diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_attachments.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 6 | ||||
| -rwxr-xr-x | phpBB/includes/acp/acp_inactive.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_jabber.php | 9 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_permissions.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_prune.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 73 | ||||
| -rw-r--r-- | phpBB/includes/auth.php | 27 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/db/mysql.php | 10 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 13 | ||||
| -rw-r--r-- | phpBB/includes/functions_jabber.php | 857 | ||||
| -rw-r--r-- | phpBB/includes/functions_messenger.php | 25 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 145 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 54 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_activate.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_profile.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_register.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_resend.php | 4 |
21 files changed, 773 insertions, 500 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 91d7c024f3..74373af86b 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -89,7 +89,7 @@ class acp_attachments 'legend1' => 'ACP_ATTACHMENT_SETTINGS', 'allow_attachments' => array('lang' => 'ALLOW_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), - 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'path', 'type' => 'text:25:100', 'explain' => true), + 'upload_path' => array('lang' => 'UPLOAD_DIR', 'validate' => 'wpath', 'type' => 'text:25:100', 'explain' => true), 'display_order' => array('lang' => 'DISPLAY_ORDER', 'validate' => 'bool', 'type' => 'custom', 'method' => 'display_order', 'explain' => true), 'attachment_quota' => array('lang' => 'ATTACH_QUOTA', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), 'max_filesize' => array('lang' => 'ATTACH_MAX_FILESIZE', 'validate' => 'int', 'type' => 'custom', 'method' => 'max_filesize', 'explain' => true), diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index b968b9bf56..8dbf70ccb1 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -27,7 +27,7 @@ class acp_board $action = request_var('action', ''); $submit = (isset($_POST['submit'])) ? true : false; - // Validation types are: string, int, bool, rpath, path + // Validation types are: string, int, bool, rpath (relative), rwpath (realtive, writeable), path (relative path, but able to escape the root), wpath (writeable) switch ($mode) { case 'settings': @@ -93,7 +93,7 @@ class acp_board 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int', 'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 'avatar_min' => array('lang' => 'MIN_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), 'avatar_max' => array('lang' => 'MAX_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true), - 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), + 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rwpath', 'type' => 'text:20:255', 'explain' => true), 'avatar_gallery_path' => array('lang' => 'AVATAR_GALLERY_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true) ) ); @@ -279,7 +279,7 @@ class acp_board 'legend2' => 'PATH_SETTINGS', 'smilies_path' => array('lang' => 'SMILIES_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'icons_path' => array('lang' => 'ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), - 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'path', 'type' => 'text:20:255', 'explain' => true), + 'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'ranks_path' => array('lang' => 'RANKS_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 'legend3' => 'SERVER_URL_SETTINGS', diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index 05db9fa95b..9a26a3595d 100755 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -58,16 +58,7 @@ class acp_inactive if ($action == 'activate') { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - - foreach ($mark as $user_id) - { - user_active_flip($user_id, USER_INACTIVE); - } - - set_config('num_users', $config['num_users'] + sizeof($mark), true); - - // Update latest username - update_last_username(); + user_active_flip('activate', $mark); } else if ($action == 'delete') { diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index b55ac27fea..afb2ba329a 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -44,16 +44,9 @@ class acp_jabber $jab_resource = request_var('jab_resource', $config['jab_resource']); $jab_package_size = request_var('jab_package_size', $config['jab_package_size']); - $jabber = new jabber(); + $jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_resource); $error = array(); - // Setup the basis vars for jabber connection - $jabber->server = $jab_host; - $jabber->port = ($jab_port) ? $jab_port : 5222; - $jabber->username = $jab_username; - $jabber->password = $jab_password; - $jabber->resource = $jab_resource; - $message = $user->lang['JAB_SETTINGS_CHANGED']; $log = 'JAB_SETTINGS_CHANGED'; diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 36eac665c2..f9f08ee694 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -70,7 +70,7 @@ class acp_permissions if ($select_all_groups) { // Add default groups to selection - $sql_and = (!$config['coppa_enable']) ? " AND group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? " AND group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . ' diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 7c789e4773..8fe9e10bae 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -267,11 +267,7 @@ class acp_prune { if ($action == 'deactivate') { - foreach ($user_ids as $user_id) - { - user_active_flip($user_id, USER_NORMAL, false, false, INACTIVE_MANUAL, true); - } - + user_active_flip('deactivate', $user_ids); $l_log = 'LOG_PRUNE_USER_DEAC'; } else if ($action == 'delete') diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 06a6f3c97a..bd28662a42 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -174,7 +174,7 @@ class acp_users if (confirm_box(true)) { - user_delete($delete_type, $user_id); + user_delete($delete_type, $user_id, $user_row['username']); add_log('admin', 'LOG_USER_DELETED', $user_row['username']); trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action)); @@ -205,6 +205,11 @@ class acp_users trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + $ban = array(); switch ($action) @@ -256,6 +261,16 @@ class acp_users trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + + if ($user_row['user_type'] == USER_IGNORE) + { + trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + if ($config['email_enable']) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); @@ -267,9 +282,14 @@ class acp_users $key_len = ($key_len > 6) ? $key_len : 6; $user_actkey = substr($user_actkey, 0, $key_len); - if ($user_row['user_type'] != USER_INACTIVE) + if ($user_row['user_type'] == USER_NORMAL) { - user_active_flip($user_id, $user_row['user_type'], $user_actkey, $user_row['username'], INACTIVE_MANUAL); + user_active_flip('deactivate', $user_id, INACTIVE_REMIND); + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '" . $db->sql_escape($user_actkey) . "' + WHERE user_id = $user_id"; + $db->sql_query($sql); } $messenger = new messenger(false); @@ -311,24 +331,23 @@ class acp_users trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - user_active_flip($user_id, $user_row['user_type'], false, $user_row['username'], INACTIVE_MANUAL); - - $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; - $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; - - add_log('user', $user_id, $log . '_USER'); - - if ($user_row['user_type'] == USER_INACTIVE) + if ($user_row['user_type'] == USER_FOUNDER) { - set_config('num_users', $config['num_users'] + 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - else + + if ($user_row['user_type'] == USER_IGNORE) { - set_config('num_users', $config['num_users'] - 1, true); + trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - // Update latest username - update_last_username(); + user_active_flip('flip', $user_id); + + $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; + $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; + + add_log('admin', $log, $user_row['username']); + add_log('user', $user_id, $log . '_USER'); trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -783,9 +802,21 @@ class acp_users } else { - $quick_tool_ary = array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP', 'active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'), 'delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); + $quick_tool_ary = array(); + + if ($user_row['user_type'] != USER_FOUNDER) + { + $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP'); + } + + if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE) + { + $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE')); + } + + $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH'); - if ($config['email_enable']) + if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE)) { $quick_tool_ary['reactivate'] = 'FORCE'; } @@ -807,7 +838,7 @@ class acp_users 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false, - 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE) ? true : false, + 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false, 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'), 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}", @@ -1854,11 +1885,11 @@ class acp_users $s_group_options = ''; while ($row = $db->sql_fetchrow($result)) { - if (!$config['coppa_enable'] && in_array($row['group_name'], array('INACTIVE_COPPA', 'REGISTERED_COPPA'))) + if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA') { continue; } - + $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index c578881c3f..5e927ce439 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -714,7 +714,7 @@ class auth $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($username) . "'"; + WHERE LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -738,11 +738,36 @@ class auth // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { + $old_session_id = $user->session_id; + + if ($admin) + { + global $SID, $_SID; + + $cookie_expire = time() - 31536000; + $user->set_cookie('u', '', $cookie_expire); + $user->set_cookie('sid', '', $cookie_expire); + unset($cookie_expire); + + $SID = '?sid='; + $user->session_id = $_SID = ''; + } + $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); // Successful session creation if ($result === true) { + // If admin re-authentication we remove the old session entry because a new one has been created... + if ($admin) + { + // the login array is used because the user ids do not differ for re-authentication + $sql = 'DELETE FROM ' . SESSIONS_TABLE . " + WHERE session_id = '" . $db->sql_escape($old_session_id) . "' + AND session_user_id = {$login['user_row']['user_id']}"; + $db->sql_query($sql); + } + return array( 'status' => LOGIN_SUCCESS, 'error_msg' => false, diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 42d3c41463..0ed3ad8d84 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -27,12 +27,11 @@ define('USER_NORMAL', 0); define('USER_INACTIVE', 1); define('USER_IGNORE', 2); define('USER_FOUNDER', 3); -//define('USER_BOT', 2); -//define('USER_GUEST', 4); define('INACTIVE_REGISTER', 1); define('INACTIVE_PROFILE', 2); define('INACTIVE_MANUAL', 3); +define('INACTIVE_REMIND', 4); // ACL define('ACL_NEVER', 0); diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php index 15158bbb59..1901bd4270 100644 --- a/phpBB/includes/db/mysql.php +++ b/phpBB/includes/db/mysql.php @@ -33,6 +33,8 @@ if (!defined('SQL_LAYER')) */ class dbal_mysql extends dbal { + var $mysql_version; + /** * Connect to server * @access public @@ -51,14 +53,14 @@ class dbal_mysql extends dbal if (@mysql_select_db($this->dbname)) { // Determine what version we are using and if it natively supports UNICODE - $mysql_version = mysql_get_server_info($this->db_connect_id); + $this->mysql_version = mysql_get_server_info($this->db_connect_id); - if (version_compare($mysql_version, '4.1.3', '>=')) + if (version_compare($this->mysql_version, '4.1.3', '>=')) { define('SQL_LAYER', 'mysql4'); @mysql_query("SET NAMES 'utf8'", $this->db_connect_id); } - else if (version_compare($mysql_version, '4.0.0', '>=')) + else if (version_compare($this->mysql_version, '4.0.0', '>=')) { define('SQL_LAYER', 'mysql4'); } @@ -79,7 +81,7 @@ class dbal_mysql extends dbal */ function sql_server_info() { - return 'MySQL ' . @mysql_get_server_info($this->db_connect_id); + return 'MySQL ' . $this->mysql_version; } /** diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8ada82cffe..a5e6570116 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1913,7 +1913,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false, - 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx"), // Needs to stay index.$phpEx because we are within the admin directory + 'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index b346e09a2b..2119b86740 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -207,7 +207,7 @@ function group_select_options($group_id, $exclude_ids = false) global $db, $user, $config; $exclude_sql = ($exclude_ids !== false && sizeof($exclude_ids)) ? 'WHERE ' . $db->sql_in_set('group_id', array_map('intval', $exclude_ids), true) : ''; - $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : ''; + $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name <> 'REGISTERED_COPPA'" : ''; $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . " @@ -245,6 +245,7 @@ function get_forum_list($acl_list = 'f_list', $id_only = true, $postable_only = ORDER BY left_id ASC'; $result = $db->sql_query($sql, $expire_time); + $forum_rows = array(); while ($row = $db->sql_fetchrow($result)) { $forum_rows[] = $row; @@ -2343,7 +2344,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $sql = 'SELECT user_id, username, user_regdate, user_lastvisit, user_inactive_time, user_inactive_reason FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : '') . " + (($limit_days) ? " AND user_inactive_time >= $limit_days" : '') . " ORDER BY $sort_by"; $result = $db->sql_query_limit($sql, $limit, $offset); @@ -2363,15 +2364,19 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li case INACTIVE_MANUAL: $row['inactive_reason'] = $user->lang['INACTIVE_REASON_MANUAL']; break; + + case INACTIVE_REMIND: + $row['inactive_reason'] = $user->lang['INACTIVE_REASON_REMIND']; + break; } $users[] = $row; } - $sql = 'SELECT count(user_id) AS user_count + $sql = 'SELECT COUNT(user_id) AS user_count FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . - (($limit_days) ? "AND user_inactive_time >= $limit_days" : ''); + (($limit_days) ? " AND user_inactive_time >= $limit_days" : ''); $result = $db->sql_query($sql); $user_count = (int) $db->sql_fetchfield('user_count'); $db->sql_freeresult($result); diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 9efe17dc6b..1bdeb6eb40 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -3,23 +3,24 @@ * * @package phpBB3 * @version $Id$ -* @copyright (c) 2005 phpBB Group +* @copyright (c) 2006 phpBB Group * @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** * -* Class.Jabber.PHP v0.4 -* (c) 2002 Carlo "Gossip" Zottmann -* http://phpjabber.g-blog.net *** gossip@jabber.g-blog.net +* Class.Jabber.PHP v0.4.2 +* (c) 2004 Nathan "Fritzy" Fritz +* http://cjphp.netflint.net *** fritzy@netflint.net * -* The FULL documentation and examples for this software can be found at -* http://phpjabber.g-blog.net (not many doc comments in here, sorry) +* This is a bugfix version, specifically for those who can't get +* 0.4 to work on Jabberd2 servers. * -* last modified: 27.04.2003 13:01:53 CET -* -* Modified by members of the phpBB Group +* last modified: 24.03.2004 13:01:53 +* +* Modified by phpBB Development Team +* version: v0.4.3a * * @package phpBB3 */ @@ -36,13 +37,14 @@ class jabber var $delay_disconnect; var $stream_id; - var $roster; + + var $enable_logging; + var $log_array; var $iq_sleep_timer; var $last_ping_time; var $packet_queue; - var $subscription_queue; var $iq_version_name; var $iq_version_os; @@ -60,17 +62,24 @@ class jabber /** * Constructor */ - function jabber() + function jabber($server, $port, $username, $password, $resource) { - $this->port = '5222'; - $this->resource = NULL; - $this->packet_queue = $this->subscription_queue = array(); + $this->server = ($server) ? $server : 'localhost'; + $this->port = ($port) ? $port : '5222'; + $this->username = $username; + $this->password = $password; + $this->resource = ($resource) ? $resource : NULL; + + $this->enable_logging = true; + $this->log_array = array(); + + $this->packet_queue = array(); $this->iq_sleep_timer = $this->delay_disconnect = 1; $this->returned_keep_alive = true; $this->txnid = 0; - $this->iq_version_name = "Class.Jabber.PHP -- http://phpjabber.g-blog.net -- by Carlo 'Gossip' Zottmann, gossip@jabber.g-blog.net"; + $this->iq_version_name = "Class.Jabber.PHP -- http://cjphp.netflint.net -- by Nathan 'Fritzy' Fritz, fritz@netflint.net"; $this->iq_version_version = '0.4'; $this->iq_version_os = $_SERVER['SERVER_SOFTWARE']; @@ -104,7 +113,7 @@ class jabber if ($this->connector->open_socket($this->server, $this->port)) { $this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n"); - $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'>\n"); + $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"); sleep(2); @@ -115,11 +124,13 @@ class jabber } else { + $this->add_to_log('ERROR: connect() #1'); return false; } } else { + $this->add_to_log('ERROR: connect() #2'); return false; } } @@ -139,55 +150,12 @@ class jabber } /** - * Cruise Control - */ - function cruise_control($seconds = -1) - { - $count = 0; - - while ($count != $seconds) - { - $this->listen(); - - do - { - $packet = $this->get_first_from_queue(); - - if ($packet) - { - $this->call_handler($packet); - } - } - while (sizeof($this->packet_queue) > 1); - - $count += 0.25; - usleep(250000); - - if ($this->last_ping_time != date('H:i')) - { - // Modified by Nathan Fritz - if ($this->returned_keep_alive == false) - { - $this->connected = false; - //EVENT: Disconnected - } - - $this->returned_keep_alive = false; - $this->keep_alive_id = 'keep_alive_' . time(); - $this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control'); - $this->last_ping_time = date('H:i'); - } - } - - return true; - } - - /** * Send authentication request */ function send_auth() { $this->auth_id = 'auth_' . md5(time() . $_SERVER['REMOTE_ADDR']); + $this->resource = ($this->resource != NULL) ? $this->resource : ('Class.Jabber.PHP ' . md5($this->auth_id)); $this->jid = "{$this->username}@{$this->server}/{$this->resource}"; // request available authentication methods @@ -197,6 +165,7 @@ class jabber // was a result returned? if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) { + // yes, now check for auth method availability in descending order (best to worst) if (isset($packet['iq']['#']['query'][0]['#']['sequence'][0]['#']) && isset($packet['iq']['#']['query'][0]['#']['token'][0]['#'])) { // auth_0k @@ -212,10 +181,16 @@ class jabber // plain text return $this->_sendauth_plaintext(); } + else + { + $this->add_to_log('ERROR: send_auth() #2 - No auth method available!'); + return false; + } } else { // no result returned + $this->add_to_log('ERROR: send_auth() #1'); return false; } } @@ -319,86 +294,15 @@ class jabber { $xml = trim($xml); - return ($this->connector->write_to_socket($xml)) ? true : false; - } - - /** - * get the transport registration fields - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration_details($transport) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) + if ($this->connector->write_to_socket($xml)) { - $res = array(); - - foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) - { - if ($element != 'instructions' && $element != 'key') - { - $res[] = $element; - } - } - - return $res; - } - else - { - return 3; - } - } - - /** - * register with the transport - * method written by Steve Blinch, http://www.blitzaffe.com - */ - function transport_registration($transport, $details) - { - $this->txnid++; - $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid); - - if ($packet) - { - // just in case a key was passed back from the server - $key = $this->get_info_from_iq_key($packet); - unset($packet); - - $payload = ($key) ? "<key>$key</key>\n" : ''; - foreach ($details as $element => $value) - { - $payload .= "<$element>$value</$element>\n"; - } - - $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", "jabber:iq:register", $payload); - - if ($this->get_info_from_iq_type($packet) == 'result') - { - if (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) - { - $return_code = 1; - } - else - { - $return_code = 2; - } - } - else if ($this->get_info_from_iq_type($packet) == 'error') - { - if (isset($packet['iq']['#']['error'][0]['#'])) - { - $return_code = "Error " . $packet['iq']['#']['error'][0]['@']['code'] . ": " . $packet['iq']['#']['error'][0]['#']; - // ERROR: TransportRegistration() - } - } - - return $return_code; + $this->add_to_log('SEND: ' . $xml); + return true; } else { - return 3; + $this->add_to_log('ERROR: send_packet() #1'); + return false; } } @@ -418,11 +322,12 @@ class jabber if ($incoming != '') { + $this->add_to_log('RECV: ' . $incoming); $temp = $this->_split_incoming($incoming); - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) + for ($i = 0, $size = sizeof($temp); $i < $size; $i++) { - $this->packet_queue[] = $this->xmlize($temp[$a]); + $this->packet_queue[] = $this->xmlize($temp[$i]); } } @@ -454,12 +359,12 @@ class jabber $xml = "<message to='$to' type='$type' id='$id'>\n"; - if (isset($content['subject']) && $content['subject']) + if (!empty($content['subject'])) { $xml .= '<subject>' . $content['subject'] . "</subject>\n"; } - if (isset($content['thread']) && $content['thread']) + if (!empty($content['thread'])) { $xml .= '<thread>' . $content['thread'] . "</thread>\n"; } @@ -468,10 +373,18 @@ class jabber $xml .= $payload; $xml .= "</message>\n"; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_message() #1'); + } } else { + $this->add_to_log('ERROR: send_message() #2'); return false; } } @@ -492,7 +405,15 @@ class jabber $xml .= ($status || $show || $priority) ? "</presence>\n" : ''; - return ($this->send_packet($xml)) ? true : false; + if ($this->send_packet($xml)) + { + return true; + } + else + { + $this->add_to_log('ERROR: send_presence() #1'); + return false; + } } /** @@ -579,11 +500,63 @@ class jabber else { $this->handler_not_implemented($packet); + $this->add_to_log("ERROR: call_handler() #1 - neither method nor function $funcmeth() available"); } } } /** + * Cruise Control + */ + function cruise_control($seconds = -1) + { + $count = 0; + + while ($count != $seconds) + { + $this->listen(); + + do + { + $packet = $this->get_first_from_queue(); + + if ($packet) + { + $this->call_handler($packet); + } + } + while (sizeof($this->packet_queue) > 1); + + $count += 0.25; + usleep(250000); + + if (($this->last_ping_time + 180) < time()) + { + // Modified by Nathan Fritz + if ($this->returned_keep_alive == false) + { + $this->connected = false; + $this->add_to_log('EVENT: Disconnected'); + } + + if ($this->returned_keep_alive == true) + { + $this->connected = true; + } + + $this->returned_keep_alive = false; + + $this->keep_alive_id = 'keep_alive_' . time(); + // $this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control'); + $this->send_packet("<iq type='get' from='{$this->username}@{$this->server}/{$this->resource}' to='{$this->server}' id='{$this->keep_alive_id}'><query xmlns='jabber:iq:time' /></iq>"); + $this->last_ping_time = time(); + } + } + + return true; + } + + /** * Send iq */ function send_iq($to = NULL, $type = 'get', $id = NULL, $xmlns = NULL, $payload = NULL, $from = NULL) @@ -592,12 +565,13 @@ class jabber { unset($type); + $this->add_to_log("ERROR: send_iq() #2 - type must be 'get', 'set', 'result' or 'error'"); return false; } else if ($id && $xmlns) { $xml = "<iq type='$type' id='$id'"; - $xml .= ($to) ? " to='$to'" : ''; + $xml .= ($to) ? " to='" . htmlspecialchars($to) . "'" : ''; $xml .= ($from) ? " from='$from'" : ''; $xml .= "> <query xmlns='$xmlns'> @@ -613,10 +587,109 @@ class jabber } else { + $this->add_to_log('ERROR: send_iq() #1 - to, id and xmlns are mandatory'); return false; } } + /** + * get the transport registration fields + * method written by Steve Blinch, http://www.blitzaffe.com + */ + function transport_registration_details($transport) + { + $this->txnid++; + $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid); + + if ($packet) + { + $res = array(); + + foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data) + { + if ($element != 'instructions' && $element != 'key') + { + $res[] = $element; + } + } + + return $res; + } + else + { + return 3; + } + } + + /** + * register with the transport + * method written by Steve Blinch, http://www.blitzaffe.com + */ + function transport_registration($transport, $details) + { + $this->txnid++; + $packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid); + + if ($packet) + { + // just in case a key was passed back from the server + $key = $this->get_info_from_iq_key($packet); + unset($packet); + + $payload = ($key) ? "<key>$key</key>\n" : ''; + foreach ($details as $element => $value) + { + $payload .= "<$element>$value</$element>\n"; + } + + $packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", 'jabber:iq:register', $payload); + + if ($this->get_info_from_iq_type($packet) == 'result') + { + $return_code = (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) ? 1 : 2; + } + else if ($this->get_info_from_iq_type($packet) == 'error') + { + if (isset($packet['iq']['#']['error'][0]['#'])) + { + $return_code = 'Error ' . $packet['iq']['#']['error'][0]['@']['code'] . ': ' . $packet['iq']['#']['error'][0]['#']; + $this->add_to_log('ERROR: transport_registration()'); + } + } + + return $return_code; + } + else + { + return 3; + } + } + + /** + * Return log + */ + function get_log() + { + if ($this->enable_logging && sizeof($this->log_array)) + { + return implode("\n\n", $this->log_array); + } + + return ''; + } + + /** + * Add information to log + */ + function add_to_log($string) + { + if ($this->enable_logging) + { + $this->log_array[] = htmlspecialchars($string); + } + } + + // ====================================================================== // private methods // ====================================================================== @@ -634,7 +707,7 @@ class jabber $zerok_hash = sha1($zerok_hash . $zerok_token); // repeat as often as needed - for ($a = 0; $a < $zerok_sequence; $a++) + for ($i = 0; $i < $zerok_sequence; $i++) { $zerok_hash = sha1($zerok_hash); } @@ -646,7 +719,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_ok() #1'); + return false; + } } /** @@ -662,7 +743,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_digest() #1'); + return false; + } } /** @@ -678,7 +767,15 @@ class jabber $packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload); // was a result returned? - return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false; + if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) + { + return true; + } + else + { + $this->add_to_log('ERROR: _sendauth_plaintext() #1'); + return false; + } } /** @@ -695,6 +792,12 @@ class jabber } $incoming = trim($incoming); + + if ($incoming != '') + { + $this->add_to_log('RECV: ' . $incoming); + } + return $this->xmlize($incoming); } @@ -708,40 +811,82 @@ class jabber if (is_array($incoming_array)) { - if ($incoming_array['stream:stream']['@']['from'] == $this->server - && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' - && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') + if ($incoming_array['stream:stream']['@']['from'] == $this->server && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams') { $this->stream_id = $incoming_array['stream:stream']['@']['id']; - return true; + if ($incoming_array['stream:stream']['#']['stream:features'][0]['#']['starttls'][0]['@']['xmlns'] == 'urn:ietf:params:xml:ns:xmpp-tls') + { + return $this->_starttls(); + } + else + { + return true; + } } else { + $this->add_to_log('ERROR: _check_connected() #1'); return false; } } else { + $this->add_to_log('ERROR: _check_connected() #2'); return false; } } /** - * Split incoming packet + * Start TLS/SSL session if supported (PHP5.1) * @access private */ - function _split_incoming($incoming) + function _starttls() { - $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); - $array = array(); + if (!function_exists('stream_socket_enable_crypto') || !function_exists('stream_get_meta_data') || !function_exists('socket_set_blocking')) + { + $this->add_to_log('WARNING: TLS is not available'); + return true; + } - for ($a = 1; $a < sizeof($temp); $a = $a + 2) + $this->send_packet("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\n"); + sleep(2); + $incoming_array = $this->_listen_incoming(); + + if (!is_array($incoming_array)) { - $array[] = '<' . $temp[$a] . $temp[($a + 1)]; + $this->add_to_log('ERROR: _starttls() #1'); + return false; } - return $array; + if ($incoming_array['proceed']['@']['xmlns'] != 'urn:ietf:params:xml:ns:xmpp-tls') + { + $this->add_to_log('ERROR: _starttls() #2'); + return false; + } + + $meta = stream_get_meta_data($this->connector->active_socket); + socket_set_blocking($this->connector->active_socket, 1); + + if (!stream_socket_enable_crypto($this->connector->active_socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) + { + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + $this->add_to_log('ERROR: _starttls() #3'); + return false; + } + socket_set_blocking($this->connector->active_socket, $meta['blocked']); + + $this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n"); + $this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n"); + sleep(2); + + if (!$this->_check_connected()) + { + $this->add_to_log('ERROR: _starttls() #4'); + return false; + } + + return true; } /** @@ -760,6 +905,23 @@ class jabber } /** + * Split incoming packet + * @access private + */ + function _split_incoming($incoming) + { + $temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE); + $array = array(); + + for ($i = 1, $size = sizeof($temp); $i < $size; $i += 2) + { + $array[] = '<' . $temp[$i] . $temp[($i + 1)]; + } + + return $array; + } + + /** * Recursively prepares the strings in an array to be used in XML data. * @access private */ @@ -844,6 +1006,14 @@ class jabber } /** + * Get info from message (xmlns) + */ + function get_info_from_message_xmlns($packet = NULL) + { + return (is_array($packet)) ? $packet['message']['#']['x'] : false; + } + + /** * Get info from message (error) */ function get_info_from_message_error($packet = NULL) @@ -902,19 +1072,48 @@ class jabber // ====================================================================== /** - * return message (from) + * Message type normal */ function handler_message_normal($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type normal) from $from"); + } + + /** + * Message type chat + */ + function handler_message_chat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type chat) from $from"); + } + + /** + * Message type groupchat + */ + function handler_message_groupchat($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type groupchat) from $from"); } /** - * return error (from) + * Message type headline + */ + function handler_message_headline($packet) + { + $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type headline) from $from"); + } + + /** + * Message type error */ function handler_message_error($packet) { $from = $packet['message']['@']['from']; + $this->add_to_log("EVENT: Message (type error) from $from"); } // ====================================================================== @@ -922,6 +1121,42 @@ class jabber // ====================================================================== /** + * application version updates + */ + function handler_iq_jabber_iq_autoupdate($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:autoupdate from $from"); + } + + /** + * interactive server component properties + */ + function handler_iq_jabber_iq_agent($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agent from $from"); + } + + /** + * method to query interactive server components + */ + function handler_iq_jabber_iq_agents($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:agents from $from"); + } + + /** * simple client authentication */ function handler_iq_jabber_iq_auth($packet) @@ -930,6 +1165,31 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:auth from $from"); + } + + /** + * out of band data + */ + function handler_iq_jabber_iq_oob($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:oob from $from"); + } + + /** + * method to store private data on the server + */ + function handler_iq_jabber_iq_private($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:private from $from"); } /** @@ -941,19 +1201,89 @@ class jabber $id = $this->get_info_from_iq_id($packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:register from $from"); + } + + /** + * client roster management + */ + function handler_iq_jabber_iq_roster($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:roster from $from"); + } + + /** + * method for searching a user database + */ + function handler_iq_jabber_iq_search($packet) + { + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + + $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: jabber:iq:search from $from"); } /** - * keepalive method, added by Nathan Fritz + * method for requesting the current time */ - function handler_iq_($packet) + function handler_iq_jabber_iq_time($packet) { if ($this->keep_alive_id == $this->get_info_from_iq_id($packet)) { $this->returned_keep_alive = true; + $this->connected = true; + + $this->add_to_log('EVENT: Keep-Alive returned, connection alive.'); + } + + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'time_' . time(); + + if ($type == 'get') + { + $payload = '<utc>' . gmdate("Ydm\TH:i:s") . '</utc><tz>' . date('T') . '</tz><display>' . date("Y/d/m h:i:s A") . '</display>'; + $this->send_iq($from, 'result', $id, 'jabber:iq:time', $payload); } + + $this->add_to_log("EVENT: jabber:iq:time (type $type) from $from"); + } + + /** + */ + function handler_iq_error($packet) + { + // We'll do something with these later. This is a placeholder so that errors don't bounce back and forth. } - + + /** + * method for requesting version + */ + function handler_iq_jabber_iq_version($packet) + { + $type = $this->get_info_from_iq_type($packet); + $from = $this->get_info_from_iq_from($packet); + $id = $this->get_info_from_iq_id($packet); + $id = ($id != '') ? $id : 'version_' . time(); + + if ($type == 'get') + { + $payload = "<name>{$this->iq_version_name}</name> + <os>{$this->iq_version_os}</os> + <version>{$this->iq_version_version}</version>"; + + //$this->SendIq($from, 'result', $id, "jabber:iq:version", $payload); + } + + $this->add_to_log("EVENT: jabber:iq:version (type $type) from $from -- DISABLED"); + } + // ====================================================================== // Generic handlers // ====================================================================== @@ -968,28 +1298,34 @@ class jabber $id = call_user_func(array(&$this, 'get_info_from_' . strtolower($packet_type) . '_id'), $packet); $this->send_error($from, $id, 501); + $this->add_to_log("EVENT: Unrecognized <$packet_type/> from $from"); } + // ====================================================================== // Third party code // m@d pr0ps to the coders ;) + // ====================================================================== /** * xmlize() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ - function xmlize($data) + function xmlize($data, $skip_white = 1, $encoding = 'UTF-8') { + $data = trim($data); + $vals = $index = $array = array(); - $parser = @xml_parser_create(); - @xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); - @xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); - @xml_parse_into_struct($parser, $data, $vals, $index); - @xml_parser_free($parser); + $parser = xml_parser_create($encoding); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); + xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, $skip_white); + xml_parse_into_struct($parser, $data, $vals, $index); + xml_parser_free($parser); $i = 0; - $tagname = $vals[$i]['tag']; - $array[$tagname]['@'] = $vals[$i]['attributes']; + + $array[$tagname]['@'] = (isset($vals[$i]['attributes'])) ? $vals[$i]['attributes'] : array(); $array[$tagname]['#'] = $this->_xml_depth($vals, $i); return $array; @@ -997,47 +1333,51 @@ class jabber /** * _xml_depth() - * (c) Hans Anderson / http://www.hansanderson.com/php/xml/ + * @author Hans Anderson + * @copyright Hans Anderson / http://www.hansanderson.com/php/xml/ */ function _xml_depth($vals, &$i) { $children = array(); - if (isset($vals[$i]['value']) && $vals[$i]['value']) + if (isset($vals[$i]['value'])) { - array_push($children, trim($vals[$i]['value'])); + array_push($children, $vals[$i]['value']); } while (++$i < sizeof($vals)) { switch ($vals[$i]['type']) { - case 'cdata': - array_push($children, trim($vals[$i]['value'])); - break; + case 'open': - case 'complete': - $tagname = $vals[$i]['tag']; + $tagname = (isset($vals[$i]['tag'])) ? $vals[$i]['tag'] : ''; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? trim($vals[$i]['value']) : ''; - if (isset($vals[$i]['attributes']) && $vals[$i]['attributes']) + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; } + + $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); + break; - case 'open': + case 'cdata': + array_push($children, $vals[$i]['value']); + break; + + case 'complete': + $tagname = $vals[$i]['tag']; $size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0; - if ($vals[$i]['attributes']) + $children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? $vals[$i]['value'] : array(); + + if (isset($vals[$i]['attributes'])) { $children[$tagname][$size]['@'] = $vals[$i]['attributes']; - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); - } - else - { - $children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i); } + break; case 'close': @@ -1050,8 +1390,9 @@ class jabber } /** - * traverse_xmlize() - * (c) acebone@f2s.com, a HUGE help! + * TraverseXMLize() + * @author acebone@f2s.com + * @copyright acebone@f2s.com, a HUGE help! */ function traverse_xmlize($array, $arr_name = 'array', $level = 0) { @@ -1060,7 +1401,7 @@ class jabber echo '<pre>'; } - while (list($key, $val) = @each($array)) + foreach ($array as $key => $val) { if (is_array($val)) { @@ -1068,7 +1409,7 @@ class jabber } else { - echo '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n"; + $GLOBALS['traverse_array'][] = '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n"; } } @@ -1076,117 +1417,13 @@ class jabber { echo '</pre>'; } - } -} - -/** -* make_xml -* Currently not in use -* @package phpBB3 -class make_xml extends jabber -{ - var $nodes; - - function make_xml() - { - $nodes = array(); - } - - function add_packet_details($string, $value = NULL) - { - if (preg_match('#\(([0-9]*)\)$#i', $string)) - { - $string .= '/["#"]'; - } - - $temp = @explode('/', $string); - - for ($a = 0, $size = sizeof($temp); $a < $size; $a++) - { - $temp[$a] = preg_replace('#^[@]{1}([a-z0-9_]*)$#i', '["@"]["\1"]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)\(([0-9]*)\)$/i', '["\1"][\2]', $temp[$a]); - $temp[$a] = preg_replace('#^([a-z0-9_]*)$#i', '["\1"]', $temp[$a]); - } - - $node = implode('', $temp); - // Yeahyeahyeah, I know it's ugly... get over it. ;) - echo '$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";<br/>'; - eval('$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";'); - } - - function build_packet($array = NULL) - { - if (!$array) - { - $array = $this->nodes; - } - - if (is_array($array)) - { - array_multisort($array, SORT_ASC, SORT_STRING); - - foreach ($array as $key => $value) - { - if (is_array($value) && $key == '@') - { - foreach ($value as $subkey => $subvalue) - { - $subvalue = htmlspecialchars($subvalue); - $text .= " $subkey='$subvalue'"; - } - - $text .= ">\n"; - - } - else if ($key == '#') - { - $text .= htmlspecialchars($value); - } - else if (is_array($value)) - { - for ($a = 0, $size = sizeof($value); $a < $size; $a++) - { - $text .= "<$key"; - - if (!$this->_preg_grep_keys('#^@#', $value[$a])) - { - $text .= '>'; - } - - $text .= $this->build_packet($value[$a]); - $text .= "</$key>\n"; - } - } - else - { - $value = htmlspecialchars($value); - $text .= "<$key>$value</$key>\n"; - } - } - - return $text; - } - - return false; - } - - function _preg_grep_keys($pattern, $array) - { - foreach ($array as $key => $val) - { - if (preg_match($pattern, $key)) - { - $newarray[$key] = $val; - } - } - return (is_array($newarray)) ? $newarray : false; + return 1; } } -*/ /** -* connector +* Jabber Connector * @package phpBB3 */ class cjp_standard_connector @@ -1198,7 +1435,21 @@ class cjp_standard_connector */ function open_socket($server, $port) { - if ($this->active_socket = @fsockopen($server, $port, $err, $err2, 5)) + if (function_exists('dns_get_record')) + { + $record = dns_get_record("_xmpp-client._tcp.$server", DNS_SRV); + + if (!empty($record)) + { + $server = $record[0]['target']; + $port = $record[0]['port']; + } + } + + $errno = 0; + $errstr = ''; + + if ($this->active_socket = @fsockopen($server, $port, $errno, $errstr, 5)) { @socket_set_blocking($this->active_socket, 0); @socket_set_timeout($this->active_socket, 31536000); @@ -1233,9 +1484,7 @@ class cjp_standard_connector function read_from_socket($chunksize) { $buffer = @fread($this->active_socket, $chunksize); - - //$buffer = (STRIP) ? stripslashes($buffer) : $buffer; - //@set_magic_quotes_runtime(get_magic_quotes_gpc()); + $buffer = (STRIP) ? stripslashes($buffer) : $buffer; return $buffer; } diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 983ec7f0a5..0edf294063 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -417,13 +417,7 @@ class messenger if (!$use_queue) { include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -557,13 +551,7 @@ class queue } include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx); - $this->jabber = new jabber; - - $this->jabber->server = $config['jab_host']; - $this->jabber->port = ($config['jab_port']) ? $config['jab_port'] : 5222; - $this->jabber->username = $config['jab_username']; - $this->jabber->password = $config['jab_password']; - $this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : ''; + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']); if (!$this->jabber->connect()) { @@ -603,14 +591,19 @@ class queue $message = 'Method: [ ' . (($config['smtp_delivery']) ? 'SMTP' : 'PHP') . ' ]<br /><br />' . $err_msg . '<br /><br /><u>CALLING PAGE</u><br /><br />' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); messenger::error('EMAIL', $message); - continue 3; + continue 2; } break; case 'jabber': foreach ($addresses as $address) { - $this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)); + if ($this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)) === false) + { + $message = 'Method: [ JABBER ]<br /><br />' . $this->jabber->get_log() . '<br /><br /><u>CALLING PAGE</u><br /><br />' . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']); + messenger::error('JABBER', $message); + continue 3; + } } break; } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a24e26fe20..6e6cc1020e 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1899,7 +1899,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u trigger_error('NO_SUCH_SEARCH_MODULE'); } - require("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + require_once("{$phpbb_root_path}includes/search/$search_type.$phpEx"); $error = false; $search = new $search_type($error); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 1c05e48ae3..b8b4c6a6dd 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -141,10 +141,6 @@ function user_add($user_row, $cp_data = false) 'user_type' => $user_row['user_type'], ); - /** - * @todo user_allow_email is not used anywhere. Think about removing it. - */ - // These are the additional vars able to be specified $additional_vars = array( 'user_permissions' => '', @@ -182,7 +178,6 @@ function user_add($user_row, $cp_data = false) 'user_notify_pm' => 1, 'user_notify_type' => NOTIFY_EMAIL, 'user_allow_pm' => 1, - 'user_allow_email' => 1, 'user_allow_viewonline' => 1, 'user_allow_viewemail' => 1, 'user_allow_massemail' => 1, @@ -265,23 +260,34 @@ function user_delete($mode, $user_id, $post_username = false) switch ($mode) { case 'retain': + + if ($post_username === false) + { + $post_username = $user->lang['GUEST']; + } + $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET forum_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . ", forum_last_poster_colour = '' + SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = '' WHERE forum_last_poster_id = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . POSTS_TABLE . ' - SET poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", post_username = '" . $db->sql_escape($post_username) . "'" : '') . " + SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "' WHERE poster_id = $user_id"; $db->sql_query($sql); + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_edit_user = ' . ANONYMOUS . " + WHERE post_edit_user = $user_id"; + $db->sql_query($sql); + $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_poster = ' . ANONYMOUS . " + SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = '' WHERE topic_poster = $user_id"; $db->sql_query($sql); $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . " + SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = '' WHERE topic_last_poster_id = $user_id"; $db->sql_query($sql); break; @@ -413,99 +419,96 @@ function user_delete($mode, $user_id, $post_username = false) set_config('num_users', $config['num_users'] - 1, true); - // Adjust last post info... - - $db->sql_transaction('commit'); return false; } /** -* Flips user_type from active to inactive and vice versa, handles -* group membership updates +* Flips user_type from active to inactive and vice versa, handles group membership updates +* +* @param string $mode can be flip for flipping from active/inactive, activate or deactivate */ -function user_active_flip($user_id, $user_type, $user_actkey = false, $username = false, $reason = 0, $no_log = false) +function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) { - global $db, $user, $auth; + global $config, $db, $user; - $sql = 'SELECT group_id, group_name - FROM ' . GROUPS_TABLE . " - WHERE group_name IN ('REGISTERED', 'REGISTERED_COPPA', 'INACTIVE', 'INACTIVE_COPPA')"; - $result = $db->sql_query($sql); + $deactivated = $activated = 0; + $sql_statements = array(); - $group_id_ary = array(); - while ($row = $db->sql_fetchrow($result)) + if (!is_array($user_id_ary)) { - $group_id_ary[$row['group_name']] = $row['group_id']; + $user_id_ary = array($user_id_ary); } - $db->sql_freeresult($result); - $sql = 'SELECT group_id - FROM ' . USER_GROUP_TABLE . " - WHERE user_id = $user_id"; + if (!sizeof($user_id_ary)) + { + return; + } + + $sql = 'SELECT user_id, group_id, user_type, user_inactive_reason + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', $user_id_ary); $result = $db->sql_query($sql); - $group_name = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; while ($row = $db->sql_fetchrow($result)) { - if ($name = array_search($row['group_id'], $group_id_ary)) + $sql_ary = array(); + + if ($row['user_type'] == USER_IGNORE || $row['user_type'] == USER_FOUNDER || + ($mode == 'activate' && $row['user_type'] != USER_INACTIVE) || + ($mode == 'deactivate' && $row['user_type'] == USER_INACTIVE)) { - $group_name = $name; - break; + continue; } - } - $db->sql_freeresult($result); - - $current_group = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE'; - $switch_group = ($user_type == USER_NORMAL) ? 'INACTIVE' : 'REGISTERED'; - $new_group_id = $group_id_ary[str_replace($current_group, $switch_group, $group_name)]; + if ($row['user_type'] == USER_INACTIVE) + { + $activated++; + } + else + { + $deactivated++; - $sql = 'UPDATE ' . USER_GROUP_TABLE . " - SET group_id = $new_group_id - WHERE user_id = $user_id - AND group_id = " . $group_id_ary[$group_name]; - $db->sql_query($sql); + // Remove the users session key... + $user->reset_login_keys($row['user_id']); + } - $sql_ary = array( - 'user_type' => ($user_type == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, - 'user_inactive_time' => ($user_type == USER_NORMAL) ? time() : 0, - 'user_inactive_reason' => ($user_type == USER_NORMAL) ? $reason : 0, - ); + $sql_ary += array( + 'user_type' => ($row['user_type'] == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL, + 'user_inactive_time' => ($row['user_type'] == USER_NORMAL) ? time() : 0, + 'user_inactive_reason' => ($row['user_type'] == USER_NORMAL) ? $reason : 0, + ); - if ($user_actkey !== false) - { - $sql_ary['user_actkey'] = $user_actkey; + $sql_statements[$row['user_id']] = $sql_ary; } + $db->sql_freeresult($result); - $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - // Set the users default group from inactive to registered or registered to inactive - // only if the group id changed... - group_set_user_default($new_group_id, array($user_id)); - - $auth->acl_clear_prefetch($user_id); - - if (!$no_log) + if (sizeof($sql_statements)) { - if ($username === false) + foreach ($sql_statements as $user_id => $sql_ary) { - $sql = 'SELECT username - FROM ' . USERS_TABLE . " - WHERE user_id = $user_id"; - $result = $db->sql_query($sql); - $username = (string) $db->sql_fetchfield('username'); - $db->sql_freeresult($result); + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user_id; + $db->sql_query($sql); } - $log = ($user_type == USER_NORMAL) ? 'LOG_USER_INACTIVE' : 'LOG_USER_ACTIVE'; - add_log('admin', $log, $username); + $auth->acl_clear_prefetch(array_keys($sql_statements)); } - return false; + if ($deactivated) + { + set_config('num_users', $config['num_users'] - $deactivated, true); + } + + if ($activated) + { + set_config('num_users', $config['num_users'] + $activated, true); + } + + // Update latest username + update_last_username(); } /** diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b0237c2f3f..41708d19ab 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -127,9 +127,6 @@ class session * * @param bool $update_session_page if true the session page gets updated. * This can be set to circumvent certain scripts to update the users last visited page. - * - * @todo Introduce further user types, bot, guest - * @todo Change user_type (as above) to a bitfield? user_type & USER_FOUNDER for example */ function session_begin($update_session_page = true) { @@ -148,9 +145,6 @@ class session if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u'])) { - // Switch to request_var ... can this cause issues, can a _GET/_POST param - // be used to poison this? Not sure that it makes any difference in terms of - // the end result, be it a cookie or param. $this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0, false, true); $this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '', false, true); $this->session_id = request_var($config['cookie_name'] . '_sid', '', false, true); @@ -265,7 +259,6 @@ class session $db->sql_query($sql); } - // Ultimately to be removed $this->data['is_registered'] = ($this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false; @@ -275,7 +268,10 @@ class session else { // Added logging temporarly to help debug bugs... - add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + if (defined('DEBUG_EXTRA')) + { + add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser); + } } } } @@ -374,7 +370,7 @@ class session $sql = 'SELECT u.* FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k WHERE u.user_id = ' . (int) $this->cookie_data['u'] . ' - AND u.user_type <> ' . USER_INACTIVE . " + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ") AND k.user_id = u.user_id AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'"; $result = $db->sql_query($sql); @@ -389,7 +385,7 @@ class session $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->cookie_data['u'] . ' - AND user_type <> ' . USER_INACTIVE; + AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $this->data = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -439,18 +435,14 @@ class session // session exists in which case session_id will also be set // Is user banned? Are they excluded? Won't return on ban, exists within method - // @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time if ($this->data['user_type'] != USER_FOUNDER) { $this->check_ban($this->data['user_id'], $this->ip); } - // - // Do away with ultimately? - $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS) ? true : false; + + $this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false; $this->data['is_bot'] = ($bot) ? true : false; - // - // // If our friend is a bot, we re-assign a previously assigned session if ($this->data['is_bot'] && $bot === $this->data['user_id'] && $this->data['session_id']) @@ -493,8 +485,8 @@ class session } } - // @todo Change this ... check for "... && user_type & USER_NORMAL" ? $session_autologin = (($this->cookie_data['k'] || $persist_login) && $this->data['is_registered']) ? true : false; + $set_admin = ($set_admin && $this->data['is_registered']) ? true : false; // Create or update the session $sql_ary = array( @@ -734,20 +726,11 @@ class session { global $config; - if (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') - { - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path']); - } - else - { - // Firefox does not allow setting cookies with a domain containing no periods. - if (strpos($config['cookie_domain'], '.') === false) - { - $config['cookie_domain'] = '.' . $config['cookie_domain']; - } + $name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata); + $expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime); + $domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain']; - @setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); - } + header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false); } /** @@ -1020,15 +1003,20 @@ class user extends session $this->timezone = $config['board_timezone'] * 3600; $this->dst = $config['board_dst'] * 3600; -/* Browser-specific language setting removed - might re-appear later + /** + * If a guest user is surfing, we try to guess his/her language first by obtaining the browser language + * @todo if re-enabled we need to make sure only those languages installed are checked if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + foreach ($accept_lang_ary as $accept_lang) { // Set correct format ... guess full xx_YY form $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1039,6 +1027,8 @@ class user extends session { // No match on xx_YY so try xx $accept_lang = substr($accept_lang, 0, 2); + $accept_lang = basename($accept_lang); + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $config['default_lang'] = $accept_lang; @@ -1048,7 +1038,7 @@ class user extends session } } } -*/ + */ } // We include common language file here to not load it every time a custom language file is included diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index b3c857b5d8..a6c1f82529 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -53,7 +53,6 @@ class ucp_activate if ($update_password) { $sql_ary = array( - 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '' @@ -69,12 +68,12 @@ class ucp_activate { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); - // Now we need to demote the user from the inactive group and add him to the registered group - user_active_flip($user_row['user_id'], $user_row['user_type'], '', $user_row['username'], 0, true); + user_active_flip('activate', $user_row['user_id']); - // Update last username - update_last_username(); - set_config('num_users', $config['num_users'] + 1, true); + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '' + WHERE user_id = {$user_row['user_id']}"; + $db->sql_query($sql); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 15c7699253..011b87ddf2 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -120,7 +120,7 @@ class ucp_profile add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email); } - if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) + if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) { include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); @@ -185,11 +185,10 @@ class ucp_profile $messenger->save_queue(); + user_active_flip('deactivate', $user_id, INACTIVE_PROFILE); + $sql_ary += array( - 'user_type' => USER_INACTIVE, 'user_actkey' => $user_actkey, - 'user_inactive_reason' => INACTIVE_PROFILE, - 'user_inactive_time' => time(), ); } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 49246ca4c0..e3e1315721 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -220,9 +220,7 @@ class ucp_register $server_url = generate_board_url(); // Which group by default? - $group_reg = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; - $group_inactive = ($coppa) ? 'INACTIVE_COPPA' : 'INACTIVE'; - $group_name = ($config['require_activation'] == USER_ACTIVATION_NONE || !$config['email_enable']) ? $group_reg : $group_inactive; + $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 84ce3fe9b7..63d3aea790 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -46,7 +46,7 @@ class ucp_resend trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } - // Determine coppa status on group (INACTIVE(_COPPA)) + // Determine coppa status on group (REGISTERED(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; @@ -59,7 +59,7 @@ class ucp_resend trigger_error('NO_GROUP'); } - $coppa = ($row['group_name'] == 'INACTIVE_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; + $coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); |