diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/bbcode.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/functions_content.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/functions_transfer.php | 55 | ||||
| -rw-r--r-- | phpBB/styles/subsilver2/template/attachment.html | 2 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 14 |
5 files changed, 66 insertions, 15 deletions
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index d77bb3c4a7..9356e3e9b4 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -584,6 +584,13 @@ class bbcode $code = str_replace("\t", ' ', $code); $code = str_replace(' ', ' ', $code); $code = str_replace(' ', ' ', $code); + $code = str_replace("\n ", "\n ", $code); + + // keep space at the beginning + if (!empty($code) && $code[0] == ' ') + { + $code = ' ' . substr($code, 1); + } // remove newline at the beginning if (!empty($code) && $code[0] == "\n") diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index b7650ecd6a..b34976db2a 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -691,6 +691,9 @@ function censor_text($text) return ''; } + // Strip control characters + $text = preg_replace('/[\x00-\x0f]/', '', $text); + // We moved the word censor checks in here because we call this function quite often - and then only need to do the check once if (!isset($censors) || !is_array($censors)) { diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php index 046abede8e..5ab7a87efd 100644 --- a/phpBB/includes/functions_transfer.php +++ b/phpBB/includes/functions_transfer.php @@ -808,23 +808,56 @@ class ftp_fsock extends transfer */ function _open_data_connection() { - $this->_send_command('PASV', '', false); - - if (!$ip_port = $this->_check_command(true)) + // Try to find out whether we have a IPv4 or IPv6 (control) connection + if (function_exists('stream_socket_get_name')) { - return false; + $socket_name = stream_socket_get_name($this->connection, true); + $server_ip = substr($socket_name, 0, strrpos($socket_name, ':')); } - // open the connection to start sending the file - if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip)) { - // bad ip and port - return false; + // Passive mode + $this->_send_command('PASV', '', false); + + if (!$ip_port = $this->_check_command(true)) + { + return false; + } + + // open the connection to start sending the file + if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + { + // bad ip and port + return false; + } + + $temp = explode(',', $temp[0]); + $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; + $server_port = $temp[4] * 256 + $temp[5]; + } + else + { + // Extended Passive Mode - RFC2428 + $this->_send_command('EPSV', '', false); + + if (!$epsv_response = $this->_check_command(true)) + { + return false; + } + + // Response looks like "229 Entering Extended Passive Mode (|||12345|)" + // where 12345 is the tcp port for the data connection + if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match)) + { + return false; + } + $server_port = (int) $match[1]; + + // fsockopen expects IPv6 address in square brackets + $server_ip = "[$server_ip]"; } - $temp = explode(',', $temp[0]); - $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; - $server_port = $temp[4] * 256 + $temp[5]; $errno = 0; $errstr = ''; diff --git a/phpBB/styles/subsilver2/template/attachment.html b/phpBB/styles/subsilver2/template/attachment.html index b5b547b2e6..fca620b481 100644 --- a/phpBB/styles/subsilver2/template/attachment.html +++ b/phpBB/styles/subsilver2/template/attachment.html @@ -72,7 +72,7 @@ <param name="controller" value="true"> <param name="autoplay" value="false" /> <param name="type" value="video/quicktime"> - <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false"> + <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false"></embed> </object> <!-- ELSEIF _file.S_RM_FILE --> <object id="rmstream_{_file.ATTACH_ID}" classid="clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA" width="200" height="50"> diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index f1ab30aad3..203b8586ce 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -196,7 +196,7 @@ if ($db->sql_layer === 'firebird') // The FROM-Order is quite important here, else t.* columns can not be correctly bound. if ($post_id) { - $sql_array['SELECT'] .= ', p.post_approved, p.post_time'; + $sql_array['SELECT'] .= ', p.post_approved, p.post_time, p.post_id'; $sql_array['FROM'][POSTS_TABLE] = 'p'; } @@ -317,8 +317,16 @@ if ($post_id) $sql = 'SELECT COUNT(p.post_id) AS prev_posts FROM ' . POSTS_TABLE . " p WHERE p.topic_id = {$topic_data['topic_id']} - " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . ' - AND ' . (($sort_dir == 'd') ? "p.post_time >= {$topic_data['post_time']}" : "p.post_time <= {$topic_data['post_time']}"); + " . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : ''); + + if ($sort_dir == 'd') + { + $sql .= " AND (p.post_time > {$topic_data['post_time']} OR (p.post_time = {$topic_data['post_time']} AND p.post_id >= {$topic_data['post_id']}))"; + } + else + { + $sql .= " AND (p.post_time < {$topic_data['post_time']} OR (p.post_time = {$topic_data['post_time']} AND p.post_id <= {$topic_data['post_id']}))"; + } $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); |