4 files changed, 130 insertions, 13 deletions
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php
index ee36243844..a1d84345e1 100644
--- a/phpBB/phpbb/avatar/driver/upload.php
+++ b/phpBB/phpbb/avatar/driver/upload.php
@@ -24,6 +24,11 @@ class upload extends \phpbb\avatar\driver\driver
 	protected $mimetype_guesser;
 
 	/**
+	* @var \phpbb\event\dispatcher_interface
+	*/
+	protected $dispatcher;
+
+	/**
 	* Construct a driver object
 	*
 	* @param \phpbb\config\config $config phpBB configuration
@@ -31,15 +36,17 @@ class upload extends \phpbb\avatar\driver\driver
 	* @param string $php_ext PHP file extension
 	* @param \phpbb_path_helper $path_helper phpBB path helper
 	* @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
+	* @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object
 	* @param \phpbb\cache\driver\driver_interface $cache Cache driver
 	*/
-	public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\path_helper $path_helper, \phpbb\mimetype\guesser $mimetype_guesser, \phpbb\cache\driver\driver_interface $cache = null)
+	public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\path_helper $path_helper, \phpbb\mimetype\guesser $mimetype_guesser, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\cache\driver\driver_interface $cache = null)
 	{
 		$this->config = $config;
 		$this->phpbb_root_path = $phpbb_root_path;
 		$this->php_ext = $php_ext;
 		$this->path_helper = $path_helper;
 		$this->mimetype_guesser = $mimetype_guesser;
+		$this->dispatcher = $dispatcher;
 		$this->cache = $cache;
 	}
 
@@ -137,6 +144,15 @@ class upload extends \phpbb\avatar\driver\driver
 		$prefix = $this->config['avatar_salt'] . '_';
 		$file->clean_filename('avatar', $prefix, $row['id']);
 
+		// If there was an error during upload, then abort operation
+		if (sizeof($file->error))
+		{
+			$file->remove();
+			$error = $file->error;
+			return false;
+		}
+
+		// Calculate new destination
 		$destination = $this->config['avatar_path'];
 
 		// Adjust destination path (no trailing slash)
@@ -151,16 +167,45 @@ class upload extends \phpbb\avatar\driver\driver
 			$destination = '';
 		}
 
-		// Move file and overwrite any existing image
-		$file->move_file($destination, true);
+		/**
+		* Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar)
+		*
+		* @event core.avatar_driver_upload_move_file_before
+		* @var	string	destination			Destination directory where the file is going to be moved
+		* @var	string	prefix				Prefix for the avatar filename
+		* @var	array	row					Array with avatar row data
+		* @var	array	error				Array of errors, if filled in by this event file will not be moved
+		* @since 3.1.6-RC1
+		*/
+		$vars = array(
+			'destination',
+			'prefix',
+			'row',
+			'error',
+		);
+		extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars)));
 
-		if (sizeof($file->error))
+		if (!sizeof($error))
+		{
+			// Move file and overwrite any existing image
+			$file->move_file($destination, true);
+		}
+
+		// If there was an error during move, then clean up leftovers
+		$error = array_merge($error, $file->error);
+		if (sizeof($error))
 		{
 			$file->remove();
-			$error = array_merge($error, $file->error);
 			return false;
 		}
 
+		// Delete current avatar if not overwritten
+		$ext = substr(strrchr($row['avatar'], '.'), 1);
+		if ($ext && $ext !== $file->get('extension'))
+		{
+			$this->delete($row);
+		}
+
 		return array(
 			'avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'),
 			'avatar_width' => $file->get('width'),
@@ -185,10 +230,32 @@ class upload extends \phpbb\avatar\driver\driver
 	*/
 	public function delete($row)
 	{
+
+		$error = array();
+		$destination = $this->config['avatar_path'];
+		$prefix = $this->config['avatar_salt'] . '_';
 		$ext = substr(strrchr($row['avatar'], '.'), 1);
-		$filename = $this->phpbb_root_path . $this->config['avatar_path'] . '/' . $this->config['avatar_salt'] . '_' . $row['id'] . '.' . $ext;
+		$filename = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $ext;
+
+		/**
+		* Before deleting an existing avatar
+		*
+		* @event core.avatar_driver_upload_delete_before
+		* @var	string	destination			Destination directory where the file is going to be deleted
+		* @var	string	prefix				Prefix for the avatar filename
+		* @var	array	row					Array with avatar row data
+		* @var	array	error				Array of errors, if filled in by this event file will not be deleted
+		* @since 3.1.6-RC1
+		*/
+		$vars = array(
+			'destination',
+			'prefix',
+			'row',
+			'error',
+		);
+		extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars)));
 
-		if (file_exists($filename))
+		if (!sizeof($error) && file_exists($filename))
 		{
 			@unlink($filename);
 		}
diff --git a/phpBB/phpbb/notification/method/messenger_base.php b/phpBB/phpbb/notification/method/messenger_base.php
index bde4573117..c3aee088f9 100644
--- a/phpBB/phpbb/notification/method/messenger_base.php
+++ b/phpBB/phpbb/notification/method/messenger_base.php
@@ -69,7 +69,7 @@ abstract class messenger_base extends \phpbb\notification\method\base
 
 			$user = $this->user_loader->get_user($notification->user_id);
 
-			if ($user['user_type'] == USER_IGNORE || in_array($notification->user_id, $banned_users))
+			if ($user['user_type'] == USER_IGNORE || ($user['user_type'] == USER_INACTIVE && $user['user_inactive_reason'] == INACTIVE_MANUAL) || in_array($notification->user_id, $banned_users))
 			{
 				continue;
 			}
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index bedd581725..a5c8f264e0 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -519,7 +519,7 @@ class session
 	*/
 	function session_create($user_id = false, $set_admin = false, $persist_login = false, $viewonline = true)
 	{
-		global $SID, $_SID, $db, $config, $cache, $phpbb_root_path, $phpEx, $phpbb_container;
+		global $SID, $_SID, $db, $config, $cache, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
 
 		$this->data = array();
 
@@ -893,6 +893,19 @@ class session
 			$_SID = '';
 		}
 
+		$session_data = $sql_ary;
+		/**
+		* Event to send new session data to extension
+		* Read-only event
+		*
+		* @event core.session_create_after
+		* @var	array		session_data				Associative array of session keys to be updated
+		* @since 3.1.6-RC1
+		*/
+		$vars = array('session_data');
+		extract($phpbb_dispatcher->trigger_event('core.session_create_after', compact($vars)));
+		unset($session_data);
+
 		return true;
 	}
 
@@ -906,13 +919,30 @@ class session
 	*/
 	function session_kill($new_session = true)
 	{
-		global $SID, $_SID, $db, $config, $phpbb_root_path, $phpEx, $phpbb_container;
+		global $SID, $_SID, $db, $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
 
 		$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
 			WHERE session_id = '" . $db->sql_escape($this->session_id) . "'
 				AND session_user_id = " . (int) $this->data['user_id'];
 		$db->sql_query($sql);
 
+		$user_id = (int) $this->data['user_id'];
+		$session_id = $this->session_id;
+		/**
+		* Event to send session kill information to extension
+		* Read-only event
+		*
+		* @event core.session_kill_after
+		* @var	int		user_id				user_id of the session user.
+		* @var	string		session_id				current user's session_id
+		* @var	bool	new_session 	should we create new session for user
+		* @since 3.1.6-RC1
+		*/
+		$vars = array('user_id', 'session_id', 'new_session');
+		extract($phpbb_dispatcher->trigger_event('core.session_kill_after', compact($vars)));
+		unset($user_id);
+		unset($session_id);
+
 		// Allow connecting logout with external auth method logout
 		$provider_collection = $phpbb_container->get('auth.provider_collection');
 		$provider = $provider_collection->get_provider();
@@ -980,7 +1010,7 @@ class session
 	*/
 	function session_gc()
 	{
-		global $db, $config, $phpbb_root_path, $phpEx, $phpbb_container;
+		global $db, $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
 
 		$batch_size = 10;
 
@@ -1048,6 +1078,14 @@ class session
 			$db->sql_query($sql);
 		}
 
+		/**
+		* Event to trigger extension on session_gc
+		*
+		* @event core.session_gc_after
+		* @since 3.1.6-RC1
+		*/
+		$phpbb_dispatcher->dispatch('core.session_gc_after');
+
 		return;
 	}
 
@@ -1541,12 +1579,24 @@ class session
 	*/
 	public function update_session($session_data, $session_id = null)
 	{
-		global $db;
+		global $db, $phpbb_dispatcher;
 
 		$session_id = ($session_id) ? $session_id : $this->session_id;
 
 		$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $session_data) . "
 			WHERE session_id = '" . $db->sql_escape($session_id) . "'";
 		$db->sql_query($sql);
+
+		/**
+		* Event to send update session information to extension
+		* Read-only event
+		*
+		* @event core.update_session_after
+		* @var	array		session_data				Associative array of session keys to be updated
+		* @var	string		session_id				current user's session_id
+		* @since 3.1.6-RC1
+		*/
+		$vars = array('session_data', 'session_id');
+		extract($phpbb_dispatcher->trigger_event('core.update_session_after', compact($vars)));
 	}
 }
diff --git a/phpBB/phpbb/template/twig/node/includecss.php b/phpBB/phpbb/template/twig/node/includecss.php
index 2ce63402aa..2dac154036 100644
--- a/phpBB/phpbb/template/twig/node/includecss.php
+++ b/phpBB/phpbb/template/twig/node/includecss.php
@@ -31,7 +31,7 @@ class includecss extends \phpbb\template\twig\node\includeasset
 		$compiler
 			->raw("<link href=\"' . ")
 			->raw("\$asset_file . '\"")
-			->raw(' rel="stylesheet" type="text/css" media="screen, projection" />')
+			->raw(' rel="stylesheet" type="text/css" media="screen" />')
 		;
 	}
 }