diff options
Diffstat (limited to 'phpBB/phpbb')
25 files changed, 367 insertions, 729 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 04729d8453..fdc5f57df0 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -105,6 +105,13 @@ class oauth extends \phpbb\auth\provider\base protected $phpbb_container; /** + * phpBB event dispatcher + * + * @var \phpbb\event\dispatcher_interface + */ + protected $dispatcher; + + /** * phpBB root path * * @var string @@ -132,10 +139,11 @@ class oauth extends \phpbb\auth\provider\base * @param \phpbb\di\service_collection $service_providers Contains \phpbb\auth\provider\oauth\service_interface * @param string $users_table * @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container + * @param \phpbb\event\dispatcher_interface $dispatcher phpBB event dispatcher * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_state_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_state_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, \phpbb\event\dispatcher_interface $dispatcher, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -148,6 +156,7 @@ class oauth extends \phpbb\auth\provider\base $this->service_providers = $service_providers; $this->users_table = $users_table; $this->phpbb_container = $phpbb_container; + $this->dispatcher = $dispatcher; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; } @@ -248,6 +257,18 @@ class oauth extends \phpbb\auth\provider\base // Update token storage to store the user_id $storage->set_user_id($row['user_id']); + /** + * Event is triggered after user is successfuly logged in via OAuth. + * + * @event core.auth_oauth_login_after + * @var array row User row + * @since 3.1.11-RC1 + */ + $vars = array( + 'row', + ); + extract($this->dispatcher->trigger_event('core.auth_oauth_login_after', compact($vars))); + // The user is now authenticated and can be logged in return array( 'status' => LOGIN_SUCCESS, @@ -569,6 +590,18 @@ class oauth extends \phpbb\auth\provider\base $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); + + /** + * Event is triggered after user links account. + * + * @event core.auth_oauth_link_after + * @var array data User row + * @since 3.1.11-RC1 + */ + $vars = array( + 'data', + ); + extract($this->dispatcher->trigger_event('core.auth_oauth_link_after', compact($vars))); } /** diff --git a/phpBB/phpbb/console/command/reparser/reparse.php b/phpBB/phpbb/console/command/reparser/reparse.php index b10bd56a58..cebeee0919 100644 --- a/phpBB/phpbb/console/command/reparser/reparse.php +++ b/phpBB/phpbb/console/command/reparser/reparse.php @@ -208,7 +208,7 @@ class reparse extends \phpbb\console\command\command $size = $this->get_option('range-size'); // range-max has no default value, it must be computed for each reparser - if ($max == null) + if ($max === null) { $max = $reparser->get_max_id(); } diff --git a/phpBB/phpbb/cron/task/text_reparser/reparser.php b/phpBB/phpbb/cron/task/text_reparser/reparser.php index aa644de827..7099128efd 100644 --- a/phpBB/phpbb/cron/task/text_reparser/reparser.php +++ b/phpBB/phpbb/cron/task/text_reparser/reparser.php @@ -99,7 +99,7 @@ class reparser extends \phpbb\cron\task\base $this->reparser_manager->get_resume_data($this->reparser_name); } - if (empty($this->resume_data['range-max']) || $this->resume_data['range-max'] >= $this->resume_data['range-min']) + if (!isset($this->resume_data['range-max']) || $this->resume_data['range-max'] >= $this->resume_data['range-min']) { return true; } @@ -147,9 +147,9 @@ class reparser extends \phpbb\cron\task\base */ $reparser = $this->reparsers[$this->reparser_name]; - $min = !empty($this->resume_data['range-min']) ? $this->resume_data['range-min'] : self::MIN; - $current = !empty($this->resume_data['range-max']) ? $this->resume_data['range-max'] : $reparser->get_max_id(); - $size = !empty($this->resume_data['range-size']) ? $this->resume_data['range-size'] : self::SIZE; + $min = isset($this->resume_data['range-min']) ? $this->resume_data['range-min'] : self::MIN; + $current = isset($this->resume_data['range-max']) ? $this->resume_data['range-max'] : $reparser->get_max_id(); + $size = isset($this->resume_data['range-size']) ? $this->resume_data['range-size'] : self::SIZE; if ($current >= $min) { diff --git a/phpBB/phpbb/db/driver/sqlite.php b/phpBB/phpbb/db/driver/sqlite.php deleted file mode 100644 index 8e205ebb81..0000000000 --- a/phpBB/phpbb/db/driver/sqlite.php +++ /dev/null @@ -1,384 +0,0 @@ -<?php -/** -* -* This file is part of the phpBB Forum Software package. -* -* @copyright (c) phpBB Limited <https://www.phpbb.com> -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -namespace phpbb\db\driver; - -/** -* Sqlite Database Abstraction Layer -* Minimum Requirement: 2.8.2+ -*/ -class sqlite extends \phpbb\db\driver\driver -{ - var $connect_error = ''; - - /** - * {@inheritDoc} - */ - function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false) - { - $this->persistency = $persistency; - $this->user = $sqluser; - $this->server = $sqlserver . (($port) ? ':' . $port : ''); - $this->dbname = $database; - - $error = ''; - if ($this->persistency) - { - if (!function_exists('sqlite_popen')) - { - $this->connect_error = 'sqlite_popen function does not exist, is sqlite extension installed?'; - return $this->sql_error(''); - } - $this->db_connect_id = @sqlite_popen($this->server, 0666, $error); - } - else - { - if (!function_exists('sqlite_open')) - { - $this->connect_error = 'sqlite_open function does not exist, is sqlite extension installed?'; - return $this->sql_error(''); - } - $this->db_connect_id = @sqlite_open($this->server, 0666, $error); - } - - if ($this->db_connect_id) - { - @sqlite_query('PRAGMA short_column_names = 1', $this->db_connect_id); -// @sqlite_query('PRAGMA encoding = "UTF-8"', $this->db_connect_id); - } - - return ($this->db_connect_id) ? true : array('message' => $error); - } - - /** - * {@inheritDoc} - */ - function sql_server_info($raw = false, $use_cache = true) - { - global $cache; - - if (!$use_cache || empty($cache) || ($this->sql_server_version = $cache->get('sqlite_version')) === false) - { - $result = @sqlite_query('SELECT sqlite_version() AS version', $this->db_connect_id); - if ($result) - { - $row = sqlite_fetch_array($result, SQLITE_ASSOC); - - $this->sql_server_version = (!empty($row['version'])) ? $row['version'] : 0; - - if (!empty($cache) && $use_cache) - { - $cache->put('sqlite_version', $this->sql_server_version); - } - } - } - - return ($raw) ? $this->sql_server_version : 'SQLite ' . $this->sql_server_version; - } - - /** - * SQL Transaction - * @access private - */ - function _sql_transaction($status = 'begin') - { - switch ($status) - { - case 'begin': - return @sqlite_query('BEGIN', $this->db_connect_id); - break; - - case 'commit': - return @sqlite_query('COMMIT', $this->db_connect_id); - break; - - case 'rollback': - return @sqlite_query('ROLLBACK', $this->db_connect_id); - break; - } - - return true; - } - - /** - * {@inheritDoc} - */ - function sql_query($query = '', $cache_ttl = 0) - { - if ($query != '') - { - global $cache; - - // EXPLAIN only in extra debug mode - if (defined('DEBUG')) - { - $this->sql_report('start', $query); - } - else if (defined('PHPBB_DISPLAY_LOAD_TIME')) - { - $this->curtime = microtime(true); - } - - $this->query_result = ($cache && $cache_ttl) ? $cache->sql_load($query) : false; - $this->sql_add_num_queries($this->query_result); - - if ($this->query_result === false) - { - if (($this->query_result = @sqlite_query($query, $this->db_connect_id)) === false) - { - $this->sql_error($query); - } - - if (defined('DEBUG')) - { - $this->sql_report('stop', $query); - } - else if (defined('PHPBB_DISPLAY_LOAD_TIME')) - { - $this->sql_time += microtime(true) - $this->curtime; - } - - if (!$this->query_result) - { - return false; - } - - if ($cache && $cache_ttl) - { - $this->query_result = $cache->sql_save($this, $query, $this->query_result, $cache_ttl); - } - } - else if (defined('DEBUG')) - { - $this->sql_report('fromcache', $query); - } - } - else - { - return false; - } - - return $this->query_result; - } - - /** - * Build LIMIT query - */ - function _sql_query_limit($query, $total, $offset = 0, $cache_ttl = 0) - { - $this->query_result = false; - - // if $total is set to 0 we do not want to limit the number of rows - if ($total == 0) - { - $total = -1; - } - - $query .= "\n LIMIT " . ((!empty($offset)) ? $offset . ', ' . $total : $total); - - return $this->sql_query($query, $cache_ttl); - } - - /** - * {@inheritDoc} - */ - function sql_affectedrows() - { - return ($this->db_connect_id) ? @sqlite_changes($this->db_connect_id) : false; - } - - /** - * {@inheritDoc} - */ - function sql_fetchrow($query_id = false) - { - global $cache; - - if ($query_id === false) - { - $query_id = $this->query_result; - } - - if ($cache && $cache->sql_exists($query_id)) - { - return $cache->sql_fetchrow($query_id); - } - - return ($query_id) ? sqlite_fetch_array($query_id, SQLITE_ASSOC) : false; - } - - /** - * {@inheritDoc} - */ - function sql_rowseek($rownum, &$query_id) - { - global $cache; - - if ($query_id === false) - { - $query_id = $this->query_result; - } - - if ($cache && $cache->sql_exists($query_id)) - { - return $cache->sql_rowseek($rownum, $query_id); - } - - return ($query_id) ? @sqlite_seek($query_id, $rownum) : false; - } - - /** - * {@inheritDoc} - */ - function sql_nextid() - { - return ($this->db_connect_id) ? @sqlite_last_insert_rowid($this->db_connect_id) : false; - } - - /** - * {@inheritDoc} - */ - function sql_freeresult($query_id = false) - { - global $cache; - - if ($query_id === false) - { - $query_id = $this->query_result; - } - - if ($cache && !is_object($query_id) && $cache->sql_exists($query_id)) - { - return $cache->sql_freeresult($query_id); - } - - return true; - } - - /** - * {@inheritDoc} - */ - function sql_escape($msg) - { - return @sqlite_escape_string($msg); - } - - /** - * {@inheritDoc} - * - * For SQLite an underscore is a not-known character... this may change with SQLite3 - */ - function sql_like_expression($expression) - { - // Unlike LIKE, GLOB is unfortunately case sensitive. - // We only catch * and ? here, not the character map possible on file globbing. - $expression = str_replace(array(chr(0) . '_', chr(0) . '%'), array(chr(0) . '?', chr(0) . '*'), $expression); - - $expression = str_replace(array('?', '*'), array("\?", "\*"), $expression); - $expression = str_replace(array(chr(0) . "\?", chr(0) . "\*"), array('?', '*'), $expression); - - return 'GLOB \'' . $this->sql_escape($expression) . '\''; - } - - /** - * {@inheritDoc} - * - * For SQLite an underscore is a not-known character... - */ - function sql_not_like_expression($expression) - { - // Unlike NOT LIKE, NOT GLOB is unfortunately case sensitive. - // We only catch * and ? here, not the character map possible on file globbing. - $expression = str_replace(array(chr(0) . '_', chr(0) . '%'), array(chr(0) . '?', chr(0) . '*'), $expression); - - $expression = str_replace(array('?', '*'), array("\?", "\*"), $expression); - $expression = str_replace(array(chr(0) . "\?", chr(0) . "\*"), array('?', '*'), $expression); - - return 'NOT GLOB \'' . $this->sql_escape($expression) . '\''; - } - - /** - * return sql error array - * @access private - */ - function _sql_error() - { - if (function_exists('sqlite_error_string')) - { - $error = array( - 'message' => @sqlite_error_string(@sqlite_last_error($this->db_connect_id)), - 'code' => @sqlite_last_error($this->db_connect_id), - ); - } - else - { - $error = array( - 'message' => $this->connect_error, - 'code' => '', - ); - } - - return $error; - } - - /** - * Build db-specific query data - * @access private - */ - function _sql_custom_build($stage, $data) - { - return $data; - } - - /** - * Close sql connection - * @access private - */ - function _sql_close() - { - return @sqlite_close($this->db_connect_id); - } - - /** - * Build db-specific report - * @access private - */ - function _sql_report($mode, $query = '') - { - switch ($mode) - { - case 'start': - break; - - case 'fromcache': - $endtime = explode(' ', microtime()); - $endtime = $endtime[0] + $endtime[1]; - - $result = @sqlite_query($query, $this->db_connect_id); - if ($result) - { - while ($void = sqlite_fetch_array($result, SQLITE_ASSOC)) - { - // Take the time spent on parsing rows into account - } - } - - $splittime = explode(' ', microtime()); - $splittime = $splittime[0] + $splittime[1]; - - $this->sql_report('record_fromcache', $query, $endtime, $splittime); - - break; - } - } -} diff --git a/phpBB/phpbb/db/extractor/factory.php b/phpBB/phpbb/db/extractor/factory.php index eed3661ae9..f27aae720f 100644 --- a/phpBB/phpbb/db/extractor/factory.php +++ b/phpBB/phpbb/db/extractor/factory.php @@ -65,10 +65,6 @@ class factory { return $this->container->get('dbal.extractor.extractors.postgres_extractor'); } - else if ($this->db instanceof \phpbb\db\driver\sqlite) - { - return $this->container->get('dbal.extractor.extractors.sqlite_extractor'); - } else if ($this->db instanceof \phpbb\db\driver\sqlite3) { return $this->container->get('dbal.extractor.extractors.sqlite3_extractor'); diff --git a/phpBB/phpbb/db/extractor/sqlite_extractor.php b/phpBB/phpbb/db/extractor/sqlite_extractor.php deleted file mode 100644 index 2734e23235..0000000000 --- a/phpBB/phpbb/db/extractor/sqlite_extractor.php +++ /dev/null @@ -1,149 +0,0 @@ -<?php -/** -* -* This file is part of the phpBB Forum Software package. -* -* @copyright (c) phpBB Limited <https://www.phpbb.com> -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -namespace phpbb\db\extractor; - -use phpbb\db\extractor\exception\extractor_not_initialized_exception; - -class sqlite_extractor extends base_extractor -{ - /** - * {@inheritdoc} - */ - public function write_start($table_prefix) - { - if (!$this->is_initialized) - { - throw new extractor_not_initialized_exception(); - } - - $sql_data = "--\n"; - $sql_data .= "-- phpBB Backup Script\n"; - $sql_data .= "-- Dump of tables for $table_prefix\n"; - $sql_data .= "-- DATE : " . gmdate("d-m-Y H:i:s", $this->time) . " GMT\n"; - $sql_data .= "--\n"; - $sql_data .= "BEGIN TRANSACTION;\n"; - $this->flush($sql_data); - } - - /** - * {@inheritdoc} - */ - public function write_table($table_name) - { - if (!$this->is_initialized) - { - throw new extractor_not_initialized_exception(); - } - - $sql_data = '-- Table: ' . $table_name . "\n"; - $sql_data .= "DROP TABLE $table_name;\n"; - - $sql = "SELECT sql - FROM sqlite_master - WHERE type = 'table' - AND name = '" . $this->db->sql_escape($table_name) . "' - ORDER BY type DESC, name;"; - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - // Create Table - $sql_data .= $row['sql'] . ";\n"; - - $result = $this->db->sql_query("PRAGMA index_list('" . $this->db->sql_escape($table_name) . "');"); - - $ar = array(); - while ($row = $this->db->sql_fetchrow($result)) - { - $ar[] = $row; - } - $this->db->sql_freeresult($result); - - foreach ($ar as $value) - { - if (strpos($value['name'], 'autoindex') !== false) - { - continue; - } - - $result = $this->db->sql_query("PRAGMA index_info('" . $this->db->sql_escape($value['name']) . "');"); - - $fields = array(); - while ($row = $this->db->sql_fetchrow($result)) - { - $fields[] = $row['name']; - } - $this->db->sql_freeresult($result); - - $sql_data .= 'CREATE ' . ($value['unique'] ? 'UNIQUE ' : '') . 'INDEX ' . $value['name'] . ' on ' . $table_name . ' (' . implode(', ', $fields) . ");\n"; - } - - $this->flush($sql_data . "\n"); - } - - /** - * {@inheritdoc} - */ - public function write_data($table_name) - { - if (!$this->is_initialized) - { - throw new extractor_not_initialized_exception(); - } - - $col_types = sqlite_fetch_column_types($this->db->get_db_connect_id(), $table_name); - - $sql = "SELECT * - FROM $table_name"; - $result = sqlite_unbuffered_query($this->db->get_db_connect_id(), $sql); - $rows = sqlite_fetch_all($result, SQLITE_ASSOC); - $sql_insert = 'INSERT INTO ' . $table_name . ' (' . implode(', ', array_keys($col_types)) . ') VALUES ('; - foreach ($rows as $row) - { - foreach ($row as $column_name => $column_data) - { - if (is_null($column_data)) - { - $row[$column_name] = 'NULL'; - } - else if ($column_data == '') - { - $row[$column_name] = "''"; - } - else if (strpos($col_types[$column_name], 'text') !== false || strpos($col_types[$column_name], 'char') !== false || strpos($col_types[$column_name], 'blob') !== false) - { - $row[$column_name] = sanitize_data_generic(str_replace("'", "''", $column_data)); - } - } - $this->flush($sql_insert . implode(', ', $row) . ");\n"); - } - } - - /** - * Writes closing line(s) to database backup - * - * @return null - * @throws \phpbb\db\extractor\exception\extractor_not_initialized_exception when calling this function before init_extractor() - */ - public function write_end() - { - if (!$this->is_initialized) - { - throw new extractor_not_initialized_exception(); - } - - $this->flush("COMMIT;\n"); - parent::write_end(); - } -} diff --git a/phpBB/phpbb/db/migration/data/v31x/remove_duplicate_migrations.php b/phpBB/phpbb/db/migration/data/v31x/remove_duplicate_migrations.php new file mode 100644 index 0000000000..417d569a09 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/remove_duplicate_migrations.php @@ -0,0 +1,77 @@ +<?php + +/** + * + * This file is part of the phpBB Forum Software package. + * + * @copyright (c) phpBB Limited <https://www.phpbb.com> + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\db\migration\data\v31x; + +class remove_duplicate_migrations extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array('\phpbb\db\migration\data\v31x\v3110'); + } + + public function update_data() + { + return array( + array('custom', array(array($this, 'deduplicate_entries'))), + ); + } + + public function deduplicate_entries() + { + $migration_state = array(); + $duplicate_migrations = array(); + + $sql = "SELECT * + FROM " . $this->table_prefix . 'migrations'; + $result = $this->db->sql_query($sql); + + if (!$this->db->get_sql_error_triggered()) + { + while ($migration = $this->db->sql_fetchrow($result)) + { + $migration_state[$migration['migration_name']] = $migration; + + $migration_state[$migration['migration_name']]['migration_depends_on'] = unserialize($migration['migration_depends_on']); + } + } + + $this->db->sql_freeresult($result); + + foreach ($migration_state as $name => $migration) + { + $prepended_name = ($name[0] == '\\' ? '' : '\\') . $name; + $prefixless_name = $name[0] == '\\' ? substr($name, 1) : $name; + + if ($prepended_name != $name && isset($migration_state[$prepended_name]) && $migration_state[$prepended_name]['migration_depends_on'] == $migration_state[$name]['migration_depends_on']) + { + $duplicate_migrations[] = $name; + unset($migration_state[$prepended_name]); + } + else if ($prefixless_name != $name && isset($migration_state[$prefixless_name]) && $migration_state[$prefixless_name]['migration_depends_on'] == $migration_state[$name]['migration_depends_on']) + { + $duplicate_migrations[] = $prefixless_name; + unset($migration_state[$prefixless_name]); + } + } + + if (count($duplicate_migrations)) + { + $sql = 'DELETE + FROM ' . $this->table_prefix . 'migrations + WHERE ' . $this->db->sql_in_set('migration_name', $duplicate_migrations); + $this->db->sql_query($sql); + } + } +} diff --git a/phpBB/phpbb/db/migration/data/v31x/v3110.php b/phpBB/phpbb/db/migration/data/v31x/v3110.php new file mode 100644 index 0000000000..b89b4cc6e6 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v3110.php @@ -0,0 +1,36 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class v3110 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.1.10', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v31x\v3110rc1', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.10')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v320/text_reparser.php b/phpBB/phpbb/db/migration/data/v320/text_reparser.php index ea614feb40..03c5d39fe4 100644 --- a/phpBB/phpbb/db/migration/data/v320/text_reparser.php +++ b/phpBB/phpbb/db/migration/data/v320/text_reparser.php @@ -13,6 +13,9 @@ namespace phpbb\db\migration\data\v320; +use phpbb\textreparser\manager; +use phpbb\textreparser\reparser_interface; + class text_reparser extends \phpbb\db\migration\container_aware_migration { static public function depends_on() @@ -48,7 +51,19 @@ class text_reparser extends \phpbb\db\migration\container_aware_migration public function reparse($resume_data) { - // Somtimes a cron job is too much + /** @var manager $reparser_manager */ + $reparser_manager = $this->container->get('text_reparser.manager'); + + /** @var reparser_interface[] $reparsers */ + $reparsers = $this->container->get('text_reparser_collection'); + + // Initialize all reparsers + foreach ($reparsers as $name => $reparser) + { + $reparser_manager->update_resume_data($name, 1, $reparser->get_max_id(), 100); + } + + // Sometimes a cron job is too much $limit = 100; $fast_reparsers = array( 'text_reparser.contact_admin_info', @@ -65,7 +80,7 @@ class text_reparser extends \phpbb\db\migration\container_aware_migration ); } - $fast_reparsers_size = sizeof($fast_reparsers); + $fast_reparsers_size = count($fast_reparsers); $processed_records = 0; while ($processed_records < $limit && $resume_data['reparser'] < $fast_reparsers_size) { @@ -87,7 +102,6 @@ class text_reparser extends \phpbb\db\migration\container_aware_migration if ($start === 1) { // Prevent CLI command from running these reparsers again - $reparser_manager = $this->container->get('text_reparser.manager'); $reparser_manager->update_resume_data($fast_reparsers[$resume_data['reparser']], 1, 0, $limit); $resume_data['reparser']++; diff --git a/phpBB/phpbb/db/migration/tool/module.php b/phpBB/phpbb/db/migration/tool/module.php index a7dffbb7f2..b47c426110 100644 --- a/phpBB/phpbb/db/migration/tool/module.php +++ b/phpBB/phpbb/db/migration/tool/module.php @@ -97,7 +97,12 @@ class module implements \phpbb\db\migration\tool\tool_interface $parent_sql = ''; if ($parent !== false) { - $parent = $this->get_parent_module_id($parent, $module); + $parent = $this->get_parent_module_id($parent, $module, false); + if ($parent === false) + { + return false; + } + $parent_sql = 'AND parent_id = ' . (int) $parent; } @@ -205,7 +210,7 @@ class module implements \phpbb\db\migration\tool\tool_interface if ($this->exists($class, $parent, $data['module_langname'])) { - throw new \phpbb\db\migration\exception('MODULE_EXISTS', $module_id); + throw new \phpbb\db\migration\exception('MODULE_EXISTS', $data['module_langname']); } $module_data = array( @@ -431,12 +436,11 @@ class module implements \phpbb\db\migration\tool\tool_interface protected function get_categories_list() { // Select the top level categories - // and 2nd level [sub]categories which exist for ACP only + // and 2nd level [sub]categories $sql = 'SELECT m2.module_id, m2.module_langname FROM ' . $this->modules_table . ' m1, ' . $this->modules_table . " m2 WHERE m1.parent_id = 0 - AND (m1.module_id = m2.module_id - OR m2.module_class = 'acp' AND m2.parent_id = m1.module_id) + AND (m1.module_id = m2.module_id OR m2.parent_id = m1.module_id) ORDER BY m1.module_id, m2.module_id ASC"; $result = $this->db->sql_query($sql); @@ -452,11 +456,15 @@ class module implements \phpbb\db\migration\tool\tool_interface * * @param string|int $parent_id The parent module_id|module_langname * @param int|string|array $data The module_id, module_langname for existance checking or module data array for adding - * @return int The parent module_id + * @param bool $throw_exception The flag indicating if exception should be thrown on error + * @return mixed The int parent module_id or false * @throws \phpbb\db\migration\exception */ - public function get_parent_module_id($parent_id, $data = '') + public function get_parent_module_id($parent_id, $data = '', $throw_exception = true) { + // Initialize exception object placeholder + $exception = false; + // Allow '' to be sent as 0 $parent_id = $parent_id ?: 0; @@ -478,7 +486,7 @@ class module implements \phpbb\db\migration\tool\tool_interface { // No parent with the given module_langname exist case 0: - throw new \phpbb\db\migration\exception('MODULE_NOT_EXIST', $parent_id); + $exception = new \phpbb\db\migration\exception('MODULE_NOT_EXIST', $parent_id); break; // Return the module id @@ -500,7 +508,7 @@ class module implements \phpbb\db\migration\tool\tool_interface $parent_id = (int) $this->db->sql_fetchfield('parent_id'); if (!$parent_id) { - throw new \phpbb\db\migration\exception('PARENT_MODULE_FIND_ERROR', $data['parent_id']); + $exception = new \phpbb\db\migration\exception('PARENT_MODULE_FIND_ERROR', $data['parent_id']); } } else if (!empty($data) && !is_array($data)) @@ -518,12 +526,21 @@ class module implements \phpbb\db\migration\tool\tool_interface else { //Unable to get the parent module id, throwing an exception - throw new \phpbb\db\migration\exception('MODULE_EXIST_MULTIPLE', $parent_id); + $exception = new \phpbb\db\migration\exception('MODULE_EXIST_MULTIPLE', $parent_id); } break; } } + if ($exception !== false) + { + if ($throw_exception) + { + throw $exception; + } + return false; + } + return $parent_id; } } diff --git a/phpBB/phpbb/db/migrator.php b/phpBB/phpbb/db/migrator.php index 86cb45df6f..d7d7f18d2b 100644 --- a/phpBB/phpbb/db/migrator.php +++ b/phpBB/phpbb/db/migrator.php @@ -243,6 +243,34 @@ class migrator } /** + * Get a valid migration name from the migration state array in case the + * supplied name is not in the migration state list. + * + * @param string $name Migration name + * @return string Migration name + */ + protected function get_valid_name($name) + { + // Try falling back to a valid migration name with or without leading backslash + if (!isset($this->migration_state[$name])) + { + $prepended_name = ($name[0] == '\\' ? '' : '\\') . $name; + $prefixless_name = $name[0] == '\\' ? substr($name, 1) : $name; + + if (isset($this->migration_state[$prepended_name])) + { + $name = $prepended_name; + } + else if (isset($this->migration_state[$prefixless_name])) + { + $name = $prefixless_name; + } + } + + return $name; + } + + /** * Effectively runs a single update step from the next migration to be applied. * * @return null @@ -251,6 +279,8 @@ class migrator { foreach ($this->migrations as $name) { + $name = $this->get_valid_name($name); + if (!isset($this->migration_state[$name]) || !$this->migration_state[$name]['migration_schema_done'] || !$this->migration_state[$name]['migration_data_done']) @@ -306,6 +336,9 @@ class migrator foreach ($state['migration_depends_on'] as $depend) { + $depend = $this->get_valid_name($depend); + + // Test all possible namings before throwing exception if ($this->unfulfillable($depend) !== false) { throw new \phpbb\db\migration\exception('MIGRATION_NOT_FULFILLABLE', $name, $depend); @@ -829,6 +862,8 @@ class migrator */ public function unfulfillable($name) { + $name = $this->get_valid_name($name); + if (isset($this->migration_state[$name]) || isset($this->fulfillable_migrations[$name])) { return false; @@ -844,6 +879,7 @@ class migrator foreach ($depends as $depend) { + $depend = $this->get_valid_name($depend); $unfulfillable = $this->unfulfillable($depend); if ($unfulfillable !== false) { diff --git a/phpBB/phpbb/db/output_handler/log_wrapper_migrator_output_handler.php b/phpBB/phpbb/db/output_handler/log_wrapper_migrator_output_handler.php index 20991746ac..e4bd3ac8e0 100644 --- a/phpBB/phpbb/db/output_handler/log_wrapper_migrator_output_handler.php +++ b/phpBB/phpbb/db/output_handler/log_wrapper_migrator_output_handler.php @@ -94,7 +94,7 @@ class log_wrapper_migrator_output_handler implements migrator_output_handler_int $translated_message = '[DEBUG] ' . $translated_message; } - fwrite($this->file_handle, $translated_message); + fwrite($this->file_handle, $translated_message . "\n"); fflush($this->file_handle); } } diff --git a/phpBB/phpbb/db/tools/tools.php b/phpBB/phpbb/db/tools/tools.php index 37ac0d0468..9273d69cd6 100644 --- a/phpBB/phpbb/db/tools/tools.php +++ b/phpBB/phpbb/db/tools/tools.php @@ -136,37 +136,6 @@ class tools implements tools_interface 'VARBINARY' => 'raw(255)', ), - 'sqlite' => array( - 'INT:' => 'int(%d)', - 'BINT' => 'bigint(20)', - 'ULINT' => 'INTEGER UNSIGNED', // 'int(10) UNSIGNED', - 'UINT' => 'INTEGER UNSIGNED', // 'mediumint(8) UNSIGNED', - 'UINT:' => 'INTEGER UNSIGNED', // 'int(%d) UNSIGNED', - 'TINT:' => 'tinyint(%d)', - 'USINT' => 'INTEGER UNSIGNED', // 'mediumint(4) UNSIGNED', - 'BOOL' => 'INTEGER UNSIGNED', // 'tinyint(1) UNSIGNED', - 'VCHAR' => 'varchar(255)', - 'VCHAR:' => 'varchar(%d)', - 'CHAR:' => 'char(%d)', - 'XSTEXT' => 'text(65535)', - 'STEXT' => 'text(65535)', - 'TEXT' => 'text(65535)', - 'MTEXT' => 'mediumtext(16777215)', - 'XSTEXT_UNI'=> 'text(65535)', - 'STEXT_UNI' => 'text(65535)', - 'TEXT_UNI' => 'text(65535)', - 'MTEXT_UNI' => 'mediumtext(16777215)', - 'TIMESTAMP' => 'INTEGER UNSIGNED', // 'int(11) UNSIGNED', - 'DECIMAL' => 'decimal(5,2)', - 'DECIMAL:' => 'decimal(%d,2)', - 'PDECIMAL' => 'decimal(6,3)', - 'PDECIMAL:' => 'decimal(%d,3)', - 'VCHAR_UNI' => 'varchar(255)', - 'VCHAR_UNI:'=> 'varchar(%d)', - 'VCHAR_CI' => 'varchar(255)', - 'VARBINARY' => 'blob', - ), - 'sqlite3' => array( 'INT:' => 'INT(%d)', 'BINT' => 'BIGINT(20)', @@ -277,12 +246,6 @@ class tools implements tools_interface $sql = 'SHOW TABLES'; break; - case 'sqlite': - $sql = 'SELECT name - FROM sqlite_master - WHERE type = "table"'; - break; - case 'sqlite3': $sql = 'SELECT name FROM sqlite_master @@ -398,7 +361,6 @@ class tools implements tools_interface { case 'mysql_40': case 'mysql_41': - case 'sqlite': case 'sqlite3': $table_sql .= ",\n\t PRIMARY KEY (" . implode(', ', $table_data['PRIMARY_KEY']) . ')'; break; @@ -420,7 +382,6 @@ class tools implements tools_interface break; case 'mysql_40': - case 'sqlite': case 'sqlite3': $table_sql .= "\n);"; $statements[] = $table_sql; @@ -497,7 +458,7 @@ class tools implements tools_interface $sqlite = false; // For SQLite we need to perform the schema changes in a much more different way - if (($this->db->get_sql_layer() == 'sqlite' || $this->db->get_sql_layer() == 'sqlite3') && $this->return_statements) + if ($this->db->get_sql_layer() == 'sqlite3' && $this->return_statements) { $sqlite_data = array(); $sqlite = true; @@ -884,7 +845,6 @@ class tools implements tools_interface WHERE LOWER(table_name) = '" . strtolower($table_name) . "'"; break; - case 'sqlite': case 'sqlite3': $sql = "SELECT sql FROM sqlite_master @@ -967,7 +927,6 @@ class tools implements tools_interface $col = 'index_name'; break; - case 'sqlite': case 'sqlite3': $sql = "PRAGMA index_list('" . $table_name . "');"; $col = 'name'; @@ -986,7 +945,6 @@ class tools implements tools_interface switch ($this->sql_layer) { case 'oracle': - case 'sqlite': case 'sqlite3': $row[$col] = substr($row[$col], strlen($table_name) + 1); break; @@ -1026,7 +984,6 @@ class tools implements tools_interface $col = 'index_name'; break; - case 'sqlite': case 'sqlite3': $sql = "PRAGMA index_list('" . $table_name . "');"; $col = 'name'; @@ -1041,7 +998,7 @@ class tools implements tools_interface continue; } - if (($this->sql_layer == 'sqlite' || $this->sql_layer == 'sqlite3') && !$row['unique']) + if ($this->sql_layer == 'sqlite3' && !$row['unique']) { continue; } @@ -1061,7 +1018,6 @@ class tools implements tools_interface } break; - case 'sqlite': case 'sqlite3': $row[$col] = substr($row[$col], strlen($table_name) + 1); break; @@ -1193,18 +1149,12 @@ class tools implements tools_interface break; - case 'sqlite': case 'sqlite3': $return_array['primary_key_set'] = false; if (isset($column_data[2]) && $column_data[2] == 'auto_increment') { - $sql .= ' INTEGER PRIMARY KEY'; + $sql .= ' INTEGER PRIMARY KEY AUTOINCREMENT'; $return_array['primary_key_set'] = true; - - if ($this->sql_layer === 'sqlite3') - { - $sql .= ' AUTOINCREMENT'; - } } else { @@ -1306,57 +1256,6 @@ class tools implements tools_interface $statements[] = 'ALTER TABLE ' . $table_name . ' ADD ' . $column_name . ' ' . $column_data['column_type_sql']; break; - case 'sqlite': - if ($inline && $this->return_statements) - { - return $column_name . ' ' . $column_data['column_type_sql']; - } - - $recreate_queries = $this->sqlite_get_recreate_table_queries($table_name); - if (empty($recreate_queries)) - { - break; - } - - $statements[] = 'begin'; - - $sql_create_table = array_shift($recreate_queries); - - // Create a backup table and populate it, destroy the existing one - $statements[] = preg_replace('#CREATE\s+TABLE\s+"?' . $table_name . '"?#i', 'CREATE TEMPORARY TABLE ' . $table_name . '_temp', $sql_create_table); - $statements[] = 'INSERT INTO ' . $table_name . '_temp SELECT * FROM ' . $table_name; - $statements[] = 'DROP TABLE ' . $table_name; - - preg_match('#\((.*)\)#s', $sql_create_table, $matches); - - $new_table_cols = trim($matches[1]); - $old_table_cols = preg_split('/,(?![\s\w]+\))/m', $new_table_cols); - $column_list = array(); - - foreach ($old_table_cols as $declaration) - { - $entities = preg_split('#\s+#', trim($declaration)); - if ($entities[0] == 'PRIMARY') - { - continue; - } - $column_list[] = $entities[0]; - } - - $columns = implode(',', $column_list); - - $new_table_cols = $column_name . ' ' . $column_data['column_type_sql'] . ',' . $new_table_cols; - - // create a new table and fill it up. destroy the temp one - $statements[] = 'CREATE TABLE ' . $table_name . ' (' . $new_table_cols . ');'; - $statements = array_merge($statements, $recreate_queries); - - $statements[] = 'INSERT INTO ' . $table_name . ' (' . $columns . ') SELECT ' . $columns . ' FROM ' . $table_name . '_temp;'; - $statements[] = 'DROP TABLE ' . $table_name . '_temp'; - - $statements[] = 'commit'; - break; - case 'sqlite3': if ($inline && $this->return_statements) { @@ -1388,7 +1287,6 @@ class tools implements tools_interface $statements[] = 'ALTER TABLE ' . $table_name . ' DROP COLUMN ' . $column_name; break; - case 'sqlite': case 'sqlite3': if ($inline && $this->return_statements) @@ -1465,7 +1363,6 @@ class tools implements tools_interface break; case 'oracle': - case 'sqlite': case 'sqlite3': $statements[] = 'DROP INDEX ' . $table_name . '_' . $index_name; break; @@ -1529,7 +1426,6 @@ class tools implements tools_interface $statements[] = 'ALTER TABLE ' . $table_name . ' add CONSTRAINT pk_' . $table_name . ' PRIMARY KEY (' . implode(', ', $column) . ')'; break; - case 'sqlite': case 'sqlite3': if ($inline && $this->return_statements) @@ -1596,7 +1492,6 @@ class tools implements tools_interface switch ($this->sql_layer) { case 'oracle': - case 'sqlite': case 'sqlite3': $statements[] = 'CREATE UNIQUE INDEX ' . $table_name . '_' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; break; @@ -1628,7 +1523,6 @@ class tools implements tools_interface switch ($this->sql_layer) { case 'oracle': - case 'sqlite': case 'sqlite3': $statements[] = 'CREATE INDEX ' . $table_name . '_' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; break; @@ -1693,7 +1587,6 @@ class tools implements tools_interface $col = 'index_name'; break; - case 'sqlite': case 'sqlite3': $sql = "PRAGMA index_info('" . $table_name . "');"; $col = 'name'; @@ -1711,7 +1604,6 @@ class tools implements tools_interface switch ($this->sql_layer) { case 'oracle': - case 'sqlite': case 'sqlite3': $row[$col] = substr($row[$col], strlen($table_name) + 1); break; @@ -1818,7 +1710,6 @@ class tools implements tools_interface $this->return_statements = $old_return_statements; break; - case 'sqlite': case 'sqlite3': if ($inline && $this->return_statements) @@ -1899,7 +1790,6 @@ class tools implements tools_interface { case 'mysql_40': case 'mysql_41': - case 'sqlite': case 'sqlite3': // Not supported throw new \Exception('DBMS is not supported'); diff --git a/phpBB/phpbb/event/kernel_exception_subscriber.php b/phpBB/phpbb/event/kernel_exception_subscriber.php index e427abf5e3..b7a54f2608 100644 --- a/phpBB/phpbb/event/kernel_exception_subscriber.php +++ b/phpBB/phpbb/event/kernel_exception_subscriber.php @@ -36,6 +36,9 @@ class kernel_exception_subscriber implements EventSubscriberInterface */ protected $language; + /** @var \phpbb\request\type_cast_helper */ + protected $type_caster; + /** * Construct method * @@ -46,6 +49,7 @@ class kernel_exception_subscriber implements EventSubscriberInterface { $this->template = $template; $this->language = $language; + $this->type_caster = new \phpbb\request\type_cast_helper(); } /** @@ -59,12 +63,16 @@ class kernel_exception_subscriber implements EventSubscriberInterface $exception = $event->getException(); $message = $exception->getMessage(); + $this->type_caster->set_var($message, $message, 'string', true, false); if ($exception instanceof \phpbb\exception\exception_interface) { $message = $this->language->lang_array($message, $exception->get_parameters()); } + // Show <strong> text in bold + $message = preg_replace('#<(/?strong)>#i', '<$1>', $message); + if (!$event->getRequest()->isXmlHttpRequest()) { page_header($this->language->lang('INFORMATION')); diff --git a/phpBB/phpbb/install/helper/database.php b/phpBB/phpbb/install/helper/database.php index be0c953d28..192f0a3654 100644 --- a/phpBB/phpbb/install/helper/database.php +++ b/phpBB/phpbb/install/helper/database.php @@ -90,15 +90,6 @@ class database 'AVAILABLE' => true, '2.0.x' => true, ), - 'sqlite' => array( - 'LABEL' => 'SQLite', - 'SCHEMA' => 'sqlite', - 'MODULE' => 'sqlite', - 'DELIM' => ';', - 'DRIVER' => 'phpbb\db\driver\sqlite', - 'AVAILABLE' => true, - '2.0.x' => false, - ), 'sqlite3' => array( 'LABEL' => 'SQLite3', 'SCHEMA' => 'sqlite', @@ -390,14 +381,6 @@ class database ); } break; - case 'sqlite': - if (version_compare($db->sql_server_info(true), '2.8.2', '<')) - { - $errors[] = array( - 'title' => 'INST_ERR_DB_NO_SQLITE', - ); - } - break; case 'sqlite3': if (version_compare($db->sql_server_info(true), '3.6.15', '<')) { diff --git a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php index c168d26425..a40d457466 100644 --- a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php +++ b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php @@ -123,6 +123,14 @@ class ajax_iohandler extends iohandler_base /** * {@inheritdoc} */ + public function get_raw_input($name, $default) + { + return $this->request->raw_variable($name, $default); + } + + /** + * {@inheritdoc} + */ public function get_server_variable($name, $default = '') { return $this->request->server($name, $default); diff --git a/phpBB/phpbb/install/helper/iohandler/cli_iohandler.php b/phpBB/phpbb/install/helper/iohandler/cli_iohandler.php index 196cdcdaab..4117a3dfd3 100644 --- a/phpBB/phpbb/install/helper/iohandler/cli_iohandler.php +++ b/phpBB/phpbb/install/helper/iohandler/cli_iohandler.php @@ -74,6 +74,20 @@ class cli_iohandler extends iohandler_base return $result; } + /** + * {@inheritdoc} + */ + public function get_raw_input($name, $default) + { + return $this->get_input($name, $default, true); + } + + /** + * Set input variable + * + * @param string $name Name of input variable + * @param mixed $value Value of input variable + */ public function set_input($name, $value) { $this->input_values[$name] = $value; diff --git a/phpBB/phpbb/install/helper/iohandler/iohandler_interface.php b/phpBB/phpbb/install/helper/iohandler/iohandler_interface.php index f22f33d9cb..440748901c 100644 --- a/phpBB/phpbb/install/helper/iohandler/iohandler_interface.php +++ b/phpBB/phpbb/install/helper/iohandler/iohandler_interface.php @@ -39,9 +39,20 @@ interface iohandler_interface public function get_input($name, $default, $multibyte = false); /** + * Returns raw input variable + * + * @param string $name Name of the input variable to obtain + * @param mixed $default A default value that is returned if the variable was not set. + * This function will always return a value of the same type as the default. + * + * @return mixed Value of the raw input variable + */ + public function get_raw_input($name, $default); + + /** * Returns server variable * - * This function should work the same as request_interterface::server(). + * This function should work the same as request_interface::server(). * * @param string $name Name of the server variable * @param mixed $default Default value to return when the requested variable does not exist @@ -51,7 +62,7 @@ interface iohandler_interface public function get_server_variable($name, $default = ''); /** - * Wrapper function for request_interterface::header() + * Wrapper function for request_interface::header() * * @param string $name Name of the request header variable * @param mixed $default Default value to return when the requested variable does not exist diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php index ce720dbf76..dc7b060746 100644 --- a/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php +++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php @@ -79,7 +79,7 @@ class obtain_database_data extends \phpbb\install\task_base implements \phpbb\in $dbhost = $this->io_handler->get_input('dbhost', '', true); $dbport = $this->io_handler->get_input('dbport', ''); $dbuser = $this->io_handler->get_input('dbuser', ''); - $dbpasswd = $this->io_handler->get_input('dbpasswd', '', true); + $dbpasswd = $this->io_handler->get_raw_input('dbpasswd', ''); $dbname = $this->io_handler->get_input('dbname', ''); $table_prefix = $this->io_handler->get_input('table_prefix', ''); diff --git a/phpBB/phpbb/notification/type/report_pm.php b/phpBB/phpbb/notification/type/report_pm.php index 6091919769..239805204c 100644 --- a/phpBB/phpbb/notification/type/report_pm.php +++ b/phpBB/phpbb/notification/type/report_pm.php @@ -52,7 +52,7 @@ class report_pm extends \phpbb\notification\type\pm * * @var string Permission name */ - protected $permission = 'm_report'; + protected $permission = 'm_pm_report'; /** * Notification option data (for outputting to the user) diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index 4cac6fbaea..92d4213180 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -225,6 +225,51 @@ class request implements \phpbb\request\request_interface } /** + * {@inheritdoc} + */ + public function raw_variable($var_name, $default, $super_global = \phpbb\request\request_interface::REQUEST) + { + $path = false; + + // deep direct access to multi dimensional arrays + if (is_array($var_name)) + { + $path = $var_name; + // make sure at least the variable name is specified + if (empty($path)) + { + return (is_array($default)) ? array() : $default; + } + // the variable name is the first element on the path + $var_name = array_shift($path); + } + + if (!isset($this->input[$super_global][$var_name])) + { + return (is_array($default)) ? array() : $default; + } + $var = $this->input[$super_global][$var_name]; + + if ($path) + { + // walk through the array structure and find the element we are looking for + foreach ($path as $key) + { + if (is_array($var) && isset($var[$key])) + { + $var = $var[$key]; + } + else + { + return (is_array($default)) ? array() : $default; + } + } + } + + return $var; + } + + /** * Shortcut method to retrieve SERVER variables. * * Also fall back to getenv(), some CGI setups may need it (probably not, but @@ -369,41 +414,14 @@ class request implements \phpbb\request\request_interface */ protected function _variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST, $trim = true) { - $path = false; - - // deep direct access to multi dimensional arrays - if (is_array($var_name)) - { - $path = $var_name; - // make sure at least the variable name is specified - if (empty($path)) - { - return (is_array($default)) ? array() : $default; - } - // the variable name is the first element on the path - $var_name = array_shift($path); - } + $var = $this->raw_variable($var_name, $default, $super_global); - if (!isset($this->input[$super_global][$var_name])) + // Return prematurely if raw variable is empty array or the same as + // the default. Using strict comparison to ensure that one can't + // prevent proper type checking on any input variable + if ($var === array() || $var === $default) { - return (is_array($default)) ? array() : $default; - } - $var = $this->input[$super_global][$var_name]; - - if ($path) - { - // walk through the array structure and find the element we are looking for - foreach ($path as $key) - { - if (is_array($var) && isset($var[$key])) - { - $var = $var[$key]; - } - else - { - return (is_array($default)) ? array() : $default; - } - } + return $var; } $this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim); diff --git a/phpBB/phpbb/request/request_interface.php b/phpBB/phpbb/request/request_interface.php index 47b3b3a4ed..3bfa8bb424 100644 --- a/phpBB/phpbb/request/request_interface.php +++ b/phpBB/phpbb/request/request_interface.php @@ -65,6 +65,28 @@ interface request_interface public function variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST); /** + * Get a variable without trimming strings and without escaping. + * This method MUST NOT be used with queries. + * Same functionality as variable(), except does not run trim() on strings + * and does not escape input. + * This method should only be used when the raw input is needed without + * any escaping, i.e. for database password during the installation. + * + * @param string|array $var_name The form variable's name from which data shall be retrieved. + * If the value is an array this may be an array of indizes which will give + * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a") + * then specifying array("var", 1) as the name will return "a". + * @param mixed $default A default value that is returned if the variable was not set. + * This function will always return a value of the same type as the default. + * @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global + * Specifies which super global should be used + * + * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * the same as that of $default. If the variable is not set $default is returned. + */ + public function raw_variable($var_name, $default, $super_global = \phpbb\request\request_interface::REQUEST); + + /** * Shortcut method to retrieve SERVER variables. * * @param string|array $var_name See \phpbb\request\request_interface::variable diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php index 580d9b6878..2071a973e5 100644 --- a/phpBB/phpbb/search/fulltext_native.php +++ b/phpBB/phpbb/search/fulltext_native.php @@ -878,7 +878,6 @@ class fulltext_native extends \phpbb\search\base break; - case 'sqlite': case 'sqlite3': $sql_array_count['SELECT'] = ($type == 'posts') ? 'DISTINCT p.post_id' : 'DISTINCT p.topic_id'; $sql = 'SELECT COUNT(' . (($type == 'posts') ? 'post_id' : 'topic_id') . ') as total_results @@ -1185,7 +1184,7 @@ class fulltext_native extends \phpbb\search\base } else { - if ($this->db->get_sql_layer() == 'sqlite' || $this->db->get_sql_layer() == 'sqlite3') + if ($this->db->get_sql_layer() == 'sqlite3') { $sql = 'SELECT COUNT(topic_id) as total_results FROM (SELECT DISTINCT t.topic_id'; @@ -1202,7 +1201,7 @@ class fulltext_native extends \phpbb\search\base $post_visibility $sql_fora AND t.topic_id = p.topic_id - $sql_time" . (($this->db->get_sql_layer() == 'sqlite' || $this->db->get_sql_layer() == 'sqlite3') ? ')' : ''); + $sql_time" . ($this->db->get_sql_layer() == 'sqlite3' ? ')' : ''); } $result = $this->db->sql_query($sql); @@ -1667,7 +1666,6 @@ class fulltext_native extends \phpbb\search\base { switch ($this->db->get_sql_layer()) { - case 'sqlite': case 'sqlite3': $this->db->sql_query('DELETE FROM ' . SEARCH_WORDLIST_TABLE); $this->db->sql_query('DELETE FROM ' . SEARCH_WORDMATCH_TABLE); diff --git a/phpBB/phpbb/template/twig/loader.php b/phpBB/phpbb/template/twig/loader.php index 8b12188a77..d2b42852ce 100644 --- a/phpBB/phpbb/template/twig/loader.php +++ b/phpBB/phpbb/template/twig/loader.php @@ -101,6 +101,16 @@ class loader extends \Twig_Loader_Filesystem } /** + * Adds a realpath call to fix a BC break in Twig 1.26 (https://github.com/twigphp/Twig/issues/2145) + * + * {@inheritdoc} + */ + public function addPath($path, $namespace = self::MAIN_NAMESPACE) + { + return parent::addPath($this->filesystem->realpath($path), $namespace); + } + + /** * Find the template * * Override for Twig_Loader_Filesystem::findTemplate to add support diff --git a/phpBB/phpbb/textformatter/s9e/factory.php b/phpBB/phpbb/textformatter/s9e/factory.php index f62daefdd9..a310c67359 100644 --- a/phpBB/phpbb/textformatter/s9e/factory.php +++ b/phpBB/phpbb/textformatter/s9e/factory.php @@ -311,7 +311,7 @@ class factory implements \phpbb\textformatter\cache_interface { $configurator->Emoticons->set( $row['code'], - '<img class="smilies" src="{$T_SMILIES_PATH}/' . htmlspecialchars($row['smiley_url']) . '" alt="{.}" title="' . htmlspecialchars($row['emotion']) . '"/>' + '<img class="smilies" src="{$T_SMILIES_PATH}/' . htmlspecialchars($row['smiley_url']) . '" width="' . $row['smiley_width'] . '" height="' . $row['smiley_height'] . '" alt="{.}" title="' . htmlspecialchars($row['emotion']) . '"/>' ); } |