aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_ban.php34
-rw-r--r--phpBB/includes/acp/acp_board.php28
-rw-r--r--phpBB/includes/acp/acp_database.php9
-rw-r--r--phpBB/includes/acp/acp_email.php10
-rw-r--r--phpBB/includes/acp/acp_forums.php10
-rw-r--r--phpBB/includes/acp/acp_inactive.php10
-rw-r--r--phpBB/includes/acp/acp_language.php9
-rw-r--r--phpBB/includes/acp/acp_main.php11
-rw-r--r--phpBB/includes/acp/acp_ranks.php2
-rw-r--r--phpBB/includes/acp/acp_update.php2
-rw-r--r--phpBB/includes/acp/acp_users.php12
-rw-r--r--phpBB/includes/auth/auth_db.php11
-rw-r--r--phpBB/includes/constants.php2
-rw-r--r--phpBB/includes/db/db_tools.php178
-rw-r--r--phpBB/includes/db/dbal.php2
-rw-r--r--phpBB/includes/db/mssqlnative.php2
-rw-r--r--phpBB/includes/db/mysqli.php8
-rw-r--r--phpBB/includes/error_collector.php12
-rw-r--r--phpBB/includes/functions.php119
-rw-r--r--phpBB/includes/functions_admin.php19
-rw-r--r--phpBB/includes/functions_display.php24
-rw-r--r--phpBB/includes/functions_install.php57
-rw-r--r--phpBB/includes/functions_messenger.php42
-rw-r--r--phpBB/includes/functions_posting.php8
-rw-r--r--phpBB/includes/functions_privmsgs.php9
-rw-r--r--phpBB/includes/mcp/mcp_main.php17
-rw-r--r--phpBB/includes/mcp/mcp_post.php2
-rw-r--r--phpBB/includes/mcp/mcp_queue.php3
-rw-r--r--phpBB/includes/mcp/mcp_reports.php1
-rw-r--r--phpBB/includes/mcp/mcp_topic.php4
-rw-r--r--phpBB/includes/startup.php4
-rw-r--r--phpBB/includes/ucp/ucp_activate.php5
-rw-r--r--phpBB/includes/ucp/ucp_groups.php52
-rw-r--r--phpBB/includes/ucp/ucp_pm.php2
-rw-r--r--phpBB/includes/ucp/ucp_pm_viewmessage.php2
-rw-r--r--phpBB/includes/ucp/ucp_profile.php17
-rw-r--r--phpBB/includes/ucp/ucp_register.php9
-rw-r--r--phpBB/includes/ucp/ucp_resend.php10
38 files changed, 426 insertions, 332 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php
index a7ea57b753..f8af1b86e1 100644
--- a/phpBB/includes/acp/acp_ban.php
+++ b/phpBB/includes/acp/acp_ban.php
@@ -175,12 +175,21 @@ class acp_ban
}
$result = $db->sql_query($sql);
- $banned_options = '';
+ $banned_options = $excluded_options = array();
$ban_length = $ban_reasons = $ban_give_reasons = array();
while ($row = $db->sql_fetchrow($result))
{
- $banned_options .= '<option' . (($row['ban_exclude']) ? ' class="sep"' : '') . ' value="' . $row['ban_id'] . '">' . $row[$field] . '</option>';
+ $option = '<option value="' . $row['ban_id'] . '">' . $row[$field] . '</option>';
+
+ if ($row['ban_exclude'])
+ {
+ $excluded_options[] = $option;
+ }
+ else
+ {
+ $banned_options[] = $option;
+ }
$time_length = ($row['ban_end']) ? ($row['ban_end'] - $row['ban_start']) / 60 : 0;
@@ -241,11 +250,26 @@ class acp_ban
}
}
+ $options = '';
+ if ($excluded_options)
+ {
+ $options .= '<optgroup label="' . $user->lang['OPTIONS_EXCLUDED'] . '">';
+ $options .= implode('', $excluded_options);
+ $options .= '</optgroup>';
+ }
+
+ if ($banned_options)
+ {
+ $options .= '<optgroup label="' . $user->lang['OPTIONS_BANNED'] . '">';
+ $options .= implode('', $banned_options);
+ $options .= '</optgroup>';
+ }
+
$template->assign_vars(array(
'S_BAN_END_OPTIONS' => $ban_end_options,
- 'S_BANNED_OPTIONS' => ($banned_options) ? true : false,
- 'BANNED_OPTIONS' => $banned_options)
- );
+ 'S_BANNED_OPTIONS' => ($banned_options || $excluded_options) ? true : false,
+ 'BANNED_OPTIONS' => $options,
+ ));
}
}
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index d8ab42ed2d..8c761e51fe 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -188,7 +188,7 @@ class acp_board
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:2:127', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
- 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
+ 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:1', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
@@ -234,7 +234,7 @@ class acp_board
'max_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:8:180', 'type' => false, 'method' => false, 'explain' => false,),
'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),
- 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_acc_activation', 'explain' => true),
+ 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'select', 'method' => 'select_acc_activation', 'explain' => true),
'new_member_post_limit' => array('lang' => 'NEW_MEMBER_POST_LIMIT', 'validate' => 'int:0:255', 'type' => 'text:4:4', 'explain' => true, 'append' => ' ' . $user->lang['POSTS']),
'new_member_group_default'=> array('lang' => 'NEW_MEMBER_GROUP_DEFAULT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'min_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:1', 'type' => 'custom:5:180', 'method' => 'username_length', 'explain' => true),
@@ -768,24 +768,28 @@ class acp_board
/**
* Select account activation method
*/
- function select_acc_activation($value, $key = '')
+ function select_acc_activation($selected_value, $value)
{
global $user, $config;
- $radio_ary = array(
- USER_ACTIVATION_DISABLE => 'ACC_DISABLE',
- USER_ACTIVATION_NONE => 'ACC_NONE',
+ $act_ary = array(
+ 'ACC_DISABLE' => USER_ACTIVATION_DISABLE,
+ 'ACC_NONE' => USER_ACTIVATION_NONE,
);
-
if ($config['email_enable'])
{
- $radio_ary[USER_ACTIVATION_SELF] = 'ACC_USER';
- $radio_ary[USER_ACTIVATION_ADMIN] = 'ACC_ADMIN';
- }
+ $act_ary['ACC_USER'] = USER_ACTIVATION_SELF;
+ $act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN;
+ }
+ $act_options = '';
- $radio_text = h_radio('config[require_activation]', $radio_ary, $value, 'require_activation', $key, '<br />');
+ foreach ($act_ary as $key => $value)
+ {
+ $selected = ($selected_value == $value) ? ' selected="selected"' : '';
+ $act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>';
+ }
- return $radio_text;
+ return $act_options;
}
/**
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index 193dd001c0..62bcd43a47 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -221,6 +221,7 @@ class acp_database
case 'submit':
$delete = request_var('delete', '');
$file = request_var('file', '');
+ $download = request_var('download', '');
if (!preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches))
{
@@ -247,10 +248,8 @@ class acp_database
confirm_box(false, $user->lang['DELETE_SELECTED_BACKUP'], build_hidden_fields(array('delete' => $delete, 'file' => $file)));
}
}
- else
+ else if ($download || confirm_box(true))
{
- $download = request_var('download', '');
-
if ($download)
{
$name = $matches[0];
@@ -411,6 +410,10 @@ class acp_database
trigger_error($user->lang['RESTORE_SUCCESS'] . adm_back_link($this->u_action));
break;
}
+ else if (!$download)
+ {
+ confirm_box(false, $user->lang['RESTORE_SELECTED_BACKUP'], build_hidden_fields(array('file' => $file)));
+ }
default:
$methods = array('sql');
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 133fe47e09..df0d44c0c5 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -136,8 +136,9 @@ class acp_email
$i = $j = 0;
- // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit)
- $max_chunk_size = 50;
+ // Send with BCC
+ // Maximum number of bcc recipients
+ $max_chunk_size = (int) $config['email_max_chunk_size'];
$email_list = array();
$old_lang = $row['user_lang'];
$old_notify_type = $row['user_notify_type'];
@@ -194,10 +195,7 @@ class acp_email
$messenger->template('admin_send_email', $used_lang);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->subject(htmlspecialchars_decode($subject));
$messenger->set_mail_priority($priority);
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php
index 4d9b9f01e0..50e12a0f15 100644
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@@ -212,15 +212,11 @@ class acp_forums
$message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED'];
- // Redirect to permissions
- if ($auth->acl_get('a_fauth') && !$copied_permissions)
- {
- $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>');
- }
-
// redirect directly to permission settings screen if authed
if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth'))
{
+ $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>');
+
meta_refresh(4, append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url));
}
@@ -875,7 +871,7 @@ class acp_forums
$errors = array();
- if (!$forum_data['forum_name'])
+ if ($forum_data['forum_name'] == '')
{
$errors[] = $user->lang['FORUM_NAME_EMPTY'];
}
diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php
index c93cbc457f..f3f332d707 100644
--- a/phpBB/includes/acp/acp_inactive.php
+++ b/phpBB/includes/acp/acp_inactive.php
@@ -118,10 +118,7 @@ class acp_inactive
$messenger->to($row['user_email'], $row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($row['username']))
@@ -209,10 +206,7 @@ class acp_inactive
$messenger->to($row['user_email'], $row['username']);
$messenger->im($row['user_jabber'], $row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($row['username']),
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php
index 598b390302..d560cdd0c5 100644
--- a/phpBB/includes/acp/acp_language.php
+++ b/phpBB/includes/acp/acp_language.php
@@ -919,6 +919,9 @@ class acp_language
$default_lang_id = (int) $db->sql_fetchfield('lang_id');
$db->sql_freeresult($result);
+ // We want to notify the admin that custom profile fields need to be updated for the new language.
+ $notify_cpf_update = false;
+
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
@@ -932,6 +935,7 @@ class acp_language
{
$row['lang_id'] = $lang_id;
$db->sql_query('INSERT INTO ' . PROFILE_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row));
+ $notify_cpf_update = true;
}
$db->sql_freeresult($result);
@@ -944,12 +948,15 @@ class acp_language
{
$row['lang_id'] = $lang_id;
$db->sql_query('INSERT INTO ' . PROFILE_FIELDS_LANG_TABLE . ' ' . $db->sql_build_array('INSERT', $row));
+ $notify_cpf_update = true;
}
$db->sql_freeresult($result);
add_log('admin', 'LOG_LANGUAGE_PACK_INSTALLED', $lang_pack['name']);
- trigger_error(sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']) . adm_back_link($this->u_action));
+ $message = sprintf($user->lang['LANGUAGE_PACK_INSTALLED'], $lang_pack['name']);
+ $message .= ($notify_cpf_update) ? '<br /><br />' . $user->lang['LANGUAGE_PACK_CPF_UPDATE'] : '';
+ trigger_error($message . adm_back_link($this->u_action));
break;
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index 6d1c02248a..c8df21f5a9 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -600,6 +600,17 @@ class acp_main
$template->assign_var('S_WRITABLE_CONFIG', (bool) (@fileperms($phpbb_root_path . 'config.' . $phpEx) & 0x0002));
}
+ if (extension_loaded('mbstring'))
+ {
+ $template->assign_vars(array(
+ 'S_MBSTRING_LOADED' => true,
+ 'S_MBSTRING_FUNC_OVERLOAD_FAIL' => (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)),
+ 'S_MBSTRING_ENCODING_TRANSLATION_FAIL' => (@ini_get('mbstring.encoding_translation') != 0),
+ 'S_MBSTRING_HTTP_INPUT_FAIL' => (@ini_get('mbstring.http_input') != 'pass'),
+ 'S_MBSTRING_HTTP_OUTPUT_FAIL' => (@ini_get('mbstring.http_output') != 'pass'),
+ ));
+ }
+
// Fill dbms version if not yet filled
if (empty($config['dbms_version']))
{
diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php
index fcfef2a61e..dfd7511427 100644
--- a/phpBB/includes/acp/acp_ranks.php
+++ b/phpBB/includes/acp/acp_ranks.php
@@ -199,7 +199,7 @@ class acp_ranks
'RANK_TITLE' => (isset($ranks['rank_title'])) ? $ranks['rank_title'] : '',
'S_FILENAME_LIST' => $filename_list,
'RANK_IMAGE' => ($edit_img) ? $phpbb_root_path . $config['ranks_path'] . '/' . $edit_img : $phpbb_admin_path . 'images/spacer.gif',
- 'S_SPECIAL_RANK' => (!isset($ranks['rank_special']) || $ranks['rank_special']) ? true : false,
+ 'S_SPECIAL_RANK' => (isset($ranks['rank_special']) && $ranks['rank_special']) ? true : false,
'MIN_POSTS' => (isset($ranks['rank_min']) && !$ranks['rank_special']) ? $ranks['rank_min'] : 0)
);
diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php
index 931fa53165..7e3d1a1024 100644
--- a/phpBB/includes/acp/acp_update.php
+++ b/phpBB/includes/acp/acp_update.php
@@ -37,7 +37,7 @@ class acp_update
$errstr = '';
$errno = 0;
- $info = obtain_latest_version_info(request_var('versioncheck_force', false), true);
+ $info = obtain_latest_version_info(request_var('versioncheck_force', false));
if ($info === false)
{
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 789003e31b..4f58434a43 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -348,10 +348,7 @@ class acp_users
$messenger->to($user_row['user_email'], $user_row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
@@ -406,10 +403,7 @@ class acp_users
$messenger->to($user_row['user_email'], $user_row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($user_row['username']))
@@ -818,7 +812,7 @@ class acp_users
// Which updates do we need to do?
$update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
- $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
+ $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false;
$update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
if (!sizeof($error))
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index 6ca69d9174..c20196d019 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -107,6 +107,15 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
if (!$row)
{
+ if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max'])
+ {
+ return array(
+ 'status' => LOGIN_ERROR_ATTEMPTS,
+ 'error_msg' => 'LOGIN_ERROR_ATTEMPTS',
+ 'user_row' => array('user_id' => ANONYMOUS),
+ );
+ }
+
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
@@ -264,4 +273,4 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
);
}
-?> \ No newline at end of file
+?>
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index 03b1102602..a0444ea594 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -25,7 +25,7 @@ if (!defined('IN_PHPBB'))
*/
// phpBB Version
-define('PHPBB_VERSION', '3.0.10-dev');
+define('PHPBB_VERSION', '3.0.11-dev');
// QA-related
// define('PHPBB_QA', 1);
diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php
index 2cb0fcef68..2cba11133a 100644
--- a/phpBB/includes/db/db_tools.php
+++ b/phpBB/includes/db/db_tools.php
@@ -348,6 +348,66 @@ class phpbb_db_tools
}
/**
+ * Gets a list of tables in the database.
+ *
+ * @return array Array of table names (all lower case)
+ */
+ function sql_list_tables()
+ {
+ switch ($this->db->sql_layer)
+ {
+ case 'mysql':
+ case 'mysql4':
+ case 'mysqli':
+ $sql = 'SHOW TABLES';
+ break;
+
+ case 'sqlite':
+ $sql = 'SELECT name
+ FROM sqlite_master
+ WHERE type = "table"';
+ break;
+
+ case 'mssql':
+ case 'mssql_odbc':
+ case 'mssqlnative':
+ $sql = "SELECT name
+ FROM sysobjects
+ WHERE type='U'";
+ break;
+
+ case 'postgres':
+ $sql = 'SELECT relname
+ FROM pg_stat_user_tables';
+ break;
+
+ case 'firebird':
+ $sql = 'SELECT rdb$relation_name
+ FROM rdb$relations
+ WHERE rdb$view_source is null
+ AND rdb$system_flag = 0';
+ break;
+
+ case 'oracle':
+ $sql = 'SELECT table_name
+ FROM USER_TABLES';
+ break;
+ }
+
+ $result = $this->db->sql_query($sql);
+
+ $tables = array();
+ while ($row = $this->db->sql_fetchrow($result))
+ {
+ $name = current($row);
+ $tables[$name] = $name;
+ }
+ $this->db->sql_freeresult($result);
+
+ return $tables;
+ }
+
+ /**
* Check if table exists
*
*
@@ -1011,34 +1071,21 @@ class phpbb_db_tools
}
/**
- * Check if a specified column exist
+ * Gets a list of columns of a table.
*
- * @param string $table Table to check the column at
- * @param string $column_name The column to check
+ * @param string $table Table name
*
- * @return bool True if column exists, else false
+ * @return array Array of column names (all lower case)
*/
- function sql_column_exists($table, $column_name)
+ function sql_list_columns($table)
{
+ $columns = array();
+
switch ($this->sql_layer)
{
case 'mysql_40':
case 'mysql_41':
-
$sql = "SHOW COLUMNS FROM $table";
- $result = $this->db->sql_query($sql);
-
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['Field']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
// PostgreSQL has a way of doing this in a much simpler way but would
@@ -1049,19 +1096,6 @@ class phpbb_db_tools
WHERE c.relname = '{$table}'
AND a.attnum > 0
AND a.attrelid = c.oid";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['attname']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
-
- return false;
break;
// same deal with PostgreSQL, we must perform more complex operations than
@@ -1072,62 +1106,26 @@ class phpbb_db_tools
FROM syscolumns c
LEFT JOIN sysobjects o ON c.id = o.id
WHERE o.name = '{$table}'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['name']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
case 'oracle':
$sql = "SELECT column_name
FROM user_tab_columns
WHERE LOWER(table_name) = '" . strtolower($table) . "'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['column_name']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
case 'firebird':
$sql = "SELECT RDB\$FIELD_NAME as FNAME
FROM RDB\$RELATION_FIELDS
WHERE RDB\$RELATION_NAME = '" . strtoupper($table) . "'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['fname']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
- // ugh, SQLite
case 'sqlite':
$sql = "SELECT sql
FROM sqlite_master
WHERE type = 'table'
AND name = '{$table}'";
+
$result = $this->db->sql_query($sql);
if (!$result)
@@ -1151,14 +1149,39 @@ class phpbb_db_tools
continue;
}
- if (strtolower($entities[0]) == $column_name)
- {
- return true;
- }
+ $column = strtolower($entities[0]);
+ $columns[$column] = $column;
}
- return false;
+
+ return $columns;
break;
}
+
+ $result = $this->db->sql_query($sql);
+
+ while ($row = $this->db->sql_fetchrow($result))
+ {
+ $column = strtolower(current($row));
+ $columns[$column] = $column;
+ }
+ $this->db->sql_freeresult($result);
+
+ return $columns;
+ }
+
+ /**
+ * Check whether a specified column exist in a table
+ *
+ * @param string $table Table to check
+ * @param string $column_name Column to check
+ *
+ * @return bool True if column exists, false otherwise
+ */
+ function sql_column_exists($table, $column_name)
+ {
+ $columns = $this->sql_list_columns($table);
+
+ return isset($columns[$column_name]);
}
/**
@@ -1805,7 +1828,7 @@ class phpbb_db_tools
break;
case 'oracle':
- $statements[] = 'ALTER TABLE ' . $table_name . ' DROP ' . $column_name;
+ $statements[] = 'ALTER TABLE ' . $table_name . ' DROP COLUMN ' . $column_name;
break;
case 'postgres':
@@ -1956,6 +1979,7 @@ class phpbb_db_tools
$statements[] = "DROP SEQUENCE {$row['referenced_name']}";
}
$this->db->sql_freeresult($result);
+ break;
case 'postgres':
// PGSQL does not "tightly" bind sequences and tables, we must guess...
@@ -2091,7 +2115,7 @@ class phpbb_db_tools
case 'mysql_40':
case 'mysql_41':
- $statements[] = 'CREATE UNIQUE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD UNIQUE INDEX (' . implode(', ', $column) . ')';
break;
case 'mssql':
@@ -2144,7 +2168,7 @@ class phpbb_db_tools
}
// no break
case 'mysql_41':
- $statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD INDEX ' . $index_name . '(' . implode(', ', $column) . ')';
break;
case 'mssql':
diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php
index 9b45c085a2..b4c1a72e1c 100644
--- a/phpBB/includes/db/dbal.php
+++ b/phpBB/includes/db/dbal.php
@@ -609,7 +609,7 @@ class dbal
}
}
- $sql .= $this->_sql_custom_build('FROM', implode(', ', $table_array));
+ $sql .= $this->_sql_custom_build('FROM', implode(' CROSS JOIN ', $table_array));
if (!empty($array['LEFT_JOIN']))
{
diff --git a/phpBB/includes/db/mssqlnative.php b/phpBB/includes/db/mssqlnative.php
index 6810562d17..7fbc374e77 100644
--- a/phpBB/includes/db/mssqlnative.php
+++ b/phpBB/includes/db/mssqlnative.php
@@ -396,7 +396,7 @@ class dbal_mssqlnative extends dbal
*/
function sql_affectedrows()
{
- return ($this->db_connect_id) ? @sqlsrv_rows_affected($this->db_connect_id) : false;
+ return (!empty($this->query_result)) ? @sqlsrv_rows_affected($this->query_result) : false;
}
/**
diff --git a/phpBB/includes/db/mysqli.php b/phpBB/includes/db/mysqli.php
index 46c2f9210b..456ce906d0 100644
--- a/phpBB/includes/db/mysqli.php
+++ b/phpBB/includes/db/mysqli.php
@@ -249,7 +249,13 @@ class dbal_mysqli extends dbal
return $cache->sql_fetchrow($query_id);
}
- return ($query_id !== false) ? @mysqli_fetch_assoc($query_id) : false;
+ if ($query_id !== false)
+ {
+ $result = @mysqli_fetch_assoc($query_id);
+ return $result !== null ? $result : false;
+ }
+
+ return false;
}
/**
diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php
index 55834f354c..3c0a89a1f3 100644
--- a/phpBB/includes/error_collector.php
+++ b/phpBB/includes/error_collector.php
@@ -49,13 +49,15 @@ class phpbb_error_collector
{
$text .= "<br />\n";
}
+
list($errno, $msg_text, $errfile, $errline) = $error;
- $text .= "Errno $errno: $msg_text";
- if (defined('DEBUG_EXTRA') || defined('IN_INSTALL'))
- {
- $text .= " at $errfile line $errline";
- }
+
+ // Prevent leakage of local path to phpBB install
+ $errfile = phpbb_filter_root_path($errfile);
+
+ $text .= "Errno $errno: $msg_text at $errfile line $errline";
}
+
return $text;
}
}
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index df49bdf637..7ce83b871a 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1880,7 +1880,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s
*/
function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
{
- global $db, $tracking_topics, $user, $config;
+ global $db, $tracking_topics, $user, $config, $auth;
// Determine the users last forum mark time if not given.
if ($mark_time_forum === false)
@@ -1903,6 +1903,10 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti
}
}
+ // Handle update of unapproved topics info.
+ // Only update for moderators having m_approve permission for the forum.
+ $sql_update_unapproved = ($auth->acl_get('m_approve', $forum_id)) ? '': 'AND t.topic_approved = 1';
+
// Check the forum for any left unread topics.
// If there are none, we mark the forum as read.
if ($config['load_db_lastread'] && $user->data['is_registered'])
@@ -1918,7 +1922,8 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti
LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')
WHERE t.forum_id = ' . $forum_id . '
AND t.topic_last_post_time > ' . $mark_time_forum . '
- AND t.topic_moved_id = 0
+ AND t.topic_moved_id = 0 ' .
+ $sql_update_unapproved . '
AND (tt.topic_id IS NULL OR tt.mark_time < t.topic_last_post_time)
GROUP BY t.forum_id';
$result = $db->sql_query_limit($sql, 1);
@@ -1938,11 +1943,12 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti
}
else
{
- $sql = 'SELECT topic_id
- FROM ' . TOPICS_TABLE . '
- WHERE forum_id = ' . $forum_id . '
- AND topic_last_post_time > ' . $mark_time_forum . '
- AND topic_moved_id = 0';
+ $sql = 'SELECT t.topic_id
+ FROM ' . TOPICS_TABLE . ' t
+ WHERE t.forum_id = ' . $forum_id . '
+ AND t.topic_last_post_time > ' . $mark_time_forum . '
+ AND t.topic_moved_id = 0 ' .
+ $sql_update_unapproved;
$result = $db->sql_query($sql);
$check_forum = $tracking_topics['tf'][$forum_id];
@@ -2127,7 +2133,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
$end_cnt = max(min($total_pages, $on_page + 4), 6);
- $page_string .= ($start_cnt > 1) ? ' ... ' : $seperator;
+ $page_string .= ($start_cnt > 1) ? '<span class="page-dots"> ... </span>' : $seperator;
for ($i = $start_cnt + 1; $i < $end_cnt; $i++)
{
@@ -2138,7 +2144,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
}
}
- $page_string .= ($end_cnt < $total_pages) ? ' ... ' : $seperator;
+ $page_string .= ($end_cnt < $total_pages) ? '<span class="page-dots"> ... </span>' : $seperator;
}
else
{
@@ -2225,6 +2231,12 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
global $_SID, $_EXTRA_URL, $phpbb_hook;
+ if ($params === '' || (is_array($params) && empty($params)))
+ {
+ // Do not append the ? if the param-list is empty anyway.
+ $params = false;
+ }
+
// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropriately.
// They could mimic most of what is within this function
if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
@@ -3381,61 +3393,44 @@ function add_log()
}
/**
-* Return a nicely formatted backtrace (parts from the php manual by diz at ysagoon dot com)
+* Return a nicely formatted backtrace.
+*
+* Turns the array returned by debug_backtrace() into HTML markup.
+* Also filters out absolute paths to phpBB root.
+*
+* @return string HTML markup
*/
function get_backtrace()
{
- global $phpbb_root_path;
-
$output = '<div style="font-family: monospace;">';
$backtrace = debug_backtrace();
- $path = phpbb_realpath($phpbb_root_path);
- foreach ($backtrace as $number => $trace)
- {
- // We skip the first one, because it only shows this file/function
- if ($number == 0)
- {
- continue;
- }
+ // We skip the first one, because it only shows this file/function
+ unset($backtrace[0]);
+ foreach ($backtrace as $trace)
+ {
// Strip the current directory from path
- if (empty($trace['file']))
- {
- $trace['file'] = '';
- }
- else
- {
- $trace['file'] = str_replace(array($path, '\\'), array('', '/'), $trace['file']);
- $trace['file'] = substr($trace['file'], 1);
- }
- $args = array();
+ $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));
+ $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];
- // If include/require/include_once is not called, do not show arguments - they may contain sensible information
- if (!in_array($trace['function'], array('include', 'require', 'include_once')))
+ // Only show function arguments for include etc.
+ // Other parameters may contain sensible information
+ $argument = '';
+ if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once')))
{
- unset($trace['args']);
- }
- else
- {
- // Path...
- if (!empty($trace['args'][0]))
- {
- $argument = htmlspecialchars($trace['args'][0]);
- $argument = str_replace(array($path, '\\'), array('', '/'), $argument);
- $argument = substr($argument, 1);
- $args[] = "'{$argument}'";
- }
+ $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));
}
$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
$trace['type'] = (!isset($trace['type'])) ? '' : $trace['type'];
$output .= '<br />';
- $output .= '<b>FILE:</b> ' . htmlspecialchars($trace['file']) . '<br />';
+ $output .= '<b>FILE:</b> ' . $trace['file'] . '<br />';
$output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
- $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']) . '(' . ((sizeof($args)) ? implode(', ', $args) : '') . ')<br />';
+ $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);
+ $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />';
}
$output .= '</div>';
return $output;
@@ -3497,6 +3492,10 @@ function get_preg_expression($mode)
$inline = ($mode == 'relative_url') ? ')' : '';
return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
break;
+
+ case 'table_prefix':
+ return '#^[a-zA-Z][a-zA-Z0-9_]*$#';
+ break;
}
return '';
@@ -3810,9 +3809,8 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
{
- // remove complete path to installation, with the risk of changing backslashes meant to be there
- $errfile = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $errfile);
- $msg_text = str_replace(array(phpbb_realpath($phpbb_root_path), '\\'), array('', '/'), $msg_text);
+ $errfile = phpbb_filter_root_path($errfile);
+ $msg_text = phpbb_filter_root_path($msg_text);
$error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice';
echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
@@ -3991,6 +3989,29 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
}
/**
+* Removes absolute path to phpBB root directory from error messages
+* and converts backslashes to forward slashes.
+*
+* @param string $errfile Absolute file path
+* (e.g. /var/www/phpbb3/phpBB/includes/functions.php)
+* Please note that if $errfile is outside of the phpBB root,
+* the root path will not be found and can not be filtered.
+* @return string Relative file path
+* (e.g. /includes/functions.php)
+*/
+function phpbb_filter_root_path($errfile)
+{
+ static $root_path;
+
+ if (empty($root_path))
+ {
+ $root_path = phpbb_realpath(dirname(__FILE__) . '/../');
+ }
+
+ return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);
+}
+
+/**
* Queries the session table to get information about online guests
* @param int $item_id Limits the search to the item with this id
* @param string $item The name of the item which is stored in the session table as session_{$item}_id
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index 0c83674054..0e1a11b4aa 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -2574,7 +2574,11 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
$db->sql_freeresult($result);
}
- if ($log_count == 0)
+ // $log_count may be false here if false was passed in for it,
+ // because in this case we did not run the COUNT() query above.
+ // If we ran the COUNT() query and it returned zero rows, return;
+ // otherwise query for logs below.
+ if ($log_count === 0)
{
// Save the queries, because there are no logs to display
return 0;
@@ -3095,7 +3099,7 @@ function get_database_size()
/**
* Retrieve contents from remotely stored file
*/
-function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 10)
+function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6)
{
global $user;
@@ -3105,6 +3109,9 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
@fputs($fsock, "HOST: $host\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
+ $timer_stop = time() + $timeout;
+ stream_set_timeout($fsock, $timeout);
+
$file_info = '';
$get_info = false;
@@ -3127,6 +3134,14 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
return false;
}
}
+
+ $stream_meta_data = stream_get_meta_data($fsock);
+
+ if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
+ {
+ $errstr = $user->lang['FSOCK_TIMEOUT'];
+ return false;
+ }
}
@fclose($fsock);
}
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index 14d0c44dcf..ee7048638d 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -465,6 +465,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
'S_NO_CAT' => $catless && !$last_catless,
'S_IS_LINK' => ($row['forum_type'] == FORUM_LINK) ? true : false,
'S_UNREAD_FORUM' => $forum_unread,
+ 'S_AUTH_READ' => $auth->acl_get('f_read', $row['forum_id']),
'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false,
'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false,
'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false,
@@ -674,7 +675,7 @@ function topic_generate_pagination($replies, $url)
$pagination .= '<a href="' . $url . ($j == 0 ? '' : '&amp;start=' . $j) . '">' . $times . '</a>';
if ($times == 1 && $total_pages > 5)
{
- $pagination .= ' ... ';
+ $pagination .= '<span class="page-dots"> ... </span>';
// Display the last three pages
$times = $total_pages - 3;
@@ -1083,6 +1084,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$match_id = ($mode == 'forum') ? $forum_id : $topic_id;
$u_url = "uid={$user->data['user_id']}";
$u_url .= ($mode == 'forum') ? '&amp;f' : '&amp;f=' . $forum_id . '&amp;t';
+ $is_watching = 0;
// Is user watching this thread?
if ($user_id != ANONYMOUS)
@@ -1109,9 +1111,9 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$uid = request_var('uid', 0);
$token = request_var('hash', '');
- if (($token && check_link_hash($token, "{$mode}_$match_id")) || confirm_box(true))
+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))
{
- if (($uid != $user_id) || ($_GET['unwatch'] != $mode))
+ if ($uid != $user_id || $_GET['unwatch'] != $mode)
{
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
$message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
@@ -1124,7 +1126,8 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$db->sql_query($sql);
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
- $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
+ $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />';
+ $message .= sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
meta_refresh(3, $redirect_url);
trigger_error($message);
}
@@ -1141,7 +1144,14 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$s_hidden_fields['t'] = $topic_id;
}
- $confirm_box_message = (($item_title == '') ? 'UNWATCH_' . strtoupper($mode) : $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title));
+ if ($item_title == '')
+ {
+ $confirm_box_message = 'UNWATCH_' . strtoupper($mode);
+ }
+ else
+ {
+ $confirm_box_message = $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title);
+ }
confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields));
}
}
@@ -1166,9 +1176,9 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$uid = request_var('uid', 0);
$token = request_var('hash', '');
- if (($token && check_link_hash($token, "{$mode}_$match_id")) || confirm_box(true))
+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))
{
- if (($uid != $user_id) || ($_GET['watch'] != $mode))
+ if ($uid != $user_id || $_GET['watch'] != $mode)
{
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
$message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
diff --git a/phpBB/includes/functions_install.php b/phpBB/includes/functions_install.php
index 6438f35ccc..6caa5c943f 100644
--- a/phpBB/includes/functions_install.php
+++ b/phpBB/includes/functions_install.php
@@ -202,61 +202,20 @@ function dbms_select($default = '', $only_20x_options = false)
/**
* Get tables of a database
+*
+* @deprecated
*/
-function get_tables($db)
+function get_tables(&$db)
{
- switch ($db->sql_layer)
- {
- case 'mysql':
- case 'mysql4':
- case 'mysqli':
- $sql = 'SHOW TABLES';
- break;
-
- case 'sqlite':
- $sql = 'SELECT name
- FROM sqlite_master
- WHERE type = "table"';
- break;
-
- case 'mssql':
- case 'mssql_odbc':
- case 'mssqlnative':
- $sql = "SELECT name
- FROM sysobjects
- WHERE type='U'";
- break;
-
- case 'postgres':
- $sql = 'SELECT relname
- FROM pg_stat_user_tables';
- break;
-
- case 'firebird':
- $sql = 'SELECT rdb$relation_name
- FROM rdb$relations
- WHERE rdb$view_source is null
- AND rdb$system_flag = 0';
- break;
-
- case 'oracle':
- $sql = 'SELECT table_name
- FROM USER_TABLES';
- break;
- }
-
- $result = $db->sql_query($sql);
-
- $tables = array();
-
- while ($row = $db->sql_fetchrow($result))
+ if (!class_exists('phpbb_db_tools'))
{
- $tables[] = current($row);
+ global $phpbb_root_path, $phpEx;
+ require($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);
}
- $db->sql_freeresult($result);
+ $db_tools = new phpbb_db_tools($db);
- return $tables;
+ return $db_tools->sql_list_tables();
}
/**
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index b5c87094c0..91b361183c 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -163,6 +163,22 @@ class messenger
}
/**
+ * Adds X-AntiAbuse headers
+ *
+ * @param array $config Configuration array
+ * @param user $user A user object
+ *
+ * @return null
+ */
+ function anti_abuse_headers($config, $user)
+ {
+ $this->headers('X-AntiAbuse: Board servername - ' . mail_encode($config['server_name']));
+ $this->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
+ $this->headers('X-AntiAbuse: Username - ' . mail_encode($user->data['username']));
+ $this->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ }
+
+ /**
* Set the email priority
*/
function set_mail_priority($priority = MAIL_NORMAL_PRIORITY)
@@ -975,9 +991,16 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
$smtp->add_backtrace('Connecting to ' . $config['smtp_host'] . ':' . $config['smtp_port']);
// Ok we have error checked as much as we can to this point let's get on it already.
- ob_start();
+ if (!class_exists('phpbb_error_collector'))
+ {
+ global $phpbb_root_path, $phpEx;
+ include($phpbb_root_path . 'includes/error_collector.' . $phpEx);
+ }
+ $collector = new phpbb_error_collector;
+ $collector->install();
$smtp->socket = fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20);
- $error_contents = ob_get_clean();
+ $collector->uninstall();
+ $error_contents = $collector->format_errors();
if (!$smtp->socket)
{
@@ -1608,18 +1631,27 @@ function mail_encode($str, $eol = "\r\n")
*/
function phpbb_mail($to, $subject, $msg, $headers, $eol, &$err_msg)
{
- global $config;
+ global $config, $phpbb_root_path, $phpEx;
// We use the EOL character for the OS here because the PHP mail function does not correctly transform line endings. On Windows SMTP is used (SMTP is \r\n), on UNIX a command is used...
// Reference: http://bugs.php.net/bug.php?id=15841
$headers = implode($eol, $headers);
- ob_start();
+ if (!class_exists('phpbb_error_collector'))
+ {
+ include($phpbb_root_path . 'includes/error_collector.' . $phpEx);
+ }
+
+ $collector = new phpbb_error_collector;
+ $collector->install();
+
// On some PHP Versions mail() *may* fail if there are newlines within the subject.
// Newlines are used as a delimiter for lines in mail_encode() according to RFC 2045 section 6.8.
// Because PHP can't decide what is wanted we revert back to the non-RFC-compliant way of separating by one space (Use '' as parameter to mail_encode() results in SPACE used)
$result = $config['email_function_name']($to, mail_encode($subject, ''), wordwrap(utf8_wordwrap($msg), 997, "\n", true), $headers);
- $err_msg = ob_get_clean();
+
+ $collector->uninstall();
+ $err_msg = $collector->format_errors();
return $result;
}
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index a641afbaed..77d92e26e2 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -1870,9 +1870,9 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
case 'edit_topic':
case 'edit_first_post':
- if (isset($poll['poll_options']) && !empty($poll['poll_options']))
+ if (isset($poll['poll_options']))
{
- $poll_start = ($poll['poll_start']) ? $poll['poll_start'] : $current_time;
+ $poll_start = ($poll['poll_start'] || empty($poll['poll_options'])) ? $poll['poll_start'] : $current_time;
$poll_length = $poll['poll_length'] * 86400;
if ($poll_length < 0)
{
@@ -2075,11 +2075,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
}
// Update Poll Tables
- if (isset($poll['poll_options']) && !empty($poll['poll_options']))
+ if (isset($poll['poll_options']))
{
$cur_poll_options = array();
- if ($poll['poll_start'] && $mode == 'edit')
+ if ($mode == 'edit')
{
$sql = 'SELECT *
FROM ' . POLL_OPTIONS_TABLE . '
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php
index 4c34bc92ca..c40ceb088f 100644
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@@ -1607,7 +1607,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
// Send Notifications
if ($mode != 'edit')
{
- pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message']);
+ pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message'], $data['msg_id']);
}
return $data['msg_id'];
@@ -1616,7 +1616,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
/**
* PM Notification
*/
-function pm_notification($mode, $author, $recipients, $subject, $message)
+function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id)
{
global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;
@@ -1688,8 +1688,9 @@ function pm_notification($mode, $author, $recipients, $subject, $message)
'AUTHOR_NAME' => htmlspecialchars_decode($author),
'USERNAME' => htmlspecialchars_decode($addr['name']),
- 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox")
- );
+ 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox",
+ 'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=view&p=$msg_id",
+ ));
$messenger->send($addr['method']);
}
diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index ad10a52705..ffede11d37 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -286,14 +286,6 @@ function change_topic_type($action, $topic_ids)
{
global $auth, $user, $db, $phpEx, $phpbb_root_path;
- // For changing topic types, we only allow operations in one forum.
- $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('f_announce', 'f_sticky', 'm_'), true);
-
- if ($forum_id === false)
- {
- return;
- }
-
switch ($action)
{
case 'make_announce':
@@ -316,11 +308,18 @@ function change_topic_type($action, $topic_ids)
default:
$new_topic_type = POST_NORMAL;
- $check_acl = '';
+ $check_acl = false;
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_NORMAL' : 'MCP_MAKE_NORMALS';
break;
}
+ $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_acl, true);
+
+ if ($forum_id === false)
+ {
+ return;
+ }
+
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$s_hidden_fields = array(
diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php
index de7f3e63ee..ba45037a18 100644
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@@ -246,7 +246,7 @@ function mcp_post_details($id, $mode, $action)
}
// Get Reports
- if ($auth->acl_get('m_', $post_info['forum_id']))
+ if ($auth->acl_get('m_report', $post_info['forum_id']))
{
$sql = 'SELECT r.*, re.*, u.user_id, u.username
FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re
diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php
index c419da5574..764461fa53 100644
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -216,6 +216,7 @@ class mcp_queue
'POST_IP' => $post_info['poster_ip'],
'POST_IPADDR' => ($auth->acl_get('m_info', $post_info['forum_id']) && request_var('lookup', '')) ? @gethostbyaddr($post_info['poster_ip']) : '',
'POST_ID' => $post_info['post_id'],
+ 'S_FIRST_POST' => ($post_info['topic_first_post_id'] == $post_id),
'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id . '&amp;lookup=' . $post_info['poster_ip']) . '#ip' : '',
));
@@ -778,6 +779,8 @@ function disapprove_post($post_id_list, $id, $mode)
if (!$row || (!$reason && strtolower($row['reason_title']) == 'other'))
{
$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
+ unset($_REQUEST['confirm_key']);
+ unset($_POST['confirm_key']);
unset($_POST['confirm']);
}
else
diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php
index 39d9fbd4af..def5422be2 100644
--- a/phpBB/includes/mcp/mcp_reports.php
+++ b/phpBB/includes/mcp/mcp_reports.php
@@ -148,6 +148,7 @@ class mcp_reports
$message = bbcode_nl2br($message);
$message = smiley_text($message);
+ $report['report_text'] = make_clickable(bbcode_nl2br($report['report_text']));
if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id']))
{
diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php
index 76cd9beb92..d7cc1e795a 100644
--- a/phpBB/includes/mcp/mcp_topic.php
+++ b/phpBB/includes/mcp/mcp_topic.php
@@ -239,8 +239,8 @@ function mcp_topic_view($id, $mode, $action)
'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
- 'S_POST_REPORTED' => ($row['post_reported']) ? true : false,
- 'S_POST_UNAPPROVED' => ($row['post_approved']) ? false : true,
+ 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id'])),
+ 'S_POST_UNAPPROVED' => (!$row['post_approved'] && $auth->acl_get('m_approve', $topic_info['forum_id'])),
'S_CHECKED' => (($submitted_id_list && !in_array(intval($row['post_id']), $submitted_id_list)) || in_array(intval($row['post_id']), $checked_ids)) ? true : false,
'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false,
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php
index ca9665da29..bbe2f127f1 100644
--- a/phpBB/includes/startup.php
+++ b/phpBB/includes/startup.php
@@ -97,8 +97,8 @@ function deregister_globals()
unset($input);
}
-// If we are on PHP >= 6.0.0 we do not need some code
-if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
+// Register globals and magic quotes have been dropped in PHP 5.4
+if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
{
/**
* @ignore
diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php
index b00c1b9f52..82c1937919 100644
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@@ -117,10 +117,7 @@ class ucp_activate
$messenger->to($user_row['user_email'], $user_row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($user_row['username']))
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 1c055a4823..d62dbb1866 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -193,47 +193,43 @@ class ucp_groups
if ($group_row[$group_id]['group_type'] == GROUP_FREE)
{
group_user_add($group_id, $user->data['user_id']);
-
- $email_template = 'group_added';
}
else
{
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
- $email_template = 'group_request';
- }
+ include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ $messenger = new messenger();
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
- $messenger = new messenger();
+ $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
+ FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u
+ WHERE ug.user_id = u.user_id
+ AND ug.group_leader = 1
+ AND ug.group_id = $group_id";
+ $result = $db->sql_query($sql);
- $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
- FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
- WHERE ug.user_id = u.user_id
- AND ' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . "
- AND ug.group_id = $group_id";
- $result = $db->sql_query($sql);
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $messenger->template('group_request', $row['user_lang']);
- while ($row = $db->sql_fetchrow($result))
- {
- $messenger->template($email_template, $row['user_lang']);
+ $messenger->to($row['user_email'], $row['username']);
+ $messenger->im($row['user_jabber'], $row['username']);
- $messenger->to($row['user_email'], $row['username']);
- $messenger->im($row['user_jabber'], $row['username']);
+ $messenger->assign_vars(array(
+ 'USERNAME' => htmlspecialchars_decode($row['username']),
+ 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']),
+ 'REQUEST_USERNAME' => $user->data['username'],
- $messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($row['username']),
- 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']),
- 'REQUEST_USERNAME' => $user->data['username'],
+ 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
+ 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
+ );
- 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
- 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
- );
+ $messenger->send($row['user_notify_type']);
+ }
+ $db->sql_freeresult($result);
- $messenger->send($row['user_notify_type']);
+ $messenger->save_queue();
}
- $db->sql_freeresult($result);
-
- $messenger->save_queue();
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']);
diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php
index c675928a5b..447b6ebe87 100644
--- a/phpBB/includes/ucp/ucp_pm.php
+++ b/phpBB/includes/ucp/ucp_pm.php
@@ -243,7 +243,7 @@ class ucp_pm
$num_not_moved = $num_removed = 0;
$release = request_var('release', 0);
- if ($user->data['user_new_privmsg'] && $action == 'view_folder')
+ if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message'))
{
$return = place_pm_into_folder($global_privmsgs_rules, $release);
$num_not_moved = $return['not_moved'];
diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php
index d0cfa1ffd2..82a095dd9c 100644
--- a/phpBB/includes/ucp/ucp_pm_viewmessage.php
+++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php
@@ -208,7 +208,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $author_id) : '',
'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '',
- 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people' . urlencode($user_info['user_icq']) . '/' : '',
+ 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/' . urlencode($user_info['user_icq']) . '/' : '',
'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=aim&amp;u=' . $author_id) : '',
'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&amp;.src=pg' : '',
'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=msnm&amp;u=' . $author_id) : '',
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index c099e3b3fa..d35d13b6c1 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -78,14 +78,14 @@ class ucp_profile
$error = validate_data($data, $check_ary);
- if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
+ if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email'])
{
- $error[] = 'NEW_PASSWORD_ERROR';
+ $error[] = ($data['email_confirm']) ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY';
}
- if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && !phpbb_check_hash($data['cur_password'], $user->data['user_password']))
+ if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
{
- $error[] = 'CUR_PASSWORD_ERROR';
+ $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY';
}
// Only check the new password against the previous password if there have been no errors
@@ -94,9 +94,9 @@ class ucp_profile
$error[] = 'SAME_PASSWORD_ERROR';
}
- if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email'])
+ if (!phpbb_check_hash($data['cur_password'], $user->data['user_password']))
{
- $error[] = 'NEW_EMAIL_ERROR';
+ $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY';
}
if (!check_form_key('ucp_reg_details'))
@@ -150,10 +150,7 @@ class ucp_profile
$messenger->to($data['email'], $data['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($data['username']),
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 13b9945851..4e8729db56 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -155,8 +155,8 @@ class ucp_register
$this->tpl_name = 'ucp_agreement';
return;
}
-
-
+
+
// The CAPTCHA kicks in here. We can't help that the information gets lost on language change.
if ($config['enable_confirm'])
{
@@ -366,10 +366,7 @@ class ucp_register
$messenger->to($data['email'], $data['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 39e9be24a1..4d181dba49 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -94,10 +94,7 @@ class ucp_resend
$messenger->template(($coppa) ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']);
$messenger->to($user_row['user_email'], $user_row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
@@ -133,10 +130,7 @@ class ucp_resend
$messenger->to($row['user_email'], $row['username']);
$messenger->im($row['user_jabber'], $row['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
+ $messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($user_row['username']),