathfile => $file_ary) - { - foreach ($file_ary as $file) - { - // Skip index. - if (strpos($file, 'index.') === 0) - { - continue; - } - - // We could do this using extended inserts ... but that could be one - // heck of a lot of data ... - $sql_ary = array( - 'template_id' => (int) $style_id, - 'template_filename' => "$pathfile$file", - 'template_included' => (isset($includes[$file])) ? implode(':', $includes[$file]) . ':' : '', - 'template_mtime' => (int) filemtime("{$phpbb_root_path}styles/$template_path$pathfile$file"), - 'template_data' => (string) file_get_contents("{$phpbb_root_path}styles/$template_path$pathfile$file"), - ); - - if ($mode == 'insert') - { - $sql = 'INSERT INTO ' . STYLES_TEMPLATE_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - } - else - { - $sql = 'UPDATE ' . STYLES_TEMPLATE_DATA_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE template_id = $style_id - AND template_filename = '" . $db->sql_escape("$pathfile$file") . "'"; - } - $db->sql_query($sql); - } - } - } - - /** * Returns an array containing all template filenames for one template that are currently cached. * * @param string $template_path contains the name of the template's folder in /styles/ @@ -2875,7 +1866,7 @@ parse_css_file = {PARSE_CSS_FILE} } /** - * Install Style/Template/Theme/Imageset + * Install Style/Template/Theme */ function install($mode) { @@ -2885,7 +1876,7 @@ parse_css_file = {PARSE_CSS_FILE} $error = $installcfg = $style_row = array(); $root_path = $cfg_file = ''; - $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE, 'imageset' => STYLES_IMAGESET_TABLE); + $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE); $install_path = request_var('path', ''); $update = (isset($_POST['update'])) ? true : false; @@ -2931,7 +1922,6 @@ parse_css_file = {PARSE_CSS_FILE} $reqd_template = (isset($installcfg['required_template'])) ? $installcfg['required_template'] : false; $reqd_theme = (isset($installcfg['required_theme'])) ? $installcfg['required_theme'] : false; - $reqd_imageset = (isset($installcfg['required_imageset'])) ? $installcfg['required_imageset'] : false; // Check to see if each element is already installed, if it is grab the id foreach ($element_ary as $element => $table) @@ -2957,7 +1947,7 @@ parse_css_file = {PARSE_CSS_FILE} $cfg_contents = parse_cfg_file($cfg_file); // Merge only specific things. We may need them later. - foreach (array('inherit_from', 'parse_css_file') as $key) + foreach (array('inherit_from') as $key) { if (!empty($cfg_contents[$key]) && !isset($installcfg[$key])) { @@ -2976,10 +1966,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $this->test_installed('theme', $error, $root_path, false, $style_row['theme_id'], $style_row['theme_name'], $style_row['theme_copyright']); break; - - case 'imageset': - $this->test_installed('imageset', $error, $root_path, false, $style_row['imageset_id'], $style_row['imageset_name'], $style_row['imageset_copyright']); - break; } } else @@ -2987,7 +1973,6 @@ parse_css_file = {PARSE_CSS_FILE} trigger_error($user->lang['NO_' . $l_type] . adm_back_link($this->u_action), E_USER_WARNING); } - $style_row['store_db'] = request_var('store_db', 0); $style_row['style_active'] = request_var('style_active', 1); $style_row['style_default'] = request_var('style_default', 0); @@ -3001,19 +1986,18 @@ parse_css_file = {PARSE_CSS_FILE} ${$element . '_root_path'} = (${'reqd_' . $element}) ? $phpbb_root_path . 'styles/' . ${'reqd_' . $element} . '/' : false; ${$element . '_path'} = (${'reqd_' . $element}) ? ${'reqd_' . $element} : false; } - $this->install_style($error, 'install', $root_path, $style_row['style_id'], $style_row['style_name'], $install_path, $style_row['style_copyright'], $style_row['style_active'], $style_row['style_default'], $style_row, $template_root_path, $template_path, $theme_root_path, $theme_path, $imageset_root_path, $imageset_path); + $this->install_style($error, 'install', $root_path, $style_row['style_id'], $style_row['style_name'], $install_path, $style_row['style_copyright'], $style_row['style_active'], $style_row['style_default'], $style_row, $template_root_path, $template_path, $theme_root_path, $theme_path); } else { - $style_row['store_db'] = $this->install_element($mode, $error, 'install', $root_path, $style_row[$mode . '_id'], $style_row[$mode . '_name'], $install_path, $style_row[$mode . '_copyright'], $style_row['store_db']); + $this->install_element($mode, $error, 'install', $root_path, $style_row[$mode . '_id'], $style_row[$mode . '_name'], $install_path, $style_row[$mode . '_copyright']); } if (!sizeof($error)) { $cache->destroy('sql', STYLES_TABLE); - $message = ($style_row['store_db']) ? '_ADDED_DB' : '_ADDED'; - trigger_error($user->lang[$l_type . $message] . adm_back_link($this->u_action)); + trigger_error($user->lang[$l_type . '_ADDED'] . adm_back_link($this->u_action)); } } @@ -3029,7 +2013,6 @@ parse_css_file = {PARSE_CSS_FILE} 'S_SUPERTEMPLATE' => (isset($installcfg['inherit_from'])) ? $installcfg['inherit_from'] : '', 'S_THEME' => ($mode == 'theme') ? true : false, - 'S_STORE_DB' => (isset($style_row[$mode . '_storedb'])) ? $style_row[$mode . '_storedb'] : 0, 'S_STYLE_ACTIVE' => (isset($style_row['style_active'])) ? $style_row['style_active'] : 0, 'S_STYLE_DEFAULT' => (isset($style_row['style_default'])) ? $style_row['style_default'] : 0, @@ -3039,15 +2022,12 @@ parse_css_file = {PARSE_CSS_FILE} 'L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'], 'L_NAME' => $user->lang[$l_type . '_NAME'], - 'L_LOCATION' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION'] : '', - 'L_LOCATION_EXPLAIN' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION_EXPLAIN'] : '', 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 'NAME' => $style_row[$mode . '_name'], 'COPYRIGHT' => $style_row[$mode . '_copyright'], 'TEMPLATE_NAME' => ($mode == 'style') ? $style_row['template_name'] : '', - 'THEME_NAME' => ($mode == 'style') ? $style_row['theme_name'] : '', - 'IMAGESET_NAME' => ($mode == 'style') ? $style_row['imageset_name'] : '') + 'THEME_NAME' => ($mode == 'style') ? $style_row['theme_name'] : '') ); } @@ -3059,7 +2039,7 @@ parse_css_file = {PARSE_CSS_FILE} global $phpbb_root_path, $phpEx, $config, $db, $cache, $user, $template; $l_type = strtoupper($mode); - $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE, 'imageset' => STYLES_IMAGESET_TABLE); + $element_ary = array('template' => STYLES_TEMPLATE_TABLE, 'theme' => STYLES_THEME_TABLE); $error = array(); $style_row = array( @@ -3067,8 +2047,6 @@ parse_css_file = {PARSE_CSS_FILE} $mode . '_copyright' => utf8_normalize_nfc(request_var('copyright', '', true)), 'template_id' => 0, 'theme_id' => 0, - 'imageset_id' => 0, - 'store_db' => request_var('store_db', 0), 'style_active' => request_var('style_active', 1), 'style_default' => request_var('style_default', 0), ); @@ -3081,7 +2059,7 @@ parse_css_file = {PARSE_CSS_FILE} switch ($mode) { case 'style': - $sql_select = 'template_id, theme_id, imageset_id'; + $sql_select = 'template_id, theme_id'; $sql_from = STYLES_TABLE; break; @@ -3094,11 +2072,6 @@ parse_css_file = {PARSE_CSS_FILE} $sql_select = 'theme_id'; $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_select = 'imageset_id'; - $sql_from = STYLES_IMAGESET_TABLE; - break; } $sql = "SELECT $sql_select @@ -3117,7 +2090,6 @@ parse_css_file = {PARSE_CSS_FILE} { $style_row['template_id'] = (isset($row['template_id'])) ? $row['template_id'] : $style_row['template_id']; $style_row['theme_id'] = (isset($row['theme_id'])) ? $row['theme_id'] : $style_row['theme_id']; - $style_row['imageset_id'] = (isset($row['imageset_id'])) ? $row['imageset_id'] : $style_row['imageset_id']; } } @@ -3125,9 +2097,8 @@ parse_css_file = {PARSE_CSS_FILE} { $style_row['template_id'] = request_var('template_id', $style_row['template_id']); $style_row['theme_id'] = request_var('theme_id', $style_row['theme_id']); - $style_row['imageset_id'] = request_var('imageset_id', $style_row['imageset_id']); - if ($mode == 'style' && (!$style_row['template_id'] || !$style_row['theme_id'] || !$style_row['imageset_id'])) + if ($mode == 'style' && (!$style_row['template_id'] || !$style_row['theme_id'])) { $error[] = $user->lang['STYLE_ERR_NO_IDS']; } @@ -3147,8 +2118,7 @@ parse_css_file = {PARSE_CSS_FILE} { $cache->destroy('sql', STYLES_TABLE); - $message = ($style_row['store_db']) ? '_ADDED_DB' : '_ADDED'; - trigger_error($user->lang[$l_type . $message] . adm_back_link($this->u_action)); + trigger_error($user->lang[$l_type . '_ADDED'] . adm_back_link($this->u_action)); } } @@ -3182,12 +2152,10 @@ parse_css_file = {PARSE_CSS_FILE} 'S_THEME' => ($mode == 'theme') ? true : false, 'S_BASIS' => ($basis) ? true : false, - 'S_STORE_DB' => (isset($style_row['storedb'])) ? $style_row['storedb'] : 0, 'S_STYLE_ACTIVE' => (isset($style_row['style_active'])) ? $style_row['style_active'] : 0, 'S_STYLE_DEFAULT' => (isset($style_row['style_default'])) ? $style_row['style_default'] : 0, 'S_TEMPLATE_OPTIONS' => ($mode == 'style') ? $template_options : '', 'S_THEME_OPTIONS' => ($mode == 'style') ? $theme_options : '', - 'S_IMAGESET_OPTIONS' => ($mode == 'style') ? $imageset_options : '', 'U_ACTION' => $this->u_action . '&action=add&basis=' . $basis, 'U_BACK' => $this->u_action, @@ -3195,8 +2163,6 @@ parse_css_file = {PARSE_CSS_FILE} 'L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'], 'L_NAME' => $user->lang[$l_type . '_NAME'], - 'L_LOCATION' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION'] : '', - 'L_LOCATION_EXPLAIN' => ($mode == 'template' || $mode == 'theme') ? $user->lang[$l_type . '_LOCATION_EXPLAIN'] : '', 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 'NAME' => $style_row[$mode . '_name'], @@ -3209,7 +2175,6 @@ parse_css_file = {PARSE_CSS_FILE} $reqd_template = (isset($installcfg['required_template'])) ? $installcfg['required_template'] : false; $reqd_theme = (isset($installcfg['required_theme'])) ? $installcfg['required_theme'] : false; - $reqd_imageset = (isset($installcfg['required_imageset'])) ? $installcfg['required_imageset'] : false; // Check to see if each element is already installed, if it is grab the id foreach ($element_ary as $element => $table) @@ -3236,10 +2201,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $l_element = strtoupper($element); @@ -3278,11 +2239,11 @@ parse_css_file = {PARSE_CSS_FILE} /** * Install/Add style */ - function install_style(&$error, $action, $root_path, &$id, $name, $path, $copyright, $active, $default, &$style_row, $template_root_path = false, $template_path = false, $theme_root_path = false, $theme_path = false, $imageset_root_path = false, $imageset_path = false) + function install_style(&$error, $action, $root_path, &$id, $name, $path, $copyright, $active, $default, &$style_row, $template_root_path = false, $template_path = false, $theme_root_path = false, $theme_path = false) { global $config, $db, $user; - $element_ary = array('template', 'theme', 'imageset'); + $element_ary = array('template', 'theme'); if (!$name) { @@ -3328,7 +2289,7 @@ parse_css_file = {PARSE_CSS_FILE} } } - if (!$style_row['template_id'] || !$style_row['theme_id'] || !$style_row['imageset_id']) + if (!$style_row['template_id'] || !$style_row['theme_id']) { $error[] = $user->lang['STYLE_ERR_NO_IDS']; } @@ -3346,7 +2307,6 @@ parse_css_file = {PARSE_CSS_FILE} 'style_active' => (int) $active, 'template_id' => (int) $style_row['template_id'], 'theme_id' => (int) $style_row['theme_id'], - 'imageset_id' => (int) $style_row['imageset_id'], ); $sql = 'INSERT INTO ' . STYLES_TABLE . ' @@ -3373,7 +2333,7 @@ parse_css_file = {PARSE_CSS_FILE} /** * Install/add an element, doing various checks as we go */ - function install_element($mode, &$error, $action, $root_path, &$id, $name, $path, $copyright, $store_db = 0) + function install_element($mode, &$error, $action, $root_path, &$id, $name, $path, $copyright) { global $phpbb_root_path, $db, $user; @@ -3389,10 +2349,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $l_type = strtoupper($mode); @@ -3444,7 +2400,7 @@ parse_css_file = {PARSE_CSS_FILE} $select_bf = ''; } - $sql = "SELECT {$mode}_id, {$mode}_name, {$mode}_path, {$mode}_storedb $select_bf + $sql = "SELECT {$mode}_id, {$mode}_name, {$mode}_path, $select_bf FROM $sql_from WHERE {$mode}_name = '" . $db->sql_escape($cfg_data['inherit_from']) . "' AND {$mode}_inherits_id = 0"; @@ -3460,8 +2416,6 @@ parse_css_file = {PARSE_CSS_FILE} $inherit_id = $row["{$mode}_id"]; $inherit_path = $row["{$mode}_path"]; $inherit_bf = ($mode === 'template') ? $row["bbcode_bitfield"] : false; - $cfg_data['store_db'] = $row["{$mode}_storedb"]; - $store_db = $row["{$mode}_storedb"]; } } else @@ -3496,13 +2450,9 @@ parse_css_file = {PARSE_CSS_FILE} } else { - $sql_ary['bbcode_bitfield'] = TEMPLATE_BITFIELD; + $sql_ary['bbcode_bitfield'] = $this->template_bitfield; } - // We set a pre-defined bitfield here which we may use further in 3.2 - $sql_ary += array( - 'template_storedb' => $store_db, - ); if (isset($cfg_data['inherit_from']) && $cfg_data['inherit_from']) { $sql_ary += array( @@ -3513,22 +2463,6 @@ parse_css_file = {PARSE_CSS_FILE} break; case 'theme': - // We are only interested in the theme configuration for now - - if (isset($cfg_data['parse_css_file']) && $cfg_data['parse_css_file']) - { - $store_db = 1; - } - - $sql_ary += array( - 'theme_storedb' => $store_db, - 'theme_data' => ($store_db) ? $this->db_theme_data($sql_ary, false, $root_path) : '', - 'theme_mtime' => (int) filemtime("{$phpbb_root_path}styles/$path/theme/stylesheet.css") - ); - break; - - // all the heavy lifting is done later - case 'imageset': break; } @@ -3540,119 +2474,9 @@ parse_css_file = {PARSE_CSS_FILE} $id = $db->sql_nextid(); - if ($mode == 'template' && $store_db) - { - $filelist = filelist("{$root_path}template", '', 'html'); - $this->store_templates('insert', $id, $path, $filelist); - } - else if ($mode == 'imageset') - { - $cfg_data = parse_cfg_file("$root_path$mode/imageset.cfg"); - - $imageset_definitions = array(); - foreach ($this->imageset_keys as $topic => $key_array) - { - $imageset_definitions = array_merge($imageset_definitions, $key_array); - } - - foreach ($cfg_data as $key => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($key, 'img_') === 0 && $image_filename) - { - $key = substr($key, 4); - if (in_array($key, $imageset_definitions)) - { - $sql_ary = array( - 'image_name' => $key, - 'image_filename' => str_replace('{PATH}', "styles/$path/imageset/", trim($image_filename)), - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $id, - 'image_lang' => '', - ); - $db->sql_query('INSERT INTO ' . STYLES_IMAGESET_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); - } - } - } - unset($cfg_data); - - $sql = 'SELECT lang_dir - FROM ' . LANG_TABLE; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (@file_exists("$root_path$mode/{$row['lang_dir']}/imageset.cfg")) - { - $cfg_data_imageset_data = parse_cfg_file("$root_path$mode/{$row['lang_dir']}/imageset.cfg"); - foreach ($cfg_data_imageset_data as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - if (in_array($image_name, $imageset_definitions)) - { - $sql_ary = array( - 'image_name' => $image_name, - 'image_filename' => $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $id, - 'image_lang' => $row['lang_dir'], - ); - $db->sql_query('INSERT INTO ' . STYLES_IMAGESET_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); - } - } - } - unset($cfg_data_imageset_data); - } - } - $db->sql_freeresult($result); - } - $db->sql_transaction('commit'); - $log = ($store_db) ? 'LOG_' . $l_type . '_ADD_DB' : 'LOG_' . $l_type . '_ADD_FS'; - add_log('admin', $log, $name); - - // Return store_db in case it had to be altered - return $store_db; + add_log('admin', 'LOG_' . $l_type . '_ADD_FS', $name); } /** @@ -3678,10 +2502,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $sql = "SELECT {$mode}_id, {$mode}_name, {$mode}_path @@ -3734,10 +2554,6 @@ parse_css_file = {PARSE_CSS_FILE} case 'theme': $sql_from = STYLES_THEME_TABLE; break; - - case 'imageset': - $sql_from = STYLES_IMAGESET_TABLE; - break; } $sql = "SELECT {$mode}_inherits_id @@ -3769,180 +2585,4 @@ parse_css_file = {PARSE_CSS_FILE} return false; } - - /** - * Moves a template set and its subtemplates to the database - * - * @access public - * @param string $mode The component to move - only template is supported - * @param int $id The template id - */ - function store_in_db($mode, $id) - { - global $db, $user; - - $error = array(); - $l_type = strtoupper($mode); - if ($super = $this->get_super($mode, $id)) - { - $error[] = (sprintf($user->lang["{$l_type}_INHERITS"], $super['template_name'])); - return $error; - } - - $sql = "SELECT {$mode}_id, {$mode}_name, {$mode}_path - FROM " . STYLES_TEMPLATE_TABLE . ' - WHERE template_id = ' . (int) $id; - - $result = $db->sql_query_limit($sql, 1); - if ($row = $db->sql_fetchrow($result)) - { - $db->sql_freeresult($result); - $subs = $this->check_inheritance($mode, $id); - - $this->_store_in_db($mode, $id, $row["{$mode}_path"]); - if ($subs && sizeof($subs)) - { - foreach ($subs as $sub_id => $sub) - { - if ($err = $this->_store_in_db($mode, $sub["{$mode}_id"], $sub["{$mode}_path"])) - { - $error[] = $err; - } - } - } - } - if (sizeof($error)) - { - return $error; - } - - return false; - } - - /** - * Moves a template set to the database - * - * @access private - * @param string $mode The component to move - only template is supported - * @param int $id The template id - * @param string $path TThe path to the template files - */ - function _store_in_db($mode, $id, $path) - { - global $phpbb_root_path, $db; - - $filelist = filelist("{$phpbb_root_path}styles/{$path}/template", '', 'html'); - $this->store_templates('insert', $id, $path, $filelist); - - // Okay, we do the query here -shouldn't be triggered often. - $sql = 'UPDATE ' . STYLES_TEMPLATE_TABLE . ' - SET template_storedb = 1 - WHERE template_id = ' . $id; - $db->sql_query($sql); - } - - /** - * Moves a template set and its subtemplates to the filesystem - * - * @access public - * @param string $mode The component to move - only template is supported - * @param int $id The template id - */ - function store_in_fs($mode, $id) - { - global $db, $user; - - $error = array(); - $l_type = strtoupper($mode); - if ($super = $this->get_super($mode, $id)) - { - $error[] = (sprintf($user->lang["{$l_type}_INHERITS"], $super['template_name'])); - return($error); - } - - $sql = "SELECT {$mode}_id, {$mode}_name, {$mode}_path - FROM " . STYLES_TEMPLATE_TABLE . ' - WHERE template_id = ' . (int) $id; - - $result = $db->sql_query_limit($sql, 1); - if ($row = $db->sql_fetchrow($result)) - { - $db->sql_freeresult($result); - if (!sizeof($error)) - { - $subs = $this->check_inheritance($mode, $id); - - $this->_store_in_fs($mode, $id, $row["{$mode}_path"]); - - if ($subs && sizeof($subs)) - { - foreach ($subs as $sub_id => $sub) - { - $this->_store_in_fs($mode, $sub["{$mode}_id"], $sub["{$mode}_path"]); - } - } - } - if (sizeof($error)) - { - $this->store_in_db($id, $mode); - return $error; - } - } - return false; - } - - /** - * Moves a template set to the filesystem - * - * @access private - * @param string $mode The component to move - only template is supported - * @param int $id The template id - * @param string $path The path to the template - */ - function _store_in_fs($mode, $id, $path) - { - global $phpbb_root_path, $db, $user, $safe_mode; - - $store_db = 0; - $error = array(); - if (!$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$path}/template")) - { - $sql = 'SELECT * - FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (!($fp = @fopen("{$phpbb_root_path}styles/{$path}/template/" . $row['template_filename'], 'wb'))) - { - $store_db = 1; - $error[] = $user->lang['EDIT_TEMPLATE_STORED_DB']; - break; - } - - fwrite($fp, $row['template_data']); - fclose($fp); - } - $db->sql_freeresult($result); - - if (!$store_db) - { - $sql = 'DELETE FROM ' . STYLES_TEMPLATE_DATA_TABLE . " - WHERE template_id = $id"; - $db->sql_query($sql); - } - } - if (sizeof($error)) - { - return $error; - } - $sql = 'UPDATE ' . STYLES_TEMPLATE_TABLE . ' - SET template_storedb = 0 - WHERE template_id = ' . $id; - $db->sql_query($sql); - - return false; - } - } diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php index 41fb0884b7..ee4e49249d 100644 --- a/phpBB/includes/acp/acp_update.php +++ b/phpBB/includes/acp/acp_update.php @@ -37,7 +37,7 @@ class acp_update $errstr = ''; $errno = 0; - $info = obtain_latest_version_info(request_var('versioncheck_force', false), true); + $info = obtain_latest_version_info(request_var('versioncheck_force', false)); if ($info === false) { @@ -69,12 +69,9 @@ class acp_update $current_version = (!empty($version_update_from)) ? $version_update_from : $config['version']; - $up_to_date_automatic = (version_compare(str_replace('rc', 'RC', strtolower($current_version)), str_replace('rc', 'RC', strtolower($latest_version)), '<')) ? false : true; - $up_to_date = (version_compare(str_replace('rc', 'RC', strtolower($config['version'])), str_replace('rc', 'RC', strtolower($latest_version)), '<')) ? false : true; - $template->assign_vars(array( - 'S_UP_TO_DATE' => $up_to_date, - 'S_UP_TO_DATE_AUTO' => $up_to_date_automatic, + 'S_UP_TO_DATE' => phpbb_version_compare($latest_version, $config['version'], '<='), + 'S_UP_TO_DATE_AUTO' => phpbb_version_compare($latest_version, $current_version, '<='), 'S_VERSION_CHECK' => true, 'U_ACTION' => $this->u_action, 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 006c3617f7..ac95e3709d 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -818,7 +818,7 @@ class acp_users // Which updates do we need to do? $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false; - $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false; + $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false; $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false; if (!sizeof($error)) @@ -1124,7 +1124,7 @@ class acp_users // Grab log data $log_data = array(); $log_count = 0; - view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort); + $start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort); $template->assign_vars(array( 'S_FEEDBACK' => true, diff --git a/phpBB/includes/acp/info/acp_attachments.php b/phpBB/includes/acp/info/acp_attachments.php index d5f57ece4e..4bcd7e2ea5 100644 --- a/phpBB/includes/acp/info/acp_attachments.php +++ b/phpBB/includes/acp/info/acp_attachments.php @@ -23,7 +23,8 @@ class acp_attachments_info 'attach' => array('title' => 'ACP_ATTACHMENT_SETTINGS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_BOARD_CONFIGURATION', 'ACP_ATTACHMENTS')), 'extensions' => array('title' => 'ACP_MANAGE_EXTENSIONS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_ATTACHMENTS')), 'ext_groups' => array('title' => 'ACP_EXTENSION_GROUPS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_ATTACHMENTS')), - 'orphan' => array('title' => 'ACP_ORPHAN_ATTACHMENTS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_ATTACHMENTS')) + 'orphan' => array('title' => 'ACP_ORPHAN_ATTACHMENTS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_ATTACHMENTS')), + 'manage' => array('title' => 'ACP_MANAGE_ATTACHMENTS', 'auth' => 'acl_a_attach', 'cat' => array('ACP_ATTACHMENTS')), ), ); } diff --git a/phpBB/includes/acp/info/acp_styles.php b/phpBB/includes/acp/info/acp_styles.php index d6afd53cef..bdcceb1b7d 100644 --- a/phpBB/includes/acp/info/acp_styles.php +++ b/phpBB/includes/acp/info/acp_styles.php @@ -23,7 +23,6 @@ class acp_styles_info 'style' => array('title' => 'ACP_STYLES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), 'template' => array('title' => 'ACP_TEMPLATES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_COMPONENTS')), 'theme' => array('title' => 'ACP_THEMES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_COMPONENTS')), - 'imageset' => array('title' => 'ACP_IMAGESETS', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_COMPONENTS')), ), ); } diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 5b197e93f3..25f26e5334 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -109,6 +109,7 @@ class auth */ function _fill_acl($user_permissions) { + $seq_cache = array(); $this->acl = array(); $user_permissions = explode("\n", $user_permissions); @@ -125,8 +126,17 @@ class auth while ($subseq = substr($seq, $i, 6)) { + if (isset($seq_cache[$subseq])) + { + $converted = $seq_cache[$subseq]; + } + else + { + $converted = $seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT); + } + // We put the original bitstring into the acl array - $this->acl[$f] .= str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT); + $this->acl[$f] .= $converted; $i += 6; } } @@ -339,6 +349,14 @@ class auth /** * Get permission listing based on user_id/options/forum_ids + * + * Be careful when using this function with permissions a_, m_, u_ and f_ ! + * It may not work correctly. When a user group grants an a_* permission, + * e.g. a_foo, but the user's a_foo permission is set to "Never", then + * the user does not in fact have the a_ permission. + * But the user will still be listed as having the a_ permission. + * + * For more information see: http://tracker.phpbb.com/browse/PHPBB3-10252 */ function acl_get_list($user_id = false, $opts = false, $forum_id = false) { @@ -898,7 +916,7 @@ class auth $method = 'login_' . $method; if (function_exists($method)) { - $login = $method($username, $password); + $login = $method($username, $password, $user->ip, $user->browser, $user->forwarded_for); // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index a148403c6f..9089703035 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -28,9 +28,9 @@ if (!defined('IN_PHPBB')) */ function init_apache() { - global $user; + global $user, $request; - if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER']) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER'))) { return $user->lang['APACHE_SETUP_BEFORE_USE']; } @@ -42,7 +42,7 @@ function init_apache() */ function login_apache(&$username, &$password) { - global $db; + global $db, $request; // do not allow empty password if (!$password) @@ -63,7 +63,7 @@ function login_apache(&$username, &$password) ); } - if (!isset($_SERVER['PHP_AUTH_USER'])) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -72,8 +72,8 @@ function login_apache(&$username, &$password) ); } - $php_auth_user = $_SERVER['PHP_AUTH_USER']; - $php_auth_pw = $_SERVER['PHP_AUTH_PW']; + $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -136,15 +136,15 @@ function login_apache(&$username, &$password) */ function autologin_apache() { - global $db; + global $db, $request; - if (!isset($_SERVER['PHP_AUTH_USER'])) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array(); } - $php_auth_user = $_SERVER['PHP_AUTH_USER']; - $php_auth_pw = $_SERVER['PHP_AUTH_PW']; + $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -228,11 +228,12 @@ function user_row_apache($username, $password) */ function validate_session_apache(&$user) { + global $request; + // Check if PHP_AUTH_USER is set and handle this case - if (isset($_SERVER['PHP_AUTH_USER'])) + if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { - $php_auth_user = ''; - set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true); + $php_auth_user = $request->server('PHP_AUTH_USER'); return ($php_auth_user === $user['username']) ? true : false; } diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 6304d6e49a..2e0031e4cf 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -23,8 +23,21 @@ if (!defined('IN_PHPBB')) /** * Login function +* +* @param string $username +* @param string $password +* @param string $ip IP address the login is taking place from. Used to +* limit the number of login attempts per IP address. +* @param string $browser The user agent used to login +* @param string $forwarded_for X_FORWARDED_FOR header sent with login request +* @return array A associative array of the format +* array( +* 'status' => status constant +* 'error_msg' => string +* 'user_row' => array +* ) */ -function login_db(&$username, &$password) +function login_db($username, $password, $ip = '', $browser = '', $forwarded_for = '') { global $db, $config; global $request; @@ -48,22 +61,71 @@ function login_db(&$username, &$password) ); } + $username_clean = utf8_clean_string($username); + $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; + WHERE username_clean = '" . $db->sql_escape($username_clean) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); + if (($ip && !$config['ip_login_limit_use_forwarded']) || + ($forwarded_for && $config['ip_login_limit_use_forwarded'])) + { + $sql = 'SELECT COUNT(*) AS attempts + FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']); + if ($config['ip_login_limit_use_forwarded']) + { + $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'"; + } + else + { + $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' "; + } + + $result = $db->sql_query($sql); + $attempts = (int) $db->sql_fetchfield('attempts'); + $db->sql_freeresult($result); + + $attempt_data = array( + 'attempt_ip' => $ip, + 'attempt_browser' => trim(substr($browser, 0, 149)), + 'attempt_forwarded_for' => $forwarded_for, + 'attempt_time' => time(), + 'user_id' => ($row) ? (int) $row['user_id'] : 0, + 'username' => $username, + 'username_clean' => $username_clean, + ); + $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data); + $result = $db->sql_query($sql); + } + else + { + $attempts = 0; + } + if (!$row) { + if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']) + { + return array( + 'status' => LOGIN_ERROR_ATTEMPTS, + 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + return array( 'status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS), ); } - $show_captcha = $config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']; + + $show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) || + ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']); // If there are too much login attempts, we need to check for an confirm image // Every auth module is able to define what to do by itself... @@ -76,7 +138,7 @@ function login_db(&$username, &$password) include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); } - $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); $vc_response = $captcha->validate($row); if ($vc_response) @@ -177,6 +239,10 @@ function login_db(&$username, &$password) $row['user_password'] = $hash; } + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + if ($row['user_login_attempts'] != 0) { // Successful, reset login attempts (the user passed all stages) diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 4f311797b2..66facd0faa 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -335,7 +335,7 @@ function acp_ldap(&$new) </dl> <dl> <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt> - <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd> + <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd> </dl> '; diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index a360bcd5d1..929ea45c9b 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -30,7 +30,6 @@ class bbcode var $bbcodes = array(); var $template_bitfield; - var $template_filename = ''; /** * Constructor @@ -128,28 +127,18 @@ class bbcode */ function bbcode_cache_init() { - global $phpbb_root_path, $template, $user; + global $phpbb_root_path, $phpEx, $config, $user, $phpbb_extension_manager; if (empty($this->template_filename)) { $this->template_bitfield = new bitfield($user->theme['bbcode_bitfield']); - $this->template_filename = $phpbb_root_path . 'styles/' . $user->theme['template_path'] . '/template/bbcode.html'; - if (!@file_exists($this->template_filename)) - { - if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id']) - { - $this->template_filename = $phpbb_root_path . 'styles/' . $user->theme['template_inherit_path'] . '/template/bbcode.html'; - if (!@file_exists($this->template_filename)) - { - trigger_error('The file ' . $this->template_filename . ' is missing.', E_USER_ERROR); - } - } - else - { - trigger_error('The file ' . $this->template_filename . ' is missing.', E_USER_ERROR); - } - } + $template_locator = new phpbb_template_locator(); + $template_path_provider = new phpbb_template_extension_path_provider($phpbb_extension_manager, new phpbb_template_path_provider()); + $template = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $template_locator, $template_path_provider); + $template->set_template(); + $template_locator->set_filenames(array('bbcode.html' => 'bbcode.html')); + $this->template_filename = $template_locator->get_source_file_for_handle('bbcode.html'); } $bbcode_ids = $rowset = $sql = array(); @@ -584,6 +573,13 @@ class bbcode $code = str_replace("\t", ' ', $code); $code = str_replace(' ', ' ', $code); $code = str_replace(' ', ' ', $code); + $code = str_replace("\n ", "\n ", $code); + + // keep space at the beginning + if (!empty($code) && $code[0] == ' ') + { + $code = ' ' . substr($code, 1); + } // remove newline at the beginning if (!empty($code) && $code[0] == "\n") diff --git a/phpBB/includes/cache/driver/redis.php b/phpBB/includes/cache/driver/redis.php new file mode 100755 index 0000000000..6362938a9e --- /dev/null +++ b/phpBB/includes/cache/driver/redis.php @@ -0,0 +1,140 @@ +<?php +/** +* +* @package acm +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +if (!defined('PHPBB_ACM_REDIS_PORT')) +{ + define('PHPBB_ACM_REDIS_PORT', 6379); +} + +if (!defined('PHPBB_ACM_REDIS_HOST')) +{ + define('PHPBB_ACM_REDIS_HOST', 'localhost'); +} + +/** +* ACM for Redis +* +* Compatible with the php extension phpredis available +* at https://github.com/nicolasff/phpredis +* +* @package acm +*/ +class phpbb_cache_driver_redis extends phpbb_cache_driver_memory +{ + var $extension = 'redis'; + + var $redis; + + function __construct() + { + // Call the parent constructor + parent::__construct(); + + $this->redis = new Redis(); + $this->redis->connect(PHPBB_ACM_REDIS_HOST, PHPBB_ACM_REDIS_PORT); + + if (defined('PHPBB_ACM_REDIS_PASSWORD')) + { + if (!$this->redis->auth(PHPBB_ACM_REDIS_PASSWORD)) + { + global $acm_type; + + trigger_error("Incorrect password for the ACM module $acm_type.", E_USER_ERROR); + } + } + + $this->redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_PHP); + $this->redis->setOption(Redis::OPT_PREFIX, $this->key_prefix); + + if (defined('PHPBB_ACM_REDIS_DB')) + { + if (!$this->redis->select(PHPBB_ACM_REDIS_DB)) + { + global $acm_type; + + trigger_error("Incorrect database for the ACM module $acm_type.", E_USER_ERROR); + } + } + } + + /** + * Unload the cache resources + * + * @return void + */ + function unload() + { + parent::unload(); + + $this->redis->close(); + } + + /** + * Purge cache data + * + * @return void + */ + function purge() + { + $this->redis->flushDB(); + + parent::purge(); + } + + /** + * Fetch an item from the cache + * + * @access protected + * @param string $var Cache key + * @return mixed Cached data + */ + function _read($var) + { + return $this->redis->get($var); + } + + /** + * Store data in the cache + * + * @access protected + * @param string $var Cache key + * @param mixed $data Data to store + * @param int $ttl Time-to-live of cached data + * @return bool True if the operation succeeded + */ + function _write($var, $data, $ttl = 2592000) + { + return $this->redis->setex($var, $ttl, $data); + } + + /** + * Remove an item from the cache + * + * @access protected + * @param string $var Cache key + * @return bool True if the operation succeeded + */ + function _delete($var) + { + if ($this->redis->delete($var) > 0) + { + return true; + } + return false; + } +} + diff --git a/phpBB/includes/cache/service.php b/phpBB/includes/cache/service.php index 68026c8647..0c01953d55 100644 --- a/phpBB/includes/cache/service.php +++ b/phpBB/includes/cache/service.php @@ -194,6 +194,7 @@ class phpbb_cache_service 'max_filesize' => (int) $row['max_filesize'], 'allow_group' => $row['allow_group'], 'allow_in_pm' => $row['allow_in_pm'], + 'group_name' => $row['group_name'], ); $allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array(); diff --git a/phpBB/includes/captcha/captcha_factory.php b/phpBB/includes/captcha/captcha_factory.php index a3766f4054..e039e92054 100644 --- a/phpBB/includes/captcha/captcha_factory.php +++ b/phpBB/includes/captcha/captcha_factory.php @@ -26,7 +26,7 @@ class phpbb_captcha_factory /** * return an instance of class $name in file $name_plugin.php */ - function &get_instance($name) + function get_instance($name) { global $phpbb_root_path, $phpEx; @@ -59,38 +59,38 @@ class phpbb_captcha_factory */ function get_captcha_types() { - global $phpbb_root_path, $phpEx; + global $phpbb_root_path, $phpEx, $phpbb_extension_manager; $captchas = array( 'available' => array(), 'unavailable' => array(), ); - $dp = @opendir($phpbb_root_path . 'includes/captcha/plugins'); + $finder = $phpbb_extension_manager->get_finder(); + $captcha_plugin_classes = $finder + ->extension_directory('/captcha') + ->suffix('_plugin') + ->core_path('includes/captcha/plugins/') + ->get_classes(); - if ($dp) + foreach ($captcha_plugin_classes as $class) { - while (($file = readdir($dp)) !== false) + // check if this class needs to be loaded in legacy mode + $old_class = preg_replace('/^phpbb_captcha_plugins_/', '', $class); + if (file_exists($phpbb_root_path . "includes/captcha/plugins/$old_class.$phpEx") && !class_exists($old_class)) { - if ((preg_match('#_plugin\.' . $phpEx . '$#', $file))) - { - $name = preg_replace('#^(.*?)_plugin\.' . $phpEx . '$#', '\1', $file); - if (!class_exists($name)) - { - include($phpbb_root_path . "includes/captcha/plugins/$file"); - } + include($phpbb_root_path . "includes/captcha/plugins/$old_class.$phpEx"); + $class = preg_replace('/_plugin$/', '', $old_class); + } - if (call_user_func(array($name, 'is_available'))) - { - $captchas['available'][$name] = call_user_func(array($name, 'get_name')); - } - else - { - $captchas['unavailable'][$name] = call_user_func(array($name, 'get_name')); - } - } + if (call_user_func(array($class, 'is_available'))) + { + $captchas['available'][$class] = call_user_func(array($class, 'get_name')); + } + else + { + $captchas['unavailable'][$class] = call_user_func(array($class, 'get_name')); } - closedir($dp); } return $captchas; diff --git a/phpBB/includes/captcha/captcha_gd.php b/phpBB/includes/captcha/captcha_gd.php index b9b0914e0c..5e61d6a47b 100644 --- a/phpBB/includes/captcha/captcha_gd.php +++ b/phpBB/includes/captcha/captcha_gd.php @@ -77,7 +77,7 @@ class captcha { $denom = ($code_len - $i); $denom = max(1.3, $denom); - $offset[$i] = mt_rand(0, (1.5 * $width_avail) / $denom); + $offset[$i] = phpbb_mt_rand(0, (int) round((1.5 * $width_avail) / $denom)); $width_avail -= $offset[$i]; } @@ -112,7 +112,7 @@ class captcha $noise_bitmaps = $this->captcha_noise_bg_bitmaps(); for ($i = 0; $i < $code_len; ++$i) { - $noise[$i] = new char_cube3d($noise_bitmaps, mt_rand(1, count($noise_bitmaps['data']))); + $noise[$i] = new char_cube3d($noise_bitmaps, mt_rand(1, sizeof($noise_bitmaps['data']))); list($min, $max) = $noise[$i]->range(); //$box = $noise[$i]->dimensions($sizes[$i]); @@ -1669,32 +1669,32 @@ class captcha 'height' => 15, 'data' => array( - 'A' => $chars['A'][mt_rand(0, min(count($chars['A']), $config['captcha_gd_fonts']) -1)], - 'B' => $chars['B'][mt_rand(0, min(count($chars['B']), $config['captcha_gd_fonts']) -1)], - 'C' => $chars['C'][mt_rand(0, min(count($chars['C']), $config['captcha_gd_fonts']) -1)], - 'D' => $chars['D'][mt_rand(0, min(count($chars['D']), $config['captcha_gd_fonts']) -1)], - 'E' => $chars['E'][mt_rand(0, min(count($chars['E']), $config['captcha_gd_fonts']) -1)], - 'F' => $chars['F'][mt_rand(0, min(count($chars['F']), $config['captcha_gd_fonts']) -1)], - 'G' => $chars['G'][mt_rand(0, min(count($chars['G']), $config['captcha_gd_fonts']) -1)], - 'H' => $chars['H'][mt_rand(0, min(count($chars['H']), $config['captcha_gd_fonts']) -1)], - 'I' => $chars['I'][mt_rand(0, min(count($chars['I']), $config['captcha_gd_fonts']) -1)], - 'J' => $chars['J'][mt_rand(0, min(count($chars['J']), $config['captcha_gd_fonts']) -1)], - 'K' => $chars['K'][mt_rand(0, min(count($chars['K']), $config['captcha_gd_fonts']) -1)], - 'L' => $chars['L'][mt_rand(0, min(count($chars['L']), $config['captcha_gd_fonts']) -1)], - 'M' => $chars['M'][mt_rand(0, min(count($chars['M']), $config['captcha_gd_fonts']) -1)], - 'N' => $chars['N'][mt_rand(0, min(count($chars['N']), $config['captcha_gd_fonts']) -1)], - 'O' => $chars['O'][mt_rand(0, min(count($chars['O']), $config['captcha_gd_fonts']) -1)], - 'P' => $chars['P'][mt_rand(0, min(count($chars['P']), $config['captcha_gd_fonts']) -1)], - 'Q' => $chars['Q'][mt_rand(0, min(count($chars['Q']), $config['captcha_gd_fonts']) -1)], - 'R' => $chars['R'][mt_rand(0, min(count($chars['R']), $config['captcha_gd_fonts']) -1)], - 'S' => $chars['S'][mt_rand(0, min(count($chars['S']), $config['captcha_gd_fonts']) -1)], - 'T' => $chars['T'][mt_rand(0, min(count($chars['T']), $config['captcha_gd_fonts']) -1)], - 'U' => $chars['U'][mt_rand(0, min(count($chars['U']), $config['captcha_gd_fonts']) -1)], - 'V' => $chars['V'][mt_rand(0, min(count($chars['V']), $config['captcha_gd_fonts']) -1)], - 'W' => $chars['W'][mt_rand(0, min(count($chars['W']), $config['captcha_gd_fonts']) -1)], - 'X' => $chars['X'][mt_rand(0, min(count($chars['X']), $config['captcha_gd_fonts']) -1)], - 'Y' => $chars['Y'][mt_rand(0, min(count($chars['Y']), $config['captcha_gd_fonts']) -1)], - 'Z' => $chars['Z'][mt_rand(0, min(count($chars['Z']), $config['captcha_gd_fonts']) -1)], + 'A' => $chars['A'][mt_rand(0, min(sizeof($chars['A']), $config['captcha_gd_fonts']) -1)], + 'B' => $chars['B'][mt_rand(0, min(sizeof($chars['B']), $config['captcha_gd_fonts']) -1)], + 'C' => $chars['C'][mt_rand(0, min(sizeof($chars['C']), $config['captcha_gd_fonts']) -1)], + 'D' => $chars['D'][mt_rand(0, min(sizeof($chars['D']), $config['captcha_gd_fonts']) -1)], + 'E' => $chars['E'][mt_rand(0, min(sizeof($chars['E']), $config['captcha_gd_fonts']) -1)], + 'F' => $chars['F'][mt_rand(0, min(sizeof($chars['F']), $config['captcha_gd_fonts']) -1)], + 'G' => $chars['G'][mt_rand(0, min(sizeof($chars['G']), $config['captcha_gd_fonts']) -1)], + 'H' => $chars['H'][mt_rand(0, min(sizeof($chars['H']), $config['captcha_gd_fonts']) -1)], + 'I' => $chars['I'][mt_rand(0, min(sizeof($chars['I']), $config['captcha_gd_fonts']) -1)], + 'J' => $chars['J'][mt_rand(0, min(sizeof($chars['J']), $config['captcha_gd_fonts']) -1)], + 'K' => $chars['K'][mt_rand(0, min(sizeof($chars['K']), $config['captcha_gd_fonts']) -1)], + 'L' => $chars['L'][mt_rand(0, min(sizeof($chars['L']), $config['captcha_gd_fonts']) -1)], + 'M' => $chars['M'][mt_rand(0, min(sizeof($chars['M']), $config['captcha_gd_fonts']) -1)], + 'N' => $chars['N'][mt_rand(0, min(sizeof($chars['N']), $config['captcha_gd_fonts']) -1)], + 'O' => $chars['O'][mt_rand(0, min(sizeof($chars['O']), $config['captcha_gd_fonts']) -1)], + 'P' => $chars['P'][mt_rand(0, min(sizeof($chars['P']), $config['captcha_gd_fonts']) -1)], + 'Q' => $chars['Q'][mt_rand(0, min(sizeof($chars['Q']), $config['captcha_gd_fonts']) -1)], + 'R' => $chars['R'][mt_rand(0, min(sizeof($chars['R']), $config['captcha_gd_fonts']) -1)], + 'S' => $chars['S'][mt_rand(0, min(sizeof($chars['S']), $config['captcha_gd_fonts']) -1)], + 'T' => $chars['T'][mt_rand(0, min(sizeof($chars['T']), $config['captcha_gd_fonts']) -1)], + 'U' => $chars['U'][mt_rand(0, min(sizeof($chars['U']), $config['captcha_gd_fonts']) -1)], + 'V' => $chars['V'][mt_rand(0, min(sizeof($chars['V']), $config['captcha_gd_fonts']) -1)], + 'W' => $chars['W'][mt_rand(0, min(sizeof($chars['W']), $config['captcha_gd_fonts']) -1)], + 'X' => $chars['X'][mt_rand(0, min(sizeof($chars['X']), $config['captcha_gd_fonts']) -1)], + 'Y' => $chars['Y'][mt_rand(0, min(sizeof($chars['Y']), $config['captcha_gd_fonts']) -1)], + 'Z' => $chars['Z'][mt_rand(0, min(sizeof($chars['Z']), $config['captcha_gd_fonts']) -1)], '1' => array( array(0,0,0,1,1,0,0,0,0), diff --git a/phpBB/includes/captcha/plugins/captcha_abstract.php b/phpBB/includes/captcha/plugins/captcha_abstract.php index aea39b3123..07a0ea1279 100644 --- a/phpBB/includes/captcha/plugins/captcha_abstract.php +++ b/phpBB/includes/captcha/plugins/captcha_abstract.php @@ -22,7 +22,7 @@ if (!defined('IN_PHPBB')) * * @package VC */ -class phpbb_default_captcha +class phpbb_captcha_plugins_captcha_abstract { var $confirm_id; var $confirm_code; @@ -364,3 +364,10 @@ class phpbb_default_captcha } } + +/** +* Old class name for legacy use. The new class name is auto loadable. +*/ +class phpbb_default_captcha extends phpbb_captcha_plugins_captcha_abstract +{ +} diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php index add8c3959f..bb76a06371 100644 --- a/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_captcha_gd_plugin.php @@ -50,9 +50,9 @@ class phpbb_captcha_gd extends phpbb_default_captcha } } - function &get_instance() + function get_instance() { - $instance =& new phpbb_captcha_gd(); + $instance = new phpbb_captcha_gd(); return $instance; } diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php index 490a0d62ab..3e98c45d2c 100644 --- a/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_captcha_nogd_plugin.php @@ -40,9 +40,9 @@ class phpbb_captcha_nogd extends phpbb_default_captcha } } - function &get_instance() + function get_instance() { - $instance =& new phpbb_captcha_nogd(); + $instance = new phpbb_captcha_nogd(); return $instance; } diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php index 75fef25a9f..272c0cd4d2 100644 --- a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php @@ -99,9 +99,9 @@ class phpbb_captcha_qa /** * API function */ - function &get_instance() + function get_instance() { - $instance =& new phpbb_captcha_qa(); + $instance = new phpbb_captcha_qa(); return $instance; } @@ -319,7 +319,7 @@ class phpbb_captcha_qa ), 'PRIMARY_KEY' => 'question_id', 'KEYS' => array( - 'lang_iso' => array('INDEX', 'lang_iso'), + 'lang' => array('INDEX', 'lang_iso'), ), ), CAPTCHA_ANSWERS_TABLE => array ( @@ -328,7 +328,7 @@ class phpbb_captcha_qa 'answer_text' => array('STEXT_UNI', ''), ), 'KEYS' => array( - 'question_id' => array('INDEX', 'question_id'), + 'qid' => array('INDEX', 'question_id'), ), ), CAPTCHA_QA_CONFIRM_TABLE => array ( diff --git a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php index 12e3536893..5cfb5df8fc 100644 --- a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php @@ -27,16 +27,22 @@ if (!class_exists('phpbb_default_captcha', false)) */ class phpbb_recaptcha extends phpbb_default_captcha { - var $recaptcha_server = 'http://api.recaptcha.net'; - var $recaptcha_server_secure = 'https://api-secure.recaptcha.net'; // class constants :( - var $recaptcha_verify_server = 'api-verify.recaptcha.net'; + var $recaptcha_server = 'http://www.google.com/recaptcha/api'; + var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :( + + // We are opening a socket to port 80 of this host and send + // the POST request asking for verification to the path specified here. + var $recaptcha_verify_server = 'www.google.com'; + var $recaptcha_verify_path = '/recaptcha/api/verify'; + var $challenge; var $response; // PHP4 Constructor function phpbb_recaptcha() { - $this->recaptcha_server = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? $this->recaptcha_server_secure : $this->recaptcha_server; + global $request; + $this->recaptcha_server = $request->is_secure() ? $this->recaptcha_server_secure : $this->recaptcha_server; } function init($type) @@ -49,9 +55,9 @@ class phpbb_recaptcha extends phpbb_default_captcha $this->response = request_var('recaptcha_response_field', ''); } - function &get_instance() + function get_instance() { - $instance =& new phpbb_recaptcha(); + $instance = new phpbb_recaptcha(); return $instance; } @@ -296,7 +302,7 @@ class phpbb_recaptcha extends phpbb_default_captcha return $user->lang['RECAPTCHA_INCORRECT']; } - $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, '/verify', + $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path, array( 'privatekey' => $config['recaptcha_privkey'], 'remoteip' => $user->ip, diff --git a/phpBB/includes/class_loader.php b/phpBB/includes/class_loader.php index a28d745983..bc268d342e 100644 --- a/phpBB/includes/class_loader.php +++ b/phpBB/includes/class_loader.php @@ -31,22 +31,32 @@ if (!defined('IN_PHPBB')) */ class phpbb_class_loader { - private $phpbb_root_path; + private $prefix; + private $path; private $php_ext; private $cache; + + /** + * A map of looked up class names to paths relative to $this->path. + * This map is stored in cache and looked up if the cache is available. + * + * @var array + */ private $cached_paths = array(); /** * Creates a new phpbb_class_loader, which loads files with the given - * file extension from the given phpbb root path. + * file extension from the given path. * - * @param string $phpbb_root_path phpBB's root directory containing includes/ - * @param string $php_ext The file extension for PHP files + * @param string $prefix Required class name prefix for files to be loaded + * @param string $path Directory to load files from + * @param string $php_ext The file extension for PHP files * @param phpbb_cache_driver_interface $cache An implementation of the phpBB cache interface. */ - public function __construct($phpbb_root_path, $php_ext = '.php', phpbb_cache_driver_interface $cache = null) + public function __construct($prefix, $path, $php_ext = '.php', phpbb_cache_driver_interface $cache = null) { - $this->phpbb_root_path = $phpbb_root_path; + $this->prefix = $prefix; + $this->path = $path; $this->php_ext = $php_ext; $this->set_cache($cache); @@ -63,7 +73,7 @@ class phpbb_class_loader { if ($cache) { - $this->cached_paths = $cache->get('class_loader'); + $this->cached_paths = $cache->get('class_loader_' . $this->prefix); if ($this->cached_paths === false) { @@ -100,23 +110,21 @@ class phpbb_class_loader */ public function resolve_path($class) { - $path_prefix = $this->phpbb_root_path . 'includes/'; - if (isset($this->cached_paths[$class])) { - return $path_prefix . $this->cached_paths[$class] . $this->php_ext; + return $this->path . $this->cached_paths[$class] . $this->php_ext; } - if (!preg_match('/phpbb_[a-zA-Z0-9_]+/', $class)) + if (!preg_match('/^' . $this->prefix . '[a-zA-Z0-9_]+$/', $class)) { return false; } - $parts = explode('_', substr($class, 6)); + $parts = explode('_', substr($class, strlen($this->prefix))); $dirs = ''; - for ($i = 0, $n = sizeof($parts); $i < $n && is_dir($path_prefix . $dirs . $parts[$i]); $i++) + for ($i = 0, $n = sizeof($parts); $i < $n && is_dir($this->path . $dirs . $parts[$i]); $i++) { $dirs .= $parts[$i] . '/'; } @@ -129,7 +137,7 @@ class phpbb_class_loader $relative_path = $dirs . implode(array_slice($parts, $i, sizeof($parts) - $i), '_'); - if (!file_exists($path_prefix . $relative_path . $this->php_ext)) + if (!file_exists($this->path . $relative_path . $this->php_ext)) { return false; } @@ -137,10 +145,10 @@ class phpbb_class_loader if ($this->cache) { $this->cached_paths[$class] = $relative_path; - $this->cache->put('class_loader', $this->cached_paths); + $this->cache->put('class_loader_' . $this->prefix, $this->cached_paths); } - return $path_prefix . $relative_path . $this->php_ext; + return $this->path . $relative_path . $this->php_ext; } /** @@ -150,7 +158,7 @@ class phpbb_class_loader */ public function load_class($class) { - if (substr($class, 0, 6) === 'phpbb_') + if (substr($class, 0, strlen($this->prefix)) === $this->prefix) { $path = $this->resolve_path($class); diff --git a/phpBB/includes/config/config.php b/phpBB/includes/config/config.php index 64fef28cfa..354dc85c03 100644 --- a/phpBB/includes/config/config.php +++ b/phpBB/includes/config/config.php @@ -104,14 +104,27 @@ class phpbb_config implements ArrayAccess, IteratorAggregate, Countable } /** + * Removes a configuration option + * + * @param String $key The configuration option's name + * @param bool $use_cache Whether this variable should be cached or if it + * changes too frequently to be efficiently cached + * @return void + */ + public function delete($key, $use_cache = true) + { + unset($this->config[$key]); + } + + /** * Sets a configuration option's value * - * @param string $key The configuration option's name - * @param string $value New configuration value - * @param bool $cache Whether this variable should be cached or if it - * changes too frequently to be efficiently cached. + * @param string $key The configuration option's name + * @param string $value New configuration value + * @param bool $use_cache Whether this variable should be cached or if it + * changes too frequently to be efficiently cached. */ - public function set($key, $value, $cache = true) + public function set($key, $value, $use_cache = true) { $this->config[$key] = $value; } @@ -122,16 +135,16 @@ class phpbb_config implements ArrayAccess, IteratorAggregate, Countable * * @param string $key The configuration option's name * @param string $old_value Current configuration value - * @param string $value New configuration value - * @param bool $cache Whether this variable should be cached or if it + * @param string $new_value New configuration value + * @param bool $use_cache Whether this variable should be cached or if it * changes too frequently to be efficiently cached. * @return bool True if the value was changed, false otherwise. */ - public function set_atomic($key, $old_value, $value, $cache = true) + public function set_atomic($key, $old_value, $new_value, $use_cache = true) { if (!isset($this->config[$key]) || $this->config[$key] == $old_value) { - $this->config[$key] = $value; + $this->config[$key] = $new_value; return true; } return false; @@ -142,10 +155,10 @@ class phpbb_config implements ArrayAccess, IteratorAggregate, Countable * * @param string $key The configuration option's name * @param int $increment Amount to increment by - * @param bool $cache Whether this variable should be cached or if it + * @param bool $use_cache Whether this variable should be cached or if it * changes too frequently to be efficiently cached. */ - function increment($key, $increment, $cache = true) + function increment($key, $increment, $use_cache = true) { if (!isset($this->config[$key])) { diff --git a/phpBB/includes/config/db.php b/phpBB/includes/config/db.php index 74fb0504ce..a2db4056df 100644 --- a/phpBB/includes/config/db.php +++ b/phpBB/includes/config/db.php @@ -91,16 +91,38 @@ class phpbb_config_db extends phpbb_config } /** + * Removes a configuration option + * + * @param String $key The configuration option's name + * @param bool $use_cache Whether this variable should be cached or if it + * changes too frequently to be efficiently cached + * @return void + */ + public function delete($key, $use_cache = true) + { + $sql = 'DELETE FROM ' . $this->table . " + WHERE config_name = '" . $this->db->sql_escape($key) . "'"; + $this->db->sql_query($sql); + + unset($this->config[$key]); + + if ($use_cache) + { + $this->cache->destroy('config'); + } + } + + /** * Sets a configuration option's value * - * @param string $key The configuration option's name - * @param string $value New configuration value - * @param bool $cache Whether this variable should be cached or if it - * changes too frequently to be efficiently cached. + * @param string $key The configuration option's name + * @param string $value New configuration value + * @param bool $use_cache Whether this variable should be cached or if it + * changes too frequently to be efficiently cached. */ - public function set($key, $value, $cache = true) + public function set($key, $value, $use_cache = true) { - $this->set_atomic($key, false, $value, $cache); + $this->set_atomic($key, false, $value, $use_cache); } /** @@ -111,11 +133,11 @@ class phpbb_config_db extends phpbb_config * @param mixed $old_value Current configuration value or false to ignore * the old value * @param string $new_value New configuration value - * @param bool $cache Whether this variable should be cached or if it + * @param bool $use_cache Whether this variable should be cached or if it * changes too frequently to be efficiently cached * @return bool True if the value was changed, false otherwise */ - public function set_atomic($key, $old_value, $new_value, $cache = true) + public function set_atomic($key, $old_value, $new_value, $use_cache = true) { $sql = 'UPDATE ' . $this->table . " SET config_value = '" . $this->db->sql_escape($new_value) . "' @@ -138,11 +160,11 @@ class phpbb_config_db extends phpbb_config $sql = 'INSERT INTO ' . $this->table . ' ' . $this->db->sql_build_array('INSERT', array( 'config_name' => $key, 'config_value' => $new_value, - 'is_dynamic' => ($cache) ? 0 : 1)); + 'is_dynamic' => ($use_cache) ? 0 : 1)); $this->db->sql_query($sql); } - if ($cache) + if ($use_cache) { $this->cache->destroy('config'); } @@ -159,14 +181,14 @@ class phpbb_config_db extends phpbb_config * * @param string $key The configuration option's name * @param int $increment Amount to increment by - * @param bool $cache Whether this variable should be cached or if it + * @param bool $use_cache Whether this variable should be cached or if it * changes too frequently to be efficiently cached. */ - function increment($key, $increment, $cache = true) + function increment($key, $increment, $use_cache = true) { if (!isset($this->config[$key])) { - $this->set($key, '0', $cache); + $this->set($key, '0', $use_cache); } $sql_update = $this->db->cast_expr_to_string($this->db->cast_expr_to_bigint('config_value') . ' + ' . (int) $increment); @@ -175,7 +197,7 @@ class phpbb_config_db extends phpbb_config SET config_value = ' . $sql_update . " WHERE config_name = '" . $this->db->sql_escape($key) . "'"); - if ($cache) + if ($use_cache) { $this->cache->destroy('config'); } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 216aac7489..d5b398b7bf 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -226,6 +226,7 @@ define('CONFIG_TABLE', $table_prefix . 'config'); define('CONFIRM_TABLE', $table_prefix . 'confirm'); define('DISALLOW_TABLE', $table_prefix . 'disallow'); define('DRAFTS_TABLE', $table_prefix . 'drafts'); +define('EXT_TABLE', $table_prefix . 'ext'); define('EXTENSIONS_TABLE', $table_prefix . 'extensions'); define('EXTENSION_GROUPS_TABLE', $table_prefix . 'extension_groups'); define('FORUMS_TABLE', $table_prefix . 'forums'); @@ -236,6 +237,7 @@ define('GROUPS_TABLE', $table_prefix . 'groups'); define('ICONS_TABLE', $table_prefix . 'icons'); define('LANG_TABLE', $table_prefix . 'lang'); define('LOG_TABLE', $table_prefix . 'log'); +define('LOGIN_ATTEMPT_TABLE', $table_prefix . 'login_attempts'); define('MODERATOR_CACHE_TABLE', $table_prefix . 'moderator_cache'); define('MODULES_TABLE', $table_prefix . 'modules'); define('POLL_OPTIONS_TABLE', $table_prefix . 'poll_options'); diff --git a/phpBB/includes/cron/manager.php b/phpBB/includes/cron/manager.php index 21dcb91695..a0bf018b33 100644 --- a/phpBB/includes/cron/manager.php +++ b/phpBB/includes/cron/manager.php @@ -33,129 +33,24 @@ class phpbb_cron_manager protected $tasks = array(); /** - * Path to the root of directory tree with tasks. - * For bundled phpBB tasks, this is the path to includes/cron/tasks - * under phpBB root. - * @var string - */ - protected $task_path; - - /** - * PHP file extension - * @var string - */ - protected $phpEx; - - /** - * Cache driver - * @var phpbb_cache_driver_interface - */ - protected $cache; - - /** * Constructor. Loads all available tasks. * - * Tasks will be looked up in directory tree rooted at $task_path. - * Task classes will be autoloaded and must be named according to - * autoloading naming conventions. To load cron tasks shipped with - * phpbb, pass $phpbb_root_path . 'includes/cron/task' as $task_path. - * - * If $cache is given, names of found cron tasks will be cached in it - * for one hour. Note that the cron task names are stored without - * namespacing; if two different phbb_cron_manager instances are - * constructed with different $task_path arguments but the same $cache, - * the second instance will use task names found by the first instance. - * - * @param string $task_path Directory containing cron tasks - * @param string $phpEx PHP file extension - * @param phpbb_cache_driver_interface $cache Cache for task names (optional) - * @return void + * @param array|Traversable $task_names Provides an iterable set of task names */ - public function __construct($task_path, $phpEx, phpbb_cache_driver_interface $cache = null) + public function __construct($task_names) { - $this->task_path = $task_path; - $this->phpEx = $phpEx; - $this->cache = $cache; - - $task_names = $this->find_cron_task_names(); $this->load_tasks($task_names); } /** - * Finds cron task names. - * - * A cron task file must follow the naming convention: - * includes/cron/task/$mod/$name.php. - * $mod is core for tasks that are part of phpbb. - * Modifications should use their name as $mod. - * $name is the name of the cron task. - * Cron task is expected to be a class named phpbb_cron_task_${mod}_${name}. - * - * @return array List of task names - */ - public function find_cron_task_names() - { - if ($this->cache) - { - $task_names = $this->cache->get('_cron_tasks'); - - if ($task_names !== false) - { - return $task_names; - } - } - - $task_names = array(); - $ext = '.' . $this->phpEx; - $ext_length = strlen($ext); - - $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($this->task_path)); - - foreach ($iterator as $fileinfo) - { - $file = preg_replace('#^' . preg_quote($this->task_path, '#') . '#', '', $fileinfo->getPathname()); - - // skip directories and files direclty in the task root path - if ($fileinfo->isFile() && strpos($file, '/') !== false) - { - $task_name = str_replace('/', '_', substr($file, 0, -$ext_length)); - if (substr($file, -$ext_length) == $ext && $this->is_valid_name($task_name)) - { - $task_names[] = 'phpbb_cron_task_' . $task_name; - } - } - } - - if ($this->cache) - { - $this->cache->put('_cron_tasks', $task_names, 3600); - } - - return $task_names; - } - - /** - * Checks whether $name is a valid identifier, and - * therefore part of valid cron task class name. - * - * @param string $name Name to check - * - * @return bool - */ - public function is_valid_name($name) - { - return (bool) preg_match('/^[a-zA-Z][a-zA-Z0-9_]*$/', $name); - } - - /** * Loads tasks given by name, wraps them * and puts them into $this->tasks. * - * @param array $task_names Array of strings + * @param array|Traversable $task_names Array of strings * * @return void */ - public function load_tasks(array $task_names) + public function load_tasks($task_names) { foreach ($task_names as $task_name) { diff --git a/phpBB/includes/cron/task/base.php b/phpBB/includes/cron/task/base.php index 38c0b844d9..9db8e3bd44 100644 --- a/phpBB/includes/cron/task/base.php +++ b/phpBB/includes/cron/task/base.php @@ -51,23 +51,4 @@ abstract class phpbb_cron_task_base implements phpbb_cron_task { return true; } - - /** - * Returns whether this cron task can be run in shutdown function. - * - * By the time shutdown sequence invokes a particular piece of code, - * resources that that code requires may already be released. - * If so, a particular cron task may be marked shutdown function- - * unsafe, and it will be executed in normal program flow. - * - * Generally speaking cron tasks should start off as shutdown function- - * safe, and only be marked shutdown function-unsafe if a problem - * is discovered. - * - * @return bool Whether the cron task is shutdown function-safe. - */ - public function is_shutdown_function_safe() - { - return true; - } } diff --git a/phpBB/includes/cron/task/core/queue.php b/phpBB/includes/cron/task/core/queue.php index 0e9de05984..96cade0ce5 100644 --- a/phpBB/includes/cron/task/core/queue.php +++ b/phpBB/includes/cron/task/core/queue.php @@ -64,21 +64,4 @@ class phpbb_cron_task_core_queue extends phpbb_cron_task_base global $config; return $config['last_queue_run'] < time() - $config['queue_interval_config']; } - - /** - * Returns whether this cron task can be run in shutdown function. - * - * A user reported that using the mail() function during shutdown - * function execution does not work. Therefore if email is delivered - * via the mail() function (as opposed to SMTP) queue cron task marks - * itself shutdown function-unsafe. - * - * @return bool - */ - public function is_shutdown_function_safe() - { - global $config; - // A user reported using the mail() function while using shutdown does not work. We do not want to risk that. - return !$config['smtp_delivery']; - } } diff --git a/phpBB/includes/cron/task/provider.php b/phpBB/includes/cron/task/provider.php new file mode 100644 index 0000000000..e6ae0f75ec --- /dev/null +++ b/phpBB/includes/cron/task/provider.php @@ -0,0 +1,48 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Provides cron manager with tasks +* +* Finds installed cron tasks and makes them available to the cron manager. +* +* @package phpBB3 +*/ +class phpbb_cron_task_provider extends phpbb_extension_provider +{ + /** + * Finds cron task names using the extension manager. + * + * All PHP files in includes/cron/task/core/ are considered tasks. Tasks + * in extensions have to be located in a directory called cron or a subdir + * of a directory called cron. The class and filename must end in a _task + * suffix. Additionally all PHP files in includes/cron/task/core/ are + * tasks. + * + * @return array List of task names + */ + protected function find() + { + $finder = $this->extension_manager->get_finder(); + + return $finder + ->extension_suffix('_task') + ->extension_directory('/cron') + ->core_path('includes/cron/task/core/') + ->get_classes(); + } +} diff --git a/phpBB/includes/cron/task/task.php b/phpBB/includes/cron/task/task.php index 58c4a96f8e..cceccce44f 100644 --- a/phpBB/includes/cron/task/task.php +++ b/phpBB/includes/cron/task/task.php @@ -45,20 +45,4 @@ interface phpbb_cron_task * @return bool */ public function should_run(); - - /** - * Returns whether this cron task can be run in shutdown function. - * - * By the time shutdown sequence invokes a particular piece of code, - * resources that that code requires may already be released. - * If so, a particular cron task may be marked shutdown function- - * unsafe, and it will be executed in normal program flow. - * - * Generally speaking cron tasks should start off as shutdown function- - * safe, and only be marked shutdown function-unsafe if a problem - * is discovered. - * - * @return bool - */ - public function is_shutdown_function_safe(); } diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php index 88bbd614e6..b9cc229a45 100644 --- a/phpBB/includes/db/db_tools.php +++ b/phpBB/includes/db/db_tools.php @@ -348,6 +348,66 @@ class phpbb_db_tools } /** + * Gets a list of tables in the database. + * + * @return array Array of table names (all lower case) + */ + function sql_list_tables() + { + switch ($this->db->sql_layer) + { + case 'mysql': + case 'mysql4': + case 'mysqli': + $sql = 'SHOW TABLES'; + break; + + case 'sqlite': + $sql = 'SELECT name + FROM sqlite_master + WHERE type = "table"'; + break; + + case 'mssql': + case 'mssql_odbc': + case 'mssqlnative': + $sql = "SELECT name + FROM sysobjects + WHERE type='U'"; + break; + + case 'postgres': + $sql = 'SELECT relname + FROM pg_stat_user_tables'; + break; + + case 'firebird': + $sql = 'SELECT rdb$relation_name + FROM rdb$relations + WHERE rdb$view_source is null + AND rdb$system_flag = 0'; + break; + + case 'oracle': + $sql = 'SELECT table_name + FROM USER_TABLES'; + break; + } + + $result = $this->db->sql_query($sql); + + $tables = array(); + while ($row = $this->db->sql_fetchrow($result)) + { + $name = current($row); + $tables[$name] = $name; + } + $this->db->sql_freeresult($result); + + return $tables; + } + + /** * Check if table exists * * @@ -417,6 +477,11 @@ class phpbb_db_tools // here lies an array, filled with information compiled on the column's data $prepared_column = $this->sql_prepare_column_data($table_name, $column_name, $column_data); + if (isset($prepared_column['auto_increment']) && strlen($column_name) > 26) // "${column_name}_gen" + { + trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum auto increment column length is 26 characters.", E_USER_ERROR); + } + // here we add the definition of the new column to the list of columns switch ($this->sql_layer) { @@ -538,7 +603,7 @@ class phpbb_db_tools break; case 'oracle': - $table_sql .= "\n);"; + $table_sql .= "\n)"; $statements[] = $table_sql; // do we need to add a sequence and a tigger for auto incrementing columns? @@ -556,7 +621,7 @@ class phpbb_db_tools $trigger .= "BEGIN\n"; $trigger .= "\tSELECT {$table_name}_seq.nextval\n"; $trigger .= "\tINTO :new.{$create_sequence}\n"; - $trigger .= "\tFROM dual\n"; + $trigger .= "\tFROM dual;\n"; $trigger .= "END;"; $statements[] = $trigger; @@ -566,7 +631,13 @@ class phpbb_db_tools case 'firebird': if ($create_sequence) { - $statements[] = "CREATE SEQUENCE {$table_name}_seq;"; + $statements[] = "CREATE GENERATOR {$table_name}_gen;"; + $statements[] = "SET GENERATOR {$table_name}_gen TO 0;"; + + $trigger = "CREATE TRIGGER t_$table_name FOR $table_name\n"; + $trigger .= "BEFORE INSERT\nAS\nBEGIN\n"; + $trigger .= "\tNEW.{$create_sequence} = GEN_ID({$table_name}_gen, 1);\nEND;"; + $statements[] = $trigger; } break; } @@ -638,6 +709,36 @@ class phpbb_db_tools $sqlite = true; } + // Drop tables? + if (!empty($schema_changes['drop_tables'])) + { + foreach ($schema_changes['drop_tables'] as $table) + { + // only drop table if it exists + if ($this->sql_table_exists($table)) + { + $result = $this->sql_table_drop($table); + if ($this->return_statements) + { + $statements = array_merge($statements, $result); + } + } + } + } + + // Add tables? + if (!empty($schema_changes['add_tables'])) + { + foreach ($schema_changes['add_tables'] as $table => $table_data) + { + $result = $this->sql_create_table($table, $table_data); + if ($this->return_statements) + { + $statements = array_merge($statements, $result); + } + } + } + // Change columns? if (!empty($schema_changes['change_columns'])) { @@ -681,10 +782,12 @@ class phpbb_db_tools { foreach ($columns as $column_name => $column_data) { - // Only add the column if it does not exist yet, else change it (to be consistent) + // Only add the column if it does not exist yet if ($column_exists = $this->sql_column_exists($table, $column_name)) { - $result = $this->sql_column_change($table, $column_name, $column_data, true); + continue; + // This is commented out here because it can take tremendous time on updates +// $result = $this->sql_column_change($table, $column_name, $column_data, true); } else { @@ -695,7 +798,8 @@ class phpbb_db_tools { if ($column_exists) { - $sqlite_data[$table]['change_columns'][] = $result; + continue; +// $sqlite_data[$table]['change_columns'][] = $result; } else { @@ -717,6 +821,11 @@ class phpbb_db_tools { foreach ($indexes as $index_name) { + if (!$this->sql_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_index_drop($table, $index_name); if ($this->return_statements) @@ -777,6 +886,11 @@ class phpbb_db_tools { foreach ($index_array as $index_name => $column) { + if ($this->sql_unique_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_create_unique_index($table, $index_name, $column); if ($this->return_statements) @@ -794,6 +908,11 @@ class phpbb_db_tools { foreach ($index_array as $index_name => $column) { + if ($this->sql_index_exists($table, $index_name)) + { + continue; + } + $result = $this->sql_create_index($table, $index_name, $column); if ($this->return_statements) @@ -952,34 +1071,21 @@ class phpbb_db_tools } /** - * Check if a specified column exist + * Gets a list of columns of a table. * - * @param string $table Table to check the column at - * @param string $column_name The column to check + * @param string $table Table name * - * @return bool True if column exists, else false + * @return array Array of column names (all lower case) */ - function sql_column_exists($table, $column_name) + function sql_list_columns($table) { + $columns = array(); + switch ($this->sql_layer) { case 'mysql_40': case 'mysql_41': - $sql = "SHOW COLUMNS FROM $table"; - $result = $this->db->sql_query($sql); - - while ($row = $this->db->sql_fetchrow($result)) - { - // lower case just in case - if (strtolower($row['Field']) == $column_name) - { - $this->db->sql_freeresult($result); - return true; - } - } - $this->db->sql_freeresult($result); - return false; break; // PostgreSQL has a way of doing this in a much simpler way but would @@ -990,19 +1096,6 @@ class phpbb_db_tools WHERE c.relname = '{$table}' AND a.attnum > 0 AND a.attrelid = c.oid"; - $result = $this->db->sql_query($sql); - while ($row = $this->db->sql_fetchrow($result)) - { - // lower case just in case - if (strtolower($row['attname']) == $column_name) - { - $this->db->sql_freeresult($result); - return true; - } - } - $this->db->sql_freeresult($result); - - return false; break; // same deal with PostgreSQL, we must perform more complex operations than @@ -1013,62 +1106,26 @@ class phpbb_db_tools FROM syscolumns c LEFT JOIN sysobjects o ON c.id = o.id WHERE o.name = '{$table}'"; - $result = $this->db->sql_query($sql); - while ($row = $this->db->sql_fetchrow($result)) - { - // lower case just in case - if (strtolower($row['name']) == $column_name) - { - $this->db->sql_freeresult($result); - return true; - } - } - $this->db->sql_freeresult($result); - return false; break; case 'oracle': $sql = "SELECT column_name FROM user_tab_columns WHERE LOWER(table_name) = '" . strtolower($table) . "'"; - $result = $this->db->sql_query($sql); - while ($row = $this->db->sql_fetchrow($result)) - { - // lower case just in case - if (strtolower($row['column_name']) == $column_name) - { - $this->db->sql_freeresult($result); - return true; - } - } - $this->db->sql_freeresult($result); - return false; break; case 'firebird': $sql = "SELECT RDB\$FIELD_NAME as FNAME FROM RDB\$RELATION_FIELDS WHERE RDB\$RELATION_NAME = '" . strtoupper($table) . "'"; - $result = $this->db->sql_query($sql); - while ($row = $this->db->sql_fetchrow($result)) - { - // lower case just in case - if (strtolower($row['fname']) == $column_name) - { - $this->db->sql_freeresult($result); - return true; - } - } - $this->db->sql_freeresult($result); - return false; break; - // ugh, SQLite case 'sqlite': $sql = "SELECT sql FROM sqlite_master WHERE type = 'table' AND name = '{$table}'"; + $result = $this->db->sql_query($sql); if (!$result) @@ -1092,14 +1149,269 @@ class phpbb_db_tools continue; } - if (strtolower($entities[0]) == $column_name) + $column = strtolower($entities[0]); + $columns[$column] = $column; + } + + return $columns; + break; + } + + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + $column = strtolower(current($row)); + $columns[$column] = $column; + } + $this->db->sql_freeresult($result); + + return $columns; + } + + /** + * Check whether a specified column exist in a table + * + * @param string $table Table to check + * @param string $column_name Column to check + * + * @return bool True if column exists, false otherwise + */ + function sql_column_exists($table, $column_name) + { + $columns = $this->sql_list_columns($table); + + return isset($columns[$column_name]); + } + + /** + * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes. + * + * @param string $table_name Table to check the index at + * @param string $index_name The index name to check + * + * @return bool True if index exists, else false + */ + function sql_index_exists($table_name, $index_name) + { + if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative') + { + $sql = "EXEC sp_statistics '$table_name'"; + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + if ($row['TYPE'] == 3) + { + if (strtolower($row['INDEX_NAME']) == strtolower($index_name)) { + $this->db->sql_freeresult($result); return true; } } - return false; + } + $this->db->sql_freeresult($result); + + return false; + } + + switch ($this->sql_layer) + { + case 'firebird': + $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name + FROM RDB\$INDICES + WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "' + AND RDB\$UNIQUE_FLAG IS NULL + AND RDB\$FOREIGN_KEY IS NULL"; + $col = 'index_name'; + break; + + case 'postgres': + $sql = "SELECT ic.relname as index_name + FROM pg_class bc, pg_class ic, pg_index i + WHERE (bc.oid = i.indrelid) + AND (ic.oid = i.indexrelid) + AND (bc.relname = '" . $table_name . "') + AND (i.indisunique != 't') + AND (i.indisprimary != 't')"; + $col = 'index_name'; + break; + + case 'mysql_40': + case 'mysql_41': + $sql = 'SHOW KEYS + FROM ' . $table_name; + $col = 'Key_name'; break; + + case 'oracle': + $sql = "SELECT index_name + FROM user_indexes + WHERE table_name = '" . strtoupper($table_name) . "' + AND generated = 'N' + AND uniqueness = 'NONUNIQUE'"; + $col = 'index_name'; + break; + + case 'sqlite': + $sql = "PRAGMA index_list('" . $table_name . "');"; + $col = 'name'; + break; + } + + $result = $this->db->sql_query($sql); + while ($row = $this->db->sql_fetchrow($result)) + { + if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && !$row['Non_unique']) + { + continue; + } + + // These DBMS prefix index name with the table name + switch ($this->sql_layer) + { + case 'firebird': + case 'oracle': + case 'postgres': + case 'sqlite': + $row[$col] = substr($row[$col], strlen($table_name) + 1); + break; + } + + if (strtolower($row[$col]) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } } + $this->db->sql_freeresult($result); + + return false; + } + + /** + * Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes. + * + * @param string $table_name Table to check the index at + * @param string $index_name The index name to check + * + * @return bool True if index exists, else false + */ + function sql_unique_index_exists($table_name, $index_name) + { + if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative') + { + $sql = "EXEC sp_statistics '$table_name'"; + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + // Usually NON_UNIQUE is the column we want to check, but we allow for both + if ($row['TYPE'] == 3) + { + if (strtolower($row['INDEX_NAME']) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + } + $this->db->sql_freeresult($result); + return false; + } + + switch ($this->sql_layer) + { + case 'firebird': + $sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name + FROM RDB\$INDICES + WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "' + AND RDB\$UNIQUE_FLAG IS NOT NULL + AND RDB\$FOREIGN_KEY IS NULL"; + $col = 'index_name'; + break; + + case 'postgres': + $sql = "SELECT ic.relname as index_name, i.indisunique + FROM pg_class bc, pg_class ic, pg_index i + WHERE (bc.oid = i.indrelid) + AND (ic.oid = i.indexrelid) + AND (bc.relname = '" . $table_name . "') + AND (i.indisprimary != 't')"; + $col = 'index_name'; + break; + + case 'mysql_40': + case 'mysql_41': + $sql = 'SHOW KEYS + FROM ' . $table_name; + $col = 'Key_name'; + break; + + case 'oracle': + $sql = "SELECT index_name, table_owner + FROM user_indexes + WHERE table_name = '" . strtoupper($table_name) . "' + AND generated = 'N' + AND uniqueness = 'UNIQUE'"; + $col = 'index_name'; + break; + + case 'sqlite': + $sql = "PRAGMA index_list('" . $table_name . "');"; + $col = 'name'; + break; + } + + $result = $this->db->sql_query($sql); + while ($row = $this->db->sql_fetchrow($result)) + { + if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && ($row['Non_unique'] || $row[$col] == 'PRIMARY')) + { + continue; + } + + if ($this->sql_layer == 'sqlite' && !$row['unique']) + { + continue; + } + + if ($this->sql_layer == 'postgres' && $row['indisunique'] != 't') + { + continue; + } + + // These DBMS prefix index name with the table name + switch ($this->sql_layer) + { + case 'oracle': + // Two cases here... prefixed with U_[table_owner] and not prefixed with table_name + if (strpos($row[$col], 'U_') === 0) + { + $row[$col] = substr($row[$col], strlen('U_' . $row['table_owner']) + 1); + } + else if (strpos($row[$col], strtoupper($table_name)) === 0) + { + $row[$col] = substr($row[$col], strlen($table_name) + 1); + } + break; + + case 'firebird': + case 'postgres': + case 'sqlite': + $row[$col] = substr($row[$col], strlen($table_name) + 1); + break; + } + + if (strtolower($row[$col]) == strtolower($index_name)) + { + $this->db->sql_freeresult($result); + return true; + } + } + $this->db->sql_freeresult($result); + + return false; } /** @@ -1139,6 +1451,11 @@ class phpbb_db_tools */ function sql_prepare_column_data($table_name, $column_name, $column_data) { + if (strlen($column_name) > 30) + { + trigger_error("Column name '$column_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR); + } + // Get type if (strpos($column_data[0], ':') !== false) { @@ -1371,24 +1688,29 @@ class phpbb_db_tools switch ($this->sql_layer) { case 'firebird': + // Does not support AFTER statement, only POSITION (and there you need the column position) $statements[] = 'ALTER TABLE ' . $table_name . ' ADD "' . strtoupper($column_name) . '" ' . $column_data['column_type_sql']; break; case 'mssql': case 'mssqlnative': + // Does not support AFTER, only through temporary table $statements[] = 'ALTER TABLE [' . $table_name . '] ADD [' . $column_name . '] ' . $column_data['column_type_sql_default']; break; case 'mysql_40': case 'mysql_41': - $statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql']; + $after = (!empty($column_data['after'])) ? ' AFTER ' . $column_data['after'] : ''; + $statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql'] . $after; break; case 'oracle': + // Does not support AFTER, only through temporary table $statements[] = 'ALTER TABLE ' . $table_name . ' ADD ' . $column_name . ' ' . $column_data['column_type_sql']; break; case 'postgres': + // Does not support AFTER, only through temporary table if (version_compare($this->db->sql_server_info(true), '8.0', '>=')) { $statements[] = 'ALTER TABLE ' . $table_name . ' ADD COLUMN "' . $column_name . '" ' . $column_data['column_type_sql']; @@ -1506,7 +1828,7 @@ class phpbb_db_tools break; case 'oracle': - $statements[] = 'ALTER TABLE ' . $table_name . ' DROP ' . $column_name; + $statements[] = 'ALTER TABLE ' . $table_name . ' DROP COLUMN ' . $column_name; break; case 'postgres': @@ -1657,6 +1979,7 @@ class phpbb_db_tools $statements[] = "DROP SEQUENCE {$row['referenced_name']}"; } $this->db->sql_freeresult($result); + break; case 'postgres': // PGSQL does not "tightly" bind sequences and tables, we must guess... @@ -1774,6 +2097,13 @@ class phpbb_db_tools { $statements = array(); + $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config) + if (strlen($table_name . $index_name) - strlen($table_prefix) > 24) + { + $max_length = strlen($table_prefix) + 24; + trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR); + } + switch ($this->sql_layer) { case 'firebird': @@ -1785,7 +2115,7 @@ class phpbb_db_tools case 'mysql_40': case 'mysql_41': - $statements[] = 'CREATE UNIQUE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; + $statements[] = 'ALTER TABLE ' . $table_name . ' ADD UNIQUE INDEX (' . implode(', ', $column) . ')'; break; case 'mssql': @@ -1804,6 +2134,13 @@ class phpbb_db_tools { $statements = array(); + $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config) + if (strlen($table_name . $index_name) - strlen($table_prefix) > 24) + { + $max_length = strlen($table_prefix) + 24; + trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR); + } + // remove index length unless MySQL4 if ('mysql_40' != $this->sql_layer) { @@ -1831,7 +2168,7 @@ class phpbb_db_tools } // no break case 'mysql_41': - $statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; + $statements[] = 'ALTER TABLE ' . $table_name . ' ADD INDEX ' . $index_name . '(' . implode(', ', $column) . ')'; break; case 'mssql': @@ -1957,6 +2294,7 @@ class phpbb_db_tools } else { + // TODO: try to change pkey without removing trigger, generator or constraints. ATM this query may fail. $statements[] = 'ALTER TABLE ' . $table_name . ' ALTER COLUMN "' . strtoupper($column_name) . '" TYPE ' . ' ' . $column_data['column_type_sql_type']; } break; diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index ed1d67b8e9..4f33a22a09 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -242,6 +242,16 @@ class dbal } /** + * Returns whether results of a query need to be buffered to run a transaction while iterating over them. + * + * @return bool Whether buffering is required. + */ + function sql_buffer_nested_transactions() + { + return false; + } + + /** * SQL Transaction * @access private */ @@ -621,7 +631,7 @@ class dbal } } - $sql .= $this->_sql_custom_build('FROM', implode(', ', $table_array)); + $sql .= $this->_sql_custom_build('FROM', implode(' CROSS JOIN ', $table_array)); if (!empty($array['LEFT_JOIN'])) { @@ -757,12 +767,10 @@ class dbal $mtime = explode(' ', microtime()); $totaltime = $mtime[0] + $mtime[1] - $starttime; - echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> + echo '<!DOCTYPE html> + <html dir="ltr"> <head> - <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> - <meta http-equiv="Content-Style-Type" content="text/css" /> - <meta http-equiv="imagetoolbar" content="no" /> + <meta charset="utf-8"> <title>SQL Report</title> <link href="' . $phpbb_root_path . 'adm/style/admin.css" rel="stylesheet" type="text/css" media="screen" /> </head> @@ -790,7 +798,7 @@ class dbal </div> </div> <div id="page-footer"> - Powered by <a href="http://www.phpbb.com/">phpBB</a> © phpBB Group + Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group </div> </div> </body> diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 69476f79f8..8acc84b1c0 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -28,6 +28,7 @@ class dbal_firebird extends dbal var $last_query_text = ''; var $service_handle = false; var $affected_rows = 0; + var $connect_error = ''; /** * Connect to server @@ -53,9 +54,35 @@ class dbal_firebird extends dbal $use_database = $this->server . ':' . $this->dbname; } - $this->db_connect_id = ($this->persistency) ? @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3) : @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + if ($this->persistency) + { + if (!function_exists('ibase_pconnect')) + { + $this->connect_error = 'ibase_pconnect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); + } + $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3); + } + else + { + if (!function_exists('ibase_connect')) + { + $this->connect_error = 'ibase_connect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); + } + $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + } - $this->service_handle = (function_exists('ibase_service_attach') && $this->server) ? @ibase_service_attach($this->server, $this->user, $sqlpassword) : false; + // Do not call ibase_service_attach if connection failed, + // otherwise error message from ibase_(p)connect call will be clobbered. + if ($this->db_connect_id && function_exists('ibase_service_attach') && $this->server) + { + $this->service_handle = @ibase_service_attach($this->server, $this->user, $sqlpassword); + } + else + { + $this->service_handle = false; + } return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error(''); } @@ -470,7 +497,8 @@ class dbal_firebird extends dbal */ function cast_expr_to_bigint($expression) { - return 'CAST(' . $expression . ' as DECIMAL(255, 0))'; + // Precision must be from 1 to 18 + return 'CAST(' . $expression . ' as DECIMAL(18, 0))'; } /** @@ -487,8 +515,24 @@ class dbal_firebird extends dbal */ function _sql_error() { + // Need special handling here because ibase_errmsg returns + // connection errors, however if the interbase extension + // is not installed then ibase_errmsg does not exist and + // we cannot call it. + if (function_exists('ibase_errmsg')) + { + $msg = @ibase_errmsg(); + if (!$msg) + { + $msg = $this->connect_error; + } + } + else + { + $msg = $this->connect_error; + } return array( - 'message' => @ibase_errmsg(), + 'message' => $msg, 'code' => (@function_exists('ibase_errcode') ? @ibase_errcode() : '') ); } diff --git a/phpBB/includes/db/mssqlnative.php b/phpBB/includes/db/mssqlnative.php index e893d746bc..96b4c8a8c8 100644 --- a/phpBB/includes/db/mssqlnative.php +++ b/phpBB/includes/db/mssqlnative.php @@ -50,7 +50,7 @@ class result_mssqlnative } } - $this->m_row_count = count($this->m_rows); + $this->m_row_count = sizeof($this->m_rows); } private function array_to_obj($array, &$obj) @@ -259,6 +259,14 @@ class dbal_mssqlnative extends dbal } /** + * {@inheritDoc} + */ + function sql_buffer_nested_transactions() + { + return true; + } + + /** * SQL Transaction * @access private */ @@ -388,7 +396,7 @@ class dbal_mssqlnative extends dbal */ function sql_affectedrows() { - return ($this->db_connect_id) ? @sqlsrv_rows_affected($this->db_connect_id) : false; + return (!empty($this->query_result)) ? @sqlsrv_rows_affected($this->query_result) : false; } /** @@ -628,7 +636,7 @@ class dbal_mssqlnative extends dbal return false; } } - + /** * Allows setting mssqlnative specific query options passed to sqlsrv_query as 4th parameter. */ diff --git a/phpBB/includes/db/mysqli.php b/phpBB/includes/db/mysqli.php index 7c72fe9f01..d2781e96dd 100644 --- a/phpBB/includes/db/mysqli.php +++ b/phpBB/includes/db/mysqli.php @@ -33,14 +33,33 @@ class dbal_mysqli extends dbal */ function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false , $new_link = false) { - $this->persistency = $persistency; + // Mysqli extension supports persistent connection since PHP 5.3.0 + $this->persistency = (version_compare(PHP_VERSION, '5.3.0', '>=')) ? $persistency : false; $this->user = $sqluser; - $this->server = $sqlserver; + + // If persistent connection, set dbhost to localhost when empty and prepend it with 'p:' prefix + $this->server = ($this->persistency) ? 'p:' . (($sqlserver) ? $sqlserver : 'localhost') : $sqlserver; + $this->dbname = $database; $port = (!$port) ? NULL : $port; - // Persistant connections not supported by the mysqli extension? - $this->db_connect_id = @mysqli_connect($this->server, $this->user, $sqlpassword, $this->dbname, $port); + // If port is set and it is not numeric, most likely mysqli socket is set. + // Try to map it to the $socket parameter. + $socket = NULL; + if ($port) + { + if (is_numeric($port)) + { + $port = (int) $port; + } + else + { + $socket = $port; + $port = NULL; + } + } + + $this->db_connect_id = @mysqli_connect($this->server, $this->user, $sqlpassword, $this->dbname, $port, $socket); if ($this->db_connect_id && $this->dbname != '') { @@ -230,7 +249,13 @@ class dbal_mysqli extends dbal return $cache->sql_fetchrow($query_id); } - return ($query_id !== false) ? @mysqli_fetch_assoc($query_id) : false; + if ($query_id !== false) + { + $result = @mysqli_fetch_assoc($query_id); + return $result !== null ? $result : false; + } + + return false; } /** diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index fc2e35e13c..e0d9370bd8 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -269,11 +269,12 @@ class dbal_oracle extends dbal { $cols = explode(', ', $regs[2]); + preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER); + /* The code inside this comment block breaks clob handling, but does allow the database restore script to work. If you want to allow no posts longer than 4KB and/or need the db restore script, uncomment this. - preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER); if (sizeof($cols) !== sizeof($vals)) { diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 424ce12245..959d8df139 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -18,6 +18,11 @@ if (!defined('IN_PHPBB')) include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx); +if (!class_exists('phpbb_error_collector')) +{ + include($phpbb_root_path . 'includes/error_collector.' . $phpEx); +} + /** * PostgreSQL Database Abstraction Layer * Minimum Requirement is Version 7.3+ @@ -26,6 +31,7 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx); class dbal_postgres extends dbal { var $last_query_text = ''; + var $connect_error = ''; /** * Connect to server @@ -81,13 +87,29 @@ class dbal_postgres extends dbal if ($this->persistency) { + if (!function_exists('pg_pconnect')) + { + $this->connect_error = 'pg_pconnect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); + } + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW); } else { + if (!function_exists('pg_connect')) + { + $this->connect_error = 'pg_connect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); + } + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW); } + $collector->uninstall(); + if ($this->db_connect_id) { if (version_compare($this->sql_server_info(true), '8.2', '>=')) @@ -102,6 +124,7 @@ class dbal_postgres extends dbal return $this->db_connect_id; } + $this->connect_error = $collector->format_errors(); return $this->sql_error(''); } @@ -387,8 +410,19 @@ class dbal_postgres extends dbal */ function _sql_error() { + // pg_last_error only works when there is an established connection. + // Connection errors have to be tracked by us manually. + if ($this->db_connect_id) + { + $message = @pg_last_error($this->db_connect_id); + } + else + { + $message = $this->connect_error; + } + return array( - 'message' => (!$this->db_connect_id) ? @pg_last_error() : @pg_last_error($this->db_connect_id), + 'message' => $message, 'code' => '' ); } diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php new file mode 100644 index 0000000000..3c0a89a1f3 --- /dev/null +++ b/phpBB/includes/error_collector.php @@ -0,0 +1,63 @@ +<?php +/** +* +* @package phpBB +* @version $Id$ +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +class phpbb_error_collector +{ + var $errors; + + function phpbb_error_collector() + { + $this->errors = array(); + } + + function install() + { + set_error_handler(array(&$this, 'error_handler')); + } + + function uninstall() + { + restore_error_handler(); + } + + function error_handler($errno, $msg_text, $errfile, $errline) + { + $this->errors[] = array($errno, $msg_text, $errfile, $errline); + } + + function format_errors() + { + $text = ''; + foreach ($this->errors as $error) + { + if (!empty($text)) + { + $text .= "<br />\n"; + } + + list($errno, $msg_text, $errfile, $errline) = $error; + + // Prevent leakage of local path to phpBB install + $errfile = phpbb_filter_root_path($errfile); + + $text .= "Errno $errno: $msg_text at $errfile line $errline"; + } + + return $text; + } +} diff --git a/phpBB/includes/extension/base.php b/phpBB/includes/extension/base.php new file mode 100644 index 0000000000..d9159d57d2 --- /dev/null +++ b/phpBB/includes/extension/base.php @@ -0,0 +1,57 @@ +<?php +/** +* +* @package extension +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* A base class for extensions without custom enable/disable/purge code. +* +* @package extension +*/ +class phpbb_extension_base implements phpbb_extension_interface +{ + /** + * Single enable step that does nothing + * + * @param mixed $old_state State returned by previous call of this method + * @return false Indicates no further steps are required + */ + public function enable_step($old_state) + { + return false; + } + + /** + * Single disable step that does nothing + * + * @param mixed $old_state State returned by previous call of this method + * @return false Indicates no further steps are required + */ + public function disable_step($old_state) + { + return false; + } + + /** + * Single purge step that does nothing + * + * @param mixed $old_state State returned by previous call of this method + * @return false Indicates no further steps are required + */ + public function purge_step($old_state) + { + return false; + } +} diff --git a/phpBB/includes/extension/finder.php b/phpBB/includes/extension/finder.php new file mode 100644 index 0000000000..a1e6b2b347 --- /dev/null +++ b/phpBB/includes/extension/finder.php @@ -0,0 +1,417 @@ +<?php +/** +* +* @package extension +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* The extension finder provides a simple way to locate files in active extensions +* +* @package extension +*/ +class phpbb_extension_finder +{ + protected $extension_manager; + protected $phpbb_root_path; + protected $cache; + protected $phpEx; + + /** + * The cache variable name used to store $this->cached_queries in $this->cache. + * + * Allows the use of multiple differently configured finders with the same cache. + * @var string + */ + protected $cache_name; + + /** + * An associative array, containing all search parameters set in methods. + * @var array + */ + protected $query; + + /** + * A map from md5 hashes of serialized queries to their previously retrieved + * results. + * @var array + */ + protected $cached_queries; + + /** + * Creates a new finder instance with its dependencies + * + * @param phpbb_extension_manager $extension_manager An extension manager + * instance that provides the finder with a list of active + * extensions and their locations + * @param string $phpbb_root_path Path to the phpbb root directory + * @param phpbb_cache_driver_interface $cache A cache instance or null + * @param string $phpEx php file extension + * @param string $cache_name The name of the cache variable, defaults to + * _ext_finder + */ + public function __construct(phpbb_extension_manager $extension_manager, $phpbb_root_path = '', phpbb_cache_driver_interface $cache = null, $phpEx = '.php', $cache_name = '_ext_finder') + { + $this->extension_manager = $extension_manager; + $this->phpbb_root_path = $phpbb_root_path; + $this->cache = $cache; + $this->phpEx = $phpEx; + $this->cache_name = $cache_name; + + $this->query = array( + 'core_path' => false, + 'core_suffix' => false, + 'core_prefix' => false, + 'core_directory' => false, + 'extension_suffix' => false, + 'extension_prefix' => false, + 'extension_directory' => false, + ); + + $this->cached_queries = ($this->cache) ? $this->cache->get($this->cache_name) : false; + } + + /** + * Sets a core path to be searched in addition to extensions + * + * @param string $core_path The path relative to phpbb_root_path + * @return phpbb_extension_finder This object for chaining calls + */ + public function core_path($core_path) + { + $this->query['core_path'] = $core_path; + return $this; + } + + /** + * Sets the suffix all files found in extensions and core must match. + * + * There is no default file extension, so to find PHP files only, you will + * have to specify .php as a suffix. However when using get_classes, the .php + * file extension is automatically added to suffixes. + * + * @param string $suffix A filename suffix + * @return phpbb_extension_finder This object for chaining calls + */ + public function suffix($suffix) + { + $this->core_suffix($suffix); + $this->extension_suffix($suffix); + return $this; + } + + /** + * Sets a suffix all files found in extensions must match + * + * There is no default file extension, so to find PHP files only, you will + * have to specify .php as a suffix. However when using get_classes, the .php + * file extension is automatically added to suffixes. + * + * @param string $extension_suffix A filename suffix + * @return phpbb_extension_finder This object for chaining calls + */ + public function extension_suffix($extension_suffix) + { + $this->query['extension_suffix'] = $extension_suffix; + return $this; + } + + /** + * Sets a suffix all files found in the core path must match + * + * There is no default file extension, so to find PHP files only, you will + * have to specify .php as a suffix. However when using get_classes, the .php + * file extension is automatically added to suffixes. + * + * @param string $core_suffix A filename suffix + * @return phpbb_extension_finder This object for chaining calls + */ + public function core_suffix($core_suffix) + { + $this->query['core_suffix'] = $core_suffix; + return $this; + } + + /** + * Sets the prefix all files found in extensions and core must match + * + * @param string $prefix A filename prefix + * @return phpbb_extension_finder This object for chaining calls + */ + public function prefix($prefix) + { + $this->core_prefix($prefix); + $this->extension_prefix($prefix); + return $this; + } + + /** + * Sets a prefix all files found in extensions must match + * + * @param string $extension_prefix A filename prefix + * @return phpbb_extension_finder This object for chaining calls + */ + public function extension_prefix($extension_prefix) + { + $this->query['extension_prefix'] = $extension_prefix; + return $this; + } + + /** + * Sets a prefix all files found in the core path must match + * + * @param string $core_prefix A filename prefix + * @return phpbb_extension_finder This object for chaining calls + */ + public function core_prefix($core_prefix) + { + $this->query['core_prefix'] = $core_prefix; + return $this; + } + + /** + * Sets a directory all files found in extensions and core must be contained in + * + * Automatically sets the core_directory if its value does not differ from + * the current directory. + * + * @param string $directory + * @return phpbb_extension_finder This object for chaining calls + */ + public function directory($directory) + { + $this->core_directory($directory); + $this->extension_directory($directory); + return $this; + } + + /** + * Sets a directory all files found in extensions must be contained in + * + * @param string $extension_directory + * @return phpbb_extension_finder This object for chaining calls + */ + public function extension_directory($extension_directory) + { + $this->query['extension_directory'] = $this->sanitise_directory($extension_directory); + return $this; + } + + /** + * Sets a directory all files found in the core path must be contained in + * + * @param string $core_directory + * @return phpbb_extension_finder This object for chaining calls + */ + public function core_directory($core_directory) + { + $this->query['core_directory'] = $this->sanitise_directory($core_directory); + return $this; + } + + /** + * Removes occurances of /./ and makes sure path ends without trailing slash + * + * @param string $directory A directory pattern + * @return string A cleaned up directory pattern + */ + protected function sanitise_directory($directory) + { + $directory = preg_replace('#(?:^|/)\./#', '/', $directory); + $dir_len = strlen($directory); + + if ($dir_len > 1 && $directory[$dir_len - 1] === '/') + { + $directory = substr($directory, 0, -1); + } + + return $directory; + } + + /** + * Finds classes matching the configured options if they follow phpBB naming rules. + * + * The php file extension is automatically added to suffixes. + * + * Note: If a file is matched but contains a class name not following the + * phpBB naming rules an incorrect class name will be returned. + * + * @param bool $cache Whether the result should be cached + * @return array An array of found class names + */ + public function get_classes($cache = true) + { + $this->query['extension_suffix'] .= $this->phpEx; + $this->query['core_suffix'] .= $this->phpEx; + + $files = $this->find($cache, false); + + $classes = array(); + foreach ($files as $file => $ext_name) + { + $file = preg_replace('#^includes/#', '', $file); + + $classes[] = 'phpbb_' . str_replace('/', '_', substr($file, 0, -strlen($this->phpEx))); + } + return $classes; + } + + /** + * Finds all directories matching the configured options + * + * @param bool $cache Whether the result should be cached + * @return array An array of paths to found directories + */ + public function get_directories($cache = true) + { + return $this->find_with_root_path($cache, true); + } + + /** + * Finds all files matching the configured options. + * + * @param bool $cache Whether the result should be cached + * @return array An array of paths to found files + */ + public function get_files($cache = true) + { + return $this->find_with_root_path($cache, false); + } + + /** + * A wrapper around the general find which prepends a root path to results + * + * @param bool $cache Whether the result should be cached + * @param bool $is_dir Directories will be returned when true, only files + * otherwise + * @return array An array of paths to found items + */ + protected function find_with_root_path($cache = true, $is_dir = false) + { + $items = $this->find($cache, $is_dir); + + $result = array(); + foreach ($items as $item => $ext_name) + { + $result[] = $this->phpbb_root_path . $item; + } + + return $result; + } + + /** + * Finds all file system entries matching the configured options + * + * @param bool $cache Whether the result should be cached + * @param bool $is_dir Directories will be returned when true, only files + * otherwise + * @return array An array of paths to found items + */ + public function find($cache = true, $is_dir = false) + { + $this->query['is_dir'] = $is_dir; + $query = md5(serialize($this->query)); + + if (!defined('DEBUG') && $cache && isset($this->cached_queries[$query])) + { + return $this->cached_queries[$query]; + } + + $files = array(); + + $extensions = $this->extension_manager->all_enabled(); + + if ($this->query['core_path']) + { + $extensions['/'] = $this->phpbb_root_path . $this->query['core_path']; + } + + foreach ($extensions as $name => $path) + { + $ext_name = $name; + + if (!file_exists($path)) + { + continue; + } + + if ($name === '/') + { + $location = $this->query['core_path']; + $name = ''; + $suffix = $this->query['core_suffix']; + $prefix = $this->query['core_prefix']; + $directory = $this->query['core_directory']; + } + else + { + $location = 'ext/'; + $name .= '/'; + $suffix = $this->query['extension_suffix']; + $prefix = $this->query['extension_prefix']; + $directory = $this->query['extension_directory']; + } + + // match only first directory if leading slash is given + if ($directory === '/') + { + $directory_pattern = '^' . preg_quote(DIRECTORY_SEPARATOR, '#'); + } + else if ($directory && $directory[0] === '/') + { + $directory_pattern = '^' . preg_quote(str_replace('/', DIRECTORY_SEPARATOR, $directory) . DIRECTORY_SEPARATOR, '#'); + } + else + { + $directory_pattern = preg_quote(DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $directory) . DIRECTORY_SEPARATOR, '#'); + } + $directory_pattern = '#' . $directory_pattern . '#'; + + $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path, FilesystemIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST); + foreach ($iterator as $file_info) + { + if ($file_info->isDir() == $is_dir) + { + if ($is_dir) + { + $relative_path = $iterator->getInnerIterator()->getSubPath() . DIRECTORY_SEPARATOR . basename($file_info->getFilename()) . DIRECTORY_SEPARATOR; + if ($relative_path[0] !== DIRECTORY_SEPARATOR) + { + $relative_path = DIRECTORY_SEPARATOR . $relative_path; + } + } + else + { + $relative_path = DIRECTORY_SEPARATOR . $iterator->getInnerIterator()->getSubPathname(); + } + $item_name = $file_info->getFilename(); + + if ((!$suffix || substr($relative_path, -strlen($suffix)) === $suffix) && + (!$prefix || substr($item_name, 0, strlen($prefix)) === $prefix) && + (!$directory || preg_match($directory_pattern, $relative_path))) + { + $files[str_replace(DIRECTORY_SEPARATOR, '/', $location . $name . substr($relative_path, 1))] = $ext_name; + } + } + } + } + + if ($cache && $this->cache) + { + $this->cached_queries[$query] = $files; + $this->cache->put($this->cache_name, $this->cached_queries); + } + + return $files; + } +} diff --git a/phpBB/includes/extension/interface.php b/phpBB/includes/extension/interface.php new file mode 100644 index 0000000000..b37cd24d77 --- /dev/null +++ b/phpBB/includes/extension/interface.php @@ -0,0 +1,65 @@ +<?php +/** +* +* @package extension +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* The interface extension meta classes have to implement to run custom code +* on enable/disable/purge. +* +* @package extension +*/ +interface phpbb_extension_interface +{ + /** + * enable_step is executed on enabling an extension until it returns false. + * + * Calls to this function can be made in subsequent requests, when the + * function is invoked through a webserver with a too low max_execution_time. + * + * @param mixed $old_state The return value of the previous call + * of this method, or false on the first call + * @return mixed Returns false after last step, otherwise + * temporary state which is passed as an + * argument to the next step + */ + public function enable_step($old_state); + + /** + * Disables the extension. + * + * Calls to this function can be made in subsequent requests, when the + * function is invoked through a webserver with a too low max_execution_time. + * + * @param mixed $old_state The return value of the previous call + * of this method, or false on the first call + * @return null + */ + public function disable_step($old_state); + + /** + * purge_step is executed on purging an extension until it returns false. + * + * Calls to this function can be made in subsequent requests, when the + * function is invoked through a webserver with a too low max_execution_time. + * + * @param mixed $old_state The return value of the previous call + * of this method, or false on the first call + * @return mixed Returns false after last step, otherwise + * temporary state which is passed as an + * argument to the next step + */ + public function purge_step($old_state); +} diff --git a/phpBB/includes/extension/manager.php b/phpBB/includes/extension/manager.php new file mode 100644 index 0000000000..bcdd21f7f1 --- /dev/null +++ b/phpBB/includes/extension/manager.php @@ -0,0 +1,415 @@ +<?php +/** +* +* @package extension +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* The extension manager provides means to activate/deactivate extensions. +* +* @package extension +*/ +class phpbb_extension_manager +{ + protected $cache; + protected $phpEx; + protected $extensions; + protected $extension_table; + protected $phpbb_root_path; + protected $cache_name; + + /** + * Creates a manager and loads information from database + * + * @param dbal $db A database connection + * @param string $extension_table The name of the table holding extensions + * @param string $phpbb_root_path Path to the phpbb includes directory. + * @param string $phpEx php file extension + * @param phpbb_cache_driver_interface $cache A cache instance or null + * @param string $cache_name The name of the cache variable, defaults to _ext + */ + public function __construct(dbal $db, $extension_table, $phpbb_root_path, $phpEx = '.php', phpbb_cache_driver_interface $cache = null, $cache_name = '_ext') + { + $this->phpbb_root_path = $phpbb_root_path; + $this->db = $db; + $this->cache = $cache; + $this->phpEx = $phpEx; + $this->extension_table = $extension_table; + $this->cache_name = $cache_name; + + $this->extensions = ($this->cache) ? $this->cache->get($this->cache_name) : false; + + if ($this->extensions === false) + { + $this->load_extensions(); + } + } + + /** + * Loads all extension information from the database + * + * @return null + */ + protected function load_extensions() + { + $sql = 'SELECT * + FROM ' . $this->extension_table; + + $result = $this->db->sql_query($sql); + $extensions = $this->db->sql_fetchrowset($result); + $this->db->sql_freeresult($result); + + $this->extensions = array(); + foreach ($extensions as $extension) + { + $extension['ext_path'] = $this->get_extension_path($extension['ext_name']); + $this->extensions[$extension['ext_name']] = $extension; + } + + ksort($this->extensions); + + if ($this->cache) + { + $this->cache->put($this->cache_name, $this->extensions); + } + } + + /** + * Generates the path to an extension + * + * @param string $name The name of the extension + * @param bool $phpbb_relative Whether the path should be relative to phpbb root + * @return string Path to an extension + */ + public function get_extension_path($name, $phpbb_relative = false) + { + $name = str_replace('.', '', $name); + + return (($phpbb_relative) ? $this->phpbb_root_path : '') . 'ext/' . $name . '/'; + } + + /** + * Instantiates the extension meta class for the extension with the given name + * + * @param string $name The extension name + * @return phpbb_extension_interface Instance of the extension meta class or + * phpbb_extension_base if the class does not exist + */ + public function get_extension($name) + { + $extension_class_name = 'phpbb_ext_' . str_replace('/', '_', $name) . '_ext'; + + if (class_exists($extension_class_name)) + { + return new $extension_class_name; + } + else + { + return new phpbb_extension_base; + } + } + + /** + * Runs a step of the extension enabling process. + * + * Allows the exentension to enable in a long running script that works + * in multiple steps across requests. State is kept for the extension + * in the extensions table. + * + * @param string $name The extension's name + * @return bool False if enabling is finished, true otherwise + */ + public function enable_step($name) + { + // ignore extensions that are already enabled + if (isset($this->extensions[$name]) && $this->extensions[$name]['ext_active']) + { + return false; + } + + $old_state = (isset($this->extensions[$name]['ext_state'])) ? unserialize($this->extensions[$name]['ext_state']) : false; + + $extension = $this->get_extension($name); + $state = $extension->enable_step($old_state); + + $active = ($state === false); + + $extension_data = array( + 'ext_name' => $name, + 'ext_active' => $active, + 'ext_state' => serialize($state), + ); + + $this->extensions[$name] = $extension_data; + $this->extensions[$name]['ext_path'] = $this->get_extension_path($extension_data['ext_name']); + ksort($this->extensions); + + $sql = 'UPDATE ' . $this->extension_table . ' + SET ' . $this->db->sql_build_array('UPDATE', $extension_data) . " + WHERE ext_name = '" . $this->db->sql_escape($name) . "'"; + $this->db->sql_query($sql); + + if (!$this->db->sql_affectedrows()) + { + $sql = 'INSERT INTO ' . $this->extension_table . ' + ' . $this->db->sql_build_array('INSERT', $extension_data); + $this->db->sql_query($sql); + } + + return !$active; + } + + /** + * Enables an extension + * + * This method completely enables an extension. But it could be long running + * so never call this in a script that has a max_execution time. + * + * @param string $name The extension's name + * @return null + */ + public function enable($name) + { + while ($this->enable_step($name)); + } + + /** + * Disables an extension + * + * Calls the disable method on the extension's meta class to allow it to + * process the event. + * + * @param string $name The extension's name + * @return bool False if disabling is finished, true otherwise + */ + public function disable_step($name) + { + // ignore extensions that are already disabled + if (!isset($this->extensions[$name]) || !$this->extensions[$name]['ext_active']) + { + return false; + } + + $old_state = unserialize($this->extensions[$name]['ext_state']); + + $extension = $this->get_extension($name); + $state = $extension->disable_step($old_state); + + // continue until the state is false + if ($state !== false) + { + $extension_data = array( + 'ext_state' => serialize($state), + ); + $this->extensions[$name]['ext_state'] = serialize($state); + + $sql = 'UPDATE ' . $this->extension_table . ' + SET ' . $this->db->sql_build_array('UPDATE', $extension_data) . " + WHERE ext_name = '" . $this->db->sql_escape($name) . "'"; + $this->db->sql_query($sql); + + return true; + } + + $extension_data = array( + 'ext_active' => false, + 'ext_state' => serialize(false), + ); + $this->extensions[$name]['ext_active'] = false; + $this->extensions[$name]['ext_state'] = serialize(false); + + $sql = 'UPDATE ' . $this->extension_table . ' + SET ' . $this->db->sql_build_array('UPDATE', $extension_data) . " + WHERE ext_name = '" . $this->db->sql_escape($name) . "'"; + $this->db->sql_query($sql); + + return false; + } + + /** + * Disables an extension + * + * Disables an extension completely at once. This process could run for a + * while so never call this in a script that has a max_execution time. + * + * @param string $name The extension's name + * @return null + */ + public function disable($name) + { + while ($this->disable_step($name)); + } + + /** + * Purge an extension + * + * Disables the extension first if active, and then calls purge on the + * extension's meta class to delete the extension's database content. + * + * @param string $name The extension's name + * @return bool False if purging is finished, true otherwise + */ + public function purge_step($name) + { + // ignore extensions that do not exist + if (!isset($this->extensions[$name])) + { + return false; + } + + // disable first if necessary + if ($this->extensions[$name]['ext_active']) + { + $this->disable($name); + } + + $old_state = unserialize($this->extensions[$name]['ext_state']); + + $extension = $this->get_extension($name); + $state = $extension->purge_step($old_state); + + // continue until the state is false + if ($state !== false) + { + $extension_data = array( + 'ext_state' => serialize($state), + ); + $this->extensions[$name]['ext_state'] = serialize($state); + + $sql = 'UPDATE ' . $this->extension_table . ' + SET ' . $this->db->sql_build_array('UPDATE', $extension_data) . " + WHERE ext_name = '" . $this->db->sql_escape($name) . "'"; + $this->db->sql_query($sql); + + return true; + } + + unset($this->extensions[$name]); + + $sql = 'DELETE FROM ' . $this->extension_table . " + WHERE ext_name = '" . $this->db->sql_escape($name) . "'"; + $this->db->sql_query($sql); + + return false; + } + + /** + * Purge an extension + * + * Purges an extension completely at once. This process could run for a while + * so never call this in a script that has a max_execution time. + * + * @param string $name The extension's name + * @return null + */ + public function purge($name) + { + while ($this->purge_step($name)); + } + + /** + * Retrieves a list of all available extensions on the filesystem + * + * @return array An array with extension names as keys and paths to the + * extension as values + */ + public function all_available() + { + $available = array(); + + $iterator = new RecursiveIteratorIterator( + new RecursiveDirectoryIterator($this->phpbb_root_path . 'ext/')); + foreach ($iterator as $file_info) + { + if ($file_info->isFile() && $file_info->getFilename() == 'ext' . $this->phpEx) + { + $ext_name = $iterator->getInnerIterator()->getSubPath(); + + $ext_name = str_replace(DIRECTORY_SEPARATOR, '/', $ext_name); + + $available[$ext_name] = $this->phpbb_root_path . 'ext/' . $ext_name . '/'; + } + } + ksort($available); + return $available; + } + + /** + * Retrieves all configured extensions. + * + * All enabled and disabled extensions are considered configured. A purged + * extension that is no longer in the database is not configured. + * + * @return array An array with extension names as keys and and the + * database stored extension information as values + */ + public function all_configured() + { + $configured = array(); + foreach ($this->extensions as $name => $data) + { + $data['ext_path'] = $this->phpbb_root_path . $data['ext_path']; + $configured[$name] = $data; + } + return $configured; + } + + /** + * Retrieves all enabled extensions. + * + * @return array An array with extension names as keys and and the + * database stored extension information as values + */ + public function all_enabled() + { + $enabled = array(); + foreach ($this->extensions as $name => $data) + { + if ($data['ext_active']) + { + $enabled[$name] = $this->phpbb_root_path . $data['ext_path']; + } + } + return $enabled; + } + + /** + * Retrieves all disabled extensions. + * + * @return array An array with extension names as keys and and the + * database stored extension information as values + */ + public function all_disabled() + { + $disabled = array(); + foreach ($this->extensions as $name => $data) + { + if (!$data['ext_active']) + { + $disabled[$name] = $this->phpbb_root_path . $data['ext_path']; + } + } + return $disabled; + } + + /** + * Instantiates a phpbb_extension_finder. + * + * @return phpbb_extension_finder An extension finder instance + */ + public function get_finder() + { + return new phpbb_extension_finder($this, $this->phpbb_root_path, $this->cache, $this->phpEx, $this->cache_name . '_finder'); + } +} diff --git a/phpBB/includes/extension/provider.php b/phpBB/includes/extension/provider.php new file mode 100644 index 0000000000..3939c2ef07 --- /dev/null +++ b/phpBB/includes/extension/provider.php @@ -0,0 +1,68 @@ +<?php +/** +* +* @package extension +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Provides a set of items found in extensions +* +* @package extension +*/ +abstract class phpbb_extension_provider implements IteratorAggregate +{ + /** + * Array holding all found items + * @var array|null + */ + protected $items = null; + + /** + * An extension manager to search for items in extensions + * @var phpbb_extension_manager + */ + protected $extension_manager; + + /** + * Constructor. Loads all available items. + * + * @param phpbb_extension_manager $extension_manager phpBB extension manager + */ + public function __construct(phpbb_extension_manager $extension_manager) + { + $this->extension_manager = $extension_manager; + } + + /** + * Finds template paths using the extension manager. + * + * @return array List of task names + */ + abstract protected function find(); + + /** + * Retrieve an iterator over all items + * + * @return ArrayIterator An iterator for the array of template paths + */ + public function getIterator() + { + if ($this->items === null) + { + $this->items = $this->find(); + } + + return new ArrayIterator($this->items); + } +} diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 418e8dc51d..92273bf08c 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -48,11 +48,16 @@ function set_var(&$result, $var, $type, $multibyte = false) * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks * @param bool $cookie This param is mapped to phpbb_request_interface::COOKIE as the last param for * phpbb_request_interface::variable for backwards compatability reasons. +* @param phpbb_request_interface|null|false If an instance of phpbb_request_interface is given the instance is stored in +* a static variable and used for all further calls where this parameters is null. Until +* the function is called with an instance it automatically creates a new phpbb_request +* instance on every call. By passing false this per-call instantiation can be restored +* after having passed in a phpbb_request_interface instance. * * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ -function request_var($var_name, $default, $multibyte = false, $cookie = false, phpbb_request_interface $request = null) +function request_var($var_name, $default, $multibyte = false, $cookie = false, $request = null) { // This is all just an ugly hack to add "Dependency Injection" to a function // the only real code is the function call which maps this function to a method. @@ -67,6 +72,15 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false, p return; } } + else if ($request === false) + { + $static_request = null; + + if (empty($var_name)) + { + return; + } + } $tmp_request = $static_request; @@ -168,8 +182,8 @@ function unique_id($extra = 'c') if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10))) { - set_config('rand_seed', $config['rand_seed'], true); set_config('rand_seed_last_update', time(), true); + set_config('rand_seed', $config['rand_seed'], true); $dss_seeded = true; } @@ -177,6 +191,43 @@ function unique_id($extra = 'c') } /** +* Wrapper for mt_rand() which allows swapping $min and $max parameters. +* +* PHP does not allow us to swap the order of the arguments for mt_rand() anymore. +* (since PHP 5.3.4, see http://bugs.php.net/46587) +* +* @param int $min Lowest value to be returned +* @param int $max Highest value to be returned +* +* @return int Random integer between $min and $max (or $max and $min) +*/ +function phpbb_mt_rand($min, $max) +{ + return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max); +} + +/** +* Wrapper for getdate() which returns the equivalent array for UTC timestamps. +* +* @param int $time Unix timestamp (optional) +* +* @return array Returns an associative array of information related to the timestamp. +* See http://www.php.net/manual/en/function.getdate.php +*/ +function phpbb_gmgetdate($time = false) +{ + if ($time === false) + { + $time = time(); + } + + // getdate() interprets timestamps in local time. + // What follows uses the fact that getdate() and + // date('Z') balance each other out. + return getdate($time - date('Z')); +} + +/** * Return formatted string for filesizes * * @param int $value filesize in bytes @@ -444,7 +495,7 @@ function _hash_crypt_private($password, $setting, &$itoa64) $output = '*'; // Check for correct hash - if (substr($setting, 0, 3) != '$H$') + if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$') { return $output; } @@ -498,6 +549,34 @@ function phpbb_email_hash($email) } /** +* Wrapper for version_compare() that allows using uppercase A and B +* for alpha and beta releases. +* +* See http://www.php.net/manual/en/function.version-compare.php +* +* @param string $version1 First version number +* @param string $version2 Second version number +* @param string $operator Comparison operator (optional) +* +* @return mixed Boolean (true, false) if comparison operator is specified. +* Integer (-1, 0, 1) otherwise. +*/ +function phpbb_version_compare($version1, $version2, $operator = null) +{ + $version1 = strtolower($version1); + $version2 = strtolower($version2); + + if (is_null($operator)) + { + return version_compare($version1, $version2); + } + else + { + return version_compare($version1, $version2, $operator); + } +} + +/** * Global function for chmodding directories and files for internal use * * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions. @@ -738,7 +817,7 @@ function phpbb_is_writable($file) * @param string $path Path to check absoluteness of * @return boolean */ -function is_absolute($path) +function phpbb_is_absolute($path) { return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false; } @@ -751,6 +830,8 @@ function is_absolute($path) */ function phpbb_own_realpath($path) { + global $request; + // Now to perform funky shizzle // Switch to use UNIX slashes @@ -758,7 +839,7 @@ function phpbb_own_realpath($path) $path_prefix = ''; // Determine what sort of path we have - if (is_absolute($path)) + if (phpbb_is_absolute($path)) { $absolute = true; @@ -794,11 +875,12 @@ function phpbb_own_realpath($path) $path_prefix = ''; } } - else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME'])) + else if ($request->server('SCRIPT_FILENAME')) { // Warning: If chdir() has been used this will lie! // Warning: This has some problems sometime (CLI can create them easily) - $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path; + $filename = htmlspecialchars_decode($request->server('SCRIPT_FILENAME')); + $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($filename)) . '/' . $path; $absolute = true; $path_prefix = ''; } @@ -1309,35 +1391,6 @@ function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $ { $mark_time = array(); - // Get global announcement info - if ($global_announce_list && sizeof($global_announce_list)) - { - if (!isset($forum_mark_time[0])) - { - global $db; - - $sql = 'SELECT mark_time - FROM ' . FORUMS_TRACK_TABLE . " - WHERE user_id = {$user->data['user_id']} - AND forum_id = 0"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - $mark_time[0] = $row['mark_time']; - } - } - else - { - if ($forum_mark_time[0] !== false) - { - $mark_time[0] = $forum_mark_time[0]; - } - } - } - if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false) { $mark_time[$forum_id] = $forum_mark_time[$forum_id]; @@ -1347,14 +1400,7 @@ function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $ foreach ($topic_ids as $topic_id) { - if ($global_announce_list && isset($global_announce_list[$topic_id])) - { - $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark; - } - else - { - $last_read[$topic_id] = $user_lastmark; - } + $last_read[$topic_id] = $user_lastmark; } } @@ -1366,7 +1412,7 @@ function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $ */ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_list = false) { - global $config, $user; + global $config, $user, $request; $last_read = array(); @@ -1398,8 +1444,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis $sql = 'SELECT forum_id, mark_time FROM ' . FORUMS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']} - AND forum_id " . - (($global_announce_list && sizeof($global_announce_list)) ? "IN (0, $forum_id)" : "= $forum_id"); + AND forum_id = $forum_id"; $result = $db->sql_query($sql); $mark_time = array(); @@ -1413,14 +1458,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis foreach ($topic_ids as $topic_id) { - if ($global_announce_list && isset($global_announce_list[$topic_id])) - { - $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark; - } - else - { - $last_read[$topic_id] = $user_lastmark; - } + $last_read[$topic_id] = $user_lastmark; } } } @@ -1458,13 +1496,6 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis if (sizeof($topic_ids)) { $mark_time = array(); - if ($global_announce_list && sizeof($global_announce_list)) - { - if (isset($tracking_topics['f'][0])) - { - $mark_time[0] = base_convert($tracking_topics['f'][0], 36, 10) + $config['board_startdate']; - } - } if (isset($tracking_topics['f'][$forum_id])) { @@ -1475,14 +1506,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis foreach ($topic_ids as $topic_id) { - if ($global_announce_list && isset($global_announce_list[$topic_id])) - { - $last_read[$topic_id] = (isset($mark_time[0])) ? $mark_time[0] : $user_lastmark; - } - else - { - $last_read[$topic_id] = $user_lastmark; - } + $last_read[$topic_id] = $user_lastmark; } } } @@ -1630,7 +1654,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s */ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false) { - global $db, $tracking_topics, $user, $config; + global $db, $tracking_topics, $user, $config, $auth, $request; // Determine the users last forum mark time if not given. if ($mark_time_forum === false) @@ -1653,6 +1677,10 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti } } + // Handle update of unapproved topics info. + // Only update for moderators having m_approve permission for the forum. + $sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1'; + // Check the forum for any left unread topics. // If there are none, we mark the forum as read. if ($config['load_db_lastread'] && $user->data['is_registered']) @@ -1668,7 +1696,8 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ') WHERE t.forum_id = ' . $forum_id . ' AND t.topic_last_post_time > ' . $mark_time_forum . ' - AND t.topic_moved_id = 0 + AND t.topic_moved_id = 0 ' . + $sql_update_unapproved . ' AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time) GROUP BY t.forum_id'; $result = $db->sql_query_limit($sql, 1); @@ -1692,7 +1721,8 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . $forum_id . ' AND topic_last_post_time > ' . $mark_time_forum . ' - AND topic_moved_id = 0'; + AND topic_moved_id = 0 ' . + $sql_update_unapproved; $result = $db->sql_query($sql); $check_forum = $tracking_topics['tf'][$forum_id]; @@ -1877,7 +1907,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add $start_cnt = min(max(1, $on_page - 4), $total_pages - 5); $end_cnt = max(min($total_pages, $on_page + 4), 6); - $page_string .= ($start_cnt > 1) ? ' ... ' : $separator; + $page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $separator; for ($i = $start_cnt + 1; $i < $end_cnt; $i++) { @@ -1888,7 +1918,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add } } - $page_string .= ($end_cnt < $total_pages) ? ' ... ' : $separator; + $page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $separator; } else { @@ -1927,6 +1957,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add $tpl_prefix . 'PREVIOUS_PAGE' => ($on_page == 1) ? '' : $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page), $tpl_prefix . 'NEXT_PAGE' => ($on_page == $total_pages) ? '' : $base_url . "{$url_delim}start=" . ($on_page * $per_page), $tpl_prefix . 'TOTAL_PAGES' => $total_pages, + $tpl_prefix . 'CURRENT_PAGE' => $on_page, )); return $page_string; @@ -1975,6 +2006,12 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; + if ($params === '' || (is_array($params) && empty($params))) + { + // Do not append the ? if the param-list is empty anyway. + $params = false; + } + // Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately. // They could mimic most of what is within this function if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id)) @@ -2069,14 +2106,17 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) /** * Generate board url (example: http://www.example.com/phpBB) +* * @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com) +* +* @return string the generated board url */ function generate_board_url($without_script_path = false) { - global $config, $user; + global $config, $user, $request; $server_name = $user->host; - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $server_port = $request->server('SERVER_PORT', 0); // Forcing server vars is the only way to specify/override the protocol if ($config['force_server_vars'] || !$server_name) @@ -2092,7 +2132,7 @@ function generate_board_url($without_script_path = false) else { // Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection - $cookie_secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; + $cookie_secure = $request->is_secure() ? 1 : 0; $url = (($cookie_secure) ? 'https://' : 'http://') . $server_name; $script_path = $user->page['root_script_path']; @@ -2273,10 +2313,10 @@ function redirect($url, $return = false, $disable_cd_check = false) { header('Refresh: 0; URL=' . $url); - echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'; - echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '" xml:lang="' . $user->lang['USER_LANG'] . '">'; + echo '<!DOCTYPE html>'; + echo '<html dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '">'; echo '<head>'; - echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />'; + echo '<meta charset="utf-8">'; echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&', $url) . '" />'; echo '<title>' . $user->lang['REDIRECT'] . '</title>'; echo '</head>'; @@ -2444,6 +2484,8 @@ function meta_refresh($time, $url, $disable_cd_check = false) */ function send_status_line($code, $message) { + global $request; + if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') { // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though @@ -2451,15 +2493,9 @@ function send_status_line($code, $message) } else { - if (!empty($_SERVER['SERVER_PROTOCOL'])) - { - $version = $_SERVER['SERVER_PROTOCOL']; - } - else if (!empty($_SERVER['HTTP_VERSION'])) + if ($request->server('SERVER_PROTOCOL')) { - // I cannot remember where I got this from. - // This code path may never be reachable in reality. - $version = $_SERVER['HTTP_VERSION']; + $version = $request->server('SERVER_PROTOCOL'); } else { @@ -3127,61 +3163,44 @@ function add_log() } /** -* Return a nicely formatted backtrace (parts from the php manual by diz at ysagoon dot com) +* Return a nicely formatted backtrace. +* +* Turns the array returned by debug_backtrace() into HTML markup. +* Also filters out absolute paths to phpBB root. +* +* @return string HTML markup */ function get_backtrace() { - global $phpbb_root_path; - $output = '<div style="font-family: monospace;">'; $backtrace = debug_backtrace(); - $path = phpbb_realpath($phpbb_root_path); - foreach ($backtrace as $number => $trace) - { - // We skip the first one, because it only shows this file/function - if ($number == 0) - { - continue; - } + // We skip the first one, because it only shows this file/function + unset($backtrace[0]); + foreach ($backtrace as $trace) + { // Strip the current directory from path - if (empty($trace['file'])) - { - $trace['file'] = ''; - } - else - { - $trace['file'] = str_replace(array($path, '\\'), array('', '/'), $trace['file']); - $trace['file'] = substr($trace['file'], 1); - } - $args = array(); + $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file'])); + $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line']; - // If include/require/include_once is not called, do not show arguments - they may contain sensible information - if (!in_array($trace['function'], array('include', 'require', 'include_once'))) + // Only show function arguments for include etc. + // Other parameters may contain sensible information + $argument = ''; + if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once'))) { - unset($trace['args']); - } - else - { - // Path... - if (!empty($trace['args'][0])) - { - $argument = htmlspecialchars($trace['args'][0]); - $argument = str_replace(array($path, '\\'), array('', '/'), $argument); - $argument = substr($argument, 1); - $args[] = "'{$argument}'"; - } + $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0])); } $trace['class'] = (!isset($trace['class'])) ? '' : $trace['class']; $trace['type'] = (!isset($trace['type'])) ? '' : $trace['type']; $output .= '<br />'; - $output .= '<b>FILE:</b> ' . htmlspecialchars($trace['file']) . '<br />'; + $output .= '<b>FILE:</b> ' . $trace['file'] . '<br />'; $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />'; - $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']) . '(' . ((sizeof($args)) ? implode(', ', $args) : '') . ')<br />'; + $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']); + $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />'; } $output .= '</div>'; return $output; @@ -3243,6 +3262,10 @@ function get_preg_expression($mode) $inline = ($mode == 'relative_url') ? ')' : ''; return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?"; break; + + case 'table_prefix': + return '#^[a-zA-Z][a-zA-Z0-9_]*$#'; + break; } return ''; @@ -3253,7 +3276,7 @@ function get_preg_expression($mode) * Depends on whether installed PHP version supports unicode properties * * @param string $word word template to be replaced -* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode +* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode * * @return string $preg_expr regex to use with word censor */ @@ -3262,7 +3285,7 @@ function get_censor_preg_expression($word, $use_unicode = true) // Unescape the asterisk to simplify further conversions $word = str_replace('\*', '*', preg_quote($word, '#')); - if ($use_unicode && pcre_utf8_support()) + if ($use_unicode && phpbb_pcre_utf8_support()) { // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word); @@ -3649,10 +3672,19 @@ function phpbb_checkdnsrr($host, $type = 'MX') { return true; } + break; default: - case 'A': case 'AAAA': + // AAAA records returned by nslookup on Windows XP/2003 have this format. + // Later Windows versions use the A record format below for AAAA records. + if (stripos($line, "$host AAAA IPv6 address") === 0) + { + return true; + } + // No break + + case 'A': if (!empty($host_matches)) { // Second line @@ -3721,25 +3753,10 @@ function msg_handler($errno, $msg_text, $errfile, $errline) if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) { - // flush the content, else we get a white page if output buffering is on - if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on') - { - @ob_flush(); - } - - // Another quick fix for those having gzip compression enabled, but do not flush if the coder wants to catch "something". ;) - if (!empty($config['gzip_compress'])) - { - if (@extension_loaded('zlib') && !headers_sent() && !ob_get_level()) - { - @ob_flush(); - } - } - - // remove complete path to installation, with the risk of changing backslashes meant to be there - $errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile); - $msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text); - echo '<b>[phpBB Debug] PHP Notice</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n"; + $errfile = phpbb_filter_root_path($errfile); + $msg_text = phpbb_filter_root_path($msg_text); + $error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice'; + echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n"; // we are writing an image - the user won't see the debug, so let's place it in the log if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) @@ -3795,10 +3812,10 @@ function msg_handler($errno, $msg_text, $errfile, $errline) // Try to not call the adm page data... - echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'; - echo '<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">'; + echo '<!DOCTYPE html>'; + echo '<html dir="ltr">'; echo '<head>'; - echo '<meta http-equiv="content-type" content="text/html; charset=utf-8" />'; + echo '<meta charset="utf-8">'; echo '<title>' . $msg_title . '</title>'; echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n"; echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } '; @@ -3828,7 +3845,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo ' </div>'; echo ' </div>'; echo ' <div id="page-footer">'; - echo ' Powered by <a href="http://www.phpbb.com/">phpBB</a> © phpBB Group'; + echo ' Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group'; echo ' </div>'; echo '</div>'; echo '</body>'; @@ -3916,6 +3933,29 @@ function msg_handler($errno, $msg_text, $errfile, $errline) } /** +* Removes absolute path to phpBB root directory from error messages +* and converts backslashes to forward slashes. +* +* @param string $errfile Absolute file path +* (e.g. /var/www/phpbb3/phpBB/includes/functions.php) +* Please note that if $errfile is outside of the phpBB root, +* the root path will not be found and can not be filtered. +* @return string Relative file path +* (e.g. /includes/functions.php) +*/ +function phpbb_filter_root_path($errfile) +{ + static $root_path; + + if (empty($root_path)) + { + $root_path = phpbb_realpath(dirname(__FILE__) . '/../'); + } + + return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile); +} + +/** * Queries the session table to get information about online guests * @param int $item_id Limits the search to the item with this id * @param string $item The name of the item which is stored in the session table as session_{$item}_id @@ -4183,7 +4223,7 @@ function phpbb_optionset($bit, $set, $data) */ function phpbb_http_login($param) { - global $auth, $user; + global $auth, $user, $request; global $config; $param_defaults = array( @@ -4223,9 +4263,9 @@ function phpbb_http_login($param) $username = null; foreach ($username_keys as $k) { - if (isset($_SERVER[$k])) + if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $username = $_SERVER[$k]; + $username = htmlspecialchars_decode($request->server($k)); break; } } @@ -4233,9 +4273,9 @@ function phpbb_http_login($param) $password = null; foreach ($password_keys as $k) { - if (isset($_SERVER[$k])) + if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $password = $_SERVER[$k]; + $password = htmlspecialchars_decode($request->server($k)); break; } } @@ -4244,7 +4284,7 @@ function phpbb_http_login($param) if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0) { list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2); - } + } if (!is_null($username) && !is_null($password)) { @@ -4294,7 +4334,21 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // gzip_compression if ($config['gzip_compress']) { - if (@extension_loaded('zlib') && !headers_sent()) + // to avoid partially compressed output resulting in blank pages in + // the browser or error messages, compression is disabled in a few cases: + // + // 1) if headers have already been sent, this indicates plaintext output + // has been started so further content must not be compressed + // 2) the length of the current output buffer is non-zero. This means + // there is already some uncompressed content in this output buffer + // so further output must not be compressed + // 3) if more than one level of output buffering is used because we + // cannot test all output buffer level content lengths. One level + // could be caused by php.ini output_buffering. Anything + // beyond that is manual, so the code wrapping phpBB in output buffering + // can easily compress the output itself. + // + if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0) { ob_start('ob_gzhandler'); } @@ -4415,6 +4469,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); } + $s_search_hidden_fields = array(); + if ($_SID) + { + $s_search_hidden_fields['sid'] = $_SID; + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4504,11 +4564,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false, + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), + + 'T_ASSETS_PATH' => "{$web_path}assets", 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', - 'T_IMAGESET_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset', - 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->data['user_lang'], 'T_IMAGES_PATH' => "{$web_path}images/", 'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/", 'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/", @@ -4516,14 +4577,16 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang']), + 'T_STYLESHEET_LINK' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css', + 'T_STYLESHEET_LANG_LINK' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/' . $user->lang_name . '/stylesheet.css', 'T_STYLESHEET_NAME' => $user->theme['theme_name'], + 'T_JQUERY_LINK' => ($config['load_jquery_cdn'] && !empty($config['load_jquery_url'])) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery.js", + 'S_JQUERY_FALLBACK' => ($config['load_jquery_cdn']) ? true : false, 'T_THEME_NAME' => $user->theme['theme_path'], + 'T_THEME_LANG_NAME' => $user->data['user_lang'], 'T_TEMPLATE_NAME' => $user->theme['template_path'], 'T_SUPER_TEMPLATE_NAME' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path'], - 'T_IMAGESET_NAME' => $user->theme['imageset_path'], - 'T_IMAGESET_LANG_NAME' => $user->data['user_lang'], 'T_IMAGES' => 'images', 'T_SMILIES' => $config['smilies_path'], 'T_AVATAR' => $config['avatar_path'], @@ -4544,6 +4607,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 header('Expires: 0'); header('Pragma: no-cache'); + if (!empty($user->data['is_bot'])) + { + // Let reverse proxies know we detected a bot. + header('X-PHPBB-IS-BOT: yes'); + } + return; } @@ -4570,15 +4639,13 @@ function page_footer($run_cron = true) if ($auth->acl_get('a_') && defined('DEBUG_EXTRA')) { - if (function_exists('memory_get_usage')) + if (function_exists('memory_get_peak_usage')) { - if ($memory_usage = memory_get_usage()) + if ($memory_usage = memory_get_peak_usage()) { - global $base_memory_usage; - $memory_usage -= $base_memory_usage; $memory_usage = get_formatted_filesize($memory_usage); - $debug_output .= ' | Memory Usage: ' . $memory_usage; + $debug_output .= ' | Peak Memory Usage: ' . $memory_usage; } } @@ -4595,7 +4662,7 @@ function page_footer($run_cron = true) // Call cron-type script $call_cron = false; - if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable']) + if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable'] && !$user->data['is_bot']) { $call_cron = true; $time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time(); @@ -4672,7 +4739,7 @@ function exit_handler() } // As a pre-caution... some setups display a blank page if the flush() is not there. - (empty($config['gzip_compress'])) ? @flush() : @ob_flush(); + (ob_get_level() > 0) ? @ob_flush() : @flush(); exit; } @@ -4702,7 +4769,7 @@ function phpbb_user_session_handler() * * @return bool Returns true if PCRE (the regular expressions library) supports UTF-8 encoding */ -function pcre_utf8_support() +function phpbb_pcre_utf8_support() { static $utf8_pcre_properties = null; if (is_null($utf8_pcre_properties)) diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index f28bca91ee..4702f9939d 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -106,15 +106,13 @@ function adm_page_footer($copyright_html = true) if ($auth->acl_get('a_') && defined('DEBUG_EXTRA')) { - if (function_exists('memory_get_usage')) + if (function_exists('memory_get_peak_usage')) { - if ($memory_usage = memory_get_usage()) + if ($memory_usage = memory_get_peak_usage()) { - global $base_memory_usage; - $memory_usage -= $base_memory_usage; $memory_usage = get_formatted_filesize($memory_usage); - $debug_output .= ' | Memory Usage: ' . $memory_usage; + $debug_output .= ' | Peak Memory Usage: ' . $memory_usage; } } @@ -126,6 +124,8 @@ function adm_page_footer($copyright_html = true) 'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '', 'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '', 'S_COPYRIGHT_HTML' => $copyright_html, + 'T_JQUERY_LINK' => ($config['load_jquery_cdn'] && !empty($config['load_jquery_url'])) ? $config['load_jquery_url'] : "{$phpbb_root_path}assets/javascript/jquery.js", + 'S_JQUERY_FALLBACK' => ($config['load_jquery_cdn']) ? true : false, 'VERSION' => $config['version']) ); @@ -164,7 +164,7 @@ function build_select($option_ary, $option_default = false) /** * Build radio fields in acp pages */ -function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = false) +function h_radio($name, $input_ary, $input_default = false, $id = false, $key = false, $separator = '') { global $user; @@ -173,7 +173,7 @@ function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = foreach ($input_ary as $value => $title) { $selected = ($input_default !== false && $value == $input_default) ? ' checked="checked"' : ''; - $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>'; + $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>' . $separator; $id_assigned = true; } @@ -203,7 +203,7 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) $size = (int) $tpl_type[1]; $maxlength = (int) $tpl_type[2]; - $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '" />'; + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; break; case 'dimension': @@ -329,7 +329,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) switch ($validator[$type]) { case 'string': - $length = strlen($cfg_array[$config_name]); + $length = utf8_strlen($cfg_array[$config_name]); // the column is a VARCHAR $validator[$max] = (isset($validator[$max])) ? min(255, $validator[$max]) : 255; @@ -527,7 +527,7 @@ function validate_range($value_ary, &$error) { case 'string' : $max = (isset($column[1])) ? min($column[1],$type['max']) : $type['max']; - if (strlen($value['value']) > $max) + if (utf8_strlen($value['value']) > $max) { $error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$value['lang']], $max); } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 1468345003..3f9e517fdf 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2208,6 +2208,7 @@ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync if (!($prune_flags & FORUM_FLAG_PRUNE_ANNOUNCE)) { $sql_and .= ' AND topic_type <> ' . POST_ANNOUNCE; + $sql_and .= ' AND topic_type <> ' . POST_GLOBAL; } if (!($prune_flags & FORUM_FLAG_PRUNE_STICKY)) @@ -2595,6 +2596,31 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $sql_keywords .= 'LOWER(l.log_data) ' . implode(' OR LOWER(l.log_data) ', $keywords) . ')'; } + if ($log_count !== false) + { + $sql = 'SELECT COUNT(l.log_id) AS total_entries + FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u + WHERE l.log_type = $log_type + AND l.user_id = u.user_id + AND l.log_time >= $limit_days + $sql_keywords + $sql_forum"; + $result = $db->sql_query($sql); + $log_count = (int) $db->sql_fetchfield('total_entries'); + $db->sql_freeresult($result); + } + + if ($log_count == 0) + { + // Save the queries, because there are no logs to display + return 0; + } + + if ($offset >= $log_count) + { + $offset = ($offset - $limit < 0) ? 0 : $offset - $limit; + } + $sql = "SELECT l.*, u.username, u.username_clean, u.user_colour FROM " . LOG_TABLE . " l, " . USERS_TABLE . " u WHERE l.log_type = $log_type @@ -2695,29 +2721,9 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id while ($row = $db->sql_fetchrow($result)) { - if (!$row['forum_id']) + if ($auth->acl_get('f_read', $row['forum_id'])) { - if ($auth->acl_getf_global('f_read')) - { - if (!$default_forum_id) - { - $sql = 'SELECT forum_id - FROM ' . FORUMS_TABLE . ' - WHERE forum_type = ' . FORUM_POST; - $f_result = $db->sql_query_limit($sql, 1); - $default_forum_id = (int) $db->sql_fetchfield('forum_id', false, $f_result); - $db->sql_freeresult($f_result); - } - - $is_auth[$row['topic_id']] = $default_forum_id; - } - } - else - { - if ($auth->acl_get('f_read', $row['forum_id'])) - { - $is_auth[$row['topic_id']] = $row['forum_id']; - } + $is_auth[$row['topic_id']] = $row['forum_id']; } if ($auth->acl_gets('a_', 'm_', $row['forum_id'])) @@ -2762,21 +2768,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id } } - if ($log_count !== false) - { - $sql = 'SELECT COUNT(l.log_id) AS total_entries - FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u - WHERE l.log_type = $log_type - AND l.user_id = u.user_id - AND l.log_time >= $limit_days - $sql_keywords - $sql_forum"; - $result = $db->sql_query($sql); - $log_count = (int) $db->sql_fetchfield('total_entries'); - $db->sql_freeresult($result); - } - - return; + return $offset; } /** @@ -2908,6 +2900,12 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $user_count = (int) $db->sql_fetchfield('user_count'); $db->sql_freeresult($result); + if ($user_count == 0) + { + // Save the queries, because there are no users to display + return 0; + } + if ($offset >= $user_count) { $offset = ($offset - $limit < 0) ? 0 : $offset - $limit; @@ -3113,7 +3111,7 @@ function get_database_size() /** * Retrieve contents from remotely stored file */ -function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 10) +function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6) { global $user; @@ -3123,6 +3121,9 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port @fputs($fsock, "HOST: $host\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); + $timer_stop = time() + $timeout; + stream_set_timeout($fsock, $timeout); + $file_info = ''; $get_info = false; @@ -3145,6 +3146,14 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port return false; } } + + $stream_meta_data = stream_get_meta_data($fsock); + + if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) + { + $errstr = $user->lang['FSOCK_TIMEOUT']; + return false; + } } @fclose($fsock); } diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index 179fd3c2f8..b1294a2f14 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -1107,7 +1107,7 @@ function extension_allowed($forum_id, $extension, &$extensions) * @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char) * @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars). * @param bool $allow_reply Allow Re: in front of string -* NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_legnth) and is deprecated. +* NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_length) and is deprecated. * @param string $append String to be appended */ function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = false, $append = '') diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 6314ba0ec9..39d0793030 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -52,6 +52,27 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $sql_where = 'left_id > ' . $root_data['left_id'] . ' AND left_id < ' . $root_data['right_id']; } + // Handle marking everything read + if ($mark_read == 'all') + { + $redirect = build_url(array('mark', 'hash')); + meta_refresh(3, $redirect); + + if (check_link_hash(request_var('hash', ''), 'global')) + { + markread('all'); + + trigger_error( + $user->lang['FORUMS_MARKED'] . '<br /><br />' . + sprintf($user->lang['RETURN_INDEX'], '<a href="' . $redirect . '">', '</a>') + ); + } + else + { + trigger_error(sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); + } + } + // Display list of active topics for this category? $show_active = (isset($root_data['forum_flags']) && ($root_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS)) ? true : false; @@ -104,30 +125,19 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_tracking_info = array(); $branch_root_id = $root_data['forum_id']; - // Check for unread global announcements (index page only) - $ga_unread = false; - if ($root_data['forum_id'] == 0) - { - $unread_ga_list = get_unread_topics($user->data['user_id'], 'AND t.forum_id = 0', '', 1); - - if (!empty($unread_ga_list)) - { - $ga_unread = true; - } - } - while ($row = $db->sql_fetchrow($result)) { $forum_id = $row['forum_id']; // Mark forums read? - if ($mark_read == 'forums' || $mark_read == 'all') + if ($mark_read == 'forums') { if ($auth->acl_get('f_list', $forum_id)) { $forum_ids[] = $forum_id; - continue; } + + continue; } // Category with no members @@ -153,8 +163,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod continue; } - $forum_ids[] = $forum_id; - if ($config['load_db_lastread'] && $user->data['is_registered']) { $forum_tracking_info[$forum_id] = (!empty($row['mark_time'])) ? $row['mark_time'] : $user->data['user_lastmark']; @@ -256,24 +264,14 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $db->sql_freeresult($result); // Handle marking posts - if ($mark_read == 'forums' || $mark_read == 'all') + if ($mark_read == 'forums') { $redirect = build_url(array('mark', 'hash')); $token = request_var('hash', ''); if (check_link_hash($token, 'global')) { - if ($mark_read == 'all') - { - markread('all'); - $message = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $redirect . '">', '</a>'); - } - else - { - // Add 0 to forums array to mark global announcements correctly - $forum_ids[] = 0; - markread('topics', $forum_ids); - $message = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect . '">', '</a>'); - } + markread('topics', $forum_ids); + $message = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect . '">', '</a>'); meta_refresh(3, $redirect); trigger_error($user->lang['FORUMS_MARKED'] . '<br /><br />' . $message); } @@ -323,12 +321,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_unread = (isset($forum_tracking_info[$forum_id]) && $row['orig_forum_last_post_time'] > $forum_tracking_info[$forum_id]) ? true : false; - // Mark the first visible forum on index as unread if there's any unread global announcement - if ($ga_unread && !empty($forum_ids_moderator) && $forum_id == $forum_ids_moderator[0]) - { - $forum_unread = true; - } - $folder_image = $folder_alt = $l_subforums = ''; $subforums_list = array(); @@ -454,6 +446,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'S_NO_CAT' => $catless && !$last_catless, 'S_IS_LINK' => ($row['forum_type'] == FORUM_LINK) ? true : false, 'S_UNREAD_FORUM' => $forum_unread, + 'S_AUTH_READ' => $auth->acl_get('f_read', $row['forum_id']), 'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false, 'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false, 'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false, @@ -466,7 +459,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $l_post_click_count => $post_click_count, 'FORUM_IMG_STYLE' => $folder_image, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), - 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', @@ -479,7 +471,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'SUBFORUMS' => $s_subforums_list, 'L_SUBFORUM_STR' => $l_subforums, - 'L_FORUM_FOLDER_ALT' => $folder_alt, 'L_MODERATOR_STR' => $l_moderator, 'U_UNAPPROVED_TOPICS' => ($row['forum_id_unapproved_topics']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=unapproved_topics&f=' . $row['forum_id_unapproved_topics']) : '', @@ -665,7 +656,7 @@ function topic_generate_pagination($replies, $url) $pagination .= '<a href="' . $url . ($j == 0 ? '' : '&start=' . $j) . '">' . $times . '</a>'; if ($times == 1 && $total_pages > 5) { - $pagination .= ' ... '; + $pagination .= '<span class="page-dots"> ... </span>'; // Display the last three pages $times = $total_pages - 3; @@ -999,13 +990,17 @@ function display_user_activity(&$userdata) } // Obtain active topic + // We need to exclude passworded forums here so we do not leak the topic title + $forum_ary_topic = array_unique(array_merge($forum_ary, $user->get_passworded_forums())); + $forum_sql_topic = (!empty($forum_ary_topic)) ? 'AND ' . $db->sql_in_set('forum_id', $forum_ary_topic, true) : ''; + $sql = 'SELECT topic_id, COUNT(post_id) AS num_posts FROM ' . POSTS_TABLE . ' WHERE poster_id = ' . $userdata['user_id'] . " AND post_postcount = 1 AND (post_approved = 1 $sql_m_approve) - $forum_sql + $forum_sql_topic GROUP BY topic_id ORDER BY num_posts DESC"; $result = $db->sql_query_limit($sql, 1); @@ -1061,7 +1056,7 @@ function display_user_activity(&$userdata) /** * Topic and forum watching common code */ -function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0) +function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0, $item_title = '') { global $template, $db, $user, $phpEx, $start, $phpbb_root_path; global $request; @@ -1071,6 +1066,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $match_id = ($mode == 'forum') ? $forum_id : $topic_id; $u_url = "uid={$user->data['user_id']}"; $u_url .= ($mode == 'forum') ? '&f' : '&f=' . $forum_id . '&t'; + $is_watching = 0; // Is user watching this thread? if ($user_id != ANONYMOUS) @@ -1091,32 +1087,54 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, if (!is_null($notify_status) && $notify_status !== '') { - if (isset($_GET['unwatch'])) { $uid = request_var('uid', 0); - if ($uid != $user_id) - { - $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); - $message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); - trigger_error($message); - } - if ($request->variable('unwatch', '', false, phpbb_request_interface::GET) == $mode) + $token = request_var('hash', ''); + + if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true)) { - $is_watching = 0; + if ($uid != $user_id || $request->variable('unwatch', '', false, phpbb_request_interface::GET) != $mode) + { + $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); + $message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); + trigger_error($message); + } $sql = 'DELETE FROM ' . $table_sql . " WHERE $where_sql = $match_id AND user_id = $user_id"; $db->sql_query($sql); - } - - $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); - meta_refresh(3, $redirect_url); + $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); + $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />'; + $message .= sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); + meta_refresh(3, $redirect_url); + trigger_error($message); + } + else + { + $s_hidden_fields = array( + 'uid' => $user->data['user_id'], + 'unwatch' => $mode, + 'start' => $start, + 'f' => $forum_id, + ); + if ($mode != 'forum') + { + $s_hidden_fields['t'] = $topic_id; + } - $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); - trigger_error($message); + if ($item_title == '') + { + $confirm_box_message = 'UNWATCH_' . strtoupper($mode); + } + else + { + $confirm_box_message = $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title); + } + confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields)); + } } else { @@ -1136,26 +1154,45 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, { if (isset($_GET['watch'])) { + $uid = request_var('uid', 0); $token = request_var('hash', ''); - $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); - if ($request->variable('watch', '', false, phpbb_request_interface::GET) == $mode && check_link_hash($token, "{$mode}_$match_id")) + if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true)) { + if ($uid != $user_id || $request->variable('watch', '', false, phpbb_request_interface::GET) != $mode) + { + $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); + $message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); + trigger_error($message); + } + $is_watching = true; $sql = 'INSERT INTO ' . $table_sql . " (user_id, $where_sql, notify_status) VALUES ($user_id, $match_id, " . NOTIFY_YES . ')'; $db->sql_query($sql); + + $redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start"); $message = $user->lang['ARE_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); + meta_refresh(3, $redirect_url); + trigger_error($message); } else { - $message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>'); - } - - meta_refresh(3, $redirect_url); + $s_hidden_fields = array( + 'uid' => $user->data['user_id'], + 'watch' => $mode, + 'start' => $start, + 'f' => $forum_id, + ); + if ($mode != 'forum') + { + $s_hidden_fields['t'] = $topic_id; + } - trigger_error($message); + $confirm_box_message = (($item_title == '') ? 'WATCH_' . strtoupper($mode) : $user->lang('WATCH_' . strtoupper($mode) . '_DETAILED', $item_title)); + confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields)); + } } else { @@ -1165,7 +1202,8 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, } else { - if ($request->variable('unwatch', '', false, phpbb_request_interface::GET) == $mode) + if ((isset($_GET['unwatch']) && $request->variable('unwatch', '', false, phpbb_request_interface::GET) == $mode) || + (isset($_GET['watch']) && $request->variable('watch', '', false, phpbb_request_interface::GET) == $mode)) { login_box(); } diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 94bcb36698..b4664d74cb 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -100,10 +100,10 @@ function send_avatar_to_browser($file, $browser) */ function wrap_img_in_html($src, $title) { - echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">'; + echo '<!DOCTYPE html>'; echo '<html>'; echo '<head>'; - echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />'; + echo '<meta charset="utf-8">'; echo '<title>' . $title . '</title>'; echo '</head>'; echo '<body>'; @@ -274,7 +274,9 @@ function send_file_to_browser($attachment, $upload_dir, $category) */ function header_filename($file) { - $user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; + global $request; + + $user_agent = $request->header('User-Agent'); // There be dragons here. // Not many follows the RFC... @@ -292,14 +294,14 @@ function header_filename($file) */ function download_allowed() { - global $config, $user, $db; + global $config, $user, $db, $request; if (!$config['secure_downloads']) { return true; } - $url = (!empty($_SERVER['HTTP_REFERER'])) ? trim($_SERVER['HTTP_REFERER']) : trim(getenv('HTTP_REFERER')); + $url = htmlspecialchars_decode($request->header('Referer')); if (!$url) { @@ -404,8 +406,10 @@ function download_allowed() */ function set_modified_headers($stamp, $browser) { + global $request; + // let's see if we have to send the file at all - $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; + $last_load = $request->header('Modified-Since') ? strtotime(trim($request->header('Modified-Since'))) : false; if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false)) { if ($last_load !== false && $last_load >= $stamp) @@ -473,12 +477,12 @@ function phpbb_http_byte_range($filesize) { $request_array = phpbb_find_range_request(); } - + return (empty($request_array)) ? false : phpbb_parse_range_request($request_array, $filesize); } /** -* Searches for HTTP range request in super globals. +* Searches for HTTP range request in request headers. * * @return mixed false if no request found * array of strings containing the requested ranges otherwise @@ -486,23 +490,16 @@ function phpbb_http_byte_range($filesize) */ function phpbb_find_range_request() { - $globals = array( - array('_SERVER', 'HTTP_RANGE'), - array('_ENV', 'HTTP_RANGE'), - ); + global $request; - foreach ($globals as $array) - { - $global = $array[0]; - $key = $array[1]; + $value = $request->header('Range'); - // Make sure range request starts with "bytes=" - if (isset($GLOBALS[$global][$key]) && strpos($GLOBALS[$global][$key], 'bytes=') === 0) - { - // Strip leading 'bytes=' - // Multiple ranges can be separated by a comma - return explode(',', substr($GLOBALS[$global][$key], 6)); - } + // Make sure range request starts with "bytes=" + if (strpos($value, 'bytes=') === 0) + { + // Strip leading 'bytes=' + // Multiple ranges can be separated by a comma + return explode(',', substr($value, 6)); } return false; diff --git a/phpBB/includes/functions_install.php b/phpBB/includes/functions_install.php index 4746b2f6e1..7a99bca0e2 100644 --- a/phpBB/includes/functions_install.php +++ b/phpBB/includes/functions_install.php @@ -104,7 +104,7 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20 'DRIVER' => 'mssqlnative', 'AVAILABLE' => true, '2.0.x' => false, - ), + ), 'oracle' => array( 'LABEL' => 'Oracle', 'SCHEMA' => 'oracle', @@ -211,61 +211,20 @@ function dbms_select($default = '', $only_20x_options = false) /** * Get tables of a database +* +* @deprecated */ -function get_tables($db) +function get_tables(&$db) { - switch ($db->sql_layer) + if (!class_exists('phpbb_db_tools')) { - case 'mysql': - case 'mysql4': - case 'mysqli': - $sql = 'SHOW TABLES'; - break; - - case 'sqlite': - $sql = 'SELECT name - FROM sqlite_master - WHERE type = "table"'; - break; - - case 'mssql': - case 'mssql_odbc': - case 'mssqlnative': - $sql = "SELECT name - FROM sysobjects - WHERE type='U'"; - break; - - case 'postgres': - $sql = 'SELECT relname - FROM pg_stat_user_tables'; - break; - - case 'firebird': - $sql = 'SELECT rdb$relation_name - FROM rdb$relations - WHERE rdb$view_source is null - AND rdb$system_flag = 0'; - break; - - case 'oracle': - $sql = 'SELECT table_name - FROM USER_TABLES'; - break; + global $phpbb_root_path, $phpEx; + require($phpbb_root_path . 'includes/db/db_tools.' . $phpEx); } - $result = $db->sql_query($sql); + $db_tools = new phpbb_db_tools($db); - $tables = array(); - - while ($row = $db->sql_fetchrow($result)) - { - $tables[] = current($row); - } - - $db->sql_freeresult($result); - - return $tables; + return $db_tools->sql_list_tables(); } /** @@ -555,3 +514,45 @@ function adjust_language_keys_callback($matches) return (!empty($lang[$matches[1]])) ? $db->sql_escape($lang[$matches[1]]) : $db->sql_escape($matches[1]); } } + +function phpbb_create_config_file_data($data, $dbms, $load_extensions, $debug = false) +{ + $load_extensions = implode(',', $load_extensions); + + $config_data = "<?php\n"; + $config_data .= "// phpBB 3.0.x auto-generated configuration file\n// Do not change anything in this file!\n"; + + $config_data_array = array( + 'dbms' => $dbms, + 'dbhost' => $data['dbhost'], + 'dbport' => $data['dbport'], + 'dbname' => $data['dbname'], + 'dbuser' => $data['dbuser'], + 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']), + 'table_prefix' => $data['table_prefix'], + 'acm_type' => 'file', + 'load_extensions' => $load_extensions, + ); + + foreach ($config_data_array as $key => $value) + { + $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n"; + } + + $config_data .= "\n@define('PHPBB_INSTALLED', true);\n"; + + if ($debug) + { + $config_data .= "@define('DEBUG', true);\n"; + $config_data .= "@define('DEBUG_EXTRA', true);\n"; + } + else + { + $config_data .= "// @define('DEBUG', true);\n"; + $config_data .= "// @define('DEBUG_EXTRA', true);\n"; + } + + $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! + + return $config_data; +} diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index f5d102b1da..1149d03347 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -175,7 +175,7 @@ class messenger */ function template($template_file, $template_lang = '', $template_path = '') { - global $config, $phpbb_root_path, $user; + global $config, $phpbb_root_path, $phpEx, $user, $phpbb_extension_manager; if (!trim($template_file)) { @@ -193,7 +193,9 @@ class messenger // tpl_msg now holds a template object we can use to parse the template file if (!isset($this->tpl_msg[$template_lang . $template_file])) { - $this->tpl_msg[$template_lang . $template_file] = new template(); + $template_locator = new phpbb_template_locator(); + $template_path_provider = new phpbb_template_extension_path_provider($phpbb_extension_manager, new phpbb_template_path_provider()); + $this->tpl_msg[$template_lang . $template_file] = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $template_locator, $template_path_provider); $tpl = &$this->tpl_msg[$template_lang . $template_file]; $fallback_template_path = false; @@ -333,7 +335,7 @@ class messenger */ function error($type, $msg) { - global $user, $phpEx, $phpbb_root_path, $config; + global $user, $phpEx, $phpbb_root_path, $config, $request; // Session doesn't exist, create it if (!isset($user->session_id) || $user->session_id === '') @@ -341,7 +343,7 @@ class messenger $user->session_begin(); } - $calling_page = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; + $calling_page = htmlspecialchars_decode($request->server('PHP_SELF')); $message = ''; switch ($type) @@ -975,9 +977,16 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false) $smtp->add_backtrace('Connecting to ' . $config['smtp_host'] . ':' . $config['smtp_port']); // Ok we have error checked as much as we can to this point let's get on it already. - ob_start(); + if (!class_exists('phpbb_error_collector')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/error_collector.' . $phpEx); + } + $collector = new phpbb_error_collector; + $collector->install(); $smtp->socket = fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20); - $error_contents = ob_get_clean(); + $collector->uninstall(); + $error_contents = $collector->format_errors(); if (!$smtp->socket) { @@ -1608,18 +1617,27 @@ function mail_encode($str, $eol = "\r\n") */ function phpbb_mail($to, $subject, $msg, $headers, $eol, &$err_msg) { - global $config; + global $config, $phpbb_root_path, $phpEx; // We use the EOL character for the OS here because the PHP mail function does not correctly transform line endings. On Windows SMTP is used (SMTP is \r\n), on UNIX a command is used... // Reference: http://bugs.php.net/bug.php?id=15841 $headers = implode($eol, $headers); - ob_start(); + if (!class_exists('phpbb_error_collector')) + { + include($phpbb_root_path . 'includes/error_collector.' . $phpEx); + } + + $collector = new phpbb_error_collector; + $collector->install(); + // On some PHP Versions mail() *may* fail if there are newlines within the subject. // Newlines are used as a delimiter for lines in mail_encode() according to RFC 2045 section 6.8. // Because PHP can't decide what is wanted we revert back to the non-RFC-compliant way of separating by one space (Use '' as parameter to mail_encode() results in SPACE used) $result = $config['email_function_name']($to, mail_encode($subject, ''), wordwrap(utf8_wordwrap($msg), 997, "\n", true), $headers); - $err_msg = ob_get_clean(); + + $collector->uninstall(); + $err_msg = $collector->format_errors(); return $result; } diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index 09c54422b0..1f451d392d 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -221,13 +221,15 @@ class p_master // We need to prefix the functions to not create a naming conflict // Function for building 'url_extra' - $url_func = '_module_' . $row['module_basename'] . '_url'; + $short_name = $this->get_short_name($row['module_basename']); + + $url_func = '_module_' . $short_name . '_url'; // Function for building the language name - $lang_func = '_module_' . $row['module_basename'] . '_lang'; + $lang_func = '_module_' . $short_name . '_lang'; // Custom function for calling parameters on module init (for example assigning template variables) - $custom_func = '_module_' . $row['module_basename']; + $custom_func = '_module_' . $short_name; $names[$row['module_basename'] . '_' . $row['module_mode']][] = true; @@ -275,6 +277,11 @@ class p_master */ function loaded($module_basename, $module_mode = false) { + if (!$this->is_full_class($module_basename)) + { + $module_basename = $this->p_class . '_' . $module_basename; + } + if (empty($this->loaded_cache)) { $this->loaded_cache = array(); @@ -381,6 +388,11 @@ class p_master $id = request_var('icat', ''); } + if ($id && !is_numeric($id) && !$this->is_full_class($id)) + { + $id = $this->p_class . '_' . $id; + } + $category = false; foreach ($this->module_ary as $row_id => $item_ary) { @@ -389,9 +401,9 @@ class p_master // If this is a module and no mode selected, select first mode // If no category or module selected, go active for first module in first category if ( - (($item_ary['name'] === $id || $item_ary['id'] === (int) $id) && (($item_ary['mode'] == $mode && !$item_ary['cat']) || ($icat && $item_ary['cat']))) || + (($item_ary['name'] === $id || $item_ary['name'] === $this->p_class . '_' . $id || $item_ary['id'] === (int) $id) && (($item_ary['mode'] == $mode && !$item_ary['cat']) || ($icat && $item_ary['cat']))) || ($item_ary['parent'] === $category && !$item_ary['cat'] && !$icat && $item_ary['display']) || - (($item_ary['name'] === $id || $item_ary['id'] === (int) $id) && !$mode && !$item_ary['cat']) || + (($item_ary['name'] === $id || $item_ary['name'] === $this->p_class . '_' . $id || $item_ary['id'] === (int) $id) && !$mode && !$item_ary['cat']) || (!$id && !$mode && !$item_ary['cat'] && $item_ary['display']) ) { @@ -440,75 +452,74 @@ class p_master trigger_error('Module not accessible', E_USER_ERROR); } - if (!class_exists("{$this->p_class}_$this->p_name")) + // new modules use the full class names, old ones are always called <type>_<name>, e.g. acp_board + if (!class_exists($this->p_name)) { - if (!file_exists("$module_path/{$this->p_class}_$this->p_name.$phpEx")) + if (!file_exists("$module_path/{$this->p_name}.$phpEx")) { - trigger_error("Cannot find module $module_path/{$this->p_class}_$this->p_name.$phpEx", E_USER_ERROR); + trigger_error("Cannot find module $module_path/{$this->p_name}.$phpEx", E_USER_ERROR); } - include("$module_path/{$this->p_class}_$this->p_name.$phpEx"); + include("$module_path/{$this->p_name}.$phpEx"); - if (!class_exists("{$this->p_class}_$this->p_name")) + if (!class_exists($this->p_name)) { - trigger_error("Module file $module_path/{$this->p_class}_$this->p_name.$phpEx does not contain correct class [{$this->p_class}_$this->p_name]", E_USER_ERROR); + trigger_error("Module file $module_path/{$this->p_name}.$phpEx does not contain correct class [{$this->p_name}]", E_USER_ERROR); } + } - if (!empty($mode)) - { - $this->p_mode = $mode; - } + if (!empty($mode)) + { + $this->p_mode = $mode; + } - // Create a new instance of the desired module ... if it has a - // constructor it will of course be executed - $instance = "{$this->p_class}_$this->p_name"; + // Create a new instance of the desired module ... + $class_name = $this->p_name; - $this->module = new $instance($this); + $this->module = new $class_name($this); - // We pre-define the action parameter we are using all over the place - if (defined('IN_ADMIN')) + // We pre-define the action parameter we are using all over the place + if (defined('IN_ADMIN')) + { + // Is first module automatically enabled a duplicate and the category not passed yet? + if (!$icat && $this->module_ary[$this->active_module_row_id]['is_duplicate']) { - // Is first module automatically enabled a duplicate and the category not passed yet? - if (!$icat && $this->module_ary[$this->active_module_row_id]['is_duplicate']) - { - $icat = $this->module_ary[$this->active_module_row_id]['parent']; - } + $icat = $this->module_ary[$this->active_module_row_id]['parent']; + } - // Not being able to overwrite ;) - $this->module->u_action = append_sid("{$phpbb_admin_path}index.$phpEx", "i={$this->p_name}") . (($icat) ? '&icat=' . $icat : '') . "&mode={$this->p_mode}"; + // Not being able to overwrite ;) + $this->module->u_action = append_sid("{$phpbb_admin_path}index.$phpEx", "i={$this->p_name}") . (($icat) ? '&icat=' . $icat : '') . "&mode={$this->p_mode}"; + } + else + { + // If user specified the module url we will use it... + if ($module_url !== false) + { + $this->module->u_action = $module_url; } else { - // If user specified the module url we will use it... - if ($module_url !== false) - { - $this->module->u_action = $module_url; - } - else - { - $this->module->u_action = $phpbb_root_path . (($user->page['page_dir']) ? $user->page['page_dir'] . '/' : '') . $user->page['page_name']; - } - - $this->module->u_action = append_sid($this->module->u_action, "i={$this->p_name}") . (($icat) ? '&icat=' . $icat : '') . "&mode={$this->p_mode}"; + $this->module->u_action = $phpbb_root_path . (($user->page['page_dir']) ? $user->page['page_dir'] . '/' : '') . $user->page['page_name']; } - // Add url_extra parameter to u_action url - if (!empty($this->module_ary) && $this->active_module !== false && $this->module_ary[$this->active_module_row_id]['url_extra']) - { - $this->module->u_action .= $this->module_ary[$this->active_module_row_id]['url_extra']; - } + $this->module->u_action = append_sid($this->module->u_action, "i={$this->p_name}") . (($icat) ? '&icat=' . $icat : '') . "&mode={$this->p_mode}"; + } - // Assign the module path for re-usage - $this->module->module_path = $module_path . '/'; + // Add url_extra parameter to u_action url + if (!empty($this->module_ary) && $this->active_module !== false && $this->module_ary[$this->active_module_row_id]['url_extra']) + { + $this->module->u_action .= $this->module_ary[$this->active_module_row_id]['url_extra']; + } - // Execute the main method for the new instance, we send the module id and mode as parameters - // Users are able to call the main method after this function to be able to assign additional parameters manually - if ($execute_module) - { - $this->module->main($this->p_name, $this->p_mode); - } + // Assign the module path for re-usage + $this->module->module_path = $module_path . '/'; - return; + // Execute the main method for the new instance, we send the module id and mode as parameters + // Users are able to call the main method after this function to be able to assign additional parameters manually + if ($execute_module) + { + $short_name = preg_replace("#^{$this->p_class}_#", '', $this->p_name); + $this->module->main($short_name, $this->p_mode); } } @@ -547,7 +558,7 @@ class p_master // If we find a name by this id and being enabled we have our active one... foreach ($this->module_ary as $row_id => $item_ary) { - if (($item_ary['name'] === $id || $item_ary['id'] === (int) $id) && $item_ary['display']) + if (($item_ary['name'] === $id || $item_ary['id'] === (int) $id) && $item_ary['display'] || $item_ary['name'] === $this->p_class . '_' . $id) { if ($mode === false || $mode === $item_ary['mode']) { @@ -841,7 +852,7 @@ class p_master { foreach ($this->module_ary as $row_id => $item_ary) { - if (($item_ary['name'] === $id || $item_ary['id'] === (int) $id) && (!$mode || $item_ary['mode'] === $mode)) + if (($item_ary['name'] === $id || $item_ary['name'] === $this->p_class . '_' . $id || $item_ary['id'] === (int) $id) && (!$mode || $item_ary['mode'] === $mode)) { $this->module_ary[$row_id]['display'] = (int) $display; } @@ -855,28 +866,49 @@ class p_master { global $user, $phpEx; - if (file_exists($user->lang_path . $user->lang_name . '/mods')) - { - $add_files = array(); + global $phpbb_extension_manager; - $dir = @opendir($user->lang_path . $user->lang_name . '/mods'); + $finder = $phpbb_extension_manager->get_finder(); - if ($dir) - { - while (($entry = readdir($dir)) !== false) - { - if (strpos($entry, 'info_' . strtolower($module_class) . '_') === 0 && substr(strrchr($entry, '.'), 1) == $phpEx) - { - $add_files[] = 'mods/' . substr(basename($entry), 0, -(strlen($phpEx) + 1)); - } - } - closedir($dir); - } + $lang_files = $finder + ->prefix('info_' . strtolower($module_class) . '_') + ->suffix(".$phpEx") + ->extension_directory('/language/' . $user->lang_name) + ->core_path('language/' . $user->lang_name . '/mods/') + ->find(); - if (sizeof($add_files)) - { - $user->add_lang($add_files); - } + foreach ($lang_files as $lang_file => $ext_name) + { + $user->add_lang_ext($ext_name, $lang_file); } } + + /** + * Retrieve shortened module basename for legacy basenames (with xcp_ prefix) + * + * @param string $basename A module basename + * @return string The basename if it starts with phpbb_ or the basename with + * the current p_class (e.g. acp_) stripped. + */ + protected function get_short_name($basename) + { + if (substr($basename, 0, 6) === 'phpbb_') + { + return $basename; + } + + // strip xcp_ prefix from old classes + return substr($basename, strlen($this->p_class) + 1); + } + + /** + * Checks whether the given module basename is a correct class name + * + * @param string $basename A module basename + * @return bool True if the basename starts with phpbb_ or (x)cp_, false otherwise + */ + protected function is_full_class($basename) + { + return (substr($basename, 0, 6) === 'phpbb_' || substr($basename, 0, strlen($this->p_class) + 1) === $this->p_class . '_'); + } } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 61cc096e26..dd8437da1a 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -21,7 +21,7 @@ if (!defined('IN_PHPBB')) */ function generate_smilies($mode, $forum_id) { - global $auth, $db, $user, $config, $template; + global $db, $user, $config, $template; global $phpEx, $phpbb_root_path; $start = request_var('start', 0); @@ -338,7 +338,7 @@ function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL) $topic_type_array[] = array( 'VALUE' => $topic_value['const'], - 'S_CHECKED' => ($cur_topic_type == $topic_value['const'] || ($forum_id == 0 && $topic_value['const'] == POST_GLOBAL)) ? ' checked="checked"' : '', + 'S_CHECKED' => ($cur_topic_type == $topic_value['const']) ? ' checked="checked"' : '', 'L_TOPIC_TYPE' => $user->lang[$topic_value['lang']] ); } @@ -560,7 +560,6 @@ function get_supported_image_types($type = false) if ($type !== false) { // Type is one of the IMAGETYPE constants - it is fetched from getimagesize() - // We do not use the constants here, because some were not available in PHP 4.3.x switch ($type) { // GIF @@ -804,7 +803,7 @@ function posting_gen_inline_attachments(&$attachment_data) */ function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true) { - global $template, $config, $phpbb_root_path, $phpEx, $user, $auth; + global $template, $config, $phpbb_root_path, $phpEx, $user; // Some default template variables $template->assign_vars(array( @@ -1079,7 +1078,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id continue; } - $row =& $rowset[$post_list[$i]]; + $row = $rowset[$post_list[$i]]; $poster_id = $row['user_id']; $post_subject = $row['post_subject']; @@ -1465,11 +1464,8 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) delete_topics('topic_id', array($topic_id), false); - if ($data['topic_type'] != POST_GLOBAL) - { - $sql_data[FORUMS_TABLE] .= 'forum_topics_real = forum_topics_real - 1'; - $sql_data[FORUMS_TABLE] .= ($data['topic_approved']) ? ', forum_posts = forum_posts - 1, forum_topics = forum_topics - 1' : ''; - } + $sql_data[FORUMS_TABLE] .= 'forum_topics_real = forum_topics_real - 1'; + $sql_data[FORUMS_TABLE] .= ($data['topic_approved']) ? ', forum_posts = forum_posts - 1, forum_topics = forum_topics - 1' : ''; $update_sql = update_post_information('forum', $forum_id, true); if (sizeof($update_sql)) @@ -1489,10 +1485,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if ($data['topic_type'] != POST_GLOBAL) - { - $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; - } + $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; $sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "', topic_time = " . (int) $row['post_time']; @@ -1503,10 +1496,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) break; case 'delete_last_post': - if ($data['topic_type'] != POST_GLOBAL) - { - $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; - } + $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; $update_sql = update_post_information('forum', $forum_id, true); if (sizeof($update_sql)) @@ -1548,10 +1538,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if ($data['topic_type'] != POST_GLOBAL) - { - $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; - } + $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; $sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : ''); $next_post_id = (int) $row['post_id']; @@ -1703,7 +1690,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u case 'post': case 'reply': $sql_data[POSTS_TABLE]['sql'] = array( - 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], + 'forum_id' => $data['forum_id'], 'poster_id' => (int) $user->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $user->ip, @@ -1771,7 +1758,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array( - 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], + 'forum_id' => $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'post_approved' => (!$post_approval) ? 0 : $data['post_approved'], @@ -1807,7 +1794,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_poster' => (int) $user->data['user_id'], 'topic_time' => $current_time, 'topic_last_view_time' => $current_time, - 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], + 'forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => $post_approval, 'topic_title' => $subject, @@ -1843,14 +1830,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id']) && $post_approval) ? ', user_posts = user_posts + 1' : ''); - if ($topic_type != POST_GLOBAL) + if ($post_approval) { - if ($post_approval) - { - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; - } - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($post_approval) ? ', forum_topics = forum_topics + 1' : ''); + $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } + $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($post_approval) ? ', forum_topics = forum_topics + 1' : ''); break; case 'reply': @@ -1863,7 +1847,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id']) && $post_approval) ? ', user_posts = user_posts + 1' : ''); - if ($post_approval && $topic_type != POST_GLOBAL) + if ($post_approval) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } @@ -1871,9 +1855,9 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u case 'edit_topic': case 'edit_first_post': - if (isset($poll['poll_options']) && !empty($poll['poll_options'])) + if (isset($poll['poll_options'])) { - $poll_start = ($poll['poll_start']) ? $poll['poll_start'] : $current_time; + $poll_start = ($poll['poll_start'] || empty($poll['poll_options'])) ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { @@ -1887,7 +1871,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } $sql_data[TOPICS_TABLE]['sql'] = array( - 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], + 'forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => (!$post_approval) ? 0 : $data['topic_approved'], 'topic_title' => $subject, @@ -2002,61 +1986,6 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u unset($sql_data[POSTS_TABLE]['sql']); } - $make_global = false; - - // Are we globalising or unglobalising? - if ($post_mode == 'edit_first_post' || $post_mode == 'edit_topic') - { - if (!sizeof($topic_row)) - { - $sql = 'SELECT topic_type, topic_replies, topic_replies_real, topic_approved, topic_last_post_id - FROM ' . TOPICS_TABLE . ' - WHERE topic_id = ' . $data['topic_id']; - $result = $db->sql_query($sql); - $topic_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - } - - // globalise/unglobalise? - if (($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) || ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL)) - { - if (!empty($sql_data[FORUMS_TABLE]['stat']) && implode('', $sql_data[FORUMS_TABLE]['stat'])) - { - $db->sql_query('UPDATE ' . FORUMS_TABLE . ' SET ' . implode(', ', $sql_data[FORUMS_TABLE]['stat']) . ' WHERE forum_id = ' . $data['forum_id']); - } - - $make_global = true; - $sql_data[FORUMS_TABLE]['stat'] = array(); - } - - // globalise - if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) - { - // Decrement topic/post count - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($topic_row['topic_replies_real'] + 1); - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($topic_row['topic_approved']) ? ', forum_topics = forum_topics - 1' : ''); - - // Update forum_ids for all posts - $sql = 'UPDATE ' . POSTS_TABLE . ' - SET forum_id = 0 - WHERE topic_id = ' . $data['topic_id']; - $db->sql_query($sql); - } - // unglobalise - else if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) - { - // Increment topic/post count - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($topic_row['topic_replies_real'] + 1); - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($topic_row['topic_approved']) ? ', forum_topics = forum_topics + 1' : ''); - - // Update forum_ids for all posts - $sql = 'UPDATE ' . POSTS_TABLE . ' - SET forum_id = ' . $data['forum_id'] . ' - WHERE topic_id = ' . $data['topic_id']; - $db->sql_query($sql); - } - } - // Update the topics table if (isset($sql_data[TOPICS_TABLE]['sql'])) { @@ -2076,11 +2005,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } // Update Poll Tables - if (isset($poll['poll_options']) && !empty($poll['poll_options'])) + if (isset($poll['poll_options'])) { $cur_poll_options = array(); - if ($poll['poll_start'] && $mode == 'edit') + if ($mode == 'edit') { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . ' @@ -2219,9 +2148,8 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } // we need to update the last forum information - // only applicable if the topic is not global and it is approved - // we also check to make sure we are not dealing with globaling the latest topic (pretty rare but still needs to be checked) - if ($topic_type != POST_GLOBAL && !$make_global && ($post_approved || !$data['post_approved'])) + // only applicable if the topic is approved + if ($post_approved || !$data['post_approved']) { // the last post makes us update the forum table. This can happen if... // We make a new topic @@ -2311,78 +2239,6 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } } } - else if ($make_global) - { - // somebody decided to be a party pooper, we must recalculate the whole shebang (maybe) - $sql = 'SELECT forum_last_post_id - FROM ' . FORUMS_TABLE . ' - WHERE forum_id = ' . (int) $data['forum_id']; - $result = $db->sql_query($sql); - $forum_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // we made a topic global, go get new data - if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL && $forum_row['forum_last_post_id'] == $topic_row['topic_last_post_id']) - { - // we need a fresh change of socks, everything has become invalidated - $sql = 'SELECT MAX(topic_last_post_id) as last_post_id - FROM ' . TOPICS_TABLE . ' - WHERE forum_id = ' . (int) $data['forum_id'] . ' - AND topic_approved = 1'; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // any posts left in this forum? - if (!empty($row['last_post_id'])) - { - $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour - FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u - WHERE p.poster_id = u.user_id - AND p.post_id = ' . (int) $row['last_post_id']; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // salvation, a post is found! jam it into the forums table - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; - } - else - { - // just our luck, the last topic in the forum has just been globalized... - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = 0'; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = ''"; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = 0'; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = 0'; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = ''"; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = ''"; - } - } - else if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL && $forum_row['forum_last_post_id'] < $topic_row['topic_last_post_id']) - { - // this post has a higher id, it is newer - $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour - FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u - WHERE p.poster_id = u.user_id - AND p.post_id = ' . (int) $topic_row['topic_last_post_id']; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // salvation, a post is found! jam it into the forums table - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; - $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; - $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; - } - } // topic sync time! // simply, we update if it is a reply or the last post is edited @@ -2470,7 +2326,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement - if ($make_global) + if ($topic_type == POST_GLOBAL) { $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']; @@ -2494,16 +2350,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u if ($update_search_index && $data['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised - $search_type = basename($config['search_type']); - - if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) - { - trigger_error('NO_SUCH_SEARCH_MODULE'); - } + $search_type = $config['search_type']; if (!class_exists($search_type)) { - include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + trigger_error('NO_SUCH_SEARCH_MODULE'); } $error = false; @@ -2514,7 +2365,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u trigger_error($error); } - $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']); + $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, $data['forum_id']); } // Topic Notification, do not change if moderator is changing other users posts... @@ -2543,7 +2394,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) - markread('topic', (($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']), $data['topic_id'], time()); + markread('topic', $data['forum_id'], $data['topic_id'], time()); // if ($config['load_db_lastread'] && $user->data['is_registered']) @@ -2551,7 +2402,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' - AND forum_id = ' . (($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']); + AND forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); @@ -2564,23 +2415,14 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info - if ($topic_type == POST_GLOBAL) - { - $sql = 'SELECT MAX(topic_last_post_time) as forum_last_post_time - FROM ' . TOPICS_TABLE . ' - WHERE forum_id = 0'; - } - else - { - $sql = 'SELECT forum_last_post_time - FROM ' . FORUMS_TABLE . ' - WHERE forum_id = ' . $data['forum_id']; - } + $sql = 'SELECT forum_last_post_time + FROM ' . FORUMS_TABLE . ' + WHERE forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result); - update_forum_tracking_info((($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']), $forum_last_post_time, $f_mark_time, false); + update_forum_tracking_info($data['forum_id'], $forum_last_post_time, $f_mark_time, false); } // Send Notifications @@ -2611,3 +2453,105 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u return $url; } + +/** +* Handle topic bumping +* @param int $forum_id The ID of the forum the topic is being bumped belongs to +* @param int $topic_id The ID of the topic is being bumping +* @param array $post_data Passes some topic parameters: +* - 'topic_title' +* - 'topic_last_post_id' +* - 'topic_last_poster_id' +* - 'topic_last_post_subject' +* - 'topic_last_poster_name' +* - 'topic_last_poster_colour' +* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time(). +* @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&topic_id=2&p=3#p3 +*/ +function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false) +{ + global $config, $db, $user, $phpEx, $phpbb_root_path; + + if ($bump_time === false) + { + $bump_time = time(); + } + + // Begin bumping + $db->sql_transaction('begin'); + + // Update the topic's last post post_time + $sql = 'UPDATE ' . POSTS_TABLE . " + SET post_time = $bump_time + WHERE post_id = {$post_data['topic_last_post_id']} + AND topic_id = $topic_id"; + $db->sql_query($sql); + + // Sync the topic's last post time, the rest of the topic's last post data isn't changed + $sql = 'UPDATE ' . TOPICS_TABLE . " + SET topic_last_post_time = $bump_time, + topic_bumped = 1, + topic_bumper = " . $user->data['user_id'] . " + WHERE topic_id = $topic_id"; + $db->sql_query($sql); + + // Update the forum's last post info + $sql = 'UPDATE ' . FORUMS_TABLE . " + SET forum_last_post_id = " . $post_data['topic_last_post_id'] . ", + forum_last_poster_id = " . $post_data['topic_last_poster_id'] . ", + forum_last_post_subject = '" . $db->sql_escape($post_data['topic_last_post_subject']) . "', + forum_last_post_time = $bump_time, + forum_last_poster_name = '" . $db->sql_escape($post_data['topic_last_poster_name']) . "', + forum_last_poster_colour = '" . $db->sql_escape($post_data['topic_last_poster_colour']) . "' + WHERE forum_id = $forum_id"; + $db->sql_query($sql); + + // Update bumper's time of the last posting to prevent flood + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_lastpost_time = $bump_time + WHERE user_id = " . $user->data['user_id']; + $db->sql_query($sql); + + $db->sql_transaction('commit'); + + // Mark this topic as posted to + markread('post', $forum_id, $topic_id, $bump_time); + + // Mark this topic as read + markread('topic', $forum_id, $topic_id, $bump_time); + + // Update forum tracking info + if ($config['load_db_lastread'] && $user->data['is_registered']) + { + $sql = 'SELECT mark_time + FROM ' . FORUMS_TRACK_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND forum_id = ' . $forum_id; + $result = $db->sql_query($sql); + $f_mark_time = (int) $db->sql_fetchfield('mark_time'); + $db->sql_freeresult($result); + } + else if ($config['load_anon_lastread'] || $user->data['is_registered']) + { + $f_mark_time = false; + } + + if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered']) + { + // Update forum info + $sql = 'SELECT forum_last_post_time + FROM ' . FORUMS_TABLE . ' + WHERE forum_id = ' . $forum_id; + $result = $db->sql_query($sql); + $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); + $db->sql_freeresult($result); + + update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time, false); + } + + add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']); + + $url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}"; + + return $url; +} diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 9787bdfbc4..d90e321285 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -19,7 +19,8 @@ if (!defined('IN_PHPBB')) Ability to simply add own rules by doing three things: 1) Add an appropriate constant 2) Add a new check array to the global_privmsgs_rules variable and the condition array (if one is required) - 3) Add a new language variable to ucp.php + 3) Implement the rule logic in the check_rule() function + 4) Add a new language variable to ucp.php The user is then able to select the new rule. It will be checked against and handled as specified. To add new actions (yes, checks can be added here too) to the rule management, the core code has to be modified. @@ -57,42 +58,42 @@ define('CHECK_TO', 5); */ $global_privmsgs_rules = array( CHECK_SUBJECT => array( - RULE_IS_LIKE => array('check0' => 'message_subject', 'function' => 'preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0})'), - RULE_IS_NOT_LIKE => array('check0' => 'message_subject', 'function' => '!(preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0}))'), - RULE_IS => array('check0' => 'message_subject', 'function' => '{CHECK0} == {STRING}'), - RULE_IS_NOT => array('check0' => 'message_subject', 'function' => '{CHECK0} != {STRING}'), - RULE_BEGINS_WITH => array('check0' => 'message_subject', 'function' => 'preg_match("/^" . preg_quote({STRING}, "/") . "/i", {CHECK0})'), - RULE_ENDS_WITH => array('check0' => 'message_subject', 'function' => 'preg_match("/" . preg_quote({STRING}, "/") . "$/i", {CHECK0})'), + RULE_IS_LIKE => array('check0' => 'message_subject'), + RULE_IS_NOT_LIKE => array('check0' => 'message_subject'), + RULE_IS => array('check0' => 'message_subject'), + RULE_IS_NOT => array('check0' => 'message_subject'), + RULE_BEGINS_WITH => array('check0' => 'message_subject'), + RULE_ENDS_WITH => array('check0' => 'message_subject'), ), CHECK_SENDER => array( - RULE_IS_LIKE => array('check0' => 'username', 'function' => 'preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0})'), - RULE_IS_NOT_LIKE => array('check0' => 'username', 'function' => '!(preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0}))'), - RULE_IS => array('check0' => 'username', 'function' => '{CHECK0} == {STRING}'), - RULE_IS_NOT => array('check0' => 'username', 'function' => '{CHECK0} != {STRING}'), - RULE_BEGINS_WITH => array('check0' => 'username', 'function' => 'preg_match("/^" . preg_quote({STRING}, "/") . "/i", {CHECK0})'), - RULE_ENDS_WITH => array('check0' => 'username', 'function' => 'preg_match("/" . preg_quote({STRING}, "/") . "$/i", {CHECK0})'), - RULE_IS_FRIEND => array('check0' => 'friend', 'function' => '{CHECK0} == 1'), - RULE_IS_FOE => array('check0' => 'foe', 'function' => '{CHECK0} == 1'), - RULE_IS_USER => array('check0' => 'author_id', 'function' => '{CHECK0} == {USER_ID}'), - RULE_IS_GROUP => array('check0' => 'author_in_group', 'function' => 'in_array({GROUP_ID}, {CHECK0})'), + RULE_IS_LIKE => array('check0' => 'username'), + RULE_IS_NOT_LIKE => array('check0' => 'username'), + RULE_IS => array('check0' => 'username'), + RULE_IS_NOT => array('check0' => 'username'), + RULE_BEGINS_WITH => array('check0' => 'username'), + RULE_ENDS_WITH => array('check0' => 'username'), + RULE_IS_FRIEND => array('check0' => 'friend'), + RULE_IS_FOE => array('check0' => 'foe'), + RULE_IS_USER => array('check0' => 'author_id'), + RULE_IS_GROUP => array('check0' => 'author_in_group'), ), CHECK_MESSAGE => array( - RULE_IS_LIKE => array('check0' => 'message_text', 'function' => 'preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0})'), - RULE_IS_NOT_LIKE => array('check0' => 'message_text', 'function' => '!(preg_match("/" . preg_quote({STRING}, "/") . "/i", {CHECK0}))'), - RULE_IS => array('check0' => 'message_text', 'function' => '{CHECK0} == {STRING}'), - RULE_IS_NOT => array('check0' => 'message_text', 'function' => '{CHECK0} != {STRING}'), + RULE_IS_LIKE => array('check0' => 'message_text'), + RULE_IS_NOT_LIKE => array('check0' => 'message_text'), + RULE_IS => array('check0' => 'message_text'), + RULE_IS_NOT => array('check0' => 'message_text'), ), CHECK_STATUS => array( - RULE_ANSWERED => array('check0' => 'pm_replied', 'function' => '{CHECK0} == 1'), - RULE_FORWARDED => array('check0' => 'pm_forwarded', 'function' => '{CHECK0} == 1'), + RULE_ANSWERED => array('check0' => 'pm_replied'), + RULE_FORWARDED => array('check0' => 'pm_forwarded'), ), CHECK_TO => array( - RULE_TO_GROUP => array('check0' => 'to', 'check1' => 'bcc', 'check2' => 'user_in_group', 'function' => 'in_array("g_" . {CHECK2}, {CHECK0}) || in_array("g_" . {CHECK2}, {CHECK1})'), - RULE_TO_ME => array('check0' => 'to', 'check1' => 'bcc', 'function' => 'in_array("u_" . $user_id, {CHECK0}) || in_array("u_" . $user_id, {CHECK1})'), + RULE_TO_GROUP => array('check0' => 'to', 'check1' => 'bcc', 'check2' => 'user_in_group'), + RULE_TO_ME => array('check0' => 'to', 'check1' => 'bcc'), ) ); @@ -260,16 +261,60 @@ function check_rule(&$rules, &$rule_row, &$message_row, $user_id) $check_ary = $rules[$rule_row['rule_check']][$rule_row['rule_connection']]; - // Replace Check Literals - $evaluate = $check_ary['function']; - $evaluate = preg_replace('/{(CHECK[0-9])}/', '$message_row[$check_ary[strtolower("\1")]]', $evaluate); + $result = false; - // Replace Rule Literals - $evaluate = preg_replace('/{(STRING|USER_ID|GROUP_ID)}/', '$rule_row["rule_" . strtolower("\1")]', $evaluate); + $check0 = $message_row[$check_ary['check0']]; + + switch ($rule_row['rule_connection']) + { + case RULE_IS_LIKE: + $result = preg_match("/" . preg_quote($rule_row['rule_string'], '/') . '/i', $check0); + break; + + case RULE_IS_NOT_LIKE: + $result = !preg_match("/" . preg_quote($rule_row['rule_string'], '/') . '/i', $check0); + break; + + case RULE_IS: + $result = ($check0 == $rule_row['rule_string']); + break; + + case RULE_IS_NOT: + $result = ($check0 != $rule_row['rule_string']); + break; + + case RULE_BEGINS_WITH: + $result = preg_match("/^" . preg_quote($rule_row['rule_string'], '/') . '/i', $check0); + break; + + case RULE_ENDS_WITH: + $result = preg_match("/" . preg_quote($rule_row['rule_string'], '/') . '$/i', $check0); + break; + + case RULE_IS_FRIEND: + case RULE_IS_FOE: + case RULE_ANSWERED: + case RULE_FORWARDED: + $result = ($check0 == 1); + break; + + case RULE_IS_USER: + $result = ($check0 == $rule_row['rule_user_id']); + break; + + case RULE_IS_GROUP: + $result = in_array($rule_row['rule_group_id'], $check0); + break; + + case RULE_TO_GROUP: + $result = (in_array('g_' . $message_row[$check_ary['check2']], $check0) || in_array('g_' . $message_row[$check_ary['check2']], $message_row[$check_ary['check1']])); + break; + + case RULE_TO_ME: + $result = (in_array('u_' . $user_id, $check0) || in_array('u_' . $user_id, $message_row[$check_ary['check1']])); + break; + } - // Evil Statement - $result = false; - eval('$result = (' . $evaluate . ') ? true : false;'); if (!$result) { @@ -1607,7 +1652,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) // Send Notifications if ($mode != 'edit') { - pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message']); + pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message'], $data['msg_id']); } return $data['msg_id']; @@ -1616,7 +1661,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) /** * PM Notification */ -function pm_notification($mode, $author, $recipients, $subject, $message) +function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; @@ -1688,8 +1733,9 @@ function pm_notification($mode, $author, $recipients, $subject, $message) 'AUTHOR_NAME' => htmlspecialchars_decode($author), 'USERNAME' => htmlspecialchars_decode($addr['name']), - 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox") - ); + 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox", + 'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=view&p=$msg_id", + )); $messenger->send($addr['method']); } diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 44deffa162..ec29a1732d 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -149,7 +149,18 @@ class custom_profile case FIELD_DROPDOWN: $field_value = (int) $field_value; - + + // retrieve option lang data if necessary + if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']])) + { + $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false); + } + + if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value])) + { + return 'FIELD_INVALID_VALUE'; + } + if ($field_value == $field_data['field_novalue'] && $field_data['field_required']) { return 'FIELD_REQUIRED'; @@ -302,6 +313,7 @@ class custom_profile switch ($cp_result) { case 'FIELD_INVALID_DATE': + case 'FIELD_INVALID_VALUE': case 'FIELD_REQUIRED': $error = sprintf($user->lang[$cp_result], $row['lang_name']); break; diff --git a/phpBB/includes/functions_template.php b/phpBB/includes/functions_template.php deleted file mode 100644 index d3f9e0dda1..0000000000 --- a/phpBB/includes/functions_template.php +++ /dev/null @@ -1,812 +0,0 @@ -<?php -/** -* -* @package phpBB3 -* @version $Id$ -* @copyright (c) 2005 phpBB Group, sections (c) 2001 ispi of Lincoln Inc -* @license http://opensource.org/licenses/gpl-license.php GNU Public License -* -*/ - -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - -/** -* Extension of template class - Functions needed for compiling templates only. -* -* psoTFX, phpBB Development Team - Completion of file caching, decompilation -* routines and implementation of conditionals/keywords and associated changes -* -* The interface was inspired by PHPLib templates, and the template file (formats are -* quite similar) -* -* The keyword/conditional implementation is currently based on sections of code from -* the Smarty templating engine (c) 2001 ispi of Lincoln, Inc. which is released -* (on its own and in whole) under the LGPL. Section 3 of the LGPL states that any code -* derived from an LGPL application may be relicenced under the GPL, this applies -* to this source -* -* DEFINE directive inspired by a request by Cyberalien -* -* @package phpBB3 -*/ -class template_compile -{ - var $template; - - // Various storage arrays - var $block_names = array(); - var $block_else_level = array(); - - /** - * constuctor - */ - function template_compile(&$template) - { - $this->template = &$template; - } - - /** - * Load template source from file - * @access private - */ - function _tpl_load_file($handle, $store_in_db = false) - { - // Try and open template for read - if (!file_exists($this->template->files[$handle])) - { - trigger_error("template->_tpl_load_file(): File {$this->template->files[$handle]} does not exist or is empty", E_USER_ERROR); - } - - $this->template->compiled_code[$handle] = $this->compile(trim(@file_get_contents($this->template->files[$handle]))); - - // Actually compile the code now. - $this->compile_write($handle, $this->template->compiled_code[$handle]); - - // Store in database if required... - if ($store_in_db) - { - global $db, $user; - - $sql_ary = array( - 'template_id' => $this->template->files_template[$handle], - 'template_filename' => $this->template->filename[$handle], - 'template_included' => '', - 'template_mtime' => time(), - 'template_data' => trim(@file_get_contents($this->template->files[$handle])), - ); - - $sql = 'INSERT INTO ' . STYLES_TEMPLATE_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - $db->sql_query($sql); - } - } - - /** - * Remove any PHP tags that do not belong, these regular expressions are derived from - * the ones that exist in zend_language_scanner.l - * @access private - */ - function remove_php_tags(&$code) - { - // This matches the information gathered from the internal PHP lexer - $match = array( - '#<([\?%])=?.*?\1>#s', - '#<script\s+language\s*=\s*(["\']?)php\1\s*>.*?</script\s*>#s', - '#<\?php(?:\r\n?|[ \n\t]).*?\?>#s' - ); - - $code = preg_replace($match, '', $code); - } - - /** - * The all seeing all doing compile method. Parts are inspired by or directly from Smarty - * @access private - */ - function compile($code, $no_echo = false, $echo_var = '') - { - global $config; - - if ($echo_var) - { - global $$echo_var; - } - - // Remove any "loose" php ... we want to give admins the ability - // to switch on/off PHP for a given template. Allowing unchecked - // php is a no-no. There is a potential issue here in that non-php - // content may be removed ... however designers should use entities - // if they wish to display < and > - $this->remove_php_tags($code); - - // Pull out all block/statement level elements and separate plain text - preg_match_all('#<!-- PHP -->(.*?)<!-- ENDPHP -->#s', $code, $matches); - $php_blocks = $matches[1]; - $code = preg_replace('#<!-- PHP -->.*?<!-- ENDPHP -->#s', '<!-- PHP -->', $code); - - preg_match_all('#<!-- INCLUDE (\{\$?[A-Z0-9\-_]+\}|[a-zA-Z0-9\_\-\+\./]+) -->#', $code, $matches); - $include_blocks = $matches[1]; - $code = preg_replace('#<!-- INCLUDE (?:\{\$?[A-Z0-9\-_]+\}|[a-zA-Z0-9\_\-\+\./]+) -->#', '<!-- INCLUDE -->', $code); - - preg_match_all('#<!-- INCLUDEPHP ([a-zA-Z0-9\_\-\+\./]+) -->#', $code, $matches); - $includephp_blocks = $matches[1]; - $code = preg_replace('#<!-- INCLUDEPHP [a-zA-Z0-9\_\-\+\./]+ -->#', '<!-- INCLUDEPHP -->', $code); - - preg_match_all('#<!-- ([^<].*?) (.*?)? ?-->#', $code, $blocks, PREG_SET_ORDER); - - $text_blocks = preg_split('#<!-- [^<].*? (?:.*?)? ?-->#', $code); - - for ($i = 0, $j = sizeof($text_blocks); $i < $j; $i++) - { - $this->compile_var_tags($text_blocks[$i]); - } - $compile_blocks = array(); - - for ($curr_tb = 0, $tb_size = sizeof($blocks); $curr_tb < $tb_size; $curr_tb++) - { - $block_val = &$blocks[$curr_tb]; - - switch ($block_val[1]) - { - case 'BEGIN': - $this->block_else_level[] = false; - $compile_blocks[] = '<?php ' . $this->compile_tag_block($block_val[2]) . ' ?>'; - break; - - case 'BEGINELSE': - $this->block_else_level[sizeof($this->block_else_level) - 1] = true; - $compile_blocks[] = '<?php }} else { ?>'; - break; - - case 'END': - array_pop($this->block_names); - $compile_blocks[] = '<?php ' . ((array_pop($this->block_else_level)) ? '}' : '}}') . ' ?>'; - break; - - case 'IF': - $compile_blocks[] = '<?php ' . $this->compile_tag_if($block_val[2], false) . ' ?>'; - break; - - case 'ELSE': - $compile_blocks[] = '<?php } else { ?>'; - break; - - case 'ELSEIF': - $compile_blocks[] = '<?php ' . $this->compile_tag_if($block_val[2], true) . ' ?>'; - break; - - case 'ENDIF': - $compile_blocks[] = '<?php } ?>'; - break; - - case 'DEFINE': - $compile_blocks[] = '<?php ' . $this->compile_tag_define($block_val[2], true) . ' ?>'; - break; - - case 'UNDEFINE': - $compile_blocks[] = '<?php ' . $this->compile_tag_define($block_val[2], false) . ' ?>'; - break; - - case 'INCLUDE': - $temp = array_shift($include_blocks); - - // Dynamic includes - // Cheap match rather than a full blown regexp, we already know - // the format of the input so just use string manipulation. - if ($temp[0] == '{') - { - $file = false; - - if ($temp[1] == '$') - { - $var = substr($temp, 2, -1); - //$file = $this->template->_tpldata['DEFINE']['.'][$var]; - $temp = "\$this->_tpldata['DEFINE']['.']['$var']"; - } - else - { - $var = substr($temp, 1, -1); - //$file = $this->template->_rootref[$var]; - $temp = "\$this->_rootref['$var']"; - } - } - else - { - $file = $temp; - } - - $compile_blocks[] = '<?php ' . $this->compile_tag_include($temp) . ' ?>'; - - // No point in checking variable includes - if ($file) - { - $this->template->_tpl_include($file, false); - } - break; - - case 'INCLUDEPHP': - $compile_blocks[] = ($config['tpl_allow_php']) ? '<?php ' . $this->compile_tag_include_php(array_shift($includephp_blocks)) . ' ?>' : ''; - break; - - case 'PHP': - $compile_blocks[] = ($config['tpl_allow_php']) ? '<?php ' . array_shift($php_blocks) . ' ?>' : ''; - break; - - default: - $this->compile_var_tags($block_val[0]); - $trim_check = trim($block_val[0]); - $compile_blocks[] = (!$no_echo) ? ((!empty($trim_check)) ? $block_val[0] : '') : ((!empty($trim_check)) ? $block_val[0] : ''); - break; - } - } - - $template_php = ''; - for ($i = 0, $size = sizeof($text_blocks); $i < $size; $i++) - { - $trim_check_text = trim($text_blocks[$i]); - $template_php .= (!$no_echo) ? (($trim_check_text != '') ? $text_blocks[$i] : '') . ((isset($compile_blocks[$i])) ? $compile_blocks[$i] : '') : (($trim_check_text != '') ? $text_blocks[$i] : '') . ((isset($compile_blocks[$i])) ? $compile_blocks[$i] : ''); - } - - // Remove unused opening/closing tags - $template_php = str_replace(' ?><?php ', ' ', $template_php); - - // Now add a newline after each php closing tag which already has a newline - // PHP itself strips a newline if a closing tag is used (this is documented behaviour) and it is mostly not intended by style authors to remove newlines - $template_php = preg_replace('#\?\>([\r\n])#', '?>\1\1', $template_php); - - // There will be a number of occasions where we switch into and out of - // PHP mode instantaneously. Rather than "burden" the parser with this - // we'll strip out such occurences, minimising such switching - if ($no_echo) - { - return "\$$echo_var .= '" . $template_php . "'"; - } - - return $template_php; - } - - /** - * Compile variables - * @access private - */ - function compile_var_tags(&$text_blocks) - { - // change template varrefs into PHP varrefs - $varrefs = array(); - - // This one will handle varrefs WITH namespaces - preg_match_all('#\{((?:[a-z0-9\-_]+\.)+)(\$)?([A-Z0-9\-_]+)\}#', $text_blocks, $varrefs, PREG_SET_ORDER); - - foreach ($varrefs as $var_val) - { - $namespace = $var_val[1]; - $varname = $var_val[3]; - $new = $this->generate_block_varref($namespace, $varname, true, $var_val[2]); - - $text_blocks = str_replace($var_val[0], $new, $text_blocks); - } - - // This will handle the remaining root-level varrefs - // transform vars prefixed by L_ into their language variable pendant if nothing is set within the tpldata array - if (strpos($text_blocks, '{L_') !== false) - { - $text_blocks = preg_replace('#\{L_([A-Z0-9\-_]+)\}#', "<?php echo ((isset(\$this->_rootref['L_\\1'])) ? \$this->_rootref['L_\\1'] : ((isset(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '{ \\1 }')); ?>", $text_blocks); - } - - // Handle addslashed language variables prefixed with LA_ - // If a template variable already exist, it will be used in favor of it... - if (strpos($text_blocks, '{LA_') !== false) - { - $text_blocks = preg_replace('#\{LA_([A-Z0-9\-_]+)\}#', "<?php echo ((isset(\$this->_rootref['LA_\\1'])) ? \$this->_rootref['LA_\\1'] : ((isset(\$this->_rootref['L_\\1'])) ? addslashes(\$this->_rootref['L_\\1']) : ((isset(\$user->lang['\\1'])) ? addslashes(\$user->lang['\\1']) : '{ \\1 }'))); ?>", $text_blocks); - } - - // Handle remaining varrefs - $text_blocks = preg_replace('#\{([A-Z0-9\-_]+)\}#', "<?php echo (isset(\$this->_rootref['\\1'])) ? \$this->_rootref['\\1'] : ''; ?>", $text_blocks); - $text_blocks = preg_replace('#\{\$([A-Z0-9\-_]+)\}#', "<?php echo (isset(\$this->_tpldata['DEFINE']['.']['\\1'])) ? \$this->_tpldata['DEFINE']['.']['\\1'] : ''; ?>", $text_blocks); - - return; - } - - /** - * Compile blocks - * @access private - */ - function compile_tag_block($tag_args) - { - $no_nesting = false; - - // Is the designer wanting to call another loop in a loop? - if (strpos($tag_args, '!') === 0) - { - // Count the number if ! occurrences (not allowed in vars) - $no_nesting = substr_count($tag_args, '!'); - $tag_args = substr($tag_args, $no_nesting); - } - - // Allow for control of looping (indexes start from zero): - // foo(2) : Will start the loop on the 3rd entry - // foo(-2) : Will start the loop two entries from the end - // foo(3,4) : Will start the loop on the fourth entry and end it on the fifth - // foo(3,-4) : Will start the loop on the fourth entry and end it four from last - if (preg_match('#^([^()]*)\(([\-\d]+)(?:,([\-\d]+))?\)$#', $tag_args, $match)) - { - $tag_args = $match[1]; - - if ($match[2] < 0) - { - $loop_start = '($_' . $tag_args . '_count ' . $match[2] . ' < 0 ? 0 : $_' . $tag_args . '_count ' . $match[2] . ')'; - } - else - { - $loop_start = '($_' . $tag_args . '_count < ' . $match[2] . ' ? $_' . $tag_args . '_count : ' . $match[2] . ')'; - } - - if (strlen($match[3]) < 1 || $match[3] == -1) - { - $loop_end = '$_' . $tag_args . '_count'; - } - else if ($match[3] >= 0) - { - $loop_end = '(' . ($match[3] + 1) . ' > $_' . $tag_args . '_count ? $_' . $tag_args . '_count : ' . ($match[3] + 1) . ')'; - } - else //if ($match[3] < -1) - { - $loop_end = '$_' . $tag_args . '_count' . ($match[3] + 1); - } - } - else - { - $loop_start = 0; - $loop_end = '$_' . $tag_args . '_count'; - } - - $tag_template_php = ''; - array_push($this->block_names, $tag_args); - - if ($no_nesting !== false) - { - // We need to implode $no_nesting times from the end... - $block = array_slice($this->block_names, -$no_nesting); - } - else - { - $block = $this->block_names; - } - - if (sizeof($block) < 2) - { - // Block is not nested. - $tag_template_php = '$_' . $tag_args . "_count = (isset(\$this->_tpldata['$tag_args'])) ? sizeof(\$this->_tpldata['$tag_args']) : 0;"; - $varref = "\$this->_tpldata['$tag_args']"; - } - else - { - // This block is nested. - // Generate a namespace string for this block. - $namespace = implode('.', $block); - - // Get a reference to the data array for this block that depends on the - // current indices of all parent blocks. - $varref = $this->generate_block_data_ref($namespace, false); - - // Create the for loop code to iterate over this block. - $tag_template_php = '$_' . $tag_args . '_count = (isset(' . $varref . ')) ? sizeof(' . $varref . ') : 0;'; - } - - $tag_template_php .= 'if ($_' . $tag_args . '_count) {'; - - /** - * The following uses foreach for iteration instead of a for loop, foreach is faster but requires PHP to make a copy of the contents of the array which uses more memory - * <code> - * if (!$offset) - * { - * $tag_template_php .= 'foreach (' . $varref . ' as $_' . $tag_args . '_i => $_' . $tag_args . '_val){'; - * } - * </code> - */ - - $tag_template_php .= 'for ($_' . $tag_args . '_i = ' . $loop_start . '; $_' . $tag_args . '_i < ' . $loop_end . '; ++$_' . $tag_args . '_i){'; - $tag_template_php .= '$_'. $tag_args . '_val = &' . $varref . '[$_'. $tag_args. '_i];'; - - return $tag_template_php; - } - - /** - * Compile IF tags - much of this is from Smarty with - * some adaptions for our block level methods - * @access private - */ - function compile_tag_if($tag_args, $elseif) - { - // Tokenize args for 'if' tag. - preg_match_all('/(?: - "[^"\\\\]*(?:\\\\.[^"\\\\]*)*" | - \'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\' | - [(),] | - [^\s(),]+)/x', $tag_args, $match); - - $tokens = $match[0]; - $is_arg_stack = array(); - - for ($i = 0, $size = sizeof($tokens); $i < $size; $i++) - { - $token = &$tokens[$i]; - - switch ($token) - { - case '!==': - case '===': - case '<<': - case '>>': - case '|': - case '^': - case '&': - case '~': - case ')': - case ',': - case '+': - case '-': - case '*': - case '/': - case '@': - break; - - case '==': - case 'eq': - $token = '=='; - break; - - case '!=': - case '<>': - case 'ne': - case 'neq': - $token = '!='; - break; - - case '<': - case 'lt': - $token = '<'; - break; - - case '<=': - case 'le': - case 'lte': - $token = '<='; - break; - - case '>': - case 'gt': - $token = '>'; - break; - - case '>=': - case 'ge': - case 'gte': - $token = '>='; - break; - - case '&&': - case 'and': - $token = '&&'; - break; - - case '||': - case 'or': - $token = '||'; - break; - - case '!': - case 'not': - $token = '!'; - break; - - case '%': - case 'mod': - $token = '%'; - break; - - case '(': - array_push($is_arg_stack, $i); - break; - - case 'is': - $is_arg_start = ($tokens[$i-1] == ')') ? array_pop($is_arg_stack) : $i-1; - $is_arg = implode(' ', array_slice($tokens, $is_arg_start, $i - $is_arg_start)); - - $new_tokens = $this->_parse_is_expr($is_arg, array_slice($tokens, $i+1)); - - array_splice($tokens, $is_arg_start, sizeof($tokens), $new_tokens); - - $i = $is_arg_start; - - // no break - - default: - if (preg_match('#^((?:[a-z0-9\-_]+\.)+)?(\$)?(?=[A-Z])([A-Z0-9\-_]+)#s', $token, $varrefs)) - { - $token = (!empty($varrefs[1])) ? $this->generate_block_data_ref(substr($varrefs[1], 0, -1), true, $varrefs[2]) . '[\'' . $varrefs[3] . '\']' : (($varrefs[2]) ? '$this->_tpldata[\'DEFINE\'][\'.\'][\'' . $varrefs[3] . '\']' : '$this->_rootref[\'' . $varrefs[3] . '\']'); - } - else if (preg_match('#^\.((?:[a-z0-9\-_]+\.?)+)$#s', $token, $varrefs)) - { - // Allow checking if loops are set with .loopname - // It is also possible to check the loop count by doing <!-- IF .loopname > 1 --> for example - $blocks = explode('.', $varrefs[1]); - - // If the block is nested, we have a reference that we can grab. - // If the block is not nested, we just go and grab the block from _tpldata - if (sizeof($blocks) > 1) - { - $block = array_pop($blocks); - $namespace = implode('.', $blocks); - $varref = $this->generate_block_data_ref($namespace, true); - - // Add the block reference for the last child. - $varref .= "['" . $block . "']"; - } - else - { - $varref = '$this->_tpldata'; - - // Add the block reference for the last child. - $varref .= "['" . $blocks[0] . "']"; - } - $token = "sizeof($varref)"; - } - else if (!empty($token)) - { - $token = '(' . $token . ')'; - } - - break; - } - } - - // If there are no valid tokens left or only control/compare characters left, we do skip this statement - if (!sizeof($tokens) || str_replace(array(' ', '=', '!', '<', '>', '&', '|', '%', '(', ')'), '', implode('', $tokens)) == '') - { - $tokens = array('false'); - } - return (($elseif) ? '} else if (' : 'if (') . (implode(' ', $tokens) . ') { '); - } - - /** - * Compile DEFINE tags - * @access private - */ - function compile_tag_define($tag_args, $op) - { - preg_match('#^((?:[a-z0-9\-_]+\.)+)?\$(?=[A-Z])([A-Z0-9_\-]*)(?: = (\'?)([^\']*)(\'?))?$#', $tag_args, $match); - - if (empty($match[2]) || (!isset($match[4]) && $op)) - { - return ''; - } - - if (!$op) - { - return 'unset(' . (($match[1]) ? $this->generate_block_data_ref(substr($match[1], 0, -1), true, true) . '[\'' . $match[2] . '\']' : '$this->_tpldata[\'DEFINE\'][\'.\'][\'' . $match[2] . '\']') . ');'; - } - - // Are we a string? - if ($match[3] && $match[5]) - { - $match[4] = str_replace(array('\\\'', '\\\\', '\''), array('\'', '\\', '\\\''), $match[4]); - - // Compile reference, we allow template variables in defines... - $match[4] = $this->compile($match[4]); - - // Now replace the php code - $match[4] = "'" . str_replace(array('<?php echo ', '; ?>'), array("' . ", " . '"), $match[4]) . "'"; - } - else - { - preg_match('#true|false|\.#i', $match[4], $type); - - switch (strtolower($type[0])) - { - case 'true': - case 'false': - $match[4] = strtoupper($match[4]); - break; - - case '.': - $match[4] = doubleval($match[4]); - break; - - default: - $match[4] = intval($match[4]); - break; - } - } - - return (($match[1]) ? $this->generate_block_data_ref(substr($match[1], 0, -1), true, true) . '[\'' . $match[2] . '\']' : '$this->_tpldata[\'DEFINE\'][\'.\'][\'' . $match[2] . '\']') . ' = ' . $match[4] . ';'; - } - - /** - * Compile INCLUDE tag - * @access private - */ - function compile_tag_include($tag_args) - { - // Process dynamic includes - if ($tag_args[0] == '$') - { - return "if (isset($tag_args)) { \$this->_tpl_include($tag_args); }"; - } - - return "\$this->_tpl_include('$tag_args');"; - } - - /** - * Compile INCLUDE_PHP tag - * @access private - */ - function compile_tag_include_php($tag_args) - { - return "\$this->_php_include('$tag_args');"; - } - - /** - * parse expression - * This is from Smarty - * @access private - */ - function _parse_is_expr($is_arg, $tokens) - { - $expr_end = 0; - $negate_expr = false; - - if (($first_token = array_shift($tokens)) == 'not') - { - $negate_expr = true; - $expr_type = array_shift($tokens); - } - else - { - $expr_type = $first_token; - } - - switch ($expr_type) - { - case 'even': - if (@$tokens[$expr_end] == 'by') - { - $expr_end++; - $expr_arg = $tokens[$expr_end++]; - $expr = "!(($is_arg / $expr_arg) % $expr_arg)"; - } - else - { - $expr = "!($is_arg & 1)"; - } - break; - - case 'odd': - if (@$tokens[$expr_end] == 'by') - { - $expr_end++; - $expr_arg = $tokens[$expr_end++]; - $expr = "(($is_arg / $expr_arg) % $expr_arg)"; - } - else - { - $expr = "($is_arg & 1)"; - } - break; - - case 'div': - if (@$tokens[$expr_end] == 'by') - { - $expr_end++; - $expr_arg = $tokens[$expr_end++]; - $expr = "!($is_arg % $expr_arg)"; - } - break; - } - - if ($negate_expr) - { - $expr = "!($expr)"; - } - - array_splice($tokens, 0, $expr_end, $expr); - - return $tokens; - } - - /** - * Generates a reference to the given variable inside the given (possibly nested) - * block namespace. This is a string of the form: - * ' . $this->_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['varname'] . ' - * It's ready to be inserted into an "echo" line in one of the templates. - * NOTE: expects a trailing "." on the namespace. - * @access private - */ - function generate_block_varref($namespace, $varname, $echo = true, $defop = false) - { - // Strip the trailing period. - $namespace = substr($namespace, 0, -1); - - // Get a reference to the data block for this namespace. - $varref = $this->generate_block_data_ref($namespace, true, $defop); - // Prepend the necessary code to stick this in an echo line. - - // Append the variable reference. - $varref .= "['$varname']"; - $varref = ($echo) ? "<?php echo $varref; ?>" : ((isset($varref)) ? $varref : ''); - - return $varref; - } - - /** - * Generates a reference to the array of data values for the given - * (possibly nested) block namespace. This is a string of the form: - * $this->_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['$childN'] - * - * If $include_last_iterator is true, then [$_childN_i] will be appended to the form shown above. - * NOTE: does not expect a trailing "." on the blockname. - * @access private - */ - function generate_block_data_ref($blockname, $include_last_iterator, $defop = false) - { - // Get an array of the blocks involved. - $blocks = explode('.', $blockname); - $blockcount = sizeof($blocks) - 1; - - // DEFINE is not an element of any referenced variable, we must use _tpldata to access it - if ($defop) - { - $varref = '$this->_tpldata[\'DEFINE\']'; - // Build up the string with everything but the last child. - for ($i = 0; $i < $blockcount; $i++) - { - $varref .= "['" . $blocks[$i] . "'][\$_" . $blocks[$i] . '_i]'; - } - // Add the block reference for the last child. - $varref .= "['" . $blocks[$blockcount] . "']"; - // Add the iterator for the last child if requried. - if ($include_last_iterator) - { - $varref .= '[$_' . $blocks[$blockcount] . '_i]'; - } - return $varref; - } - else if ($include_last_iterator) - { - return '$_'. $blocks[$blockcount] . '_val'; - } - else - { - return '$_'. $blocks[$blockcount - 1] . '_val[\''. $blocks[$blockcount]. '\']'; - } - } - - /** - * Write compiled file to cache directory - * @access private - */ - function compile_write($handle, $data) - { - global $phpEx; - - $filename = $this->template->cachepath . str_replace('/', '.', $this->template->filename[$handle]) . '.' . $phpEx; - - $data = "<?php if (!defined('IN_PHPBB')) exit;" . ((strpos($data, '<?php') === 0) ? substr($data, 5) : ' ?>' . $data); - - if ($fp = @fopen($filename, 'wb')) - { - @flock($fp, LOCK_EX); - @fwrite ($fp, $data); - @flock($fp, LOCK_UN); - @fclose($fp); - - phpbb_chmod($filename, CHMOD_READ | CHMOD_WRITE); - } - - return; - } -} diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php index fca092a4de..2b7919a8d2 100644 --- a/phpBB/includes/functions_transfer.php +++ b/phpBB/includes/functions_transfer.php @@ -808,23 +808,56 @@ class ftp_fsock extends transfer */ function _open_data_connection() { - $this->_send_command('PASV', '', false); - - if (!$ip_port = $this->_check_command(true)) + // Try to find out whether we have a IPv4 or IPv6 (control) connection + if (function_exists('stream_socket_get_name')) { - return false; + $socket_name = stream_socket_get_name($this->connection, true); + $server_ip = substr($socket_name, 0, strrpos($socket_name, ':')); } - // open the connection to start sending the file - if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip)) { - // bad ip and port - return false; + // Passive mode + $this->_send_command('PASV', '', false); + + if (!$ip_port = $this->_check_command(true)) + { + return false; + } + + // open the connection to start sending the file + if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + { + // bad ip and port + return false; + } + + $temp = explode(',', $temp[0]); + $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; + $server_port = $temp[4] * 256 + $temp[5]; + } + else + { + // Extended Passive Mode - RFC2428 + $this->_send_command('EPSV', '', false); + + if (!$epsv_response = $this->_check_command(true)) + { + return false; + } + + // Response looks like "229 Entering Extended Passive Mode (|||12345|)" + // where 12345 is the tcp port for the data connection + if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match)) + { + return false; + } + $server_port = (int) $match[1]; + + // fsockopen expects IPv6 address in square brackets + $server_ip = "[$server_ip]"; } - $temp = explode(',', $temp[0]); - $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; - $server_port = $temp[4] * 256 + $temp[5]; $errno = 0; $errstr = ''; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index dd96530265..930cd4625f 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -733,7 +733,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas } else { - trigger_error('LENGTH_BAN_INVALID'); + trigger_error('LENGTH_BAN_INVALID', E_USER_WARNING); } } } @@ -793,7 +793,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas // Make sure we have been given someone to ban if (!sizeof($sql_usernames)) { - trigger_error('NO_USER_SPECIFIED'); + trigger_error('NO_USER_SPECIFIED', E_USER_WARNING); } $sql = 'SELECT user_id @@ -824,7 +824,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas else { $db->sql_freeresult($result); - trigger_error('NO_USERS'); + trigger_error('NO_USERS', E_USER_WARNING); } $db->sql_freeresult($result); break; @@ -926,7 +926,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if (empty($banlist_ary)) { - trigger_error('NO_IPS_DEFINED'); + trigger_error('NO_IPS_DEFINED', E_USER_WARNING); } } break; @@ -954,12 +954,12 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if (sizeof($ban_list) == 0) { - trigger_error('NO_EMAILS_DEFINED'); + trigger_error('NO_EMAILS_DEFINED', E_USER_WARNING); } break; default: - trigger_error('NO_MODE'); + trigger_error('NO_MODE', E_USER_WARNING); break; } @@ -1422,6 +1422,31 @@ function validate_match($string, $optional = false, $match = '') } /** +* Validate Language Pack ISO Name +* +* Tests whether a language name is valid and installed +* +* @param string $lang_iso The language string to test +* +* @return bool|string Either false if validation succeeded or +* a string which will be used as the error message +* (with the variable name appended) +*/ +function validate_language_iso_name($lang_iso) +{ + global $db; + + $sql = 'SELECT lang_id + FROM ' . LANG_TABLE . " + WHERE lang_iso = '" . $db->sql_escape($lang_iso) . "'"; + $result = $db->sql_query($sql); + $lang_id = (int) $db->sql_fetchfield('lang_id'); + $db->sql_freeresult($result); + + return ($lang_id) ? false : 'WRONG_DATA'; +} + +/** * Check to see if the username has been taken, or if it is disallowed. * Also checks if it includes the " character, which we don't allow in usernames. * Used for registering, changing names, and posting anonymously with a username @@ -1452,7 +1477,7 @@ function validate_username($username, $allowed_username = false) $mbstring = $pcre = false; // generic UTF-8 character types supported? - if (pcre_utf8_support()) + if (phpbb_pcre_utf8_support()) { $pcre = true; } @@ -1580,19 +1605,19 @@ function validate_password($password) { global $config, $db, $user; - if (!$password) + if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY') { + // Password empty or no password complexity required. return false; } $pcre = $mbstring = false; // generic UTF-8 character types supported? - if (pcre_utf8_support()) + if (phpbb_pcre_utf8_support()) { $upp = '\p{Lu}'; $low = '\p{Ll}'; - $let = '\p{L}'; $num = '\p{N}'; $sym = '[^\p{Lu}\p{Ll}\p{N}]'; $pcre = true; @@ -1602,7 +1627,6 @@ function validate_password($password) mb_regex_encoding('UTF-8'); $upp = '[[:upper:]]'; $low = '[[:lower:]]'; - $let = '[[:lower:][:upper:]]'; $num = '[[:digit:]]'; $sym = '[^[:upper:][:lower:][:digit:]]'; $mbstring = true; @@ -1611,7 +1635,6 @@ function validate_password($password) { $upp = '[A-Z]'; $low = '[a-z]'; - $let = '[a-zA-Z]'; $num = '[0-9]'; $sym = '[^A-Za-z0-9]'; $pcre = true; @@ -1621,22 +1644,22 @@ function validate_password($password) switch ($config['pass_complex']) { - case 'PASS_TYPE_CASE': - $chars[] = $low; - $chars[] = $upp; - break; + // No break statements below ... + // We require strong passwords in case pass_complex is not set or is invalid + default: + + // Require mixed case letters, numbers and symbols + case 'PASS_TYPE_SYMBOL': + $chars[] = $sym; + // Require mixed case letters and numbers case 'PASS_TYPE_ALPHA': - $chars[] = $let; $chars[] = $num; - break; - case 'PASS_TYPE_SYMBOL': + // Require mixed case letters + case 'PASS_TYPE_CASE': $chars[] = $low; $chars[] = $upp; - $chars[] = $num; - $chars[] = $sym; - break; } if ($pcre) diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index aad030a7d3..8206a183f3 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -150,10 +150,10 @@ function mcp_forum_view($id, $mode, $action, $forum_info) $read_tracking_join = $read_tracking_select = ''; } - $sql = "SELECT t.topic_id - FROM " . TOPICS_TABLE . " t - WHERE t.forum_id IN($forum_id, 0) - " . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1') . " + $sql = 'SELECT t.topic_id + FROM ' . TOPICS_TABLE . ' t + WHERE t.forum_id = ' . $forum_id . ' + ' . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1') . " $limit_time_sql ORDER BY t.topic_type DESC, $sort_order_sql"; $result = $db->sql_query_limit($sql, $topics_per_page, $start); @@ -188,11 +188,11 @@ function mcp_forum_view($id, $mode, $action, $forum_info) { if ($config['load_db_lastread']) { - $topic_tracking_info = get_topic_tracking($forum_id, $topic_list, $topic_rows, array($forum_id => $forum_info['mark_time']), array()); + $topic_tracking_info = get_topic_tracking($forum_id, $topic_list, $topic_rows, array($forum_id => $forum_info['mark_time'])); } else { - $topic_tracking_info = get_complete_topic_tracking($forum_id, $topic_list, array()); + $topic_tracking_info = get_complete_topic_tracking($forum_id, $topic_list); } } @@ -227,7 +227,6 @@ function mcp_forum_view($id, $mode, $action, $forum_info) 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'TOPIC_IMG_STYLE' => $folder_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', 'TOPIC_ICON_IMG_WIDTH' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '', 'TOPIC_ICON_IMG_HEIGHT' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['height'] : '', diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index 7dc0485339..bd2eca50c4 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -39,7 +39,7 @@ function mcp_front_view($id, $mode, $action) { $sql = 'SELECT COUNT(post_id) AS total FROM ' . POSTS_TABLE . ' - WHERE forum_id IN (0, ' . implode(', ', $forum_list) . ') + WHERE ' . $db->sql_in_set('forum_id', $forum_list) . ' AND post_approved = 0'; $result = $db->sql_query($sql); $total = (int) $db->sql_fetchfield('total'); @@ -47,8 +47,6 @@ function mcp_front_view($id, $mode, $action) if ($total) { - $global_id = $forum_list[0]; - $sql = 'SELECT forum_id, forum_name FROM ' . FORUMS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $forum_list); @@ -62,7 +60,7 @@ function mcp_front_view($id, $mode, $action) $sql = 'SELECT post_id FROM ' . POSTS_TABLE . ' - WHERE forum_id IN (0, ' . implode(', ', $forum_list) . ') + WHERE ' . $db->sql_in_set('forum_id', $forum_list) . ' AND post_approved = 0 ORDER BY post_time DESC'; $result = $db->sql_query_limit($sql, 5); @@ -91,17 +89,11 @@ function mcp_front_view($id, $mode, $action) while ($row = $db->sql_fetchrow($result)) { - $global_topic = ($row['forum_id']) ? false : true; - if ($global_topic) - { - $row['forum_id'] = $global_id; - } - $template->assign_block_vars('unapproved', array( 'U_POST_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $row['forum_id'] . '&p=' . $row['post_id']), - 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=forum_view&f=' . $row['forum_id']) : '', + 'U_MCP_FORUM' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=forum_view&f=' . $row['forum_id']), 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=topic_view&f=' . $row['forum_id'] . '&t=' . $row['topic_id']), - 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), 'AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour']), @@ -109,7 +101,7 @@ function mcp_front_view($id, $mode, $action) 'AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour']), 'U_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour']), - 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], + 'FORUM_NAME' => $forum_names[$row['forum_id']], 'POST_ID' => $row['post_id'], 'TOPIC_TITLE' => $row['topic_title'], 'SUBJECT' => ($row['post_subject']) ? $row['post_subject'] : $user->lang['NO_SUBJECT'], @@ -160,15 +152,13 @@ function mcp_front_view($id, $mode, $action) WHERE r.post_id = p.post_id AND r.pm_id = 0 AND r.report_closed = 0 - AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')'; + AND ' . $db->sql_in_set('p.forum_id', $forum_list); $result = $db->sql_query($sql); $total = (int) $db->sql_fetchfield('total'); $db->sql_freeresult($result); if ($total) { - $global_id = $forum_list[0]; - $sql = $db->sql_build_query('SELECT', array( 'SELECT' => 'r.report_time, p.post_id, p.post_subject, p.post_time, p.post_attachment, u.username, u.username_clean, u.user_colour, u.user_id, u2.username as author_name, u2.username_clean as author_name_clean, u2.user_colour as author_colour, u2.user_id as author_id, t.topic_id, t.topic_title, f.forum_id, f.forum_name', @@ -194,7 +184,7 @@ function mcp_front_view($id, $mode, $action) AND p.topic_id = t.topic_id AND r.user_id = u.user_id AND p.poster_id = u2.user_id - AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')', + AND ' . $db->sql_in_set('p.forum_id', $forum_list), 'ORDER_BY' => 'p.post_time DESC' )); @@ -202,17 +192,11 @@ function mcp_front_view($id, $mode, $action) while ($row = $db->sql_fetchrow($result)) { - $global_topic = ($row['forum_id']) ? false : true; - if ($global_topic) - { - $row['forum_id'] = $global_id; - } - $template->assign_block_vars('report', array( 'U_POST_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id'] . "&i=reports&mode=report_details"), - 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . "&i=$id&mode=forum_view") : '', + 'U_MCP_FORUM' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . "&i=$id&mode=forum_view"), 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id'] . "&i=$id&mode=topic_view"), - 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), 'REPORTER_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), @@ -225,7 +209,7 @@ function mcp_front_view($id, $mode, $action) 'AUTHOR_COLOUR' => get_username_string('colour', $row['author_id'], $row['author_name'], $row['author_colour']), 'U_AUTHOR' => get_username_string('profile', $row['author_id'], $row['author_name'], $row['author_colour']), - 'FORUM_NAME' => (!$global_topic) ? $row['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'], + 'FORUM_NAME' => $row['forum_name'], 'TOPIC_TITLE' => $row['topic_title'], 'SUBJECT' => ($row['post_subject']) ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'REPORT_TIME' => $user->format_date($row['report_time']), @@ -350,9 +334,6 @@ function mcp_front_view($id, $mode, $action) if (!empty($forum_list)) { - // Add forum_id 0 for global announcements - $forum_list[] = 0; - $log_count = false; $log = array(); view_log('mod', $log, $log_count, 5, 0, $forum_list); diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php index 01f8584970..dc05ba4110 100644 --- a/phpBB/includes/mcp/mcp_logs.php +++ b/phpBB/includes/mcp/mcp_logs.php @@ -170,7 +170,7 @@ class mcp_logs // Grab log data $log_data = array(); $log_count = 0; - view_log('mod', $log_data, $log_count, $config['topics_per_page'], $start, $forum_list, $topic_id, 0, $sql_where, $sql_sort, $keywords); + $start = view_log('mod', $log_data, $log_count, $config['topics_per_page'], $start, $forum_list, $topic_id, 0, $sql_where, $sql_sort, $keywords); $template->assign_vars(array( 'PAGE_NUMBER' => on_page($log_count, $config['topics_per_page'], $start), @@ -179,7 +179,7 @@ class mcp_logs 'L_TITLE' => $user->lang['MCP_LOGS'], - 'U_POST_ACTION' => $this->u_action, + 'U_POST_ACTION' => $this->u_action . "&$u_sort_param$keywords_param&start=$start", 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, 'S_SELECT_SORT_DIR' => $s_sort_dir, 'S_SELECT_SORT_KEY' => $s_sort_key, diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index db7bc7c7ea..e0a1357213 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -286,14 +286,6 @@ function change_topic_type($action, $topic_ids) { global $auth, $user, $db, $phpEx, $phpbb_root_path; - // For changing topic types, we only allow operations in one forum. - $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('f_announce', 'f_sticky', 'm_'), true); - - if ($forum_id === false) - { - return; - } - switch ($action) { case 'make_announce': @@ -316,11 +308,18 @@ function change_topic_type($action, $topic_ids) default: $new_topic_type = POST_NORMAL; - $check_acl = ''; + $check_acl = false; $l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_NORMAL' : 'MCP_MAKE_NORMALS'; break; } + $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_acl, true); + + if ($forum_id === false) + { + return; + } + $redirect = request_var('redirect', build_url(array('action', 'quickmod'))); $s_hidden_fields = array( @@ -333,131 +332,22 @@ function change_topic_type($action, $topic_ids) if (confirm_box(true)) { - if ($new_topic_type != POST_GLOBAL) + $sql = 'UPDATE ' . TOPICS_TABLE . " + SET topic_type = $new_topic_type + WHERE " . $db->sql_in_set('topic_id', $topic_ids); + $db->sql_query($sql); + + if (($new_topic_type == POST_GLOBAL) && sizeof($topic_ids)) { + // Delete topic shadows for global announcements + $sql = 'DELETE FROM ' . TOPICS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_moved_id', $topic_ids); + $db->sql_query($sql); + $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_type = $new_topic_type - WHERE " . $db->sql_in_set('topic_id', $topic_ids) . ' - AND forum_id <> 0'; + WHERE " . $db->sql_in_set('topic_id', $topic_ids); $db->sql_query($sql); - - // Reset forum id if a global topic is within the array - $to_forum_id = request_var('to_forum_id', 0); - - if ($to_forum_id) - { - $sql = 'UPDATE ' . TOPICS_TABLE . " - SET topic_type = $new_topic_type, forum_id = $to_forum_id - WHERE " . $db->sql_in_set('topic_id', $topic_ids) . ' - AND forum_id = 0'; - $db->sql_query($sql); - - // Update forum_ids for all posts - $sql = 'UPDATE ' . POSTS_TABLE . " - SET forum_id = $to_forum_id - WHERE " . $db->sql_in_set('topic_id', $topic_ids) . ' - AND forum_id = 0'; - $db->sql_query($sql); - - // Do a little forum sync stuff - $sql = 'SELECT SUM(t.topic_replies + t.topic_approved) as topic_posts, COUNT(t.topic_approved) as topics_authed - FROM ' . TOPICS_TABLE . ' t - WHERE ' . $db->sql_in_set('t.topic_id', $topic_ids); - $result = $db->sql_query($sql); - $row_data = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $sync_sql = array(); - - if ($row_data['topic_posts']) - { - $sync_sql[$to_forum_id][] = 'forum_posts = forum_posts + ' . (int) $row_data['topic_posts']; - } - - if ($row_data['topics_authed']) - { - $sync_sql[$to_forum_id][] = 'forum_topics = forum_topics + ' . (int) $row_data['topics_authed']; - } - - $sync_sql[$to_forum_id][] = 'forum_topics_real = forum_topics_real + ' . (int) sizeof($topic_ids); - - foreach ($sync_sql as $forum_id_key => $array) - { - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET ' . implode(', ', $array) . ' - WHERE forum_id = ' . $forum_id_key; - $db->sql_query($sql); - } - - sync('forum', 'forum_id', $to_forum_id); - } - } - else - { - // Get away with those topics already being a global announcement by re-calculating $topic_ids - $sql = 'SELECT topic_id - FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . ' - AND forum_id <> 0'; - $result = $db->sql_query($sql); - - $topic_ids = array(); - while ($row = $db->sql_fetchrow($result)) - { - $topic_ids[] = $row['topic_id']; - } - $db->sql_freeresult($result); - - if (sizeof($topic_ids)) - { - // Delete topic shadows for global announcements - $sql = 'DELETE FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_moved_id', $topic_ids); - $db->sql_query($sql); - - $sql = 'UPDATE ' . TOPICS_TABLE . " - SET topic_type = $new_topic_type, forum_id = 0 - WHERE " . $db->sql_in_set('topic_id', $topic_ids); - $db->sql_query($sql); - - // Update forum_ids for all posts - $sql = 'UPDATE ' . POSTS_TABLE . ' - SET forum_id = 0 - WHERE ' . $db->sql_in_set('topic_id', $topic_ids); - $db->sql_query($sql); - - // Do a little forum sync stuff - $sql = 'SELECT SUM(t.topic_replies + t.topic_approved) as topic_posts, COUNT(t.topic_approved) as topics_authed - FROM ' . TOPICS_TABLE . ' t - WHERE ' . $db->sql_in_set('t.topic_id', $topic_ids); - $result = $db->sql_query($sql); - $row_data = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $sync_sql = array(); - - if ($row_data['topic_posts']) - { - $sync_sql[$forum_id][] = 'forum_posts = forum_posts - ' . (int) $row_data['topic_posts']; - } - - if ($row_data['topics_authed']) - { - $sync_sql[$forum_id][] = 'forum_topics = forum_topics - ' . (int) $row_data['topics_authed']; - } - - $sync_sql[$forum_id][] = 'forum_topics_real = forum_topics_real - ' . (int) sizeof($topic_ids); - - foreach ($sync_sql as $forum_id_key => $array) - { - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET ' . implode(', ', $array) . ' - WHERE forum_id = ' . $forum_id_key; - $db->sql_query($sql); - } - - sync('forum', 'forum_id', $forum_id); - } } $success_msg = (sizeof($topic_ids) == 1) ? 'TOPIC_TYPE_CHANGED' : 'TOPICS_TYPE_CHANGED'; @@ -474,41 +364,7 @@ function change_topic_type($action, $topic_ids) } else { - // Global topic involved? - $global_involved = false; - - if ($new_topic_type != POST_GLOBAL) - { - $sql = 'SELECT forum_id - FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . ' - AND forum_id = 0'; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - $global_involved = true; - } - } - - if ($global_involved) - { - global $template; - - $template->assign_vars(array( - 'S_FORUM_SELECT' => make_forum_select(request_var('f', $forum_id), false, false, true, true), - 'S_CAN_LEAVE_SHADOW' => false, - 'ADDITIONAL_MSG' => (sizeof($topic_ids) == 1) ? $user->lang['SELECT_FORUM_GLOBAL_ANNOUNCEMENT'] : $user->lang['SELECT_FORUM_GLOBAL_ANNOUNCEMENTS']) - ); - - confirm_box(false, $l_new_type, build_hidden_fields($s_hidden_fields), 'mcp_move.html'); - } - else - { - confirm_box(false, $l_new_type, build_hidden_fields($s_hidden_fields)); - } + confirm_box(false, $l_new_type, build_hidden_fields($s_hidden_fields)); } $redirect = request_var('redirect', "index.$phpEx"); @@ -628,16 +484,13 @@ function mcp_move_topic($topic_ids) $topic_posts_added += $topic_info['topic_replies']; - if ($topic_info['topic_type'] != POST_GLOBAL) - { - $topics_removed++; - $topic_posts_removed += $topic_info['topic_replies']; + $topics_removed++; + $topic_posts_removed += $topic_info['topic_replies']; - if ($topic_info['topic_approved']) - { - $topics_authed_removed++; - $topic_posts_removed++; - } + if ($topic_info['topic_approved']) + { + $topics_authed_removed++; + $topic_posts_removed++; } } @@ -675,15 +528,6 @@ function mcp_move_topic($topic_ids) $forum_ids[] = $row['forum_id']; add_log('mod', $to_forum_id, $topic_id, 'LOG_MOVE', $row['forum_name'], $forum_data['forum_name']); - // If we have moved a global announcement, we need to correct the topic type - if ($row['topic_type'] == POST_GLOBAL) - { - $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_type = ' . POST_ANNOUNCE . ' - WHERE topic_id = ' . (int) $row['topic_id']; - $db->sql_query($sql); - } - // Leave a redirection if required and only if the topic is visible to users if ($leave_shadow && $row['topic_approved'] && $row['topic_type'] != POST_GLOBAL) { @@ -1058,37 +902,38 @@ function mcp_fork_topic($topic_ids) $total_posts = 0; $new_topic_id_list = array(); - if ($topic_data['enable_indexing']) - { - // Select the search method and do some additional checks to ensure it can actually be utilised - $search_type = basename($config['search_type']); - if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) + foreach ($topic_data as $topic_id => $topic_row) + { + if (!isset($search_type) && $topic_row['enable_indexing']) { - trigger_error('NO_SUCH_SEARCH_MODULE'); - } + // Select the search method and do some additional checks to ensure it can actually be utilised + $search_type = basename($config['search_type']); - if (!class_exists($search_type)) - { - include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); - } + if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) + { + trigger_error('NO_SUCH_SEARCH_MODULE'); + } - $error = false; - $search = new $search_type($error); - $search_mode = 'post'; + if (!class_exists($search_type)) + { + include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + } + + $error = false; + $search = new $search_type($error); + $search_mode = 'post'; - if ($error) + if ($error) + { + trigger_error($error); + } + } + else if (!isset($search_type) && !$topic_row['enable_indexing']) { - trigger_error($error); + $search_type = false; } - } - else - { - $search_type = false; - } - foreach ($topic_data as $topic_id => $topic_row) - { $sql_ary = array( 'forum_id' => (int) $to_forum_id, 'icon_id' => (int) $topic_row['icon_id'], @@ -1197,9 +1042,9 @@ function mcp_fork_topic($topic_ids) // Copy whether the topic is dotted markread('post', $to_forum_id, $new_topic_id, 0, $row['poster_id']); - if ($search_type) + if (!empty($search_type)) { - $search->index($search_mode, $sql_ary['post_id'], $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id); + $search->index($search_mode, $new_post_id, $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id); $search_mode = 'reply'; // After one we index replies } diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php index 0b22ff74fd..dfb6ed3b68 100644 --- a/phpBB/includes/mcp/mcp_notes.php +++ b/phpBB/includes/mcp/mcp_notes.php @@ -198,7 +198,7 @@ class mcp_notes $log_data = array(); $log_count = 0; - view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort, $keywords); + $start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort, $keywords); if ($log_count) { diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index 4e0aae1870..2abded4483 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -246,7 +246,7 @@ function mcp_post_details($id, $mode, $action) } // Get Reports - if ($auth->acl_get('m_', $post_info['forum_id'])) + if ($auth->acl_get('m_report', $post_info['forum_id'])) { $sql = 'SELECT r.*, re.*, u.user_id, u.username FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 4f90c4f024..bd132c9ce8 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -216,6 +216,7 @@ class mcp_queue 'POST_IP' => $post_info['poster_ip'], 'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '', 'POST_ID' => $post_info['post_id'], + 'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id), 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id . '&lookup=' . $post_info['poster_ip']) . '#ip' : '', )); @@ -268,13 +269,11 @@ class mcp_queue trigger_error('NOT_MODERATOR'); } - $global_id = $forum_list[0]; - $forum_list = implode(', ', $forum_list); $sql = 'SELECT SUM(forum_topics) as sum_forum_topics - FROM ' . FORUMS_TABLE . " - WHERE forum_id IN (0, $forum_list)"; + FROM ' . FORUMS_TABLE . ' + WHERE ' . $db->sql_in_set('forum_id', $forum_list); $result = $db->sql_query($sql); $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics'); $db->sql_freeresult($result); @@ -290,7 +289,6 @@ class mcp_queue $forum_info = $forum_info[$forum_id]; $forum_list = $forum_id; - $global_id = $forum_id; } $forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>'; @@ -312,10 +310,10 @@ class mcp_queue if ($mode == 'unapproved_posts') { $sql = 'SELECT p.post_id - FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . " - WHERE p.forum_id IN (0, $forum_list) + FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t' . (($sort_order_sql[0] == 'u') ? ', ' . USERS_TABLE . ' u' : '') . ' + WHERE ' . $db->sql_in_set('p.forum_id', $forum_list) . ' AND p.post_approved = 0 - " . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . ' + ' . (($sort_order_sql[0] == 'u') ? 'AND u.user_id = p.poster_id' : '') . ' ' . (($topic_id) ? 'AND p.topic_id = ' . $topic_id : '') . " AND t.topic_id = p.topic_id AND t.topic_first_post_id <> p.post_id @@ -345,10 +343,7 @@ class mcp_queue $post_data = $rowset = array(); while ($row = $db->sql_fetchrow($result)) { - if ($row['forum_id']) - { - $forum_names[] = $row['forum_id']; - } + $forum_names[] = $row['forum_id']; $post_data[$row['post_id']] = $row; } $db->sql_freeresult($result); @@ -368,7 +363,7 @@ class mcp_queue { $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_attachment AS post_attachment, t.topic_first_poster_name AS username, t.topic_first_poster_colour AS user_colour FROM ' . TOPICS_TABLE . " t - WHERE forum_id IN (0, $forum_list) + WHERE " . $db->sql_in_set('forum_id', $forum_list) . " AND topic_approved = 0 $limit_time_sql ORDER BY $sort_order_sql"; @@ -377,10 +372,7 @@ class mcp_queue $rowset = array(); while ($row = $db->sql_fetchrow($result)) { - if ($row['forum_id']) - { - $forum_names[] = $row['forum_id']; - } + $forum_names[] = $row['forum_id']; $rowset[] = $row; } $db->sql_freeresult($result); @@ -404,12 +396,6 @@ class mcp_queue foreach ($rowset as $row) { - $global_topic = ($row['forum_id']) ? false : true; - if ($global_topic) - { - $row['forum_id'] = $global_id; - } - if (empty($row['post_username'])) { $row['post_username'] = $user->lang['GUEST']; @@ -417,7 +403,7 @@ class mcp_queue $template->assign_block_vars('postrow', array( 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), - 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')), @@ -427,7 +413,7 @@ class mcp_queue 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_ID' => $row['post_id'], - 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], + 'FORUM_NAME' => $forum_names[$row['forum_id']], 'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'TOPIC_TITLE' => $row['topic_title'], 'POST_TIME' => $user->format_date($row['post_time']), @@ -505,11 +491,7 @@ function approve_post($post_id_list, $id, $mode) } $topic_id_list[$post_data['topic_id']] = 1; - - if ($post_data['forum_id']) - { - $forum_id_list[$post_data['forum_id']] = 1; - } + $forum_id_list[$post_data['forum_id']] = 1; // User post update (we do not care about topic or post, since user posts are strictly connected to posts) // But we care about forums where post counts get not increased. ;) @@ -521,10 +503,7 @@ function approve_post($post_id_list, $id, $mode) // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id) { - if ($post_data['forum_id']) - { - $total_topics++; - } + $total_topics++; $topic_approve_sql[] = $post_data['topic_id']; $approve_log[] = array( @@ -544,16 +523,13 @@ function approve_post($post_id_list, $id, $mode) ); } - if ($post_data['forum_id']) - { - $total_posts++; + $total_posts++; - // Increment by topic_replies if we approve a topic... - // This works because we do not adjust the topic_replies when re-approving a topic after an edit. - if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_replies']) - { - $total_posts += $post_data['topic_replies']; - } + // Increment by topic_replies if we approve a topic... + // This works because we do not adjust the topic_replies when re-approving a topic after an edit. + if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_replies']) + { + $total_posts += $post_data['topic_replies']; } $post_approve_sql[] = $post_id; @@ -780,7 +756,10 @@ function disapprove_post($post_id_list, $id, $mode) if (!$row || (!$reason && strtolower($row['reason_title']) == 'other')) { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; + $request->overwrite('confirm', null, phpbb_request_interface::POST); + $request->overwrite('confirm_key', null, phpbb_request_interface::POST); + $request->overwrite('confirm_key', null, phpbb_request_interface::REQUEST); } else { diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 27659ab6ff..dac73b900f 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -148,6 +148,7 @@ class mcp_reports $message = bbcode_nl2br($message); $message = smiley_text($message); + $report['report_text'] = make_clickable(bbcode_nl2br($report['report_text'])); if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) { @@ -312,7 +313,6 @@ class mcp_reports $forum_info = $forum_info[$forum_id]; $forum_list = array($forum_id); - $global_id = $forum_id; } $forum_list[] = 0; @@ -382,14 +382,8 @@ class mcp_reports $report_data = $rowset = array(); while ($row = $db->sql_fetchrow($result)) { - $global_topic = ($row['forum_id']) ? false : true; - if ($global_topic) - { - $row['forum_id'] = $global_id; - } - $template->assign_block_vars('postrow', array( - 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&start=$start&mode=report_details&f={$row['forum_id']}&r={$row['report_id']}"), @@ -403,7 +397,7 @@ class mcp_reports 'REPORTER' => get_username_string('username', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), 'U_REPORTER' => get_username_string('profile', $row['reporter_id'], $row['reporter_name'], $row['reporter_colour']), - 'FORUM_NAME' => (!$global_topic) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'], + 'FORUM_NAME' => $forum_data[$row['forum_id']]['forum_name'], 'POST_ID' => $row['post_id'], 'POST_SUBJECT' => ($row['post_subject']) ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'POST_TIME' => $user->format_date($row['post_time']), diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 8a8ef11289..f080d78b1e 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -239,8 +239,8 @@ function mcp_topic_view($id, $mode, $action) 'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'), - 'S_POST_REPORTED' => ($row['post_reported']) ? true : false, - 'S_POST_UNAPPROVED' => ($row['post_approved']) ? false : true, + 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id'])), + 'S_POST_UNAPPROVED' => (!$row['post_approved'] && $auth->acl_get('m_approve', $topic_info['forum_id'])), 'S_CHECKED' => (($submitted_id_list && !in_array(intval($row['post_id']), $submitted_id_list)) || in_array(intval($row['post_id']), $checked_ids)) ? true : false, 'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false, diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6d33723292..b3a48112ea 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -102,27 +102,29 @@ class bbcode_firstpass extends bbcode /** * Init bbcode data for later parsing */ - function bbcode_init() + function bbcode_init($allow_custom_bbcode = true) { static $rowset; // This array holds all bbcode data. BBCodes will be processed in this // order, so it is important to keep [code] in first position and // [quote] in second position. + // To parse multiline URL we enable dotall option setting only for URL text + // but not for link itself, thus [url][/url] is not affected. $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#ise' => "\$this->bbcode_parse_list('\$0')")), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->bbcode_strong('\$1')")), + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uise' => "\$this->bbcode_size('\$1', '\$2')")), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uise' => "\$this->bbcode_color('\$1', '\$2')")), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uise' => "\$this->bbcode_underline('\$1')")), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uise' => "\$this->bbcode_parse_list('\$0')")), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uise' => "\$this->validate_email('\$1', '\$2')")), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#uie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) ); // Zero the parsed items array @@ -133,6 +135,11 @@ class bbcode_firstpass extends bbcode $this->parsed_items[$tag] = 0; } + if (!$allow_custom_bbcode) + { + return; + } + if (!is_array($rowset)) { global $db; @@ -1332,7 +1339,9 @@ class parse_message extends bbcode_firstpass { if ($max_smilies) { - $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#', $this->message, $matches); + // 'u' modifier has been added to correctly parse smilies within unicode strings + // For details: http://tracker.phpbb.com/browse/PHPBB3-10117 + $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#u', $this->message, $matches); unset($matches); if ($num_matches !== false && $num_matches > $max_smilies) @@ -1343,7 +1352,10 @@ class parse_message extends bbcode_firstpass } // Make sure the delimiter # is added in front and at the end of every element within $match - $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#'), $replace, $this->message)); + // 'u' modifier has been added to correctly parse smilies within unicode strings + // For details: http://tracker.phpbb.com/browse/PHPBB3-10117 + + $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#u' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#u'), $replace, $this->message)); } } diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index b9231547cd..fa12d570df 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -148,23 +148,15 @@ class phpbb_questionnaire_system_data_provider */ function get_data() { - // Start discovering the IPV4 server address, if available - $server_address = '0.0.0.0'; - - if (!empty($_SERVER['SERVER_ADDR'])) - { - $server_address = $_SERVER['SERVER_ADDR']; - } + global $request; - // Running on IIS? - if (!empty($_SERVER['LOCAL_ADDR'])) - { - $server_address = $_SERVER['LOCAL_ADDR']; - } + // Start discovering the IPV4 server address, if available + // Try apache, IIS, fall back to 0.0.0.0 + $server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0'))); return array( 'os' => PHP_OS, - 'httpd' => $_SERVER['SERVER_SOFTWARE'], + 'httpd' => htmlspecialchars_decode($request->server('SERVER_SOFTWARE')), // we don't want the real IP address (for privacy policy reasons) but only // a network address to see whether your installation is running on a private or public network. 'private_ip' => $this->is_private_ip($server_address), @@ -482,7 +474,7 @@ class phpbb_questionnaire_phpbb_data_provider } } - global $db; + global $db, $request; $result['dbms'] = $dbms; $result['acm_type'] = $acm_type; @@ -492,7 +484,7 @@ class phpbb_questionnaire_phpbb_data_provider // Try to get user agent vendor and version $match = array(); - $user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? (string) $_SERVER['HTTP_USER_AGENT'] : ''; + $user_agent = $request->header('User-Agent'); $agents = array('firefox', 'msie', 'opera', 'chrome', 'safari', 'mozilla', 'seamonkey', 'konqueror', 'netscape', 'gecko', 'navigator', 'mosaic', 'lynx', 'amaya', 'omniweb', 'avant', 'camino', 'flock', 'aol'); // We check here 1 by 1 because some strings occur after others (for example Mozilla [...] Firefox/) diff --git a/phpBB/includes/request/interface.php b/phpBB/includes/request/interface.php index 7b5b600100..181bcb467a 100644 --- a/phpBB/includes/request/interface.php +++ b/phpBB/includes/request/interface.php @@ -29,6 +29,7 @@ interface phpbb_request_interface const GET = 1; const REQUEST = 2; const COOKIE = 3; + const SERVER = 4; /**#@-*/ /** @@ -67,6 +68,26 @@ interface phpbb_request_interface public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST); /** + * Shortcut method to retrieve SERVER variables. + * + * @param string|array $var_name See phpbb_request_interface::variable + * @param mixed $default See phpbb_request_interface::variable + * + * @return mixed The server variable value. + */ + public function server($var_name, $default = ''); + + /** + * Shortcut method to retrieve the value of client HTTP headers. + * + * @param string|array $header_name The name of the header to retrieve. + * @param mixed $default See phpbb_request_interface::variable + * + * @return mixed The header value. + */ + public function header($var_name, $default = ''); + + /** * Checks whether a certain variable was sent via POST. * To make sure that a request was sent using POST you should call this function * on at least one variable. @@ -91,6 +112,20 @@ interface phpbb_request_interface public function is_set($var, $super_global = phpbb_request_interface::REQUEST); /** + * Checks whether the current request is an AJAX request (XMLHttpRequest) + * + * @return bool True if the current request is an ajax request + */ + public function is_ajax(); + + /** + * Checks if the current request is happening over HTTPS. + * + * @return bool True if the request is secure. + */ + public function is_secure(); + + /** * Returns all variable names for a given super global * * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php index 7d284a9bf7..9386088a07 100644 --- a/phpBB/includes/request/request.php +++ b/phpBB/includes/request/request.php @@ -32,7 +32,8 @@ class phpbb_request implements phpbb_request_interface phpbb_request_interface::POST => '_POST', phpbb_request_interface::GET => '_GET', phpbb_request_interface::REQUEST => '_REQUEST', - phpbb_request_interface::COOKIE => '_COOKIE' + phpbb_request_interface::COOKIE => '_COOKIE', + phpbb_request_interface::SERVER => '_SERVER', ); /** @@ -242,6 +243,47 @@ class phpbb_request implements phpbb_request_interface } /** + * Shortcut method to retrieve SERVER variables. + * + * Also fall back to getenv(), some CGI setups may need it (probably not, but + * whatever). + * + * @param string|array $var_name See phpbb_request_interface::variable + * @param mixed $Default See phpbb_request_interface::variable + * + * @return mixed The server variable value. + */ + public function server($var_name, $default = '') + { + $multibyte = true; + + if ($this->is_set($var_name, phpbb_request_interface::SERVER)) + { + return $this->variable($var_name, $default, $multibyte, phpbb_request_interface::SERVER); + } + else + { + $var = getenv($var_name); + $this->type_cast_helper->recursive_set_var($var, $default, $multibyte); + return $var; + } + } + + /** + * Shortcut method to retrieve the value of client HTTP headers. + * + * @param string|array $header_name The name of the header to retrieve. + * @param mixed $default See phpbb_request_interface::variable + * + * @return mixed The header value. + */ + public function header($header_name, $default = '') + { + $var_name = 'HTTP_' . str_replace('-', '_', strtoupper($header_name)); + return $this->server($var_name, $default); + } + + /** * Checks whether a certain variable was sent via POST. * To make sure that a request was sent using POST you should call this function * on at least one variable. @@ -272,6 +314,26 @@ class phpbb_request implements phpbb_request_interface } /** + * Checks whether the current request is an AJAX request (XMLHttpRequest) + * + * @return bool True if the current request is an ajax request + */ + public function is_ajax() + { + return $this->header('X-Requested-With') == 'XMLHttpRequest'; + } + + /** + * Checks if the current request is happening over HTTPS. + * + * @return bool True if the request is secure. + */ + public function is_secure() + { + return $this->server('HTTPS') == 'on'; + } + + /** * Returns all variable names for a given super global * * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global diff --git a/phpBB/includes/request/type_cast_helper.php b/phpBB/includes/request/type_cast_helper.php index 29855a9804..96ceb0df1d 100644 --- a/phpBB/includes/request/type_cast_helper.php +++ b/phpBB/includes/request/type_cast_helper.php @@ -88,11 +88,11 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i /** * Set variable $result to a particular type. * - * @param mixed &$result The variable to fill - * @param mixed $var The contents to fill with - * @param mixed $type The variable type. Will be used with {@link settype()} - * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. - * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + * @param mixed &$result The variable to fill + * @param mixed $var The contents to fill with + * @param mixed $type The variable type. Will be used with {@link settype()} + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. */ public function set_var(&$result, $var, $type, $multibyte = false) { @@ -101,7 +101,8 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i if ($type == 'string') { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); + $result = trim(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result)); + $result = htmlspecialchars($result, ENT_COMPAT, 'UTF-8'); if ($multibyte) { diff --git a/phpBB/includes/search/search.php b/phpBB/includes/search/base.php index 7c34ce9ff6..bb63957aba 100644 --- a/phpBB/includes/search/search.php +++ b/phpBB/includes/search/base.php @@ -24,12 +24,12 @@ define('SEARCH_RESULT_IN_CACHE', 1); define('SEARCH_RESULT_INCOMPLETE', 2); /** -* search_backend +* phpbb_search_base * optional base class for search plugins providing simple caching based on ACM * and functions to retrieve ignore_words and synonyms * @package search */ -class search_backend +class phpbb_search_base { var $ignore_words = array(); var $match_synonym = array(); diff --git a/phpBB/includes/search/fulltext_mysql.php b/phpBB/includes/search/fulltext_mysql.php index 9660fd6986..4214de3d97 100644 --- a/phpBB/includes/search/fulltext_mysql.php +++ b/phpBB/includes/search/fulltext_mysql.php @@ -17,16 +17,11 @@ if (!defined('IN_PHPBB')) } /** -* @ignore -*/ -include_once($phpbb_root_path . 'includes/search/search.' . $phpEx); - -/** * fulltext_mysql * Fulltext search for MySQL * @package search */ -class fulltext_mysql extends search_backend +class phpbb_search_fulltext_mysql extends phpbb_search_base { var $stats = array(); var $word_length = array(); @@ -36,14 +31,14 @@ class fulltext_mysql extends search_backend var $pcre_properties = false; var $mbstring_regex = false; - function fulltext_mysql(&$error) + public function __construct(&$error) { global $config; $this->word_length = array('min' => $config['fulltext_mysql_min_word_len'], 'max' => $config['fulltext_mysql_max_word_len']); // PHP may not be linked with the bundled PCRE lib and instead with an older version - if (pcre_utf8_support()) + if (phpbb_pcre_utf8_support()) { $this->pcre_properties = true; } @@ -58,6 +53,16 @@ class fulltext_mysql extends search_backend } /** + * Returns the name of this search backend to be displayed to administrators + * + * @return string Name + */ + public function get_name() + { + return 'MySQL Fulltext'; + } + + /** * Checks for correct MySQL version and stores min/max word length in the config */ function init() diff --git a/phpBB/includes/search/fulltext_native.php b/phpBB/includes/search/fulltext_native.php index e749e86f68..a335ddab6e 100644 --- a/phpBB/includes/search/fulltext_native.php +++ b/phpBB/includes/search/fulltext_native.php @@ -17,16 +17,11 @@ if (!defined('IN_PHPBB')) } /** -* @ignore -*/ -include_once($phpbb_root_path . 'includes/search/search.' . $phpEx); - -/** * fulltext_native * phpBB's own db driven fulltext search, version 2 * @package search */ -class fulltext_native extends search_backend +class phpbb_search_fulltext_native extends phpbb_search_base { var $stats = array(); var $word_length = array(); @@ -41,10 +36,8 @@ class fulltext_native extends search_backend * Initialises the fulltext_native search backend with min/max word length and makes sure the UTF-8 normalizer is loaded. * * @param boolean|string &$error is passed by reference and should either be set to false on success or an error message on failure. - * - * @access public */ - function fulltext_native(&$error) + public function __construct(&$error) { global $phpbb_root_path, $phpEx, $config; @@ -58,11 +51,20 @@ class fulltext_native extends search_backend include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx); } - $error = false; } /** + * Returns the name of this search backend to be displayed to administrators + * + * @return string Name + */ + public function get_name() + { + return 'phpBB Native Fulltext'; + } + + /** * This function fills $this->search_query with the cleaned user search query. * * If $terms is 'any' then the words will be extracted from the search query diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 893ec2c0cc..497aaf1141 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -41,16 +41,18 @@ class session */ static function extract_current_page($root_path) { + global $request; + $page_array = array(); // First of all, get the request uri... - $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); - $args = (!empty($_SERVER['QUERY_STRING'])) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING')); + $script_name = htmlspecialchars_decode($request->server('PHP_SELF')); + $args = explode('&', htmlspecialchars_decode($request->server('QUERY_STRING'))); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) { - $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + $script_name = htmlspecialchars_decode($request->server('REQUEST_URI')); $script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name; $page_array['failover'] = 1; } @@ -141,10 +143,10 @@ class session */ function extract_current_hostname() { - global $config; + global $config, $request; // Get hostname - $host = (!empty($_SERVER['HTTP_HOST'])) ? $_SERVER['HTTP_HOST'] : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME'))); // Should be a string and lowered $host = (string) strtolower($host); @@ -212,9 +214,9 @@ class session $this->time_now = time(); $this->cookie_data = array('u' => 0, 'k' => ''); $this->update_session_page = $update_session_page; - $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; - $this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; - $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? htmlspecialchars((string) $_SERVER['HTTP_X_FORWARDED_FOR']) : ''; + $this->browser = $request->header('User-Agent'); + $this->referer = $request->header('Referer'); + $this->forwarded_for = $request->header('X-Forwarded-For'); $this->host = $this->extract_current_hostname(); $this->page = $this->extract_current_page($phpbb_root_path); @@ -222,7 +224,7 @@ class session // if the forwarded for header shall be checked we have to validate its contents if ($config['forwarded_for_check']) { - $this->forwarded_for = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->forwarded_for)); + $this->forwarded_for = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->forwarded_for)); // split the list of IPs $ips = explode(' ', $this->forwarded_for); @@ -268,11 +270,11 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : ''; - $this->ip = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->ip)); + $this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR')); + $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs - $ips = explode(' ', $this->ip); + $ips = explode(' ', trim($this->ip)); // Default IP if REMOTE_ADDR is invalid $this->ip = '127.0.0.1'; @@ -297,26 +299,31 @@ class session continue; } - // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly - if (!empty($ip) && !preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip)) + if (preg_match(get_preg_expression('ipv4'), $ip)) { - // Just break - break; + $this->ip = $ip; } - - // Quick check for IPv4-mapped address in IPv6 - if (stripos($ip, '::ffff:') === 0) + else if (preg_match(get_preg_expression('ipv6'), $ip)) { - $ipv4 = substr($ip, 7); - - if (preg_match(get_preg_expression('ipv4'), $ipv4)) + // Quick check for IPv4-mapped address in IPv6 + if (stripos($ip, '::ffff:') === 0) { - $ip = $ipv4; + $ipv4 = substr($ip, 7); + + if (preg_match(get_preg_expression('ipv4'), $ipv4)) + { + $ip = $ipv4; + } } - } - // Use the last in chain - $this->ip = $ip; + $this->ip = $ip; + } + else + { + // We want to use the last valid address in the chain + // Leave foreach loop when address is invalid + break; + } } $this->load = false; @@ -377,7 +384,7 @@ class session $referer_valid = true; // we assume HEAD and TRACE to be foul play and thus only whitelist GET - if (@$config['referer_validation'] && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) !== 'get') + if (@$config['referer_validation'] && strtolower($request->server('REQUEST_METHOD')) !== 'get') { $referer_valid = $this->validate_referer($check_referer_path); } @@ -602,6 +609,7 @@ class session // otherwise they'll index this page with the SID, duplicate content oh my! if ($bot && isset($_GET['sid'])) { + send_status_line(301, 'Moved Permanently'); redirect(build_url(array('sid'))); } @@ -1013,6 +1021,10 @@ class session include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx); } phpbb_captcha_factory::garbage_collect($config['captcha_plugin']); + + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); + $db->sql_query($sql); } return; @@ -1251,6 +1263,12 @@ class session $ip = $this->ip; } + // Neither Spamhaus nor Spamcop supports IPv6 addresses. + if (strpos($ip, ':') !== false) + { + return false; + } + $dnsbl_check = array( 'sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=', ); @@ -1433,7 +1451,7 @@ class session */ function validate_referer($check_script_path = false) { - global $config; + global $config, $request; // no referer - nothing to validate, user's fault for turning it off (we only check on POST; so meta can't be the reason) if (empty($this->referer) || empty($this->host)) @@ -1451,7 +1469,7 @@ class session else if ($check_script_path && rtrim($this->page['root_script_path'], '/') !== '') { $ref = substr($ref, strlen($host)); - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $server_port = $request->server('SERVER_PORT', 0); if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0) { @@ -1576,9 +1594,9 @@ class user extends session * If re-enabled we need to make sure only those languages installed are checked * Commented out so we do not loose the code. - if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) + if ($request->header('Accept-Language')) { - $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + $accept_lang_ary = explode(',', $request->header('Accept-Language')); foreach ($accept_lang_ary as $accept_lang) { @@ -1637,12 +1655,11 @@ class user extends session $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_id + FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id - AND c.theme_id = s.theme_id - AND i.imageset_id = s.imageset_id"; + AND c.theme_id = s.theme_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1657,12 +1674,11 @@ class user extends session WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_id + FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id - AND c.theme_id = s.theme_id - AND i.imageset_id = s.imageset_id"; + AND c.theme_id = s.theme_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1680,7 +1696,6 @@ class user extends session $parsed_items = $parsed_items['theme']; $check_for = array( - 'parse_css_file' => (int) 0, 'pagination_sep' => (string) ', ' ); @@ -1695,143 +1710,9 @@ class user extends session } } - // If the style author specified the theme needs to be cached - // (because of the used paths and variables) than make sure it is the case. - // For example, if the theme uses language-specific images it needs to be stored in db. - if (!$this->theme['theme_storedb'] && $this->theme['parse_css_file']) - { - $this->theme['theme_storedb'] = 1; - - $stylesheet = file_get_contents("{$phpbb_root_path}styles/{$this->theme['theme_path']}/theme/stylesheet.css"); - // Match CSS imports - $matches = array(); - preg_match_all('/@import url\(["\'](.*)["\']\);/i', $stylesheet, $matches); - - if (sizeof($matches)) - { - $content = ''; - foreach ($matches[0] as $idx => $match) - { - if ($content = @file_get_contents("{$phpbb_root_path}styles/{$this->theme['theme_path']}/theme/" . $matches[1][$idx])) - { - $content = trim($content); - } - else - { - $content = ''; - } - $stylesheet = str_replace($match, $content, $stylesheet); - } - unset($content); - } - - $stylesheet = str_replace('./', 'styles/' . $this->theme['theme_path'] . '/theme/', $stylesheet); - - $sql_ary = array( - 'theme_data' => $stylesheet, - 'theme_mtime' => time(), - 'theme_storedb' => 1 - ); - - $sql = 'UPDATE ' . STYLES_THEME_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' - WHERE theme_id = ' . $this->theme['theme_id']; - $db->sql_query($sql); - - unset($sql_ary); - } - $template->set_template(); - $this->img_lang = (file_exists($phpbb_root_path . 'styles/' . $this->theme['imageset_path'] . '/imageset/' . $this->lang_name)) ? $this->lang_name : $config['default_lang']; - - // Same query in style.php - $sql = 'SELECT * - FROM ' . STYLES_IMAGESET_DATA_TABLE . ' - WHERE imageset_id = ' . $this->theme['imageset_id'] . " - AND image_filename <> '' - AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')"; - $result = $db->sql_query($sql, 3600); - - $localised_images = false; - while ($row = $db->sql_fetchrow($result)) - { - if ($row['image_lang']) - { - $localised_images = true; - } - - $row['image_filename'] = rawurlencode($row['image_filename']); - $this->img_array[$row['image_name']] = $row; - } - $db->sql_freeresult($result); - - // there were no localised images, try to refresh the localised imageset for the user's language - if (!$localised_images) - { - // Attention: this code ignores the image definition list from acp_styles and just takes everything - // that the config file contains - $sql_ary = array(); - - $db->sql_transaction('begin'); - - $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . ' - WHERE imageset_id = ' . $this->theme['imageset_id'] . ' - AND image_lang = \'' . $db->sql_escape($this->img_lang) . '\''; - $result = $db->sql_query($sql); - - if (@file_exists("{$phpbb_root_path}styles/{$this->theme['imageset_path']}/imageset/{$this->img_lang}/imageset.cfg")) - { - $cfg_data_imageset_data = parse_cfg_file("{$phpbb_root_path}styles/{$this->theme['imageset_path']}/imageset/{$this->img_lang}/imageset.cfg"); - foreach ($cfg_data_imageset_data as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - $sql_ary[] = array( - 'image_name' => (string) $image_name, - 'image_filename' => (string) $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $this->theme['imageset_id'], - 'image_lang' => (string) $this->img_lang, - ); - } - } - } - - if (sizeof($sql_ary)) - { - $db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary); - $db->sql_transaction('commit'); - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - - add_log('admin', 'LOG_IMAGESET_LANG_REFRESHED', $this->theme['imageset_name'], $this->img_lang); - } - else - { - $db->sql_transaction('commit'); - add_log('admin', 'LOG_IMAGESET_LANG_MISSING', $this->theme['imageset_name'], $this->img_lang); - } - } + $this->img_lang = $this->lang_name; // Call phpbb_user_session_handler() in case external application want to "bend" some variables or replace classes... // After calling it we continue script execution... @@ -2020,6 +1901,7 @@ class user extends session * @param mixed $lang_set specifies the language entries to include * @param bool $use_db internal variable for recursion, do not use * @param bool $use_help internal variable for recursion, do not use + * @param string $ext_name The extension to load language from, or empty for core files * * Examples: * <code> @@ -2030,7 +1912,7 @@ class user extends session * $lang_set = array('help' => 'faq', 'db' => array('help:faq', 'posting')) * </code> */ - function add_lang($lang_set, $use_db = false, $use_help = false) + function add_lang($lang_set, $use_db = false, $use_help = false, $ext_name = '') { global $phpEx; @@ -2044,36 +1926,54 @@ class user extends session if ($key == 'db') { - $this->add_lang($lang_file, true, $use_help); + $this->add_lang($lang_file, true, $use_help, $ext_name); } else if ($key == 'help') { - $this->add_lang($lang_file, $use_db, true); + $this->add_lang($lang_file, $use_db, true, $ext_name); } else if (!is_array($lang_file)) { - $this->set_lang($this->lang, $this->help, $lang_file, $use_db, $use_help); + $this->set_lang($this->lang, $this->help, $lang_file, $use_db, $use_help, $ext_name); } else { - $this->add_lang($lang_file, $use_db, $use_help); + $this->add_lang($lang_file, $use_db, $use_help, $ext_name); } } unset($lang_set); } else if ($lang_set) { - $this->set_lang($this->lang, $this->help, $lang_set, $use_db, $use_help); + $this->set_lang($this->lang, $this->help, $lang_set, $use_db, $use_help, $ext_name); } } /** + * Add Language Items from an extension - use_db and use_help are assigned where needed (only use them to force inclusion) + * + * @param string $ext_name The extension to load language from, or empty for core files + * @param mixed $lang_set specifies the language entries to include + * @param bool $use_db internal variable for recursion, do not use + * @param bool $use_help internal variable for recursion, do not use + */ + function add_lang_ext($ext_name, $lang_set, $use_db = false, $use_help = false) + { + if ($ext_name === '/') + { + $ext_name = ''; + } + + $this->add_lang($lang_set, $use_db, $use_help, $ext_name); + } + + /** * Set language entry (called by add_lang) * @access private */ - function set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false) + function set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false, $ext_name = '') { - global $phpEx; + global $phpbb_root_path, $phpEx; // Make sure the language name is set (if the user setup did not happen it is not set) if (!$this->lang_name) @@ -2089,11 +1989,32 @@ class user extends session { if ($use_help && strpos($lang_file, '/') !== false) { - $language_filename = $this->lang_path . $this->lang_name . '/' . substr($lang_file, 0, stripos($lang_file, '/') + 1) . 'help_' . substr($lang_file, stripos($lang_file, '/') + 1) . '.' . $phpEx; + $filename = dirname($lang_file) . '/help_' . basename($lang_file); + } + else + { + $filename = (($use_help) ? 'help_' : '') . $lang_file; + } + + if ($ext_name) + { + global $phpbb_extension_manager; + $ext_path = $phpbb_extension_manager->get_extension_path($ext_name, true); + + $lang_path = $ext_path . 'language/'; + } + else + { + $lang_path = $this->lang_path; + } + + if (strpos($phpbb_root_path . $filename, $lang_path . $this->lang_name . '/') === 0) + { + $language_filename = $phpbb_root_path . $filename; } else { - $language_filename = $this->lang_path . $this->lang_name . '/' . (($use_help) ? 'help_' : '') . $lang_file . '.' . $phpEx; + $language_filename = $lang_path . $this->lang_name . '/' . $filename . '.' . $phpEx; } if (!file_exists($language_filename)) @@ -2103,24 +2024,24 @@ class user extends session if ($this->lang_name == 'en') { // The user's selected language is missing the file, the board default's language is missing the file, and the file doesn't exist in /en. - $language_filename = str_replace($this->lang_path . 'en', $this->lang_path . $this->data['user_lang'], $language_filename); + $language_filename = str_replace($lang_path . 'en', $lang_path . $this->data['user_lang'], $language_filename); trigger_error('Language file ' . $language_filename . ' couldn\'t be opened.', E_USER_ERROR); } else if ($this->lang_name == basename($config['default_lang'])) { // Fall back to the English Language $this->lang_name = 'en'; - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help); + $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); } else if ($this->lang_name == $this->data['user_lang']) { // Fall back to the board default language $this->lang_name = basename($config['default_lang']); - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help); + $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); } // Reset the lang name - $this->lang_name = (file_exists($this->lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); + $this->lang_name = (file_exists($lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); return; } @@ -2266,54 +2187,11 @@ class user extends session /** * Specify/Get image - * $suffix is no longer used - we know it. ;) It is there for backward compatibility. */ - function img($img, $alt = '', $width = false, $suffix = '', $type = 'full_tag') + function img($img, $alt = '') { - static $imgs; - global $phpbb_root_path; - - $img_data = &$imgs[$img]; - - if (empty($img_data)) - { - if (!isset($this->img_array[$img])) - { - // Do not fill the image to let designers decide what to do if the image is empty - $img_data = ''; - return $img_data; - } - - // Use URL if told so - $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path; - - $img_data['src'] = $root_path . 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; - $img_data['width'] = $this->img_array[$img]['image_width']; - $img_data['height'] = $this->img_array[$img]['image_height']; - } - $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; - - switch ($type) - { - case 'src': - return $img_data['src']; - break; - - case 'width': - return ($width === false) ? $img_data['width'] : $width; - break; - - case 'height': - return $img_data['height']; - break; - - default: - $use_width = ($width === false) ? $img_data['width'] : $width; - - return '<img src="' . $img_data['src'] . '"' . (($use_width) ? ' width="' . $use_width . '"' : '') . (($img_data['height']) ? ' height="' . $img_data['height'] . '"' : '') . ' alt="' . $alt . '" title="' . $alt . '" />'; - break; - } + return '<span class="imageset ' . $img . '">' . $alt . '</span>'; } /** @@ -2390,4 +2268,37 @@ class user extends session return true; } + + /** + * Returns all password protected forum ids the user is currently NOT authenticated for. + * + * @return array Array of forum ids + * @access public + */ + function get_passworded_forums() + { + global $db; + + $sql = 'SELECT f.forum_id, fa.user_id + FROM ' . FORUMS_TABLE . ' f + LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa + ON (fa.forum_id = f.forum_id + AND fa.session_id = '" . $db->sql_escape($this->session_id) . "') + WHERE f.forum_password <> ''"; + $result = $db->sql_query($sql); + + $forum_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $forum_id = (int) $row['forum_id']; + + if ($row['user_id'] != $this->data['user_id']) + { + $forum_ids[$forum_id] = $forum_id; + } + } + $db->sql_freeresult($result); + + return $forum_ids; + } } diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php new file mode 100644 index 0000000000..bbe2f127f1 --- /dev/null +++ b/phpBB/includes/startup.php @@ -0,0 +1,150 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +// Report all errors, except notices and deprecation messages +if (!defined('E_DEPRECATED')) +{ + define('E_DEPRECATED', 8192); +} +error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED); + +/* +* Remove variables created by register_globals from the global scope +* Thanks to Matt Kavanagh +*/ +function deregister_globals() +{ + $not_unset = array( + 'GLOBALS' => true, + '_GET' => true, + '_POST' => true, + '_COOKIE' => true, + '_REQUEST' => true, + '_SERVER' => true, + '_SESSION' => true, + '_ENV' => true, + '_FILES' => true, + 'phpEx' => true, + 'phpbb_root_path' => true + ); + + // Not only will array_merge and array_keys give a warning if + // a parameter is not an array, array_merge will actually fail. + // So we check if _SESSION has been initialised. + if (!isset($_SESSION) || !is_array($_SESSION)) + { + $_SESSION = array(); + } + + // Merge all into one extremely huge array; unset this later + $input = array_merge( + array_keys($_GET), + array_keys($_POST), + array_keys($_COOKIE), + array_keys($_SERVER), + array_keys($_SESSION), + array_keys($_ENV), + array_keys($_FILES) + ); + + foreach ($input as $varname) + { + if (isset($not_unset[$varname])) + { + // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) + if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) + { + exit; + } + else + { + $cookie = &$_COOKIE; + while (isset($cookie['GLOBALS'])) + { + if (!is_array($cookie['GLOBALS'])) + { + break; + } + + foreach ($cookie['GLOBALS'] as $registered_var => $value) + { + if (!isset($not_unset[$registered_var])) + { + unset($GLOBALS[$registered_var]); + } + } + $cookie = &$cookie['GLOBALS']; + } + } + } + + unset($GLOBALS[$varname]); + } + + unset($input); +} + +// Register globals and magic quotes have been dropped in PHP 5.4 +if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) +{ + /** + * @ignore + */ + define('STRIP', false); +} +else +{ + @set_magic_quotes_runtime(0); + + // Be paranoid with passed vars + if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) + { + deregister_globals(); + } + + define('STRIP', (get_magic_quotes_gpc()) ? true : false); +} + +// Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone +if (function_exists('date_default_timezone_set') && function_exists('date_default_timezone_get')) +{ + // For PHP 5.1.0 the date/time functions have been rewritten + // and setting a timezone is required prior to calling any date/time function. + + // Since PHP 5.2.0 calls to date/time functions without having a timezone set + // result in E_STRICT errors being thrown. + // Note: We already exclude E_STRICT errors + // (to be exact: they are not included in E_ALL in PHP 5.2) + + // In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems + // because we show E_WARNING errors and do not set a default timezone. + // This is because we have our own timezone handling and work in UTC only anyway. + + // So what we basically want to do is set our timezone to UTC, + // but we don't know what other scripts (such as bridges) are involved, + // so we check whether a timezone is already set by calling date_default_timezone_get(). + + // Unfortunately, date_default_timezone_get() itself might throw E_WARNING + // if no timezone has been set, so we have to keep it quiet with @. + + // date_default_timezone_get() tries to guess the correct timezone first + // and then falls back to UTC when everything fails. + // We just set the timezone to whatever date_default_timezone_get() returns. + date_default_timezone_set(@date_default_timezone_get()); +} + +$starttime = explode(' ', microtime()); +$starttime = $starttime[1] + $starttime[0]; diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php deleted file mode 100644 index 643a86cde9..0000000000 --- a/phpBB/includes/template.php +++ /dev/null @@ -1,690 +0,0 @@ -<?php -/** -* -* @package phpBB3 -* @version $Id$ -* @copyright (c) 2005 phpBB Group, sections (c) 2001 ispi of Lincoln Inc -* @license http://opensource.org/licenses/gpl-license.php GNU Public License -* -*/ - -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - -/** -* Base Template class. -* @package phpBB3 -*/ -class template -{ - /** variable that holds all the data we'll be substituting into - * the compiled templates. Takes form: - * --> $this->_tpldata[block][iteration#][child][iteration#][child2][iteration#][variablename] == value - * if it's a root-level variable, it'll be like this: - * --> $this->_tpldata[.][0][varname] == value - */ - var $_tpldata = array('.' => array(0 => array())); - var $_rootref; - - // Root dir and hash of filenames for each template handle. - var $root = ''; - var $cachepath = ''; - var $files = array(); - var $filename = array(); - var $files_inherit = array(); - var $files_template = array(); - var $inherit_root = ''; - var $orig_tpl_storedb; - var $orig_tpl_inherits_id; - - // this will hash handle names to the compiled/uncompiled code for that handle. - var $compiled_code = array(); - - /** - * Set template location - * @access public - */ - function set_template() - { - global $phpbb_root_path, $user; - - if (file_exists($phpbb_root_path . 'styles/' . $user->theme['template_path'] . '/template')) - { - $this->root = $phpbb_root_path . 'styles/' . $user->theme['template_path'] . '/template'; - $this->cachepath = $phpbb_root_path . 'cache/tpl_' . str_replace('_', '-', $user->theme['template_path']) . '_'; - - if ($this->orig_tpl_storedb === null) - { - $this->orig_tpl_storedb = $user->theme['template_storedb']; - } - - if ($this->orig_tpl_inherits_id === null) - { - $this->orig_tpl_inherits_id = $user->theme['template_inherits_id']; - } - - $user->theme['template_storedb'] = $this->orig_tpl_storedb; - $user->theme['template_inherits_id'] = $this->orig_tpl_inherits_id; - - if ($user->theme['template_inherits_id']) - { - $this->inherit_root = $phpbb_root_path . 'styles/' . $user->theme['template_inherit_path'] . '/template'; - } - } - else - { - trigger_error('Template path could not be found: styles/' . $user->theme['template_path'] . '/template', E_USER_ERROR); - } - - $this->_rootref = &$this->_tpldata['.'][0]; - - return true; - } - - /** - * Set custom template location (able to use directory outside of phpBB) - * @access public - */ - function set_custom_template($template_path, $template_name, $fallback_template_path = false) - { - global $phpbb_root_path, $user; - - // Make sure $template_path has no ending slash - if (substr($template_path, -1) == '/') - { - $template_path = substr($template_path, 0, -1); - } - - $this->root = $template_path; - $this->cachepath = $phpbb_root_path . 'cache/ctpl_' . str_replace('_', '-', $template_name) . '_'; - - if ($fallback_template_path !== false) - { - if (substr($fallback_template_path, -1) == '/') - { - $fallback_template_path = substr($fallback_template_path, 0, -1); - } - - $this->inherit_root = $fallback_template_path; - $this->orig_tpl_inherits_id = true; - } - else - { - $this->orig_tpl_inherits_id = false; - } - - // the database does not store the path or name of a custom template - // so there is no way we can properly store custom templates there - $this->orig_tpl_storedb = false; - - $this->_rootref = &$this->_tpldata['.'][0]; - - return true; - } - - /** - * Sets the template filenames for handles. $filename_array - * should be a hash of handle => filename pairs. - * @access public - */ - function set_filenames($filename_array) - { - if (!is_array($filename_array)) - { - return false; - } - foreach ($filename_array as $handle => $filename) - { - if (empty($filename)) - { - trigger_error("template->set_filenames: Empty filename specified for $handle", E_USER_ERROR); - } - - $this->filename[$handle] = $filename; - $this->files[$handle] = $this->root . '/' . $filename; - - if ($this->inherit_root) - { - $this->files_inherit[$handle] = $this->inherit_root . '/' . $filename; - } - } - - return true; - } - - /** - * Destroy template data set - * @access public - */ - function destroy() - { - $this->_tpldata = array('.' => array(0 => array())); - $this->_rootref = &$this->_tpldata['.'][0]; - } - - /** - * Reset/empty complete block - * @access public - */ - function destroy_block_vars($blockname) - { - if (strpos($blockname, '.') !== false) - { - // Nested block. - $blocks = explode('.', $blockname); - $blockcount = sizeof($blocks) - 1; - - $str = &$this->_tpldata; - for ($i = 0; $i < $blockcount; $i++) - { - $str = &$str[$blocks[$i]]; - $str = &$str[sizeof($str) - 1]; - } - - unset($str[$blocks[$blockcount]]); - } - else - { - // Top-level block. - unset($this->_tpldata[$blockname]); - } - - return true; - } - - /** - * Display handle - * @access public - */ - function display($handle, $include_once = true) - { - global $user, $phpbb_hook; - - if (!empty($phpbb_hook) && $phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $handle, $include_once, $this)) - { - if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__))) - { - return $phpbb_hook->hook_return_result(array(__CLASS__, __FUNCTION__)); - } - } - - if (defined('IN_ERROR_HANDLER')) - { - if ((E_NOTICE & error_reporting()) == E_NOTICE) - { - error_reporting(error_reporting() ^ E_NOTICE); - } - } - - if ($filename = $this->_tpl_load($handle)) - { - ($include_once) ? include_once($filename) : include($filename); - } - else - { - eval(' ?>' . $this->compiled_code[$handle] . '<?php '); - } - - return true; - } - - /** - * Display the handle and assign the output to a template variable or return the compiled result. - * @access public - */ - function assign_display($handle, $template_var = '', $return_content = true, $include_once = false) - { - ob_start(); - $this->display($handle, $include_once); - $contents = ob_get_clean(); - - if ($return_content) - { - return $contents; - } - - $this->assign_var($template_var, $contents); - - return true; - } - - /** - * Load a compiled template if possible, if not, recompile it - * @access private - */ - function _tpl_load(&$handle) - { - global $user, $phpEx, $config; - - if (!isset($this->filename[$handle])) - { - trigger_error("template->_tpl_load(): No file specified for handle $handle", E_USER_ERROR); - } - - // reload these settings to have the values they had when this object was initialised - // using set_template or set_custom_template, they might otherwise have been overwritten - // by other template class instances in between. - $user->theme['template_storedb'] = $this->orig_tpl_storedb; - $user->theme['template_inherits_id'] = $this->orig_tpl_inherits_id; - - $filename = $this->cachepath . str_replace('/', '.', $this->filename[$handle]) . '.' . $phpEx; - $this->files_template[$handle] = (isset($user->theme['template_id'])) ? $user->theme['template_id'] : 0; - - $recompile = false; - if (!file_exists($filename) || @filesize($filename) === 0) - { - $recompile = true; - } - else if ($config['load_tplcompile']) - { - // No way around it: we need to check inheritance here - if ($user->theme['template_inherits_id'] && !file_exists($this->files[$handle])) - { - $this->files[$handle] = $this->files_inherit[$handle]; - $this->files_template[$handle] = $user->theme['template_inherits_id']; - } - $recompile = (@filemtime($filename) < filemtime($this->files[$handle])) ? true : false; - } - - // Recompile page if the original template is newer, otherwise load the compiled version - if (!$recompile) - { - return $filename; - } - - global $db, $phpbb_root_path; - - if (!class_exists('template_compile')) - { - include($phpbb_root_path . 'includes/functions_template.' . $phpEx); - } - - // Inheritance - we point to another template file for this one. Equality is also used for store_db - if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id'] && !file_exists($this->files[$handle])) - { - $this->files[$handle] = $this->files_inherit[$handle]; - $this->files_template[$handle] = $user->theme['template_inherits_id']; - } - - $compile = new template_compile($this); - - // If we don't have a file assigned to this handle, die. - if (!isset($this->files[$handle])) - { - trigger_error("template->_tpl_load(): No file specified for handle $handle", E_USER_ERROR); - } - - // Just compile if no user object is present (happens within the installer) - if (!$user) - { - $compile->_tpl_load_file($handle); - return false; - } - - if (isset($user->theme['template_storedb']) && $user->theme['template_storedb']) - { - $rows = array(); - $ids = array(); - // Inheritance - if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id']) - { - $ids[] = $user->theme['template_inherits_id']; - } - $ids[] = $user->theme['template_id']; - - foreach ($ids as $id) - { - $sql = 'SELECT * - FROM ' . STYLES_TEMPLATE_DATA_TABLE . ' - WHERE template_id = ' . $id . " - AND (template_filename = '" . $db->sql_escape($this->filename[$handle]) . "' - OR template_included " . $db->sql_like_expression($db->any_char . $this->filename[$handle] . ':' . $db->any_char) . ')'; - - $result = $db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) - { - $rows[$row['template_filename']] = $row; - } - $db->sql_freeresult($result); - } - - if (sizeof($rows)) - { - foreach ($rows as $row) - { - $file = $this->root . '/' . $row['template_filename']; - $force_reload = false; - if ($row['template_id'] != $user->theme['template_id']) - { - // make sure that we are not overlooking a file not in the db yet - if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id'] && !file_exists($file)) - { - $file = $this->inherit_root . '/' . $row['template_filename']; - $this->files[$row['template_filename']] = $file; - $this->files_inherit[$row['template_filename']] = $file; - $this->files_template[$row['template_filename']] = $user->theme['template_inherits_id']; - } - else if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id']) - { - // Ok, we have a situation. There is a file in the subtemplate, but nothing in the DB. We have to fix that. - $force_reload = true; - $this->files_template[$row['template_filename']] = $user->theme['template_inherits_id']; - } - } - else - { - $this->files_template[$row['template_filename']] = $user->theme['template_id']; - } - - if ($force_reload || $row['template_mtime'] < filemtime($file)) - { - if ($row['template_filename'] == $this->filename[$handle]) - { - $compile->_tpl_load_file($handle, true); - } - else - { - $this->files[$row['template_filename']] = $file; - $this->filename[$row['template_filename']] = $row['template_filename']; - $compile->_tpl_load_file($row['template_filename'], true); - unset($this->compiled_code[$row['template_filename']]); - unset($this->files[$row['template_filename']]); - unset($this->filename[$row['template_filename']]); - } - } - - if ($row['template_filename'] == $this->filename[$handle]) - { - $this->compiled_code[$handle] = $compile->compile(trim($row['template_data'])); - $compile->compile_write($handle, $this->compiled_code[$handle]); - } - else - { - // Only bother compiling if it doesn't already exist - if (!file_exists($this->cachepath . str_replace('/', '.', $row['template_filename']) . '.' . $phpEx)) - { - $this->filename[$row['template_filename']] = $row['template_filename']; - $compile->compile_write($row['template_filename'], $compile->compile(trim($row['template_data']))); - unset($this->filename[$row['template_filename']]); - } - } - } - } - else - { - $file = $this->root . '/' . $row['template_filename']; - - if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id'] && !file_exists($file)) - { - $file = $this->inherit_root . '/' . $row['template_filename']; - $this->files[$row['template_filename']] = $file; - $this->files_inherit[$row['template_filename']] = $file; - $this->files_template[$row['template_filename']] = $user->theme['template_inherits_id']; - } - // Try to load from filesystem and instruct to insert into the styles table... - $compile->_tpl_load_file($handle, true); - return false; - } - - return false; - } - - $compile->_tpl_load_file($handle); - return false; - } - - /** - * Assign key variable pairs from an array - * @access public - */ - function assign_vars($vararray) - { - foreach ($vararray as $key => $val) - { - $this->_rootref[$key] = $val; - } - - return true; - } - - /** - * Assign a single variable to a single key - * @access public - */ - function assign_var($varname, $varval) - { - $this->_rootref[$varname] = $varval; - - return true; - } - - /** - * Assign key variable pairs from an array to a specified block - * @access public - */ - function assign_block_vars($blockname, $vararray) - { - if (strpos($blockname, '.') !== false) - { - // Nested block. - $blocks = explode('.', $blockname); - $blockcount = sizeof($blocks) - 1; - - $str = &$this->_tpldata; - for ($i = 0; $i < $blockcount; $i++) - { - $str = &$str[$blocks[$i]]; - $str = &$str[sizeof($str) - 1]; - } - - $s_row_count = isset($str[$blocks[$blockcount]]) ? sizeof($str[$blocks[$blockcount]]) : 0; - $vararray['S_ROW_COUNT'] = $s_row_count; - - // Assign S_FIRST_ROW - if (!$s_row_count) - { - $vararray['S_FIRST_ROW'] = true; - } - - // Now the tricky part, we always assign S_LAST_ROW and remove the entry before - // This is much more clever than going through the complete template data on display (phew) - $vararray['S_LAST_ROW'] = true; - if ($s_row_count > 0) - { - unset($str[$blocks[$blockcount]][($s_row_count - 1)]['S_LAST_ROW']); - } - - // Now we add the block that we're actually assigning to. - // We're adding a new iteration to this block with the given - // variable assignments. - $str[$blocks[$blockcount]][] = $vararray; - } - else - { - // Top-level block. - $s_row_count = (isset($this->_tpldata[$blockname])) ? sizeof($this->_tpldata[$blockname]) : 0; - $vararray['S_ROW_COUNT'] = $s_row_count; - - // Assign S_FIRST_ROW - if (!$s_row_count) - { - $vararray['S_FIRST_ROW'] = true; - } - - // We always assign S_LAST_ROW and remove the entry before - $vararray['S_LAST_ROW'] = true; - if ($s_row_count > 0) - { - unset($this->_tpldata[$blockname][($s_row_count - 1)]['S_LAST_ROW']); - } - - // Add a new iteration to this block with the variable assignments we were given. - $this->_tpldata[$blockname][] = $vararray; - } - - return true; - } - - /** - * Change already assigned key variable pair (one-dimensional - single loop entry) - * - * An example of how to use this function: - * {@example alter_block_array.php} - * - * @param string $blockname the blockname, for example 'loop' - * @param array $vararray the var array to insert/add or merge - * @param mixed $key Key to search for - * - * array: KEY => VALUE [the key/value pair to search for within the loop to determine the correct position] - * - * int: Position [the position to change or insert at directly given] - * - * If key is false the position is set to 0 - * If key is true the position is set to the last entry - * - * @param string $mode Mode to execute (valid modes are 'insert' and 'change') - * - * If insert, the vararray is inserted at the given position (position counting from zero). - * If change, the current block gets merged with the vararray (resulting in new key/value pairs be added and existing keys be replaced by the new value). - * - * Since counting begins by zero, inserting at the last position will result in this array: array(vararray, last positioned array) - * and inserting at position 1 will result in this array: array(first positioned array, vararray, following vars) - * - * @return bool false on error, true on success - * @access public - */ - function alter_block_array($blockname, $vararray, $key = false, $mode = 'insert') - { - if (strpos($blockname, '.') !== false) - { - // Nested blocks are not supported - return false; - } - - // Change key to zero (change first position) if false and to last position if true - if ($key === false || $key === true) - { - $key = ($key === false) ? 0 : sizeof($this->_tpldata[$blockname]); - } - - // Get correct position if array given - if (is_array($key)) - { - // Search array to get correct position - list($search_key, $search_value) = @each($key); - - $key = NULL; - foreach ($this->_tpldata[$blockname] as $i => $val_ary) - { - if ($val_ary[$search_key] === $search_value) - { - $key = $i; - break; - } - } - - // key/value pair not found - if ($key === NULL) - { - return false; - } - } - - // Insert Block - if ($mode == 'insert') - { - // Make sure we are not exceeding the last iteration - if ($key >= sizeof($this->_tpldata[$blockname])) - { - $key = sizeof($this->_tpldata[$blockname]); - unset($this->_tpldata[$blockname][($key - 1)]['S_LAST_ROW']); - $vararray['S_LAST_ROW'] = true; - } - else if ($key === 0) - { - unset($this->_tpldata[$blockname][0]['S_FIRST_ROW']); - $vararray['S_FIRST_ROW'] = true; - } - - // Re-position template blocks - for ($i = sizeof($this->_tpldata[$blockname]); $i > $key; $i--) - { - $this->_tpldata[$blockname][$i] = $this->_tpldata[$blockname][$i-1]; - $this->_tpldata[$blockname][$i]['S_ROW_COUNT'] = $i; - } - - // Insert vararray at given position - $vararray['S_ROW_COUNT'] = $key; - $this->_tpldata[$blockname][$key] = $vararray; - - return true; - } - - // Which block to change? - if ($mode == 'change') - { - if ($key == sizeof($this->_tpldata[$blockname])) - { - $key--; - } - - $this->_tpldata[$blockname][$key] = array_merge($this->_tpldata[$blockname][$key], $vararray); - return true; - } - - return false; - } - - /** - * Include a separate template - * @access private - */ - function _tpl_include($filename, $include = true) - { - $handle = $filename; - $this->filename[$handle] = $filename; - $this->files[$handle] = $this->root . '/' . $filename; - if ($this->inherit_root) - { - $this->files_inherit[$handle] = $this->inherit_root . '/' . $filename; - } - - $filename = $this->_tpl_load($handle); - - if ($include) - { - global $user; - - if ($filename) - { - include($filename); - return; - } - eval(' ?>' . $this->compiled_code[$handle] . '<?php '); - } - } - - /** - * Include a php-file - * @access private - */ - function _php_include($filename) - { - global $phpbb_root_path; - - $file = $phpbb_root_path . $filename; - - if (!file_exists($file)) - { - // trigger_error cannot be used here, as the output already started - echo 'template->_php_include(): File ' . htmlspecialchars($file) . ' does not exist or is empty'; - return; - } - include($file); - } -} diff --git a/phpBB/includes/template/compile.php b/phpBB/includes/template/compile.php new file mode 100644 index 0000000000..8d8560ded5 --- /dev/null +++ b/phpBB/includes/template/compile.php @@ -0,0 +1,122 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +stream_filter_register('phpbb_template', 'phpbb_template_filter'); + +/** +* Extension of template class - Functions needed for compiling templates only. +* +* @package phpBB3 +* @uses template_filter As a PHP stream filter to perform compilation of templates +*/ +class phpbb_template_compile +{ + /** + * Whether <!-- PHP --> tags are allowed + * + * @var bool + */ + private $allow_php; + + /** + * Constructor. + * + * @param bool @allow_php Whether PHP code will be allowed in templates (inline PHP code, PHP tag and INCLUDEPHP tag) + */ + public function __construct($allow_php) + { + $this->allow_php = $allow_php; + } + + /** + * Compiles template in $source_file and writes compiled template to + * cache directory + * + * @param string $handle Template handle to compile + * @param string $source_file Source template file + * @return bool Return true on success otherwise false + */ + public function compile_file_to_file($source_file, $compiled_file) + { + $source_handle = @fopen($source_file, 'rb'); + $destination_handle = @fopen($compiled_file, 'wb'); + + if (!$source_handle || !$destination_handle) + { + return false; + } + + @flock($destination_handle, LOCK_EX); + + $this->compile_stream_to_stream($source_handle, $destination_handle); + + @fclose($source_handle); + @flock($destination_handle, LOCK_UN); + @fclose($destination_handle); + + phpbb_chmod($compiled_file, CHMOD_READ | CHMOD_WRITE); + + clearstatcache(); + + return true; + } + + /** + * Compiles a template located at $source_file. + * + * Returns PHP source suitable for eval(). + * + * @param string $source_file Source template file + * @return string|bool Return compiled code on successful compilation otherwise false + */ + public function compile_file($source_file) + { + $source_handle = @fopen($source_file, 'rb'); + $destination_handle = @fopen('php://temp' ,'r+b'); + + if (!$source_handle || !$destination_handle) + { + return false; + } + + $this->compile_stream_to_stream($source_handle, $destination_handle); + + @fclose($source_handle); + + rewind($destination_handle); + $contents = stream_get_contents($destination_handle); + @fclose($dest_handle); + + return $contents; + } + + /** + * Compiles contents of $source_stream into $dest_stream. + * + * A stream filter is appended to $source_stream as part of the + * process. + * + * @param resource $source_stream Source stream + * @param resource $dest_stream Destination stream + * @return void + */ + private function compile_stream_to_stream($source_stream, $dest_stream) + { + stream_filter_append($source_stream, 'phpbb_template', null, array('allow_php' => $this->allow_php)); + stream_copy_to_stream($source_stream, $dest_stream); + } +} diff --git a/phpBB/includes/template/context.php b/phpBB/includes/template/context.php new file mode 100644 index 0000000000..f85f86a0ec --- /dev/null +++ b/phpBB/includes/template/context.php @@ -0,0 +1,342 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Stores variables assigned to template. +* +* @package phpBB3 +*/ +class phpbb_template_context +{ + /** + * variable that holds all the data we'll be substituting into + * the compiled templates. Takes form: + * --> $this->tpldata[block][iteration#][child][iteration#][child2][iteration#][variablename] == value + * if it's a root-level variable, it'll be like this: + * --> $this->tpldata[.][0][varname] == value + * + * @var array + */ + private $tpldata = array('.' => array(0 => array())); + + /** + * @var array Reference to template->tpldata['.'][0] + */ + private $rootref; + + public function __construct() + { + $this->clear(); + } + + /** + * Clears template data set. + */ + public function clear() + { + $this->tpldata = array('.' => array(0 => array())); + $this->rootref = &$this->tpldata['.'][0]; + } + + /** + * Assign a single variable to a single key + * + * @param string $varname Variable name + * @param string $varval Value to assign to variable + */ + public function assign_var($varname, $varval) + { + $this->rootref[$varname] = $varval; + + return true; + } + + /** + * Returns a reference to template data array. + * + * This function is public so that template renderer may invoke it. + * Users should alter template variables via functions in phpbb_template. + * + * Note: modifying returned array will affect data stored in the context. + * + * @return array template data + */ + public function &get_data_ref() + { + // returning a reference directly is not + // something php is capable of doing + $ref = &$this->tpldata; + return $ref; + } + + /** + * Returns a reference to template root scope. + * + * This function is public so that template renderer may invoke it. + * Users should not need to invoke this function. + * + * Note: modifying returned array will affect data stored in the context. + * + * @return array template data + */ + public function &get_root_ref() + { + // rootref is already a reference + return $this->rootref; + } + + /** + * Assign key variable pairs from an array to a specified block + * + * @param string $blockname Name of block to assign $vararray to + * @param array $vararray A hash of variable name => value pairs + */ + public function assign_block_vars($blockname, array $vararray) + { + if (strpos($blockname, '.') !== false) + { + // Nested block. + $blocks = explode('.', $blockname); + $blockcount = sizeof($blocks) - 1; + + $str = &$this->tpldata; + for ($i = 0; $i < $blockcount; $i++) + { + $str = &$str[$blocks[$i]]; + $str = &$str[sizeof($str) - 1]; + } + + $s_row_count = isset($str[$blocks[$blockcount]]) ? sizeof($str[$blocks[$blockcount]]) : 0; + $vararray['S_ROW_COUNT'] = $s_row_count; + + // Assign S_FIRST_ROW + if (!$s_row_count) + { + $vararray['S_FIRST_ROW'] = true; + } + + // Now the tricky part, we always assign S_LAST_ROW and remove the entry before + // This is much more clever than going through the complete template data on display (phew) + $vararray['S_LAST_ROW'] = true; + if ($s_row_count > 0) + { + unset($str[$blocks[$blockcount]][($s_row_count - 1)]['S_LAST_ROW']); + } + + // Now we add the block that we're actually assigning to. + // We're adding a new iteration to this block with the given + // variable assignments. + $str[$blocks[$blockcount]][] = $vararray; + } + else + { + // Top-level block. + $s_row_count = (isset($this->tpldata[$blockname])) ? sizeof($this->tpldata[$blockname]) : 0; + $vararray['S_ROW_COUNT'] = $s_row_count; + + // Assign S_FIRST_ROW + if (!$s_row_count) + { + $vararray['S_FIRST_ROW'] = true; + } + + // We always assign S_LAST_ROW and remove the entry before + $vararray['S_LAST_ROW'] = true; + if ($s_row_count > 0) + { + unset($this->tpldata[$blockname][($s_row_count - 1)]['S_LAST_ROW']); + } + + // Add a new iteration to this block with the variable assignments we were given. + $this->tpldata[$blockname][] = $vararray; + } + + return true; + } + + /** + * Change already assigned key variable pair (one-dimensional - single loop entry) + * + * An example of how to use this function: + * {@example alter_block_array.php} + * + * @param string $blockname the blockname, for example 'loop' + * @param array $vararray the var array to insert/add or merge + * @param mixed $key Key to search for + * + * array: KEY => VALUE [the key/value pair to search for within the loop to determine the correct position] + * + * int: Position [the position to change or insert at directly given] + * + * If key is false the position is set to 0 + * If key is true the position is set to the last entry + * + * @param string $mode Mode to execute (valid modes are 'insert' and 'change') + * + * If insert, the vararray is inserted at the given position (position counting from zero). + * If change, the current block gets merged with the vararray (resulting in new key/value pairs be added and existing keys be replaced by the new value). + * + * Since counting begins by zero, inserting at the last position will result in this array: array(vararray, last positioned array) + * and inserting at position 1 will result in this array: array(first positioned array, vararray, following vars) + * + * @return bool false on error, true on success + */ + public function alter_block_array($blockname, array $vararray, $key = false, $mode = 'insert') + { + if (strpos($blockname, '.') !== false) + { + // Nested block. + $blocks = explode('.', $blockname); + $blockcount = sizeof($blocks) - 1; + + $block = &$this->tpldata; + for ($i = 0; $i < $blockcount; $i++) + { + if (($pos = strpos($blocks[$i], '[')) !== false) + { + $name = substr($blocks[$i], 0, $pos); + + if (strpos($blocks[$i], '[]') === $pos) + { + $index = sizeof($block[$name]) - 1; + } + else + { + $index = min((int) substr($blocks[$i], $pos + 1, -1), sizeof($block[$name]) - 1); + } + } + else + { + $name = $blocks[$i]; + $index = sizeof($block[$name]) - 1; + } + $block = &$block[$name]; + $block = &$block[$index]; + } + + $block = &$block[$blocks[$i]]; // Traverse the last block + } + else + { + // Top-level block. + $block = &$this->tpldata[$blockname]; + } + + // Change key to zero (change first position) if false and to last position if true + if ($key === false || $key === true) + { + $key = ($key === false) ? 0 : sizeof($block); + } + + // Get correct position if array given + if (is_array($key)) + { + // Search array to get correct position + list($search_key, $search_value) = @each($key); + + $key = NULL; + foreach ($block as $i => $val_ary) + { + if ($val_ary[$search_key] === $search_value) + { + $key = $i; + break; + } + } + + // key/value pair not found + if ($key === NULL) + { + return false; + } + } + + // Insert Block + if ($mode == 'insert') + { + // Make sure we are not exceeding the last iteration + if ($key >= sizeof($this->tpldata[$blockname])) + { + $key = sizeof($this->tpldata[$blockname]); + unset($this->tpldata[$blockname][($key - 1)]['S_LAST_ROW']); + $vararray['S_LAST_ROW'] = true; + } + else if ($key === 0) + { + unset($this->tpldata[$blockname][0]['S_FIRST_ROW']); + $vararray['S_FIRST_ROW'] = true; + } + + // Re-position template blocks + for ($i = sizeof($block); $i > $key; $i--) + { + $block[$i] = $block[$i-1]; + } + + // Insert vararray at given position + $block[$key] = $vararray; + + return true; + } + + // Which block to change? + if ($mode == 'change') + { + if ($key == sizeof($block)) + { + $key--; + } + + $block[$key] = array_merge($block[$key], $vararray); + + return true; + } + + return false; + } + + /** + * Reset/empty complete block + * + * @param string $blockname Name of block to destroy + */ + public function destroy_block_vars($blockname) + { + if (strpos($blockname, '.') !== false) + { + // Nested block. + $blocks = explode('.', $blockname); + $blockcount = sizeof($blocks) - 1; + + $str = &$this->tpldata; + for ($i = 0; $i < $blockcount; $i++) + { + $str = &$str[$blocks[$i]]; + $str = &$str[sizeof($str) - 1]; + } + + unset($str[$blocks[$blockcount]]); + } + else + { + // Top-level block. + unset($this->tpldata[$blockname]); + } + + return true; + } +} diff --git a/phpBB/includes/template/extension_path_provider.php b/phpBB/includes/template/extension_path_provider.php new file mode 100644 index 0000000000..0feeaafed0 --- /dev/null +++ b/phpBB/includes/template/extension_path_provider.php @@ -0,0 +1,130 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Provides a template locator with core template paths and extension template paths +* +* Finds installed template paths and makes them available to the locator. +* +* @package phpBB3 +*/ +class phpbb_template_extension_path_provider extends phpbb_extension_provider implements phpbb_template_path_provider_interface +{ + /** + * Optional prefix for template paths searched within extensions. + * + * Empty by default. Relative to the extension directory. As an example, it + * could be adm/ for admin templates. + * + * @var string + */ + protected $ext_dir_prefix = ''; + + /** + * A provider of paths to be searched for templates + * @var phpbb_template_path_provider + */ + protected $base_path_provider; + + /** + * Constructor stores extension manager + * + * @param phpbb_extension_manager $extension_manager phpBB extension manager + * @param phpbb_template_path_provider $base_path_provider A simple path provider + * to provide paths to be located in extensions + */ + public function __construct(phpbb_extension_manager $extension_manager, phpbb_template_path_provider $base_path_provider) + { + parent::__construct($extension_manager); + $this->base_path_provider = $base_path_provider; + } + + /** + * Sets a prefix for template paths searched within extensions. + * + * The prefix is inserted between the extension's path e.g. ext/foo/ and + * the looked up template path, e.g. styles/bar/template/some.html. So it + * should not have a leading slash, but should have a trailing slash. + * + * @param string $ext_dir_prefix The prefix including trailing slash + * @return null + */ + public function set_ext_dir_prefix($ext_dir_prefix) + { + $this->ext_dir_prefix = $ext_dir_prefix; + } + + /** + * Finds template paths using the extension manager + * + * Locates a path (e.g. styles/prosilver/template/) in all active extensions. + * Then appends the core template paths based in the current working + * directory. + * + * @return array List of template paths + */ + public function find() + { + $directories = array(); + + $finder = $this->extension_manager->get_finder(); + foreach ($this->base_path_provider as $path) + { + if ($path && !phpbb_is_absolute($path)) + { + $directories = array_merge($directories, $finder + ->directory('/' . $this->ext_dir_prefix . $path) + ->get_directories() + ); + } + } + + foreach ($this->base_path_provider as $path) + { + $directories[] = $path; + } + + return $directories; + } + + /** + * Overwrites the current template names and paths + * + * @param array $templates An associative map from template names to paths. + * The first element is the main template. + * If the path is false, it will be generated from + * the supplied name. + * @param string $style_root_path The root directory for styles identified + * by name only. + * @return null + */ + public function set_templates(array $templates, $style_root_path) + { + $this->base_path_provider->set_templates($templates, $style_root_path); + $this->items = null; + } + + /** + * Retrieves the path to the main template passed into set_templates() + * + * @return string Main template path + */ + public function get_main_template_path() + { + return $this->base_path_provider->get_main_template_path(); + } +} diff --git a/phpBB/includes/template/filter.php b/phpBB/includes/template/filter.php new file mode 100644 index 0000000000..115fe21e35 --- /dev/null +++ b/phpBB/includes/template/filter.php @@ -0,0 +1,971 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group, sections (c) 2001 ispi of Lincoln Inc +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* The template filter that does the actual compilation +* +* psoTFX, phpBB Development Team - Completion of file caching, decompilation +* routines and implementation of conditionals/keywords and associated changes +* +* The interface was inspired by PHPLib templates, and the template file (formats are +* quite similar) +* +* The keyword/conditional implementation is currently based on sections of code from +* the Smarty templating engine (c) 2001 ispi of Lincoln, Inc. which is released +* (on its own and in whole) under the LGPL. Section 3 of the LGPL states that any code +* derived from an LGPL application may be relicenced under the GPL, this applies +* to this source +* +* DEFINE directive inspired by a request by Cyberalien +* +* @see template_compile +* @package phpBB3 +*/ +class phpbb_template_filter extends php_user_filter +{ + const REGEX_NS = '[a-z_][a-z_0-9]+'; + + const REGEX_VAR = '[A-Z_][A-Z_0-9]+'; + const REGEX_VAR_SUFFIX = '[A-Z_0-9]+'; + + const REGEX_TAG = '<!-- ([A-Z][A-Z_0-9]+)(?: (.*?) ?)?-->'; + + const REGEX_TOKENS = '~<!-- ([A-Z][A-Z_0-9]+)(?: (.*?) ?)?-->|{((?:[a-z_][a-z_0-9]+\.)*\\$?[A-Z][A-Z_0-9]+)}~'; + + /** + * @var array + */ + private $block_names = array(); + + /** + * @var array + */ + private $block_else_level = array(); + + /** + * @var string + */ + private $chunk; + + /** + * @var bool + */ + private $in_php; + + /** + * Whether inline PHP code, <!-- PHP --> and <!-- INCLUDEPHP --> tags + * are allowed. If this is false all PHP code will be silently + * removed from the template during compilation. + * + * @var bool + */ + private $allow_php; + + /** + * Stream filter + * + * Is invoked for evey chunk of the stream, allowing us + * to work on a chunk at a time, which saves memory. + */ + public function filter($in, $out, &$consumed, $closing) + { + $written = false; + $first = false; + + while ($bucket = stream_bucket_make_writeable($in)) + { + $consumed += $bucket->datalen; + + $data = $this->chunk . $bucket->data; + $last_nl = strrpos($data, "\n"); + $this->chunk = substr($data, $last_nl); + $data = substr($data, 0, $last_nl); + + if (!strlen($data)) + { + continue; + } + + $written = true; + + $data = $this->compile($data); + if (!$first) + { + $data = $this->prepend_preamble($data); + $first = false; + } + $bucket->data = $data; + $bucket->datalen = strlen($bucket->data); + stream_bucket_append($out, $bucket); + } + + if ($closing && strlen($this->chunk)) + { + $written = true; + $bucket = stream_bucket_new($this->stream, $this->compile($this->chunk)); + stream_bucket_append($out, $bucket); + } + + return $written ? PSFS_PASS_ON : PSFS_FEED_ME; + } + + /** + * Initializer, called on creation. + * + * Get the allow_php option from params, which is passed + * to stream_filter_append. + */ + public function onCreate() + { + $this->chunk = ''; + $this->in_php = false; + $this->allow_php = $this->params['allow_php']; + return true; + } + + /** + * Compiles a chunk of template. + * + * The chunk must comprise of one or more complete lines from the source + * template. + * + * @param string $data Chunk of source template to compile + * @return string Compiled PHP/HTML code + */ + private function compile($data) + { + $block_start_in_php = $this->in_php; + + $data = preg_replace('#<(?:[\\?%]|script)#s', '<?php echo\'\\0\';?>', $data); + $data = preg_replace_callback(self::REGEX_TOKENS, array($this, 'replace'), $data); + + // Remove php + if (!$this->allow_php) + { + if ($block_start_in_php + && $this->in_php + && strpos($data, '<!-- PHP -->') === false + && strpos($data, '<!-- ENDPHP -->') === false) + { + // This is just php code + return ''; + } + $data = preg_replace('~^.*?<!-- ENDPHP -->~', '', $data); + $data = preg_replace('~<!-- PHP -->.*?<!-- ENDPHP -->~', '', $data); + $data = preg_replace('~<!-- ENDPHP -->.*?$~', '', $data); + } + + /* + Preserve whitespace. + PHP removes a newline after the closing tag (if it's there). This is by design. + + + Consider the following template: + + <!-- IF condition --> + some content + <!-- ENDIF --> + + If we were to simply preserve all whitespace, we could simply replace all "?>" tags + with "?>\n". + Doing that, would add additional newlines to the compiled tempalte in place of the + IF and ENDIF statements. These newlines are unwanted (and one is conditional). + The IF and ENDIF are usually on their own line for ease of reading. + + This replacement preserves newlines only for statements that aren't the only statement on a line. + It will NOT preserve newlines at the end of statements in the above examle. + It will preserve newlines in situations like: + + <!-- IF condition -->inline content<!-- ENDIF --> + + + */ + + $data = preg_replace('~(?<!^)(<\?php(?:(?<!\?>).)+(?<!/\*\*/)\?>)$~m', "$1\n", $data); + $data = str_replace('/**/?>', "?>\n", $data); + $data = str_replace('?><?php', '', $data); + return $data; + } + + /** + * Prepends a preamble to compiled template. + * Currently preamble checks if IN_PHPBB is defined and calls exit() if it is not. + * + * @param string $data Compiled template chunk + * @return string Compiled template chunk with preamble prepended + */ + private function prepend_preamble($data) + { + $data = "<?php if (!defined('IN_PHPBB')) exit;" . ((strncmp($data, '<?php', 5) === 0) ? substr($data, 5) : ' ?>' . $data); + return $data; + } + + /** + * Callback for replacing matched tokens with PHP code + * + * @param array $matches Regular expression matches + * @return string compiled template code + */ + private function replace($matches) + { + if ($this->in_php && $matches[1] != 'ENDPHP') + { + return ''; + } + + if (isset($matches[3])) + { + return $this->compile_var_tags($matches[0]); + } + + switch ($matches[1]) + { + case 'BEGIN': + $this->block_else_level[] = false; + return '<?php ' . $this->compile_tag_block($matches[2]) . ' ?>'; + break; + + case 'BEGINELSE': + $this->block_else_level[sizeof($this->block_else_level) - 1] = true; + return '<?php }} else { ?>'; + break; + + case 'END': + array_pop($this->block_names); + return '<?php ' . ((array_pop($this->block_else_level)) ? '}' : '}}') . ' ?>'; + break; + + case 'IF': + return '<?php ' . $this->compile_tag_if($matches[2], false) . ' ?>'; + break; + + case 'ELSE': + return '<?php } else { ?>'; + break; + + case 'ELSEIF': + return '<?php ' . $this->compile_tag_if($matches[2], true) . ' ?>'; + break; + + case 'ENDIF': + return '<?php } ?>'; + break; + + case 'DEFINE': + return '<?php ' . $this->compile_tag_define($matches[2], true) . ' ?>'; + break; + + case 'UNDEFINE': + return '<?php ' . $this->compile_tag_define($matches[2], false) . ' ?>'; + break; + + case 'INCLUDE': + return '<?php ' . $this->compile_tag_include($matches[2]) . ' ?>'; + break; + + case 'INCLUDEPHP': + return ($this->allow_php) ? '<?php ' . $this->compile_tag_include_php($matches[2]) . ' ?>' : ''; + break; + + case 'PHP': + if ($this->allow_php) + { + $this->in_php = true; + return '<?php '; + } + return '<!-- PHP -->'; + break; + + case 'ENDPHP': + if ($this->allow_php) + { + $this->in_php = false; + return ' ?>'; + } + return '<!-- ENDPHP -->'; + break; + + default: + return $matches[0]; + break; + + } + return ''; + } + + /** + * Convert template variables into PHP varrefs + * + * @param string $text_blocks Variable reference in source template + * @param bool $is_expr Returns whether the source was an expression type variable (i.e. S_FIRST_ROW) + * @return string PHP variable name + */ + private function get_varref($text_blocks, &$is_expr) + { + // change template varrefs into PHP varrefs + $varrefs = array(); + + // This one will handle varrefs WITH namespaces + preg_match_all('#\{((?:' . self::REGEX_NS . '\.)+)(\$)?(' . self::REGEX_VAR . ')\}#', $text_blocks, $varrefs, PREG_SET_ORDER); + + foreach ($varrefs as $var_val) + { + $namespace = $var_val[1]; + $varname = $var_val[3]; + $new = $this->generate_block_varref($namespace, $varname, $is_expr, $var_val[2]); + + $text_blocks = str_replace($var_val[0], $new, $text_blocks); + } + + // Language variables cannot be reduced to a single varref, so they must be skipped + // These two replacements would break language variables, so we can only run them on non-language types + if (strpos($text_blocks, '{L_') === false && strpos($text_blocks, '{LA_') === false) + { + // This will handle the remaining root-level varrefs + $text_blocks = preg_replace('#\{(' . self::REGEX_VAR . ')\}#', "\$_rootref['\\1']", $text_blocks); + $text_blocks = preg_replace('#\{\$(' . self::REGEX_VAR . ')\}#', "\$_tpldata['DEFINE']['.']['\\1']", $text_blocks); + } + + return $text_blocks; + } + + /** + * Compile variables + * + * @param string $text_blocks Variable reference in source template + * @return string compiled template code + */ + private function compile_var_tags(&$text_blocks) + { + $text_blocks = $this->get_varref($text_blocks, $is_expr); + $lang_replaced = $this->compile_language_tags($text_blocks); + + if(!$lang_replaced) + { + $text_blocks = '<?php echo ' . ($is_expr ? "$text_blocks" : "(isset($text_blocks)) ? $text_blocks : ''") . '; /**/?>'; + } + + return $text_blocks; + } + + /** + * Handles special language tags L_ and LA_ + * + * @param string $text_blocks Variable reference in source template + * @return bool Whether a replacement occurred or not + */ + private function compile_language_tags(&$text_blocks) + { + $replacements = 0; + + // transform vars prefixed by L_ into their language variable pendant if nothing is set within the tpldata array + if (strpos($text_blocks, '{L_') !== false) + { + $text_blocks = preg_replace('#\{L_(' . self::REGEX_VAR_SUFFIX . ')\}#', "<?php echo ((isset(\$_rootref['L_\\1'])) ? \$_rootref['L_\\1'] : ((isset(\$_lang['\\1'])) ? \$_lang['\\1'] : '{ \\1 }')); /**/?>", $text_blocks, -1, $replacements); + return (bool) $replacements; + } + + // Handle addslashed language variables prefixed with LA_ + // If a template variable already exist, it will be used in favor of it... + if (strpos($text_blocks, '{LA_') !== false) + { + $text_blocks = preg_replace('#\{LA_(' . self::REGEX_VAR_SUFFIX . '+)\}#', "<?php echo ((isset(\$_rootref['LA_\\1'])) ? \$_rootref['LA_\\1'] : ((isset(\$_rootref['L_\\1'])) ? addslashes(\$_rootref['L_\\1']) : ((isset(\$_lang['\\1'])) ? addslashes(\$_lang['\\1']) : '{ \\1 }'))); /**/?>", $text_blocks, -1, $replacements); + return (bool) $replacements; + } + + return false; + } + + /** + * Compile blocks + * + * @param string $tag_args Block contents in source template + * @return string compiled template code + */ + private function compile_tag_block($tag_args) + { + $no_nesting = false; + + // Is the designer wanting to call another loop in a loop? + // <!-- BEGIN loop --> + // <!-- BEGIN !loop2 --> + // <!-- END !loop2 --> + // <!-- END loop --> + // 'loop2' is actually on the same nesting level as 'loop' you assign + // variables to it with template->assign_block_vars('loop2', array(...)) + if (strpos($tag_args, '!') === 0) + { + // Count the number if ! occurrences (not allowed in vars) + $no_nesting = substr_count($tag_args, '!'); + $tag_args = substr($tag_args, $no_nesting); + } + + // Allow for control of looping (indexes start from zero): + // foo(2) : Will start the loop on the 3rd entry + // foo(-2) : Will start the loop two entries from the end + // foo(3,4) : Will start the loop on the fourth entry and end it on the fifth + // foo(3,-4) : Will start the loop on the fourth entry and end it four from last + $match = array(); + + if (preg_match('#^([^()]*)\(([\-\d]+)(?:,([\-\d]+))?\)$#', $tag_args, $match)) + { + $tag_args = $match[1]; + + if ($match[2] < 0) + { + $loop_start = '($_' . $tag_args . '_count ' . $match[2] . ' < 0 ? 0 : $_' . $tag_args . '_count ' . $match[2] . ')'; + } + else + { + $loop_start = '($_' . $tag_args . '_count < ' . $match[2] . ' ? $_' . $tag_args . '_count : ' . $match[2] . ')'; + } + + if (!isset($match[3]) || strlen($match[3]) < 1 || $match[3] == -1) + { + $loop_end = '$_' . $tag_args . '_count'; + } + else if ($match[3] >= 0) + { + $loop_end = '(' . ($match[3] + 1) . ' > $_' . $tag_args . '_count ? $_' . $tag_args . '_count : ' . ($match[3] + 1) . ')'; + } + else //if ($match[3] < -1) + { + $loop_end = '$_' . $tag_args . '_count' . ($match[3] + 1); + } + } + else + { + $loop_start = 0; + $loop_end = '$_' . $tag_args . '_count'; + } + + $tag_template_php = ''; + array_push($this->block_names, $tag_args); + + if ($no_nesting !== false) + { + // We need to implode $no_nesting times from the end... + $block = array_slice($this->block_names, -$no_nesting); + } + else + { + $block = $this->block_names; + } + + if (sizeof($block) < 2) + { + // Block is not nested. + $tag_template_php = '$_' . $tag_args . "_count = (isset(\$_tpldata['$tag_args'])) ? sizeof(\$_tpldata['$tag_args']) : 0;"; + $varref = "\$_tpldata['$tag_args']"; + } + else + { + // This block is nested. + // Generate a namespace string for this block. + $namespace = implode('.', $block); + + // Get a reference to the data array for this block that depends on the + // current indices of all parent blocks. + $varref = $this->generate_block_data_ref($namespace, false); + + // Create the for loop code to iterate over this block. + $tag_template_php = '$_' . $tag_args . '_count = (isset(' . $varref . ')) ? sizeof(' . $varref . ') : 0;'; + } + + $tag_template_php .= 'if ($_' . $tag_args . '_count) {'; + + /** + * The following uses foreach for iteration instead of a for loop, foreach is faster but requires PHP to make a copy of the contents of the array which uses more memory + * <code> + * if (!$offset) + * { + * $tag_template_php .= 'foreach (' . $varref . ' as $_' . $tag_args . '_i => $_' . $tag_args . '_val){'; + * } + * </code> + */ + + $tag_template_php .= 'for ($_' . $tag_args . '_i = ' . $loop_start . '; $_' . $tag_args . '_i < ' . $loop_end . '; ++$_' . $tag_args . '_i){'; + $tag_template_php .= '$_' . $tag_args . '_val = &' . $varref . '[$_' . $tag_args . '_i];'; + + return $tag_template_php; + } + + /** + * Compile a general expression - much of this is from Smarty with + * some adaptions for our block level methods + * + * @param string $tag_args Expression (tag arguments) in source template + * @return string compiled template code + */ + private function compile_expression($tag_args) + { + $match = array(); + preg_match_all('/(?: + "[^"\\\\]*(?:\\\\.[^"\\\\]*)*" | + \'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\' | + [(),] | + [^\s(),]+)/x', $tag_args, $match); + + $tokens = $match[0]; + $is_arg_stack = array(); + + for ($i = 0, $size = sizeof($tokens); $i < $size; $i++) + { + $token = &$tokens[$i]; + + switch ($token) + { + case '!==': + case '===': + case '<<': + case '>>': + case '|': + case '^': + case '&': + case '~': + case ')': + case ',': + case '+': + case '-': + case '*': + case '/': + case '@': + break; + + case '==': + case 'eq': + $token = '=='; + break; + + case '!=': + case '<>': + case 'ne': + case 'neq': + $token = '!='; + break; + + case '<': + case 'lt': + $token = '<'; + break; + + case '<=': + case 'le': + case 'lte': + $token = '<='; + break; + + case '>': + case 'gt': + $token = '>'; + break; + + case '>=': + case 'ge': + case 'gte': + $token = '>='; + break; + + case '&&': + case 'and': + $token = '&&'; + break; + + case '||': + case 'or': + $token = '||'; + break; + + case '!': + case 'not': + $token = '!'; + break; + + case '%': + case 'mod': + $token = '%'; + break; + + case '(': + array_push($is_arg_stack, $i); + break; + + case 'is': + $is_arg_start = ($tokens[$i-1] == ')') ? array_pop($is_arg_stack) : $i-1; + $is_arg = implode(' ', array_slice($tokens, $is_arg_start, $i - $is_arg_start)); + + $new_tokens = $this->_parse_is_expr($is_arg, array_slice($tokens, $i+1)); + + array_splice($tokens, $is_arg_start, sizeof($tokens), $new_tokens); + + $i = $is_arg_start; + + // no break + + default: + $varrefs = array(); + if (preg_match('#^((?:' . self::REGEX_NS . '\.)+)?(\$)?(?=[A-Z])([A-Z0-9\-_]+)#s', $token, $varrefs)) + { + if (!empty($varrefs[1])) + { + $namespace = substr($varrefs[1], 0, -1); + $dot_pos = strrchr($namespace, '.'); + if ($dot_pos !== false) + { + $namespace = substr($dot_pos, 1); + } + + // S_ROW_COUNT is deceptive, it returns the current row number not the number of rows + // hence S_ROW_COUNT is deprecated in favour of S_ROW_NUM + switch ($varrefs[3]) + { + case 'S_ROW_NUM': + case 'S_ROW_COUNT': + $token = "\$_${namespace}_i"; + break; + + case 'S_NUM_ROWS': + $token = "\$_${namespace}_count"; + break; + + case 'S_FIRST_ROW': + $token = "(\$_${namespace}_i == 0)"; + break; + + case 'S_LAST_ROW': + $token = "(\$_${namespace}_i == \$_${namespace}_count - 1)"; + break; + + case 'S_BLOCK_NAME': + $token = "'$namespace'"; + break; + + default: + $token = $this->generate_block_data_ref(substr($varrefs[1], 0, -1), true, $varrefs[2]) . '[\'' . $varrefs[3] . '\']'; + $token = '(isset(' . $token . ') ? ' . $token . ' : null)'; + break; + } + } + else + { + $token = ($varrefs[2]) ? '$_tpldata[\'DEFINE\'][\'.\'][\'' . $varrefs[3] . '\']' : '$_rootref[\'' . $varrefs[3] . '\']'; + $token = '(isset(' . $token . ') ? ' . $token . ' : null)'; + } + + } + else if (preg_match('#^\.((?:' . self::REGEX_NS . '\.?)+)$#s', $token, $varrefs)) + { + // Allow checking if loops are set with .loopname + // It is also possible to check the loop count by doing <!-- IF .loopname > 1 --> for example + $blocks = explode('.', $varrefs[1]); + + // If the block is nested, we have a reference that we can grab. + // If the block is not nested, we just go and grab the block from _tpldata + if (sizeof($blocks) > 1) + { + $block = array_pop($blocks); + $namespace = implode('.', $blocks); + $varref = $this->generate_block_data_ref($namespace, true); + + // Add the block reference for the last child. + $varref .= "['" . $block . "']"; + } + else + { + $varref = '$_tpldata'; + + // Add the block reference for the last child. + $varref .= "['" . $blocks[0] . "']"; + } + $token = "(isset($varref) ? sizeof($varref) : 0)"; + } + + break; + } + } + + return $tokens; + } + + /** + * Compile IF tags + * + * @param string $tag_args Expression given with IF in source template + * @param bool $elseif True if compiling an IF tag, false if compiling an ELSEIF tag + * @return string compiled template code + */ + private function compile_tag_if($tag_args, $elseif) + { + $tokens = $this->compile_expression($tag_args); + + $tpl = ($elseif) ? '} else if (' : 'if ('; + + $tpl .= implode(' ', $tokens); + $tpl .= ') { '; + + return $tpl; + } + + /** + * Compile DEFINE tags + * + * @param string $tag_args Expression given with DEFINE in source template + * @param bool $op True if compiling a DEFINE tag, false if compiling an UNDEFINE tag + * @return string compiled template code + */ + private function compile_tag_define($tag_args, $op) + { + $match = array(); + preg_match('#^((?:' . self::REGEX_NS . '\.)+)?\$(?=[A-Z])([A-Z0-9_\-]*)(?: = (.*?))?$#', $tag_args, $match); + + if (empty($match[2]) || (!isset($match[3]) && $op)) + { + return ''; + } + + if (!$op) + { + return 'unset(' . (($match[1]) ? $this->generate_block_data_ref(substr($match[1], 0, -1), true, true) . '[\'' . $match[2] . '\']' : '$_tpldata[\'DEFINE\'][\'.\'][\'' . $match[2] . '\']') . ');'; + } + + $parsed_statement = implode(' ', $this->compile_expression($match[3])); + + return (($match[1]) ? $this->generate_block_data_ref(substr($match[1], 0, -1), true, true) . '[\'' . $match[2] . '\']' : '$_tpldata[\'DEFINE\'][\'.\'][\'' . $match[2] . '\']') . ' = ' . $parsed_statement . ';'; + } + + /** + * Compile INCLUDE tag + * + * @param string $tag_args Expression given with INCLUDE in source template + * @return string compiled template code + */ + private function compile_tag_include($tag_args) + { + // Process dynamic includes + if ($tag_args[0] == '{') + { + $var = $this->get_varref($tag_args, $is_expr); + + // Make sure someone didn't try to include S_FIRST_ROW or similar + if (!$is_expr) + { + return "if (isset($var)) { \$_template->_tpl_include($var); }"; + } + } + + return "\$_template->_tpl_include('$tag_args');"; + } + + /** + * Compile INCLUDE_PHP tag + * + * @param string $tag_args Expression given with INCLUDEPHP in source template + * @return string compiled template code + */ + private function compile_tag_include_php($tag_args) + { + return "\$_template->_php_include('$tag_args');"; + } + + /** + * parse expression + * This is from Smarty + */ + private function _parse_is_expr($is_arg, $tokens) + { + $expr_end = 0; + $negate_expr = false; + + if (($first_token = array_shift($tokens)) == 'not') + { + $negate_expr = true; + $expr_type = array_shift($tokens); + } + else + { + $expr_type = $first_token; + } + + switch ($expr_type) + { + case 'even': + if (isset($tokens[$expr_end]) && $tokens[$expr_end] == 'by') + { + $expr_end++; + $expr_arg = $tokens[$expr_end++]; + $expr = "!(($is_arg / $expr_arg) & 1)"; + } + else + { + $expr = "!($is_arg & 1)"; + } + break; + + case 'odd': + if (isset($tokens[$expr_end]) && $tokens[$expr_end] == 'by') + { + $expr_end++; + $expr_arg = $tokens[$expr_end++]; + $expr = "(($is_arg / $expr_arg) & 1)"; + } + else + { + $expr = "($is_arg & 1)"; + } + break; + + case 'div': + if (isset($tokens[$expr_end]) && $tokens[$expr_end] == 'by') + { + $expr_end++; + $expr_arg = $tokens[$expr_end++]; + $expr = "!($is_arg % $expr_arg)"; + } + break; + } + + if ($negate_expr) + { + if ($expr[0] == '!') + { + // Negated expression, de-negate it. + $expr = substr($expr, 1); + } + else + { + $expr = "!($expr)"; + } + } + + array_splice($tokens, 0, $expr_end, $expr); + + return $tokens; + } + + /** + * Generates a reference to the given variable inside the given (possibly nested) + * block namespace. This is a string of the form: + * ' . $_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['varname'] . ' + * It's ready to be inserted into an "echo" line in one of the templates. + * + * @param string $namespace Namespace to access (expects a trailing "." on the namespace) + * @param string $varname Variable name to use + * @param bool $expr Returns whether the source was an expression type + * @param bool $defop If true this is a variable created with the DEFINE construct, otherwise template variable + * @return string Code to access variable or echo it if $echo is true + */ + private function generate_block_varref($namespace, $varname, &$expr, $defop = false) + { + // Strip the trailing period. + $namespace = substr($namespace, 0, -1); + + if (($pos = strrpos($namespace, '.')) !== false) + { + $local_namespace = substr($namespace, $pos + 1); + } + else + { + $local_namespace = $namespace; + } + + $expr = true; + + // S_ROW_COUNT is deceptive, it returns the current row number now the number of rows + // hence S_ROW_COUNT is deprecated in favour of S_ROW_NUM + switch ($varname) + { + case 'S_ROW_NUM': + case 'S_ROW_COUNT': + $varref = "\$_${local_namespace}_i"; + break; + + case 'S_NUM_ROWS': + $varref = "\$_${local_namespace}_count"; + break; + + case 'S_FIRST_ROW': + $varref = "(\$_${local_namespace}_i == 0)"; + break; + + case 'S_LAST_ROW': + $varref = "(\$_${local_namespace}_i == \$_${local_namespace}_count - 1)"; + break; + + case 'S_BLOCK_NAME': + $varref = "'$local_namespace'"; + break; + + default: + // Get a reference to the data block for this namespace. + $varref = $this->generate_block_data_ref($namespace, true, $defop); + // Prepend the necessary code to stick this in an echo line. + + // Append the variable reference. + $varref .= "['$varname']"; + + $expr = false; + break; + } + // @todo Test the !$expr more + + return $varref; + } + + /** + * Generates a reference to the array of data values for the given + * (possibly nested) block namespace. This is a string of the form: + * $_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['$childN'] + * + * @param string $blockname Block to access (does not expect a trailing "." on the blockname) + * @param bool $include_last_iterator If $include_last_iterator is true, then [$_childN_i] will be appended to the form shown above. + * @param bool $defop If true this is a variable created with the DEFINE construct, otherwise template variable + * @return string Code to access variable + */ + private function generate_block_data_ref($blockname, $include_last_iterator, $defop = false) + { + // Get an array of the blocks involved. + $blocks = explode('.', $blockname); + $blockcount = sizeof($blocks) - 1; + + // DEFINE is not an element of any referenced variable, we must use _tpldata to access it + if ($defop) + { + $varref = '$_tpldata[\'DEFINE\']'; + // Build up the string with everything but the last child. + for ($i = 0; $i < $blockcount; $i++) + { + $varref .= "['" . $blocks[$i] . "'][\$_" . $blocks[$i] . '_i]'; + } + // Add the block reference for the last child. + $varref .= "['" . $blocks[$blockcount] . "']"; + // Add the iterator for the last child if requried. + if ($include_last_iterator) + { + $varref .= '[$_' . $blocks[$blockcount] . '_i]'; + } + return $varref; + } + else if ($include_last_iterator) + { + return '$_'. $blocks[$blockcount] . '_val'; + } + else + { + return '$_'. $blocks[$blockcount - 1] . '_val[\''. $blocks[$blockcount]. '\']'; + } + } +} diff --git a/phpBB/includes/template/locator.php b/phpBB/includes/template/locator.php new file mode 100644 index 0000000000..ee9bfa7d48 --- /dev/null +++ b/phpBB/includes/template/locator.php @@ -0,0 +1,214 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + + +/** +* Template locator. Maintains mapping from template handles to source paths. +* +* Template locator is aware of template inheritance, and can return actual +* filesystem paths (i.e., the "primary" template or the "parent" template) +* depending on what files exist. +* +* @package phpBB3 +*/ +class phpbb_template_locator +{ + /** + * Paths to directories that templates are stored in. + * @var array + */ + private $roots = array(); + + /** + * Index of the main template in the roots array + * @var int + */ + private $main_root_id = 0; + + /** + * Map from root index to handles to source template file paths. + * Normally it only contains paths for handles that are used + * (or are likely to be used) by the page being rendered and not + * all templates that exist on the filesystem. + * @var array + */ + private $files = array(); + + /** + * Map from handles to source template file names. + * Covers the same data as $files property but maps to basenames + * instead of paths. + * @var array + */ + private $filenames = array(); + + /** + * Set main template location (must have been added through set_paths first). + * + * @param string $template_path Path to template directory + * @return null + */ + public function set_main_template($template) + { + $this->main_root_id = array_search($template, $this->roots, true); + } + + /** + * Sets the list of template paths + * + * These paths will be searched for template files in the provided order. + * Paths may be outside of phpBB, but templates loaded from these paths + * will still be cached. + * + * @param array $template_paths An array of paths to template directories + * @return null + */ + public function set_paths($template_paths) + { + $this->roots = array(); + $this->files = array(); + $this->filenames = array(); + $this->main_root_id = 0; + + foreach ($template_paths as $path) + { + // Make sure $path has no ending slash + if (substr($path, -1) === '/') + { + $path = substr($path, 0, -1); + } + $this->roots[] = $path; + } + } + + /** + * Sets the template filenames for handles. $filename_array + * should be a hash of handle => filename pairs. + * + * @param array $filname_array Should be a hash of handle => filename pairs. + */ + public function set_filenames(array $filename_array) + { + foreach ($filename_array as $handle => $filename) + { + if (empty($filename)) + { + trigger_error("template locator: set_filenames: Empty filename specified for $handle", E_USER_ERROR); + } + + $this->filename[$handle] = $filename; + + foreach ($this->roots as $root_index => $root) + { + $this->files[$root_index][$handle] = $root . '/' . $filename; + } + } + } + + /** + * Determines the filename for a template handle. + * + * The filename comes from array used in a set_filenames call, + * which should have been performed prior to invoking this function. + * Return value is a file basename (without path). + * + * @param $handle string Template handle + * @return string Filename corresponding to the template handle + */ + public function get_filename_for_handle($handle) + { + if (!isset($this->filename[$handle])) + { + trigger_error("template locator: get_filename_for_handle: No file specified for handle $handle", E_USER_ERROR); + } + return $this->filename[$handle]; + } + + /** + * Determines the source file path for a template handle without + * regard for template inheritance. + * + * This function returns the path in "primary" template directory + * corresponding to the given template handle. That path may or + * may not actually exist on the filesystem. Because this function + * does not perform stat calls to determine whether the path it + * returns actually exists, it is faster than get_source_file_for_handle. + * + * Use get_source_file_for_handle to obtain the actual path that is + * guaranteed to exist (which might come from the parent/fallback + * template directory if template inheritance is used). + * + * This function will trigger an error if the handle was never + * associated with a template file via set_filenames. + * + * @param $handle string Template handle + * @return string Path to source file path in primary template directory + */ + public function get_virtual_source_file_for_handle($handle) + { + // If we don't have a file assigned to this handle, die. + if (!isset($this->files[$this->main_root_id][$handle])) + { + trigger_error("template locator: No file specified for handle $handle", E_USER_ERROR); + } + + $source_file = $this->files[$this->main_root_id][$handle]; + return $source_file; + } + + /** + * Determines the source file path for a template handle, accounting + * for template inheritance and verifying that the path exists. + * + * This function returns the actual path that may be compiled for + * the specified template handle. It will trigger an error if + * the template handle was never associated with a template path + * via set_filenames or if the template file does not exist on the + * filesystem. + * + * Use get_virtual_source_file_for_handle to just resolve a template + * handle to a path without any filesystem or inheritance checks. + * + * @param string $handle Template handle (i.e. "friendly" template name) + * @return string Source file path + */ + public function get_source_file_for_handle($handle) + { + // If we don't have a file assigned to this handle, die. + if (!isset($this->files[$this->main_root_id][$handle])) + { + trigger_error("template locator: No file specified for handle $handle", E_USER_ERROR); + } + + // locate a source file that exists + $source_file = $this->files[0][$handle]; + $tried = $source_file; + for ($i = 1, $n = count($this->roots); $i < $n && !file_exists($source_file); $i++) + { + $source_file = $this->files[$i][$handle]; + $tried .= ', ' . $source_file; + } + + // search failed + if (!file_exists($source_file)) + { + trigger_error("template locator: File for handle $handle does not exist. Could not find: $tried", E_USER_ERROR); + } + + return $source_file; + } +} diff --git a/phpBB/includes/template/path_provider.php b/phpBB/includes/template/path_provider.php new file mode 100644 index 0000000000..c243d1b115 --- /dev/null +++ b/phpBB/includes/template/path_provider.php @@ -0,0 +1,102 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Provides a template locator with paths +* +* Finds installed template paths and makes them available to the locator. +* +* @package phpBB3 +*/ +class phpbb_template_path_provider implements IteratorAggregate, phpbb_template_path_provider_interface +{ + protected $main_template_name = ''; + protected $paths = array(); + + /** + * Ignores the extension dir prefix + * + * @param string $ext_dir_prefix The prefix including trailing slash + * @return null + */ + public function set_ext_dir_prefix($ext_dir_prefix) + { + } + + /** + * Overwrites the current template names and paths + * + * The first element of the passed templates map, is considered the main + * template and can be retrieved through get_main_template_path(). + * + * @param array $templates An associative map from template names to paths. + * The first element is the main template. + * If the path is false, it will be generated from + * the supplied name. + * @param string $style_root_path The root directory for styles identified + * by name only. + * @return null + */ + public function set_templates(array $templates, $style_root_path) + { + $this->paths = array(); + + foreach ($templates as $name => $path) + { + if (!$path) + { + $path = $style_root_path . $this->template_root_for_style($name); + } + + $this->paths[] = $path; + } + + $this->main_template_path = $this->paths[0]; + } + + /** + * Retrieves the path to the main template passed into set_templates() + * + * @return string Main template path + */ + public function get_main_template_path() + { + return $this->main_template_path; + } + + /** + * Converts a style name to relative (to board root or extension) path to + * the style's template files. + * + * @param $style_name string Style name + * @return string Path to style template files + */ + private function template_root_for_style($style_name) + { + return 'styles/' . $style_name . '/template'; + } + + /** + * Retrieve an iterator over all template paths + * + * @return ArrayIterator An iterator for the array of template paths + */ + public function getIterator() + { + return new ArrayIterator($this->paths); + } +} diff --git a/phpBB/includes/template/path_provider_interface.php b/phpBB/includes/template/path_provider_interface.php new file mode 100644 index 0000000000..822393a91e --- /dev/null +++ b/phpBB/includes/template/path_provider_interface.php @@ -0,0 +1,54 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Provides a template locator with paths +* +* Finds installed template paths and makes them available to the locator. +* +* @package phpBB3 +*/ +interface phpbb_template_path_provider_interface extends Traversable +{ + /** + * Defines a prefix to use for template paths in extensions + * + * @param string $ext_dir_prefix The prefix including trailing slash + * @return null + */ + public function set_ext_dir_prefix($ext_dir_prefix); + + /** + * Overwrites the current template names and paths + * + * @param array $templates An associative map from template names to paths. + * The first element is the main template. + * If the path is false, it will be generated from + * the supplied name. + * @param string $style_root_path The root directory for styles identified + * by name only. + * @return null + */ + public function set_templates(array $templates, $style_root_path); + + /** + * Retrieves the path to the main template passed into set_templates() + * + * @return string Main template path + */ + public function get_main_template_path(); +} diff --git a/phpBB/includes/template/renderer.php b/phpBB/includes/template/renderer.php new file mode 100644 index 0000000000..59c85df443 --- /dev/null +++ b/phpBB/includes/template/renderer.php @@ -0,0 +1,35 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Template renderer interface. +* +* Objects implementing this interface encapsulate a means of displaying +* a template. +* +* @package phpBB3 +*/ +interface phpbb_template_renderer +{ + /** + * Displays the template managed by this renderer. + * + * @param phpbb_template_context $context Template context to use + * @param array $lang Language entries to use + */ + public function render($context, $lang); +} diff --git a/phpBB/includes/template/renderer_eval.php b/phpBB/includes/template/renderer_eval.php new file mode 100644 index 0000000000..2c05a1c1df --- /dev/null +++ b/phpBB/includes/template/renderer_eval.php @@ -0,0 +1,60 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Template renderer that stores compiled template's php code and +* displays it via eval. +* +* @package phpBB3 +*/ +class phpbb_template_renderer_eval implements phpbb_template_renderer +{ + /** + * Template code to be eval'ed. + */ + private $code; + + /** + * Constructor. Stores provided code for future evaluation. + * Template includes are delegated to template object $template. + * + * @param string $code php code of the template + * @param phpbb_template $template template object + */ + public function __construct($code, $template) + { + $this->code = $code; + $this->template = $template; + } + + /** + * Displays the template managed by this renderer by eval'ing php code + * of the template. + * + * @param phpbb_template_context $context Template context to use + * @param array $lang Language entries to use + */ + public function render($context, $lang) + { + $_template = $this->template; + $_tpldata = &$context->get_data_ref(); + $_rootref = &$context->get_root_ref(); + $_lang = $lang; + + eval(' ?>' . $this->code . '<?php '); + } +} diff --git a/phpBB/includes/template/renderer_include.php b/phpBB/includes/template/renderer_include.php new file mode 100644 index 0000000000..40e7a3376c --- /dev/null +++ b/phpBB/includes/template/renderer_include.php @@ -0,0 +1,60 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + + +/** +* Template renderer that stores path to php file with template code +* and displays it by including the file. +* +* @package phpBB3 +*/ +class phpbb_template_renderer_include implements phpbb_template_renderer +{ + /** + * Template path to be included. + */ + private $path; + + /** + * Constructor. Stores path to the template for future inclusion. + * Template includes are delegated to template object $template. + * + * @param string $path path to the template + */ + public function __construct($path, $template) + { + $this->path = $path; + $this->template = $template; + } + + /** + * Displays the template managed by this renderer by including + * the php file containing the template. + * + * @param phpbb_template_context $context Template context to use + * @param array $lang Language entries to use + */ + public function render($context, $lang) + { + $_template = $this->template; + $_tpldata = &$context->get_data_ref(); + $_rootref = &$context->get_root_ref(); + $_lang = $lang; + + include($this->path); + } +} diff --git a/phpBB/includes/template/template.php b/phpBB/includes/template/template.php new file mode 100644 index 0000000000..228ea93513 --- /dev/null +++ b/phpBB/includes/template/template.php @@ -0,0 +1,489 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2005 phpBB Group, sections (c) 2001 ispi of Lincoln Inc +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* @todo +* IMG_ for image substitution? +* {IMG_[key]:[alt]:[type]} +* {IMG_ICON_CONTACT:CONTACT:full} -> $user->img('icon_contact', 'CONTACT', 'full'); +* +* More in-depth... +* yadayada +*/ + +/** +* Base Template class. +* @package phpBB3 +*/ +class phpbb_template +{ + /** + * @var phpbb_template_context Template context. + * Stores template data used during template rendering. + */ + private $context; + + /** + * @var string Path of the cache directory for the template + */ + public $cachepath = ''; + + /** + * @var string phpBB root path + */ + private $phpbb_root_path; + + /** + * @var phpEx PHP file extension + */ + private $phpEx; + + /** + * @var phpbb_config phpBB config instance + */ + private $config; + + /** + * @var user current user + */ + private $user; + + /** + * Template locator + * @var phpbb_template_locator + */ + private $locator; + + /** + * Template path provider + * @var phpbb_template_path_provider + */ + private $provider; + + /** + * Constructor. + * + * @param string $phpbb_root_path phpBB root path + * @param user $user current user + * @param phpbb_template_locator $locator template locator + * @param phpbb_template_path_provider $provider template path provider + */ + public function __construct($phpbb_root_path, $phpEx, $config, $user, phpbb_template_locator $locator, phpbb_template_path_provider_interface $provider) + { + $this->phpbb_root_path = $phpbb_root_path; + $this->phpEx = $phpEx; + $this->config = $config; + $this->user = $user; + $this->locator = $locator; + $this->provider = $provider; + } + + /** + * Set template location based on (current) user's chosen style. + */ + public function set_template() + { + $template_name = $this->user->theme['template_path']; + $fallback_name = ($this->user->theme['template_inherits_id']) ? $this->user->theme['template_inherit_path'] : false; + + return $this->set_custom_template(false, $template_name, false, $fallback_name); + } + + /** + * Defines a prefix to use for template paths in extensions + * + * @param string $ext_dir_prefix The prefix including trailing slash + * @return null + */ + public function set_ext_dir_prefix($ext_dir_prefix) + { + $this->provider->set_ext_dir_prefix($ext_dir_prefix); + } + + /** + * Set custom template location (able to use directory outside of phpBB). + * + * Note: Templates are still compiled to phpBB's cache directory. + * + * @param string $template_path Path to template directory + * @param string $template_name Name of template + * @param string $fallback_template_path Path to fallback template + * @param string $fallback_template_name Name of fallback template + */ + public function set_custom_template($template_path, $template_name, $fallback_template_path = false, $fallback_template_name = false) + { + $templates = array($template_name => $template_path); + + if ($fallback_template_path !== false) + { + $templates[$fallback_template_name] = $fallback_template_path; + } + + $this->provider->set_templates($templates, $this->phpbb_root_path); + $this->locator->set_paths($this->provider); + $this->locator->set_main_template($this->provider->get_main_template_path()); + + $this->cachepath = $this->phpbb_root_path . 'cache/tpl_' . str_replace('_', '-', $template_name) . '_'; + + $this->context = new phpbb_template_context(); + + return true; + } + + /** + * Sets the template filenames for handles. + * + * @param array $filname_array Should be a hash of handle => filename pairs. + */ + public function set_filenames(array $filename_array) + { + $this->locator->set_filenames($filename_array); + + return true; + } + + /** + * Clears all variables and blocks assigned to this template. + */ + public function destroy() + { + $this->context->clear(); + } + + /** + * Reset/empty complete block + * + * @param string $blockname Name of block to destroy + */ + public function destroy_block_vars($blockname) + { + $this->context->destroy_block_vars($blockname); + } + + /** + * Display a template for provided handle. + * + * The template will be loaded and compiled, if necessary, first. + * + * This function calls hooks. + * + * @param string $handle Handle to display + * @return bool True on success, false on failure + */ + public function display($handle) + { + $result = $this->call_hook($handle); + if ($result !== false) + { + return $result[0]; + } + + return $this->load_and_render($handle); + } + + /** + * Loads a template for $handle, compiling it if necessary, and + * renders the template. + * + * @param string $handle Template handle to render + * @return bool True on success, false on failure + */ + private function load_and_render($handle) + { + $renderer = $this->_tpl_load($handle); + + if ($renderer) + { + $renderer->render($this->context, $this->get_lang()); + return true; + } + else + { + return false; + } + } + + /** + * Calls hook if any is defined. + * + * @param string $handle Template handle being displayed. + */ + private function call_hook($handle) + { + global $phpbb_hook; + + if (!empty($phpbb_hook) && $phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $handle, $this)) + { + if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__))) + { + $result = $phpbb_hook->hook_return_result(array(__CLASS__, __FUNCTION__)); + return array($result); + } + } + + return false; + } + + /** + * Obtains language array. + * This is either lang property of $user property, or if + * it is not set an empty array. + * @return array language entries + */ + public function get_lang() + { + if (isset($this->user->lang)) + { + $lang = $this->user->lang; + } + else + { + $lang = array(); + } + return $lang; + } + + /** + * Display the handle and assign the output to a template variable + * or return the compiled result. + * + * @param string $handle Handle to operate on + * @param string $template_var Template variable to assign compiled handle to + * @param bool $return_content If true return compiled handle, otherwise assign to $template_var + * @return bool|string false on failure, otherwise if $return_content is true return string of the compiled handle, otherwise return true + */ + public function assign_display($handle, $template_var = '', $return_content = true) + { + ob_start(); + $result = $this->display($handle); + $contents = ob_get_clean(); + if ($result === false) + { + return false; + } + + if ($return_content) + { + return $contents; + } + + $this->assign_var($template_var, $contents); + + return true; + } + + /** + * Obtains a template renderer for a template identified by specified + * handle. The template renderer can display the template later. + * + * Template source will first be compiled into php code. + * If template cache is writable the compiled php code will be stored + * on filesystem and template will not be subsequently recompiled. + * If template cache is not writable template source will be recompiled + * every time it is needed. DEBUG_EXTRA define and load_tplcompile + * configuration setting may be used to force templates to be always + * recompiled. + * + * Returns an object implementing phpbb_template_renderer, or null + * if template loading or compilation failed. Call render() on the + * renderer to display the template. This will result in template + * contents sent to the output stream (unless, of course, output + * buffering is in effect). + * + * @param string $handle Handle of the template to load + * @return phpbb_template_renderer Template renderer object, or null on failure + * @uses template_compile is used to compile template source + */ + private function _tpl_load($handle) + { + $output_file = $this->_compiled_file_for_handle($handle); + + $recompile = defined('DEBUG_EXTRA') || + !file_exists($output_file) || + @filesize($output_file) === 0; + + if ($recompile || $this->config['load_tplcompile']) + { + // Set only if a recompile or an mtime check are required. + $source_file = $this->locator->get_source_file_for_handle($handle); + + if (!$recompile && @filemtime($output_file) < @filemtime($source_file)) + { + $recompile = true; + } + } + + // Recompile page if the original template is newer, otherwise load the compiled version + if (!$recompile) + { + return new phpbb_template_renderer_include($output_file, $this); + } + + $compile = new phpbb_template_compile($this->config['tpl_allow_php']); + + if ($compile->compile_file_to_file($source_file, $output_file) !== false) + { + $renderer = new phpbb_template_renderer_include($output_file, $this); + } + else if (($code = $compile->compile_file($source_file)) !== false) + { + $renderer = new phpbb_template_renderer_eval($code, $this); + } + else + { + $renderer = null; + } + + return $renderer; + } + + /** + * Determines compiled file path for handle $handle. + * + * @param string $handle Template handle (i.e. "friendly" template name) + * @return string Compiled file path + */ + private function _compiled_file_for_handle($handle) + { + $source_file = $this->locator->get_filename_for_handle($handle); + $compiled_file = $this->cachepath . str_replace('/', '.', $source_file) . '.' . $this->phpEx; + return $compiled_file; + } + + /** + * Assign key variable pairs from an array + * + * @param array $vararray A hash of variable name => value pairs + */ + public function assign_vars(array $vararray) + { + foreach ($vararray as $key => $val) + { + $this->assign_var($key, $val); + } + } + + /** + * Assign a single variable to a single key + * + * @param string $varname Variable name + * @param string $varval Value to assign to variable + */ + public function assign_var($varname, $varval) + { + $this->context->assign_var($varname, $varval); + } + + // Docstring is copied from phpbb_template_context method with the same name. + /** + * Assign key variable pairs from an array to a specified block + * @param string $blockname Name of block to assign $vararray to + * @param array $vararray A hash of variable name => value pairs + */ + public function assign_block_vars($blockname, array $vararray) + { + return $this->context->assign_block_vars($blockname, $vararray); + } + + // Docstring is copied from phpbb_template_context method with the same name. + /** + * Change already assigned key variable pair (one-dimensional - single loop entry) + * + * An example of how to use this function: + * {@example alter_block_array.php} + * + * @param string $blockname the blockname, for example 'loop' + * @param array $vararray the var array to insert/add or merge + * @param mixed $key Key to search for + * + * array: KEY => VALUE [the key/value pair to search for within the loop to determine the correct position] + * + * int: Position [the position to change or insert at directly given] + * + * If key is false the position is set to 0 + * If key is true the position is set to the last entry + * + * @param string $mode Mode to execute (valid modes are 'insert' and 'change') + * + * If insert, the vararray is inserted at the given position (position counting from zero). + * If change, the current block gets merged with the vararray (resulting in new key/value pairs be added and existing keys be replaced by the new value). + * + * Since counting begins by zero, inserting at the last position will result in this array: array(vararray, last positioned array) + * and inserting at position 1 will result in this array: array(first positioned array, vararray, following vars) + * + * @return bool false on error, true on success + */ + public function alter_block_array($blockname, array $vararray, $key = false, $mode = 'insert') + { + return $this->context->alter_block_array($blockname, $vararray, $key, $mode); + } + + /** + * Include a separate template. + * + * This function is marked public due to the way the template + * implementation uses it. It is actually an implementation function + * and should not be considered part of template class's public API. + * + * @param string $filename Template filename to include + * @param bool $include True to include the file, false to just load it + * @uses template_compile is used to compile uncached templates + */ + public function _tpl_include($filename, $include = true) + { + $this->locator->set_filenames(array($filename => $filename)); + + if (!$this->load_and_render($filename)) + { + // trigger_error cannot be used here, as the output already started + echo 'template->_tpl_include(): Failed including ' . htmlspecialchars($handle) . "\n"; + } + } + + /** + * Include a PHP file. + * + * If a relative path is passed in $filename, it is considered to be + * relative to board root ($phpbb_root_path). Absolute paths are + * also allowed. + * + * This function is marked public due to the way the template + * implementation uses it. It is actually an implementation function + * and should not be considered part of template class's public API. + * + * @param string $filename Path to PHP file to include + */ + public function _php_include($filename) + { + if (phpbb_is_absolute($filename)) + { + $file = $filename; + } + else + { + $file = $this->phpbb_root_path . $filename; + } + + if (!file_exists($file)) + { + // trigger_error cannot be used here, as the output already started + echo 'template->_php_include(): File ' . htmlspecialchars($file) . " does not exist\n"; + return; + } + include($file); + } +} diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index c10516c769..34b0b6d879 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -98,6 +98,13 @@ class ucp_activate SET user_actkey = '' WHERE user_id = {$user_row['user_id']}"; $db->sql_query($sql); + + // Create the correct logs + add_log('user', $user_row['user_id'], 'LOG_USER_ACTIVE_USER'); + if ($auth->acl_get('a_user')) + { + add_log('admin', 'LOG_USER_ACTIVE', $user_row['username']); + } } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index 676c0a8ef0..5ac5cbf431 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -194,47 +194,43 @@ class ucp_groups if ($group_row[$group_id]['group_type'] == GROUP_FREE) { group_user_add($group_id, $user->data['user_id']); - - $email_template = 'group_added'; } else { group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); - $email_template = 'group_request'; - } + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + $messenger = new messenger(); - include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); - $messenger = new messenger(); + $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang + FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u + WHERE ug.user_id = u.user_id + AND ug.group_leader = 1 + AND ug.group_id = $group_id"; + $result = $db->sql_query($sql); - $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang - FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u - WHERE ug.user_id = u.user_id - AND ' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . " - AND ug.group_id = $group_id"; - $result = $db->sql_query($sql); + while ($row = $db->sql_fetchrow($result)) + { + $messenger->template('group_request', $row['user_lang']); - while ($row = $db->sql_fetchrow($result)) - { - $messenger->template($email_template, $row['user_lang']); + $messenger->to($row['user_email'], $row['username']); + $messenger->im($row['user_jabber'], $row['username']); - $messenger->to($row['user_email'], $row['username']); - $messenger->im($row['user_jabber'], $row['username']); + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($row['username']), + 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), + 'REQUEST_USERNAME' => $user->data['username'], - $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($row['username']), - 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), - 'REQUEST_USERNAME' => $user->data['username'], + 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", + 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") + ); - 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", - 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") - ); + $messenger->send($row['user_notify_type']); + } + $db->sql_freeresult($result); - $messenger->send($row['user_notify_type']); + $messenger->save_queue(); } - $db->sql_freeresult($result); - - $messenger->save_queue(); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']); diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index 249c8e5750..738da62158 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -57,38 +57,29 @@ class ucp_main $sql_from .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')'; $sql_select .= ', tt.mark_time'; + + $sql_from .= ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.forum_id = t.forum_id + AND ft.user_id = ' . $user->data['user_id'] . ')'; + $sql_select .= ', ft.mark_time AS forum_mark_time'; } $topic_type = $user->lang['VIEW_TOPIC_GLOBAL']; $folder = 'global_read'; $folder_new = 'global_unread'; - // Get cleaned up list... return only those forums not having the f_read permission - $forum_ary = $auth->acl_getf('!f_read', true); + // Get cleaned up list... return only those forums having the f_read permission + $forum_ary = $auth->acl_getf('f_read', true); $forum_ary = array_unique(array_keys($forum_ary)); - // Determine first forum the user is able to read into - for global announcement link - $sql = 'SELECT forum_id - FROM ' . FORUMS_TABLE . ' - WHERE forum_type = ' . FORUM_POST; - - if (sizeof($forum_ary)) - { - $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); - } - $result = $db->sql_query_limit($sql, 1); - $g_forum_id = (int) $db->sql_fetchfield('forum_id'); - $db->sql_freeresult($result); - $sql = "SELECT t.* $sql_select FROM $sql_from - WHERE t.forum_id = 0 - AND t.topic_type = " . POST_GLOBAL . ' + WHERE t.topic_type = " . POST_GLOBAL . ' + AND ' . $db->sql_in_set('t.forum_id', $forum_ary) . ' ORDER BY t.topic_last_post_time DESC'; $topic_list = $rowset = array(); // If the user can't see any forums, he can't read any posts because fid of 0 is invalid - if ($g_forum_id) + if (!empty($forum_ary)) { $result = $db->sql_query($sql); @@ -100,15 +91,34 @@ class ucp_main $db->sql_freeresult($result); } - $topic_tracking_info = array(); + $topic_forum_list = array(); + foreach ($rowset as $t_id => $row) + { + if (isset($forum_tracking_info[$row['forum_id']])) + { + $row['forum_mark_time'] = $forum_tracking_info[$row['forum_id']]; + } + + $topic_forum_list[$row['forum_id']]['forum_mark_time'] = ($config['load_db_lastread'] && $user->data['is_registered'] && isset($row['forum_mark_time'])) ? $row['forum_mark_time'] : 0; + $topic_forum_list[$row['forum_id']]['topics'][] = (int) $t_id; + } + + $topic_tracking_info = $tracking_topics = array(); if ($config['load_db_lastread']) { - $topic_tracking_info = get_topic_tracking(0, $topic_list, $rowset, false, $topic_list); + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time'])); + } } else { - $topic_tracking_info = get_complete_topic_tracking(0, $topic_list, $topic_list); + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics']); + } } + unset($topic_forum_list); foreach ($topic_list as $topic_id) { @@ -151,17 +161,16 @@ class ucp_main 'TOPIC_IMG_STYLE' => $folder_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', '') : '', 'S_USER_POSTED' => (!empty($row['topic_posted']) && $row['topic_posted']) ? true : false, 'S_UNREAD' => $unread_topic, 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), - 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], + 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), - 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&view=unread") . '#unread', - 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id")) + 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&view=unread") . '#unread', + 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id")) ); } @@ -338,7 +347,6 @@ class ucp_main 'FORUM_ID' => $forum_id, 'FORUM_IMG_STYLE' => $folder_image, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), - 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], @@ -750,14 +758,14 @@ class ucp_main { foreach ($topic_forum_list as $f_id => $topic_row) { - $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time']), ($f_id == 0) ? $global_announce_list : false); + $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time'])); } } else { foreach ($topic_forum_list as $f_id => $topic_row) { - $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics'], $global_announce_list); + $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics']); } } @@ -805,9 +813,8 @@ class ucp_main 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'S_DELETED_TOPIC' => (!$row['topic_id']) ? true : false, - 'S_GLOBAL_TOPIC' => (!$forum_id) ? true : false, - 'PAGINATION' => topic_generate_pagination($replies, append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . (($row['forum_id']) ? $row['forum_id'] : $forum_id) . "&t=$topic_id")), + 'PAGINATION' => topic_generate_pagination($replies, append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . "&t=$topic_id")), 'REPLIES' => $replies, 'VIEWS' => $row['topic_views'], 'TOPIC_TITLE' => censor_text($row['topic_title']), @@ -816,7 +823,6 @@ class ucp_main 'TOPIC_IMG_STYLE' => $folder_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'TOPIC_FOLDER_IMG_ALT' => $user->lang[$folder_alt], 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', 'TOPIC_ICON_IMG_WIDTH' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '', diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 84fa9b18dc..0691f3158c 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -115,7 +115,7 @@ class ucp_pm case 'compose': $action = request_var('action', 'post'); - get_folder($user->data['user_id']); + $user_folders = get_folder($user->data['user_id']); if (!$auth->acl_get('u_sendpm')) { @@ -130,7 +130,7 @@ class ucp_pm } include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx); - compose_pm($id, $mode, $action); + compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; @@ -243,7 +243,7 @@ class ucp_pm $num_not_moved = $num_removed = 0; $release = request_var('release', 0); - if ($user->data['user_new_privmsg'] && $action == 'view_folder') + if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) { $return = place_pm_into_folder($global_privmsgs_rules, $release); $num_not_moved = $return['not_moved']; diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 07aa25d67b..92297c1490 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -20,7 +20,7 @@ if (!defined('IN_PHPBB')) * Compose private message * Called from ucp_pm with mode == 'compose' */ -function compose_pm($id, $mode, $action) +function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user; global $phpbb_root_path, $phpEx, $config; @@ -130,6 +130,7 @@ function compose_pm($id, $mode, $action) } $sql = ''; + $folder_id = 0; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. @@ -393,7 +394,7 @@ function compose_pm($id, $mode, $action) unset($message_text); $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); - $s_action .= ($msg_id) ? "&p=$msg_id" : ''; + $s_action .= (($folder_id) ? "&f=$folder_id" : '') . (($msg_id) ? "&p=$msg_id" : ''); // Delete triggered ? if ($action == 'delete') @@ -736,10 +737,30 @@ function compose_pm($id, $mode, $action) $msg_id = submit_pm($action, $subject, $pm_data); $return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id); - $return_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); - meta_refresh(3, $return_message_url); + $inbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'); + $outbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); + + $folder_url = ''; + if (($folder_id > 0) && isset($user_folders[$folder_id])) + { + $folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=' . $folder_id); + } + + $return_box_url = ($action === 'post' || $action === 'edit') ? $outbox_folder_url : $inbox_folder_url; + $return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX'; + - $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $user->lang['PM_OUTBOX']); + $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>'); + + $last_click_type = 'CLICK_RETURN_FOLDER'; + if ($folder_url) + { + $message .= '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $folder_url . '">', '</a>', $user_folders[$folder_id]['folder_name']); + $last_click_type = 'CLICK_GOTO_FOLDER'; + } + $message .= '<br /><br />' . sprintf($user->lang[$last_click_type], '<a href="' . $return_box_url . '">', '</a>', $user->lang[$return_box_lang]); + + meta_refresh(3, $return_message_url); trigger_error($message); } diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index 1758bb5eb1..c74574f361 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -166,7 +166,6 @@ function view_folder($id, $mode, $folder_id, $folder) 'PM_ICON_URL' => (!empty($icons[$row['icon_id']])) ? $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] : '', 'FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'FOLDER_IMG_STYLE' => $folder_img, - 'FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index bee2ea95dd..0458ff6579 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -22,7 +22,7 @@ if (!defined('IN_PHPBB')) function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) { global $user, $template, $auth, $db, $cache; - global $phpbb_root_path, $phpEx, $config; + global $phpbb_root_path, $request, $phpEx, $config; $user->add_lang(array('viewtopic', 'memberlist')); @@ -59,6 +59,18 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $bbcode = new bbcode($message_row['bbcode_bitfield']); } + // Load the custom profile fields + if ($config['load_cpf_pm']) + { + if (!class_exists('custom_profile')) + { + include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); + } + $cp = new custom_profile(); + + $profile_fields = $cp->generate_profile_fields_template('grab', $author_id); + } + // Assign TO/BCC Addresses to template write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id); @@ -174,6 +186,25 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; + // Get the profile fields template data + $cp_row = array(); + if ($config['load_cpf_pm'] && isset($profile_fields[$author_id])) + { + // Filter the fields we don't want to show + foreach ($profile_fields[$author_id] as $used_ident => $profile_field) + { + if (!$profile_field['data']['field_show_on_pm']) + { + unset($profile_fields[$author_id][$used_ident]); + } + } + + if (isset($profile_fields[$author_id])) + { + $cp_row = $cp->generate_profile_fields_template('show', false, $profile_fields[$author_id]); + } + } + $template->assign_vars(array( 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), @@ -208,7 +239,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id) : '', 'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '', - 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($user_info['user_icq']) : '', + 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/' . urlencode($user_info['user_icq']) . '/' : '', 'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $author_id) : '', 'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', 'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $author_id) : '', @@ -232,11 +263,23 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, + 'S_CUSTOM_FIELDS' => (!empty($cp_row['row'])) ? true : false, 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '', 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '') ); + // Display the custom profile fields + if (!empty($cp_row['row'])) + { + $template->assign_vars($cp_row['row']); + + foreach ($cp_row['blockrow'] as $cp_block_row) + { + $template->assign_block_vars('custom_fields', $cp_block_row); + } + } + // Display not already displayed Attachments for this post, we already parsed them. ;) if (isset($attachments) && sizeof($attachments)) { diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index b1f96356d5..51262c2289 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -65,7 +65,7 @@ class ucp_prefs $error = validate_data($data, array( 'dateformat' => array('string', false, 1, 30), - 'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'), + 'lang' => array('language_iso_name'), 'tz' => array('num', false, -14, 14), )); diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 4572dfd25d..6cbb539824 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -79,14 +79,14 @@ class ucp_profile $error = validate_data($data, $check_ary); - if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) + if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) { - $error[] = 'NEW_PASSWORD_ERROR'; + $error[] = ($data['email_confirm']) ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY'; } - if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && !phpbb_check_hash($data['cur_password'], $user->data['user_password'])) + if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) { - $error[] = 'CUR_PASSWORD_ERROR'; + $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY'; } // Only check the new password against the previous password if there have been no errors @@ -95,9 +95,9 @@ class ucp_profile $error[] = 'SAME_PASSWORD_ERROR'; } - if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) + if (!phpbb_check_hash($data['cur_password'], $user->data['user_password'])) { - $error[] = 'NEW_EMAIL_ERROR'; + $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY'; } if (!check_form_key('ucp_reg_details')) diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index eaad4a7093..3781fc6b1c 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -57,7 +57,7 @@ class ucp_register { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang); - if (file_exists($user->lang_path . $use_lang . '/')) + if (!validate_language_iso_name($use_lang)) { if ($change_lang) { @@ -156,13 +156,12 @@ class ucp_register $this->tpl_name = 'ucp_agreement'; return; } - - - // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. + + // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); - $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } @@ -211,7 +210,7 @@ class ucp_register array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), - 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), + 'lang' => array('language_iso_name'), )); if (!check_form_key('ucp_register')) diff --git a/phpBB/includes/utf/utf_tools.php b/phpBB/includes/utf/utf_tools.php index cac5b4e744..65d40c0fd3 100644 --- a/phpBB/includes/utf/utf_tools.php +++ b/phpBB/includes/utf/utf_tools.php @@ -1712,49 +1712,106 @@ function utf8_case_fold_nfc($text, $option = 'full') return $text; } -/** -* A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings -* to be in NFC (Normalization Form Composition). -* -* @param mixed $strings a string or an array of strings to normalize -* @return mixed the normalized content, preserving array keys if array given. -*/ -function utf8_normalize_nfc($strings) +if (extension_loaded('intl')) { - if (empty($strings)) + /** + * wrapper around PHP's native normalizer from intl + * previously a PECL extension, included in the core since PHP 5.3.0 + * http://php.net/manual/en/normalizer.normalize.php + * + * @param mixed $strings a string or an array of strings to normalize + * @return mixed the normalized content, preserving array keys if array given. + */ + function utf8_normalize_nfc($strings) { - return $strings; - } + if (empty($strings)) + { + return $strings; + } - if (!class_exists('utf_normalizer')) - { - global $phpbb_root_path, $phpEx; - include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx); - } + if (!is_array($strings)) + { + if (Normalizer::isNormalized($strings)) + { + return $strings; + } + return (string) Normalizer::normalize($strings); + } + else + { + foreach ($strings as $key => $string) + { + if (is_array($string)) + { + foreach ($string as $_key => $_string) + { + if (Normalizer::isNormalized($strings[$key][$_key])) + { + continue; + } + $strings[$key][$_key] = (string) Normalizer::normalize($strings[$key][$_key]); + } + } + else + { + if (Normalizer::isNormalized($strings[$key])) + { + continue; + } + $strings[$key] = (string) Normalizer::normalize($strings[$key]); + } + } + } - if (!is_array($strings)) - { - utf_normalizer::nfc($strings); + return $strings; } - else if (is_array($strings)) +} +else +{ + /** + * A wrapper function for the normalizer which takes care of including the class if + * required and modifies the passed strings to be in NFC (Normalization Form Composition). + * + * @param mixed $strings a string or an array of strings to normalize + * @return mixed the normalized content, preserving array keys if array given. + */ + function utf8_normalize_nfc($strings) { - foreach ($strings as $key => $string) + if (empty($strings)) { - if (is_array($string)) + return $strings; + } + + if (!class_exists('utf_normalizer')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx); + } + + if (!is_array($strings)) + { + utf_normalizer::nfc($strings); + } + else if (is_array($strings)) + { + foreach ($strings as $key => $string) { - foreach ($string as $_key => $_string) + if (is_array($string)) { - utf_normalizer::nfc($strings[$key][$_key]); + foreach ($string as $_key => $_string) + { + utf_normalizer::nfc($strings[$key][$_key]); + } + } + else + { + utf_normalizer::nfc($strings[$key]); } - } - else - { - utf_normalizer::nfc($strings[$key]); } } - } - return $strings; + return $strings; + } } /** |