From 7dfe26dd781e7bd0438041058e2a1d95176e7836 Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 1 Sep 2012 10:35:46 -0400 Subject: [task/functional] Allow tests to bypass certain restrictions with DEBUG_TEST PHPBB3-10758 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 5914831539..8e7e84bf83 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2811,7 +2811,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg $diff = time() - $creation_time; // If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)... - if ($diff && ($diff <= $timespan || $timespan === -1)) + if (defined('DEBUG_TEST') || $diff && ($diff <= $timespan || $timespan === -1)) { $token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : ''; $key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid); -- cgit v1.2.1 From 1f89fc9cb6eeaeb2e1b5b3063d76edc82ae9f131 Mon Sep 17 00:00:00 2001 From: Senky Date: Mon, 1 Oct 2012 15:38:16 +0200 Subject: [ticket/11112] updating links to phpbb.com to use SSL PHPBB3-11112 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8e7e84bf83..ca58220619 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3921,7 +3921,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo ' '; echo ' '; echo '
'; - echo ' Powered by phpBB® Forum Software © phpBB Group'; + echo ' Powered by phpBB® Forum Software © phpBB Group'; echo '
'; echo ''; echo ''; @@ -4741,7 +4741,7 @@ function page_footer($run_cron = true) $template->assign_vars(array( 'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '', 'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '', - 'CREDIT_LINE' => $user->lang('POWERED_BY', 'phpBB® Forum Software © phpBB Group'), + 'CREDIT_LINE' => $user->lang('POWERED_BY', 'phpBB® Forum Software © phpBB Group'), 'U_ACP' => ($auth->acl_get('a_') && !empty($user->data['is_registered'])) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '') ); -- cgit v1.2.1 From c630480ca1a426cb0897be35626baac2694fccf5 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 17 Oct 2012 15:03:06 -0400 Subject: [ticket/10848] Redirect from adm to installer correctly. PHPBB3-10848 --- phpBB/includes/functions.php | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ca58220619..2391b45038 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1176,6 +1176,36 @@ else } } +/** +* Eliminates useless . and .. components from specified path. +* +* @param string $path Path to clean +* @return string Cleaned path +*/ +function clean_path($path) +{ + $exploded = explode('/', $path); + $filtered = array(); + foreach ($exploded as $part) + { + if ($part === '.' && !empty($filtered)) + { + continue; + } + + if ($part === '..' && !empty($filtered) && $filtered[sizeof($filtered) - 1] !== '..') + { + array_pop($filtered); + } + else + { + $filtered[] = $part; + } + } + $path = implode('/', $filtered); + return $path; +} + if (!function_exists('htmlspecialchars_decode')) { /** -- cgit v1.2.1 From bb09cd9c8e76ac3af848d09db8ea1928dab66158 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 17 Oct 2012 15:13:35 -0400 Subject: [ticket/10848] Add phpbb_ prefix. PHPBB3-10848 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 2391b45038..65d8be32ad 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1182,7 +1182,7 @@ else * @param string $path Path to clean * @return string Cleaned path */ -function clean_path($path) +function phpbb_clean_path($path) { $exploded = explode('/', $path); $filtered = array(); -- cgit v1.2.1 From c699b88bc58ae07fffb33611a6d7ed950bbb1e15 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 11 Nov 2012 14:35:31 +0100 Subject: [ticket/11192] Add Tebibyte to get_formatted_filesize(). PHPBB3-11192 --- phpBB/includes/functions.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 65d8be32ad..33545ab845 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -301,6 +301,12 @@ function get_formatted_filesize($value, $string_only = true, $allowed_units = fa global $user; $available_units = array( + 'tb' => array( + 'min' => 1099511627776, // pow(2, 40) + 'index' => 4, + 'si_unit' => 'TB', + 'iec_unit' => 'TIB', + ), 'gb' => array( 'min' => 1073741824, // pow(2, 30) 'index' => 3, -- cgit v1.2.1 From 7cbd440e7a69eb836eb9d58800f1c535d41b83ab Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 16 Nov 2012 08:28:35 +0100 Subject: [ticket/11192] Mark negative byte numbers as unsupported. PHPBB3-11192 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 33545ab845..8688ba3f7e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -289,7 +289,7 @@ function phpbb_gmgetdate($time = false) /** * Return formatted string for filesizes * -* @param int $value filesize in bytes +* @param int $value filesize in bytes (non-negative number) * @param bool $string_only true if language string should be returned * @param array $allowed_units only allow these units (data array indexes) * -- cgit v1.2.1 From efd6f1df63c24ed2947bccb863bb92c2346bf697 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 16 Nov 2012 08:29:57 +0100 Subject: [ticket/11192] Update $value parameter description to support other types. PHPBB3-11192 --- phpBB/includes/functions.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8688ba3f7e..6e661228b7 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -289,7 +289,8 @@ function phpbb_gmgetdate($time = false) /** * Return formatted string for filesizes * -* @param int $value filesize in bytes (non-negative number) +* @param mixed $value filesize in bytes +* (non-negative number; int, float or string) * @param bool $string_only true if language string should be returned * @param array $allowed_units only allow these units (data array indexes) * -- cgit v1.2.1 From 65253a3023a78b1068be63b91b77618e3fb2d5fd Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 15:35:21 -0500 Subject: [ticket/11227] @return void -> @return null in develop-olympus. PHPBB3-11227 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 6e661228b7..571c863839 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2745,7 +2745,7 @@ function meta_refresh($time, $url, $disable_cd_check = false) * * @param int $code HTTP status code * @param string $message Message for the status code -* @return void +* @return null */ function send_status_line($code, $message) { @@ -4332,7 +4332,7 @@ function phpbb_optionset($bit, $set, $data) * * @param array $param Parameter array, see $param_defaults array. * -* @return void +* @return null */ function phpbb_http_login($param) { -- cgit v1.2.1 From e8b3e8498d9842296a905fdaad8c0c32e31bceb4 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 24 Feb 2013 12:54:05 +0100 Subject: [ticket/7262] Backport set_config() and set_config_count() docs from develop. PHPBB3-7262 --- phpBB/includes/functions.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 571c863839..04b69f8c69 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -137,7 +137,14 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false) } /** -* Set config value. Creates missing config entry. +* Sets a configuration option's value. +* +* @param string $config_name The configuration option's name +* @param string $config_value New configuration value +* @param bool $is_dynamic Whether this variable should be cached or if it +* changes too frequently to be efficiently cached. +* +* @return null */ function set_config($config_name, $config_value, $is_dynamic = false) { @@ -166,7 +173,14 @@ function set_config($config_name, $config_value, $is_dynamic = false) } /** -* Set dynamic config value with arithmetic operation. +* Increments an integer config value directly in the database. +* +* @param string $config_name The configuration option's name +* @param int $increment Amount to increment by +* @param bool $is_dynamic Whether this variable should be cached or if it +* changes too frequently to be efficiently cached. +* +* @return null */ function set_config_count($config_name, $increment, $is_dynamic = false) { -- cgit v1.2.1 From a9037a68c177d396b2ed4b9bfcaad64536a01aaa Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 24 Feb 2013 13:03:48 +0100 Subject: [ticket/7262] Add $is_dynamic example to set_config() and set_config_count(). The logic is the other way around here in comparison to develop's phpbb_config_db class, so add examples to make things more clear. PHPBB3-7262 --- phpBB/includes/functions.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 04b69f8c69..2ca7d7f898 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -141,8 +141,9 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false) * * @param string $config_name The configuration option's name * @param string $config_value New configuration value -* @param bool $is_dynamic Whether this variable should be cached or if it -* changes too frequently to be efficiently cached. +* @param bool $is_dynamic Whether this variable should be cached (false) or +* if it changes too frequently (true) to be +* efficiently cached. * * @return null */ @@ -177,8 +178,9 @@ function set_config($config_name, $config_value, $is_dynamic = false) * * @param string $config_name The configuration option's name * @param int $increment Amount to increment by -* @param bool $is_dynamic Whether this variable should be cached or if it -* changes too frequently to be efficiently cached. +* @param bool $is_dynamic Whether this variable should be cached (false) or +* if it changes too frequently (true) to be +* efficiently cached. * * @return null */ -- cgit v1.2.1 From 6bf64d5620b1b9f165a65b50042c391a29ef151c Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 24 Feb 2013 13:37:52 +0100 Subject: [ticket/7262] Add note about set_config() not updating is_dynamic. PHPBB3-7262 --- phpBB/includes/functions.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 2ca7d7f898..ccd2d3147c 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -139,6 +139,9 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false) /** * Sets a configuration option's value. * +* Please note that this function does not update the is_dynamic value for +* an already existing config option. +* * @param string $config_name The configuration option's name * @param string $config_value New configuration value * @param bool $is_dynamic Whether this variable should be cached (false) or -- cgit v1.2.1 From 828d3b6b68acad606fe150cff7993c216ebc4474 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABtan=20Muller?= Date: Sun, 21 Apr 2013 14:22:45 +0200 Subject: [ticket/11144] Add missing {FORUM_NAME} variable The template variable {FORUM_NAME} was missing from the login page of a password protected forum PHPBB3-11144 --- phpBB/includes/functions.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ccd2d3147c..98a1dab722 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3272,6 +3272,7 @@ function login_forum_box($forum_data) page_header($user->lang['LOGIN'], false); $template->assign_vars(array( + 'FORUM_NAME' => isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '', 'S_LOGIN_ACTION' => build_url(array('f')), 'S_HIDDEN_FIELDS' => build_hidden_fields(array('f' => $forum_data['forum_id']))) ); -- cgit v1.2.1 From d680aac7c5662223f1f491b244456220450cac23 Mon Sep 17 00:00:00 2001 From: gamerchan Date: Fri, 3 May 2013 11:10:53 +0530 Subject: [ticket/11105] Added spaces between ; and "url=" to adhere to w3c conventions. There was no space between ; and the string "url=". But according to w3c, we should have atleast one space between them. So, added space characters accordingly. PHPBB3-11105 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 98a1dab722..cf676a3351 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2740,7 +2740,7 @@ function meta_refresh($time, $url, $disable_cd_check = false) // For XHTML compatibility we change back & to & $template->assign_vars(array( - 'META' => '') + 'META' => '') ); return $url; -- cgit v1.2.1 From 06edf15ac3e63350b7973b04f07578de1c4565d0 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 15 May 2013 13:55:35 +0200 Subject: [ticket/11546] Fix is_absolute() throws E_NOTICE for empty string PHPBB3-11546 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index cf676a3351..4b144a20a1 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1005,7 +1005,7 @@ if (!function_exists('stripos')) */ function is_absolute($path) { - return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false; + return (isset($path[0]) && $path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false; } /** -- cgit v1.2.1 From 38dbfc17a782f72737451103b8e4067f152bd0b7 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 16 May 2013 17:30:23 +0200 Subject: [ticket/11545] Remove DIRECTORY_SEPARATOR dependency from is_absolute The given path is an absolute path in general, just not on our current system. PHPBB3-11545 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4b144a20a1..b2b12c1445 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1005,7 +1005,7 @@ if (!function_exists('stripos')) */ function is_absolute($path) { - return (isset($path[0]) && $path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false; + return (isset($path[0]) && $path[0] == '/' || preg_match('#^[a-z]:[/\\\]#i', $path)) ? true : false; } /** -- cgit v1.2.1 From cba28c39ad63920c05241f59ce7e1ad6b47039df Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 27 Sep 2013 01:18:28 +0200 Subject: [ticket/11873] Do not hash very large passwords in order to safe resources. PHPBB3-11873 --- phpBB/includes/functions.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b2b12c1445..eef4ade4e7 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -502,6 +502,13 @@ function phpbb_hash($password) */ function phpbb_check_hash($password, $hash) { + if (strlen($password) > 4096) + { + // If the password is too huge, we will simply reject it + // and not let the server try to hash it. + return false; + } + $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if (strlen($hash) == 34) { -- cgit v1.2.1