diff options
Diffstat (limited to 'phpBB')
33 files changed, 370 insertions, 79 deletions
diff --git a/phpBB/adm/style/acp_email.html b/phpBB/adm/style/acp_email.html index 950ecb40b0..63acd7fcc1 100644 --- a/phpBB/adm/style/acp_email.html +++ b/phpBB/adm/style/acp_email.html @@ -47,6 +47,8 @@ <dd><input id="send" type="checkbox" class="radio" name="send_immediately" checked="checked" /></dd> </dl> +<!-- EVENT acp_email_options_after --> + <p class="submit-buttons"> <input class="button1" type="submit" id="submit" name="submit" value="{L_SEND_EMAIL}" /> <input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" /> diff --git a/phpBB/adm/style/acp_forums.html b/phpBB/adm/style/acp_forums.html index af79791ff8..756092a1f0 100644 --- a/phpBB/adm/style/acp_forums.html +++ b/phpBB/adm/style/acp_forums.html @@ -111,6 +111,7 @@ <fieldset> <legend>{L_FORUM_SETTINGS}</legend> + <!-- EVENT acp_forums_main_settings_prepend --> <dl> <dt><label for="forum_type">{L_FORUM_TYPE}{L_COLON}</label></dt> <dd><select id="forum_type" name="forum_type" onchange="display_options(this.options[this.selectedIndex].value);">{S_FORUM_TYPE_OPTIONS}</select></dd> @@ -182,6 +183,7 @@ <dt><label for="forum_style">{L_FORUM_STYLE}{L_COLON}</label></dt> <dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd> </dl> + <!-- EVENT acp_forums_main_settings_append --> </fieldset> <div id="forum_cat_options"> @@ -198,6 +200,7 @@ <div id="forum_post_options"> <fieldset> <legend>{L_GENERAL_FORUM_SETTINGS}</legend> + <!-- EVENT acp_forums_normal_settings_prepend --> <dl> <dt><label for="forum_status">{L_FORUM_STATUS}{L_COLON}</label></dt> <dd><select id="forum_status" name="forum_status">{S_STATUS_OPTIONS}</select></dd> @@ -246,6 +249,7 @@ <fieldset> <legend>{L_FORUM_PRUNE_SETTINGS}</legend> + <!-- EVENT acp_forums_prune_settings_prepend --> <dl> <dt><label for="enable_prune">{L_FORUM_AUTO_PRUNE}{L_COLON}</label><br /><span>{L_FORUM_AUTO_PRUNE_EXPLAIN}</span></dt> <dd><label><input type="radio" class="radio" name="enable_prune" value="1"<!-- IF S_PRUNE_ENABLE --> id="enable_prune" checked="checked"<!-- ENDIF --> /> {L_YES}</label> @@ -291,6 +295,7 @@ <dt><label for="prune_shadow_days">{L_AUTO_PRUNE_SHADOW_DAYS}{L_COLON}</label><br /><span>{L_AUTO_PRUNE_SHADOW_DAYS_EXPLAIN}</span></dt> <dd><input type="number" id="prune_shadow_days" name="prune_shadow_days" value="{PRUNE_SHADOW_DAYS}" maxlength="4" size="4" min="0" max="9999" /> {L_DAYS}</dd> </dl> + <!-- EVENT acp_forums_prune_settings_append --> </fieldset> </div> @@ -317,6 +322,7 @@ <div id="forum_rules_options"> <fieldset> <legend>{L_FORUM_RULES}</legend> + <!-- EVENT acp_forums_rules_settings_prepend --> <dl> <dt><label for="forum_rules_link">{L_FORUM_RULES_LINK}{L_COLON}</label><br /><span>{L_FORUM_RULES_LINK_EXPLAIN}</span></dt> <dd><input class="text medium" type="text" id="forum_rules_link" name="forum_rules_link" value="{FORUM_RULES_LINK}" maxlength="255" /></dd> @@ -334,6 +340,7 @@ <label><input type="checkbox" class="radio" name="rules_parse_smilies"<!-- IF S_SMILIES_CHECKED --> checked="checked"<!-- ENDIF --> /> {L_PARSE_SMILIES}</label> <label><input type="checkbox" class="radio" name="rules_parse_urls"<!-- IF S_URLS_CHECKED --> checked="checked"<!-- ENDIF --> /> {L_PARSE_URLS}</label></dd> </dl> + <!-- EVENT acp_forums_rules_settings_append --> </fieldset> </div> diff --git a/phpBB/assets/javascript/core.js b/phpBB/assets/javascript/core.js index 6ddbba7515..6481a2e113 100644 --- a/phpBB/assets/javascript/core.js +++ b/phpBB/assets/javascript/core.js @@ -386,7 +386,8 @@ phpbb.ajaxify = function(options) { type: method, data: data, success: returnHandler, - error: errorHandler + error: errorHandler, + cache: false }); request.always(function() { $loadingIndicator.fadeOut(phpbb.alertTime); diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index 5003697564..975f2f7580 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -75,6 +75,7 @@ services: - @controller.provider - @ext.manager - @symfony_request + - @request - @filesystem - %core.root_path% - %core.php_ext% @@ -155,6 +156,8 @@ services: - null - %core.disable_super_globals% + # WARNING: The Symfony request does not escape the input and should be used very carefully + # prefer the phpbb request (service @request) as possible symfony_request: class: phpbb\symfony_request arguments: diff --git a/phpBB/docs/events.md b/phpBB/docs/events.md index c51bc72160..7863814daa 100644 --- a/phpBB/docs/events.md +++ b/phpBB/docs/events.md @@ -16,11 +16,59 @@ acp_bbcodes_edit_fieldsets_after * Since: 3.1.0-a3 * Purpose: Add settings to BBCode add/edit form +acp_email_options_after +=== +* Location: adm/style/acp_email.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to mass email form + +acp_forums_main_settings_append +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums at end of main settings section + +acp_forums_main_settings_prepend +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums before main settings section + acp_forums_normal_settings_append === * Location: adm/style/acp_forums.html * Since: 3.1.0-a1 -* Purpose: Add settings to forums +* Purpose: Add settings to forums at end of normal settings section + +acp_forums_normal_settings_prepend +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums before normal settings section + +acp_forums_prune_settings_append +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums at end of prune settings section + +acp_forums_prune_settings_prepend +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums before prune settings section + +acp_forums_rules_settings_append +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums at end of rules settings section + +acp_forums_rules_settings_prepend +=== +* Location: adm/style/acp_forums.html +* Since: 3.1.2-RC1 +* Purpose: Add settings to forums before rules settings section acp_group_options_before === @@ -111,7 +159,7 @@ acp_ranks_list_column_before * Locations: + adm/style/acp_ranks.html * Since: 3.1.0-RC3 -* Purpose: Add content after the last column (but before the action column) +* Purpose: Add content after the last column (but before the action column) in the ranks list in the ACP acp_ranks_list_header_after @@ -126,7 +174,7 @@ acp_ranks_list_header_before * Locations: + adm/style/acp_ranks.html * Since: 3.1.0-RC3 -* Purpose: Add content after the last header-column (but before the action column) +* Purpose: Add content after the last header-column (but before the action column) in the ranks list in the ACP acp_simple_footer_after @@ -336,6 +384,14 @@ index_body_block_stats_prepend * Since: 3.1.0-b3 * Purpose: Prepend content to the statistics list on the Board index +index_body_forumlist_body_after +=== +* Locations: + + styles/prosilver/template/index_body.html + + styles/subsilver2/template/index_body.html +* Since: 3.1.1 +* Purpose: Add content after the forum list body on the index page + index_body_markforums_after === * Locations: @@ -418,6 +474,30 @@ memberlist_body_username_prepend * Purpose: Add information before every username in the memberlist. Works in all display modes (leader, group and normal memberlist). +memberlist_search_fields_after +=== +* Locations: + + styles/prosilver/template/memberlist_search.html + + styles/subsilver2/template/memberlist_search.html +* Since: 3.1.2-RC1 +* Purpose: Add information after the search fields column. + +memberlist_search_fields_before +=== +* Locations: + + styles/prosilver/template/memberlist_search.html + + styles/subsilver2/template/memberlist_search.html +* Since: 3.1.2-RC1 +* Purpose: Add information before the search fields column. + +memberlist_search_sorting_options_before +=== +* Locations: + + styles/prosilver/template/memberlist_search.html + + styles/subsilver2/template/memberlist_search.html +* Since: 3.1.2-RC1 +* Purpose: Add information before the search sorting options field. + memberlist_view_contact_after === * Locations: @@ -756,6 +836,14 @@ posting_editor_buttons_before * Since: 3.1.0-a3 * Purpose: Add content before the BBCode posting buttons +posting_editor_buttons_custom_tags_before +=== +* Locations: + + styles/prosilver/template/posting_buttons.html + + styles/subsilver2/template/posting_buttons.html +* Since: 3.1.2-RC1 +* Purpose: Add content inside the BBCode posting buttons and before the customs BBCode + posting_editor_message_after === * Locations: @@ -1011,7 +1099,7 @@ ucp_pm_viewmessage_post_buttons_after + styles/prosilver/template/ucp_pm_viewmessage.html + styles/subsilver2/template/ucp_pm_viewmessage.html * Since: 3.1.0-RC3 -* Purpose: Add post button to private messages (next to edit, quote etc), at +* Purpose: Add post button to private messages (next to edit, quote etc), at the end of the list. ucp_pm_viewmessage_post_buttons_before @@ -1020,7 +1108,7 @@ ucp_pm_viewmessage_post_buttons_before + styles/prosilver/template/ucp_pm_viewmessage.html + styles/subsilver2/template/ucp_pm_viewmessage.html * Since: 3.1.0-RC3 -* Purpose: Add post button to private messages (next to edit, quote etc), at +* Purpose: Add post button to private messages (next to edit, quote etc), at the start of the list. ucp_pm_viewmessage_print_head_append diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index f4f7512f0c..63e2647f02 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -615,7 +615,15 @@ class acp_board { add_log('admin', 'LOG_CONFIG_' . strtoupper($mode)); - trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); + $message = $user->lang('CONFIG_UPDATED'); + $message_type = E_USER_NOTICE; + if (!$config['email_enable'] && in_array($mode, array('email', 'registration')) && + in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN))) + { + $message .= '<br /><br />' . $user->lang('ACC_ACTIVATION_WARNING'); + $message_type = E_USER_WARNING; + } + trigger_error($message . adm_back_link($this->u_action), $message_type); } $this->tpl_name = 'acp_board'; @@ -792,20 +800,19 @@ class acp_board global $user, $config; $act_ary = array( - 'ACC_DISABLE' => USER_ACTIVATION_DISABLE, - 'ACC_NONE' => USER_ACTIVATION_NONE, + 'ACC_DISABLE' => array(true, USER_ACTIVATION_DISABLE), + 'ACC_NONE' => array(true, USER_ACTIVATION_NONE), + 'ACC_USER' => array($config['email_enable'], USER_ACTIVATION_SELF), + 'ACC_ADMIN' => array($config['email_enable'], USER_ACTIVATION_ADMIN), ); - if ($config['email_enable']) - { - $act_ary['ACC_USER'] = USER_ACTIVATION_SELF; - $act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN; - } - $act_options = ''; - foreach ($act_ary as $key => $value) + $act_options = ''; + foreach ($act_ary as $key => $data) { + list($available, $value) = $data; $selected = ($selected_value == $value) ? ' selected="selected"' : ''; - $act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>'; + $class = (!$available) ? ' class="disabled-option"' : ''; + $act_options .= '<option value="' . $value . '"' . $selected . $class . '>' . $user->lang($key) . '</option>'; } return $act_options; diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e3e8657afb..5ddaf31cf5 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2512,6 +2512,7 @@ function phpbb_cache_moderators($db, $cache, $auth) { $usernames_ary[$row['user_id']] = $row['username']; } + $db->sql_freeresult($result); foreach ($hold_ary as $user_id => $forum_id_ary) { @@ -2806,6 +2807,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li $users[] = $row; } + $db->sql_freeresult($result); return $offset; } diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index 0c6acaa908..c18ca1aa1d 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -165,6 +165,22 @@ function mcp_forum_view($id, $mode, $action, $forum_info) AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.') . " $limit_time_sql ORDER BY t.topic_type DESC, $sort_order_sql"; + + /** + * Modify SQL query before MCP forum view topic list is queried + * + * @event core.mcp_view_forum_modify_sql + * @var string sql SQL query for forum view topic list + * @var int forum_id ID of the forum + * @var string limit_time_sql SQL query part for limit time + * @var string sort_order_sql SQL query part for sort order + * @var int topics_per_page Number of topics per page + * @var int start Start value + * @since 3.1.2-RC1 + */ + $vars = array('sql', 'forum_id', 'limit_time_sql', 'sort_order_sql', 'topics_per_page', 'start'); + extract($phpbb_dispatcher->trigger_event('core.mcp_view_forum_modify_sql', compact($vars))); + $result = $db->sql_query_limit($sql, $topics_per_page, $start); $topic_list = $topic_tracking_info = array(); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index 19a0ee3051..227ae84bd6 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -813,8 +813,17 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' $user->add_lang('posting'); + // If there are only shadow topics, we neither need a reason nor softdelete + $sql = 'SELECT topic_id + FROM ' . TOPICS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . ' + AND topic_moved_id = 0'; + $result = $db->sql_query_limit($sql, 1); + $only_shadow = !$db->sql_fetchfield('topic_id'); + $db->sql_freeresult($result); + $only_softdeleted = false; - if ($auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id)) + if (!$only_shadow && $auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id)) { // If there are only soft deleted topics, we display a message why the option is not available $sql = 'SELECT topic_id @@ -827,6 +836,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' } $template->assign_vars(array( + 'S_SHADOW_TOPICS' => $only_shadow, 'S_SOFTDELETED' => $only_softdeleted, 'S_TOPIC_MODE' => true, 'S_ALLOWED_DELETE' => $auth->acl_get('m_delete', $forum_id), @@ -839,7 +849,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' $l_confirm .= '_PERMANENTLY'; $s_hidden_fields['delete_permanent'] = '1'; } - else if (!$auth->acl_get('m_softdelete', $forum_id)) + else if ($only_shadow || !$auth->acl_get('m_softdelete', $forum_id)) { $s_hidden_fields['delete_permanent'] = '1'; } diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 92ace7b585..bc996cf275 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1103,7 +1103,7 @@ class parse_message extends bbcode_firstpass */ function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') { - global $config, $db, $user; + global $config, $db, $user, $phpbb_dispatcher; $this->mode = $mode; @@ -1158,6 +1158,49 @@ class parse_message extends bbcode_firstpass } } + /** + * This event can be used for additional message checks/cleanup before parsing + * + * @event core.message_parser_check_message + * @var bool allow_bbcode Do we allow BBCodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool allow_img_bbcode Do we allow image BBCode + * @var bool allow_flash_bbcode Do we allow flash BBCode + * @var bool allow_quote_bbcode Do we allow quote BBCode + * @var bool allow_url_bbcode Do we allow url BBCode + * @var bool update_this_message Do we alter the parsed message + * @var string mode Posting mode + * @var string message The message text to parse + * @var bool return Do we return after the event is triggered if $warn_msg is not empty + * @var array warn_msg Array of the warning messages + * @since 3.1.2-RC1 + */ + $message = $this->message; + $warn_msg = $this->warn_msg; + $return = false; + $vars = array( + 'allow_bbcode', + 'allow_magic_url', + 'allow_smilies', + 'allow_img_bbcode', + 'allow_flash_bbcode', + 'allow_quote_bbcode', + 'allow_url_bbcode', + 'update_this_message', + 'mode', + 'message', + 'return', + 'warn_msg', + ); + extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars))); + $this->message = $message; + $this->warn_msg = $warn_msg; + if ($return && !empty($this->warn_msg)) + { + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + // Prepare BBcode (just prepares some tags for better parsing) if ($allow_bbcode && strpos($this->message, '[') !== false) { diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 88078c10af..14f6a8bc02 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -33,7 +33,8 @@ class ucp_register global $request, $phpbb_container; // - if ($config['require_activation'] == USER_ACTIVATION_DISABLE) + if ($config['require_activation'] == USER_ACTIVATION_DISABLE || + (in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN)) && !$config['email_enable'])) { trigger_error('UCP_REGISTER_DISABLE'); } diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index ae7565d608..8d6c1c141d 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -221,7 +221,8 @@ $lang = array_merge($lang, array( 'ACP_REGISTER_SETTINGS_EXPLAIN' => 'Here you are able to define registration and profile related settings.', 'ACC_ACTIVATION' => 'Account activation', - 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations. “Board-wide email” must be enabled in order to use user or admin activation.', + 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations. <em>“Board-wide email” must be enabled in order to use user or admin activation.</em>', + 'ACC_ACTIVATION_WARNING' => 'Please note that the currently selected activation method requires emails to be enabled, otherwise registration will be disabled. We recommend to either select a different activation method or reenable emails.', 'NEW_MEMBER_POST_LIMIT' => 'New member post limit', 'NEW_MEMBER_POST_LIMIT_EXPLAIN' => 'New members are within the <em>Newly Registered Users</em> group until they reach this number of posts. You can use this group to keep them from using the PM system or to review their posts. <strong>A value of 0 disables this feature.</strong>', 'NEW_MEMBER_GROUP_DEFAULT' => 'Set Newly Registered Users group to default', @@ -556,7 +557,7 @@ $lang = array_merge($lang, array( 'EMAIL_SIG' => 'Email signature', 'EMAIL_SIG_EXPLAIN' => 'This text will be attached to all emails the board sends.', 'ENABLE_EMAIL' => 'Enable board-wide emails', - 'ENABLE_EMAIL_EXPLAIN' => 'If this is set to disabled no emails will be sent by the board at all. <em>Note the user and admin account activation settings require this setting to be enabled. If currently using “user” or “admin” activation in the activation settings, disabling this setting will require no activation of new accounts.</em>', + 'ENABLE_EMAIL_EXPLAIN' => 'If this is set to disabled no emails will be sent by the board at all. <em>Note the user and admin account activation settings require this setting to be enabled. If currently using “user” or “admin” activation in the activation settings, disabling this setting will disable registration.</em>', 'SMTP_AUTH_METHOD' => 'Authentication method for SMTP', 'SMTP_AUTH_METHOD_EXPLAIN' => 'Only used if a username/password is set, ask your provider if you are unsure which method to use.', 'SMTP_CRAM_MD5' => 'CRAM-MD5', diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 722eeffa9a..ba67c11e75 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -87,7 +87,7 @@ class db extends \phpbb\auth\provider\base $username_clean = utf8_clean_string($username); - $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts + $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'"; $result = $this->db->sql_query($sql); @@ -123,7 +123,7 @@ class db extends \phpbb\auth\provider\base 'username_clean' => $username_clean, ); $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $this->db->sql_build_array('INSERT', $attempt_data); - $result = $this->db->sql_query($sql); + $this->db->sql_query($sql); } else { @@ -175,7 +175,7 @@ class db extends \phpbb\auth\provider\base } // Check password ... - if ($this->passwords_manager->check($password, $row['user_password'])) + if ($this->passwords_manager->check($password, $row['user_password'], $row)) { // Check for old password hash... if ($this->passwords_manager->convert_flag || strlen($row['user_password']) == 32) diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php index 187e455d48..52e6947c2c 100644 --- a/phpBB/phpbb/controller/helper.php +++ b/phpBB/phpbb/controller/helper.php @@ -44,6 +44,9 @@ class helper /* @var \phpbb\symfony_request */ protected $symfony_request; + /* @var \phpbb\request\request_interface */ + protected $request; + /** * @var \phpbb\filesystem The filesystem object */ @@ -70,16 +73,18 @@ class helper * @param \phpbb\controller\provider $provider Path provider * @param \phpbb\extension\manager $manager Extension manager object * @param \phpbb\symfony_request $symfony_request Symfony Request object + * @param \phpbb\request\request_interface $request phpBB request object * @param \phpbb\filesystem $filesystem The filesystem object * @param string $phpbb_root_path phpBB root path * @param string $php_ext PHP file extension */ - public function __construct(\phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\controller\provider $provider, \phpbb\extension\manager $manager, \phpbb\symfony_request $symfony_request, \phpbb\filesystem $filesystem, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\controller\provider $provider, \phpbb\extension\manager $manager, \phpbb\symfony_request $symfony_request, \phpbb\request\request_interface $request, \phpbb\filesystem $filesystem, $phpbb_root_path, $php_ext) { $this->template = $template; $this->user = $user; $this->config = $config; $this->symfony_request = $symfony_request; + $this->request = $request; $this->filesystem = $filesystem; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; @@ -153,7 +158,7 @@ class helper } } - $base_url = $this->filesystem->clean_path($base_url); + $base_url = $this->request->escape($this->filesystem->clean_path($base_url), true); $context->setBaseUrl($base_url); @@ -197,6 +202,6 @@ class helper */ public function get_current_url() { - return generate_board_url(true) . $this->symfony_request->getRequestUri(); + return generate_board_url(true) . $this->request->escape($this->symfony_request->getRequestUri(), true); } } diff --git a/phpBB/phpbb/db/migration/data/v310/captcha_plugins.php b/phpBB/phpbb/db/migration/data/v310/captcha_plugins.php index 13071e9891..328c08f1ec 100644 --- a/phpBB/phpbb/db/migration/data/v310/captcha_plugins.php +++ b/phpBB/phpbb/db/migration/data/v310/captcha_plugins.php @@ -25,9 +25,13 @@ class captcha_plugins extends \phpbb\db\migration\migration public function update_data() { $captcha_plugin = $this->config['captcha_plugin']; - if (strpos($this->config['captcha_plugin'], 'phpbb_captcha_') === 0) + if (strpos($captcha_plugin, 'phpbb_captcha_') === 0) { - $captcha_plugin = substr($this->config['captcha_plugin'], strlen('phpbb_captcha_')); + $captcha_plugin = substr($captcha_plugin, strlen('phpbb_captcha_')); + } + else if (strpos($captcha_plugin, 'phpbb_') === 0) + { + $captcha_plugin = substr($captcha_plugin, strlen('phpbb_')); } return array( diff --git a/phpBB/phpbb/db/migration/data/v310/reset_missing_captcha_plugin.php b/phpBB/phpbb/db/migration/data/v310/reset_missing_captcha_plugin.php index d5f9076196..8211457dc6 100644 --- a/phpBB/phpbb/db/migration/data/v310/reset_missing_captcha_plugin.php +++ b/phpBB/phpbb/db/migration/data/v310/reset_missing_captcha_plugin.php @@ -29,7 +29,8 @@ class reset_missing_captcha_plugin extends \phpbb\db\migration\migration { return array( array('if', array( - (!is_file($this->phpbb_root_path . "includes/captcha/plugins/{$this->config['captcha_plugin']}_plugin." . $this->php_ext)), + (is_dir($this->phpbb_root_path . 'includes/captcha/plugins/') && + !is_file($this->phpbb_root_path . "includes/captcha/plugins/{$this->config['captcha_plugin']}_plugin." . $this->php_ext)), array('config.update', array('captcha_plugin', 'phpbb_captcha_nogd')), )), ); diff --git a/phpBB/phpbb/path_helper.php b/phpBB/phpbb/path_helper.php index 936564d8b6..4a446a5d9d 100644 --- a/phpBB/phpbb/path_helper.php +++ b/phpBB/phpbb/path_helper.php @@ -154,6 +154,7 @@ class path_helper return $this->web_root_path; } + // We do not need to escape $path_info, $request_uri and $script_name because we can not find their content in the result. // Path info (e.g. /foo/bar) $path_info = $this->filesystem->clean_path($this->symfony_request->getPathInfo()); @@ -203,9 +204,12 @@ class path_helper */ if ($this->request->is_ajax() && $this->symfony_request->get('_referer')) { + // We need to escape $absolute_board_url because it can be partially concatenated to the result. + $absolute_board_url = $this->request->escape($this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath(), true); + $referer_web_root_path = $this->get_web_root_path_from_ajax_referer( $this->symfony_request->get('_referer'), - $this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath() + $absolute_board_url ); return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path; } diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index ea9854894c..f0f2f7e2a2 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -416,4 +416,27 @@ class request implements \phpbb\request\request_interface { return $this->input[$super_global]; } + + /** + * {@inheritdoc} + */ + public function escape($var, $multibyte) + { + if (is_array($var)) + { + $result = array(); + foreach ($var as $key => $value) + { + $this->type_cast_helper->set_var($key, $key, gettype($key), $multibyte); + $result[$key] = $this->escape($value, $multibyte); + } + $var = $result; + } + else + { + $this->type_cast_helper->set_var($var, $var, 'string', $multibyte); + } + + return $var; + } } diff --git a/phpBB/phpbb/request/request_interface.php b/phpBB/phpbb/request/request_interface.php index 3236f73990..47b3b3a4ed 100644 --- a/phpBB/phpbb/request/request_interface.php +++ b/phpBB/phpbb/request/request_interface.php @@ -142,4 +142,14 @@ interface request_interface * @return array The original array of the requested super global. */ public function get_super_global($super_global = \phpbb\request\request_interface::REQUEST); + + /** + * Escape a string variable. + * + * @param mixed $value The contents to fill with + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + * @return string|array + */ + public function escape($value, $multibyte); } diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index a06ff9c594..dc90d942c3 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -31,10 +31,11 @@ class session var $update_session_page = true; /** - * Extract current session page - * - * @param string $root_path current root path (phpbb_root_path) - */ + * Extract current session page + * + * @param string $root_path current root path (phpbb_root_path) + * @return array + */ static function extract_current_page($root_path) { global $request, $symfony_request, $phpbb_filesystem; @@ -42,8 +43,8 @@ class session $page_array = array(); // First of all, get the request uri... - $script_name = $symfony_request->getScriptName(); - $args = explode('&', $symfony_request->getQueryString()); + $script_name = $request->escape($symfony_request->getScriptName(), true); + $args = $request->escape(explode('&', $symfony_request->getQueryString()), true); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php index 02d22c480f..2931cae3cc 100644 --- a/phpBB/phpbb/symfony_request.php +++ b/phpBB/phpbb/symfony_request.php @@ -15,6 +15,10 @@ namespace phpbb; use Symfony\Component\HttpFoundation\Request; +/** + * WARNING: The Symfony request does not escape the input and should be used very carefully + * prefer the phpbb request as possible + */ class symfony_request extends Request { /** @@ -24,32 +28,12 @@ class symfony_request extends Request */ public function __construct(\phpbb\request\request_interface $phpbb_request) { - // This function is meant to sanitize the global input arrays - $sanitizer = function(&$value, $key) { - $type_cast_helper = new \phpbb\request\type_cast_helper(); - $type_cast_helper->set_var($value, $value, gettype($value), true); - }; - - // This function is meant for additional handling of server variables - $server_sanitizer = function(&$value, $key) use ($sanitizer) { - $sanitizer($value, $key); - $value = str_replace('&', '&', $value); - }; - $get_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::GET); $post_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::POST); $server_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::SERVER); $files_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::FILES); $cookie_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::COOKIE); - array_walk_recursive($get_parameters, $sanitizer); - array_walk_recursive($post_parameters, $sanitizer); - array_walk_recursive($files_parameters, $sanitizer); - array_walk_recursive($cookie_parameters, $sanitizer); - - // Run special sanitizer for server superglobal - array_walk_recursive($server_parameters, $server_sanitizer); - parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); } } diff --git a/phpBB/phpbb/template/twig/twig.php b/phpBB/phpbb/template/twig/twig.php index a3b002f350..5b71bb5e8a 100644 --- a/phpBB/phpbb/template/twig/twig.php +++ b/phpBB/phpbb/template/twig/twig.php @@ -189,13 +189,24 @@ class twig extends \phpbb\template\base { $path = $this->phpbb_root_path . trim($directory, '/') . "/{$name}/"; $template_path = $path . 'template/'; + $theme_path = $path . 'theme/'; + $is_valid_dir = false; if (is_dir($template_path)) { + $is_valid_dir = true; + $paths[] = $template_path; + } + if (is_dir($theme_path)) + { + $is_valid_dir = true; + $paths[] = $theme_path; + } + + if ($is_valid_dir) + { // Add the base style directory as a safe directory $this->twig->getLoader()->addSafeDirectory($path); - - $paths[] = $template_path; } } } @@ -253,25 +264,38 @@ class twig extends \phpbb\template\base { $ext_style_template_path = $ext_path . $template_dir['ext_path']; $ext_style_path = dirname($ext_style_template_path); + $ext_style_theme_path = $ext_style_path . 'theme/'; } else { $ext_style_path = $ext_path . 'styles/' . $template_dir['name'] . '/'; $ext_style_template_path = $ext_style_path . 'template/'; + $ext_style_theme_path = $ext_style_path . 'theme/'; } } else { $ext_style_path = $ext_path . 'styles/' . $template_dir . '/'; $ext_style_template_path = $ext_style_path . 'template/'; + $ext_style_theme_path = $ext_style_path . 'theme/'; } + $ok = false; if (is_dir($ext_style_template_path)) { + $ok = true; + $paths[] = $ext_style_template_path; + } + if (is_dir($ext_style_theme_path)) + { + $ok = true; + $paths[] = $ext_style_theme_path; + } + + if ($ok) + { // Add the base style directory as a safe directory $this->twig->getLoader()->addSafeDirectory($ext_style_path); - - $paths[] = $ext_style_template_path; } } diff --git a/phpBB/posting.php b/phpBB/posting.php index 764a16d386..4c32276d17 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -73,7 +73,6 @@ $current_time = time(); * @var bool preview Whether or not the post is being previewed * @var bool save Whether or not a draft is being saved * @var bool load Whether or not a draft is being loaded -* @var bool delete Whether or not the post is being deleted * @var bool cancel Whether or not to cancel the form (returns to * viewtopic or viewforum depending on if the user * is posting a new topic or editing a post) @@ -85,6 +84,7 @@ $current_time = time(); * NOTE: Should be actual language strings, NOT * language keys. * @since 3.1.0-a1 +* @change 3.1.2-RC1 Removed 'delete' var as it does not exist */ $vars = array( 'post_id', @@ -96,7 +96,6 @@ $vars = array( 'preview', 'save', 'load', - 'delete', 'cancel', 'refresh', 'mode', @@ -870,6 +869,43 @@ if ($submit || $preview || $refresh) // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + /** + * This event allows you to modify message text before parsing + * + * @event core.posting_modify_message_text + * @var array post_data Array with post data + * @var string mode What action to take if the form is submitted + * post|reply|quote|edit|delete|bump|smilies|popup + * @var int post_id ID of the post + * @var int topic_id ID of the topic + * @var int forum_id ID of the forum + * @var bool submit Whether or not the form has been submitted + * @var bool preview Whether or not the post is being previewed + * @var bool save Whether or not a draft is being saved + * @var bool load Whether or not a draft is being loaded + * @var bool cancel Whether or not to cancel the form (returns to + * viewtopic or viewforum depending on if the user + * is posting a new topic or editing a post) + * @var bool refresh Whether or not to retain previously submitted data + * @var object message_parser The message parser object + * @since 3.1.2-RC1 + */ + $vars = array( + 'post_data', + 'mode', + 'post_id', + 'topic_id', + 'forum_id', + 'submit', + 'preview', + 'save', + 'load', + 'cancel', + 'refresh', + 'message_parser', + ); + extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars))); + // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); @@ -1727,7 +1763,6 @@ $page_data = array( * @var bool preview Whether or not the post is being previewed * @var bool save Whether or not a draft is being saved * @var bool load Whether or not a draft is being loaded -* @var bool delete Whether or not the post is being deleted * @var bool cancel Whether or not to cancel the form (returns to * viewtopic or viewforum depending on if the user * is posting a new topic or editing a post) @@ -1744,6 +1779,7 @@ $page_data = array( * s_topic_icons, form_enctype, s_action, s_hidden_fields, * post_id, topic_id, forum_id, submit, preview, save, load, * delete, cancel, refresh, error, page_data, message_parser +* @change 3.1.2-RC1 Removed 'delete' var as it does not exist */ $vars = array( 'post_data', @@ -1761,7 +1797,6 @@ $vars = array( 'preview', 'save', 'load', - 'delete', 'cancel', 'refresh', 'error', diff --git a/phpBB/styles/prosilver/template/confirm_delete_body.html b/phpBB/styles/prosilver/template/confirm_delete_body.html index f164b5f357..f0a7ab2bdb 100644 --- a/phpBB/styles/prosilver/template/confirm_delete_body.html +++ b/phpBB/styles/prosilver/template/confirm_delete_body.html @@ -2,6 +2,7 @@ <form action="{S_CONFIRM_ACTION}" method="post"> <p>{MESSAGE_TEXT}</p> + <!-- IF not S_SHADOW_TOPICS --> <!-- IF not S_SOFTDELETED and S_ALLOWED_DELETE and S_ALLOWED_SOFTDELETE --> <label> <strong>{L_DELETE_PERMANENTLY}{L_COLON}</strong> @@ -14,6 +15,7 @@ <strong>{L_DELETE_REASON}{L_COLON}</strong><br /><span>{L_DELETE_REASON_EXPLAIN}</span><br /> <input type="text" name="delete_reason" value="" class="inputbox autowidth" maxlength="120" size="45" /> </label> + <!-- ENDIF --> <fieldset class="submit-buttons"> <input type="button" name="confirm" value="{L_YES}" class="button1" /> @@ -33,6 +35,7 @@ <p>{MESSAGE_TEXT}</p> + <!-- IF not S_SHADOW_TOPICS --> <fieldset class="fields1"> <!-- IF not S_SOFTDELETED and S_ALLOWED_DELETE and S_ALLOWED_SOFTDELETE --> <dl> @@ -51,6 +54,7 @@ <dd><input type="text" name="delete_reason" id="delete_reason" value="" class="inputbox autowidth" maxlength="120" size="45" /></dd> </dl> </fieldset> + <!-- ENDIF --> <fieldset class="submit-buttons"> {S_HIDDEN_FIELDS} diff --git a/phpBB/styles/prosilver/template/index_body.html b/phpBB/styles/prosilver/template/index_body.html index 1e1eb22c6f..f620b6e966 100644 --- a/phpBB/styles/prosilver/template/index_body.html +++ b/phpBB/styles/prosilver/template/index_body.html @@ -13,6 +13,8 @@ <!-- INCLUDE forumlist_body.html --> +<!-- EVENT index_body_forumlist_body_after --> + <!-- IF not S_USER_LOGGED_IN and not S_IS_BOT --> <form method="post" action="{S_LOGIN_ACTION}" class="headerspace"> <h3><a href="{U_LOGIN_LOGOUT}">{L_LOGIN_LOGOUT}</a><!-- IF S_REGISTER_ENABLED --> • <a href="{U_REGISTER}">{L_REGISTER}</a><!-- ENDIF --></h3> diff --git a/phpBB/styles/prosilver/template/memberlist_search.html b/phpBB/styles/prosilver/template/memberlist_search.html index 4fba966151..ef5d29a8fa 100644 --- a/phpBB/styles/prosilver/template/memberlist_search.html +++ b/phpBB/styles/prosilver/template/memberlist_search.html @@ -6,6 +6,7 @@ <p>{L_FIND_USERNAME_EXPLAIN}</p> + <!-- EVENT memberlist_search_fields_before --> <fieldset class="fields1 column1"> <dl style="overflow: visible;"> <dt><label for="username">{L_USERNAME}{L_COLON}</label></dt> @@ -39,6 +40,7 @@ <dt><label for="search_group_id">{L_GROUP}{L_COLON}</label></dt> <dd><select name="search_group_id" id="search_group_id">{S_GROUP_SELECT}</select></dd> </dl> + <!-- EVENT memberlist_search_sorting_options_before --> <dl> <dt><label for="sk" class="label3">{L_SORT_BY}{L_COLON}</label></dt> <dd><select name="sk" id="sk">{S_SORT_OPTIONS}</select> <select name="sd">{S_ORDER_SELECT}</select></dd> @@ -66,6 +68,7 @@ <dd><input class="inputbox medium" type="text" name="ip" id="ip" value="{IP}" /></dd> </dl> <!-- ENDIF --> + <!-- EVENT memberlist_search_fields_after --> </fieldset> <div class="clear"></div> diff --git a/phpBB/styles/prosilver/template/posting_buttons.html b/phpBB/styles/prosilver/template/posting_buttons.html index 3dad6606bb..1555b12369 100644 --- a/phpBB/styles/prosilver/template/posting_buttons.html +++ b/phpBB/styles/prosilver/template/posting_buttons.html @@ -92,6 +92,9 @@ <!-- ENDIF --> </select> <input type="button" class="button2 bbcode-color" name="bbpalette" id="bbpalette" value="{L_FONT_COLOR}" onclick="change_palette();" title="{L_BBCODE_S_HELP}" /> + + <!-- EVENT posting_editor_buttons_custom_tags_before --> + <!-- BEGIN custom_tags --> <input type="button" class="button2 bbcode-{custom_tags.BBCODE_TAG_CLEAN}" name="addbbcode{custom_tags.BBCODE_ID}" value="{custom_tags.BBCODE_TAG}" onclick="bbstyle({custom_tags.BBCODE_ID})" title="{custom_tags.BBCODE_HELPLINE}" /> <!-- END custom_tags --> diff --git a/phpBB/styles/prosilver/theme/common.css b/phpBB/styles/prosilver/theme/common.css index adcd04b15e..9da24b6ef9 100644 --- a/phpBB/styles/prosilver/theme/common.css +++ b/phpBB/styles/prosilver/theme/common.css @@ -601,7 +601,7 @@ ul.linklist.bulletin > li.no-bulletin:before { } .breadcrumbs .crumb:before { - content: '‹'; + content: '\2039'; font-weight: bold; padding: 0 0.5em; } diff --git a/phpBB/styles/subsilver2/template/confirm_delete_body.html b/phpBB/styles/subsilver2/template/confirm_delete_body.html index 18df397fc3..44aec9b60a 100644 --- a/phpBB/styles/subsilver2/template/confirm_delete_body.html +++ b/phpBB/styles/subsilver2/template/confirm_delete_body.html @@ -14,6 +14,7 @@ <p class="gen">{MESSAGE_TEXT}</p> <br /> + <!-- IF not S_SHADOW_TOPICS --> <table border="0" width="90%" cellspacing="2" cellpadding="1"> <!-- IF not S_SOFTDELETED and S_ALLOWED_DELETE and S_ALLOWED_SOFTDELETE --> <tr> @@ -30,6 +31,7 @@ </tr> </table> <br /> + <!-- ENDIF --> {S_HIDDEN_FIELDS} <input type="submit" name="confirm" value="{L_YES}" class="btnmain" /> diff --git a/phpBB/styles/subsilver2/template/index_body.html b/phpBB/styles/subsilver2/template/index_body.html index 1a2786015f..bfc2229221 100644 --- a/phpBB/styles/subsilver2/template/index_body.html +++ b/phpBB/styles/subsilver2/template/index_body.html @@ -14,6 +14,8 @@ <!-- INCLUDE forumlist_body.html --> +<!-- EVENT index_body_forumlist_body_after --> + <!-- IF not S_IS_BOT or U_TEAM --> <span class="gensmall"> <!-- IF not S_IS_BOT --><a href="{U_DELETE_COOKIES}">{L_DELETE_COOKIES}</a><!-- ENDIF --> diff --git a/phpBB/styles/subsilver2/template/memberlist_search.html b/phpBB/styles/subsilver2/template/memberlist_search.html index 12dd10be2e..2096062607 100644 --- a/phpBB/styles/subsilver2/template/memberlist_search.html +++ b/phpBB/styles/subsilver2/template/memberlist_search.html @@ -66,6 +66,7 @@ <form method="post" action="{S_MODE_ACTION}" name="search"> +<!-- EVENT memberlist_search_fields_before --> <table class="tablebg" width="100%" cellspacing="1"> <tr> <th colspan="4">{L_FIND_USERNAME}</th> @@ -111,6 +112,7 @@ <td colspan="2" class="row1"> </td> <!-- ENDIF --> </tr> +<!-- EVENT memberlist_search_sorting_options_before --> <tr> <td class="row1"><b class="genmed">{L_SORT_BY}{L_COLON}</b></td> <td class="row2" nowrap="nowrap"><select name="sk">{S_SORT_OPTIONS}</select> <select name="sd">{S_ORDER_SELECT}</select> </td> @@ -120,6 +122,7 @@ <td class="cat" colspan="4" align="center"><input class="btnmain" type="submit" name="submit" value="{L_SEARCH}" /> <input class="btnlite" type="reset" value="{L_RESET}" /></td> </tr> </table> +<!-- EVENT memberlist_search_fields_after --> {S_FORM_TOKEN} </form> diff --git a/phpBB/styles/subsilver2/template/posting_buttons.html b/phpBB/styles/subsilver2/template/posting_buttons.html index d1c0f79a16..516cd0922b 100644 --- a/phpBB/styles/subsilver2/template/posting_buttons.html +++ b/phpBB/styles/subsilver2/template/posting_buttons.html @@ -69,21 +69,18 @@ <!-- ENDIF --> </select></span> </div> - <!-- EVENT posting_editor_buttons_after --> -<!-- ENDIF --> - </td> -</tr> -<!-- IF S_BBCODE_ALLOWED and .custom_tags --> - <tr valign="middle" align="{S_CONTENT_FLOW_BEGIN}"> - <td colspan="2"> + <!-- EVENT posting_editor_buttons_custom_tags_before --> + <!-- IF .custom_tags --> <div id="custom-bbcode-buttons"> - <!-- BEGIN custom_tags --> + <!-- BEGIN custom_tags --> <input type="button" class="btnbbcode bbcode-{custom_tags.BBCODE_TAG_CLEAN}" name="addbbcode{custom_tags.BBCODE_ID}" value="{custom_tags.BBCODE_TAG}" onclick="bbstyle({custom_tags.BBCODE_ID})"<!-- IF custom_tags.BBCODE_HELPLINE !== '' --> onmouseover="helpline('cb_{custom_tags.BBCODE_ID}')" onmouseout="helpline('tip')"<!-- ENDIF --> /> - <!-- END custom_tags --> + <!-- END custom_tags --> </div> - </td> - </tr> + <!-- ENDIF --> + <!-- EVENT posting_editor_buttons_after --> <!-- ENDIF --> + </td> +</tr> <!-- IF S_BBCODE_ALLOWED --> <tr> <td<!-- IF $S_SIGNATURE or S_EDIT_DRAFT --> colspan="2"<!-- ENDIF -->><input type="text" readonly="readonly" name="helpbox" style="width:100%" class="helpline" value="{L_STYLES_TIP}" /></td> diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 30beea337a..a44169d3f1 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -616,7 +616,9 @@ $base_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t= * @var int topic_id Topic ID * @var array topic_tracking_info Array with topic tracking data * @var int total_posts Topic total posts count +* @var string viewtopic_url URL to the topic page * @since 3.1.0-RC4 +* @change 3.1.2-RC1 Added viewtopic_url */ $vars = array( 'base_url', @@ -628,6 +630,7 @@ $vars = array( 'topic_id', 'topic_tracking_info', 'total_posts', + 'viewtopic_url', ); extract($phpbb_dispatcher->trigger_event('core.viewtopic_assign_template_vars_before', compact($vars))); |