aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_board.php2
-rw-r--r--phpBB/includes/acp/acp_captcha.php2
-rw-r--r--phpBB/includes/acp/acp_styles.php7
-rw-r--r--phpBB/includes/acp/acp_users.php59
-rw-r--r--phpBB/includes/functions.php14
-rw-r--r--phpBB/includes/functions_acp.php8
-rw-r--r--phpBB/includes/functions_messenger.php6
-rw-r--r--phpBB/includes/session.php57
8 files changed, 94 insertions, 61 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index 3013906785..58b55eeddb 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -386,6 +386,8 @@ class acp_board
'referer_validation' => array('lang' => 'REFERER_VALID', 'validate' => 'int:0:3','type' => 'custom', 'method' => 'select_ref_check', 'explain' => true),
'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
+ 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),
+ 'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true),
'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true),
diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php
index 4367ea4c9c..51b5dd3301 100644
--- a/phpBB/includes/acp/acp_captcha.php
+++ b/phpBB/includes/acp/acp_captcha.php
@@ -95,7 +95,7 @@ class acp_captcha
}
else if ($submit)
{
- trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING);
+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
else
{
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php
index a38254838c..4f6b22fa14 100644
--- a/phpBB/includes/acp/acp_styles.php
+++ b/phpBB/includes/acp/acp_styles.php
@@ -257,6 +257,7 @@ version = {VERSION}
global $user, $template, $db, $config, $phpbb_root_path, $phpEx;
$sql_from = '';
+ $sql_sort = 'LOWER(' . $mode . '_name)';
$style_count = array();
switch ($mode)
@@ -284,6 +285,9 @@ version = {VERSION}
case 'theme':
$sql_from = STYLES_THEME_TABLE;
break;
+
+ default:
+ trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$l_prefix = strtoupper($mode);
@@ -307,7 +311,8 @@ version = {VERSION}
);
$sql = "SELECT *
- FROM $sql_from";
+ FROM $sql_from
+ ORDER BY $sql_sort ASC";
$result = $db->sql_query($sql);
$installed = array();
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index d505f79a9f..a282ef1d7f 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -119,7 +119,7 @@ class acp_users
// Build modes dropdown list
$sql = 'SELECT module_mode, module_auth
FROM ' . MODULES_TABLE . "
- WHERE module_basename = 'users'
+ WHERE module_basename = 'acp_users'
AND module_enabled = 1
AND module_class = 'acp'
ORDER BY left_id, module_mode";
@@ -2338,46 +2338,61 @@ class acp_users
}
/**
- * Optionset replacement for this module based on $user->optionset
+ * Set option bit field for user options in a user row array.
+ *
+ * Optionset replacement for this module based on $user->optionset.
+ *
+ * @param array $user_row Row from the users table.
+ * @param int $key Option key, as defined in $user->keyoptions property.
+ * @param bool $value True to set the option, false to clear the option.
+ * @param int $data Current bit field value, or false to use $user_row['user_options']
+ * @return int|bool If $data is false, the bit field is modified and
+ * written back to $user_row['user_options'], and
+ * return value is true if the bit field changed and
+ * false otherwise. If $data is not false, the new
+ * bitfield value is returned.
*/
function optionset(&$user_row, $key, $value, $data = false)
{
global $user;
- $var = ($data) ? $data : $user_row['user_options'];
+ $var = ($data !== false) ? $data : $user_row['user_options'];
- if ($value && !($var & 1 << $user->keyoptions[$key]))
- {
- $var += 1 << $user->keyoptions[$key];
- }
- else if (!$value && ($var & 1 << $user->keyoptions[$key]))
- {
- $var -= 1 << $user->keyoptions[$key];
- }
- else
- {
- return ($data) ? $var : false;
- }
+ $new_var = phpbb_optionset($user->keyoptions[$key], $value, $var);
- if (!$data)
+ if ($data === false)
{
- $user_row['user_options'] = $var;
- return true;
+ if ($new_var != $var)
+ {
+ $user_row['user_options'] = $new_var;
+ return true;
+ }
+ else
+ {
+ return false;
+ }
}
else
{
- return $var;
+ return $new_var;
}
}
/**
- * Optionget replacement for this module based on $user->optionget
+ * Get option bit field from user options in a user row array.
+ *
+ * Optionget replacement for this module based on $user->optionget.
+ *
+ * @param array $user_row Row from the users table.
+ * @param int $key option key, as defined in $user->keyoptions property.
+ * @param int $data bit field value to use, or false to use $user_row['user_options']
+ * @return bool true if the option is set in the bit field, false otherwise
*/
function optionget(&$user_row, $key, $data = false)
{
global $user;
- $var = ($data) ? $data : $user_row['user_options'];
- return ($var & 1 << $user->keyoptions[$key]) ? true : false;
+ $var = ($data !== false) ? $data : $user_row['user_options'];
+ return phpbb_optionget($user->keyoptions[$key], $var);
}
}
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 5c808c812b..753795b7cf 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -4711,9 +4711,9 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields),
'T_ASSETS_PATH' => "{$web_path}assets",
- 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme',
- 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template',
- 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template',
+ 'T_THEME_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme',
+ 'T_TEMPLATE_PATH' => "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
+ 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . rawurlencode($user->theme['template_inherit_path']) . '/template' : "{$web_path}styles/" . rawurlencode($user->theme['template_path']) . '/template',
'T_IMAGES_PATH' => "{$web_path}images/",
'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/",
'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/",
@@ -4721,16 +4721,16 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/",
'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/",
'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/",
- 'T_STYLESHEET_LINK' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css',
- 'T_STYLESHEET_LANG_LINK' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/' . $user->lang_name . '/stylesheet.css',
+ 'T_STYLESHEET_LINK' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/stylesheet.css',
+ 'T_STYLESHEET_LANG_LINK' => "{$web_path}styles/" . rawurlencode($user->theme['theme_path']) . '/theme/' . $user->lang_name . '/stylesheet.css',
'T_STYLESHEET_NAME' => $user->theme['theme_name'],
'T_JQUERY_LINK' => ($config['load_jquery_cdn'] && !empty($config['load_jquery_url'])) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery.js",
'S_JQUERY_FALLBACK' => ($config['load_jquery_cdn']) ? true : false,
- 'T_THEME_NAME' => $user->theme['theme_path'],
+ 'T_THEME_NAME' => rawurlencode($user->theme['theme_path']),
'T_THEME_LANG_NAME' => $user->data['user_lang'],
'T_TEMPLATE_NAME' => $user->theme['template_path'],
- 'T_SUPER_TEMPLATE_NAME' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path'],
+ 'T_SUPER_TEMPLATE_NAME' => rawurlencode((isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? $user->theme['template_inherit_path'] : $user->theme['template_path']),
'T_IMAGES' => 'images',
'T_SMILIES' => $config['smilies_path'],
'T_AVATAR' => $config['avatar_path'],
diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php
index ffa3fd32eb..03dec1787a 100644
--- a/phpBB/includes/functions_acp.php
+++ b/phpBB/includes/functions_acp.php
@@ -8,6 +8,14 @@
*/
/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+ exit;
+}
+
+/**
* Header for acp pages
*/
function adm_page_header($page_title)
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index b04e98dd70..13d9b6a5cb 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -569,7 +569,7 @@ class messenger
if (!$use_queue)
{
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
if (!$this->jabber->connect())
{
@@ -770,7 +770,7 @@ class queue
}
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
if (!$this->jabber->connect())
{
@@ -1023,7 +1023,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
}
// Let me in. This function handles the complete authentication process
- if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], $config['smtp_password'], $config['smtp_auth_method']))
+ if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password']), $config['smtp_auth_method']))
{
$smtp->close_session($err_msg);
return false;
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index ae992800d5..6dad068ecb 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -1538,7 +1538,6 @@ class user extends session
// Able to add new options (up to id 31)
var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17);
- var $keyvalues = array();
/**
* Constructor to set the lang path
@@ -2241,47 +2240,51 @@ class user extends session
}
/**
- * Get option bit field from user options
+ * Get option bit field from user options.
+ *
+ * @param int $key option key, as defined in $keyoptions property.
+ * @param int $data bit field value to use, or false to use $this->data['user_options']
+ * @return bool true if the option is set in the bit field, false otherwise
*/
function optionget($key, $data = false)
{
- if (!isset($this->keyvalues[$key]))
- {
- $var = ($data) ? $data : $this->data['user_options'];
- $this->keyvalues[$key] = ($var & 1 << $this->keyoptions[$key]) ? true : false;
- }
-
- return $this->keyvalues[$key];
+ $var = ($data !== false) ? $data : $this->data['user_options'];
+ return phpbb_optionget($this->keyoptions[$key], $var);
}
/**
- * Set option bit field for user options
+ * Set option bit field for user options.
+ *
+ * @param int $key Option key, as defined in $keyoptions property.
+ * @param bool $value True to set the option, false to clear the option.
+ * @param int $data Current bit field value, or false to use $this->data['user_options']
+ * @return int|bool If $data is false, the bit field is modified and
+ * written back to $this->data['user_options'], and
+ * return value is true if the bit field changed and
+ * false otherwise. If $data is not false, the new
+ * bitfield value is returned.
*/
function optionset($key, $value, $data = false)
{
- $var = ($data) ? $data : $this->data['user_options'];
+ $var = ($data !== false) ? $data : $this->data['user_options'];
- if ($value && !($var & 1 << $this->keyoptions[$key]))
- {
- $var += 1 << $this->keyoptions[$key];
- }
- else if (!$value && ($var & 1 << $this->keyoptions[$key]))
- {
- $var -= 1 << $this->keyoptions[$key];
- }
- else
- {
- return ($data) ? $var : false;
- }
+ $new_var = phpbb_optionset($this->keyoptions[$key], $value, $var);
- if (!$data)
+ if ($data === false)
{
- $this->data['user_options'] = $var;
- return true;
+ if ($new_var != $var)
+ {
+ $this->data['user_options'] = $new_var;
+ return true;
+ }
+ else
+ {
+ return false;
+ }
}
else
{
- return $var;
+ return $new_var;
}
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-21 09:34:13 +0000