diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/config/default/container/services_console.yml | 1 | ||||
| -rw-r--r-- | phpBB/config/default/container/services_feed.yml | 9 | ||||
| -rw-r--r-- | phpBB/docs/nginx.sample.conf | 10 | ||||
| -rw-r--r-- | phpBB/language/en/acp/board.php | 4 | ||||
| -rw-r--r-- | phpBB/phpbb/console/exception_subscriber.php | 13 | ||||
| -rw-r--r-- | phpBB/phpbb/feed/helper.php | 55 | ||||
| -rw-r--r-- | phpBB/phpbb/feed/quote_helper.php | 36 | ||||
| -rw-r--r-- | phpBB/phpbb/log/log.php | 14 | ||||
| -rw-r--r-- | phpBB/viewforum.php | 17 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 4 |
10 files changed, 116 insertions, 47 deletions
diff --git a/phpBB/config/default/container/services_console.yml b/phpBB/config/default/container/services_console.yml index 697e147d85..a327b74ac4 100644 --- a/phpBB/config/default/container/services_console.yml +++ b/phpBB/config/default/container/services_console.yml @@ -3,7 +3,6 @@ services: class: phpbb\console\exception_subscriber arguments: - '@language' - - '%debug.exceptions%' tags: - { name: kernel.event_subscriber } diff --git a/phpBB/config/default/container/services_feed.yml b/phpBB/config/default/container/services_feed.yml index d3e7924f2f..e8bac4b5ce 100644 --- a/phpBB/config/default/container/services_feed.yml +++ b/phpBB/config/default/container/services_feed.yml @@ -18,9 +18,10 @@ services: class: phpbb\feed\helper arguments: - '@config' + - '@service_container' + - '@path_helper' + - '@text_formatter.renderer' - '@user' - - '%core.root_path%' - - '%core.php_ext%' feed.forum: class: phpbb\feed\forum @@ -78,6 +79,10 @@ services: - '@dispatcher' - '%core.php_ext%' + feed.quote_helper: + class: phpbb\feed\quote_helper + parent: text_formatter.s9e.quote_helper + feed.topic: class: phpbb\feed\topic shared: false diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf index ce929b6e54..55c01a1fc9 100644 --- a/phpBB/docs/nginx.sample.conf +++ b/phpBB/docs/nginx.sample.conf @@ -18,11 +18,11 @@ http { gzip_vary on; gzip_http_version 1.1; gzip_min_length 700; - + # Compression levels over 6 do not give an appreciable improvement # in compression ratio, but take more resources. gzip_comp_level 6; - + # IE 6 and lower do not support gzip with Vary correctly. gzip_disable "msie6"; # Before nginx 0.7.63: @@ -49,9 +49,7 @@ http { server_name myforums.com; # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites: - rewrite ^ http://www.myforums.com$request_uri permanent; - # Equivalent to: - #rewrite ^(.*)$ http://www.myforums.com$1 permanent; + return 301 http://www.myforums.com$request_uri; } # The actual board domain. @@ -72,7 +70,7 @@ http { } # Deny access to internal phpbb files. - location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|phpbb|store|vendor) { + location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|(?<!ext/)phpbb|store|vendor) { deny all; # deny was ignored before 0.8.40 for connections over IPv6. # Use internal directive to prohibit access on older versions. diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index e6c56a5bbb..0578651739 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -357,7 +357,7 @@ $lang = array_merge($lang, array( 'COOKIE_NOTICE' => 'Cookie notice', 'COOKIE_NOTICE_EXPLAIN' => 'If enabled a cookie notice will be displayed to users when visiting your board. This might be required by law depending on the content of your board and enabled extensions.', 'COOKIE_PATH' => 'Cookie path', - 'COOKIE_PATH_EXPLAIN' => 'Note that this is always a slash, it does not matter what your board URL is.', + 'COOKIE_PATH_EXPLAIN' => 'This will usually be the same as your script path or simply a slash to make the cookie accessible across the site domain.', 'COOKIE_SECURE' => 'Cookie secure', 'COOKIE_SECURE_EXPLAIN' => 'If your server is running via SSL set this to enabled else leave as disabled. Having this enabled and not running via SSL will result in server errors during redirects.', 'ONLINE_LENGTH' => 'View online time span', @@ -371,7 +371,7 @@ $lang = array_merge($lang, array( 'ACP_CONTACT_SETTINGS_EXPLAIN' => 'Here you can enable and disable the contact page and also add a text that is displayed on the page.', 'CONTACT_US_ENABLE' => 'Enable contact page', - 'CONTACT_US_ENABLE_EXPLAIN' => 'This page allows users to send emails to board administrators', + 'CONTACT_US_ENABLE_EXPLAIN' => 'This page allows users to send emails to board administrators. Please note that board-wide emails option must be enabled as well. You can find this option in General > Client Communication > Email settings.', 'CONTACT_US_INFO' => 'Contact information', 'CONTACT_US_INFO_EXPLAIN' => 'The message is displayed on the contact page', diff --git a/phpBB/phpbb/console/exception_subscriber.php b/phpBB/phpbb/console/exception_subscriber.php index b920d4abae..b240993203 100644 --- a/phpBB/phpbb/console/exception_subscriber.php +++ b/phpBB/phpbb/console/exception_subscriber.php @@ -29,12 +29,10 @@ class exception_subscriber implements EventSubscriberInterface * Construct method * * @param \phpbb\language\language $language Language object - * @param bool $debug Debug mode */ - public function __construct(\phpbb\language\language $language, $debug = false) + public function __construct(\phpbb\language\language $language) { $this->language = $language; - $this->debug = $debug; } /** @@ -52,14 +50,7 @@ class exception_subscriber implements EventSubscriberInterface $parameters = array_merge(array($original_exception->getMessage()), $original_exception->get_parameters()); $message = call_user_func_array(array($this->language, 'lang'), $parameters); - if ($this->debug) - { - $exception = new \RuntimeException($message , $original_exception->getCode(), $original_exception); - } - else - { - $exception = new \RuntimeException($message , $original_exception->getCode()); - } + $exception = new \RuntimeException($message , $original_exception->getCode(), $original_exception); $event->setException($exception); } diff --git a/phpBB/phpbb/feed/helper.php b/phpBB/phpbb/feed/helper.php index e15d1e131e..7d50b7ce7d 100644 --- a/phpBB/phpbb/feed/helper.php +++ b/phpBB/phpbb/feed/helper.php @@ -13,41 +13,52 @@ namespace phpbb\feed; +use phpbb\config\config; +use phpbb\path_helper; +use phpbb\textformatter\s9e\renderer; +use phpbb\user; +use Symfony\Component\DependencyInjection\ContainerInterface; + /** * Class with some helpful functions used in feeds */ class helper { - /** @var \phpbb\config\config */ + /** @var config */ protected $config; - /** @var \phpbb\user */ - protected $user; + /** @var ContainerInterface */ + protected $container; - /** @var string */ - protected $phpbb_root_path; + /** @var path_helper */ + protected $path_helper; - /** @var string */ - protected $phpEx; + /** @var renderer */ + protected $renderer; + + /** @var user */ + protected $user; /** * Constructor * - * @param \phpbb\config\config $config Config object - * @param \phpbb\user $user User object - * @param string $phpbb_root_path Root path - * @param string $phpEx PHP file extension + * @param config $config Config object + * @param ContainerInterface $container Service container object + * @param path_helper $path_helper Path helper object + * @param renderer $renderer TextFormatter renderer object + * @param user $user User object */ - public function __construct(\phpbb\config\config $config, \phpbb\user $user, $phpbb_root_path, $phpEx) + public function __construct(config $config, ContainerInterface $container, path_helper $path_helper, renderer $renderer, user $user) { $this->config = $config; + $this->container = $container; + $this->path_helper = $path_helper; + $this->renderer = $renderer; $this->user = $user; - $this->phpbb_root_path = $phpbb_root_path; - $this->phpEx = $phpEx; } /** - * Run links through append_sid(), prepend generate_board_url() and remove session id + * Returns the board url (and caches it in the function) */ public function get_board_url() { @@ -104,16 +115,12 @@ class helper return ''; } - // Prepare some bbcodes for better parsing - $content = preg_replace("#\[quote(=".*?")?:$uid\]\s*(.*?)\s*\[/quote:$uid\]#si", "[quote$1:$uid]<br />$2<br />[/quote:$uid]", $content); - - $content = generate_text_for_display($content, $uid, $bitfield, $options); + // Setup our own quote_helper to remove all attributes from quotes + $this->renderer->configure_quote_helper($this->container->get('feed.quote_helper')); - // Add newlines - $content = str_replace('<br />', '<br />' . "\n", $content); + $this->renderer->set_smilies_path($this->get_board_url() . '/' . $this->config['smilies_path']); - // Convert smiley Relative paths to Absolute path, Windows style - $content = str_replace($this->phpbb_root_path . $this->config['smilies_path'], $this->get_board_url() . '/' . $this->config['smilies_path'], $content); + $content = generate_text_for_display($content, $uid, $bitfield, $options); // Remove "Select all" link and mouse events $content = str_replace('<a href="#" onclick="selectCode(this); return false;">' . $this->user->lang['SELECT_ALL_CODE'] . '</a>', '', $content); @@ -152,7 +159,7 @@ class helper $content .= implode('<br />', $post_attachments); // Convert attachments' relative path to absolute path - $content = str_replace($this->phpbb_root_path . 'download/file.' . $this->phpEx, $this->get_board_url() . '/download/file.' . $this->phpEx, $content); + $content = str_replace($this->path_helper->get_web_root_path() . 'download/file.' . $this->path_helper->get_php_ext(), $this->get_board_url() . '/download/file.' . $this->path_helper->get_php_ext(), $content); } // Remove Comments from inline attachments [ia] diff --git a/phpBB/phpbb/feed/quote_helper.php b/phpBB/phpbb/feed/quote_helper.php new file mode 100644 index 0000000000..843d075028 --- /dev/null +++ b/phpBB/phpbb/feed/quote_helper.php @@ -0,0 +1,36 @@ +<?php +/** + * + * This file is part of the phpBB Forum Software package. + * + * @copyright (c) phpBB Limited <https://www.phpbb.com> + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\feed; + +/** + * Modified quote_helper for feeds (basically just removing all attributes) + */ +class quote_helper extends \phpbb\textformatter\s9e\quote_helper +{ + /** + * {@inheritdoc} + */ + public function inject_metadata($xml) + { + // In feeds we don't want any attributes, so delete all of them + return \s9e\TextFormatter\Utils::replaceAttributes( + $xml, + 'QUOTE', + function () + { + return []; + } + ); + } +} diff --git a/phpBB/phpbb/log/log.php b/phpBB/phpbb/log/log.php index 5aad7ee326..dcc4cdde51 100644 --- a/phpBB/phpbb/log/log.php +++ b/phpBB/phpbb/log/log.php @@ -933,6 +933,20 @@ class log implements \phpbb\log\log_interface $forum_auth['f_read'][$row['topic_id']] = $row['forum_id']; } + /** + * Allow modifying SQL query after topic data is retrieved (inside loop). + * + * @event core.phpbb_log_get_topic_auth_sql_after + * @var array forum_auth Forum permissions + * @var array row One row of data from SQL query + * @since 3.2.2-RC1 + */ + $vars = array( + 'forum_auth', + 'row', + ); + extract($this->dispatcher->trigger_event('core.phpbb_log_get_topic_auth_sql_after', compact($vars))); + if ($this->auth->acl_gets('a_', 'm_', $row['forum_id'])) { $forum_auth['m_'][$row['topic_id']] = $row['forum_id']; diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 6b561dd3b2..79d75a18f8 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -161,7 +161,22 @@ $phpbb_content_visibility = $phpbb_container->get('content.visibility'); $topics_count = $phpbb_content_visibility->get_count('forum_topics', $forum_data, $forum_id); $start = $pagination->validate_start($start, $config['topics_per_page'], $topics_count); -page_header($forum_data['forum_name'] . ($start ? ' - ' . $user->lang('PAGE_TITLE_NUMBER', $pagination->get_on_page($config['topics_per_page'], $start)) : ''), true, $forum_id); +$page_title = $forum_data['forum_name'] . ($start ? ' - ' . $user->lang('PAGE_TITLE_NUMBER', $pagination->get_on_page($config['topics_per_page'], $start)) : ''); + +/** +* You can use this event to modify the page title of the viewforum page +* +* @event core.viewforum_modify_page_title +* @var string page_title Title of the viewforum page +* @var array forum_data Array with forum data +* @var int forum_id The forum ID +* @var int start Start offset used to calculate the page +* @since 3.2.2-RC1 +*/ +$vars = array('page_title', 'forum_data', 'forum_id', 'start'); +extract($phpbb_dispatcher->trigger_event('core.viewforum_modify_page_title', compact($vars))); + +page_header($page_title, true, $forum_id); $template->set_filenames(array( 'body' => 'viewforum_body.html') diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index c94675a741..3f117eef6b 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -263,6 +263,10 @@ if (!$topic_data) $forum_id = (int) $topic_data['forum_id']; +// If the request is missing the f parameter, the forum id in the user session data is 0 at the moment. +// Let's fix that now so that the user can't hide from the forum's Who Is Online list. +$user->page['forum'] = $forum_id; + // Now we know the forum_id and can check the permissions if ($topic_data['topic_visibility'] != ITEM_APPROVED && !$auth->acl_get('m_approve', $forum_id)) { |