aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb')
-rw-r--r--phpBB/phpbb/avatar/driver/local.php4
-rw-r--r--phpBB/phpbb/avatar/driver/upload.php4
-rw-r--r--phpBB/phpbb/cache/driver/file.php14
-rw-r--r--phpBB/phpbb/captcha/plugins/qa.php62
-rw-r--r--phpBB/phpbb/content_visibility.php6
-rw-r--r--phpBB/phpbb/db/migration/data/v310/avatars.php24
-rw-r--r--phpBB/phpbb/plupload/plupload.php2
-rw-r--r--phpBB/phpbb/search/fulltext_native.php19
8 files changed, 86 insertions, 49 deletions
diff --git a/phpBB/phpbb/avatar/driver/local.php b/phpBB/phpbb/avatar/driver/local.php
index 8888686b2d..36087f8ba0 100644
--- a/phpBB/phpbb/avatar/driver/local.php
+++ b/phpBB/phpbb/avatar/driver/local.php
@@ -23,8 +23,10 @@ class local extends \phpbb\avatar\driver\driver
*/
public function get_data($row)
{
+ $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $this->path_helper->get_web_root_path();
+
return array(
- 'src' => $this->path_helper->get_web_root_path() . $this->config['avatar_gallery_path'] . '/' . $row['avatar'],
+ 'src' => $root_path . $this->config['avatar_gallery_path'] . '/' . $row['avatar'],
'width' => $row['avatar_width'],
'height' => $row['avatar_height'],
);
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php
index 003b23659f..ee36243844 100644
--- a/phpBB/phpbb/avatar/driver/upload.php
+++ b/phpBB/phpbb/avatar/driver/upload.php
@@ -48,8 +48,10 @@ class upload extends \phpbb\avatar\driver\driver
*/
public function get_data($row, $ignore_config = false)
{
+ $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $this->path_helper->get_web_root_path();
+
return array(
- 'src' => $this->path_helper->get_web_root_path() . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'],
+ 'src' => $root_path . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'],
'width' => $row['avatar_width'],
'height' => $row['avatar_height'],
);
diff --git a/phpBB/phpbb/cache/driver/file.php b/phpBB/phpbb/cache/driver/file.php
index fd5bce4515..9a7c4aec7f 100644
--- a/phpBB/phpbb/cache/driver/file.php
+++ b/phpBB/phpbb/cache/driver/file.php
@@ -279,6 +279,7 @@ class file extends \phpbb\cache\driver\base
if ($var_name[0] == '_')
{
global $phpEx;
+ $var_name = $this->clean_varname($var_name);
return file_exists($this->cache_dir . 'data' . $var_name . ".$phpEx");
}
else
@@ -334,6 +335,7 @@ class file extends \phpbb\cache\driver\base
{
global $phpEx;
+ $filename = $this->clean_varname($filename);
$file = "{$this->cache_dir}$filename.$phpEx";
$type = substr($filename, 0, strpos($filename, '_'));
@@ -516,6 +518,7 @@ class file extends \phpbb\cache\driver\base
{
global $phpEx;
+ $filename = $this->clean_varname($filename);
$file = "{$this->cache_dir}$filename.$phpEx";
$lock = new \phpbb\lock\flock($file);
@@ -584,4 +587,15 @@ class file extends \phpbb\cache\driver\base
return $return_value;
}
+
+ /**
+ * Replace slashes in the file name
+ *
+ * @param string $varname name of a cache variable
+ * @return string $varname name that is safe to use as a filename
+ */
+ protected function clean_varname($varname)
+ {
+ return str_replace('/', '-', $varname);
+ }
}
diff --git a/phpBB/phpbb/captcha/plugins/qa.php b/phpBB/phpbb/captcha/plugins/qa.php
index a7ba994cc3..04052b3406 100644
--- a/phpBB/phpbb/captcha/plugins/qa.php
+++ b/phpBB/phpbb/captcha/plugins/qa.php
@@ -125,7 +125,7 @@ class qa
*/
public function is_available()
{
- global $config, $db, $phpbb_root_path, $phpEx, $user;
+ global $config, $db, $user;
// load language file for pretty display in the ACP dropdown
$user->add_lang('captcha_qa');
@@ -263,7 +263,7 @@ class qa
*/
function garbage_collect($type = 0)
{
- global $db, $config;
+ global $db;
$sql = 'SELECT c.confirm_id
FROM ' . $this->table_qa_confirm . ' c
@@ -310,8 +310,6 @@ class qa
$db_tool = new \phpbb\db\tools($db);
- $tables = array($this->table_captcha_questions, $this->table_captcha_answers, $this->table_qa_confirm);
-
$schemas = array(
$this->table_captcha_questions => array (
'COLUMNS' => array(
@@ -366,7 +364,7 @@ class qa
*/
function validate()
{
- global $config, $db, $user;
+ global $user;
$error = '';
@@ -414,7 +412,7 @@ class qa
if (!sizeof($this->question_ids))
{
- return false;
+ return;
}
$this->confirm_id = md5(unique_id($user->ip));
$this->question = (int) array_rand($this->question_ids);
@@ -440,7 +438,7 @@ class qa
if (!sizeof($this->question_ids))
{
- return false;
+ return;
}
$this->question = (int) array_rand($this->question_ids);
@@ -611,8 +609,8 @@ class qa
*/
function acp_page($id, &$module)
{
- global $db, $user, $auth, $template;
- global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+ global $user, $template;
+ global $config;
$user->add_lang('acp/board');
$user->add_lang('captcha_qa');
@@ -674,11 +672,7 @@ class qa
else
{
// okay, show the editor
- $error = false;
- $input_question = request_var('question_text', '', true);
- $input_answers = request_var('answers', '', true);
- $input_lang = request_var('lang_iso', '', true);
- $input_strict = request_var('strict', false);
+ $question_input = $this->acp_get_question_input();
$langs = $this->get_languages();
foreach ($langs as $lang => $entry)
@@ -697,13 +691,11 @@ class qa
{
if ($question = $this->acp_get_question_data($question_id))
{
- $answers = (isset($input_answers[$lang])) ? $input_answers[$lang] : implode("\n", $question['answers']);
-
$template->assign_vars(array(
- 'QUESTION_TEXT' => ($input_question) ? $input_question : $question['question_text'],
- 'LANG_ISO' => ($input_lang) ? $input_lang : $question['lang_iso'],
- 'STRICT' => (isset($_REQUEST['strict'])) ? $input_strict : $question['strict'],
- 'ANSWERS' => $answers,
+ 'QUESTION_TEXT' => ($question_input['question_text']) ? $question_input['question_text'] : $question['question_text'],
+ 'LANG_ISO' => ($question_input['lang_iso']) ? $question_input['lang_iso'] : $question['lang_iso'],
+ 'STRICT' => (isset($_REQUEST['strict'])) ? $question_input['strict'] : $question['strict'],
+ 'ANSWERS' => implode("\n", $question['answers']),
));
}
else
@@ -714,18 +706,16 @@ class qa
else
{
$template->assign_vars(array(
- 'QUESTION_TEXT' => $input_question,
- 'LANG_ISO' => $input_lang,
- 'STRICT' => $input_strict,
- 'ANSWERS' => $input_answers,
+ 'QUESTION_TEXT' => $question_input['question_text'],
+ 'LANG_ISO' => $question_input['lang_iso'],
+ 'STRICT' => $question_input['strict'],
+ 'ANSWERS' => (is_array($question_input['answers'])) ? implode("\n", $question_input['answers']) : '',
));
}
if ($submit && check_form_key($form_key))
{
- $data = $this->acp_get_question_input();
-
- if (!$this->validate_input($data))
+ if (!$this->validate_input($question_input))
{
$template->assign_vars(array(
'S_ERROR' => true,
@@ -735,11 +725,11 @@ class qa
{
if ($question_id)
{
- $this->acp_update_question($data, $question_id);
+ $this->acp_update_question($question_input, $question_id);
}
else
{
- $this->acp_add_question($data);
+ $this->acp_add_question($question_input);
}
add_log('admin', 'LOG_CONFIG_VISUAL');
@@ -819,6 +809,8 @@ class qa
return $question;
}
+
+ return false;
}
/**
@@ -827,13 +819,21 @@ class qa
function acp_get_question_input()
{
$answers = utf8_normalize_nfc(request_var('answers', '', true));
+
+ // Convert answers into array and filter if answers are set
+ if (strlen($answers))
+ {
+ $answers = array_filter(array_map('trim', explode("\n", $answers)), function ($value) {
+ return $value !== '';
+ });
+ }
+
$question = array(
'question_text' => request_var('question_text', '', true),
'strict' => request_var('strict', false),
'lang_iso' => request_var('lang_iso', ''),
- 'answers' => (strlen($answers)) ? explode("\n", $answers) : '',
+ 'answers' => $answers,
);
-
return $question;
}
diff --git a/phpBB/phpbb/content_visibility.php b/phpBB/phpbb/content_visibility.php
index 700009da6a..0ba0489cb7 100644
--- a/phpBB/phpbb/content_visibility.php
+++ b/phpBB/phpbb/content_visibility.php
@@ -237,7 +237,7 @@ class content_visibility
if (!sizeof($forum_ids))
{
// The user can see all posts/topics in all specified forums
- return $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums);
+ return $where_sql . $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums) . ')';
}
else
{
@@ -248,8 +248,8 @@ class content_visibility
else
{
// The user is just a normal user
- return $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
- AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true);
+ return $where_sql . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
+ AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true) . ')';
}
$where_sql .= '(' . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
diff --git a/phpBB/phpbb/db/migration/data/v310/avatars.php b/phpBB/phpbb/db/migration/data/v310/avatars.php
index 2698adeed5..9b03a8fa94 100644
--- a/phpBB/phpbb/db/migration/data/v310/avatars.php
+++ b/phpBB/phpbb/db/migration/data/v310/avatars.php
@@ -17,7 +17,29 @@ class avatars extends \phpbb\db\migration\migration
{
public function effectively_installed()
{
- return isset($this->config['allow_avatar_gravatar']);
+ // Get current avatar type of guest user
+ $sql = 'SELECT user_avatar_type
+ FROM ' . $this->table_prefix . 'users
+ WHERE user_id = ' . ANONYMOUS;
+ $result = $this->db->sql_query($sql);
+ $backup_type = $this->db->sql_fetchfield('user_avatar_type');
+ $this->db->sql_freeresult($result);
+
+ // Try to set avatar type to string
+ $sql = 'UPDATE ' . $this->table_prefix . "users
+ SET user_avatar_type = 'avatar.driver.upload'
+ WHERE user_id = " . ANONYMOUS;
+ $this->db->sql_return_on_error(true);
+ $effectively_installed = $this->db->sql_query($sql);
+ $this->db->sql_return_on_error();
+
+ // Restore avatar type of guest user to previous state
+ $sql = 'UPDATE ' . $this->table_prefix . "users
+ SET user_avatar_type = '{$backup_type}'
+ WHERE user_id = " . ANONYMOUS;
+ $this->db->sql_query($sql);
+
+ return $effectively_installed !== false;
}
static public function depends_on()
diff --git a/phpBB/phpbb/plupload/plupload.php b/phpBB/phpbb/plupload/plupload.php
index 3c686a552f..fcce5b3bd8 100644
--- a/phpBB/phpbb/plupload/plupload.php
+++ b/phpBB/phpbb/plupload/plupload.php
@@ -326,7 +326,7 @@ class plupload
$tmp_file = $this->temporary_filepath($upload['tmp_name']);
- if (!move_uploaded_file($upload['tmp_name'], $tmp_file))
+ if (!phpbb_is_writable($this->temporary_directory) || !move_uploaded_file($upload['tmp_name'], $tmp_file))
{
$this->emit_error(103, 'PLUPLOAD_ERR_MOVE_UPLOADED');
}
diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php
index 93ea46ca60..4d02dd1cbf 100644
--- a/phpBB/phpbb/search/fulltext_native.php
+++ b/phpBB/phpbb/search/fulltext_native.php
@@ -823,6 +823,13 @@ class fulltext_native extends \phpbb\search\base
);
}
+ // if using mysql and the total result count is not calculated yet, get it from the db
+ if (!$total_results && $is_mysql)
+ {
+ // Also count rows for the query as if there was not LIMIT. Add SQL_CALC_FOUND_ROWS to SQL
+ $sql_array['SELECT'] = 'SQL_CALC_FOUND_ROWS ' . $sql_array['SELECT'];
+ }
+
$sql_array['WHERE'] = implode(' AND ', $sql_where);
$sql_array['GROUP_BY'] = ($group_by) ? (($type == 'posts') ? 'p.post_id' : 'p.topic_id') . ', ' . $sort_by_sql[$sort_key] : '';
$sql_array['ORDER_BY'] = $sql_sort;
@@ -838,19 +845,9 @@ class fulltext_native extends \phpbb\search\base
}
$this->db->sql_freeresult($result);
- // if we use mysql and the total result count is not cached yet, retrieve it from the db
if (!$total_results && $is_mysql)
{
- // Count rows for the executed queries. Replace $select within $sql with SQL_CALC_FOUND_ROWS, and run it
- $sql_array_copy = $sql_array;
- $sql_array_copy['SELECT'] = 'SQL_CALC_FOUND_ROWS p.post_id ';
-
- $sql_calc = $this->db->sql_build_query('SELECT', $sql_array_copy);
- unset($sql_array_copy);
-
- $this->db->sql_query($sql_calc);
- $this->db->sql_freeresult($result);
-
+ // Get the number of results as calculated by MySQL
$sql_count = 'SELECT FOUND_ROWS() as total_results';
$result = $this->db->sql_query($sql_count);
$total_results = (int) $this->db->sql_fetchfield('total_results');
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-24 10:28:51 +0000