diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_ban.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_captcha.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_php_info.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_prune.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_ldap.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/db/oracle.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/db/postgres.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 52 | ||||
| -rw-r--r-- | phpBB/includes/functions_convert.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/functions_display.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_viewfolder.php | 26 |
16 files changed, 112 insertions, 26 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 3198376584..a7ea57b753 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -224,7 +224,7 @@ class acp_ban $template->assign_block_vars('ban_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + 'A_REASON' => addslashes($reason), )); } } @@ -236,7 +236,7 @@ class acp_ban $template->assign_block_vars('ban_give_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + 'A_REASON' => addslashes($reason), )); } } diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 56a57e319c..1893eed14f 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -89,14 +89,14 @@ class acp_captcha } else { - trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action)); + trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } } trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } else if ($submit) { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link()); + trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING); } else { diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 541a514bef..f2f1bd80e2 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -190,12 +190,14 @@ class acp_forums $forum_perm_from = request_var('forum_perm_from', 0); $cache->destroy('sql', FORUMS_TABLE); + $copied_permissions = false; // Copy permissions? if ($forum_perm_from && $forum_perm_from != $forum_data['forum_id'] && ($action != 'edit' || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')))) { copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], ($action == 'edit') ? true : false); cache_moderators(); + $copied_permissions = true; } /* Commented out because of questionable UI workflow - re-visit for 3.0.7 else if (!$this->parent_id && $action != 'edit' && $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')) @@ -211,13 +213,13 @@ class acp_forums $message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; // Redirect to permissions - if ($auth->acl_get('a_fauth')) + if ($auth->acl_get('a_fauth') && !$copied_permissions) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>'); } // redirect directly to permission settings screen if authed - if ($action == 'add' && !$forum_perm_from && $auth->acl_get('a_fauth')) + if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) { meta_refresh(4, append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url)); } @@ -981,7 +983,7 @@ class acp_forums if (!$row) { - trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&' . $this->parent_id), E_USER_WARNING); + trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } if ($row['forum_type'] == FORUM_LINK) diff --git a/phpBB/includes/acp/acp_php_info.php b/phpBB/includes/acp/acp_php_info.php index 9935c0466e..0499095004 100644 --- a/phpBB/includes/acp/acp_php_info.php +++ b/phpBB/includes/acp/acp_php_info.php @@ -35,9 +35,9 @@ class acp_php_info $this->tpl_name = 'acp_php_info'; $this->page_title = 'ACP_PHP_INFO'; - + ob_start(); - @phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES); + phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES); $phpinfo = ob_get_clean(); $phpinfo = trim($phpinfo); diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 7eeb37133f..ffe20f86f5 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -315,8 +315,8 @@ class acp_prune 'mode' => $mode, 'prune' => 1, - 'users' => request_var('users', '', true), - 'username' => request_var('username', '', true), + 'users' => utf8_normalize_nfc(request_var('users', '', true)), + 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => request_var('email', ''), 'joined_select' => request_var('joined_select', ''), 'joined' => request_var('joined', ''), @@ -369,7 +369,7 @@ class acp_prune { global $user, $db; - $users = request_var('users', '', true); + $users = utf8_normalize_nfc(request_var('users', '', true)); if ($users) { @@ -378,7 +378,7 @@ class acp_prune } else { - $username = request_var('username', '', true); + $username = utf8_normalize_nfc(request_var('username', '', true)); $email = request_var('email', ''); $joined_select = request_var('joined_select', 'lt'); diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index a6092baba5..e8c957aaa3 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -74,7 +74,7 @@ function init_ldap() if ($search === false) { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; + return $user->lang['LDAP_SEARCH_FAILED']; } $result = @ldap_get_entries($ldap, $search); diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index a3da196cf8..ff572869e2 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -121,7 +121,6 @@ define('NOTIFY_BOTH', 2); define('NOTIFY_YES', 0); define('NOTIFY_NO', 1); - // Email Priority Settings define('MAIL_LOW_PRIORITY', 4); define('MAIL_NORMAL_PRIORITY', 3); diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index 55b3599800..5a9b18abf0 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -261,6 +261,10 @@ class dbal_oracle extends dbal { $cols = explode(', ', $regs[2]); +/* The code inside this comment block breaks clob handling, but does allow the + database restore script to work. If you want to allow no posts longer than 4KB + and/or need the db restore script, uncomment this. + preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER); if (sizeof($cols) !== sizeof($vals)) @@ -310,6 +314,7 @@ class dbal_oracle extends dbal $vals = array(0 => $vals); } +*/ $inserts = $vals[0]; unset($vals); diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index b3139b3d79..2a885f1d04 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -46,7 +46,10 @@ class dbal_postgres extends dbal if ($sqlserver) { - if (strpos($sqlserver, ':') !== false) + // $sqlserver can carry a port separated by : for compatibility reasons + // If $sqlserver has more than one : it's probably an IPv6 address. + // In this case we only allow passing a port via the $port variable. + if (substr_count($sqlserver, ':') === 1) { list($sqlserver, $port) = explode(':', $sqlserver); } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index cd8447a2a3..3f097f171f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1660,10 +1660,11 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis * @param string $sql_extra Extra WHERE SQL statement * @param string $sql_sort ORDER BY SQL sorting statement * @param string $sql_limit Limits the size of unread topics list, 0 for unlimited query +* @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start * * @return array[int][int] Topic ids as keys, mark_time of topic as value */ -function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001) +function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) { global $config, $db, $user; @@ -1709,7 +1710,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s ); $sql = $db->sql_build_query('SELECT', $sql_array); - $result = $db->sql_query_limit($sql, $sql_limit); + $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); while ($row = $db->sql_fetchrow($result)) { @@ -1742,7 +1743,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s WHERE t.topic_last_post_time > ' . $user_lastmark . " $sql_extra $sql_sort"; - $result = $db->sql_query_limit($sql, $sql_limit); + $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); while ($row = $db->sql_fetchrow($result)) { @@ -2578,6 +2579,47 @@ function meta_refresh($time, $url, $disable_cd_check = false) return $url; } +/** +* Outputs correct status line header. +* +* Depending on php sapi one of the two following forms is used: +* +* Status: 404 Not Found +* +* HTTP/1.x 404 Not Found +* +* HTTP version is taken from HTTP_VERSION environment variable, +* and defaults to 1.0. +* +* Sample usage: +* +* send_status_line(404, 'Not Found'); +* +* @param int $code HTTP status code +* @param string $message Message for the status code +* @return void +*/ +function send_status_line($code, $message) +{ + if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') + { + // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though + header("Status: $code $message", true, $code); + } + else + { + if (isset($_SERVER['HTTP_VERSION'])) + { + $version = $_SERVER['HTTP_VERSION']; + } + else + { + $version = 'HTTP/1.0'; + } + header("$version $code $message", true, $code); + } +} + //Form validation @@ -3621,9 +3663,9 @@ function msg_handler($errno, $msg_text, $errfile, $errline) $user->setup(); } - if ($msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') + if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') { - header("HTTP/1.x 404 Not Found"); + send_status_line(404, 'Not Found'); } $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text; diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 0fdae9b274..c035fd3739 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -1025,6 +1025,9 @@ function set_user_options() 'bbcode' => array('bit' => 8, 'default' => 1), 'smilies' => array('bit' => 9, 'default' => 1), 'popuppm' => array('bit' => 10, 'default' => 0), + 'sig_bbcode' => array('bit' => 15, 'default' => 1), + 'sig_smilies' => array('bit' => 16, 'default' => 1), + 'sig_links' => array('bit' => 17, 'default' => 1), ); $option_field = 0; diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index ec348138f5..5e6239b070 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -969,11 +969,16 @@ function display_user_activity(&$userdata) $forum_ary = array_unique($forum_ary); $forum_sql = (sizeof($forum_ary)) ? 'AND ' . $db->sql_in_set('forum_id', $forum_ary, true) : ''; + $fid_m_approve = $auth->acl_getf('m_approve', true); + $sql_m_approve = (!empty($fid_m_approve)) ? 'OR ' . $db->sql_in_set('forum_id', array_keys($fid_m_approve)) : ''; + // Obtain active forum $sql = 'SELECT forum_id, COUNT(post_id) AS num_posts FROM ' . POSTS_TABLE . ' WHERE poster_id = ' . $userdata['user_id'] . " AND post_postcount = 1 + AND (post_approved = 1 + $sql_m_approve) $forum_sql GROUP BY forum_id ORDER BY num_posts DESC"; @@ -996,6 +1001,8 @@ function display_user_activity(&$userdata) FROM ' . POSTS_TABLE . ' WHERE poster_id = ' . $userdata['user_id'] . " AND post_postcount = 1 + AND (post_approved = 1 + $sql_m_approve) $forum_sql GROUP BY topic_id ORDER BY num_posts DESC"; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 7242e7987b..f6f90575d4 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -348,7 +348,7 @@ function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL) { $topic_type_array = array_merge(array(0 => array( 'VALUE' => POST_NORMAL, - 'S_CHECKED' => ($topic_type == POST_NORMAL) ? ' checked="checked"' : '', + 'S_CHECKED' => ($cur_topic_type == POST_NORMAL) ? ' checked="checked"' : '', 'L_TOPIC_TYPE' => $user->lang['POST_NORMAL'])), $topic_type_array diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 21e82030ee..93e4e6db07 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -297,6 +297,7 @@ function user_add($user_row, $cp_data = false) if ($config['new_member_group_default']) { group_user_add($add_group_id, $user_id, false, false, true); + $user_row['group_id'] = $add_group_id; } else { @@ -527,7 +528,7 @@ function user_delete($mode, $user_id, $post_username = false) $db->sql_transaction('begin'); - $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE); + $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE); foreach ($table_ary as $table) { diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 0a01b4e73b..e157053e61 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2134,9 +2134,9 @@ class user extends session // Zone offset $zone_offset = $this->timezone + $this->dst; - // Show date <= 1 hour ago as 'xx min ago' + // Show date <= 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future // A small tolerence is given for times in the future but in the same minute are displayed as '< than a minute ago' - if ($delta <= 3600 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO'])) + if ($delta <= 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO'])) { return $this->lang(array('datetime', 'AGO'), max(0, (int) floor($delta / 60))); } diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index 665dd2c83f..6b7172ca2b 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -170,10 +170,12 @@ function view_folder($id, $mode, $folder_id, $folder) 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'S_PM_DELETED' => ($row['pm_deleted']) ? true : false, + 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false, 'S_AUTHOR_DELETED' => ($row['author_id'] == ANONYMOUS) ? true : false, 'U_VIEW_PM' => ($row['pm_deleted']) ? '' : $view_message_url, 'U_REMOVE_PM' => ($row['pm_deleted']) ? $remove_message_url : '', + 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $row['report_id']) : '', 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode(', ', $address_list[$message_id]) : '') ); } @@ -183,6 +185,7 @@ function view_folder($id, $mode, $folder_id, $folder) 'S_SHOW_RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? true : false, 'S_SHOW_COLOUR_LEGEND' => true, + 'REPORTED_IMG' => $user->img('icon_topic_reported', 'PM_REPORTED'), 'S_PM_ICONS' => ($config['enable_pm_icons']) ? true : false) ); } @@ -502,7 +505,7 @@ function get_pm_from($folder_id, $folder, $user_id) $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . $direction; } - $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour + $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour, p.message_reported FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . " u WHERE t.user_id = $user_id AND p.author_id = u.user_id @@ -512,13 +515,34 @@ function get_pm_from($folder_id, $folder, $user_id) ORDER BY $sql_sort_order"; $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); + $pm_reported = array(); while ($row = $db->sql_fetchrow($result)) { $rowset[$row['msg_id']] = $row; $pm_list[] = $row['msg_id']; + if ($row['message_reported']) + { + $pm_reported[] = $row['msg_id']; + } } $db->sql_freeresult($result); + // Fetch the report_ids, if there are any reported pms. + if (!empty($pm_reported) && $auth->acl_getf_global('m_report')) + { + $sql = 'SELECT pm_id, report_id + FROM ' . REPORTS_TABLE . ' + WHERE report_closed = 0 + AND ' . $db->sql_in_set('pm_id', $pm_reported); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $rowset[$row['pm_id']]['report_id'] = $row['report_id']; + } + $db->sql_freeresult($result); + } + $pm_list = ($store_reverse) ? array_reverse($pm_list) : $pm_list; return array( |