+ 'user_row' => $this->user_row($php_auth_user, $php_auth_pw),

+ user_add($this->user_row($php_auth_user, $php_auth_pw));

+ $sql = 'SELECT *

+ $this->db->sql_query($sql);

+ if ($this->passwords_manager->check($password, $row['user_password'], $row))

+ 'error_msg' => 'LOGIN_ERROR_PASSWORD',

+ $result = $this->prefix_avatar_columns($prefix, self::$default_row);

+ $sql = 'UPDATE ' . $table . '

+ SET ' . $db->sql_build_array('UPDATE', $result) . '

+ WHERE ' . $prefix . 'id = ' . (int) $avatar_data['id'];

+ $db->sql_query($sql);

+

+ // Make sure we also delete this avatar from the users

+ if ($prefix === 'group_')

+ $result = $this->prefix_avatar_columns('user_', self::$default_row);

+

+ $sql = 'UPDATE ' . USERS_TABLE . '

+ SET ' . $db->sql_build_array('UPDATE', $result) . "

+ WHERE user_avatar = '" . $db->sql_escape($avatar_data['avatar']) . "'";

+ $db->sql_query($sql);

+ }

+ /**

+ * Prefix avatar columns

+ *

+ * @param string $prefix Column prefix

+ * @param array $data Column data

+ *

+ * @return array Column data with prefixed column names

+ */

+ public function prefix_avatar_columns($prefix, $data)

+ {

+ foreach ($data as $key => $value)

+ {

+ $data[$prefix . $key] = $value;

+ unset($data[$key]);

+ }

+

+ return $data;

+ /**

+ * Constructor

+ */

+ public function __construct()

+ $this->db->sql_query($sql);

+ if (!$this->db->sql_affectedrows() && isset($this->config[$key]))

+ * Event dispatcher object

+ * @var \phpbb\event\dispatcher

+ */

+ protected $phpbb_dispatcher;

+

+ /**

+ * @param \phpbb\event\dispatcher $phpbb_dispatcher Event dispatcher object

+ public function __construct(\phpbb\auth\auth $auth, \phpbb\config\config $config, \phpbb\event\dispatcher $phpbb_dispatcher, \phpbb\db\driver\driver_interface $db, \phpbb\user $user, $phpbb_root_path, $php_ext, $forums_table, $posts_table, $topics_table, $users_table)

+ $this->phpbb_dispatcher = $phpbb_dispatcher;

+ $get_forums_visibility_sql_overwrite = false;

+ /**

+ * Allow changing the result of calling get_forums_visibility_sql

+ *

+ * @event core.phpbb_content_visibility_get_forums_visibility_before

+ * @var string where_sql The action the user tried to execute

+ * @var string mode Either "topic" or "post" depending on the query this is being used in

+ * @var array forum_ids Array of forum ids which the posts/topics are limited to

+ * @var string table_alias Table alias to prefix in SQL queries

+ * @var array approve_forums Array of forums where the user has m_approve permissions

+ * @var mixed get_forums_visibility_sql_overwrite If a string, forces the function to return get_forums_visibility_sql_overwrite after executing the event

+ * If false, get_forums_visibility_sql continues normally

+ * It must be either boolean or string

+ * @since 3.1.3-RC1

+ */

+ $vars = array(

+ 'where_sql',

+ 'mode',

+ 'forum_ids',

+ 'table_alias',

+ 'approve_forums',

+ 'get_forums_visibility_sql_overwrite',

+ );

+ extract($this->phpbb_dispatcher->trigger_event('core.phpbb_content_visibility_get_forums_visibility_before', compact($vars)));

+

+ if ($get_forums_visibility_sql_overwrite !== false)

+ {

+ return $get_forums_visibility_sql_overwrite;

+ }

+

+ $visibility_sql_overwrite = null;

+

+ /**

+ * Allow changing the result of calling get_global_visibility_sql

+ *

+ * @event core.phpbb_content_visibility_get_global_visibility_before

+ * @var array where_sqls The action the user tried to execute

+ * @var string mode Either "topic" or "post" depending on the query this is being used in

+ * @var array forum_ids Array of forum ids which the posts/topics are limited to

+ * @var string table_alias Table alias to prefix in SQL queries

+ * @var array approve_forums Array of forums where the user has m_approve permissions

+ * @var string visibility_sql_overwrite Forces the function to return an implosion of where_sqls (joined by "OR")

+ * @since 3.1.3-RC1

+ */

+ $vars = array(

+ 'where_sqls',

+ 'mode',

+ 'forum_ids',

+ 'table_alias',

+ 'approve_forums',

+ 'visibility_sql_overwrite',

+ );

+ extract($this->phpbb_dispatcher->trigger_event('core.phpbb_content_visibility_get_global_visibility_before', compact($vars)));

+

+ if ($visibility_sql_overwrite)

+ {

+ return $visibility_sql_overwrite;

+ }

+

+ /* @var \phpbb\request\request_interface */

+ protected $request;

+

+ * @param \phpbb\request\request_interface $request phpBB request object

+ public function __construct(\phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\controller\provider $provider, \phpbb\extension\manager $manager, \phpbb\symfony_request $symfony_request, \phpbb\request\request_interface $request, \phpbb\filesystem $filesystem, $phpbb_root_path, $php_ext)

+ $this->request = $request;

+ $base_url = $this->request->escape($this->filesystem->clean_path($base_url), true);

+ return generate_board_url(true) . $this->request->escape($this->symfony_request->getRequestUri(), true);

+ if (strpos($captcha_plugin, 'phpbb_captcha_') === 0)

+ $captcha_plugin = substr($captcha_plugin, strlen('phpbb_captcha_'));

+ }

+ else if (strpos($captcha_plugin, 'phpbb_') === 0)

+ {

+ $captcha_plugin = substr($captcha_plugin, strlen('phpbb_'));

+ protected $indexes;

+

+ if (strpos($this->db->get_sql_layer(), 'mysql') === false)

+ {

+ return true;

+ }

+

+ $this->find_indexes_to_drop();

+ return empty($this->indexes);

+ if (empty($this->indexes))

+ {

+ return array();

+ }

+

+ $this->table_prefix . 'posts' => $this->indexes,

+

+ public function find_indexes_to_drop()

+ {

+ if ($this->indexes !== null)

+ {

+ return $this->indexes;

+ }

+

+ $this->indexes = array();

+ $potential_keys = array('post_subject', 'post_text', 'post_content');

+ foreach ($potential_keys as $key)

+ {

+ if ($this->db_tools->sql_index_exists($this->table_prefix . 'posts', $key))

+ {

+ $this->indexes[] = $key;

+ }

+ }

+

+ return $this->indexes;

+ }

+ protected $indexes;

+

+ if (strpos($this->db->get_sql_layer(), 'postgres') === false)

+ {

+ return true;

+ }

+

+ $this->find_indexes_to_drop();

+ return empty($this->indexes);

+ if (empty($this->indexes))

+ {

+ return array();

+ }

+

+ $this->table_prefix . 'posts' => $this->indexes,

+

+ public function find_indexes_to_drop()

+ {

+ if ($this->indexes !== null)

+ {

+ return $this->indexes;

+ }

+

+ $this->indexes = array();

+ $potential_keys = array('post_subject', 'post_text', 'post_content');

+ foreach ($potential_keys as $key)

+ {

+ if ($this->db_tools->sql_index_exists($this->table_prefix . 'posts', $key))

+ {

+ $this->indexes[] = $key;

+ }

+ }

+

+ return $this->indexes;

+ }

+ (is_dir($this->phpbb_root_path . 'includes/captcha/plugins/') &&

+ !is_file($this->phpbb_root_path . "includes/captcha/plugins/{$this->config['captcha_plugin']}_plugin." . $this->php_ext)),

+ FROM ' . STYLES_TABLE . ' s, ' . $this->table_prefix . 'styles_template t, ' . $this->table_prefix . "styles_theme c

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class plupload_last_gc_dynamic extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array('\phpbb\db\migration\data\v31x\v312');

+ }

+

+ public function update_data()

+ {

+ return array(

+ // Make plupload_last_gc dynamic.

+ array('config.remove', array('plupload_last_gc')),

+ array('config.add', array('plupload_last_gc', 0, 1)),

+ );

+ }

+}

+<?php

+

+/**

+ *

+ * This file is part of the phpBB Forum Software package.

+ *

+ * @copyright (c) phpBB Limited <https://www.phpbb.com>

+ * @license GNU General Public License, version 2 (GPL-2.0)

+ *

+ * For full copyright and license information, please see

+ * the docs/CREDITS.txt file.

+ *

+ */

+

+namespace phpbb\db\migration\data\v31x;

+

+class profilefield_remove_underscore_from_alpha extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array('\phpbb\db\migration\data\v31x\v311');

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('custom', array(array($this, 'remove_underscore_from_alpha_validations'))),

+ );

+ }

+

+ public function remove_underscore_from_alpha_validations()

+ {

+ $this->update_validation_rule('[\w]+', '[a-zA-Z0-9]+');

+ $this->update_validation_rule('[\w_]+', '[\w]+');

+ $this->update_validation_rule('[\w.]+', '[a-zA-Z0-9.]+');

+ $this->update_validation_rule('[\w\x20_+\-\[\]]+', '[\w\x20+\-\[\]]+');

+ $this->update_validation_rule('[a-zA-Z][\w\.,\-_]+', '[a-zA-Z][\w\.,\-]+');

+ }

+

+ public function update_validation_rule($old_validation, $new_validation)

+ {

+ $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "

+ SET field_validation = '" . $this->db->sql_escape($new_validation) . "'

+ WHERE field_validation = '" . $this->db->sql_escape($old_validation) . "'";

+ $this->db->sql_query($sql);

+ }

+}

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class profilefield_yahoo_update_url extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array('\phpbb\db\migration\data\v31x\v312');

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('custom', array(array($this, 'update_contact_url'))),

+ );

+ }

+

+ public function update_contact_url()

+ {

+ $sql = 'UPDATE ' . $this->table_prefix . "profile_fields

+ SET field_contact_url = 'ymsgr:sendim?%s'

+ WHERE field_name = 'phpbb_yahoo'

+ AND field_contact_url = 'http://edit.yahoo.com/config/send_webmesg?.target=%s&amp;.src=pg'";

+ $this->sql_query($sql);

+ }

+}

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class update_custom_bbcodes_with_idn extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array(

+ '\phpbb\db\migration\data\v31x\v312',

+ );

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('custom', array(array($this, 'update_bbcodes_table'))),

+ );

+ }

+

+ public function update_bbcodes_table()

+ {

+ if (!class_exists('acp_bbcodes'))

+ {

+ include($this->phpbb_root_path . 'includes/acp/acp_bbcodes.' . $this->php_ext);

+ }

+

+ $bbcodes = new \acp_bbcodes();

+

+ $sql = 'SELECT bbcode_id, bbcode_match, bbcode_tpl

+ FROM ' . BBCODES_TABLE;

+ $result = $this->sql_query($sql);

+

+ $sql_ary = array();

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ $data = array();

+ if (preg_match('/(URL|LOCAL_URL|RELATIVE_URL)/', $row['bbcode_match']))

+ {

+ $data = $bbcodes->build_regexp($row['bbcode_match'], $row['bbcode_tpl']);

+ $sql_ary[$row['bbcode_id']] = array(

+ 'first_pass_match' => $data['first_pass_match'],

+ 'first_pass_replace' => $data['first_pass_replace'],

+ 'second_pass_match' => $data['second_pass_match'],

+ 'second_pass_replace' => $data['second_pass_replace']

+ );

+ }

+ }

+ $this->db->sql_freeresult($result);

+

+ foreach ($sql_ary as $bbcode_id => $bbcode_data)

+ {

+ $sql = 'UPDATE ' . BBCODES_TABLE . '

+ SET ' . $this->db->sql_build_array('UPDATE', $bbcode_data) . '

+ WHERE bbcode_id = ' . (int) $bbcode_id;

+ $this->sql_query($sql);

+ }

+ }

+}

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class v312 extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array(

+ '\phpbb\db\migration\data\v31x\v312rc1',

+ );

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('config.update', array('version', '3.1.2')),

+ );

+ }

+}

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb\db\migration\data\v31x;

+

+class v312rc1 extends \phpbb\db\migration\migration

+{

+ static public function depends_on()

+ {

+ return array(

+ '\phpbb\db\migration\data\v31x\v311',

+ '\phpbb\db\migration\data\v31x\m_softdelete_global',

+ );

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('config.update', array('version', '3.1.2-RC1')),

+ );

+ }

+}

+ $this->user->add_lang('acp/modules');

+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD INDEX ' . $index_name . ' (' . implode(', ', $column) . ')';

+ $parameters = array(

+ 'core.adm_relative_path' => $this->config_php->get('phpbb_adm_relative_path') ? $this->config_php->get('phpbb_adm_relative_path') : 'adm/',

+ 'core.table_prefix' => $this->config_php->get('table_prefix'),

+ 'cache.driver.class' => $this->convert_30_acm_type($this->config_php->get('acm_type')),

+ 'dbal.driver.class' => $this->config_php->convert_30_dbms_to_31($this->config_php->get('dbms')),

+ 'dbal.dbhost' => $this->config_php->get('dbhost'),

+ 'dbal.dbuser' => $this->config_php->get('dbuser'),

+ 'dbal.dbpasswd' => $this->config_php->get('dbpasswd'),

+ 'dbal.dbname' => $this->config_php->get('dbname'),

+ 'dbal.dbport' => $this->config_php->get('dbport'),

+ 'dbal.new_link' => defined('PHPBB_DB_NEW_LINK') && PHPBB_DB_NEW_LINK,

+ );

+ $parameter_bag = $container->getParameterBag();

+

+ foreach ($parameters as $parameter => $value)

+ {

+ $container->setParameter($parameter, $parameter_bag->escapeValue($value));

+ }

+ var $error_types;

+ /**

+ * Constructor.

+ *

+ * The variable $error_types may be set to a mask of PHP error types that

+ * the collector should keep, e.g. `E_ALL`. If unset, the current value of

+ * the error_reporting() function will be used to determine which errors

+ * the collector will keep.

+ *

+ * @see PHPBB3-13306

+ * @param int|null $error_types

+ */

+ function __construct($error_types = null)

+ $this->error_types = $error_types;

+ set_error_handler(array(&$this, 'error_handler'), ($this->error_types !== null) ? $this->error_types : error_reporting());

+ array_walk_recursive($metadata, array($this, 'sanitize_json'));

+ * Sanitize input from JSON array using htmlspecialchars()

+ *

+ * @param mixed $value Value of array row

+ * @param string $key Key of array row

+ */

+ public function sanitize_json(&$value, $key)

+ {

+ $value = htmlspecialchars($value);

+ }

+

+ /**

+ 'META_NAME' => $this->metadata['name'],

+ 'META_TYPE' => $this->metadata['type'],

+ 'META_DESCRIPTION' => (isset($this->metadata['description'])) ? $this->metadata['description'] : '',

+ 'META_VERSION' => (isset($this->metadata['version'])) ? $this->metadata['version'] : '',

+ 'META_TIME' => (isset($this->metadata['time'])) ? $this->metadata['time'] : '',

+ 'META_LICENSE' => $this->metadata['license'],

+ 'META_REQUIRE_PHP' => (isset($this->metadata['require']['php'])) ? $this->metadata['require']['php'] : '',

+ 'META_REQUIRE_PHPBB' => (isset($this->metadata['extra']['soft-require']['phpbb/phpbb'])) ? $this->metadata['extra']['soft-require']['phpbb/phpbb'] : '',

+ 'META_DISPLAY_NAME' => (isset($this->metadata['extra']['display-name'])) ? $this->metadata['extra']['display-name'] : '',

+ 'AUTHOR_NAME' => $author['name'],

+ 'AUTHOR_ROLE' => (isset($author['role'])) ? $author['role'] : '',

+<?php

+/**

+*

+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+*

+*/

+

+namespace phpbb;

+

+class file_downloader

+{

+ /** @var string Error string */

+ protected $error_string = '';

+

+ /** @var int Error number */

+ protected $error_number = 0;

+

+ /**

+ * Retrieve contents from remotely stored file

+ *

+ * @param string $host File host

+ * @param string $directory Directory file is in

+ * @param string $filename Filename of file to retrieve

+ * @param int $port Port to connect to; default: 80

+ * @param int $timeout Connection timeout in seconds; default: 6

+ *

+ * @return mixed File data as string if file can be read and there is no

+ * timeout, false if there were errors or the connection timed out

+ *

+ * @throws \RuntimeException If data can't be retrieved and no error

+ * message is returned

+ */

+ public function get($host, $directory, $filename, $port = 80, $timeout = 6)

+ {

+ // Set default values for error variables

+ $this->error_number = 0;

+ $this->error_string = '';

+

+ if ($socket = @fsockopen($host, $port, $this->error_number, $this->error_string, $timeout))

+ {

+ @fputs($socket, "GET $directory/$filename HTTP/1.0\r\n");

+ @fputs($socket, "HOST: $host\r\n");

+ @fputs($socket, "Connection: close\r\n\r\n");

+

+ $timer_stop = time() + $timeout;

+ stream_set_timeout($socket, $timeout);

+

+ $file_info = '';

+ $get_info = false;

+

+ while (!@feof($socket))

+ {

+ if ($get_info)

+ {

+ $file_info .= @fread($socket, 1024);

+ }

+ else

+ {

+ $line = @fgets($socket, 1024);

+ if ($line == "\r\n")

+ {

+ $get_info = true;

+ }

+ else if (stripos($line, '404 not found') !== false)

+ {

+ throw new \RuntimeException(array('FILE_NOT_FOUND', $filename));

+ }

+ }

+

+ $stream_meta_data = stream_get_meta_data($socket);

+

+ if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)

+ {

+ throw new \RuntimeException('FSOCK_TIMEOUT');

+ }

+ }

+ @fclose($socket);

+ }

+ else

+ {

+ if ($this->error_string)

+ {

+ $this->error_string = utf8_convert_message($this->error_string);

+ return false;

+ }

+ else

+ {

+ throw new \RuntimeException('FSOCK_DISABLED');

+ }

+ }

+

+ return $file_info;

+ }

+

+ /**

+ * Get error string

+ *

+ * @return string Error string

+ */

+ public function get_error_string()

+ {

+ return $this->error_string;

+ }

+

+ /**

+ * Get error number

+ *

+ * @return int Error number

+ */

+ public function get_error_number()

+ {

+ return $this->error_number;

+ }

+}

+ /**

+ * Allow modifying or execute extra final filter on log entries

+ *

+ * @event core.get_logs_after

+ * @var array log Array with all our log entries

+ * @var array topic_id_list Array of topic ids, for which we

+ * get the permission data

+ * @var array reportee_id_list Array of additional user IDs we

+ * get the username strings for

+ * @var string mode Mode of the entries we display

+ * @var bool count_logs Do we count all matching entries?

+ * @var int limit Limit the number of entries

+ * @var int offset Offset when fetching the entries

+ * @var mixed forum_id Limit entries to the forum_id,

+ * can also be an array of forum_ids

+ * @var int topic_id Limit entries to the topic_id

+ * @var int user_id Limit entries to the user_id

+ * @var int log_time Limit maximum age of log entries

+ * @var string sort_by SQL order option

+ * @var string keywords Will only return entries that have the

+ * keywords in log_operation or log_data

+ * @var string profile_url URL to the users profile

+ * @var int log_type The type of logs it was filtered

+ * @since 3.1.3-RC1

+ */

+ $vars = array(

+ 'log',

+ 'topic_id_list',

+ 'reportee_id_list',

+ 'mode',

+ 'count_logs',

+ 'limit',

+ 'offset',

+ 'forum_id',

+ 'topic_id',

+ 'user_id',

+ 'log_time',

+ 'sort_by',

+ 'keywords',

+ 'profile_url',

+ 'log_type',

+ );

+ extract($this->dispatcher->trigger_event('core.get_logs_after', compact($vars)));

+

+ $this->message->set_body($this->body);

+ /** @var \phpbb\event\dispatcher */

+ protected $phpbb_dispatcher;

+

+ * @param \phpbb\event\dispatcher $phpbb_dispatcher

+ public function __construct($notification_types, $notification_methods, ContainerInterface $phpbb_container, \phpbb\user_loader $user_loader, \phpbb\config\config $config, \phpbb\event\dispatcher $phpbb_dispatcher, \phpbb\db\driver\driver_interface $db, \phpbb\cache\service $cache, $user, $phpbb_root_path, $php_ext, $notification_types_table, $notifications_table, $user_notifications_table)

+ $this->phpbb_dispatcher = $phpbb_dispatcher;

+ (($item_parent_id !== false) ? ' AND ' . (is_array($item_parent_id) ? $this->db->sql_in_set('item_parent_id', $item_parent_id, false, true) : 'item_parent_id = ' . (int) $item_parent_id) : '') .

+ /**

+ * Allow filtering the notify_users array for a notification that is about to be sent.

+ * Here, $notify_users is already filtered by f_read and the ignored list included in the options variable

+ *

+ * @event core.notification_manager_add_notifications

+ * @var string notification_type_name The forum id from where the topic belongs

+ * @var array data Data specific for the notification_type_name used will be inserted

+ * @var array notify_users The array of userid that are going to be notified for this notification. Set to array() to cancel.

+ * @var array options The options that were used when this method was called (read only)

+ *

+ * @since 3.1.3-RC1

+ */

+ $vars = array(

+ 'notification_type_name',

+ 'data',

+ 'notify_users',

+ 'options',

+ );

+ extract($this->phpbb_dispatcher->trigger_event('core.notification_manager_add_notifications', compact($vars)));

+

+ // We do not need to escape $path_info, $request_uri and $script_name because we can not find their content in the result.

+ // We need to escape $absolute_board_url because it can be partially concatenated to the result.

+ $absolute_board_url = $this->request->escape($this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath(), true);

+

+ $absolute_board_url

+ while (($dir_position = strpos($absolute_board_url, $referer_dir)) !== 0)

+

+ // Just return phpbb_root_path if we reach the top directory

+ if ($referer_dir === '.')

+ {

+ return $this->phpbb_root_path;

+ }

+

+ /**

+ * Get a valid page

+ *

+ * @param string $page The page to verify

+ * @param bool $mod_rewrite Whether mod_rewrite is enabled, default: false

+ *

+ * @return string A valid page based on given page and mod_rewrite

+ */

+ public function get_valid_page($page, $mod_rewrite = false)

+ {

+ // We need to be cautious here.

+ // On some situations, the redirect path is an absolute URL, sometimes a relative path

+ // For a relative path, let's prefix it with $phpbb_root_path to point to the correct location,

+ // else we use the URL directly.

+ $url_parts = parse_url($page);

+

+ // URL

+ if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host']))

+ {

+ // Remove 'app.php/' from the page, when rewrite is enabled.

+ // Treat app.php as a reserved file name and remove on mod rewrite

+ // even if it might not be in the phpBB root.

+ if ($mod_rewrite && ($app_position = strpos($page, 'app.' . $this->php_ext . '/')) !== false)

+ {

+ $page = substr($page, 0, $app_position) . substr($page, $app_position + strlen('app.' . $this->php_ext . '/'));

+ }

+

+ // Remove preceding slashes from page name and prepend root path

+ $page = $this->get_phpbb_root_path() . ltrim($page, '/\\');

+ }

+

+ return $page;

+ }

+ $default_value = '';

+ $lang_fields = array(

+ 'l_lang_name',

+ 'l_lang_explain',

+ 'l_lang_default_value',

+ 'l_lang_options',

+ );

+

+ if (in_array($key, $lang_fields))

+ {

+ $default_value = array(0 => '');

+ }

+ return $this->request->variable($key, $default_value, true);

+ if ($key == 'l_lang_options' && $this->request->is_set($key))

+ 'ALPHA_ONLY' => '[a-zA-Z0-9]+',

+ 'ALPHA_UNDERSCORE' => '[\w]+',

+ 'ALPHA_DOTS' => '[a-zA-Z0-9.]+',

+ 'ALPHA_SPACERS' => '[\w\x20+\-\[\]]+',

+ 'ALPHA_PUNCTUATION' => '[a-zA-Z][\w\.,\-]+',

+ if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $field_value))

+ return $this->variable($form_name, array('name' => 'none'), true, \phpbb\request\request_interface::FILES);

+

+ /**

+ * {@inheritdoc}

+ */

+ public function escape($var, $multibyte)

+ {

+ if (is_array($var))

+ {

+ $result = array();

+ foreach ($var as $key => $value)

+ {

+ $this->type_cast_helper->set_var($key, $key, gettype($key), $multibyte);

+ $result[$key] = $this->escape($value, $multibyte);

+ }

+ $var = $result;

+ }

+ else

+ {

+ $this->type_cast_helper->set_var($var, $var, 'string', $multibyte);

+ }

+

+ return $var;

+ }

+

+ /**

+ * Escape a string variable.

+ *

+ * @param mixed $value The contents to fill with

+ * @param bool $multibyte Indicates whether string values may contain UTF-8 characters.

+ * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.

+ * @return string|array

+ */

+ public function escape($value, $multibyte);

+ trigger_error(sprintf($this->user->lang['WORDS_IN_NO_POST'], implode($this->user->lang['COMMA_SEPARATOR'], $non_common_words)));

+ * Extract current session page

+ *

+ * @param string $root_path current root path (phpbb_root_path)

+ * @return array

+ */

+ $script_name = $request->escape($symfony_request->getScriptName(), true);

+ $args = $request->escape(explode('&', $symfony_request->getQueryString()), true);

+ $domain = (!$config['cookie_domain'] || $config['cookie_domain'] == '127.0.0.1' || strpos($config['cookie_domain'], '.') === false) ? '' : '; domain=' . $config['cookie_domain'];

+ global $config, $db, $phpbb_dispatcher;

+ /**

+ * Event to set custom ban type

+ *

+ * @event core.session_set_custom_ban

+ * @var bool return If $return is false this routine does not return on finding a banned user, it outputs a relevant message and stops execution

+ * @var bool banned Check if user already banned

+ * @var array|false ban_row Ban data

+ * @var string ban_triggered_by Method that caused ban, can be your custom method

+ * @since 3.1.3-RC1

+ */

+ $ban_row = isset($ban_row) ? $ban_row : false;

+ $vars = array('return', 'banned', 'ban_row', 'ban_triggered_by');

+ extract($phpbb_dispatcher->trigger_event('core.session_set_custom_ban', compact($vars)));

+

+/**

+ * WARNING: The Symfony request does not escape the input and should be used very carefully

+ * prefer the phpbb request as possible

+ */

+ if (defined('DEBUG'))

+ {

+ $this->twig->addExtension(new \Twig_Extension_Debug());

+ }

+

+ $theme_path = $path . 'theme/';

+ $is_valid_dir = false;

+ $is_valid_dir = true;

+ $paths[] = $template_path;

+ }

+ if (is_dir($theme_path))

+ {

+ $is_valid_dir = true;

+ $paths[] = $theme_path;

+ }

+

+ if ($is_valid_dir)

+ {

+ $ext_style_theme_path = $ext_style_path . 'theme/';

+ $ext_style_theme_path = $ext_style_path . 'theme/';

+ $ext_style_theme_path = $ext_style_path . 'theme/';

+ $ok = false;

+ $ok = true;

+ $paths[] = $ext_style_template_path;

+ }

+ if (is_dir($ext_style_theme_path))

+ {

+ $ok = true;

+ $paths[] = $ext_style_theme_path;

+ }

+

+ if ($ok)

+ {

+ /** @var \phpbb\file_downloader */

+ protected $file_downloader;

+

+ * @param \phpbb\file_downloader $file_downloader

+ public function __construct(\phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\file_downloader $file_downloader, \phpbb\user $user)

+ $this->file_downloader = $file_downloader;

+ try {

+ $info = $this->file_downloader->get($this->host, $this->path, $this->file);

+ }

+ catch (\RuntimeException $exception)

+ {

+ throw new \RuntimeException($this->user->lang($exception->getMessage()));

+ }

+ $error_string = $this->file_downloader->get_error_string();

+ if (!empty($error_string))

+ throw new \RuntimeException($error_string);

+ // Sanitize any data we retrieve from a server

+ if (!empty($info))

+ {

+ $json_sanitizer = function (&$value, $key) {

+ $type_cast_helper = new \phpbb\request\type_cast_helper();

+ $type_cast_helper->set_var($value, $value, gettype($value), true);

+ };

+ array_walk_recursive($info, $json_sanitizer);

+ }

+