diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_captcha.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_groups.php | 10 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 20 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/search/fulltext_mysql.php | 11 |
7 files changed, 34 insertions, 14 deletions
diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 469a367bba..bfec7c27d8 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -124,6 +124,8 @@ class acp_captcha 'CAPTCHA_PREVIEW_TPL' => $demo_captcha->get_demo_template($id), 'S_CAPTCHA_HAS_CONFIG' => $demo_captcha->has_config(), 'CAPTCHA_SELECT' => $captcha_select, + + 'U_ACTION' => $this->u_action, )); } } diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 83c355540e..9b9ea38e07 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -80,6 +80,11 @@ class acp_groups case 'approve': case 'demote': case 'promote': + if (!check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING); @@ -252,6 +257,11 @@ class acp_groups break; case 'addusers': + if (!check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING); diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 17c25ee3c6..ad5b43bc9a 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -157,6 +157,7 @@ define('PHYSICAL_LINK', 2); define('CONFIRM_REG', 1); define('CONFIRM_LOGIN', 2); define('CONFIRM_POST', 3); +define('CONFIRM_REPORT', 4); // Categories - Attachments define('ATTACHMENT_CATEGORY_NONE', 0); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index a9d1db24a5..2f73858ea2 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3121,7 +3121,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port if ($fsock = @fsockopen($host, $port, $errno, $errstr, $timeout)) { - @fputs($fsock, "GET $directory/$filename HTTP/1.1\r\n"); + @fputs($fsock, "GET $directory/$filename HTTP/1.0\r\n"); @fputs($fsock, "HOST: $host\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index e5cbae0d71..2e5130c5b8 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -423,16 +423,6 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage $cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE; - // Make sure the image category only holds valid images... - if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) - { - $file->remove(); - - // If this error occurs a user tried to exploit an IE Bug by renaming extensions - // Since the image category is displaying content inline we need to catch this. - trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); - } - // Do we have to create a thumbnail? $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0; @@ -473,6 +463,16 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage return $filedata; } + // Make sure the image category only holds valid images... + if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) + { + $file->remove(); + + // If this error occurs a user tried to exploit an IE Bug by renaming extensions + // Since the image category is displaying content inline we need to catch this. + trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); + } + $filedata['filesize'] = $file->get('filesize'); $filedata['mimetype'] = $file->get('mimetype'); $filedata['extension'] = $file->get('extension'); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 2b26c6787c..ea8b0a4640 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1554,7 +1554,7 @@ function validate_username($username, $allowed_username = false) */ function validate_password($password) { - global $config, $db, $user; + global $config; if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY') { diff --git a/phpBB/includes/search/fulltext_mysql.php b/phpBB/includes/search/fulltext_mysql.php index bd4c003397..f28b8885e7 100644 --- a/phpBB/includes/search/fulltext_mysql.php +++ b/phpBB/includes/search/fulltext_mysql.php @@ -86,9 +86,16 @@ class fulltext_mysql extends search_backend $engine = $info['Type']; } - if ($engine != 'MyISAM') + $fulltext_supported = + $engine === 'MyISAM' || + // FULLTEXT is supported on InnoDB since MySQL 5.6.4 according to + // http://dev.mysql.com/doc/refman/5.6/en/innodb-storage-engine.html + $engine === 'InnoDB' && + phpbb_version_compare($db->sql_server_info(true), '5.6.4', '>='); + + if (!$fulltext_supported) { - return $user->lang['FULLTEXT_MYSQL_NOT_MYISAM']; + return $user->lang['FULLTEXT_MYSQL_NOT_SUPPORTED']; } $sql = 'SHOW VARIABLES |