diff options
Diffstat (limited to 'phpBB/includes')
47 files changed, 1566 insertions, 440 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 2372c1f73c..67fba1094d 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -153,7 +153,7 @@ class acp_attachments 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), - 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'string', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), + 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'absolute_path', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), ) diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 361ef2666c..b555f46a94 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -25,14 +25,13 @@ class acp_ban function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; - global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; + global $user, $template, $request, $phpbb_dispatcher; + global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - $bansubmit = (isset($_POST['bansubmit'])) ? true : false; - $unbansubmit = (isset($_POST['unbansubmit'])) ? true : false; - $current_time = time(); + $bansubmit = $request->is_set_post('bansubmit'); + $unbansubmit = $request->is_set_post('unbansubmit'); $user->add_lang(array('acp/ban', 'acp/users')); $this->tpl_name = 'acp_ban'; @@ -48,23 +47,79 @@ class acp_ban if ($bansubmit) { // Grab the list of entries - $ban = utf8_normalize_nfc(request_var('ban', '', true)); - $ban_len = request_var('banlength', 0); - $ban_len_other = request_var('banlengthother', ''); - $ban_exclude = request_var('banexclude', 0); - $ban_reason = utf8_normalize_nfc(request_var('banreason', '', true)); - $ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true)); + $ban = $request->variable('ban', '', true); + $ban_length = $request->variable('banlength', 0); + $ban_length_other = $request->variable('banlengthother', ''); + $ban_exclude = $request->variable('banexclude', 0); + $ban_reason = $request->variable('banreason', '', true); + $ban_give_reason = $request->variable('bangivereason', '', true); if ($ban) { - user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason); + $abort_ban = false; + /** + * Use this event to modify the ban details before the ban is performed + * + * @event core.acp_ban_before + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @var mixed abort_ban Either false, or an error message that is displayed to the user. + * If a string is given the bans are not issued. + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + 'abort_ban', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_ban_before', compact($vars))); + + if ($abort_ban) + { + trigger_error($abort_ban . adm_back_link($this->u_action)); + } + user_ban($mode, $ban, $ban_length, $ban_length_other, $ban_exclude, $ban_reason, $ban_give_reason); + + /** + * Use this event to perform actions after the ban has been performed + * + * @event core.acp_ban_after + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_ban_after', compact($vars))); trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action)); } } else if ($unbansubmit) { - $ban = request_var('unban', array('')); + $ban = $request->variable('unban', array('')); if ($ban) { diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 130a3ef542..e245eea069 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -409,7 +409,9 @@ class acp_bbcodes { $bbcode_match = trim($bbcode_match); $bbcode_tpl = trim($bbcode_tpl); - $utf8 = strpos($bbcode_match, 'INTTEXT') !== false; + + // Allow unicode characters for URL|LOCAL_URL|RELATIVE_URL|INTTEXT tokens + $utf8 = preg_match('/(URL|LOCAL_URL|RELATIVE_URL|INTTEXT)/', $bbcode_match); $utf8_pcre_properties = phpbb_pcre_utf8_support(); diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 9c9e32b57c..63e2647f02 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -65,13 +65,16 @@ class acp_board 'default_lang' => array('lang' => 'DEFAULT_LANGUAGE', 'validate' => 'lang', 'type' => 'select', 'function' => 'language_select', 'params' => array('{CONFIG_VALUE}'), 'explain' => false), 'default_dateformat' => array('lang' => 'DEFAULT_DATE_FORMAT', 'validate' => 'string', 'type' => 'custom', 'method' => 'dateformat_select', 'explain' => true), 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'timezone', 'type' => 'custom', 'method' => 'timezone_select', 'explain' => true), - 'default_style' => array('lang' => 'DEFAULT_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => false), + + 'legend2' => 'BOARD_STYLE', + 'default_style' => array('lang' => 'DEFAULT_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => true), + 'guest_style' => array('lang' => 'GUEST_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array($this->guest_style_get(), false), 'explain' => true), 'override_user_style' => array('lang' => 'OVERRIDE_STYLE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'legend2' => 'WARNINGS', + 'legend3' => 'WARNINGS', 'warnings_expire_days' => array('lang' => 'WARNINGS_EXPIRE', 'validate' => 'int:0:9999', 'type' => 'number:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']), - 'legend3' => 'ACP_SUBMIT_CHANGES', + 'legend4' => 'ACP_SUBMIT_CHANGES', ) ); break; @@ -509,6 +512,14 @@ class acp_board continue; } + if ($config_name == 'guest_style') + { + if (isset($cfg_array[$config_name])) { + $this->guest_style_set($cfg_array[$config_name]); + } + continue; + } + $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; if ($config_name == 'email_function_name') @@ -604,7 +615,15 @@ class acp_board { add_log('admin', 'LOG_CONFIG_' . strtoupper($mode)); - trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); + $message = $user->lang('CONFIG_UPDATED'); + $message_type = E_USER_NOTICE; + if (!$config['email_enable'] && in_array($mode, array('email', 'registration')) && + in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN))) + { + $message .= '<br /><br />' . $user->lang('ACC_ACTIVATION_WARNING'); + $message_type = E_USER_WARNING; + } + trigger_error($message . adm_back_link($this->u_action), $message_type); } $this->tpl_name = 'acp_board'; @@ -781,20 +800,19 @@ class acp_board global $user, $config; $act_ary = array( - 'ACC_DISABLE' => USER_ACTIVATION_DISABLE, - 'ACC_NONE' => USER_ACTIVATION_NONE, + 'ACC_DISABLE' => array(true, USER_ACTIVATION_DISABLE), + 'ACC_NONE' => array(true, USER_ACTIVATION_NONE), + 'ACC_USER' => array($config['email_enable'], USER_ACTIVATION_SELF), + 'ACC_ADMIN' => array($config['email_enable'], USER_ACTIVATION_ADMIN), ); - if ($config['email_enable']) - { - $act_ary['ACC_USER'] = USER_ACTIVATION_SELF; - $act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN; - } - $act_options = ''; - foreach ($act_ary as $key => $value) + $act_options = ''; + foreach ($act_ary as $key => $data) { + list($available, $value) = $data; $selected = ($selected_value == $value) ? ' selected="selected"' : ''; - $act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>'; + $class = (!$available) ? ' class="disabled-option"' : ''; + $act_options .= '<option value="' . $value . '"' . $selected . $class . '>' . $user->lang($key) . '</option>'; } return $act_options; @@ -912,6 +930,39 @@ class acp_board } /** + * Get guest style + */ + public function guest_style_get() + { + global $db; + + $sql = 'SELECT user_style + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . ANONYMOUS; + $result = $db->sql_query($sql); + + $style = (int) $db->sql_fetchfield('user_style'); + $db->sql_freeresult($result); + + return $style; + } + + /** + * Set guest style + * + * @param int $style_id The style ID + */ + public function guest_style_set($style_id) + { + global $db; + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_style = ' . (int) $style_id . ' + WHERE user_id = ' . ANONYMOUS; + $db->sql_query($sql); + } + + /** * Select default dateformat */ function dateformat_select($value, $key) diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index fe55b36e67..fda9d50779 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -26,7 +26,7 @@ class acp_email function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; - global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; + global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $phpbb_dispatcher; $user->add_lang('acp/email'); $this->tpl_name = 'acp_email'; @@ -40,6 +40,7 @@ class acp_email $error = array(); $usernames = request_var('usernames', '', true); + $usernames = (!empty($usernames)) ? explode("\n", $usernames) : array(); $group_id = request_var('g', 0); $subject = utf8_normalize_nfc(request_var('subject', '', true)); $message = utf8_normalize_nfc(request_var('message', '', true)); @@ -69,14 +70,18 @@ class acp_email if (!sizeof($error)) { - if ($usernames) + if (!empty($usernames)) { // If giving usernames the admin is able to email inactive users too... - $sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . ' - AND user_allow_massemail = 1 - ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@')) + $sql_ary = array( + 'SELECT' => 'username, user_email, user_jabber, user_notify_type, user_lang', + 'FROM' => array( + USERS_TABLE => '', + ), + 'WHERE' => $db->sql_in_set('username_clean', array_map('utf8_clean_string', $usernames)) . ' + AND user_allow_massemail = 1', + 'ORDER_BY' => 'user_lang, user_notify_type', + ); } else { @@ -123,8 +128,18 @@ class acp_email ), ); } - $sql = $db->sql_build_query('SELECT', $sql_ary); } + /** + * Modify sql query to change the list of users the email is sent to + * + * @event core.acp_email_modify_sql + * @var array sql_ary Array which is used to build the sql query + * @since 3.1.2-RC1 + */ + $vars = array('sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.acp_email_modify_sql', compact($vars))); + + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); @@ -180,6 +195,39 @@ class acp_email $errored = false; + $email_template = 'admin_send_email'; + $template_data = array( + 'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx), + 'MESSAGE' => htmlspecialchars_decode($message), + ); + $generate_log_entry = true; + + /** + * Modify email template data before the emails are sent + * + * @event core.acp_email_send_before + * @var string email_template The template to be used for sending the email + * @var string subject The subject of the email + * @var array template_data Array with template data assigned to email template + * @var bool generate_log_entry If false, no log entry will be created + * @var array usernames Usernames which will be displayed in log entry, if it will be created + * @var int group_id The group this email will be sent to + * @var bool use_queue If true, email queue will be used for sending + * @var int priority Priority of sent emails + * @since 3.1.3-RC1 + */ + $vars = array( + 'email_template', + 'subject', + 'template_data', + 'generate_log_entry', + 'usernames', + 'group_id', + 'use_queue', + 'priority', + ); + extract($phpbb_dispatcher->trigger_event('core.acp_email_send_before', compact($vars))); + for ($i = 0, $size = sizeof($email_list); $i < $size; $i++) { $used_lang = $email_list[$i][0]['lang']; @@ -193,17 +241,14 @@ class acp_email $messenger->im($email_row['jabber'], $email_row['name']); } - $messenger->template('admin_send_email', $used_lang); + $messenger->template($email_template, $used_lang); $messenger->anti_abuse_headers($config, $user); $messenger->subject(htmlspecialchars_decode($subject)); $messenger->set_mail_priority($priority); - $messenger->assign_vars(array( - 'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx), - 'MESSAGE' => htmlspecialchars_decode($message)) - ); + $messenger->assign_vars($template_data); if (!($messenger->send($used_method))) { @@ -214,24 +259,26 @@ class acp_email $messenger->save_queue(); - if ($usernames) + if ($generate_log_entry) { - $usernames = explode("\n", $usernames); - add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames))); - } - else - { - if ($group_id) + if (!empty($usernames)) { - $group_name = get_group_name($group_id); + add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames))); } else { - // Not great but the logging routine doesn't cope well with localising on the fly - $group_name = $user->lang['ALL_USERS']; - } + if ($group_id) + { + $group_name = get_group_name($group_id); + } + else + { + // Not great but the logging routine doesn't cope well with localising on the fly + $group_name = $user->lang['ALL_USERS']; + } - add_log('admin', 'LOG_MASS_EMAIL', $group_name); + add_log('admin', 'LOG_MASS_EMAIL', $group_name); + } } if (!$errored) @@ -267,17 +314,31 @@ class acp_email $s_priority_options .= '<option value="' . MAIL_NORMAL_PRIORITY . '" selected="selected">' . $user->lang['MAIL_NORMAL_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_HIGH_PRIORITY . '">' . $user->lang['MAIL_HIGH_PRIORITY'] . '</option>'; - $template->assign_vars(array( + $template_data = array( 'S_WARNING' => (sizeof($error)) ? true : false, 'WARNING_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 'U_ACTION' => $this->u_action, 'S_GROUP_OPTIONS' => $select_list, - 'USERNAMES' => $usernames, + 'USERNAMES' => implode("\n", $usernames), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames'), 'SUBJECT' => $subject, 'MESSAGE' => $message, - 'S_PRIORITY_OPTIONS' => $s_priority_options) + 'S_PRIORITY_OPTIONS' => $s_priority_options, ); + /** + * Modify custom email template data before we display the form + * + * @event core.acp_email_display + * @var array template_data Array with template data assigned to email template + * @var array exclude Array with groups which are excluded from group selection + * @var array usernames Usernames which will be displayed in form + * + * @since 3.1.4-RC1 + */ + $vars = array('template_data', 'exclude', 'usernames'); + extract($phpbb_dispatcher->trigger_event('core.acp_email_display', compact($vars))); + + $template->assign_vars($template_data); } } diff --git a/phpBB/includes/acp/acp_extensions.php b/phpBB/includes/acp/acp_extensions.php index 9bdd8eb458..0c9bc0deab 100644 --- a/phpBB/includes/acp/acp_extensions.php +++ b/phpBB/includes/acp/acp_extensions.php @@ -174,11 +174,6 @@ class acp_extensions trigger_error($user->lang['EXTENSION_NOT_ENABLEABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } - if ($phpbb_extension_manager->is_enabled($ext_name)) - { - redirect($this->u_action); - } - try { while ($phpbb_extension_manager->enable_step($ext_name)) @@ -537,7 +532,7 @@ class acp_extensions $version_check = $meta['extra']['version-check']; - $version_helper = new \phpbb\version_helper($this->cache, $this->config, $this->user); + $version_helper = new \phpbb\version_helper($this->cache, $this->config, new \phpbb\file_downloader(), $this->user); $version_helper->set_current_version($meta['version']); $version_helper->set_file_location($version_check['host'], $version_check['directory'], $version_check['filename']); $version_helper->force_stability($this->config['extension_force_unstable'] ? 'unstable' : null); diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 2a28226d6c..48ca05a118 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -655,8 +655,8 @@ class acp_main 'S_MBSTRING_LOADED' => true, 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)), 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0), - 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'), - 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'), + 'S_MBSTRING_HTTP_INPUT_FAIL' => !in_array(@ini_get('mbstring.http_input'), array('pass', '')), + 'S_MBSTRING_HTTP_OUTPUT_FAIL' => !in_array(@ini_get('mbstring.http_output'), array('pass', '')), )); } diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index 046281596c..97c1f62077 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -460,7 +460,7 @@ class acp_profile if (!$cp->vars[$key] && $action == 'edit') { - $cp->vars[$key] = $$key; + $cp->vars[$key] = ${$key}; } $field_data = $cp->vars; diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index a10b248324..6eb213fd7a 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -397,7 +397,7 @@ class acp_prune $joined_after = request_var('joined_after', ''); $active = request_var('active', ''); - $count = request_var('count', 0); + $count = ($request->variable('count', '') === '') ? false : $request->variable('count', 0); $active = ($active) ? explode('-', $active) : array(); $joined_before = ($joined_before) ? explode('-', $joined_before) : array(); @@ -439,7 +439,7 @@ class acp_prune $where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : ''; $where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : ''; $where_sql .= $joined_sql; - $where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : ''; + $where_sql .= ($count !== false) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : ''; // First handle pruning of users who never logged in, last active date is 0000-00-00 if (sizeof($active) && (int) $active[0] == 0 && (int) $active[1] == 0 && (int) $active[2] == 0) @@ -507,7 +507,7 @@ class acp_prune AND ug.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . ' AND ug.user_pending = 0 ' . - ((!empty($user_ids)) ? 'AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . ' + ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . ' AND u.user_id = ug.user_id'; $result = $db->sql_query($sql); @@ -533,7 +533,7 @@ class acp_prune FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE u.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . - ((!empty($user_ids)) ? 'AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' + ((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . ' AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . ' AND u.user_id = p.poster_id GROUP BY p.poster_id diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index eddc6871f8..9ff999567a 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -449,7 +449,6 @@ class acp_search $search = null; $error = false; - $search_options = ''; foreach ($search_types as $type) { if ($this->init_search($type, $search, $error) || !method_exists($search, 'index_created')) diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 2a02e3e845..6bd27a8bca 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -29,14 +29,31 @@ class acp_styles protected $styles_path; protected $styles_path_absolute = 'styles'; protected $default_style = 0; + protected $styles_list_cols = 0; + protected $reserved_style_names = array('adm', 'admin', 'all'); + /** @var \phpbb\db\driver\driver_interface */ protected $db; + + /** @var \phpbb\user */ protected $user; + + /** @var \phpbb\template\template */ protected $template; + + /** @var \phpbb\request\request_interface */ protected $request; + + /** @var \phpbb\cache\driver\driver_interface */ protected $cache; + + /** @var \phpbb\auth\auth */ protected $auth; + + /** @var string */ protected $phpbb_root_path; + + /** @var string */ protected $php_ext; public function main($id, $mode) @@ -70,11 +87,6 @@ class acp_styles $action = $this->request->variable('action', ''); $post_actions = array('install', 'activate', 'deactivate', 'uninstall'); - if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action)) - { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); - } - foreach ($post_actions as $key) { if ($this->request->is_set_post($key)) @@ -83,6 +95,18 @@ class acp_styles } } + // The uninstall action uses confirm_box() to verify the validity of the request, + // so there is no need to check for a valid token here. + if (in_array($action, $post_actions) && $action != 'uninstall') + { + $is_valid_request = check_link_hash($request->variable('hash', ''), $action) || check_form_key('styles_management'); + + if (!$is_valid_request) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + } + if ($action != '') { $this->s_hidden_fields['action'] = $action; @@ -122,6 +146,8 @@ class acp_styles */ protected function frontend() { + add_form_key('styles_management'); + // Check mode switch ($this->mode) { @@ -133,33 +159,11 @@ class acp_styles $this->welcome_message('INSTALL_STYLES', 'INSTALL_STYLES_EXPLAIN'); $this->show_available(); return; - case 'cache': - $this->action_cache(); - return; } trigger_error($this->user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING); } /** - * Purge cache - */ - protected function action_cache() - { - global $db, $cache, $auth; - - $this->config->increment('assets_version', 1); - $this->cache->purge(); - - // Clear permissions - $this->auth->acl_clear_prefetch(); - phpbb_cache_moderators($db, $cache, $auth); - - add_log('admin', 'LOG_PURGE_CACHE'); - - trigger_error($this->user->lang['PURGED_CACHE'] . adm_back_link($this->u_base_action), E_USER_NOTICE); - } - - /** * Install style(s) */ protected function action_install() @@ -177,6 +181,12 @@ class acp_styles $last_installed = false; foreach ($dirs as $dir) { + if (in_array($dir, $this->reserved_style_names)) + { + $messages[] = $this->user->lang('STYLE_NAME_RESERVED', htmlspecialchars($dir)); + continue; + } + $found = false; foreach ($styles as &$style) { @@ -822,7 +832,7 @@ class acp_styles * Update styles tree * * @param array $styles Styles list, passed as reference - * @param array $style Current style, false if root + * @param array|false $style Current style, false if root * @return bool True if something was updated, false if not */ protected function update_styles_tree(&$styles, $style = false) @@ -1104,7 +1114,7 @@ class acp_styles /** * Install style * - * @param $style style data + * @param array $style style data * @return int Style id */ protected function install_style($style) diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 31b033604d..8c17fb6311 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -173,6 +173,21 @@ class acp_users $delete_type = request_var('delete_type', ''); $ip = request_var('ip', 'ip'); + /** + * Run code at beginning of ACP users overview + * + * @event core.acp_users_overview_before + * @var array user_row Current user data + * @var string mode Active module + * @var string action Module that should be run + * @var bool submit Do we display the form only + * or did the user press submit + * @var array error Array holding error messages + * @since 3.1.3-RC1 + */ + $vars = array('user_row', 'mode', 'action', 'submit', 'error'); + extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_before', compact($vars))); + if ($submit) { if ($delete) @@ -1362,6 +1377,19 @@ class acp_users $data['bday_year'] = request_var('bday_year', $data['bday_year']); $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); + /** + * Modify user data on editing profile in ACP + * + * @event core.acp_users_modify_profile + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @var int user_id The user id + * @var array user_row Array with the full user data + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit', 'user_id', 'user_row'); + extract($phpbb_dispatcher->trigger_event('core.acp_users_modify_profile', compact($vars))); + if ($submit) { $error = validate_data($data, array( @@ -1386,6 +1414,18 @@ class acp_users $error[] = 'FORM_INVALID'; } + /** + * Validate profile data in ACP before submitting to the database + * + * @event core.acp_users_profile_validate + * @var bool submit Flag indicating if submit button has been pressed + * @var array data Array with user profile data + * @var array error Array with the form errors + * @since 3.1.4-RC1 + */ + $vars = array('submit', 'data', 'error'); + extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_validate', compact($vars))); + if (!sizeof($error)) { $sql_ary = array( @@ -1393,6 +1433,20 @@ class acp_users 'user_birthday' => $data['user_birthday'], ); + /** + * Modify profile data in ACP before submitting to the database + * + * @event core.acp_users_profile_modify_sql_ary + * @var array cp_data Array with the user custom profile fields data + * @var array data Array with user profile data + * @var int user_id The user id + * @var array user_row Array with the full user data + * @var array sql_ary Array with sql data + * @since 3.1.4-RC1 + */ + $vars = array('cp_data', 'data', 'user_id', 'user_row', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_modify_sql_ary', compact($vars))); + $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = $user_id"; diff --git a/phpBB/includes/acp/info/acp_styles.php b/phpBB/includes/acp/info/acp_styles.php index 1a9865aa1d..c0ab005502 100644 --- a/phpBB/includes/acp/info/acp_styles.php +++ b/phpBB/includes/acp/info/acp_styles.php @@ -22,7 +22,6 @@ class acp_styles_info 'modes' => array( 'style' => array('title' => 'ACP_STYLES', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), 'install' => array('title' => 'ACP_STYLES_INSTALL', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), - 'cache' => array('title' => 'ACP_STYLES_CACHE', 'auth' => 'acl_a_styles', 'cat' => array('ACP_STYLE_MANAGEMENT')), ), ); } diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index 3460db4882..5f6dcde448 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -129,7 +129,7 @@ class bbcode */ function bbcode_cache_init() { - global $phpbb_root_path, $phpEx, $config, $user, $phpbb_extension_manager, $phpbb_path_helper; + global $phpbb_root_path, $phpEx, $config, $user, $phpbb_dispatcher, $phpbb_extension_manager, $phpbb_path_helper; if (empty($this->template_filename)) { @@ -388,6 +388,26 @@ class bbcode break; } } + + $bbcode_cache = $this->bbcode_cache; + $bbcode_bitfield = $this->bbcode_bitfield; + $bbcode_uid = $this->bbcode_uid; + + /** + * Use this event to modify the bbcode_cache + * + * @event core.bbcode_cache_init_end + * @var array bbcode_cache The array of cached search and replace patterns of bbcodes + * @var string bbcode_bitfield The bbcode bitfield + * @var string bbcode_uid The bbcode uid + * @since 3.1.3-RC1 + */ + $vars = array('bbcode_cache', 'bbcode_bitfield', 'bbcode_uid'); + extract($phpbb_dispatcher->trigger_event('core.bbcode_cache_init_end', compact($vars))); + + $this->bbcode_cache = $bbcode_cache; + $this->bbcode_bitfield = $bbcode_bitfield; + $this->bbcode_uid = $bbcode_uid; } /** diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index b72e4ab6d4..321a87b4b0 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.1.0-RC5-dev'); +define('PHPBB_VERSION', '3.1.4-dev'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index fe03efddf2..573df9e55d 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -31,7 +31,7 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path) new \phpbb\recursive_dot_prefix_filter_iterator( new \RecursiveDirectoryIterator( $phpbb_root_path . 'ext/', - \FilesystemIterator::SKIP_DOTS + \FilesystemIterator::SKIP_DOTS | \FilesystemIterator::FOLLOW_SYMLINKS ) ), \RecursiveIteratorIterator::SELF_FIRST @@ -1150,10 +1150,43 @@ function phpbb_timezone_select($template, $user, $default = '', $truncate = fals function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0) { global $db, $user, $config; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; $post_time = ($post_time === 0 || $post_time > time()) ? time() : (int) $post_time; + $should_markread = true; + + /** + * This event is used for performing actions directly before marking forums, + * topics or posts as read. + * + * It is also possible to prevent the marking. For that, the $should_markread parameter + * should be set to FALSE. + * + * @event core.markread_before + * @var string mode Variable containing marking mode value + * @var mixed forum_id Variable containing forum id, or false + * @var mixed topic_id Variable containing topic id, or false + * @var int post_time Variable containing post time + * @var int user_id Variable containing the user id + * @var bool should_markread Flag indicating if the markread should be done or not. + * @since 3.1.4-RC1 + */ + $vars = array( + 'mode', + 'forum_id', + 'topic_id', + 'post_time', + 'user_id', + 'should_markread', + ); + extract($phpbb_dispatcher->trigger_event('core.markread_before', compact($vars))); + + if (!$should_markread) + { + return; + } + if ($mode == 'all') { if ($forum_id === false || !sizeof($forum_id)) @@ -1648,6 +1681,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) { global $config, $db, $user; + global $phpbb_dispatcher; $user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id; @@ -1691,6 +1725,24 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s $sql_sort", ); + /** + * Change SQL query for fetching unread topics data + * + * @event core.get_unread_topics_modify_sql + * @var array sql_array Fully assembled SQL query with keys SELECT, FROM, LEFT_JOIN, WHERE + * @var int last_mark User's last_mark time + * @var string sql_extra Extra WHERE SQL statement + * @var string sql_sort ORDER BY SQL sorting statement + * @since 3.1.4-RC1 + */ + $vars = array( + 'sql_array', + 'last_mark', + 'sql_extra', + 'sql_sort', + ); + extract($phpbb_dispatcher->trigger_event('core.get_unread_topics_modify_sql', compact($vars))); + $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); @@ -2396,26 +2448,7 @@ function build_url($strip_vars = false) { global $config, $user, $phpbb_path_helper; - $php_ext = $phpbb_path_helper->get_php_ext(); - $page = $user->page['page']; - - // We need to be cautious here. - // On some situations, the redirect path is an absolute URL, sometimes a relative path - // For a relative path, let's prefix it with $phpbb_root_path to point to the correct location, - // else we use the URL directly. - $url_parts = parse_url($page); - - // URL - if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host'])) - { - // Remove 'app.php/' from the page, when rewrite is enabled - if ($config['enable_mod_rewrite'] && strpos($page, 'app.' . $php_ext . '/') === 0) - { - $page = substr($page, strlen('app.' . $php_ext . '/')); - } - - $page = $phpbb_path_helper->get_phpbb_root_path() . $page; - } + $page = $phpbb_path_helper->get_valid_page($user->page['page'], $config['enable_mod_rewrite']); // Append SID $redirect = append_sid($page, false, false); @@ -2657,7 +2690,7 @@ function check_form_key($form_name, $timespan = false) function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '') { global $user, $template, $db, $request; - global $phpEx, $phpbb_root_path, $request; + global $config, $phpbb_path_helper; if (isset($_POST['cancel'])) { @@ -2719,8 +2752,8 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo } // re-add sid / transform & to & for user->page (user->page is always using &) - $use_page = ($u_action) ? $phpbb_root_path . $u_action : $phpbb_root_path . str_replace('&', '&', $user->page['page']); - $u_action = reapply_sid($use_page); + $use_page = ($u_action) ? $u_action : str_replace('&', '&', $user->page['page']); + $u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite'])); $u_action .= ((strpos($u_action, '?') === false) ? '?' : '&') . 'confirm_key=' . $confirm_key; $template->assign_vars(array( @@ -2768,7 +2801,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; $err = ''; @@ -2854,6 +2887,18 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $redirect = request_var('redirect', "{$phpbb_root_path}index.$phpEx"); + /** + * This event allows an extension to modify the redirection when a user successfully logs in + * + * @event core.login_box_redirect + * @var string redirect Redirect string + * @var boolean admin Is admin? + * @var bool return If true, do not redirect but return the sanitized URL. + * @since 3.1.0-RC5 + */ + $vars = array('redirect', 'admin', 'return'); + extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars))); + // append/replace SID (may change during the session for AOL users) $redirect = reapply_sid($redirect); @@ -2875,19 +2920,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa // Special cases... determine switch ($result['status']) { - case LOGIN_ERROR_ATTEMPTS: - - $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_LOGIN); - // $captcha->reset(); - - $template->assign_vars(array( - 'CAPTCHA_TEMPLATE' => $captcha->get_template(), - )); - - $err = $user->lang[$result['error_msg']]; - break; - case LOGIN_ERROR_PASSWORD_CONVERT: $err = sprintf( $user->lang[$result['error_msg']], @@ -2898,6 +2930,17 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa ); break; + case LOGIN_ERROR_ATTEMPTS: + + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + // $captcha->reset(); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + // no break; + // Username, password, etc... default: $err = $user->lang[$result['error_msg']]; @@ -2910,6 +2953,19 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa break; } + + /** + * This event allows an extension to process when a user fails a login attempt + * + * @event core.login_box_failed + * @var array result Login result data + * @var string username User name used to login + * @var string password Password used to login + * @var string err Error message + * @since 3.1.3-RC1 + */ + $vars = array('result', 'username', 'password', 'err'); + extract($phpbb_dispatcher->trigger_event('core.login_box_failed', compact($vars))); } // Assign credential for username/password pair @@ -3289,7 +3345,7 @@ function get_preg_expression($mode) case 'email': // Regex written by James Watts and Francisco Jose Martin Moreno // http://fightingforalostcause.net/misc/2006/compare-email-regex.php - return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)'; + return '((?:[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+)@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)'; break; case 'bbcode_htm': @@ -3315,23 +3371,33 @@ function get_preg_expression($mode) break; case 'url': + // generated with regex_idn.php file in the develop folder + return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + break; + case 'url_inline': - $inline = ($mode == 'url') ? ')' : ''; - $scheme = ($mode == 'url') ? '[a-z\d+\-.]' : '[a-z\d+]'; // avoid automatic parsing of "word" in "last word.http://..." - // generated with regex generation file in the develop folder - return "[a-z]$scheme*:/{2}(?:(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + // generated with regex_idn.php file in the develop folder + return "[a-z][a-z\d+]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; break; case 'www_url': + // generated with regex_idn.php file in the develop folder + return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + break; + case 'www_url_inline': - $inline = ($mode == 'www_url') ? ')' : ''; - return "www\.(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + // generated with regex_idn.php file in the develop folder + return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; break; case 'relative_url': + // generated with regex_idn.php file in the develop folder + return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + break; + case 'relative_url_inline': - $inline = ($mode == 'relative_url') ? ')' : ''; - return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?"; + // generated with regex_idn.php file in the develop folder + return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?"; break; case 'table_prefix': @@ -4179,9 +4245,10 @@ function obtain_users_online($item_id = 0, $item = 'forum') */ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum') { - global $config, $db, $user, $auth; + global $config, $db, $user, $auth, $phpbb_dispatcher; - $user_online_link = $online_userlist = ''; + $guests_online = $hidden_online = $l_online_users = $online_userlist = $visible_online = ''; + $user_online_link = $rowset = array(); // Need caps version of $item for language-strings $item_caps = strtoupper($item); @@ -4191,9 +4258,28 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . ' ORDER BY username_clean ASC'; + + /** + * Modify SQL query to obtain online users data + * + * @event core.obtain_users_online_string_sql + * @var array online_users Array with online users data + * from obtain_users_online() + * @var int item_id Restrict online users to item id + * @var string item Restrict online users to a certain + * session item, e.g. forum for + * session_forum_id + * @var string sql SQL query to obtain users online data + * @since 3.1.4-RC1 + */ + $vars = array('online_users', 'item_id', 'item', 'sql'); + extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars))); + $result = $db->sql_query($sql); + $rowset = $db->sql_fetchrowset($result); + $db->sql_freeresult($result); - while ($row = $db->sql_fetchrow($result)) + foreach ($rowset as $row) { // User is logged in and therefore not a guest if ($row['user_id'] != ANONYMOUS) @@ -4205,13 +4291,12 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline')) { - $user_online_link = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); - $online_userlist .= ($online_userlist != '') ? ', ' . $user_online_link : $user_online_link; + $user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']); } } } - $db->sql_freeresult($result); } + $online_userlist = implode(', ', $user_online_link); if (!$online_userlist) { @@ -4244,6 +4329,33 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum' $l_online_users = $user->lang('ONLINE_USERS_TOTAL', (int) $online_users['total_online'], $visible_online, $hidden_online); } + /** + * Modify online userlist data + * + * @event core.obtain_users_online_string_modify + * @var array online_users Array with online users data + * from obtain_users_online() + * @var int item_id Restrict online users to item id + * @var string item Restrict online users to a certain + * session item, e.g. forum for + * session_forum_id + * @var array rowset Array with online users data + * @var array user_online_link Array with online users items (usernames) + * @var string online_userlist String containing users online list + * @var string l_online_users String with total online users count info + * @since 3.1.4-RC1 + */ + $vars = array( + 'online_users', + 'item_id', + 'item', + 'rowset', + 'user_online_link', + 'online_userlist', + 'l_online_users', + ); + extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_modify', compact($vars))); + return array( 'online_userlist' => $online_userlist, 'l_online_users' => $l_online_users, @@ -5242,7 +5354,7 @@ function page_footer($run_cron = true, $display_template = true, $exit_handler = // Call cron-type script $call_cron = false; - if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable'] && !$user->data['is_bot'] && !$cache->get('cron.lock_check')) + if (!defined('IN_CRON') && !$config['use_system_cron'] && $run_cron && !$config['board_disable'] && !$user->data['is_bot'] && !$cache->get('_cron.lock_check')) { $call_cron = true; $time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time(); @@ -5274,10 +5386,22 @@ function page_footer($run_cron = true, $display_template = true, $exit_handler = } else { - $cache->put('cron.lock_check', true, 300); + $cache->put('_cron.lock_check', true, 60); } } + /** + * Execute code and/or modify output before displaying the template. + * + * @event core.page_footer_after + * @var bool display_template Whether or not to display the template + * @var bool exit_handler Whether or not to run the exit_handler() + * + * @since 3.1.0-RC5 + */ + $vars = array('display_template', 'exit_handler'); + extract($phpbb_dispatcher->trigger_event('core.page_footer_after', compact($vars))); + if ($display_template) { $template->display('body'); diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index e30c6da505..a53a54368e 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -550,6 +550,9 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $cfg_array[$config_name] = trim($destination); + // Absolute file path + case 'absolute_path': + case 'absolute_path_writable': // Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir... case 'path': case 'wpath': @@ -568,20 +571,22 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) break; } - if (!file_exists($phpbb_root_path . $cfg_array[$config_name])) + $path = in_array($config_definition['validate'], array('wpath', 'path', 'rpath', 'rwpath')) ? $phpbb_root_path . $cfg_array[$config_name] : $cfg_array[$config_name]; + + if (!file_exists($path)) { $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]); } - if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_dir($phpbb_root_path . $cfg_array[$config_name])) + if (file_exists($path) && !is_dir($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]); } // Check if the path is writable - if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath') + if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath' || $config_definition['validate'] === 'absolute_path_writable') { - if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !phpbb_is_writable($phpbb_root_path . $cfg_array[$config_name])) + if (file_exists($path) && !phpbb_is_writable($path)) { $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]); } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e3e8657afb..79f9db2f3f 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -618,7 +618,7 @@ function move_posts($post_ids, $topic_id, $auto_sync = true) */ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_sync = true, $call_delete_posts = true) { - global $db, $config, $phpbb_container; + global $db, $config, $phpbb_container, $phpbb_dispatcher; $approved_topics = 0; $forum_ids = $topic_ids = array(); @@ -672,6 +672,20 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s $table_ary = array(BOOKMARKS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, POLL_VOTES_TABLE, POLL_OPTIONS_TABLE, TOPICS_WATCH_TABLE, TOPICS_TABLE); + /** + * Perform additional actions before topic(s) deletion + * + * @event core.delete_topics_before_query + * @var array table_ary Array of tables from which all rows will be deleted that hold a topic_id occuring in topic_ids + * @var array topic_ids Array of topic ids to delete + * @since 3.1.4-RC1 + */ + $vars = array( + 'table_ary', + 'topic_ids', + ); + extract($phpbb_dispatcher->trigger_event('core.delete_topics_before_query', compact($vars))); + foreach ($table_ary as $table) { $sql = "DELETE FROM $table @@ -680,6 +694,18 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s } unset($table_ary); + /** + * Perform additional actions after topic(s) deletion + * + * @event core.delete_topics_after_query + * @var array topic_ids Array of topic ids that were deleted + * @since 3.1.4-RC1 + */ + $vars = array( + 'topic_ids', + ); + extract($phpbb_dispatcher->trigger_event('core.delete_topics_after_query', compact($vars))); + $moved_topic_ids = array(); // update the other forums @@ -2311,7 +2337,7 @@ function sync($mode, $where_type = '', $where_ids = '', $resync_parents = false, */ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync = true) { - global $db; + global $db, $phpbb_dispatcher; if (!is_array($forum_id)) { @@ -2351,6 +2377,21 @@ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync $sql_and .= ' AND topic_status = ' . ITEM_MOVED . " AND topic_last_post_time < $prune_date"; } + /** + * Use this event to modify the SQL that selects topics to be pruned + * + * @event core.prune_sql + * @var string forum_id The forum id + * @var string prune_mode The prune mode + * @var string prune_date The prune date + * @var int prune_flags The prune flags + * @var bool auto_sync Whether or not to perform auto sync + * @var string sql_and SQL text appended to where clause + * @since 3.1.3-RC1 + */ + $vars = array('forum_id', 'prune_mode', 'prune_date', 'prune_flags', 'auto_sync', 'sql_and'); + extract($phpbb_dispatcher->trigger_event('core.prune_sql', compact($vars))); + $sql = 'SELECT topic_id FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $forum_id) . " @@ -2512,6 +2553,7 @@ function phpbb_cache_moderators($db, $cache, $auth) { $usernames_ary[$row['user_id']] = $row['username']; } + $db->sql_freeresult($result); foreach ($hold_ary as $user_id => $forum_id_ary) { @@ -2806,6 +2848,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $users[] = $row; } + $db->sql_freeresult($result); return $offset; } @@ -2980,68 +3023,21 @@ function get_database_size() /** * Retrieve contents from remotely stored file +* +* @deprecated 3.1.2 Use file_downloader instead */ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6) { - global $user; - - if ($fsock = @fsockopen($host, $port, $errno, $errstr, $timeout)) - { - @fputs($fsock, "GET $directory/$filename HTTP/1.0\r\n"); - @fputs($fsock, "HOST: $host\r\n"); - @fputs($fsock, "Connection: close\r\n\r\n"); - - $timer_stop = time() + $timeout; - stream_set_timeout($fsock, $timeout); - - $file_info = ''; - $get_info = false; - - while (!@feof($fsock)) - { - if ($get_info) - { - $file_info .= @fread($fsock, 1024); - } - else - { - $line = @fgets($fsock, 1024); - if ($line == "\r\n") - { - $get_info = true; - } - else if (stripos($line, '404 not found') !== false) - { - $errstr = $user->lang('FILE_NOT_FOUND', $filename); - return false; - } - } + global $phpbb_container; - $stream_meta_data = stream_get_meta_data($fsock); + // Get file downloader and assign $errstr and $errno + $file_downloader = $phpbb_container->get('file_downloader'); - if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) - { - $errstr = $user->lang['FSOCK_TIMEOUT']; - return false; - } - } - @fclose($fsock); - } - else - { - if ($errstr) - { - $errstr = utf8_convert_message($errstr); - return false; - } - else - { - $errstr = $user->lang['FSOCK_DISABLED']; - return false; - } - } + $file_data = $file_downloader->get($host, $directory, $filename, $port, $timeout); + $errstr = $file_downloader->get_error_string(); + $errno = $file_downloader->get_error_number(); - return $file_info; + return $file_data; } /* diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index ea092c83bc..43952ae57a 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -101,18 +101,21 @@ function phpbb_clean_path($path) } else if (!$phpbb_path_helper) { + global $phpbb_root_path, $phpEx; + // The container is not yet loaded, use a new instance if (!class_exists('\phpbb\path_helper')) { - global $phpbb_root_path, $phpEx; require($phpbb_root_path . 'phpbb/path_helper.' . $phpEx); } + $request = new phpbb\request\request(); $phpbb_path_helper = new phpbb\path_helper( new phpbb\symfony_request( - new phpbb\request\request() + $request ), new phpbb\filesystem(), + $request, $phpbb_root_path, $phpEx ); @@ -165,3 +168,30 @@ function update_foes($group_id = false, $user_id = false) global $db, $auth; return phpbb_update_foes($db, $auth, $group_id, $user_id); } + +/** +* Get user rank title and image +* +* @param int $user_rank the current stored users rank id +* @param int $user_posts the users number of posts +* @param string &$rank_title the rank title will be stored here after execution +* @param string &$rank_img the rank image as full img tag is stored here after execution +* @param string &$rank_img_src the rank image source is stored here after execution +* +* @deprecated 3.1.0-RC5 (To be removed: 3.3.0) +* +* Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false +*/ +function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src) +{ + global $phpbb_root_path, $phpEx; + if (!function_exists('phpbb_get_user_rank')) + { + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + } + + $rank_data = phpbb_get_user_rank(array('user_rank' => $user_rank), $user_posts); + $rank_title = $rank_data['title']; + $rank_img = $rank_data['img']; + $rank_img_src = $rank_data['img_src']; +} diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index f275ed1dd1..6f861b8607 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -78,7 +78,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key, foreach ($sorts as $name => $sort_ary) { $key = $sort_ary['key']; - $selected = $$sort_ary['key']; + $selected = ${$sort_ary['key']}; // Check if the key is selectable. If not, we reset to the default or first key found. // This ensures the values are always valid. We also set $sort_dir/sort_key/etc. to the @@ -87,12 +87,12 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key, { if ($sort_ary['default'] !== false) { - $selected = $$key = $sort_ary['default']; + $selected = ${$key} = $sort_ary['default']; } else { @reset($sort_ary['options']); - $selected = $$key = key($sort_ary['options']); + $selected = ${$key} = key($sort_ary['options']); } } @@ -712,7 +712,7 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class break; } - $short_url = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url; + $short_url = (utf8_strlen($url) > 55) ? utf8_substr($url, 0, 39) . ' ... ' . utf8_substr($url, -10) : $url; switch ($type) { @@ -788,28 +788,28 @@ function make_clickable($text, $server_url = false, $class = 'postlink') // relative urls for this board $magic_url_match_args[$server_url][] = array( - '#(^|[\n\t (>.])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#i', + '#(^|[\n\t (>.])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#iu', MAGIC_URL_LOCAL, $local_class, ); // matches a xxxx://aaaaa.bbb.cccc. ... $magic_url_match_args[$server_url][] = array( - '#(^|[\n\t (>.])(' . get_preg_expression('url_inline') . ')#i', + '#(^|[\n\t (>.])(' . get_preg_expression('url_inline') . ')#iu', MAGIC_URL_FULL, $class, ); // matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing $magic_url_match_args[$server_url][] = array( - '#(^|[\n\t (>])(' . get_preg_expression('www_url_inline') . ')#i', + '#(^|[\n\t (>])(' . get_preg_expression('www_url_inline') . ')#iu', MAGIC_URL_WWW, $class, ); // matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode. $magic_url_match_args[$server_url][] = array( - '/(^|[\n\t (>])(' . get_preg_expression('email') . ')/i', + '/(^|[\n\t (>])(' . get_preg_expression('email') . ')/iu', MAGIC_URL_EMAIL, '', ); @@ -912,7 +912,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, return; } - global $template, $cache, $user; + global $template, $cache, $user, $phpbb_dispatcher; global $extensions, $config, $phpbb_root_path, $phpEx; // @@ -1187,6 +1187,34 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, ); } + /** + * Use this event to modify the attachment template data. + * + * This event is triggered once per attachment. + * + * @event core.parse_attachments_modify_template_data + * @var array attachment Array with attachment data + * @var array block_array Template data of the attachment + * @var int display_cat Attachment category data + * @var string download_link Attachment download link + * @var array extensions Array with attachment extensions data + * @var mixed forum_id The forum id the attachments are displayed in (false if in private message) + * @var bool preview Flag indicating if we are in post preview mode + * @var array update_count Array with attachment ids to update download count + * @since 3.1.0-RC5 + */ + $vars = array( + 'attachment', + 'block_array', + 'display_cat', + 'download_link', + 'extensions', + 'forum_id', + 'preview', + 'update_count', + ); + extract($phpbb_dispatcher->trigger_event('core.parse_attachments_modify_template_data', compact($vars))); + $template->assign_block_vars('_file', $block_array); $compiled_attachments[] = $template->assign_display('attachment_tpl'); diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 9d480692e9..61ab4721c4 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -2148,6 +2148,7 @@ function fix_empty_primary_groups() } $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . ' WHERE group_id = ' . get_group_id('global_moderators'); + $result = $db->sql_query($sql); $user_ids = array(); while ($row = $db->sql_fetchrow($result)) diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 85d9496061..b62b514293 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -375,6 +375,28 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod get_moderators($forum_moderators, $forum_ids_moderator); } + /** + * Event to perform additional actions before the forum list is being generated + * + * @event core.display_forums_before + * @var array active_forum_ary Array with forum data to display active topics + * @var bool display_moderators Flag indicating if we display forum moderators + * @var array forum_moderators Array with forum moderators list + * @var array forum_rows Data array of all forums we display + * @var bool return_moderators Flag indicating if moderators list should be returned + * @var array root_data Array with the root forum data + * @since 3.1.4-RC1 + */ + $vars = array( + 'active_forum_ary', + 'display_moderators', + 'forum_moderators', + 'forum_rows', + 'return_moderators', + 'root_data', + ); + extract($phpbb_dispatcher->trigger_event('core.display_forums_before', compact($vars))); + // Used to tell whatever we have to create a dummy category or not. $last_catless = true; foreach ($forum_rows as $row) @@ -649,6 +671,28 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'UNAPPROVED_POST_IMG' => $user->img('icon_topic_unapproved', 'POSTS_UNAPPROVED_FORUM'), )); + /** + * Event to perform additional actions after the forum list has been generated + * + * @event core.display_forums_after + * @var array active_forum_ary Array with forum data to display active topics + * @var bool display_moderators Flag indicating if we display forum moderators + * @var array forum_moderators Array with forum moderators list + * @var array forum_rows Data array of all forums we display + * @var bool return_moderators Flag indicating if moderators list should be returned + * @var array root_data Array with the root forum data + * @since 3.1.0-RC5 + */ + $vars = array( + 'active_forum_ary', + 'display_moderators', + 'forum_moderators', + 'forum_rows', + 'return_moderators', + 'root_data', + ); + extract($phpbb_dispatcher->trigger_event('core.display_forums_after', compact($vars))); + if ($return_moderators) { return array($active_forum_ary, $forum_moderators); @@ -1402,17 +1446,34 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, /** * Get user rank title and image * -* @param int $user_rank the current stored users rank id +* @param array $user_data the current stored users data * @param int $user_posts the users number of posts -* @param string &$rank_title the rank title will be stored here after execution -* @param string &$rank_img the rank image as full img tag is stored here after execution -* @param string &$rank_img_src the rank image source is stored here after execution +* +* @return array An associative array containing the rank title (title), the rank image source (img) and the rank image as full img tag (img) * * Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false */ -function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src) +function phpbb_get_user_rank($user_data, $user_posts) { - global $ranks, $config, $phpbb_root_path, $phpbb_path_helper; + global $ranks, $config, $phpbb_root_path, $phpbb_path_helper, $phpbb_dispatcher; + + $user_rank_data = array( + 'title' => null, + 'img' => null, + 'img_src' => null, + ); + + /** + * Preparing a user's rank before displaying + * + * @event core.modify_user_rank + * @var array user_data Array with user's data + * @var int user_posts User_posts to change + * @since 3.1.0-RC4 + */ + + $vars = array('user_data', 'user_posts'); + extract($phpbb_dispatcher->trigger_event('core.modify_user_rank', compact($vars))); if (empty($ranks)) { @@ -1420,11 +1481,14 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank $ranks = $cache->obtain_ranks(); } - if (!empty($user_rank)) + if (!empty($user_data['user_rank'])) { - $rank_title = (isset($ranks['special'][$user_rank]['rank_title'])) ? $ranks['special'][$user_rank]['rank_title'] : ''; - $rank_img_src = (!empty($ranks['special'][$user_rank]['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image']) : ''; - $rank_img = (!empty($ranks['special'][$user_rank]['rank_image'])) ? '<img src="' . $rank_img_src . '" alt="' . $ranks['special'][$user_rank]['rank_title'] . '" title="' . $ranks['special'][$user_rank]['rank_title'] . '" />' : ''; + + $user_rank_data['title'] = (isset($ranks['special'][$user_data['user_rank']]['rank_title'])) ? $ranks['special'][$user_data['user_rank']]['rank_title'] : ''; + + $user_rank_data['img_src'] = (!empty($ranks['special'][$user_data['user_rank']]['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_data['user_rank']]['rank_image']) : ''; + + $user_rank_data['img'] = (!empty($ranks['special'][$user_data['user_rank']]['rank_image'])) ? '<img src="' . $user_rank_data['img_src'] . '" alt="' . $ranks['special'][$user_data['user_rank']]['rank_title'] . '" title="' . $ranks['special'][$user_data['user_rank']]['rank_title'] . '" />' : ''; } else if ($user_posts !== false) { @@ -1434,28 +1498,29 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank { if ($user_posts >= $rank['rank_min']) { - $rank_title = $rank['rank_title']; - $rank_img_src = (!empty($rank['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image']) : ''; - $rank_img = (!empty($rank['rank_image'])) ? '<img src="' . $rank_img_src . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : ''; + $user_rank_data['title'] = $rank['rank_title']; + $user_rank_data['img_src'] = (!empty($rank['rank_image'])) ? $phpbb_path_helper->update_web_root_path($phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image']) : ''; + $user_rank_data['img'] = (!empty($rank['rank_image'])) ? '<img src="' . $user_rank_data['img_src'] . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : ''; break; } } } } + + return $user_rank_data; } /** * Prepare profile data */ -function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabled = false) +function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabled = false, $check_can_receive_pm = true) { global $config, $auth, $user, $phpEx, $phpbb_root_path, $phpbb_dispatcher; $username = $data['username']; $user_id = $data['user_id']; - $rank_title = $rank_img = $rank_img_src = ''; - get_user_rank($data['user_rank'], (($user_id == ANONYMOUS) ? false : $data['user_posts']), $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($data, (($user_id == ANONYMOUS) ? false : $data['user_posts'])); if ((!empty($data['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_user')) { @@ -1516,7 +1581,7 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl } // Can this user receive a Private Message? - $can_receive_pm = ( + $can_receive_pm = $check_can_receive_pm && ( // They must be a "normal" user $data['user_type'] != USER_IGNORE && @@ -1536,7 +1601,7 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl // Dump it out to the template $template_data = array( 'AGE' => $age, - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($data['user_regdate']), 'LAST_ACTIVE' => (empty($last_active)) ? ' - ' : $user->format_date($last_active), 'POSTS' => ($data['user_posts']) ? $data['user_posts'] : 0, @@ -1552,8 +1617,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl 'AVATAR_IMG' => phpbb_get_user_avatar($data), 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')), 'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false, - 'RANK_IMG' => $rank_img, - 'RANK_IMG_SRC' => $rank_img_src, + 'RANK_IMG' => $user_rank_data['img'], + 'RANK_IMG_SRC' => $user_rank_data['img_src'], 'S_JABBER_ENABLED' => ($config['jab_enable']) ? true : false, 'S_WARNINGS' => ($auth->acl_getf_global('m_') || $auth->acl_get('m_warn')) ? true : false, @@ -1565,8 +1630,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl 'U_EMAIL' => $email, 'U_JABBER' => ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $user_id) : '', - 'USER_JABBER' => $data['user_jabber'], - 'USER_JABBER_IMG' => ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', + 'USER_JABBER' => ($config['jab_enable']) ? $data['user_jabber'] : '', + 'USER_JABBER_IMG' => ($config['jab_enable'] && $data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', 'L_SEND_EMAIL_USER' => $user->lang('SEND_EMAIL_USER', $username), 'L_CONTACT_USER' => $user->lang('CONTACT_USER', $username), diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 704939b176..254e65ae3d 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -50,7 +50,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) + if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -210,11 +210,6 @@ function send_file_to_browser($attachment, $upload_dir, $category) } } - if ($size) - { - header("Content-Length: $size"); - } - // Close the db connection before sending the file etc. file_gc(false); @@ -238,6 +233,11 @@ function send_file_to_browser($attachment, $upload_dir, $category) exit; } + if ($size) + { + header("Content-Length: $size"); + } + // Try to deliver in chunks @set_time_limit(0); diff --git a/phpBB/includes/functions_mcp.php b/phpBB/includes/functions_mcp.php index 811d49f1de..ed96dcf338 100644 --- a/phpBB/includes/functions_mcp.php +++ b/phpBB/includes/functions_mcp.php @@ -368,7 +368,7 @@ function phpbb_get_pm_data($pm_ids) */ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE') { - global $db, $user, $auth, $template; + global $db, $user, $auth, $template, $phpbb_dispatcher; $sort_days = request_var('st', 0); $min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0; @@ -553,6 +553,56 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by break; } + // Default total to -1 to allow editing by the event + $total = -1; + + /** + * This event allows you to control the SQL query used to get the total number + * of reports the user can access. + * + * This total is used for the pagination and for displaying the total number + * of reports to the user + * + * + * @event core.mcp_sorting_query_before + * @var string sql The current SQL search string + * @var string mode An id related to the module(s) the user is viewing + * @var string type Which kind of information is this being used for displaying. Posts, topics, etc... + * @var int forum_id The forum id of the posts the user is trying to access, if not 0 + * @var int topic_id The topic id of the posts the user is trying to access, if not 0 + * @var int sort_days The max age of the oldest report to be shown, in days + * @var string sort_key The way the user has decided to sort the data. + * The valid values must be in the keys of the sort_by_* variables + * @var string sort_dir Either 'd' for "DESC" or 'a' for 'ASC' in the SQL query + * @var int limit_days The possible max ages of the oldest report for the user to choose, in days. + * @var array sort_by_sql SQL text (values) for the possible names of the ways of sorting data (keys). + * @var array sort_by_text Language text (values) for the possible names of the ways of sorting data (keys). + * @var int min_time Integer with the minimum post time that the user is searching for + * @var int limit_time_sql Time limiting options used in the SQL query. + * @var int total The total number of reports that exist. Only set if you want to override the result + * @var string where_sql Extra information included in the WHERE clause. It must end with "WHERE" or "AND" or "OR". + * Set to "WHERE" and set total above -1 to override the total value + * @since 3.1.4-RC1 + */ + $vars = array( + 'sql', + 'mode', + 'type', + 'forum_id', + 'topic_id', + 'sort_days', + 'sort_key', + 'sort_dir', + 'limit_days', + 'sort_by_sql', + 'sort_by_text', + 'min_time', + 'limit_time_sql', + 'total', + 'where_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_sorting_query_before', compact($vars))); + if (!isset($sort_by_sql[$sort_key])) { $sort_key = $default_key; @@ -584,7 +634,7 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by $total = (int) $db->sql_fetchfield('total'); $db->sql_freeresult($result); } - else + else if ($total < -1) { $total = -1; } diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 045e555d05..fbac3e6f1d 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -510,7 +510,7 @@ class messenger foreach ($address_ary as $which_ary) { - $$type .= (($$type != '') ? ', ' : '') . (($which_ary['name'] != '') ? mail_encode($which_ary['name'], $encode_eol) . ' <' . $which_ary['email'] . '>' : $which_ary['email']); + ${$type} .= ((${$type} != '') ? ', ' : '') . (($which_ary['name'] != '') ? mail_encode($which_ary['name'], $encode_eol) . ' <' . $which_ary['email'] . '>' : $which_ary['email']); } } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 1fdc7ee9ea..a06d6f4c35 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1036,8 +1036,8 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0, $pm_action = '', $ms */ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true) { - global $user, $auth, $db, $template, $bbcode, $cache; - global $config, $phpbb_root_path, $phpEx, $phpbb_container; + global $user, $auth, $db, $template, $cache; + global $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher; $phpbb_content_visibility = $phpbb_container->get('content.visibility'); $sql_sort = ($mode == 'post_review') ? 'ASC' : 'DESC'; @@ -1094,13 +1094,11 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); - $bbcode_bitfield = ''; $rowset = array(); $has_attachments = false; while ($row = $db->sql_fetchrow($result)) { $rowset[$row['post_id']] = $row; - $bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']); if ($row['post_attachment']) { @@ -1109,13 +1107,6 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id } $db->sql_freeresult($result); - // Instantiate BBCode class - if (!isset($bbcode) && $bbcode_bitfield !== '') - { - include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode(base64_encode($bbcode_bitfield)); - } - // Grab extensions $extensions = $attachments = array(); if ($has_attachments && $auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id)) @@ -1176,7 +1167,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id $post_anchor = ($mode == 'post_review') ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id']; $u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "f=$forum_id&t=$topic_id&p={$row['post_id']}&view=show#p{$row['post_id']}"); - $template->assign_block_vars($mode . '_row', array( + $post_row = array( 'POST_AUTHOR_FULL' => get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), @@ -1195,9 +1186,37 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id 'POST_ID' => $row['post_id'], 'U_MINI_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . '#p' . $row['post_id'], 'U_MCP_DETAILS' => ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=post_details&f=' . $forum_id . '&p=' . $row['post_id'], true, $user->session_id) : '', - 'POSTER_QUOTE' => ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '') + 'POSTER_QUOTE' => ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '', ); + $current_row_number = $i; + + /** + * Event to modify the template data block for topic reviews + * + * @event core.topic_review_modify_row + * @var string mode The review mode + * @var int topic_id The topic that is being reviewed + * @var int forum_id The topic's forum + * @var int cur_post_id Post offset id + * @var int current_row_number Number of the current row being iterated + * @var array post_row Template block array of the current post + * @var array row Array with original post and user data + * @since 3.1.4-RC1 + */ + $vars = array( + 'mode', + 'topic_id', + 'forum_id', + 'cur_post_id', + 'current_row_number', + 'post_row', + 'row', + ); + extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_row', compact($vars))); + + $template->assign_block_vars($mode . '_row', $post_row); + // Display not already displayed Attachments for this post, we already parsed them. ;) if (!empty($attachments[$row['post_id']])) { @@ -1825,6 +1844,30 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u break; } + /** + * Modify sql query data for post submitting + * + * @event core.submit_post_modify_sql_data + * @var array data Array with the data for the post + * @var array poll Array with the poll data for the post + * @var string post_mode Variable containing posting mode value + * @var bool sql_data Array with the data for the posting SQL query + * @var string subject Variable containing post subject value + * @var int topic_type Variable containing topic type value + * @var string username Variable containing post author name + * @since 3.1.3-RC1 + */ + $vars = array( + 'data', + 'poll', + 'post_mode', + 'sql_data', + 'subject', + 'topic_type', + 'username', + ); + extract($phpbb_dispatcher->trigger_event('core.submit_post_modify_sql_data', compact($vars))); + // Submit new topic if ($post_mode == 'post') { @@ -2384,6 +2427,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u * @var int topic_type Variable containing topic type value * @var array poll Array with the poll data for the post * @var array data Array with the data for the post + * @var int post_visibility Variable containing up to date post visibility * @var bool update_message Flag indicating if the post will be updated * @var bool update_search_index Flag indicating if the search index will be updated * @var string url The "Return to topic" URL @@ -2399,6 +2443,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u 'topic_type', 'poll', 'data', + 'post_visibility', 'update_message', 'update_search_index', 'url', diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index ad142b1cca..8e1561b842 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -914,6 +914,24 @@ function update_unread_status($unread, $msg_id, $user_id, $folder_id) } } +function mark_folder_read($user_id, $folder_id) +{ + global $db; + + $sql = 'SELECT msg_id + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE folder_id = ' . ((int) $folder_id) . ' + AND user_id = ' . ((int) $user_id) . ' + AND pm_unread = 1'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + update_unread_status(true, $row['msg_id'], $user_id, $folder_id); + } + $db->sql_freeresult($result); +} + /** * Handle all actions possible with marked messages */ @@ -1397,9 +1415,9 @@ function rebuild_header($check_ary) $_types = array('u', 'g'); foreach ($_types as $type) { - if (sizeof($$type)) + if (sizeof(${$type})) { - foreach ($$type as $id) + foreach (${$type} as $id) { $address[$type][$id] = $check_type; } @@ -1939,7 +1957,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) */ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode = false) { - global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth, $bbcode; + global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth; // Select all receipts and the author from the pm we currently view, to only display their pm-history $sql = 'SELECT author_id, user_id @@ -1991,7 +2009,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode $title = $row['message_subject']; $rowset = array(); - $bbcode_bitfield = ''; $folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm') . '&folder='; do @@ -2007,7 +2024,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode else { $rowset[$row['msg_id']] = $row; - $bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']); } } while ($row = $db->sql_fetchrow($result)); @@ -2018,16 +2034,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode return false; } - // Instantiate BBCode class - if ((empty($bbcode) || $bbcode === false) && $bbcode_bitfield !== '') - { - if (!class_exists('bbcode')) - { - include($phpbb_root_path . 'includes/bbcode.' . $phpEx); - } - $bbcode = new bbcode(base64_encode($bbcode_bitfield)); - } - $title = censor_text($title); $url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index e4479f07b0..9cd662027e 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -44,13 +44,13 @@ function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false) $which_ary = ($user_id_ary) ? 'user_id_ary' : 'username_ary'; - if ($$which_ary && !is_array($$which_ary)) + if (${$which_ary} && !is_array(${$which_ary})) { - $$which_ary = array($$which_ary); + ${$which_ary} = array(${$which_ary}); } - $sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', $$which_ary) : array_map('utf8_clean_string', $$which_ary); - unset($$which_ary); + $sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', ${$which_ary}) : array_map('utf8_clean_string', ${$which_ary}); + unset(${$which_ary}); $user_id_ary = $username_ary = array(); @@ -161,9 +161,10 @@ function user_update_name($old_name, $new_name) * * @param mixed $user_row An array containing the following keys (and the appropriate values): username, group_id (the group to place the user in), user_email and the user_type(usually 0). Additional entries not overridden by defaults will be forwarded. * @param string $cp_data custom profile fields, see custom_profile::build_insert_sql_array +* @param array $notifications_data The notifications settings for the new user * @return the new user's ID. */ -function user_add($user_row, $cp_data = false) +function user_add($user_row, $cp_data = false, $notifications_data = null) { global $db, $user, $auth, $config, $phpbb_root_path, $phpEx; global $phpbb_dispatcher, $phpbb_container; @@ -347,6 +348,31 @@ function user_add($user_row, $cp_data = false) set_config('newest_user_colour', $row['group_colour'], true); } + // Use default notifications settings if notifications_data is not set + if ($notifications_data === null) + { + $notifications_data = array( + array( + 'item_type' => 'notification.type.post', + 'method' => 'notification.method.email', + ), + array( + 'item_type' => 'notification.type.topic', + 'method' => 'notification.method.email', + ), + ); + } + + // Subscribe user to notifications if necessary + if (!empty($notifications_data)) + { + $phpbb_notifications = $phpbb_container->get('notification_manager'); + foreach ($notifications_data as $subscription) + { + $phpbb_notifications->add_subscription($subscription['item_type'], 0, $subscription['method'], $user_id); + } + } + /** * Event that returns user id, user detals and user CPF of newly registared user * @@ -372,7 +398,7 @@ function user_add($user_row, $cp_data = false) */ function user_delete($mode, $user_ids, $retain_username = true) { - global $cache, $config, $db, $user, $phpbb_dispatcher; + global $cache, $config, $db, $user, $phpbb_dispatcher, $phpbb_container; global $phpbb_root_path, $phpEx; $db->sql_transaction('begin'); @@ -646,6 +672,9 @@ function user_delete($mode, $user_ids, $retain_username = true) } phpbb_delete_users_pms($user_ids); + $phpbb_notifications = $phpbb_container->get('notification_manager'); + $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_ids); + $db->sql_transaction('commit'); /** @@ -677,7 +706,7 @@ function user_delete($mode, $user_ids, $retain_username = true) */ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) { - global $config, $db, $user, $auth; + global $config, $db, $user, $auth, $phpbb_dispatcher; $deactivated = $activated = 0; $sql_statements = array(); @@ -730,6 +759,21 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) } $db->sql_freeresult($result); + /** + * Check or modify activated/deactivated users data before submitting it to the database + * + * @event core.user_active_flip_before + * @var string mode User type changing mode, can be: flip|activate|deactivate + * @var int reason Reason for changing user type, can be: INACTIVE_REGISTER|INACTIVE_PROFILE|INACTIVE_MANUAL|INACTIVE_REMIND + * @var int activated The number of users to be activated + * @var int deactivated The number of users to be deactivated + * @var array user_id_ary Array with user ids to change user type + * @var array sql_statements Array with users data to submit to the database, keys: user ids, values: arrays with user data + * @since 3.1.4-RC1 + */ + $vars = array('mode', 'reason', 'activated', 'deactivated', 'user_id_ary', 'sql_statements'); + extract($phpbb_dispatcher->trigger_event('core.user_active_flip_before', compact($vars))); + if (sizeof($sql_statements)) { foreach ($sql_statements as $user_id => $sql_ary) @@ -743,6 +787,21 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) $auth->acl_clear_prefetch(array_keys($sql_statements)); } + /** + * Perform additional actions after the users have been activated/deactivated + * + * @event core.user_active_flip_after + * @var string mode User type changing mode, can be: flip|activate|deactivate + * @var int reason Reason for changing user type, can be: INACTIVE_REGISTER|INACTIVE_PROFILE|INACTIVE_MANUAL|INACTIVE_REMIND + * @var int activated The number of users to be activated + * @var int deactivated The number of users to be deactivated + * @var array user_id_ary Array with user ids to change user type + * @var array sql_statements Array with users data to submit to the database, keys: user ids, values: arrays with user data + * @since 3.1.4-RC1 + */ + $vars = array('mode', 'reason', 'activated', 'deactivated', 'user_id_ary', 'sql_statements'); + extract($phpbb_dispatcher->trigger_event('core.user_active_flip_after', compact($vars))); + if ($deactivated) { set_config_count('num_users', $deactivated * (-1), true); diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index e6fac3b80c..4d2151fded 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -25,7 +25,7 @@ class mcp_ban function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; + global $db, $user, $auth, $template, $request, $phpbb_dispatcher; global $phpbb_root_path, $phpEx; include($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -33,55 +33,133 @@ class mcp_ban // Include the admin banning interface... include($phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx); - $bansubmit = (isset($_POST['bansubmit'])) ? true : false; - $unbansubmit = (isset($_POST['unbansubmit'])) ? true : false; - $current_time = time(); + $bansubmit = $request->is_set_post('bansubmit'); + $unbansubmit = $request->is_set_post('unbansubmit'); $user->add_lang(array('acp/ban', 'acp/users')); $this->tpl_name = 'mcp_ban'; + /** + * Use this event to pass perform actions when a ban is issued or revoked + * + * @event core.mcp_ban_main + * @var bool bansubmit True if a ban is issued + * @var bool unbansubmit True if a ban is removed + * @var string mode Mode of the ban that is being worked on + * @since 3.1.0-RC5 + */ + $vars = array( + 'bansubmit', + 'unbansubmit', + 'mode', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_main', compact($vars))); + // Ban submitted? if ($bansubmit) { // Grab the list of entries - $ban = request_var('ban', '', ($mode === 'user') ? true : false); - - if ($mode === 'user') - { - $ban = utf8_normalize_nfc($ban); - } - - $ban_len = request_var('banlength', 0); - $ban_len_other = request_var('banlengthother', ''); - $ban_exclude = request_var('banexclude', 0); - $ban_reason = utf8_normalize_nfc(request_var('banreason', '', true)); - $ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true)); + $ban = $request->variable('ban', '', $mode === 'user'); + $ban_length = $request->variable('banlength', 0); + $ban_length_other = $request->variable('banlengthother', ''); + $ban_exclude = $request->variable('banexclude', 0); + $ban_reason = $request->variable('banreason', '', true); + $ban_give_reason = $request->variable('bangivereason', '', true); if ($ban) { if (confirm_box(true)) { - user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason); + $abort_ban = false; + /** + * Use this event to modify the ban details before the ban is performed + * + * @event core.mcp_ban_before + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @var mixed abort_ban Either false, or an error message that is displayed to the user. + * If a string is given the bans are not issued. + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + 'abort_ban', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_before', compact($vars))); + + if ($abort_ban) + { + trigger_error($abort_ban); + } + user_ban($mode, $ban, $ban_length, $ban_length_other, $ban_exclude, $ban_reason, $ban_give_reason); + + /** + * Use this event to perform actions after the ban has been performed + * + * @event core.mcp_ban_after + * @var string mode One of the following: user, ip, email + * @var string ban Either string or array with usernames, ips or email addresses + * @var int ban_length Ban length in minutes + * @var string ban_length_other Ban length as a date (YYYY-MM-DD) + * @var bool ban_exclude Are we banning or excluding from another ban + * @var string ban_reason Ban reason displayed to moderators + * @var string ban_give_reason Ban reason displayed to the banned user + * @since 3.1.0-RC5 + */ + $vars = array( + 'mode', + 'ban', + 'ban_length', + 'ban_length_other', + 'ban_exclude', + 'ban_reason', + 'ban_give_reason', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_after', compact($vars))); trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'); } else { - confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + $hidden_fields = array( 'mode' => $mode, 'ban' => $ban, 'bansubmit' => true, - 'banlength' => $ban_len, - 'banlengthother' => $ban_len_other, + 'banlength' => $ban_length, + 'banlengthother' => $ban_length_other, 'banexclude' => $ban_exclude, 'banreason' => $ban_reason, - 'bangivereason' => $ban_give_reason))); + 'bangivereason' => $ban_give_reason, + ); + + /** + * Use this event to pass data from the ban form to the confirmation screen + * + * @event core.mcp_ban_confirm + * @var array hidden_fields Hidden fields that are passed through the confirm screen + * @since 3.1.0-RC5 + */ + $vars = array('hidden_fields'); + extract($phpbb_dispatcher->trigger_event('core.mcp_ban_confirm', compact($vars))); + + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($hidden_fields)); } } } else if ($unbansubmit) { - $ban = request_var('unban', array('')); + $ban = $request->variable('unban', array('')); if ($ban) { @@ -157,9 +235,9 @@ class mcp_ban } // As a "service" we will check if any post id is specified and populate the username of the poster id if given - $post_id = request_var('p', 0); - $user_id = request_var('u', 0); - $username = $pre_fill = false; + $post_id = $request->variable('p', 0); + $user_id = $request->variable('u', 0); + $pre_fill = false; if ($user_id && $user_id <> ANONYMOUS) { diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index 0c6acaa908..c18ca1aa1d 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -165,6 +165,22 @@ function mcp_forum_view($id, $mode, $action, $forum_info) AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.') . " $limit_time_sql ORDER BY t.topic_type DESC, $sort_order_sql"; + + /** + * Modify SQL query before MCP forum view topic list is queried + * + * @event core.mcp_view_forum_modify_sql + * @var string sql SQL query for forum view topic list + * @var int forum_id ID of the forum + * @var string limit_time_sql SQL query part for limit time + * @var string sort_order_sql SQL query part for sort order + * @var int topics_per_page Number of topics per page + * @var int start Start value + * @since 3.1.2-RC1 + */ + $vars = array('sql', 'forum_id', 'limit_time_sql', 'sort_order_sql', 'topics_per_page', 'start'); + extract($phpbb_dispatcher->trigger_event('core.mcp_view_forum_modify_sql', compact($vars))); + $result = $db->sql_query_limit($sql, $topics_per_page, $start); $topic_list = $topic_tracking_info = array(); diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index ebcf7ce643..500db55456 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -234,6 +234,7 @@ function mcp_front_view($id, $mode, $action) 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', )); } + $db->sql_freeresult($result); } $template->assign_vars(array( @@ -290,6 +291,7 @@ function mcp_front_view($id, $mode, $action) $pm_by_id[(int) $row['msg_id']] = $row; $pm_list[] = (int) $row['msg_id']; } + $db->sql_freeresult($result); $address_list = get_recipient_strings($pm_by_id); diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php index 92dcdb5499..9c76f0df90 100644 --- a/phpBB/includes/mcp/mcp_logs.php +++ b/phpBB/includes/mcp/mcp_logs.php @@ -137,7 +137,7 @@ class mcp_logs if ($mode == 'topic_logs') { - $conditions['topic_logs'] = $topic_id; + $conditions['topic_id'] = $topic_id; } $phpbb_log->delete('mod', $conditions); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index 74bf687fc8..1241b8bd0e 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -754,7 +754,8 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' { global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container; - if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_delete'))) + $check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete'; + if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array($check_permission))) { return; } @@ -812,8 +813,17 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' $user->add_lang('posting'); + // If there are only shadow topics, we neither need a reason nor softdelete + $sql = 'SELECT topic_id + FROM ' . TOPICS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . ' + AND topic_moved_id = 0'; + $result = $db->sql_query_limit($sql, 1); + $only_shadow = !$db->sql_fetchfield('topic_id'); + $db->sql_freeresult($result); + $only_softdeleted = false; - if ($auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id)) + if (!$only_shadow && $auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id)) { // If there are only soft deleted topics, we display a message why the option is not available $sql = 'SELECT topic_id @@ -826,6 +836,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' } $template->assign_vars(array( + 'S_SHADOW_TOPICS' => $only_shadow, 'S_SOFTDELETED' => $only_softdeleted, 'S_TOPIC_MODE' => true, 'S_ALLOWED_DELETE' => $auth->acl_get('m_delete', $forum_id), @@ -838,7 +849,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' $l_confirm .= '_PERMANENTLY'; $s_hidden_fields['delete_permanent'] = '1'; } - else if (!$auth->acl_get('m_softdelete', $forum_id)) + else if ($only_shadow || !$auth->acl_get('m_softdelete', $forum_id)) { $s_hidden_fields['delete_permanent'] = '1'; } @@ -882,7 +893,8 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '', { global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container; - if (!phpbb_check_ids($post_ids, POSTS_TABLE, 'post_id', array('m_softdelete'))) + $check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete'; + if (!phpbb_check_ids($post_ids, POSTS_TABLE, 'post_id', array($check_permission))) { return; } @@ -1264,6 +1276,7 @@ function mcp_fork_topic($topic_ids) $db->sql_query('INSERT INTO ' . POLL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); } + $db->sql_freeresult($result); } $sql = 'SELECT * diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index bfd30a5be2..82c3bc9ab0 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -616,7 +616,7 @@ class mcp_queue */ static public function approve_posts($action, $post_id_list, $id, $mode) { - global $db, $template, $user, $config, $request, $phpbb_container; + global $db, $template, $user, $config, $request, $phpbb_container, $phpbb_dispatcher; global $phpEx, $phpbb_root_path; if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) @@ -745,11 +745,11 @@ class mcp_queue if (!$post_data['topic_posts_approved']) { - $phpbb_notifications->add_notifications('notification.type.approve_post', $post_data); + $phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data); } else { - $phpbb_notifications->add_notifications('notification.type.approve_topic', $post_data); + $phpbb_notifications->add_notifications('notification.type.approve_post', $post_data); } } } @@ -764,6 +764,30 @@ class mcp_queue $success_msg = (sizeof($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS'; } + /** + * Perform additional actions during post(s) approval + * + * @event core.approve_posts_after + * @var string action Variable containing the action we perform on the posts ('approve' or 'restore') + * @var array post_info Array containing info for all posts being approved + * @var array topic_info Array containing info for all parent topics of the posts + * @var int num_topics Variable containing number of topics + * @var bool notify_poster Variable telling if the post should be notified or not + * @var string success_msg Variable containing the language key for the success message + * @var string redirect Variable containing the redirect url + * @since 3.1.4-RC1 + */ + $vars = array( + 'action', + 'post_info', + 'topic_info', + 'num_topics', + 'notify_poster', + 'success_msg', + 'redirect', + ); + extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars))); + meta_refresh(3, $redirect); $message = $user->lang[$success_msg]; @@ -840,7 +864,7 @@ class mcp_queue static public function approve_topics($action, $topic_id_list, $id, $mode) { global $db, $template, $user, $config; - global $phpEx, $phpbb_root_path, $request, $phpbb_container; + global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher; if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve'))) { @@ -945,6 +969,28 @@ class mcp_queue } } + /** + * Perform additional actions during topics(s) approval + * + * @event core.approve_topics_after + * @var string action Variable containing the action we perform on the posts ('approve' or 'restore') + * @var mixed topic_info Array containing info for all topics being approved + * @var array first_post_ids Array containing ids of all first posts + * @var bool notify_poster Variable telling if the poster should be notified or not + * @var string success_msg Variable containing the language key for the success message + * @var string redirect Variable containing the redirect url + * @since 3.1.4-RC1 + */ + $vars = array( + 'action', + 'topic_info', + 'first_post_ids', + 'notify_poster', + 'success_msg', + 'redirect', + ); + extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars))); + meta_refresh(3, $redirect); $message = $user->lang[$success_msg]; @@ -1008,7 +1054,7 @@ class mcp_queue */ static public function disapprove_posts($post_id_list, $id, $mode) { - global $db, $template, $user, $config, $phpbb_container; + global $db, $template, $user, $config, $phpbb_container, $phpbb_dispatcher; global $phpEx, $phpbb_root_path, $request; if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) @@ -1239,8 +1285,6 @@ class mcp_queue } } - unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang); - if ($num_disapproved_topics) { $success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS'; @@ -1275,6 +1319,44 @@ class mcp_queue } } + /** + * Perform additional actions during post(s) disapproval + * + * @event core.disapprove_posts_after + * @var array post_info Array containing info for all posts being disapproved + * @var array topic_information Array containing information for the topics + * @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them + * @var array post_disapprove_list Array containing list of posts and their topic id + * @var int num_disapproved_topics Variable containing the number of disapproved topics + * @var int num_disapproved_posts Variable containing the number of disapproved posts + * @var array lang_reasons Array containing the language keys for reasons + * @var string disapprove_reason Variable containing the language key for the success message + * @var string disapprove_reason_lang Variable containing the language key for the success message + * @var bool is_disapproving Variable telling if anything is going to be disapproved + * @var bool notify_poster Variable telling if the post should be notified or not + * @var string success_msg Variable containing the language key for the success message + * @var string redirect Variable containing the redirect url + * @since 3.1.4-RC1 + */ + $vars = array( + 'post_info', + 'topic_information', + 'topic_posts_unapproved', + 'post_disapprove_list', + 'num_disapproved_topics', + 'num_disapproved_posts', + 'lang_reasons', + 'disapprove_reason', + 'disapprove_reason_lang', + 'is_disapproving', + 'notify_poster', + 'success_msg', + 'redirect', + ); + extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars))); + + unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang); + meta_refresh(3, $redirect); $message = $user->lang[$success_msg]; diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 1698b080c9..8347830d0f 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -25,7 +25,7 @@ if (!defined('IN_PHPBB')) function mcp_topic_view($id, $mode, $action) { global $phpEx, $phpbb_root_path, $config; - global $template, $db, $user, $auth, $cache, $phpbb_container; + global $template, $db, $user, $auth, $cache, $phpbb_container, $phpbb_dispatcher; $url = append_sid("{$phpbb_root_path}mcp.$phpEx?" . phpbb_extra_url()); @@ -147,21 +147,13 @@ function mcp_topic_view($id, $mode, $action) $result = $db->sql_query_limit($sql, $posts_per_page, $start); $rowset = $post_id_list = array(); - $bbcode_bitfield = ''; while ($row = $db->sql_fetchrow($result)) { $rowset[] = $row; $post_id_list[] = $row['post_id']; - $bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']); } $db->sql_freeresult($result); - if ($bbcode_bitfield !== '') - { - include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode(base64_encode($bbcode_bitfield)); - } - $topic_tracking_info = array(); // Get topic tracking info @@ -228,7 +220,7 @@ function mcp_topic_view($id, $mode, $action) $post_unread = (isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id]) ? true : false; - $template->assign_block_vars('postrow', array( + $post_row = array( 'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), @@ -250,9 +242,43 @@ function mcp_topic_view($id, $mode, $action) 'U_POST_DETAILS' => "$url&i=$id&p={$row['post_id']}&mode=post_details" . (($forum_id) ? "&f=$forum_id" : ''), 'U_MCP_APPROVE' => ($auth->acl_get('m_approve', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '', - 'U_MCP_REPORT' => ($auth->acl_get('m_report', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '') + 'U_MCP_REPORT' => ($auth->acl_get('m_report', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '', ); + $current_row_number = $i; + + /** + * Event to modify the template data block for topic reviews in the MCP + * + * @event core.mcp_topic_review_modify_row + * @var int id ID of the tab we are displaying + * @var string mode Mode of the MCP page we are displaying + * @var int topic_id The topic ID we are currently reviewing + * @var int forum_id The forum ID we are currently in + * @var int start Start item of this page + * @var int current_row_number Number of the post on this page + * @var array post_row Template block array of the current post + * @var array row Array with original post and user data + * @var array topic_info Array with topic data + * @var int total Total posts count + * @since 3.1.4-RC1 + */ + $vars = array( + 'id', + 'mode', + 'topic_id', + 'forum_id', + 'start', + 'current_row_number', + 'post_row', + 'row', + 'topic_info', + 'total', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_topic_review_modify_row', compact($vars))); + + $template->assign_block_vars('postrow', $post_row); + // Display not already displayed Attachments for this post, we already parsed them. ;) if (!empty($attachments[$row['post_id']])) { diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index 106b025757..d724b8703b 100644 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -332,16 +332,16 @@ class mcp_warn // We want to make the message available here as a reminder // Parse the message and subject - $parse_flags = OPTION_FLAG_SMILIES | ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); + $parse_flags = OPTION_FLAG_SMILIES | ($user_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0); $message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true); // Generate the appropriate user information for the user we are looking at - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); $avatar_img = phpbb_get_user_avatar($user_row); $template->assign_vars(array( @@ -350,13 +350,13 @@ class mcp_warn 'POST' => $message, 'USERNAME' => $user_row['username'], 'USER_COLOR' => (!empty($user_row['user_colour'])) ? $user_row['user_colour'] : '', - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($user_row['user_regdate']), 'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, 'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, 'AVATAR_IMG' => $avatar_img, - 'RANK_IMG' => $rank_img, + 'RANK_IMG' => $user_rank_data['img'], 'L_WARNING_POST_DEFAULT' => sprintf($user->lang['WARNING_POST_DEFAULT'], generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&p=$post_id#p$post_id"), @@ -486,18 +486,18 @@ class mcp_warn } // Generate the appropriate user information for the user we are looking at - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $rank_title, $rank_img, $rank_img_src); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); $avatar_img = phpbb_get_user_avatar($user_row); // OK, they didn't submit a warning so lets build the page for them to do so $template->assign_vars(array( 'U_POST_ACTION' => $this->u_action, - 'RANK_TITLE' => $rank_title, + 'RANK_TITLE' => $user_rank_data['title'], 'JOINED' => $user->format_date($user_row['user_regdate']), 'POSTS' => ($user_row['user_posts']) ? $user_row['user_posts'] : 0, 'WARNINGS' => ($user_row['user_warnings']) ? $user_row['user_warnings'] : 0, @@ -508,7 +508,7 @@ class mcp_warn 'U_PROFILE' => get_username_string('profile', $user_row['user_id'], $user_row['username'], $user_row['user_colour']), 'AVATAR_IMG' => $avatar_img, - 'RANK_IMG' => $rank_img, + 'RANK_IMG' => $user_rank_data['img'], 'S_CAN_NOTIFY' => $s_can_notify, )); diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 92ace7b585..04a2726d22 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -313,7 +313,7 @@ class bbcode_firstpass extends bbcode $in = str_replace(' ', '%20', $in); // Checking urls - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) + if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) { return '[img]' . $in . '[/img]'; } @@ -381,8 +381,8 @@ class bbcode_firstpass extends bbcode $in = str_replace(' ', '%20', $in); // Make sure $in is a URL. - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && - !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) + if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && + !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) { return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; } @@ -973,9 +973,9 @@ class bbcode_firstpass extends bbcode $url = str_replace(' ', '%20', $url); // Checking urls - if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) || - preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) || - preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url)) + if (preg_match('#^' . get_preg_expression('url') . '$#iu', $url) || + preg_match('#^' . get_preg_expression('www_url') . '$#iu', $url) || + preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#iu', $url)) { $valid = true; } @@ -1103,7 +1103,7 @@ class parse_message extends bbcode_firstpass */ function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') { - global $config, $db, $user; + global $config, $db, $user, $phpbb_dispatcher; $this->mode = $mode; @@ -1158,6 +1158,58 @@ class parse_message extends bbcode_firstpass } } + /** + * This event can be used for additional message checks/cleanup before parsing + * + * @event core.message_parser_check_message + * @var bool allow_bbcode Do we allow BBCodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool allow_img_bbcode Do we allow image BBCode + * @var bool allow_flash_bbcode Do we allow flash BBCode + * @var bool allow_quote_bbcode Do we allow quote BBCode + * @var bool allow_url_bbcode Do we allow url BBCode + * @var bool update_this_message Do we alter the parsed message + * @var string mode Posting mode + * @var string message The message text to parse + * @var string bbcode_bitfield The bbcode_bitfield before parsing + * @var string bbcode_uid The bbcode_uid before parsing + * @var bool return Do we return after the event is triggered if $warn_msg is not empty + * @var array warn_msg Array of the warning messages + * @since 3.1.2-RC1 + * @change 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid + */ + $message = $this->message; + $warn_msg = $this->warn_msg; + $return = false; + $bbcode_bitfield = $this->bbcode_bitfield; + $bbcode_uid = $this->bbcode_uid; + $vars = array( + 'allow_bbcode', + 'allow_magic_url', + 'allow_smilies', + 'allow_img_bbcode', + 'allow_flash_bbcode', + 'allow_quote_bbcode', + 'allow_url_bbcode', + 'update_this_message', + 'mode', + 'message', + 'bbcode_bitfield', + 'bbcode_uid', + 'return', + 'warn_msg', + ); + extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars))); + $this->message = $message; + $this->warn_msg = $warn_msg; + $this->bbcode_bitfield = $bbcode_bitfield; + $this->bbcode_uid = $bbcode_uid; + if ($return && !empty($this->warn_msg)) + { + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + // Prepare BBcode (just prepares some tags for better parsing) if ($allow_bbcode && strpos($this->message, '[') !== false) { diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index 50fcd11bee..2885c80541 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -69,31 +69,13 @@ function deregister_globals() { if (isset($not_unset[$varname])) { - // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) - if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) + // Hacking attempt. No point in continuing. + if (isset($_COOKIE[$varname])) { - exit; - } - else - { - $cookie = &$_COOKIE; - while (isset($cookie['GLOBALS'])) - { - if (!is_array($cookie['GLOBALS'])) - { - break; - } - - foreach ($cookie['GLOBALS'] as $registered_var => $value) - { - if (!isset($not_unset[$registered_var])) - { - unset($GLOBALS[$registered_var]); - } - } - $cookie = &$cookie['GLOBALS']; - } + echo "Clear your cookies. "; } + echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals."; + exit; } unset($GLOBALS[$varname]); diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index a595ce46c3..748f0fdec2 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -34,11 +34,12 @@ class ucp_auth_link */ public function main($id, $mode) { - global $config, $request, $template, $phpbb_container, $user; + global $request, $template, $phpbb_container, $user; $error = array(); - $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider(); // confirm that the auth provider supports this page $provider_data = $auth_provider->get_auth_link_data(); diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 5ca5df00f7..bfe4804286 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -39,7 +39,7 @@ class ucp_login_link */ function main($id, $mode) { - global $config, $phpbb_container, $request, $template, $user; + global $phpbb_container, $request, $template, $user; global $phpbb_root_path, $phpEx; // Initialize necessary variables @@ -57,8 +57,8 @@ class ucp_login_link } // Use the auth_provider requested even if different from configured - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); // Set the link_method to login_link $data['link_method'] = 'login_link'; @@ -75,7 +75,7 @@ class ucp_login_link { if ($request->is_set_post('login')) { - $login_username = $request->variable('login_username', '', false, \phpbb\request\request_interface::POST); + $login_username = $request->variable('login_username', '', true, \phpbb\request\request_interface::POST); $login_password = $request->untrimmed_variable('login_password', '', true, \phpbb\request\request_interface::POST); $login_result = $auth_provider->login($login_username, $login_password); diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index 5691302b83..b0aeaba227 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -95,35 +95,25 @@ class ucp_notifications case 'notification_list': default: // Mark all items read - if ($request->variable('mark', '') == 'all' && (confirm_box(true) || check_link_hash($request->variable('token', ''), 'mark_all_notifications_read'))) + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) { - if (confirm_box(true)) - { - $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - - meta_refresh(3, $this->u_action); - $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; + $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - if ($request->is_ajax()) - { - $json_response = new \phpbb\json_response(); - $json_response->send(array( - 'MESSAGE_TITLE' => $user->lang['INFORMATION'], - 'MESSAGE_TEXT' => $message, - 'success' => true, - )); - } - $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + meta_refresh(3, $this->u_action); + $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; - trigger_error($message); - } - else + if ($request->is_ajax()) { - confirm_box(false, 'NOTIFICATIONS_MARK_ALL_READ', build_hidden_fields(array( - 'mark' => 'all', - 'form_time' => $form_time, - ))); + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); } // Mark specific notifications read diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 7a8c694870..425a56cf6c 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -45,7 +45,7 @@ class ucp_pm function main($id, $mode) { - global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config; + global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request; if (!$user->data['is_registered']) { @@ -246,6 +246,27 @@ class ucp_pm $folder_id = (int) $row['folder_id']; } + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) + { + mark_folder_read($user->data['user_id'], $folder_id); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PM_MARK_ALL_READ_SUCCESS']; + + if ($request->is_ajax()) + { + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); + } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); + } + $message_row = array(); if ($action == 'view_message' && $msg_id) { @@ -332,6 +353,7 @@ class ucp_pm 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, + 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false, 'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false, diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 01c2041f42..51018e3a5d 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -27,8 +27,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user, $cache; global $phpbb_root_path, $phpEx, $config; - global $request; - global $phpbb_container; + global $request, $phpbb_dispatcher, $phpbb_container; // Damn php and globals - i know, this is horrible // Needed for handle_message_list_actions() @@ -91,6 +90,32 @@ function compose_pm($id, $mode, $action, $user_folders = array()) // we include the language file here $user->add_lang('viewtopic'); + /** + * Modify the default vars before composing a PM + * + * @event core.ucp_pm_compose_modify_data + * @var int msg_id post_id in the page request + * @var int to_user_id The id of whom the message is to + * @var int to_group_id The id of the group the message is to + * @var bool submit Whether the form has been submitted + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete Whether the user is deleting the PM + * @var int reply_to_all Value of reply_to_all request variable. + * @since 3.1.4-RC1 + */ + $vars = array( + 'msg_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_data', compact($vars))); + // Output PM_TO box if message composing if ($action != 'edit') { @@ -233,6 +258,42 @@ function compose_pm($id, $mode, $action, $user_folders = array()) if ($sql) { + /** + * Alter sql query to get message for user to write the PM + * + * @event core.ucp_pm_compose_compose_pm_basic_info_query_before + * @var string sql String with the query to be executed + * @var array forum_list List of forums that contain the posts + * @var int visibility_const Integer with one of the possible ITEM_* constant values + * @var int msg_id topic_id in the page request + * @var int to_user_id The id of whom the message is to + * @var int to_group_id The id of the group whom the message is to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete Whether the user is deleting the PM + * @var int reply_to_all Value of reply_to_all request variable. + * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) + * @var string sort_order_sql String with the ORDER BY SQL code used in this query + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'forum_list', + 'visibility_const', + 'msg_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + 'limit_time_sql', + 'sort_order_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars))); + $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -267,6 +328,40 @@ function compose_pm($id, $mode, $action, $user_folders = array()) trigger_error('NOT_AUTHORISED'); } + /** + * Get the result of querying for the post to be quoted in the pm message + * + * @event core.ucp_pm_compose_quotepost_query_after + * @var string sql The original SQL used in the query + * @var array post Associative array with the data of the quoted post + * @var array msg_id The post_id that was searched to get the message for quoting + * @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values) + * @var int topic_id Topic ID of the quoted post + * @var int to_user_id Users the message is sent to + * @var int to_group_id Groups the message is sent to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete If deleting message + * @var int reply_to_all Value of reply_to_all request variable. + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'post', + 'msg_id', + 'visibility_const', + 'topic_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars))); + // Passworded forum? if ($post['forum_id']) { diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index d5a1dbae87..d81c4ce7fe 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -53,15 +53,6 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) // Grab icons $icons = $cache->obtain_icons(); - $bbcode = false; - - // Instantiate BBCode if need be - if ($message_row['bbcode_bitfield']) - { - include($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode($message_row['bbcode_bitfield']); - } - // Load the custom profile fields if ($config['load_cpf_pm']) { @@ -197,7 +188,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id); } - if ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) + if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) { $u_jabber = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id); } @@ -213,6 +204,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], + 'U_AUTHOR_POSTS' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$author_id&sr=posts") : '', 'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])), 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), @@ -403,12 +395,15 @@ function get_user_information($user_id, $user_row) $user_row['avatar'] = ($user->optionget('viewavatars')) ? phpbb_get_user_avatar($user_row) : ''; - if (!function_exists('get_user_rank')) + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); + $user_row['rank_title'] = $user_rank_data['title']; + $user_row['rank_image'] = $user_rank_data['img']; + $user_row['rank_image_src'] = $user_rank_data['img_src']; if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index 2195500b57..1d3fb19f67 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -67,9 +67,11 @@ class ucp_prefs * @var bool submit Do we display the form only * or did the user press submit * @var array data Array with current ucp options data + * @var array error Array with list of errors * @since 3.1.0-a1 + * @changed 3.1.4-rc1 Added error variable to the event */ - $vars = array('submit', 'data'); + $vars = array('submit', 'data', 'error'); extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_data', compact($vars))); if ($submit) @@ -83,11 +85,11 @@ class ucp_prefs $data['user_style'] = (int) $user->data['user_style']; } - $error = validate_data($data, array( + $error = array_merge(validate_data($data, array( 'dateformat' => array('string', false, 1, 30), 'lang' => array('language_iso_name'), 'tz' => array('timezone'), - )); + )), $error); if (!check_form_key('ucp_prefs_personal')) { diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 361dc831aa..8d8d42e742 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -32,7 +32,7 @@ class ucp_profile function main($id, $mode) { global $cache, $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; $user->add_lang('posting'); @@ -54,6 +54,17 @@ class ucp_profile 'password_confirm' => $request->variable('password_confirm', '', true), ); + /** + * Modify user registration data on editing account settings in UCP + * + * @event core.ucp_profile_reg_details_data + * @var array data Array with current or updated user registration data + * @var bool submit Flag indicating if submit button has been pressed + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_reg_details_data', compact($vars))); + add_form_key('ucp_reg_details'); if ($submit) @@ -103,6 +114,18 @@ class ucp_profile $error[] = 'FORM_INVALID'; } + /** + * Validate user data on editing registration data in UCP + * + * @event core.ucp_profile_reg_details_validate + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @var array error Array of any generated errors + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_reg_details_validate', compact($vars))); + if (!sizeof($error)) { $sql_ary = array( @@ -200,6 +223,17 @@ class ucp_profile $sql_ary['user_newpasswd'] = ''; } + /** + * Modify user registration data before submitting it to the database + * + * @event core.ucp_profile_reg_details_sql_ary + * @var array data Array with current or updated user registration data + * @var array sql_ary Array with user registration data to submit to the database + * @since 3.1.4-RC1 + */ + $vars = array('data', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_reg_details_sql_ary', compact($vars))); + if (sizeof($sql_ary)) { $sql = 'UPDATE ' . USERS_TABLE . ' @@ -285,6 +319,17 @@ class ucp_profile $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); } + /** + * Modify user data on editing profile in UCP + * + * @event core.ucp_profile_modify_profile_info + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_modify_profile_info', compact($vars))); + add_form_key('ucp_profile_info'); if ($submit) @@ -320,6 +365,18 @@ class ucp_profile $error[] = 'FORM_INVALID'; } + /** + * Validate user data on editing profile in UCP + * + * @event core.ucp_profile_validate_profile_info + * @var array data Array with user profile data + * @var bool submit Flag indicating if submit button has been pressed + * @var array error Array of any generated errors + * @since 3.1.4-RC1 + */ + $vars = array('data', 'submit', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_validate_profile_info', compact($vars))); + if (!sizeof($error)) { $data['notify'] = $user->data['user_notify_type']; @@ -341,6 +398,18 @@ class ucp_profile $sql_ary['user_birthday'] = $data['user_birthday']; } + /** + * Modify profile data in UCP before submitting to the database + * + * @event core.ucp_profile_info_modify_sql_ary + * @var array cp_data Array with the user custom profile fields data + * @var array data Array with user profile data + * @var array sql_ary user options data we update + * @since 3.1.4-RC1 + */ + $vars = array('cp_data', 'data', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_info_modify_sql_ary', compact($vars))); + $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; @@ -655,9 +724,14 @@ class ucp_profile { if (!empty($keys)) { + foreach ($keys as $key => $id) + { + $keys[$key] = $db->sql_like_expression($id . $db->get_any_char()); + } + $sql_where = '(key_id ' . implode(' OR key_id ', $keys) . ')'; $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' WHERE user_id = ' . (int) $user->data['user_id'] . ' - AND ' . $db->sql_in_set('key_id', $keys) ; + AND ' . $sql_where ; $db->sql_query($sql); @@ -681,7 +755,7 @@ class ucp_profile while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('sessions', array( - 'KEY' => $row['key_id'], + 'KEY' => substr($row['key_id'], 0, 8), 'IP' => $row['last_ip'], 'LOGIN_TIME' => $user->format_date($row['last_login']), )); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 9a15967bae..0ee45b0706 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -30,10 +30,11 @@ class ucp_register function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; - global $request, $phpbb_container; + global $request, $phpbb_container, $phpbb_dispatcher; // - if ($config['require_activation'] == USER_ACTIVATION_DISABLE) + if ($config['require_activation'] == USER_ACTIVATION_DISABLE || + (in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN)) && !$config['email_enable'])) { trigger_error('UCP_REGISTER_DISABLE'); } @@ -87,8 +88,8 @@ class ucp_register if (!empty($login_link_data)) { // Confirm that we have all necessary data - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); $result = $auth_provider->login_link_has_necessary_data($login_link_data); if ($result !== null) @@ -196,6 +197,19 @@ class ucp_register 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', $timezone), ); + /** + * Add UCP register data before they are assigned to the template or submitted + * + * To assign data to the template, use $template->assign_vars() + * + * @event core.ucp_register_data_before + * @var bool submit Do we display the form only + * or did the user press submit + * @var array data Array with current ucp registration data + * @since 3.1.4-RC1 + */ + $vars = array('submit', 'data'); + extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_before', compact($vars))); // Check and initialize some variables if needed if ($submit) @@ -256,6 +270,19 @@ class ucp_register $error[] = $user->lang['NEW_PASSWORD_ERROR']; } } + /** + * Check UCP registration data after they are submitted + * + * @event core.ucp_register_data_after + * @var bool submit Do we display the form only + * or did the user press submit + * @var array data Array with current ucp registration data + * @var array cp_data Array with custom profile fields data + * @var array error Array with list of errors + * @since 3.1.4-RC1 + */ + $vars = array('submit', 'data', 'cp_data', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_after', compact($vars))); if (!sizeof($error)) { @@ -318,6 +345,20 @@ class ucp_register { $user_row['user_new'] = 1; } + /** + * Add into $user_row before user_add + * + * user_add allows adding more data into the users table + * + * @event core.ucp_register_user_row_after + * @var bool submit Do we display the form only + * or did the user press submit + * @var array cp_data Array with custom profile fields data + * @var array user_row Array with current ucp registration data + * @since 3.1.4-RC1 + */ + $vars = array('submit', 'cp_data', 'user_row'); + extract($phpbb_dispatcher->trigger_event('core.ucp_register_user_row_after', compact($vars))); // Register user... $user_id = user_add($user_row, $cp_data); |