diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/adm/style/acp_forums.html | 10 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 26 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 2 | ||||
| -rw-r--r-- | phpBB/install/database_update.php | 17 | ||||
| -rw-r--r-- | phpBB/language/en/acp/forums.php | 3 |
5 files changed, 52 insertions, 6 deletions
diff --git a/phpBB/adm/style/acp_forums.html b/phpBB/adm/style/acp_forums.html index ee83beacf3..91c15999e5 100644 --- a/phpBB/adm/style/acp_forums.html +++ b/phpBB/adm/style/acp_forums.html @@ -160,12 +160,18 @@ </dl> <dl> <dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password" name="forum_password" value="{FORUM_PASSWORD}" /></dd> + <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> </dl> <dl> <dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="{FORUM_PASSWORD_CONFIRM}" /></dd> + <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->      <!-- ENDIF -->" /></dd> </dl> + <!-- IF S_FORUM_PASSWORD_SET --> + <dl> + <dt><label for="forum_password_unset">{L_FORUM_PASSWORD_UNSET}:</label><br /><span>{L_FORUM_PASSWORD_UNSET_EXPLAIN}</span></dt> + <dd><input id="forum_password_unset" name="forum_password_unset" type="checkbox" /></dd> + </dl> + <!-- ENDIF --> <dl> <dt><label for="forum_style">{L_FORUM_STYLE}:</label></dt> <dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd> diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 521eafe437..47e12152bc 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -140,6 +140,7 @@ class acp_forums 'prune_sticky' => request_var('prune_sticky', false), 'forum_password' => request_var('forum_password', '', true), 'forum_password_confirm'=> request_var('forum_password_confirm', '', true), + 'forum_password_unset' => request_var('forum_password_unset', false), ); // Use link_display_on_index setting if forum type is link @@ -603,6 +604,11 @@ class acp_forums } } } + + if (strlen($forum_data['forum_password']) == 32) + { + $errors[] = 'FORUM_PASSWORD_OLD'; + } $template->assign_vars(array( 'S_EDIT_FORUM' => true, @@ -629,8 +635,6 @@ class acp_forums 'PRUNE_DAYS' => $forum_data['prune_days'], 'PRUNE_VIEWED' => $forum_data['prune_viewed'], 'TOPICS_PER_PAGE' => $forum_data['forum_topics_per_page'], - 'FORUM_PASSWORD' => $forum_data['forum_password'], - 'FORUM_PASSWORD_CONFIRM' => $forum_data['forum_password_confirm'], 'FORUM_RULES_LINK' => $forum_data['forum_rules_link'], 'FORUM_RULES' => $forum_data['forum_rules'], 'FORUM_RULES_PREVIEW' => $forum_rules_preview, @@ -638,6 +642,7 @@ class acp_forums 'S_BBCODE_CHECKED' => ($forum_rules_data['allow_bbcode']) ? true : false, 'S_SMILIES_CHECKED' => ($forum_rules_data['allow_smilies']) ? true : false, 'S_URLS_CHECKED' => ($forum_rules_data['allow_urls']) ? true : false, + 'S_FORUM_PASSWORD_SET' => (empty($forum_data['forum_password'])) ? false : true, 'FORUM_DESC' => $forum_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => ($forum_desc_data['allow_bbcode']) ? true : false, @@ -938,7 +943,22 @@ class acp_forums { return $errors; } - + + // As we don't know the old password, it's kinda tricky to detect changes + if ($forum_data_sql['forum_password_unset']) + { + $forum_data_sql['forum_password'] = ''; + } + else if (empty($forum_data_sql['forum_password'])) + { + unset($forum_data_sql['forum_password']); + } + else + { + $forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']); + } + unset($forum_data_sql['forum_password_unset']); + if (!isset($forum_data_sql['forum_id'])) { // no forum_id means we're creating a new forum diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index d5cb2ce071..4672751232 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2457,7 +2457,7 @@ function login_forum_box($forum_data) } $db->sql_freeresult($result); - if ($password == $forum_data['forum_password']) + if (phpbb_check_hash($password, $forum_data['forum_password'])) { $sql_ary = array( 'forum_id' => (int) $forum_data['forum_id'], diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index cea393724f..a7713f8e34 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -1551,6 +1551,23 @@ if (version_compare($current_version, '3.0.RC5', '<=')) set_config('form_token_lifetime', '7200'); set_config('form_token_mintime', '0'); + $db->sql_transaction('begin'); + + $sql = 'SELECT forum_id, forum_password + FROM ' . FORUMS_TABLE; + $result = _sql($sql, $errored, $error_ary); + + while ($row = $db->sql_fetchrow($result)) + { + if (!empty($row['forum_password'])) + { + _sql('UPDATE ' . FORUMS_TABLE . " SET forum_password = '" . md5($row['forum_password']) . "' WHERE forum_id = {$row['forum_id']}", $errored, $error_ary); + } + } + $db->sql_freeresult($result); + + $db->sql_transaction('commit'); + $no_updates = false; } diff --git a/phpBB/language/en/acp/forums.php b/phpBB/language/en/acp/forums.php index 3948599659..72c92a6740 100644 --- a/phpBB/language/en/acp/forums.php +++ b/phpBB/language/en/acp/forums.php @@ -91,6 +91,9 @@ $lang = array_merge($lang, array( 'FORUM_PASSWORD_CONFIRM' => 'Confirm forum password', 'FORUM_PASSWORD_CONFIRM_EXPLAIN' => 'Only needs to be set if a forum password is entered.', 'FORUM_PASSWORD_EXPLAIN' => 'Defines a password for this forum, use the permission system in preference.', + 'FORUM_PASSWORD_UNSET' => 'Remove forum password', + 'FORUM_PASSWORD_UNSET_EXPLAIN' => 'Check here if you want to remove the forum password.', + 'FORUM_PASSWORD_OLD' => 'The forum password is using an old encryption and should be changed.', 'FORUM_PASSWORD_MISMATCH' => 'The passwords you entered did not match.', 'FORUM_PRUNE_SETTINGS' => 'Forum prune settings', 'FORUM_RESYNCED' => 'Forum ā%sā successfully resynced', |