diff options
Diffstat (limited to 'phpBB/includes')
30 files changed, 176 insertions, 106 deletions
diff --git a/phpBB/includes/acm/acm_eaccelerator.php b/phpBB/includes/acm/acm_eaccelerator.php index 1a3cf3c0f7..645067c199 100644 --- a/phpBB/includes/acm/acm_eaccelerator.php +++ b/phpBB/includes/acm/acm_eaccelerator.php @@ -30,6 +30,7 @@ if (!class_exists('acm_memory')) class acm extends acm_memory { var $extension = 'eaccelerator'; + var $function = 'eaccelerator_get'; var $serialize_header = '#phpbb-serialized#'; diff --git a/phpBB/includes/acm/acm_memcache.php b/phpBB/includes/acm/acm_memcache.php index 3077ee9615..52b8832749 100644 --- a/phpBB/includes/acm/acm_memcache.php +++ b/phpBB/includes/acm/acm_memcache.php @@ -105,7 +105,11 @@ class acm extends acm_memory */ function _write($var, $data, $ttl = 2592000) { - return $this->memcache->set($this->key_prefix . $var, $data, $this->flags, $ttl); + if (!$this->memcache->replace($this->key_prefix . $var, $data, $this->flags, $ttl)) + { + return $this->memcache->set($this->key_prefix . $var, $data, $this->flags, $ttl); + } + return true; } /** diff --git a/phpBB/includes/acm/acm_memory.php b/phpBB/includes/acm/acm_memory.php index 1ed4fb0d55..e315e979e5 100644 --- a/phpBB/includes/acm/acm_memory.php +++ b/phpBB/includes/acm/acm_memory.php @@ -47,6 +47,11 @@ class acm_memory trigger_error("Could not find required extension [{$this->extension}] for the ACM module $acm_type.", E_USER_ERROR); } + + if (isset($this->function) && !function_exists($this->function)) + { + trigger_error("The required function [{$this->function}] is not available for the ACM module $acm_type.", E_USER_ERROR); + } } /** diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 2ff597ee98..bde59ec870 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -75,13 +75,6 @@ class acp_forums trigger_error($user->lang['NO_PERMISSION_FORUM_ADD'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } - case 'copy_perm': - - if (!(($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')))) - { - trigger_error($user->lang['NO_PERMISSION_COPY'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); - } - break; } @@ -125,7 +118,6 @@ class acp_forums 'type_action' => request_var('type_action', ''), 'forum_status' => request_var('forum_status', ITEM_UNLOCKED), 'forum_parents' => '', - 'forum_options' => 0, 'forum_name' => utf8_normalize_nfc(request_var('forum_name', '', true)), 'forum_link' => request_var('forum_link', ''), 'forum_link_track' => request_var('forum_link_track', false), @@ -159,6 +151,12 @@ class acp_forums 'forum_password_unset' => request_var('forum_password_unset', false), ); + // On add, add empty forum_options... else do not consider it (not updating it) + if ($action == 'add') + { + $forum_data['forum_options'] = 0; + } + // Use link_display_on_index setting if forum type is link if ($forum_data['forum_type'] == FORUM_LINK) { diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 8213c55ccb..e1deb7e533 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -89,16 +89,19 @@ class acp_icons continue; } - // adjust the width and height to be lower than 128px while perserving the aspect ratio - if ($img_size[0] > 127 && $img_size[0] > $img_size[1]) + // adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons) + if ($mode == 'icons') { - $img_size[1] = (int) ($img_size[1] * (127 / $img_size[0])); - $img_size[0] = 127; - } - else if ($img_size[1] > 127) - { - $img_size[0] = (int) ($img_size[0] * (127 / $img_size[1])); - $img_size[1] = 127; + if ($img_size[0] > 127 && $img_size[0] > $img_size[1]) + { + $img_size[1] = (int) ($img_size[1] * (127 / $img_size[0])); + $img_size[0] = 127; + } + else if ($img_size[1] > 127) + { + $img_size[0] = (int) ($img_size[0] * (127 / $img_size[1])); + $img_size[1] = 127; + } } $_images[$path . $img]['file'] = $path . $img; @@ -363,7 +366,7 @@ class acp_icons if ($mode == 'smilies' && $action == 'create') { $smiley_count = $this->item_count($table); - + $addable_smileys_count = sizeof($images); foreach ($images as $image) { @@ -372,7 +375,7 @@ class acp_icons --$addable_smileys_count; } } - + if ($smiley_count + $addable_smileys_count > SMILEY_LIMIT) { trigger_error(sprintf($user->lang['TOO_MANY_SMILIES'], SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING); @@ -400,15 +403,19 @@ class acp_icons $image_height[$image] = $img_size[1]; } - if ($image_width[$image] > 127 && $image_width[$image] > $image_height[$image]) + // Adjust image width/height for icons + if ($mode == 'icons') { - $image_height[$image] = (int) ($image_height[$image] * (127 / $image_width[$image])); - $image_width[$image] = 127; - } - else if ($image_height[$image] > 127) - { - $image_width[$image] = (int) ($image_width[$image] * (127 / $image_height[$image])); - $image_height[$image] = 127; + if ($image_width[$image] > 127 && $image_width[$image] > $image_height[$image]) + { + $image_height[$image] = (int) ($image_height[$image] * (127 / $image_width[$image])); + $image_width[$image] = 127; + } + else if ($image_height[$image] > 127) + { + $image_width[$image] = (int) ($image_width[$image] * (127 / $image_height[$image])); + $image_height[$image] = 127; + } } $img_sql = array( @@ -923,7 +930,7 @@ class acp_icons generate_pagination($this->u_action, $item_count, $config['smilies_per_page'], $pagination_start, true) ); } - + /** * Returns the count of smilies or icons in the database * diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index 3d0c0a2780..1a12c4967c 100644 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -90,22 +90,19 @@ class acp_inactive if ($action == 'activate') { - if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + // Get those 'being activated'... + $sql = 'SELECT user_id, username' . (($config['require_activation'] == USER_ACTIVATION_ADMIN) ? ', user_email, user_lang' : '') . ' + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', $mark) . ' + AND user_type = ' . USER_INACTIVE; + $result = $db->sql_query($sql); + + $inactive_users = array(); + while ($row = $db->sql_fetchrow($result)) { - // Get those 'being activated'... - $sql = 'SELECT user_id, username, user_email, user_lang - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', $mark) . ' - AND user_type = ' . USER_INACTIVE; - $result = $db->sql_query($sql); - - $inactive_users = array(); - while ($row = $db->sql_fetchrow($result)) - { - $inactive_users[] = $row; - } - $db->sql_freeresult($result); + $inactive_users[] = $row; } + $db->sql_freeresult($result); user_active_flip('activate', $mark); @@ -136,6 +133,15 @@ class acp_inactive $messenger->save_queue(); } + if (!empty($inactive_users)) + { + foreach ($inactive_users as $row) + { + add_log('admin', 'LOG_USER_ACTIVE', $row['username']); + add_log('user', $row['user_id'], 'LOG_USER_ACTIVE_USER'); + } + } + // For activate we really need to redirect, else a refresh can result in users being deactivated again $u_action = $this->u_action . "&$u_sort_param&start=$start"; $u_action .= ($per_page != $config['topics_per_page']) ? "&users_per_page=$per_page" : ''; diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index 3ab6eb64ed..9925527b34 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -44,13 +44,13 @@ class acp_jabber $this->tpl_name = 'acp_jabber'; $this->page_title = 'ACP_JABBER_SETTINGS'; - $jab_enable = request_var('jab_enable', $config['jab_enable']); - $jab_host = request_var('jab_host', $config['jab_host']); - $jab_port = request_var('jab_port', $config['jab_port']); - $jab_username = request_var('jab_username', $config['jab_username']); - $jab_password = request_var('jab_password', $config['jab_password']); - $jab_package_size = request_var('jab_package_size', $config['jab_package_size']); - $jab_use_ssl = request_var('jab_use_ssl', $config['jab_use_ssl']); + $jab_enable = request_var('jab_enable', (bool) $config['jab_enable']); + $jab_host = request_var('jab_host', (string) $config['jab_host']); + $jab_port = request_var('jab_port', (int) $config['jab_port']); + $jab_username = request_var('jab_username', (string) $config['jab_username']); + $jab_password = request_var('jab_password', (string) $config['jab_password']); + $jab_package_size = request_var('jab_package_size', (int) $config['jab_package_size']); + $jab_use_ssl = request_var('jab_use_ssl', (bool) $config['jab_use_ssl']); $form_name = 'acp_jabber'; add_form_key($form_name); @@ -117,7 +117,7 @@ class acp_jabber 'JAB_ENABLE' => $jab_enable, 'L_JAB_SERVER_EXPLAIN' => sprintf($user->lang['JAB_SERVER_EXPLAIN'], '<a href="http://www.jabber.org/">', '</a>'), 'JAB_HOST' => $jab_host, - 'JAB_PORT' => $jab_port, + 'JAB_PORT' => ($jab_port) ? $jab_port : '', 'JAB_USERNAME' => $jab_username, 'JAB_PASSWORD' => $jab_password, 'JAB_PACKAGE_SIZE' => $jab_package_size, diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index 1b0ec4b5d5..fc08c7e8e8 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -509,6 +509,14 @@ class acp_profile // Get the number of options if this key is 'field_maxlen' $var = request_var('field_default_value', 0); }*/ + else if ($field_type == FIELD_INT && $key == 'field_default_value') + { + // Permit an empty string + if (request_var('field_default_value', '') === '') + { + $var = ''; + } + } $cp->vars[$key] = $var; } diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index afca056eb2..4905840e02 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1416,7 +1416,7 @@ class acp_users $now = getdate(); $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>'; - for ($i = $now['year'] - 100; $i < $now['year']; $i++) + for ($i = $now['year'] - 100; $i <= $now['year']; $i++) { $selected = ($i == $data['bday_year']) ? ' selected="selected"' : ''; $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>"; diff --git a/phpBB/includes/cache.php b/phpBB/includes/cache.php index 1effada666..a0142292ed 100644 --- a/phpBB/includes/cache.php +++ b/phpBB/includes/cache.php @@ -86,7 +86,7 @@ class cache extends acm { if ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) { - $censors['match'][] = '#(?<![\p{Nd}\p{L}_])(' . str_replace('\*', '[\p{Nd}\p{L}_]*?', preg_quote($row['word'], '#')) . ')(?![\p{Nd}\p{L}_])#u'; + $censors['match'][] = '#(?<![\p{Nd}\p{L}_])(' . str_replace('\*', '[\p{Nd}\p{L}_]*?', preg_quote($row['word'], '#')) . ')(?![\p{Nd}\p{L}_])#iu'; } else { diff --git a/phpBB/includes/captcha/captcha_factory.php b/phpBB/includes/captcha/captcha_factory.php index 73406a954f..131c0b3b77 100644 --- a/phpBB/includes/captcha/captcha_factory.php +++ b/phpBB/includes/captcha/captcha_factory.php @@ -35,7 +35,7 @@ class phpbb_captcha_factory { include($phpbb_root_path . "includes/captcha/plugins/{$name}_plugin." . $phpEx); } - $instance =& call_user_func(array($name, 'get_instance')); + $instance = call_user_func(array($name, 'get_instance')); return $instance; } diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php index c17cfa7bbe..45811c5d26 100644 --- a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php @@ -53,7 +53,7 @@ class phpbb_captcha_qa // read input $this->confirm_id = request_var('qa_confirm_id', ''); - $this->answer = request_var('qa_answer', '', true); + $this->answer = utf8_normalize_nfc(request_var('qa_answer', '', true)); $this->type = (int) $type; $this->question_lang = $user->lang_name; @@ -502,7 +502,7 @@ class phpbb_captcha_qa { global $db; - $answer = ($this->question_strict) ? request_var('qa_answer', '', true) : utf8_clean_string(request_var('qa_answer', '', true)); + $answer = ($this->question_strict) ? utf8_normalize_nfc(request_var('qa_answer', '', true)) : utf8_clean_string(utf8_normalize_nfc(request_var('qa_answer', '', true))); $sql = 'SELECT answer_text FROM ' . CAPTCHA_ANSWERS_TABLE . ' @@ -789,11 +789,12 @@ class phpbb_captcha_qa */ function acp_get_question_input() { + $answers = utf8_normalize_nfc(request_var('answers', '', true)); $question = array( 'question_text' => request_var('question_text', '', true), 'strict' => request_var('strict', false), 'lang_iso' => request_var('lang_iso', ''), - 'answers' => explode("\n", request_var('answers', '', true)), + 'answers' => (strlen($answers)) ? explode("\n", $answers) : '', ); return $question; @@ -908,8 +909,9 @@ class phpbb_captcha_qa } if (!isset($langs[$question_data['lang_iso']]) || - !$question_data['question_text'] || - !sizeof($question_data['answers'])) + !strlen($question_data['question_text']) || + !sizeof($question_data['answers']) || + !is_array($question_data['answers'])) { return false; } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 3bb9467bbf..398611d24e 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -25,7 +25,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.0.6-RC2'); +define('PHPBB_VERSION', '3.0.6'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php index eabcfd818e..a762b31681 100644 --- a/phpBB/includes/db/db_tools.php +++ b/phpBB/includes/db/db_tools.php @@ -453,11 +453,17 @@ class phpbb_db_tools case 'firebird': case 'mssql': + // We need the data here + $old_return_statements = $this->return_statements; + $this->return_statements = true; + $primary_key_stmts = $this->sql_create_primary_key($table_name, $table_data['PRIMARY_KEY']); foreach ($primary_key_stmts as $pk_stmt) { $statements[] = $pk_stmt; } + + $this->return_statements = $old_return_statements; break; case 'oracle': @@ -1867,7 +1873,7 @@ class phpbb_db_tools } else { - $statements[] = 'ALTER TABLE ' . $table_name . ' ALTER COLUMN "' . strtoupper($column_name) . '" TYPE ' . ' ' . $column_data['column_type_sql']; + $statements[] = 'ALTER TABLE ' . $table_name . ' ALTER COLUMN "' . strtoupper($column_name) . '" TYPE ' . ' ' . $column_data['column_type_sql_type']; } break; diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index f7180029b5..63cdb7126d 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -136,7 +136,7 @@ class dbal_oracle extends dbal */ function _rewrite_where($where_clause) { - preg_match_all('/\s*(AND|OR)?\s*([\w_.]++)\s*(?:(=|<[=>]?|>=?)\s*((?>\'(?>[^\']++|\'\')*+\'|[\d-.]+))|((NOT )?IN\s*\((?>\'(?>[^\']++|\'\')*+\',? ?|[\d-.]+,? ?)*+\)))/', $where_clause, $result, PREG_SET_ORDER); + preg_match_all('/\s*(AND|OR)?\s*([\w_.()]++)\s*(?:(=|<[=>]?|>=?|LIKE)\s*((?>\'(?>[^\']++|\'\')*+\'|[\d-.()]+))|((NOT )?IN\s*\((?>\'(?>[^\']++|\'\')*+\',? ?|[\d-.]+,? ?)*+\)))/', $where_clause, $result, PREG_SET_ORDER); $out = ''; foreach ($result as $val) { diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index e787932441..396267432a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3959,7 +3959,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $s_last_visit = ($user->data['user_id'] != ANONYMOUS) ? $user->format_date($user->data['session_last_visit']) : ''; // Get users online list ... if required - $l_online_users = $online_userlist = $l_online_record = ''; + $l_online_users = $online_userlist = $l_online_record = $l_online_time = ''; if ($config['load_online'] && $config['load_online_time'] && $display_online_list) { @@ -3982,15 +3982,11 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 set_config('record_online_date', time(), true); } - $l_online_record = sprintf($user->lang['RECORD_ONLINE_USERS'], $config['record_online_users'], $user->format_date($config['record_online_date'])); + $l_online_record = sprintf($user->lang['RECORD_ONLINE_USERS'], $config['record_online_users'], $user->format_date($config['record_online_date'], false, true)); $l_online_time = ($config['load_online_time'] == 1) ? 'VIEW_ONLINE_TIME' : 'VIEW_ONLINE_TIMES'; $l_online_time = sprintf($user->lang[$l_online_time], $config['load_online_time']); } - else - { - $l_online_time = ''; - } $l_privmsgs_text = $l_privmsgs_text_unread = ''; $s_privmsg_new = false; @@ -4139,7 +4135,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_FORUM_ID' => $forum_id, 'S_TOPIC_ID' => $topic_id, - 'S_LOGIN_ACTION' => (!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') . '&redirect=' . urlencode(str_replace('&', '&', build_url())) : append_sid("index.$phpEx", false, true, $user->session_id) . '&redirect=' . urlencode(str_replace('&', '&', build_url())), + 'S_LOGIN_ACTION' => ((!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id)), + 'S_LOGIN_REDIRECT' => build_hidden_fields(array('redirect' => str_replace('&', '&', build_url()))), 'S_ENABLE_FEEDS' => ($config['feed_enable']) ? true : false, 'S_ENABLE_FEEDS_FORUMS' => ($config['feed_overall_forums']) ? true : false, @@ -4158,7 +4155,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang']), + 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang'], true, $user->session_id), 'T_STYLESHEET_NAME' => $user->theme['theme_name'], 'T_THEME_NAME' => $user->theme['theme_path'], diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index c0db64dbfb..ddadda8ed2 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2361,8 +2361,8 @@ function cache_moderators() 'FROM' => array( ACL_OPTIONS_TABLE => 'o', USER_GROUP_TABLE => 'ug', - ACL_GROUPS_TABLE => 'a', GROUPS_TABLE => 'g', + ACL_GROUPS_TABLE => 'a', ), 'LEFT_JOIN' => array( @@ -2549,17 +2549,24 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id return; } - $keywords = preg_split('#[\s+\-|*()]+#u', utf8_strtolower(preg_quote($keywords, '#')), 0, PREG_SPLIT_NO_EMPTY); + // Use no preg_quote for $keywords because this would lead to sole backslashes being added + // We also use an OR connection here for spaces and the | string. Currently, regex is not supported for searching (but may come later). + $keywords = preg_split('#[\s|]+#u', utf8_strtolower($keywords), 0, PREG_SPLIT_NO_EMPTY); $sql_keywords = ''; if (!empty($keywords)) { - $keywords_pattern = '#' . implode('|', $keywords) . '#ui'; + $keywords_pattern = array(); + + // Build pattern and keywords... for ($i = 0, $num_keywords = sizeof($keywords); $i < $num_keywords; $i++) { + $keywords_pattern[] = preg_quote($keywords[$i], '#'); $keywords[$i] = $db->sql_like_expression($db->any_char . $keywords[$i] . $db->any_char); } + $keywords_pattern = '#' . implode('|', $keywords_pattern) . '#ui'; + $operations = array(); foreach ($user->lang as $key => $value) { diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index cec1becb6e..58cbdaef5b 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -323,7 +323,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $forum_unread = (isset($forum_tracking_info[$forum_id]) && $row['orig_forum_last_post_time'] > $forum_tracking_info[$forum_id]) ? true : false; // Mark the first visible forum on index as unread if there's any unread global announcement - if (($forum_id == $forum_ids_moderator[0]) && ($root_data['forum_id'] == 0) && $ga_unread) + if ($ga_unread && !empty($forum_ids_moderator) && $forum_id == $forum_ids_moderator[0]) { $forum_unread = true; } diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 6d5021b9aa..16dce16a72 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -476,8 +476,9 @@ class jabber } else if (in_array('PLAIN', $methods) && ($this->session['ssl'] || !empty($this->session['tls']))) { + // http://www.ietf.org/rfc/rfc4616.txt (PLAIN SASL Mechanism) $this->send("<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'>" - . base64_encode(chr(0) . $this->username . '@' . $this->server . chr(0) . $this->password) . + . base64_encode($this->username . '@' . $this->server . chr(0) . $this->username . chr(0) . $this->password) . '</auth>'); } else if (in_array('ANONYMOUS', $methods)) diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index c93b6a6bba..4fc5034f7b 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -894,6 +894,13 @@ function handle_mark_actions($user_id, $mark_action) case 'delete_marked': + global $auth; + + if (!$auth->acl_get('u_pm_delete')) + { + trigger_error('NO_AUTH_DELETE_MESSAGE'); + } + if (confirm_box(true)) { delete_pm($user_id, $msg_ids, $cur_folder_id); diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 9e356414a9..61e3587158 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -158,11 +158,11 @@ class custom_profile case FIELD_STRING: case FIELD_TEXT: - if (empty($field_value) && !$field_data['field_required']) + if (trim($field_value) === '' && !$field_data['field_required']) { return false; } - else if (empty($field_value) && $field_data['field_required']) + else if (trim($field_value) === '' && $field_data['field_required']) { return 'FIELD_REQUIRED'; } @@ -624,7 +624,7 @@ class custom_profile } else { - if (!$preview && isset($user->profile_fields[$user_ident]) && is_null($user->profile_fields[$user_ident])) + if (!$preview && array_key_exists($user_ident, $user->profile_fields) && is_null($user->profile_fields[$user_ident])) { $value = NULL; } diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 3783aadab5..8d9ece5205 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -105,6 +105,7 @@ class mcp_queue { $template->assign_vars(array( 'S_TOPIC_REVIEW' => true, + 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'], 'TOPIC_TITLE' => $post_info['topic_title']) ); } diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 7bed20187a..e19fe96963 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -116,6 +116,7 @@ class mcp_reports { $template->assign_vars(array( 'S_TOPIC_REVIEW' => true, + 'S_BBCODE_ALLOWED' => $post_info['enable_bbcode'], 'TOPIC_TITLE' => $post_info['topic_title']) ); } @@ -429,7 +430,7 @@ class mcp_reports 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), 'TOPIC_ID' => $topic_id, 'TOTAL' => $total, - 'TOTAL_REPORTS' => ($total == 1) ? $user->lang['LIST_REPORT'] : sprintf($user->lang['LIST_REPORTS'], $total), + 'TOTAL_REPORTS' => ($total == 1) ? $user->lang['LIST_REPORT'] : sprintf($user->lang['LIST_REPORTS'], $total), ) ); @@ -671,7 +672,7 @@ function close_report($report_id_list, $mode, $action, $pm = false) $messenger->send($reporter['user_notify_type']); } } - + if (!$pm) { foreach ($post_info as $post) @@ -712,13 +713,13 @@ function close_report($report_id_list, $mode, $action, $pm = false) { $return_forum = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />'; } - + if (sizeof($topic_ids) === 1) { $return_topic = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . current($topic_ids) . '&f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />'; } } - + trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_forum . $return_topic . sprintf($user->lang['RETURN_PAGE'], "<a href=\"$redirect\">", '</a>')); } } diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 3df582d640..8979511d9a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -115,7 +115,7 @@ class bbcode_firstpass extends bbcode 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\]((?s).*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), @@ -1064,17 +1064,12 @@ class parse_message extends bbcode_firstpass $this->mode = $mode; - if (!isset($config['max_' . $mode . '_chars'])) + foreach (array('chars', 'smilies', 'urls', 'font_size', 'img_height', 'img_width') as $key) { - $config['max_' . $mode . '_chars'] = 0; - } - if (!isset($config['max_' . $mode . '_smilies'])) - { - $config['max_' . $mode . '_smilies'] = 0; - } - if (!isset($config['max_' . $mode . '_urls'])) - { - $config['max_' . $mode . '_urls'] = 0; + if (!isset($config['max_' . $mode . '_' . $key])) + { + $config['max_' . $mode . '_' . $key] = 0; + } } $this->allow_img_bbcode = $allow_img_bbcode; diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index 1d015576a7..659c088763 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -303,6 +303,7 @@ class phpbb_questionnaire_phpbb_data_provider 'database_gc' => true, 'dbms_version' => true, 'default_dateformat' => true, + 'default_lang' => true, 'display_last_edited' => true, 'display_order' => true, 'edit_time' => true, diff --git a/phpBB/includes/search/fulltext_mysql.php b/phpBB/includes/search/fulltext_mysql.php index d1c1ff00d1..c72e674011 100644 --- a/phpBB/includes/search/fulltext_mysql.php +++ b/phpBB/includes/search/fulltext_mysql.php @@ -444,7 +444,7 @@ class fulltext_mysql extends search_backend if (sizeof($author_ary) && $author_name) { // first one matches post of registered users, second one guests and deleted users - $sql_author = '(' . $db->sql_in_set('p.poster_id', array_diff($author_ary, array(ANONYMOUS)), false, true) . ' OR p.post_username ' . $author_name . ')'; + $sql_author = ' AND (' . $db->sql_in_set('p.poster_id', array_diff($author_ary, array(ANONYMOUS)), false, true) . ' OR p.post_username ' . $author_name . ')'; } else if (sizeof($author_ary)) { diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index bf41fea7de..933bd47347 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1355,7 +1355,7 @@ class session { global $config, $db; - $user_id = ($user_id === false) ? $this->data['user_id'] : $user_id; + $user_id = ($user_id === false) ? (int) $this->data['user_id'] : (int) $user_id; $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' WHERE user_id = ' . (int) $user_id; @@ -1378,7 +1378,7 @@ class session // Let's also clear any current sessions for the specified user_id // If it's the current user then we'll leave this session intact $sql_where = 'session_user_id = ' . (int) $user_id; - $sql_where .= ($user_id === $this->data['user_id']) ? " AND session_id <> '" . $db->sql_escape($this->session_id) . "'" : ''; + $sql_where .= ($user_id === (int) $this->data['user_id']) ? " AND session_id <> '" . $db->sql_escape($this->session_id) . "'" : ''; $sql = 'DELETE FROM ' . SESSIONS_TABLE . " WHERE $sql_where"; @@ -1386,7 +1386,7 @@ class session // We're changing the password of the current user and they have a key // Lets regenerate it to be safe - if ($user_id === $this->data['user_id'] && $this->cookie_data['k']) + if ($user_id === (int) $this->data['user_id'] && $this->cookie_data['k']) { $this->set_login_key($user_id); } diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php index 7d09694e2a..af5c9d3a47 100644 --- a/phpBB/includes/template.php +++ b/phpBB/includes/template.php @@ -152,6 +152,7 @@ class template function destroy() { $this->_tpldata = array('.' => array(0 => array())); + $this->_rootref = &$this->_tpldata['.'][0]; } /** diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 2f56bcdf7a..4d72d45f81 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -767,7 +767,7 @@ function compose_pm($id, $mode, $action) $parse_sig->bbcode_uid = $preview_signature_uid; $parse_sig->bbcode_bitfield = $preview_signature_bitfield; - $parse_sig->format_display($enable_bbcode, $enable_urls, $enable_smilies); + $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); $preview_signature = $parse_sig->message; unset($parse_sig); } @@ -811,7 +811,7 @@ function compose_pm($id, $mode, $action) } // Decode text for message display - $bbcode_uid = (($action == 'quote' || $action == 'forward') && !$preview && !$refresh) ? $bbcode_uid : $message_parser->bbcode_uid; + $bbcode_uid = (($action == 'quote' || $action == 'forward') && !$preview && !$refresh && (!sizeof($error) || (sizeof($error) && !$submit))) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index 33d2c9fb6f..665dd2c83f 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -65,6 +65,12 @@ function view_folder($id, $mode, $folder_id, $folder) $mark_options = array('mark_important', 'delete_marked'); + // Minimise edits + if (!$auth->acl_get('u_pm_delete') && $key = array_search('delete_marked', $mark_options)) + { + unset($mark_options[$key]); + } + $s_mark_options = ''; foreach ($mark_options as $mark_option) { @@ -194,13 +200,15 @@ function view_folder($id, $mode, $folder_id, $folder) else { // Build Recipient List if in outbox/sentbox - $address = $data = array(); + + $address_temp = $address = $data = array(); if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { foreach ($folder_info['rowset'] as $message_id => $row) { - $address[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address'])); + $address_temp[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address'])); + $address[$message_id] = array(); } } @@ -224,8 +232,12 @@ function view_folder($id, $mode, $folder_id, $folder) $_types = array('u', 'g'); foreach ($_types as $ug_type) { - if (isset($address[$message_id][$ug_type]) && sizeof($address[$message_id][$ug_type])) + if (isset($address_temp[$message_id][$ug_type]) && sizeof($address_temp[$message_id][$ug_type])) { + if (!isset($address[$message_id][$ug_type])) + { + $address[$message_id][$ug_type] = array(); + } if ($ug_type == 'u') { $sql = 'SELECT user_id as id, username as name @@ -238,21 +250,31 @@ function view_folder($id, $mode, $folder_id, $folder) FROM ' . GROUPS_TABLE . ' WHERE '; } - $sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($address[$message_id][$ug_type]))); + $sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($address_temp[$message_id][$ug_type]))); $result = $db->sql_query($sql); while ($info_row = $db->sql_fetchrow($result)) { - $address[$message_id][$ug_type][$address[$message_id][$ug_type][$info_row['id']]][] = $info_row['name']; - unset($address[$message_id][$ug_type][$info_row['id']]); + $address[$message_id][$ug_type][$address_temp[$message_id][$ug_type][$info_row['id']]][] = $info_row['name']; + unset($address_temp[$message_id][$ug_type][$info_row['id']]); } $db->sql_freeresult($result); } } - decode_message($message_row['message_text'], $message_row['bbcode_uid']); + // There is the chance that all recipients of the message got deleted. To avoid creating + // exports without recipients, we add a bogus "undisclosed recipient". + if (!(isset($address[$message_id]['g']) && sizeof($address[$message_id]['g'])) && + !(isset($address[$message_id]['u']) && sizeof($address[$message_id]['u']))) + { + $address[$message_id]['u'] = array(); + $address[$message_id]['u']['to'] = array(); + $address[$message_id]['u']['to'][] = $user->lang['UNDISCLOSED_RECIPIENT']; + } + decode_message($message_row['message_text'], $message_row['bbcode_uid']); + $data[] = array( 'subject' => censor_text($row['message_subject']), 'sender' => $row['username'], |