diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/docs/AUTHORS | 5 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_groups.php | 10 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 20 | ||||
| -rw-r--r-- | phpBB/includes/search/fulltext_mysql.php | 11 | ||||
| -rw-r--r-- | phpBB/install/install_update.php | 4 | ||||
| -rw-r--r-- | phpBB/language/en/acp/search.php | 2 |
6 files changed, 36 insertions, 16 deletions
diff --git a/phpBB/docs/AUTHORS b/phpBB/docs/AUTHORS index fcef26daa1..5995bd2ab4 100644 --- a/phpBB/docs/AUTHORS +++ b/phpBB/docs/AUTHORS @@ -24,10 +24,9 @@ phpBB Lead Developer: naderman (Nils Adermann) phpBB Developers: bantu (Andreas Fischer) EXreaction (Nathan Guse) - igorw (Igor Wiedler) + dhruv.goel92 (Dhruv Goel) imkingdavid (David King) nickvergessen (Joas Schilling) - Oleg (Oleg Pudeyev) Contributions by: leviatan21 (Gabriel Vazquez) Raimon (Raimon Meuldijk) @@ -53,6 +52,8 @@ phpBB Developers: A_Jelly_Doughnut (Josh Woody) [01/2010 - 11/2010] dhn (Dominik Dröscher) [05/2007 - 01/2011] GrahamJE (Graham Eames) [09/2005 - 11/2006] kellanved (Henry Sudhof) [04/2007 - 03/2011] + igorw (Igor Wiedler) [08/2010 - 02/2013] + Oleg (Oleg Pudeyev) [01/2011 - 05/2013] rxu (Ruslan Uzdenov) [04/2010 - 12/2012] TerraFrost (Jim Wigginton) [04/2009 - 01/2011] ToonArmy (Chris Smith) [06/2008 - 11/2011] diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 83c355540e..9b9ea38e07 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -80,6 +80,11 @@ class acp_groups case 'approve': case 'demote': case 'promote': + if (!check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING); @@ -252,6 +257,11 @@ class acp_groups break; case 'addusers': + if (!check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index e5cbae0d71..2e5130c5b8 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -423,16 +423,6 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage $cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE; - // Make sure the image category only holds valid images... - if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) - { - $file->remove(); - - // If this error occurs a user tried to exploit an IE Bug by renaming extensions - // Since the image category is displaying content inline we need to catch this. - trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); - } - // Do we have to create a thumbnail? $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0; @@ -473,6 +463,16 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage return $filedata; } + // Make sure the image category only holds valid images... + if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) + { + $file->remove(); + + // If this error occurs a user tried to exploit an IE Bug by renaming extensions + // Since the image category is displaying content inline we need to catch this. + trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); + } + $filedata['filesize'] = $file->get('filesize'); $filedata['mimetype'] = $file->get('mimetype'); $filedata['extension'] = $file->get('extension'); diff --git a/phpBB/includes/search/fulltext_mysql.php b/phpBB/includes/search/fulltext_mysql.php index bd4c003397..f28b8885e7 100644 --- a/phpBB/includes/search/fulltext_mysql.php +++ b/phpBB/includes/search/fulltext_mysql.php @@ -86,9 +86,16 @@ class fulltext_mysql extends search_backend $engine = $info['Type']; } - if ($engine != 'MyISAM') + $fulltext_supported = + $engine === 'MyISAM' || + // FULLTEXT is supported on InnoDB since MySQL 5.6.4 according to + // http://dev.mysql.com/doc/refman/5.6/en/innodb-storage-engine.html + $engine === 'InnoDB' && + phpbb_version_compare($db->sql_server_info(true), '5.6.4', '>='); + + if (!$fulltext_supported) { - return $user->lang['FULLTEXT_MYSQL_NOT_MYISAM']; + return $user->lang['FULLTEXT_MYSQL_NOT_SUPPORTED']; } $sql = 'SHOW VARIABLES diff --git a/phpBB/install/install_update.php b/phpBB/install/install_update.php index ec76f2a407..c18a0fb4ec 100644 --- a/phpBB/install/install_update.php +++ b/phpBB/install/install_update.php @@ -1656,7 +1656,9 @@ class install_update extends module { case 'version_info': global $phpbb_root_path, $phpEx; - $info = get_remote_file('www.phpbb.com', '/updatecheck', ((defined('PHPBB_QA')) ? '30x_qa.txt' : '30x.txt'), $errstr, $errno); + + $info = get_remote_file('version.phpbb.com', '/phpbb', + ((defined('PHPBB_QA')) ? '30x_qa.txt' : '30x.txt'), $errstr, $errno); if ($info !== false) { diff --git a/phpBB/language/en/acp/search.php b/phpBB/language/en/acp/search.php index a7d687d7c2..79ac75c833 100644 --- a/phpBB/language/en/acp/search.php +++ b/phpBB/language/en/acp/search.php @@ -53,7 +53,7 @@ $lang = array_merge($lang, array( 'DELETING_INDEX_IN_PROGRESS_EXPLAIN' => 'The search backend is currently cleaning its index. This can take a few minutes.', 'FULLTEXT_MYSQL_INCOMPATIBLE_VERSION' => 'The MySQL fulltext backend can only be used with MySQL4 and above.', - 'FULLTEXT_MYSQL_NOT_MYISAM' => 'MySQL fulltext indexes can only be used with MyISAM tables.', + 'FULLTEXT_MYSQL_NOT_SUPPORTED' => 'MySQL fulltext indexes can only be used with MyISAM or InnoDB tables. MySQL 5.6.4 or later is required for fulltext indexes on InnoDB tables.', 'FULLTEXT_MYSQL_TOTAL_POSTS' => 'Total number of indexed posts', 'FULLTEXT_MYSQL_MBSTRING' => 'Support for non-latin UTF-8 characters using mbstring:', 'FULLTEXT_MYSQL_PCRE' => 'Support for non-latin UTF-8 characters using PCRE:', |