aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_attachments.php9
-rw-r--r--phpBB/includes/acp/acp_board.php4
-rw-r--r--phpBB/includes/acp/acp_database.php1
-rw-r--r--phpBB/includes/acp/acp_forums.php7
-rw-r--r--phpBB/includes/acp/acp_profile.php1
-rw-r--r--phpBB/includes/acp/acp_reasons.php1
-rw-r--r--phpBB/includes/acp/acp_users.php29
-rw-r--r--phpBB/includes/db/postgres.php9
-rw-r--r--phpBB/includes/functions.php23
-rw-r--r--phpBB/includes/functions_profile_fields.php1
-rw-r--r--phpBB/includes/functions_upload.php25
-rw-r--r--phpBB/includes/message_parser.php2
12 files changed, 87 insertions, 25 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php
index 25e51814c4..980558c830 100644
--- a/phpBB/includes/acp/acp_attachments.php
+++ b/phpBB/includes/acp/acp_attachments.php
@@ -90,6 +90,7 @@ class acp_attachments
$s_assigned_groups = array();
while ($row = $db->sql_fetchrow($result))
{
+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];
$s_assigned_groups[$row['cat_id']][] = $row['group_name'];
}
$db->sql_freeresult($result);
@@ -494,6 +495,10 @@ class acp_attachments
$sql = 'SELECT group_id
FROM ' . EXTENSION_GROUPS_TABLE . "
WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
+ if ($group_id)
+ {
+ $sql .= ' AND group_id <> ' . $group_id;
+ }
$result = $db->sql_query($sql);
if ($db->sql_fetchrow($result))
@@ -551,6 +556,7 @@ class acp_attachments
$group_id = $db->sql_nextid();
}
+ $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name;
add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name);
}
@@ -858,7 +864,7 @@ class acp_attachments
'U_EDIT' => $this->u_action . "&amp;action=edit&amp;g={$row['group_id']}",
'U_DELETE' => $this->u_action . "&amp;action=delete&amp;g={$row['group_id']}",
- 'GROUP_NAME' => $row['group_name'],
+ 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'],
'CATEGORY' => $cat_lang[$row['cat_id']],
)
);
@@ -1118,6 +1124,7 @@ class acp_attachments
$group_name = array();
while ($row = $db->sql_fetchrow($result))
{
+ $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'];
$group_name[] = $row;
}
$db->sql_freeresult($result);
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index a5feac1902..7680d8996c 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -888,8 +888,8 @@ class acp_board
$old_tz = $user->timezone;
$old_dst = $user->dst;
- $user->timezone = $config['board_timezone'];
- $user->dst = $config['board_dst'];
+ $user->timezone = $config['board_timezone'] * 3600;
+ $user->dst = $config['board_dst'] * 3600;
$dateformat_options = '';
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index abfad2b90b..0582d6204e 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -394,6 +394,7 @@ class acp_database
case 'mssql':
case 'mssql_odbc':
+ case 'mssqlnative':
while (($sql = $fgetd($fp, "GO\n", $read, $seek, $eof)) !== false)
{
$db->sql_query($sql);
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php
index 5a5adc57ae..54bf905374 100644
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@@ -1705,6 +1705,9 @@ class acp_forums
)
);
+ // Amount of rows we select and delete in one iteration.
+ $batch_size = 500;
+
foreach ($tables_ary as $field => $tables)
{
$start = 0;
@@ -1714,7 +1717,7 @@ class acp_forums
$sql = "SELECT $field
FROM " . POSTS_TABLE . '
WHERE forum_id = ' . $forum_id;
- $result = $db->sql_query_limit($sql, 500, $start);
+ $result = $db->sql_query_limit($sql, $batch_size, $start);
$ids = array();
while ($row = $db->sql_fetchrow($result))
@@ -1733,7 +1736,7 @@ class acp_forums
}
}
}
- while ($row);
+ while (sizeof($ids) == $batch_size);
}
unset($ids);
diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php
index fc08c7e8e8..2288a0728b 100644
--- a/phpBB/includes/acp/acp_profile.php
+++ b/phpBB/includes/acp/acp_profile.php
@@ -1480,6 +1480,7 @@ class acp_profile
case 'mssql':
case 'mssql_odbc':
+ case 'mssqlnative':
// We are defining the biggest common value, because of the possibility to edit the min/max values of each field.
$sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] ";
diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php
index 8d7bc88769..dbc9fcb6cc 100644
--- a/phpBB/includes/acp/acp_reasons.php
+++ b/phpBB/includes/acp/acp_reasons.php
@@ -233,6 +233,7 @@ class acp_reasons
// Standard? What's that?
case 'mssql':
case 'mssql_odbc':
+ case 'mssqlnative':
// Change the reports using this reason to 'other'
$sql = "DECLARE @ptrval binary(16)
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 4905840e02..bd64f1e89e 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -105,7 +105,7 @@ class acp_users
LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
WHERE u.user_id = ' . $user_id . '
ORDER BY s.session_time DESC';
- $result = $db->sql_query($sql);
+ $result = $db->sql_query_limit($sql, 1);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
@@ -1550,6 +1550,31 @@ class acp_users
WHERE user_id = $user_id";
$db->sql_query($sql);
+ // Check if user has an active session
+ if ($user_row['session_id'])
+ {
+ // We'll update the session if user_allow_viewonline has changed and the user is a bot
+ // Or if it's a regular user and the admin set it to hide the session
+ if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE
+ || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])
+ {
+ // We also need to check if the user has the permission to cloak.
+ $user_auth = new auth();
+ $user_auth->acl($user_row);
+
+ $session_sql_ary = array(
+ 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,
+ );
+
+ $sql = 'UPDATE ' . SESSIONS_TABLE . '
+ SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "
+ WHERE session_user_id = $user_id";
+ $db->sql_query($sql);
+
+ unset($user_auth);
+ }
+ }
+
trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
@@ -2084,7 +2109,7 @@ class acp_users
LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
WHERE u.user_id = ' . $user_id . '
ORDER BY s.session_time DESC';
- $result = $db->sql_query($sql);
+ $result = $db->sql_query_limit($sql, 1);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php
index d117e8c948..b3139b3d79 100644
--- a/phpBB/includes/db/postgres.php
+++ b/phpBB/includes/db/postgres.php
@@ -76,7 +76,14 @@ class dbal_postgres extends dbal
$this->persistency = $persistency;
- $this->db_connect_id = ($this->persistency) ? @pg_pconnect($connect_string, $new_link) : @pg_connect($connect_string, $new_link);
+ if ($this->persistency)
+ {
+ $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW);
+ }
+ else
+ {
+ $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW);
+ }
if ($this->db_connect_id)
{
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 4f52c7c2ce..36f5093e1f 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -175,11 +175,8 @@ function set_config_count($config_name, $increment, $is_dynamic = false)
switch ($db->sql_layer)
{
case 'firebird':
- $sql_update = 'CAST(CAST(config_value as integer) + ' . (int) $increment . ' as VARCHAR(255))';
- break;
-
case 'postgres':
- $sql_update = 'int4(config_value) + ' . (int) $increment;
+ $sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))';
break;
// MySQL, SQlite, mssql, mssql_odbc, oracle
@@ -3409,13 +3406,14 @@ function phpbb_checkdnsrr($host, $type = '')
{
$type = (!$type) ? 'MX' : $type;
- if (DIRECTORY_SEPARATOR == '\\')
+ // Call checkdnsrr() if available. This is also the case on Windows with PHP 5.3 or later.
+ if (function_exists('checkdnsrr'))
+ {
+ // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)
+ return checkdnsrr($host . '.', $type);
+ }
+ else if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec'))
{
- if (!function_exists('exec'))
- {
- return NULL;
- }
-
// @exec('nslookup -retry=1 -timout=1 -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output);
@exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host) . '.', $output);
@@ -3441,11 +3439,6 @@ function phpbb_checkdnsrr($host, $type = '')
return false;
}
- else if (function_exists('checkdnsrr'))
- {
- // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain)
- return (checkdnsrr($host . '.', $type)) ? true : false;
- }
return NULL;
}
diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php
index 61e3587158..fa1cc98e10 100644
--- a/phpBB/includes/functions_profile_fields.php
+++ b/phpBB/includes/functions_profile_fields.php
@@ -366,6 +366,7 @@ class custom_profile
case 'sqlite':
case 'mssql':
case 'mssql_odbc':
+ case 'mssqlnative':
$right_delim = ']';
$left_delim = '[';
break;
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index 054af29045..51fed45ebd 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -775,7 +775,18 @@ class fileupload
{
if ($get_info)
{
- $data .= @fread($fsock, 1024);
+ $block = @fread($fsock, 1024);
+ $filesize += strlen($block);
+
+ if ($this->max_filesize && $filesize > $this->max_filesize)
+ {
+ $max_filesize = get_formatted_filesize($this->max_filesize, false);
+
+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));
+ return $file;
+ }
+
+ $data .= $block;
}
else
{
@@ -791,6 +802,18 @@ class fileupload
{
$upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line)));
}
+ else if ($this->max_filesize && stripos($line, 'content-length: ') !== false)
+ {
+ $length = (int) str_replace('content-length: ', '', strtolower($line));
+
+ if ($length && $length > $this->max_filesize)
+ {
+ $max_filesize = get_formatted_filesize($this->max_filesize, false);
+
+ $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));
+ return $file;
+ }
+ }
else if (stripos($line, '404 not found') !== false)
{
$file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']);
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 50aad8588a..952b55cc8c 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -300,7 +300,7 @@ class bbcode_firstpass extends bbcode
if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
{
- $stats = @getimagesize($in);
+ $stats = @getimagesize(htmlspecialchars_decode($in));
if ($stats === false)
{
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-24 17:06:50 +0000