From ee6167879ecba11dea945f129c026ce0f3cf7514 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 17 Mar 2011 01:20:44 +0100 Subject: [ticket/9802] Fix redundant str_replace call. No need to replace ' ' with ' '. PHPBB3-9802 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index d803f8d799..9ab53d38ab 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -221,7 +221,7 @@ class session // if the forwarded for header shall be checked we have to validate its contents if ($config['forwarded_for_check']) { - $this->forwarded_for = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->forwarded_for)); + $this->forwarded_for = preg_replace('#[ ]{2,}#', ' ', str_replace(',', ' ', $this->forwarded_for)); // split the list of IPs $ips = explode(' ', $this->forwarded_for); @@ -268,7 +268,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : ''; - $this->ip = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->ip)); + $this->ip = preg_replace('#[ ]{2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs $ips = explode(' ', $this->ip); -- cgit v1.2.1 From fd805358592162cf05c8808caca0bdf788fb7088 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 17 Mar 2011 01:29:10 +0100 Subject: [ticket/9802] Remove redundant character class definition from preg_replace. PHPBB3-9802 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9ab53d38ab..e1e315035b 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -221,7 +221,7 @@ class session // if the forwarded for header shall be checked we have to validate its contents if ($config['forwarded_for_check']) { - $this->forwarded_for = preg_replace('#[ ]{2,}#', ' ', str_replace(',', ' ', $this->forwarded_for)); + $this->forwarded_for = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->forwarded_for)); // split the list of IPs $ips = explode(' ', $this->forwarded_for); @@ -268,7 +268,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : ''; - $this->ip = preg_replace('#[ ]{2,}#', ' ', str_replace(',', ' ', $this->ip)); + $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs $ips = explode(' ', $this->ip); -- cgit v1.2.1 From bef2540d9ce3b429837c7e67c5f3f7f254aa1920 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 19 Apr 2011 13:46:00 +0200 Subject: [ticket/9802] Fix tiny logic bug in loop determining REMOTE_ADDR. When $ip is empty() it was assigned to $this->ip. PHPBB3-9802 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e1e315035b..f2aa47d84e 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -271,7 +271,7 @@ class session $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs - $ips = explode(' ', $this->ip); + $ips = explode(' ', trim($this->ip)); // Default IP if REMOTE_ADDR is invalid $this->ip = '127.0.0.1'; @@ -279,7 +279,7 @@ class session foreach ($ips as $ip) { // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly - if (!empty($ip) && !preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip)) + if (!preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip)) { // Just break break; -- cgit v1.2.1 From 5ca7121ed2f698963387f5f9fb7ffe16d3781447 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 19 Apr 2011 13:53:09 +0200 Subject: [ticket/9802] Only check for IPv4-mapped address when address is IPv6. PHPBB3-9802 --- phpBB/includes/session.php | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index f2aa47d84e..b2772696f1 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -278,26 +278,31 @@ class session foreach ($ips as $ip) { - // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly - if (!preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip)) + if (preg_match(get_preg_expression('ipv4'), $ip)) { - // Just break - break; + $this->ip = $ip; } - - // Quick check for IPv4-mapped address in IPv6 - if (stripos($ip, '::ffff:') === 0) + else if (preg_match(get_preg_expression('ipv6'), $ip)) { - $ipv4 = substr($ip, 7); - - if (preg_match(get_preg_expression('ipv4'), $ipv4)) + // Quick check for IPv4-mapped address in IPv6 + if (stripos($ip, '::ffff:') === 0) { - $ip = $ipv4; + $ipv4 = substr($ip, 7); + + if (preg_match(get_preg_expression('ipv4'), $ipv4)) + { + $ip = $ipv4; + } } - } - // Use the last in chain - $this->ip = $ip; + $this->ip = $ip; + } + else + { + // We want to use the last valid address in the chain + // Leave foreach loop when address is invalid + break; + } } $this->load = false; -- cgit v1.2.1 From d1f1d8ade7ab98bde70451874c94bb35584f9192 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 19 Apr 2011 14:10:23 +0200 Subject: [ticket/9802] Remove unnecessary htmlspecialchars() call on REMOTE_ADDR. The value in $_SERVER['REMOTE_ADDR'] is either validated to be a valid IP address or is replaced by our default value. Valid IP addresses do not contain HTML special characters, thus the htmlspecialchars() call is unnecessary. PHPBB3-9802 --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index b2772696f1..79d94e7780 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -267,7 +267,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : ''; + $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? (string) $_SERVER['REMOTE_ADDR'] : ''; $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs -- cgit v1.2.1 From 83dfe0d22c71df8e5701c812d304ef8918c3190f Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 26 May 2011 10:43:14 +0200 Subject: [ticket/10195] Return false in session::check_dnsbl() when IPv6 is passed. There is no support for IPv6 addresses in the blacklists we check right now. PHPBB3-10195 --- phpBB/includes/session.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index d803f8d799..2181375dc1 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1238,6 +1238,12 @@ class session $ip = $this->ip; } + // Neither Spamhaus nor Spamcop supports IPv6 addresses. + if (strpos($ip, ':') !== false) + { + return false; + } + $dnsbl_check = array( 'sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=', ); -- cgit v1.2.1 From 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Fri, 10 Jun 2011 12:02:59 +0200 Subject: [ticket/9992] Adding a limit on login attempts per IP. A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992 --- phpBB/includes/session.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index ceb22c197c..69369ff72d 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1005,6 +1005,10 @@ class session include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx); } phpbb_captcha_factory::garbage_collect($config['captcha_plugin']); + + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); + $db->sql_query($sql); } return; -- cgit v1.2.1 From b5cefc400e6a8c3500b8ed5126548e3cbb727858 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Wed, 19 Jan 2011 03:47:51 +0100 Subject: [ticket/9908] Send 301 before stripping SID so bots do (hopefully) not revisit. PHPBB3-9908 --- phpBB/includes/session.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index ceb22c197c..7db319493b 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -592,6 +592,7 @@ class session // otherwise they'll index this page with the SID, duplicate content oh my! if ($bot && isset($_GET['sid'])) { + send_status_line(301, 'Moved Permanently'); redirect(build_url(array('sid'))); } -- cgit v1.2.1 From f610f44a4e23eef8ed7698a32b10bc28789bdf00 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Tue, 5 Jul 2011 19:09:09 -0400 Subject: [ticket/10250] Overwrite the site_logo width&height when the phpbb logo is used The new logo is slightly wider than the old logo. If we changed the size in the imageset.cfg we would cause a conflict for everyone who replaced the logo with their own and modified the size. Instead we overwrite the width and height in the img() function in session.php only if its contents are that of the stock phpbb logo. PHPBB3-10250 --- phpBB/includes/session.php | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 7ef6e02a8d..f509957f96 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2272,9 +2272,36 @@ class user extends session // Use URL if told so $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path; - $img_data['src'] = $root_path . 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; + $path = 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; + + $img_data['src'] = $root_path . $path; $img_data['width'] = $this->img_array[$img]['image_width']; $img_data['height'] = $this->img_array[$img]['image_height']; + + // We overwrite the width and height to the phpbb logo's width + // and height here if the contents of the site_logo file are + // really equal to the phpbb_logo + // This allows us to change the dimensions of the phpbb_logo without + // modifying the imageset.cfg and causing a conflict for everyone + // who modified it for their custom logo on updating + if ($img == 'site_logo' && file_exists($phpbb_root_path . $path)) + { + global $cache; + + if (($img_file_hash = $cache->get('imageset_site_logo_md5')) === false) + { + $img_file_hash = md5(file_get_contents($phpbb_root_path . $path)); + $cache->put('imageset_site_logo_md5', $img_file_hash); + } + + $phpbb_logo_hash = '0c461a32cd3621643105f0d02a772c10'; + + if ($phpbb_logo_hash == $img_file_hash) + { + $img_data['width'] = '149'; + $img_data['height'] = '52'; + } + } } $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; -- cgit v1.2.1 From b261a1a31ae8500cc090d412ed569123ae3cb9ca Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Wed, 6 Jul 2011 17:53:57 -0400 Subject: [ticket/10250] The site_logo hash is different depending on imageset & language PHPBB3-10250 --- phpBB/includes/session.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index f509957f96..e9e706e2b8 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2288,15 +2288,23 @@ class user extends session { global $cache; - if (($img_file_hash = $cache->get('imageset_site_logo_md5')) === false) + $img_file_hashes = $cache->get('imageset_site_logo_md5'); + + if ($img_file_hashes === false) + { + $img_file_hashes = array(); + } + + $key = $this->theme['imageset_path'] . '::' . $this->img_array[$img]['image_lang']; + if (!isset($img_file_hashes[$key])) { - $img_file_hash = md5(file_get_contents($phpbb_root_path . $path)); - $cache->put('imageset_site_logo_md5', $img_file_hash); + $img_file_hashes[$key] = md5(file_get_contents($phpbb_root_path . $path)); + $cache->put('imageset_site_logo_md5', $img_file_hashes); } $phpbb_logo_hash = '0c461a32cd3621643105f0d02a772c10'; - if ($phpbb_logo_hash == $img_file_hash) + if ($phpbb_logo_hash == $img_file_hashes[$key]) { $img_data['width'] = '149'; $img_data['height'] = '52'; -- cgit v1.2.1 From 0bf6966c5228d446c4f0d3862619db0f619c7369 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Wed, 13 Jul 2011 19:20:16 +0200 Subject: [feature/request-class] Add server(), header() and is_ajax() to request Extend the request class with helpers for reading server vars (server()) and HTTP request headers (header()). Refactor the existing code base to make use of these helpers, make $_SERVER a deactivated super global. Also introduce an is_ajax() method, which checks the X-Requested-With header for the value 'XMLHttpRequest', which is sent by JavaScript libraries, such as jQuery. PHPBB3-9716 --- phpBB/includes/session.php | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e36f44ddfa..71dc7807f2 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -41,16 +41,18 @@ class session */ static function extract_current_page($root_path) { + global $request; + $page_array = array(); // First of all, get the request uri... - $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); - $args = (!empty($_SERVER['QUERY_STRING'])) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING')); + $script_name = $request->server('PHP_SELF'); + $args = explode('&', $request->server('QUERY_STRING')); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) { - $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + $script_name = $request->server('REQUEST_URI'); $script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name; $page_array['failover'] = 1; } @@ -141,10 +143,10 @@ class session */ function extract_current_hostname() { - global $config; + global $config, $request; // Get hostname - $host = (!empty($_SERVER['HTTP_HOST'])) ? $_SERVER['HTTP_HOST'] : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $host = $request->header('Host', $request->server('SERVER_NAME')); // Should be a string and lowered $host = (string) strtolower($host); @@ -212,9 +214,9 @@ class session $this->time_now = time(); $this->cookie_data = array('u' => 0, 'k' => ''); $this->update_session_page = $update_session_page; - $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; - $this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; - $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? htmlspecialchars((string) $_SERVER['HTTP_X_FORWARDED_FOR']) : ''; + $this->browser = $request->header('User-Agent', '', true); + $this->referer = $request->header('Referer', '', true); + $this->forwarded_for = $request->header('X-Forwarded-For', '', true); $this->host = $this->extract_current_hostname(); $this->page = $this->extract_current_page($phpbb_root_path); @@ -268,7 +270,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? (string) $_SERVER['REMOTE_ADDR'] : ''; + $this->ip = $request->server('REMOTE_ADDR'); $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs @@ -382,7 +384,7 @@ class session $referer_valid = true; // we assume HEAD and TRACE to be foul play and thus only whitelist GET - if (@$config['referer_validation'] && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) !== 'get') + if (@$config['referer_validation'] && $request->server('REQUEST_METHOD') && strtolower($request->server('REQUEST_METHOD')) !== 'get') { $referer_valid = $this->validate_referer($check_referer_path); } @@ -1449,7 +1451,7 @@ class session */ function validate_referer($check_script_path = false) { - global $config; + global $config, $request; // no referer - nothing to validate, user's fault for turning it off (we only check on POST; so meta can't be the reason) if (empty($this->referer) || empty($this->host)) @@ -1467,7 +1469,7 @@ class session else if ($check_script_path && rtrim($this->page['root_script_path'], '/') !== '') { $ref = substr($ref, strlen($host)); - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $server_port = $request->server('SERVER_PORT', 0); if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0) { @@ -1592,9 +1594,9 @@ class user extends session * If re-enabled we need to make sure only those languages installed are checked * Commented out so we do not loose the code. - if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) + if ($request->header('Accept-Language')) { - $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + $accept_lang_ary = explode(',', $request->header('Accept-Language')); foreach ($accept_lang_ary as $accept_lang) { -- cgit v1.2.1 From d1a0dfbafb8ee0710fec01bf16149f85810c29dd Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 16 Jul 2011 15:09:33 +0200 Subject: [feature/request-class] Remove useless condition PHPBB3-9716 --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 71dc7807f2..9faf9eee60 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -384,7 +384,7 @@ class session $referer_valid = true; // we assume HEAD and TRACE to be foul play and thus only whitelist GET - if (@$config['referer_validation'] && $request->server('REQUEST_METHOD') && strtolower($request->server('REQUEST_METHOD')) !== 'get') + if (@$config['referer_validation'] && strtolower($request->server('REQUEST_METHOD')) !== 'get') { $referer_valid = $this->validate_referer($check_referer_path); } -- cgit v1.2.1 From c5cef773c4811d2041c56a9c34da94a30f8190e1 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Thu, 18 Aug 2011 23:38:39 +0200 Subject: [feature/request-class] Adjust code base to do html decoding manually PHPBB3-9716 --- phpBB/includes/session.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9faf9eee60..84ad98d31f 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -46,13 +46,13 @@ class session $page_array = array(); // First of all, get the request uri... - $script_name = $request->server('PHP_SELF'); - $args = explode('&', $request->server('QUERY_STRING')); + $script_name = htmlspecialchars_decode($request->server('PHP_SELF')); + $args = explode('&', htmlspecialchars_decode($request->server('QUERY_STRING'))); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) { - $script_name = $request->server('REQUEST_URI'); + $script_name = htmlspecialchars_decode($request->server('REQUEST_URI')); $script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name; $page_array['failover'] = 1; } @@ -146,7 +146,7 @@ class session global $config, $request; // Get hostname - $host = $request->header('Host', $request->server('SERVER_NAME')); + $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME'))); // Should be a string and lowered $host = (string) strtolower($host); @@ -214,9 +214,9 @@ class session $this->time_now = time(); $this->cookie_data = array('u' => 0, 'k' => ''); $this->update_session_page = $update_session_page; - $this->browser = $request->header('User-Agent', '', true); - $this->referer = $request->header('Referer', '', true); - $this->forwarded_for = $request->header('X-Forwarded-For', '', true); + $this->browser = $request->header('User-Agent'); + $this->referer = $request->header('Referer'); + $this->forwarded_for = $request->header('X-Forwarded-For'); $this->host = $this->extract_current_hostname(); $this->page = $this->extract_current_page($phpbb_root_path); @@ -270,7 +270,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = $request->server('REMOTE_ADDR'); + $this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR')); $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs -- cgit v1.2.1 From 4491746c73700b45bc536c3a4cc90b84a07340f1 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 25 Aug 2011 16:58:58 +0200 Subject: [ticket/10320] Move phpbb_feed_base::get_passworded_forums() to user class. PHPBB3-10320 --- phpBB/includes/session.php | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e9e706e2b8..caadcbafaa 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2410,6 +2410,39 @@ class user extends session return true; } + + /** + * Returns all password protected forum ids the user is currently NOT authenticated for. + * + * @return array Array of forum ids + * @access public + */ + function get_passworded_forums() + { + global $db; + + $sql = 'SELECT f.forum_id, fa.user_id + FROM ' . FORUMS_TABLE . ' f + LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa + ON (fa.forum_id = f.forum_id + AND fa.session_id = '" . $db->sql_escape($this->session_id) . "') + WHERE f.forum_password <> ''"; + $result = $db->sql_query($sql); + + $forum_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $forum_id = (int) $row['forum_id']; + + if ($row['user_id'] != $this->data['user_id']) + { + $forum_ids[$forum_id] = $forum_id; + } + } + $db->sql_freeresult($result); + + return $forum_ids; + } } ?> \ No newline at end of file -- cgit v1.2.1 From 830c3f4047d0718ed398c38d4640cc0f1fe77a7f Mon Sep 17 00:00:00 2001 From: Vjacheslav Trushkin Date: Sat, 3 Sep 2011 23:50:00 +0300 Subject: [feature/remove-imagesets] Adjustments to php files Removing imagesets. Adjustments to php files PHPBB3-10336 --- phpBB/includes/session.php | 186 +++------------------------------------------ 1 file changed, 9 insertions(+), 177 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e734c8074f..206b88a73e 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1655,12 +1655,11 @@ class user extends session $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i + $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id - AND c.theme_id = s.theme_id - AND i.imageset_id = s.imageset_id"; + AND c.theme_id = s.theme_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1675,12 +1674,11 @@ class user extends session WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i + $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id - AND c.theme_id = s.theme_id - AND i.imageset_id = s.imageset_id"; + AND c.theme_id = s.theme_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1761,95 +1759,7 @@ class user extends session $template->set_template(); - $this->img_lang = (file_exists($phpbb_root_path . 'styles/' . $this->theme['imageset_path'] . '/imageset/' . $this->lang_name)) ? $this->lang_name : $config['default_lang']; - - // Same query in style.php - $sql = 'SELECT * - FROM ' . STYLES_IMAGESET_DATA_TABLE . ' - WHERE imageset_id = ' . $this->theme['imageset_id'] . " - AND image_filename <> '' - AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')"; - $result = $db->sql_query($sql, 3600); - - $localised_images = false; - while ($row = $db->sql_fetchrow($result)) - { - if ($row['image_lang']) - { - $localised_images = true; - } - - $row['image_filename'] = rawurlencode($row['image_filename']); - $this->img_array[$row['image_name']] = $row; - } - $db->sql_freeresult($result); - - // there were no localised images, try to refresh the localised imageset for the user's language - if (!$localised_images) - { - // Attention: this code ignores the image definition list from acp_styles and just takes everything - // that the config file contains - $sql_ary = array(); - - $db->sql_transaction('begin'); - - $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . ' - WHERE imageset_id = ' . $this->theme['imageset_id'] . ' - AND image_lang = \'' . $db->sql_escape($this->img_lang) . '\''; - $result = $db->sql_query($sql); - - if (@file_exists("{$phpbb_root_path}styles/{$this->theme['imageset_path']}/imageset/{$this->img_lang}/imageset.cfg")) - { - $cfg_data_imageset_data = parse_cfg_file("{$phpbb_root_path}styles/{$this->theme['imageset_path']}/imageset/{$this->img_lang}/imageset.cfg"); - foreach ($cfg_data_imageset_data as $image_name => $value) - { - if (strpos($value, '*') !== false) - { - if (substr($value, -1, 1) === '*') - { - list($image_filename, $image_height) = explode('*', $value); - $image_width = 0; - } - else - { - list($image_filename, $image_height, $image_width) = explode('*', $value); - } - } - else - { - $image_filename = $value; - $image_height = $image_width = 0; - } - - if (strpos($image_name, 'img_') === 0 && $image_filename) - { - $image_name = substr($image_name, 4); - $sql_ary[] = array( - 'image_name' => (string) $image_name, - 'image_filename' => (string) $image_filename, - 'image_height' => (int) $image_height, - 'image_width' => (int) $image_width, - 'imageset_id' => (int) $this->theme['imageset_id'], - 'image_lang' => (string) $this->img_lang, - ); - } - } - } - - if (sizeof($sql_ary)) - { - $db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary); - $db->sql_transaction('commit'); - $cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE); - - add_log('admin', 'LOG_IMAGESET_LANG_REFRESHED', $this->theme['imageset_name'], $this->img_lang); - } - else - { - $db->sql_transaction('commit'); - add_log('admin', 'LOG_IMAGESET_LANG_MISSING', $this->theme['imageset_name'], $this->img_lang); - } - } + $this->img_lang = $this->lang_name; // Call phpbb_user_session_handler() in case external application want to "bend" some variables or replace classes... // After calling it we continue script execution... @@ -2284,89 +2194,11 @@ class user extends session /** * Specify/Get image - * $suffix is no longer used - we know it. ;) It is there for backward compatibility. */ - function img($img, $alt = '', $width = false, $suffix = '', $type = 'full_tag') + function img($img, $alt = '') { - static $imgs; - global $phpbb_root_path; - - $img_data = &$imgs[$img]; - - if (empty($img_data)) - { - if (!isset($this->img_array[$img])) - { - // Do not fill the image to let designers decide what to do if the image is empty - $img_data = ''; - return $img_data; - } - - // Use URL if told so - $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path; - - $path = 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; - - $img_data['src'] = $root_path . $path; - $img_data['width'] = $this->img_array[$img]['image_width']; - $img_data['height'] = $this->img_array[$img]['image_height']; - - // We overwrite the width and height to the phpbb logo's width - // and height here if the contents of the site_logo file are - // really equal to the phpbb_logo - // This allows us to change the dimensions of the phpbb_logo without - // modifying the imageset.cfg and causing a conflict for everyone - // who modified it for their custom logo on updating - if ($img == 'site_logo' && file_exists($phpbb_root_path . $path)) - { - global $cache; - - $img_file_hashes = $cache->get('imageset_site_logo_md5'); - - if ($img_file_hashes === false) - { - $img_file_hashes = array(); - } - - $key = $this->theme['imageset_path'] . '::' . $this->img_array[$img]['image_lang']; - if (!isset($img_file_hashes[$key])) - { - $img_file_hashes[$key] = md5(file_get_contents($phpbb_root_path . $path)); - $cache->put('imageset_site_logo_md5', $img_file_hashes); - } - - $phpbb_logo_hash = '0c461a32cd3621643105f0d02a772c10'; - - if ($phpbb_logo_hash == $img_file_hashes[$key]) - { - $img_data['width'] = '149'; - $img_data['height'] = '52'; - } - } - } - $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; - - switch ($type) - { - case 'src': - return $img_data['src']; - break; - - case 'width': - return ($width === false) ? $img_data['width'] : $width; - break; - - case 'height': - return $img_data['height']; - break; - - default: - $use_width = ($width === false) ? $img_data['width'] : $width; - - return '' . $alt . ''; - break; - } + return '' . $alt . ''; } /** -- cgit v1.2.1 From 9e4349e7faac65403de02fd090a837fee92b764a Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Thu, 4 Sep 2008 11:39:25 +0000 Subject: [feature/remove-db-styles] Removed database storage of style components. The bulk of database storage of templates is removed, rendering template stored in the database as useless. Theme database storage is reduced to a skeleton for full removal soon. This commit was cherry picked from the old feature/ascraeus-experiment branch the old commit hash is 0dbe7e3b6cd450342d3c566eb2caf36ca1b5db8e. PHPBB3-9741 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 206b88a73e..c66bf89b47 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1655,7 +1655,7 @@ class user extends session $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id @@ -1674,7 +1674,7 @@ class user extends session WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); - $sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id -- cgit v1.2.1 From 267daf0c3990e7e065fc44c260aaf7d31f2b5022 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Tue, 20 Sep 2011 19:27:11 +0100 Subject: [feature/remove-db-styles] Remove DB theme handling code from session. PHPBB3-9741 --- phpBB/includes/session.php | 51 ++-------------------------------------------- 1 file changed, 2 insertions(+), 49 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index c66bf89b47..bd2257c139 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1655,7 +1655,7 @@ class user extends session $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } - $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_id FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id @@ -1674,7 +1674,7 @@ class user extends session WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); - $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id + $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_id FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c WHERE s.style_id = $style AND t.template_id = s.template_id @@ -1696,7 +1696,6 @@ class user extends session $parsed_items = $parsed_items['theme']; $check_for = array( - 'parse_css_file' => (int) 0, 'pagination_sep' => (string) ', ' ); @@ -1711,52 +1710,6 @@ class user extends session } } - // If the style author specified the theme needs to be cached - // (because of the used paths and variables) than make sure it is the case. - // For example, if the theme uses language-specific images it needs to be stored in db. - if (!$this->theme['theme_storedb'] && $this->theme['parse_css_file']) - { - $this->theme['theme_storedb'] = 1; - - $stylesheet = file_get_contents("{$phpbb_root_path}styles/{$this->theme['theme_path']}/theme/stylesheet.css"); - // Match CSS imports - $matches = array(); - preg_match_all('/@import url\(["\'](.*)["\']\);/i', $stylesheet, $matches); - - if (sizeof($matches)) - { - $content = ''; - foreach ($matches[0] as $idx => $match) - { - if ($content = @file_get_contents("{$phpbb_root_path}styles/{$this->theme['theme_path']}/theme/" . $matches[1][$idx])) - { - $content = trim($content); - } - else - { - $content = ''; - } - $stylesheet = str_replace($match, $content, $stylesheet); - } - unset($content); - } - - $stylesheet = str_replace('./', 'styles/' . $this->theme['theme_path'] . '/theme/', $stylesheet); - - $sql_ary = array( - 'theme_data' => $stylesheet, - 'theme_mtime' => time(), - 'theme_storedb' => 1 - ); - - $sql = 'UPDATE ' . STYLES_THEME_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' - WHERE theme_id = ' . $this->theme['theme_id']; - $db->sql_query($sql); - - unset($sql_ary); - } - $template->set_template(); $this->img_lang = $this->lang_name; -- cgit v1.2.1 From 639e3b9f17c9bac668b4ad24bb9861d8006fa396 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Fri, 14 Oct 2011 00:44:48 +0200 Subject: [feature/extension-manager] Support for loading language files from extensions The referenced extension needs to be explicitly specified in an add_lang_ext() call. PHPBB3-10323 --- phpBB/includes/session.php | 68 ++++++++++++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 14 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index bd2257c139..cbef1af30a 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1901,6 +1901,7 @@ class user extends session * @param mixed $lang_set specifies the language entries to include * @param bool $use_db internal variable for recursion, do not use * @param bool $use_help internal variable for recursion, do not use + * @param string $ext_name The extension to load language from, or empty for global files * * Examples: * @@ -1911,7 +1912,7 @@ class user extends session * $lang_set = array('help' => 'faq', 'db' => array('help:faq', 'posting')) * */ - function add_lang($lang_set, $use_db = false, $use_help = false) + function add_lang($lang_set, $use_db = false, $use_help = false, $ext_name = '') { global $phpEx; @@ -1925,36 +1926,54 @@ class user extends session if ($key == 'db') { - $this->add_lang($lang_file, true, $use_help); + $this->add_lang($lang_file, true, $use_help, $ext_name); } else if ($key == 'help') { - $this->add_lang($lang_file, $use_db, true); + $this->add_lang($lang_file, $use_db, true, $ext_name); } else if (!is_array($lang_file)) { - $this->set_lang($this->lang, $this->help, $lang_file, $use_db, $use_help); + $this->set_lang($this->lang, $this->help, $lang_file, $use_db, $use_help, $ext_name); } else { - $this->add_lang($lang_file, $use_db, $use_help); + $this->add_lang($lang_file, $use_db, $use_help, $ext_name); } } unset($lang_set); } else if ($lang_set) { - $this->set_lang($this->lang, $this->help, $lang_set, $use_db, $use_help); + $this->set_lang($this->lang, $this->help, $lang_set, $use_db, $use_help, $ext_name); } } + /** + * Add Language Items from an extension - use_db and use_help are assigned where needed (only use them to force inclusion) + * + * @param string $ext_name The extension to load language from, or empty for global files + * @param mixed $lang_set specifies the language entries to include + * @param bool $use_db internal variable for recursion, do not use + * @param bool $use_help internal variable for recursion, do not use + */ + function add_lang_ext($ext_name, $lang_set, $use_db = false, $use_help = false) + { + if ($ext_name === '/') + { + $ext_name = ''; + } + + $this->add_lang($lang_set, $use_db, $use_help, $ext_name); + } + /** * Set language entry (called by add_lang) * @access private */ - function set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false) + function set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false, $ext_name = '') { - global $phpEx; + global $phpbb_root_path, $phpEx; // Make sure the language name is set (if the user setup did not happen it is not set) if (!$this->lang_name) @@ -1970,11 +1989,32 @@ class user extends session { if ($use_help && strpos($lang_file, '/') !== false) { - $language_filename = $this->lang_path . $this->lang_name . '/' . substr($lang_file, 0, stripos($lang_file, '/') + 1) . 'help_' . substr($lang_file, stripos($lang_file, '/') + 1) . '.' . $phpEx; + $filename = dirname($lang_file) . '/help_' . basename($lang_file); + } + else + { + $filename = (($use_help) ? 'help_' : '') . $lang_file; + } + + if ($ext_name) + { + global $phpbb_extension_manager; + $ext_path = $phpbb_extension_manager->get_extension_path($ext_name, true); + + $lang_path = $ext_path . 'language/'; + } + else + { + $lang_path = $this->lang_path; + } + + if (strpos($phpbb_root_path . $filename, $lang_path . $this->lang_name . '/') === 0) + { + $language_filename = $phpbb_root_path . $filename; } else { - $language_filename = $this->lang_path . $this->lang_name . '/' . (($use_help) ? 'help_' : '') . $lang_file . '.' . $phpEx; + $language_filename = $lang_path . $this->lang_name . '/' . $filename . '.' . $phpEx; } if (!file_exists($language_filename)) @@ -1984,24 +2024,24 @@ class user extends session if ($this->lang_name == 'en') { // The user's selected language is missing the file, the board default's language is missing the file, and the file doesn't exist in /en. - $language_filename = str_replace($this->lang_path . 'en', $this->lang_path . $this->data['user_lang'], $language_filename); + $language_filename = str_replace($lang_path . 'en', $lang_path . $this->data['user_lang'], $language_filename); trigger_error('Language file ' . $language_filename . ' couldn\'t be opened.', E_USER_ERROR); } else if ($this->lang_name == basename($config['default_lang'])) { // Fall back to the English Language $this->lang_name = 'en'; - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help); + $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); } else if ($this->lang_name == $this->data['user_lang']) { // Fall back to the board default language $this->lang_name = basename($config['default_lang']); - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help); + $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); } // Reset the lang name - $this->lang_name = (file_exists($this->lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); + $this->lang_name = (file_exists($lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); return; } -- cgit v1.2.1 From 8be1500048c2ae811f30e0bd402d7596b60fc2d9 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Fri, 18 Nov 2011 14:48:39 +0100 Subject: [feature/extension-manager] Use "core files" instead of "global files" in docs PHPBB3-10323 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index cbef1af30a..497aaf1141 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1901,7 +1901,7 @@ class user extends session * @param mixed $lang_set specifies the language entries to include * @param bool $use_db internal variable for recursion, do not use * @param bool $use_help internal variable for recursion, do not use - * @param string $ext_name The extension to load language from, or empty for global files + * @param string $ext_name The extension to load language from, or empty for core files * * Examples: * @@ -1952,7 +1952,7 @@ class user extends session /** * Add Language Items from an extension - use_db and use_help are assigned where needed (only use them to force inclusion) * - * @param string $ext_name The extension to load language from, or empty for global files + * @param string $ext_name The extension to load language from, or empty for core files * @param mixed $lang_set specifies the language entries to include * @param bool $use_db internal variable for recursion, do not use * @param bool $use_help internal variable for recursion, do not use -- cgit v1.2.1 From 757fcd3e63535f9fda68cf359f849a44059c7b27 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 10 Sep 2011 03:38:01 +0200 Subject: [ticket/10345] Add a system to allow multiple plural forms See http://wiki.phpbb.com/Plural_Rules for explanation and examples. PHPBB3-10345 --- phpBB/includes/session.php | 170 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 169 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 497aaf1141..cd1975b9d3 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1868,12 +1868,15 @@ class user extends session { if (is_int($args[$i])) { + $use_plural_form = $this->get_plural_form($args[$i]); $numbers = array_keys($lang); foreach ($numbers as $num) { - if ($num > $args[$i]) + if ($num > $use_plural_form) { + // This is basically just some lazy backwards compatible stuff. + // If the key we need to use does not exist, it takes the previous one. break; } @@ -1895,6 +1898,171 @@ class user extends session return call_user_func_array('sprintf', $args); } + /** + * Determine which plural form we should use. + * For some languages this is not as simple as for English. + */ + function get_plural_form($number, $force_rule = false) + { + if ($number == 0) + { + // We use special language strings for 0, so it's "no users" instead of "0 users" + return 0; + } + + // Default to english system + $plural_rule = ($force_rule !== false) ? $force_rule : ((isset($this->lang['PLURAL_RULE'])) ? $this->lang['PLURAL_RULE'] : 1); + $plural_rule = max(0, min($plural_rule, 15)); + + switch ($plural_rule) + { + case 0: + /** + * Families: Asian (Chinese, Japanese, Korean, Vietnamese), Persian, Turkic/Altaic (Turkish), Thai, Lao + * 1 - everything: 1, 2, ... + */ + return 1; + + case 1: + /** + * Families: Germanic (Danish, Dutch, English, Faroese, Frisian, German, Norwegian, Swedish), Finno-Ugric (Estonian, Finnish, Hungarian), Language isolate (Basque), Latin/Greek (Greek), Semitic (Hebrew), Romanic (Italian, Portuguese, Spanish, Catalan) + * 1 - 1 + * 2 - everything else: 2, 3, ... + */ + return ($number == 1) ? 1 : 2; + + case 2: + /** + * Families: Romanic (French, Brazilian Portuguese) + * 1 - 1 normaly this would also apply to 0 + * 2 - everything else: 2, 3, ... + */ + return ($number == 1) ? 1 : 2; + + case 3: + /** + * Families: Baltic (Latvian) + * 1 - ends in 1, not 11: 1, 21, ... 101, 121, ... + * 2 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... + */ + return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : 2; + + case 4: + /** + * Families: Celtic (Scottish Gaelic) + * 1 - is 1 or 11: 1, 11 + * 2 - is 2 or 12: 2, 12 + * 3 - others between 3 and 19: 3, 4, ... 10, 13, ... 18, 19 + * 4 - everything else: 20, 21, ... + */ + return ($number == 1 || $number == 11) ? 1 : (($number == 2 || $number == 12) ? 2 : (($number >= 3 && $number <= 19) ? 3 : 4)); + + case 5: + /** + * Families: Romanic (Romanian) + * 1 - 1 + * 2 - ends in 01-19: 2, 3, ... 19, 101, 102, ... 119, 201, ... + * 3 - everything else: 20, 21, ... + */ + return ($number == 1) ? 1 : ((($number == 0) || (($number % 100 > 0) && ($number % 100 < 20))) ? 2 : 3); + + case 6: + /** + * Families: Baltic (Lithuanian) + * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... + * 2 - ends in 0 or ends in 10-20: 10, 11, 12, ... 19, 20, 30, 40, ... + * 3 - everything else: 2, 3, ... 8, 9, 22, 23, ... 29, 32, 33, ... + */ + return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 < 2) || (($number % 100 >= 10) && ($number % 100 < 20))) ? 2 : 3); + + case 7: + /** + * Families: Slavic (Croatian, Serbian, Russian, Ukrainian) + * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... + * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... + * 3 - everything else: 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 25, 26, ... + */ + return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 10) || ($number % 100 >= 20))) ? 2 : 3); + + case 8: + /** + * Families: Slavic (Slovak, Czech) + * 1 - 1 + * 2 - 2, 3, 4 + * 3 - everything else: 5, 6, 7, ... + */ + return ($number == 1) ? 1 : ((($number >= 2) && ($number <= 4)) ? 2 : 3); + + case 9: + /** + * Families: Slavic (Polish) + * 1 - 1 + * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... 104, 122, ... + * 3 - everything else: 5, 6, ... 11, 12, 13, 14, 15, ... 20, 21, 25, ... + */ + return ($number == 1) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 12) || ($number % 100 > 14))) ? 2 : 3); + + case 10: + /** + * Families: Slavic (Slovenian, Sorbian) + * 1 - ends in 01: 1, 101, 201, ... + * 2 - ends in 02: 2, 102, 202, ... + * 3 - ends in 03-04: 3, 4, 103, 104, 203, 204, ... + * 4 - everything else: 5, 6, 7, 8, 9, 10, 11, ... + */ + return ($number % 100 == 1) ? 1 : (($number % 100 == 2) ? 2 : ((($number % 100 == 3) || ($number % 100 == 4)) ? 3 : 4)); + + case 11: + /** + * Families: Celtic (Irish Gaeilge) + * 1 - 1 + * 2 - 2 + * 3 - is 3-6: 3, 4, 5, 6 + * 4 - is 7-10: 7, 8, 9, 10 + * 5 - everything else: 0, 11, 12, ... + */ + return ($number == 1) ? 1 : (($number == 2) ? 2 : (($number >= 3 && $number <= 6) ? 3 : (($number >= 7 && $number <= 10) ? 4 : 5))); + + case 12: + /** + * Families: Semitic (Arabic) + * 1 - 1 + * 2 - 2 + * 3 - ends in 03-10: 3, 4, ... 10, 103, 104, ... 110, 203, 204, ... + * 4 - ends in 11-99: 11, ... 99, 111, 112, ... + * 5 - everything else: 100, 101, 102, 200, 201, 202, ... + */ + return ($number == 1) ? 1 : (($number == 2) ? 2 : ((($number % 100 >= 3) && ($number % 100 <= 10)) ? 3 : ((($number % 100 >= 11) && ($number % 100 <= 99)) ? 4 : 5))); + + case 13: + /** + * Families: Semitic (Maltese) + * 1 - 1 + * 2 - ends in 01-10: 2, 3, ... 9, 10, 101, 102, ... + * 3 - ends in 11-19: 11, 12, ... 18, 19, 111, 112, ... + * 4 - everything else: 20, 21, ... + */ + return ($number == 1) ? 1 : ((($number == 0) || (($number % 100 > 1) && ($number % 100 < 11))) ? 2 : ((($number % 100 > 10) && ($number % 100 < 20)) ? 3 : 4)); + + case 14: + /** + * Families: Slavic (Macedonian) + * 1 - ends in 1: 1, 11, 21, ... + * 2 - ends in 2: 2, 12, 22, ... + * 3 - everything else: 3, 4, ... 10, 13, 14, ... 20, 23, ... + */ + return ($number % 10 == 1) ? 1 : (($number % 10 == 2) ? 2 : 3); + + case 15: + /** + * Families: Icelandic + * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, 131, ... + * 2 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... + */ + return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : 2; + } + } + /** * Add Language Items - use_db and use_help are assigned where needed (only use them to force inclusion) * -- cgit v1.2.1 From f16d72fcfb9a7621bf64b82cc2c710c6e484d965 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 13 Sep 2011 01:46:00 +0200 Subject: [ticket/10345] Fix documentation on the new function and the switch Also do not min/max the value, but throw an error on an invalid Plural rule. PHPBB3-10345 --- phpBB/includes/session.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index cd1975b9d3..4e5257506c 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1901,6 +1901,10 @@ class user extends session /** * Determine which plural form we should use. * For some languages this is not as simple as for English. + * + * @param $number int The number we want to get the plural case for + * @param $force_rule mixed False to use the plural rule of the language package + * or an integer to force a certain plural rule */ function get_plural_form($number, $force_rule = false) { @@ -1910,10 +1914,17 @@ class user extends session return 0; } - // Default to english system + // Default to English system $plural_rule = ($force_rule !== false) ? $force_rule : ((isset($this->lang['PLURAL_RULE'])) ? $this->lang['PLURAL_RULE'] : 1); - $plural_rule = max(0, min($plural_rule, 15)); + if ($plural_rule > 15 || $plural_rule < 0) + { + trigger_error('INVALID_PLURAL_RULE'); + } + /** + * The following plural rules are based on a list published by the Mozilla Developer Network + * https://developer.mozilla.org/en/Localization_and_Plurals + */ switch ($plural_rule) { case 0: -- cgit v1.2.1 From 0734dd3c42f573d819c058cd6c6b55d035d1836d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 13 Sep 2011 15:34:40 +0200 Subject: [ticket/10345] Remove '1 hour ago' string which conflicted with plural rules This message was only viewed for 1 second anyway, as floor($delta / 60) is only 60 for 3600 to 3660, but the code was limited to $delta <= 3600 PHPBB3-10345 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 4e5257506c..4261a64169 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2278,9 +2278,9 @@ class user extends session // Zone offset $zone_offset = $this->timezone + $this->dst; - // Show date <= 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future + // Show date < 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future // A small tolerence is given for times in the future but in the same minute are displayed as '< than a minute ago' - if ($delta <= 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO'])) + if ($delta < 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO'])) { return $this->lang(array('datetime', 'AGO'), max(0, (int) floor($delta / 60))); } -- cgit v1.2.1 From 88ae40a4b19360645d5e5a614cc378e7cce4afe3 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 14 Sep 2011 00:28:52 +0200 Subject: [ticket/10345] Make use of the plural function in some basic places PHPBB3-10345 --- phpBB/includes/session.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 4261a64169..0733e4f7fb 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1821,6 +1821,9 @@ class user extends session * This function/functionality is inspired by SHS` and Ashe. * * Example call: $user->lang('NUM_POSTS_IN_QUEUE', 1); + * + * If the first parameter is an array, the parts are used as keys and subkeys to get the lang: + * Example: $user->lang(array('datetime', 'AGO'), 1) uses $user->lang['datetime']['AGO'] as lang. */ function lang() { -- cgit v1.2.1 From 2de7153afd428f44d1c4c012ffe0bf072e449c64 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 20 Sep 2011 01:39:21 +0200 Subject: [ticket/10345] Allow float as array key and add some tests Added tests for the fallback when a key is missing and the float-feature. PHPBB3-10345 --- phpBB/includes/session.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 0733e4f7fb..3e3c9dc072 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1869,7 +1869,7 @@ class user extends session // We now get the first number passed and will select the key based upon this number for ($i = 1, $num_args = sizeof($args); $i < $num_args; $i++) { - if (is_int($args[$i])) + if (is_int($args[$i]) || is_float($args[$i])) { $use_plural_form = $this->get_plural_form($args[$i]); $numbers = array_keys($lang); @@ -1905,12 +1905,14 @@ class user extends session * Determine which plural form we should use. * For some languages this is not as simple as for English. * - * @param $number int The number we want to get the plural case for + * @param $number int|float The number we want to get the plural case for * @param $force_rule mixed False to use the plural rule of the language package * or an integer to force a certain plural rule */ function get_plural_form($number, $force_rule = false) { + $number = (int) $number; + if ($number == 0) { // We use special language strings for 0, so it's "no users" instead of "0 users" -- cgit v1.2.1 From 4c2c842a7dc2a4ce01eae23790af305c73de79fa Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 20 Sep 2011 18:21:49 +0200 Subject: [ticket/10345] Fix some documentation issues. PHPBB3-10345 --- phpBB/includes/session.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 3e3c9dc072..efb2059922 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1822,8 +1822,8 @@ class user extends session * * Example call: $user->lang('NUM_POSTS_IN_QUEUE', 1); * - * If the first parameter is an array, the parts are used as keys and subkeys to get the lang: - * Example: $user->lang(array('datetime', 'AGO'), 1) uses $user->lang['datetime']['AGO'] as lang. + * If the first parameter is an array, the elements are used as keys and subkeys to get the language entry: + * Example: $user->lang(array('datetime', 'AGO'), 1) uses $user->lang['datetime']['AGO'] as language entry. */ function lang() { @@ -1878,8 +1878,7 @@ class user extends session { if ($num > $use_plural_form) { - // This is basically just some lazy backwards compatible stuff. - // If the key we need to use does not exist, it takes the previous one. + // If the key we need to use does not exist, we fall back to the previous one. break; } @@ -1908,6 +1907,7 @@ class user extends session * @param $number int|float The number we want to get the plural case for * @param $force_rule mixed False to use the plural rule of the language package * or an integer to force a certain plural rule + * @return int The plural-case we need to use for the number plural-rule combination */ function get_plural_form($number, $force_rule = false) { @@ -1915,7 +1915,7 @@ class user extends session if ($number == 0) { - // We use special language strings for 0, so it's "no users" instead of "0 users" + // We allow each translation using plural forms to specify a version for the case of 0 things, so that "0 users" may be displayed as "No users". return 0; } -- cgit v1.2.1 From 33e3bf4f64c3c2734bf97bcb204255cfdab37773 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 21 Sep 2011 00:36:18 +0200 Subject: [ticket/10345] Make the use of the 0-case optional And correctly determinate the rule otherwise PHPBB3-10345 --- phpBB/includes/session.php | 74 +++++++++++++++++++++++++--------------------- 1 file changed, 40 insertions(+), 34 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index efb2059922..c78d0f819a 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1871,20 +1871,30 @@ class user extends session { if (is_int($args[$i]) || is_float($args[$i])) { - $use_plural_form = $this->get_plural_form($args[$i]); - $numbers = array_keys($lang); - - foreach ($numbers as $num) + if ($args[$i] == 0 && isset($lang[0])) + { + // We allow each translation using plural forms to specify a version for the case of 0 things, + // so that "0 users" may be displayed as "No users". + $key_found = 0; + break; + } + else { - if ($num > $use_plural_form) + $use_plural_form = $this->get_plural_form($args[$i]); + $numbers = array_keys($lang); + + foreach ($numbers as $num) { - // If the key we need to use does not exist, we fall back to the previous one. - break; - } + if ($num > $use_plural_form) + { + // If the key we need to use does not exist, we fall back to the previous one. + break; + } - $key_found = $num; + $key_found = $num; + } + break; } - break; } } @@ -1913,12 +1923,6 @@ class user extends session { $number = (int) $number; - if ($number == 0) - { - // We allow each translation using plural forms to specify a version for the case of 0 things, so that "0 users" may be displayed as "No users". - return 0; - } - // Default to English system $plural_rule = ($force_rule !== false) ? $force_rule : ((isset($this->lang['PLURAL_RULE'])) ? $this->lang['PLURAL_RULE'] : 1); if ($plural_rule > 15 || $plural_rule < 0) @@ -1935,7 +1939,7 @@ class user extends session case 0: /** * Families: Asian (Chinese, Japanese, Korean, Vietnamese), Persian, Turkic/Altaic (Turkish), Thai, Lao - * 1 - everything: 1, 2, ... + * 1 - everything: 0, 1, 2, ... */ return 1; @@ -1943,25 +1947,26 @@ class user extends session /** * Families: Germanic (Danish, Dutch, English, Faroese, Frisian, German, Norwegian, Swedish), Finno-Ugric (Estonian, Finnish, Hungarian), Language isolate (Basque), Latin/Greek (Greek), Semitic (Hebrew), Romanic (Italian, Portuguese, Spanish, Catalan) * 1 - 1 - * 2 - everything else: 2, 3, ... + * 2 - everything else: 0, 2, 3, ... */ return ($number == 1) ? 1 : 2; case 2: /** * Families: Romanic (French, Brazilian Portuguese) - * 1 - 1 normaly this would also apply to 0 + * 1 - 0, 1 * 2 - everything else: 2, 3, ... */ - return ($number == 1) ? 1 : 2; + return (($number == 0) || ($number == 1)) ? 1 : 2; case 3: /** * Families: Baltic (Latvian) - * 1 - ends in 1, not 11: 1, 21, ... 101, 121, ... - * 2 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... + * 1 - 0 + * 2 - ends in 1, not 11: 1, 21, ... 101, 121, ... + * 3 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... */ - return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : 2; + return ($number == 0) ? 1 : ((($number % 10 == 1) && ($number % 100 != 11)) ? 2 : 3); case 4: /** @@ -1969,7 +1974,7 @@ class user extends session * 1 - is 1 or 11: 1, 11 * 2 - is 2 or 12: 2, 12 * 3 - others between 3 and 19: 3, 4, ... 10, 13, ... 18, 19 - * 4 - everything else: 20, 21, ... + * 4 - everything else: 0, 20, 21, ... */ return ($number == 1 || $number == 11) ? 1 : (($number == 2 || $number == 12) ? 2 : (($number >= 3 && $number <= 19) ? 3 : 4)); @@ -1977,7 +1982,7 @@ class user extends session /** * Families: Romanic (Romanian) * 1 - 1 - * 2 - ends in 01-19: 2, 3, ... 19, 101, 102, ... 119, 201, ... + * 2 - is 0 or ends in 01-19: 0, 2, 3, ... 19, 101, 102, ... 119, 201, ... * 3 - everything else: 20, 21, ... */ return ($number == 1) ? 1 : ((($number == 0) || (($number % 100 > 0) && ($number % 100 < 20))) ? 2 : 3); @@ -1986,7 +1991,7 @@ class user extends session /** * Families: Baltic (Lithuanian) * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... - * 2 - ends in 0 or ends in 10-20: 10, 11, 12, ... 19, 20, 30, 40, ... + * 2 - ends in 0 or ends in 10-20: 0, 10, 11, 12, ... 19, 20, 30, 40, ... * 3 - everything else: 2, 3, ... 8, 9, 22, 23, ... 29, 32, 33, ... */ return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 < 2) || (($number % 100 >= 10) && ($number % 100 < 20))) ? 2 : 3); @@ -1996,7 +2001,7 @@ class user extends session * Families: Slavic (Croatian, Serbian, Russian, Ukrainian) * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... - * 3 - everything else: 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 25, 26, ... + * 3 - everything else: 0, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 25, 26, ... */ return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 10) || ($number % 100 >= 20))) ? 2 : 3); @@ -2005,7 +2010,7 @@ class user extends session * Families: Slavic (Slovak, Czech) * 1 - 1 * 2 - 2, 3, 4 - * 3 - everything else: 5, 6, 7, ... + * 3 - everything else: 0, 5, 6, 7, ... */ return ($number == 1) ? 1 : ((($number >= 2) && ($number <= 4)) ? 2 : 3); @@ -2014,7 +2019,7 @@ class user extends session * Families: Slavic (Polish) * 1 - 1 * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... 104, 122, ... - * 3 - everything else: 5, 6, ... 11, 12, 13, 14, 15, ... 20, 21, 25, ... + * 3 - everything else: 0, 5, 6, ... 11, 12, 13, 14, 15, ... 20, 21, 25, ... */ return ($number == 1) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 12) || ($number % 100 > 14))) ? 2 : 3); @@ -2024,7 +2029,7 @@ class user extends session * 1 - ends in 01: 1, 101, 201, ... * 2 - ends in 02: 2, 102, 202, ... * 3 - ends in 03-04: 3, 4, 103, 104, 203, 204, ... - * 4 - everything else: 5, 6, 7, 8, 9, 10, 11, ... + * 4 - everything else: 0, 5, 6, 7, 8, 9, 10, 11, ... */ return ($number % 100 == 1) ? 1 : (($number % 100 == 2) ? 2 : ((($number % 100 == 3) || ($number % 100 == 4)) ? 3 : 4)); @@ -2047,14 +2052,15 @@ class user extends session * 3 - ends in 03-10: 3, 4, ... 10, 103, 104, ... 110, 203, 204, ... * 4 - ends in 11-99: 11, ... 99, 111, 112, ... * 5 - everything else: 100, 101, 102, 200, 201, 202, ... + * 6 - 0 */ - return ($number == 1) ? 1 : (($number == 2) ? 2 : ((($number % 100 >= 3) && ($number % 100 <= 10)) ? 3 : ((($number % 100 >= 11) && ($number % 100 <= 99)) ? 4 : 5))); + return ($number == 1) ? 1 : (($number == 2) ? 2 : ((($number % 100 >= 3) && ($number % 100 <= 10)) ? 3 : ((($number % 100 >= 11) && ($number % 100 <= 99)) ? 4 : (($number != 0) ? 5 : 6)))); case 13: /** * Families: Semitic (Maltese) * 1 - 1 - * 2 - ends in 01-10: 2, 3, ... 9, 10, 101, 102, ... + * 2 - is 0 or ends in 01-10: 0, 2, 3, ... 9, 10, 101, 102, ... * 3 - ends in 11-19: 11, 12, ... 18, 19, 111, 112, ... * 4 - everything else: 20, 21, ... */ @@ -2065,7 +2071,7 @@ class user extends session * Families: Slavic (Macedonian) * 1 - ends in 1: 1, 11, 21, ... * 2 - ends in 2: 2, 12, 22, ... - * 3 - everything else: 3, 4, ... 10, 13, 14, ... 20, 23, ... + * 3 - everything else: 0, 3, 4, ... 10, 13, 14, ... 20, 23, ... */ return ($number % 10 == 1) ? 1 : (($number % 10 == 2) ? 2 : 3); @@ -2073,7 +2079,7 @@ class user extends session /** * Families: Icelandic * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, 131, ... - * 2 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... + * 2 - everything else: 0, 2, 3, ... 10, 11, 12, ... 20, 22, ... */ return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : 2; } -- cgit v1.2.1 From 454280c6e83a3bf41dbeae2382bb8d36fc8e55e1 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 22 Nov 2011 14:10:16 +0100 Subject: [ticket/10345] Move rule determination code into a new function PHPBB3-10345 --- phpBB/includes/session.php | 154 +-------------------------------------------- 1 file changed, 1 insertion(+), 153 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index c78d0f819a..52eecd695e 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1930,159 +1930,7 @@ class user extends session trigger_error('INVALID_PLURAL_RULE'); } - /** - * The following plural rules are based on a list published by the Mozilla Developer Network - * https://developer.mozilla.org/en/Localization_and_Plurals - */ - switch ($plural_rule) - { - case 0: - /** - * Families: Asian (Chinese, Japanese, Korean, Vietnamese), Persian, Turkic/Altaic (Turkish), Thai, Lao - * 1 - everything: 0, 1, 2, ... - */ - return 1; - - case 1: - /** - * Families: Germanic (Danish, Dutch, English, Faroese, Frisian, German, Norwegian, Swedish), Finno-Ugric (Estonian, Finnish, Hungarian), Language isolate (Basque), Latin/Greek (Greek), Semitic (Hebrew), Romanic (Italian, Portuguese, Spanish, Catalan) - * 1 - 1 - * 2 - everything else: 0, 2, 3, ... - */ - return ($number == 1) ? 1 : 2; - - case 2: - /** - * Families: Romanic (French, Brazilian Portuguese) - * 1 - 0, 1 - * 2 - everything else: 2, 3, ... - */ - return (($number == 0) || ($number == 1)) ? 1 : 2; - - case 3: - /** - * Families: Baltic (Latvian) - * 1 - 0 - * 2 - ends in 1, not 11: 1, 21, ... 101, 121, ... - * 3 - everything else: 2, 3, ... 10, 11, 12, ... 20, 22, ... - */ - return ($number == 0) ? 1 : ((($number % 10 == 1) && ($number % 100 != 11)) ? 2 : 3); - - case 4: - /** - * Families: Celtic (Scottish Gaelic) - * 1 - is 1 or 11: 1, 11 - * 2 - is 2 or 12: 2, 12 - * 3 - others between 3 and 19: 3, 4, ... 10, 13, ... 18, 19 - * 4 - everything else: 0, 20, 21, ... - */ - return ($number == 1 || $number == 11) ? 1 : (($number == 2 || $number == 12) ? 2 : (($number >= 3 && $number <= 19) ? 3 : 4)); - - case 5: - /** - * Families: Romanic (Romanian) - * 1 - 1 - * 2 - is 0 or ends in 01-19: 0, 2, 3, ... 19, 101, 102, ... 119, 201, ... - * 3 - everything else: 20, 21, ... - */ - return ($number == 1) ? 1 : ((($number == 0) || (($number % 100 > 0) && ($number % 100 < 20))) ? 2 : 3); - - case 6: - /** - * Families: Baltic (Lithuanian) - * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... - * 2 - ends in 0 or ends in 10-20: 0, 10, 11, 12, ... 19, 20, 30, 40, ... - * 3 - everything else: 2, 3, ... 8, 9, 22, 23, ... 29, 32, 33, ... - */ - return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 < 2) || (($number % 100 >= 10) && ($number % 100 < 20))) ? 2 : 3); - - case 7: - /** - * Families: Slavic (Croatian, Serbian, Russian, Ukrainian) - * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, ... - * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... - * 3 - everything else: 0, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 25, 26, ... - */ - return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 10) || ($number % 100 >= 20))) ? 2 : 3); - - case 8: - /** - * Families: Slavic (Slovak, Czech) - * 1 - 1 - * 2 - 2, 3, 4 - * 3 - everything else: 0, 5, 6, 7, ... - */ - return ($number == 1) ? 1 : ((($number >= 2) && ($number <= 4)) ? 2 : 3); - - case 9: - /** - * Families: Slavic (Polish) - * 1 - 1 - * 2 - ends in 2-4, not 12-14: 2, 3, 4, 22, 23, 24, 32, ... 104, 122, ... - * 3 - everything else: 0, 5, 6, ... 11, 12, 13, 14, 15, ... 20, 21, 25, ... - */ - return ($number == 1) ? 1 : ((($number % 10 >= 2) && ($number % 10 <= 4) && (($number % 100 < 12) || ($number % 100 > 14))) ? 2 : 3); - - case 10: - /** - * Families: Slavic (Slovenian, Sorbian) - * 1 - ends in 01: 1, 101, 201, ... - * 2 - ends in 02: 2, 102, 202, ... - * 3 - ends in 03-04: 3, 4, 103, 104, 203, 204, ... - * 4 - everything else: 0, 5, 6, 7, 8, 9, 10, 11, ... - */ - return ($number % 100 == 1) ? 1 : (($number % 100 == 2) ? 2 : ((($number % 100 == 3) || ($number % 100 == 4)) ? 3 : 4)); - - case 11: - /** - * Families: Celtic (Irish Gaeilge) - * 1 - 1 - * 2 - 2 - * 3 - is 3-6: 3, 4, 5, 6 - * 4 - is 7-10: 7, 8, 9, 10 - * 5 - everything else: 0, 11, 12, ... - */ - return ($number == 1) ? 1 : (($number == 2) ? 2 : (($number >= 3 && $number <= 6) ? 3 : (($number >= 7 && $number <= 10) ? 4 : 5))); - - case 12: - /** - * Families: Semitic (Arabic) - * 1 - 1 - * 2 - 2 - * 3 - ends in 03-10: 3, 4, ... 10, 103, 104, ... 110, 203, 204, ... - * 4 - ends in 11-99: 11, ... 99, 111, 112, ... - * 5 - everything else: 100, 101, 102, 200, 201, 202, ... - * 6 - 0 - */ - return ($number == 1) ? 1 : (($number == 2) ? 2 : ((($number % 100 >= 3) && ($number % 100 <= 10)) ? 3 : ((($number % 100 >= 11) && ($number % 100 <= 99)) ? 4 : (($number != 0) ? 5 : 6)))); - - case 13: - /** - * Families: Semitic (Maltese) - * 1 - 1 - * 2 - is 0 or ends in 01-10: 0, 2, 3, ... 9, 10, 101, 102, ... - * 3 - ends in 11-19: 11, 12, ... 18, 19, 111, 112, ... - * 4 - everything else: 20, 21, ... - */ - return ($number == 1) ? 1 : ((($number == 0) || (($number % 100 > 1) && ($number % 100 < 11))) ? 2 : ((($number % 100 > 10) && ($number % 100 < 20)) ? 3 : 4)); - - case 14: - /** - * Families: Slavic (Macedonian) - * 1 - ends in 1: 1, 11, 21, ... - * 2 - ends in 2: 2, 12, 22, ... - * 3 - everything else: 0, 3, 4, ... 10, 13, 14, ... 20, 23, ... - */ - return ($number % 10 == 1) ? 1 : (($number % 10 == 2) ? 2 : 3); - - case 15: - /** - * Families: Icelandic - * 1 - ends in 1, not 11: 1, 21, 31, ... 101, 121, 131, ... - * 2 - everything else: 0, 2, 3, ... 10, 11, 12, ... 20, 22, ... - */ - return (($number % 10 == 1) && ($number % 100 != 11)) ? 1 : 2; - } + return phpbb_get_plural_form($plural_rule, $number); } /** -- cgit v1.2.1 From b195fce0a47932775dfd47159c6f40509318dbaf Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 30 Nov 2011 21:06:04 +0100 Subject: [ticket/10345] Remove doubled check for valid plural rule PHPBB3-10345 --- phpBB/includes/session.php | 4 ---- 1 file changed, 4 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 52eecd695e..eb84cd81fe 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1925,10 +1925,6 @@ class user extends session // Default to English system $plural_rule = ($force_rule !== false) ? $force_rule : ((isset($this->lang['PLURAL_RULE'])) ? $this->lang['PLURAL_RULE'] : 1); - if ($plural_rule > 15 || $plural_rule < 0) - { - trigger_error('INVALID_PLURAL_RULE'); - } return phpbb_get_plural_form($plural_rule, $number); } -- cgit v1.2.1 From dd99675f7223b0fb659e4146544969e2aa978fa9 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 30 Nov 2011 21:07:53 +0100 Subject: [ticket/10345] Document behaviour for floating numbers on phpbb_get_plural_form The numbers are floored by casting to int. PHPBB3-10345 --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index eb84cd81fe..808d1a4a7f 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1914,7 +1914,7 @@ class user extends session * Determine which plural form we should use. * For some languages this is not as simple as for English. * - * @param $number int|float The number we want to get the plural case for + * @param $number int|float The number we want to get the plural case for. Float numbers are floored. * @param $force_rule mixed False to use the plural rule of the language package * or an integer to force a certain plural rule * @return int The plural-case we need to use for the number plural-rule combination -- cgit v1.2.1 From 65e6ab55302e5d0c30fa86e06a460fed8167b84a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 30 Nov 2011 21:23:00 +0100 Subject: [ticket/10345] Return the language key when the key has an empty array PHPBB3-10345 --- phpBB/includes/session.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 808d1a4a7f..401cb0d371 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1862,6 +1862,11 @@ class user extends session $args[0] = $lang; return call_user_func_array('sprintf', $args); } + else if (sizeof($lang) == 0) + { + // If the language entry is an empty array, we just return the language key + return $args[0]; + } // It is an array... now handle different nullar/singular/plural forms $key_found = false; -- cgit v1.2.1 From c1311faebf01db1cd0f27420af31c326b0270d37 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 30 Nov 2011 21:36:56 +0100 Subject: [ticket/10345] Check directly whether the key to use exists PHPBB3-10345 --- phpBB/includes/session.php | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 401cb0d371..fcbe8aed2c 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1886,17 +1886,25 @@ class user extends session else { $use_plural_form = $this->get_plural_form($args[$i]); - $numbers = array_keys($lang); - - foreach ($numbers as $num) + if (isset($lang[$use_plural_form])) { - if ($num > $use_plural_form) + // The key we should use exists, so we use it. + $key_found = $use_plural_form; + } + else + { + // If the key we need to use does not exist, we fall back to the previous one. + $numbers = array_keys($lang); + + foreach ($numbers as $num) { - // If the key we need to use does not exist, we fall back to the previous one. - break; - } + if ($num > $use_plural_form) + { + break; + } - $key_found = $num; + $key_found = $num; + } } break; } -- cgit v1.2.1 From 38c2d4da35b6c00e2ef2f6b271eda2c020974eee Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Fri, 23 Dec 2011 02:24:11 -0500 Subject: [ticket/10428] Compare $data to false strictly. Users may pass 0 or '' for $data, this should cause the user-specified $data code path to be taken. PHPBB3-10428 --- phpBB/includes/session.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index caadcbafaa..50b6ac7406 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2343,7 +2343,7 @@ class user extends session { if (!isset($this->keyvalues[$key])) { - $var = ($data) ? $data : $this->data['user_options']; + $var = ($data !== false) ? $data : $this->data['user_options']; $this->keyvalues[$key] = ($var & 1 << $this->keyoptions[$key]) ? true : false; } @@ -2355,7 +2355,7 @@ class user extends session */ function optionset($key, $value, $data = false) { - $var = ($data) ? $data : $this->data['user_options']; + $var = ($data !== false) ? $data : $this->data['user_options']; if ($value && !($var & 1 << $this->keyoptions[$key])) { @@ -2367,10 +2367,10 @@ class user extends session } else { - return ($data) ? $var : false; + return ($data !== false) ? $var : false; } - if (!$data) + if ($data === false) { $this->data['user_options'] = $var; return true; -- cgit v1.2.1 From 16ae99eec8e34ec6d542c1e4d82bd288bc0d0026 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Fri, 23 Dec 2011 02:29:48 -0500 Subject: [ticket/10428] Dispose of $this->keyvalues cache for optionget. It does not work properly when custom $data is provided, and making it work will make the code so complicated that any benefits from having this cache in the first place will be nullified. Just get rid of it. PHPBB3-10428 --- phpBB/includes/session.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 50b6ac7406..d988426a87 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1507,7 +1507,6 @@ class user extends session // Able to add new options (up to id 31) var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17); - var $keyvalues = array(); /** * Constructor to set the lang path @@ -2341,13 +2340,8 @@ class user extends session */ function optionget($key, $data = false) { - if (!isset($this->keyvalues[$key])) - { - $var = ($data !== false) ? $data : $this->data['user_options']; - $this->keyvalues[$key] = ($var & 1 << $this->keyoptions[$key]) ? true : false; - } - - return $this->keyvalues[$key]; + $var = ($data !== false) ? $data : $this->data['user_options']; + return ($var & 1 << $this->keyoptions[$key]) ? true : false; } /** -- cgit v1.2.1 From 99c102344ebe3b4a6c18e36c8bea8f3bdd997f2e Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Fri, 23 Dec 2011 12:52:51 -0500 Subject: [ticket/10428] Use phpbb_optionget/set in optionget/set for DRYness. PHPBB3-10428 --- phpBB/includes/session.php | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index d988426a87..457071e01e 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2341,7 +2341,7 @@ class user extends session function optionget($key, $data = false) { $var = ($data !== false) ? $data : $this->data['user_options']; - return ($var & 1 << $this->keyoptions[$key]) ? true : false; + return phpbb_optionget($this->keyoptions[$key], $var); } /** @@ -2351,27 +2351,23 @@ class user extends session { $var = ($data !== false) ? $data : $this->data['user_options']; - if ($value && !($var & 1 << $this->keyoptions[$key])) - { - $var += 1 << $this->keyoptions[$key]; - } - else if (!$value && ($var & 1 << $this->keyoptions[$key])) - { - $var -= 1 << $this->keyoptions[$key]; - } - else - { - return ($data !== false) ? $var : false; - } + $new_var = phpbb_optionset($this->keyoptions[$key], $value, $var); if ($data === false) { - $this->data['user_options'] = $var; - return true; + if ($new_var != $var) + { + $this->data['user_options'] = $new_var; + return true; + } + else + { + return false; + } } else { - return $var; + return $new_var; } } -- cgit v1.2.1 From 10453b67525a0e26a3c859df4dab46907189af72 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Fri, 23 Dec 2011 22:59:55 -0500 Subject: [ticket/10428] Documentation for optionget/optionset functions. PHPBB3-10428 --- phpBB/includes/session.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 457071e01e..a894242a39 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2336,7 +2336,11 @@ class user extends session } /** - * Get option bit field from user options + * Get option bit field from user options. + * + * @param int $key option key, as defined in $keyoptions property. + * @param int $data bit field value to use, or false to use $this->data['user_options'] + * @return bool true if the option is set in the bit field, false otherwise */ function optionget($key, $data = false) { @@ -2345,7 +2349,16 @@ class user extends session } /** - * Set option bit field for user options + * Set option bit field for user options. + * + * @param int $key Option key, as defined in $keyoptions property. + * @param bool $value True to set the option, false to clear the option. + * @param int $data Current bit field value, or false to use $this->data['user_options'] + * @return int|bool If $data is false, the bit field is modified and + * written back to $this->data['user_options'], and + * return value is true if the bit field changed and + * false otherwise. If $data is not false, the new + * bitfield value is returned. */ function optionset($key, $value, $data = false) { -- cgit v1.2.1 From 7a04c9048c110f0bd21ea3e9e869e17b408d640e Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 31 Dec 2011 13:32:52 +0000 Subject: [ticket/9916] Updating header license and removing Version $Id$ PHPBB3-9916 --- phpBB/includes/session.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index fcbe8aed2c..ae992800d5 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2,9 +2,8 @@ /** * * @package phpBB3 -* @version $Id$ * @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ -- cgit v1.2.1 From ae7d290a2222455589d1dcbfba650f789acda508 Mon Sep 17 00:00:00 2001 From: Vjacheslav Trushkin Date: Wed, 14 Mar 2012 23:24:16 +0200 Subject: [feature/merging-style-components] Updating PHP files Removing theme and template entries in all files, except for acp styles section PHPBB3-10632 --- phpBB/includes/session.php | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 6dad068ecb..cd6f17154a 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1653,11 +1653,9 @@ class user extends session $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } - $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, t.template_inherits_id, t.template_inherit_path, c.theme_path, c.theme_name, c.theme_id - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c - WHERE s.style_id = $style - AND t.template_id = s.template_id - AND c.theme_id = s.theme_id"; + $sql = 'SELECT * + FROM ' . STYLES_TABLE . " s + WHERE s.style_id = $style"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -1672,11 +1670,9 @@ class user extends session WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); - $sql = 'SELECT s.style_id, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_id - FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . " c - WHERE s.style_id = $style - AND t.template_id = s.template_id - AND c.theme_id = s.theme_id"; + $sql = 'SELECT * + FROM ' . STYLES_TABLE . " s + WHERE s.style_id = $style"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); -- cgit v1.2.1 From c83f386c923fdb0e2823e7f742561a44a6f0f6ed Mon Sep 17 00:00:00 2001 From: Vjacheslav Trushkin Date: Thu, 15 Mar 2012 13:41:23 +0200 Subject: [feature/merging-style-components] Changing $style to $style_id Changing $style to $style_id in user::setup to avoid conflict with new global style variable PHPBB3-10632 --- phpBB/includes/session.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index cd6f17154a..f2956243e2 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1568,7 +1568,7 @@ class user extends session /** * Setup basic user-specific items (style, language, ...) */ - function setup($lang_set = false, $style = false) + function setup($lang_set = false, $style_id = false) { global $db, $template, $config, $auth, $phpEx, $phpbb_root_path, $cache; @@ -1643,36 +1643,36 @@ class user extends session { global $SID, $_EXTRA_URL; - $style = $style_request; - $SID .= '&style=' . $style; - $_EXTRA_URL = array('style=' . $style); + $style_id = $style_request; + $SID .= '&style=' . $style_id; + $_EXTRA_URL = array('style=' . $style_id); } else { // Set up style - $style = ($style) ? $style : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); + $style_id = ($style_id) ? $style_id : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); } $sql = 'SELECT * FROM ' . STYLES_TABLE . " s - WHERE s.style_id = $style"; + WHERE s.style_id = $style_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); // User has wrong style - if (!$this->theme && $style == $this->data['user_style']) + if (!$this->theme && $style_id == $this->data['user_style']) { - $style = $this->data['user_style'] = $config['default_style']; + $style_id = $this->data['user_style'] = $config['default_style']; $sql = 'UPDATE ' . USERS_TABLE . " - SET user_style = $style + SET user_style = $style_id WHERE user_id = {$this->data['user_id']}"; $db->sql_query($sql); $sql = 'SELECT * FROM ' . STYLES_TABLE . " s - WHERE s.style_id = $style"; + WHERE s.style_id = $style_id"; $result = $db->sql_query($sql, 3600); $this->theme = $db->sql_fetchrow($result); $db->sql_freeresult($result); -- cgit v1.2.1 From fd96f97dc3c659e1d2e9b58420d652ad79387fbf Mon Sep 17 00:00:00 2001 From: Vjacheslav Trushkin Date: Thu, 15 Mar 2012 21:11:34 +0200 Subject: [feature/merging-style-components] Updating style initialization Changing template initialization to style initialization. PHPBB3-10632 --- phpBB/includes/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index f2956243e2..2fd2efe9b2 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1570,7 +1570,7 @@ class user extends session */ function setup($lang_set = false, $style_id = false) { - global $db, $template, $config, $auth, $phpEx, $phpbb_root_path, $cache; + global $db, $style, $template, $config, $auth, $phpEx, $phpbb_root_path, $cache; if ($this->data['user_id'] != ANONYMOUS) { @@ -1704,7 +1704,7 @@ class user extends session } } - $template->set_template(); + $style->set_style(); $this->img_lang = $this->lang_name; -- cgit v1.2.1 From 6deb7b3671c29ab7ce1db6e11b5c6be0950d265f Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 31 Mar 2012 02:50:19 +0200 Subject: [feature/class-prefix] Rename user and session to phpbb_* PHPBB-10609 --- phpBB/includes/session.php | 838 +-------------------------------------------- 1 file changed, 1 insertion(+), 837 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 2fd2efe9b2..bcdff54457 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -19,7 +19,7 @@ if (!defined('IN_PHPBB')) * Session class * @package phpBB3 */ -class session +class phpbb_session { var $cookie_data = array(); var $page = array(); @@ -1511,839 +1511,3 @@ class session $db->sql_query($sql); } } - - -/** -* Base user class -* -* This is the overarching class which contains (through session extend) -* all methods utilised for user functionality during a session. -* -* @package phpBB3 -*/ -class user extends session -{ - var $lang = array(); - var $help = array(); - var $theme = array(); - var $date_format; - var $timezone; - var $dst; - - var $lang_name = false; - var $lang_id = false; - var $lang_path; - var $img_lang; - var $img_array = array(); - - // Able to add new options (up to id 31) - var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'sig_bbcode' => 15, 'sig_smilies' => 16, 'sig_links' => 17); - - /** - * Constructor to set the lang path - */ - function user() - { - global $phpbb_root_path; - - $this->lang_path = $phpbb_root_path . 'language/'; - } - - /** - * Function to set custom language path (able to use directory outside of phpBB) - * - * @param string $lang_path New language path used. - * @access public - */ - function set_custom_lang_path($lang_path) - { - $this->lang_path = $lang_path; - - if (substr($this->lang_path, -1) != '/') - { - $this->lang_path .= '/'; - } - } - - /** - * Setup basic user-specific items (style, language, ...) - */ - function setup($lang_set = false, $style_id = false) - { - global $db, $style, $template, $config, $auth, $phpEx, $phpbb_root_path, $cache; - - if ($this->data['user_id'] != ANONYMOUS) - { - $this->lang_name = (file_exists($this->lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); - - $this->date_format = $this->data['user_dateformat']; - $this->timezone = $this->data['user_timezone'] * 3600; - $this->dst = $this->data['user_dst'] * 3600; - } - else - { - $this->lang_name = basename($config['default_lang']); - $this->date_format = $config['default_dateformat']; - $this->timezone = $config['board_timezone'] * 3600; - $this->dst = $config['board_dst'] * 3600; - - /** - * If a guest user is surfing, we try to guess his/her language first by obtaining the browser language - * If re-enabled we need to make sure only those languages installed are checked - * Commented out so we do not loose the code. - - if ($request->header('Accept-Language')) - { - $accept_lang_ary = explode(',', $request->header('Accept-Language')); - - foreach ($accept_lang_ary as $accept_lang) - { - // Set correct format ... guess full xx_YY form - $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); - $accept_lang = basename($accept_lang); - - if (file_exists($this->lang_path . $accept_lang . "/common.$phpEx")) - { - $this->lang_name = $config['default_lang'] = $accept_lang; - break; - } - else - { - // No match on xx_YY so try xx - $accept_lang = substr($accept_lang, 0, 2); - $accept_lang = basename($accept_lang); - - if (file_exists($this->lang_path . $accept_lang . "/common.$phpEx")) - { - $this->lang_name = $config['default_lang'] = $accept_lang; - break; - } - } - } - } - */ - } - - // We include common language file here to not load it every time a custom language file is included - $lang = &$this->lang; - - // Do not suppress error if in DEBUG_EXTRA mode - $include_result = (defined('DEBUG_EXTRA')) ? (include $this->lang_path . $this->lang_name . "/common.$phpEx") : (@include $this->lang_path . $this->lang_name . "/common.$phpEx"); - - if ($include_result === false) - { - die('Language file ' . $this->lang_path . $this->lang_name . "/common.$phpEx" . " couldn't be opened."); - } - - $this->add_lang($lang_set); - unset($lang_set); - - $style_request = request_var('style', 0); - if ($style_request && $auth->acl_get('a_styles') && !defined('ADMIN_START')) - { - global $SID, $_EXTRA_URL; - - $style_id = $style_request; - $SID .= '&style=' . $style_id; - $_EXTRA_URL = array('style=' . $style_id); - } - else - { - // Set up style - $style_id = ($style_id) ? $style_id : ((!$config['override_user_style']) ? $this->data['user_style'] : $config['default_style']); - } - - $sql = 'SELECT * - FROM ' . STYLES_TABLE . " s - WHERE s.style_id = $style_id"; - $result = $db->sql_query($sql, 3600); - $this->theme = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // User has wrong style - if (!$this->theme && $style_id == $this->data['user_style']) - { - $style_id = $this->data['user_style'] = $config['default_style']; - - $sql = 'UPDATE ' . USERS_TABLE . " - SET user_style = $style_id - WHERE user_id = {$this->data['user_id']}"; - $db->sql_query($sql); - - $sql = 'SELECT * - FROM ' . STYLES_TABLE . " s - WHERE s.style_id = $style_id"; - $result = $db->sql_query($sql, 3600); - $this->theme = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - } - - if (!$this->theme) - { - trigger_error('Could not get style data', E_USER_ERROR); - } - - // Now parse the cfg file and cache it - $parsed_items = $cache->obtain_cfg_items($this->theme); - - // We are only interested in the theme configuration for now - $parsed_items = $parsed_items['theme']; - - $check_for = array( - 'pagination_sep' => (string) ', ' - ); - - foreach ($check_for as $key => $default_value) - { - $this->theme[$key] = (isset($parsed_items[$key])) ? $parsed_items[$key] : $default_value; - settype($this->theme[$key], gettype($default_value)); - - if (is_string($default_value)) - { - $this->theme[$key] = htmlspecialchars($this->theme[$key]); - } - } - - $style->set_style(); - - $this->img_lang = $this->lang_name; - - // Call phpbb_user_session_handler() in case external application want to "bend" some variables or replace classes... - // After calling it we continue script execution... - phpbb_user_session_handler(); - - // If this function got called from the error handler we are finished here. - if (defined('IN_ERROR_HANDLER')) - { - return; - } - - // Disable board if the install/ directory is still present - // For the brave development army we do not care about this, else we need to comment out this everytime we develop locally - if (!defined('DEBUG_EXTRA') && !defined('ADMIN_START') && !defined('IN_INSTALL') && !defined('IN_LOGIN') && file_exists($phpbb_root_path . 'install') && !is_file($phpbb_root_path . 'install')) - { - // Adjust the message slightly according to the permissions - if ($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) - { - $message = 'REMOVE_INSTALL'; - } - else - { - $message = (!empty($config['board_disable_msg'])) ? $config['board_disable_msg'] : 'BOARD_DISABLE'; - } - trigger_error($message); - } - - // Is board disabled and user not an admin or moderator? - if ($config['board_disable'] && !defined('IN_LOGIN') && !$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) - { - if ($this->data['is_bot']) - { - send_status_line(503, 'Service Unavailable'); - } - - $message = (!empty($config['board_disable_msg'])) ? $config['board_disable_msg'] : 'BOARD_DISABLE'; - trigger_error($message); - } - - // Is load exceeded? - if ($config['limit_load'] && $this->load !== false) - { - if ($this->load > floatval($config['limit_load']) && !defined('IN_LOGIN') && !defined('IN_ADMIN')) - { - // Set board disabled to true to let the admins/mods get the proper notification - $config['board_disable'] = '1'; - - if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) - { - if ($this->data['is_bot']) - { - send_status_line(503, 'Service Unavailable'); - } - trigger_error('BOARD_UNAVAILABLE'); - } - } - } - - if (isset($this->data['session_viewonline'])) - { - // Make sure the user is able to hide his session - if (!$this->data['session_viewonline']) - { - // Reset online status if not allowed to hide the session... - if (!$auth->acl_get('u_hideonline')) - { - $sql = 'UPDATE ' . SESSIONS_TABLE . ' - SET session_viewonline = 1 - WHERE session_user_id = ' . $this->data['user_id']; - $db->sql_query($sql); - $this->data['session_viewonline'] = 1; - } - } - else if (!$this->data['user_allow_viewonline']) - { - // the user wants to hide and is allowed to -> cloaking device on. - if ($auth->acl_get('u_hideonline')) - { - $sql = 'UPDATE ' . SESSIONS_TABLE . ' - SET session_viewonline = 0 - WHERE session_user_id = ' . $this->data['user_id']; - $db->sql_query($sql); - $this->data['session_viewonline'] = 0; - } - } - } - - - // Does the user need to change their password? If so, redirect to the - // ucp profile reg_details page ... of course do not redirect if we're already in the ucp - if (!defined('IN_ADMIN') && !defined('ADMIN_START') && $config['chg_passforce'] && !empty($this->data['is_registered']) && $auth->acl_get('u_chgpasswd') && $this->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) - { - if (strpos($this->page['query_string'], 'mode=reg_details') === false && $this->page['page_name'] != "ucp.$phpEx") - { - redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=profile&mode=reg_details')); - } - } - - return; - } - - /** - * More advanced language substitution - * Function to mimic sprintf() with the possibility of using phpBB's language system to substitute nullar/singular/plural forms. - * Params are the language key and the parameters to be substituted. - * This function/functionality is inspired by SHS` and Ashe. - * - * Example call: $user->lang('NUM_POSTS_IN_QUEUE', 1); - * - * If the first parameter is an array, the elements are used as keys and subkeys to get the language entry: - * Example: $user->lang(array('datetime', 'AGO'), 1) uses $user->lang['datetime']['AGO'] as language entry. - */ - function lang() - { - $args = func_get_args(); - $key = $args[0]; - - if (is_array($key)) - { - $lang = &$this->lang[array_shift($key)]; - - foreach ($key as $_key) - { - $lang = &$lang[$_key]; - } - } - else - { - $lang = &$this->lang[$key]; - } - - // Return if language string does not exist - if (!isset($lang) || (!is_string($lang) && !is_array($lang))) - { - return $key; - } - - // If the language entry is a string, we simply mimic sprintf() behaviour - if (is_string($lang)) - { - if (sizeof($args) == 1) - { - return $lang; - } - - // Replace key with language entry and simply pass along... - $args[0] = $lang; - return call_user_func_array('sprintf', $args); - } - else if (sizeof($lang) == 0) - { - // If the language entry is an empty array, we just return the language key - return $args[0]; - } - - // It is an array... now handle different nullar/singular/plural forms - $key_found = false; - - // We now get the first number passed and will select the key based upon this number - for ($i = 1, $num_args = sizeof($args); $i < $num_args; $i++) - { - if (is_int($args[$i]) || is_float($args[$i])) - { - if ($args[$i] == 0 && isset($lang[0])) - { - // We allow each translation using plural forms to specify a version for the case of 0 things, - // so that "0 users" may be displayed as "No users". - $key_found = 0; - break; - } - else - { - $use_plural_form = $this->get_plural_form($args[$i]); - if (isset($lang[$use_plural_form])) - { - // The key we should use exists, so we use it. - $key_found = $use_plural_form; - } - else - { - // If the key we need to use does not exist, we fall back to the previous one. - $numbers = array_keys($lang); - - foreach ($numbers as $num) - { - if ($num > $use_plural_form) - { - break; - } - - $key_found = $num; - } - } - break; - } - } - } - - // Ok, let's check if the key was found, else use the last entry (because it is mostly the plural form) - if ($key_found === false) - { - $numbers = array_keys($lang); - $key_found = end($numbers); - } - - // Use the language string we determined and pass it to sprintf() - $args[0] = $lang[$key_found]; - return call_user_func_array('sprintf', $args); - } - - /** - * Determine which plural form we should use. - * For some languages this is not as simple as for English. - * - * @param $number int|float The number we want to get the plural case for. Float numbers are floored. - * @param $force_rule mixed False to use the plural rule of the language package - * or an integer to force a certain plural rule - * @return int The plural-case we need to use for the number plural-rule combination - */ - function get_plural_form($number, $force_rule = false) - { - $number = (int) $number; - - // Default to English system - $plural_rule = ($force_rule !== false) ? $force_rule : ((isset($this->lang['PLURAL_RULE'])) ? $this->lang['PLURAL_RULE'] : 1); - - return phpbb_get_plural_form($plural_rule, $number); - } - - /** - * Add Language Items - use_db and use_help are assigned where needed (only use them to force inclusion) - * - * @param mixed $lang_set specifies the language entries to include - * @param bool $use_db internal variable for recursion, do not use - * @param bool $use_help internal variable for recursion, do not use - * @param string $ext_name The extension to load language from, or empty for core files - * - * Examples: - * - * $lang_set = array('posting', 'help' => 'faq'); - * $lang_set = array('posting', 'viewtopic', 'help' => array('bbcode', 'faq')) - * $lang_set = array(array('posting', 'viewtopic'), 'help' => array('bbcode', 'faq')) - * $lang_set = 'posting' - * $lang_set = array('help' => 'faq', 'db' => array('help:faq', 'posting')) - * - */ - function add_lang($lang_set, $use_db = false, $use_help = false, $ext_name = '') - { - global $phpEx; - - if (is_array($lang_set)) - { - foreach ($lang_set as $key => $lang_file) - { - // Please do not delete this line. - // We have to force the type here, else [array] language inclusion will not work - $key = (string) $key; - - if ($key == 'db') - { - $this->add_lang($lang_file, true, $use_help, $ext_name); - } - else if ($key == 'help') - { - $this->add_lang($lang_file, $use_db, true, $ext_name); - } - else if (!is_array($lang_file)) - { - $this->set_lang($this->lang, $this->help, $lang_file, $use_db, $use_help, $ext_name); - } - else - { - $this->add_lang($lang_file, $use_db, $use_help, $ext_name); - } - } - unset($lang_set); - } - else if ($lang_set) - { - $this->set_lang($this->lang, $this->help, $lang_set, $use_db, $use_help, $ext_name); - } - } - - /** - * Add Language Items from an extension - use_db and use_help are assigned where needed (only use them to force inclusion) - * - * @param string $ext_name The extension to load language from, or empty for core files - * @param mixed $lang_set specifies the language entries to include - * @param bool $use_db internal variable for recursion, do not use - * @param bool $use_help internal variable for recursion, do not use - */ - function add_lang_ext($ext_name, $lang_set, $use_db = false, $use_help = false) - { - if ($ext_name === '/') - { - $ext_name = ''; - } - - $this->add_lang($lang_set, $use_db, $use_help, $ext_name); - } - - /** - * Set language entry (called by add_lang) - * @access private - */ - function set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false, $ext_name = '') - { - global $phpbb_root_path, $phpEx; - - // Make sure the language name is set (if the user setup did not happen it is not set) - if (!$this->lang_name) - { - global $config; - $this->lang_name = basename($config['default_lang']); - } - - // $lang == $this->lang - // $help == $this->help - // - add appropriate variables here, name them as they are used within the language file... - if (!$use_db) - { - if ($use_help && strpos($lang_file, '/') !== false) - { - $filename = dirname($lang_file) . '/help_' . basename($lang_file); - } - else - { - $filename = (($use_help) ? 'help_' : '') . $lang_file; - } - - if ($ext_name) - { - global $phpbb_extension_manager; - $ext_path = $phpbb_extension_manager->get_extension_path($ext_name, true); - - $lang_path = $ext_path . 'language/'; - } - else - { - $lang_path = $this->lang_path; - } - - if (strpos($phpbb_root_path . $filename, $lang_path . $this->lang_name . '/') === 0) - { - $language_filename = $phpbb_root_path . $filename; - } - else - { - $language_filename = $lang_path . $this->lang_name . '/' . $filename . '.' . $phpEx; - } - - if (!file_exists($language_filename)) - { - global $config; - - if ($this->lang_name == 'en') - { - // The user's selected language is missing the file, the board default's language is missing the file, and the file doesn't exist in /en. - $language_filename = str_replace($lang_path . 'en', $lang_path . $this->data['user_lang'], $language_filename); - trigger_error('Language file ' . $language_filename . ' couldn\'t be opened.', E_USER_ERROR); - } - else if ($this->lang_name == basename($config['default_lang'])) - { - // Fall back to the English Language - $this->lang_name = 'en'; - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); - } - else if ($this->lang_name == $this->data['user_lang']) - { - // Fall back to the board default language - $this->lang_name = basename($config['default_lang']); - $this->set_lang($lang, $help, $lang_file, $use_db, $use_help, $ext_name); - } - - // Reset the lang name - $this->lang_name = (file_exists($lang_path . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']); - return; - } - - // Do not suppress error if in DEBUG_EXTRA mode - $include_result = (defined('DEBUG_EXTRA')) ? (include $language_filename) : (@include $language_filename); - - if ($include_result === false) - { - trigger_error('Language file ' . $language_filename . ' couldn\'t be opened.', E_USER_ERROR); - } - } - else if ($use_db) - { - // Get Database Language Strings - // Put them into $lang if nothing is prefixed, put them into $help if help: is prefixed - // For example: help:faq, posting - } - } - - /** - * Format user date - * - * @param int $gmepoch unix timestamp - * @param string $format date format in date() notation. | used to indicate relative dates, for example |d m Y|, h:i is translated to Today, h:i. - * @param bool $forcedate force non-relative date format. - * - * @return mixed translated date - */ - function format_date($gmepoch, $format = false, $forcedate = false) - { - static $midnight; - static $date_cache; - - $format = (!$format) ? $this->date_format : $format; - $now = time(); - $delta = $now - $gmepoch; - - if (!isset($date_cache[$format])) - { - // Is the user requesting a friendly date format (i.e. 'Today 12:42')? - $date_cache[$format] = array( - 'is_short' => strpos($format, '|'), - 'format_short' => substr($format, 0, strpos($format, '|')) . '||' . substr(strrchr($format, '|'), 1), - 'format_long' => str_replace('|', '', $format), - 'lang' => $this->lang['datetime'], - ); - - // Short representation of month in format? Some languages use different terms for the long and short format of May - if ((strpos($format, '\M') === false && strpos($format, 'M') !== false) || (strpos($format, '\r') === false && strpos($format, 'r') !== false)) - { - $date_cache[$format]['lang']['May'] = $this->lang['datetime']['May_short']; - } - } - - // Zone offset - $zone_offset = $this->timezone + $this->dst; - - // Show date < 1 hour ago as 'xx min ago' but not greater than 60 seconds in the future - // A small tolerence is given for times in the future but in the same minute are displayed as '< than a minute ago' - if ($delta < 3600 && $delta > -60 && ($delta >= -5 || (($now / 60) % 60) == (($gmepoch / 60) % 60)) && $date_cache[$format]['is_short'] !== false && !$forcedate && isset($this->lang['datetime']['AGO'])) - { - return $this->lang(array('datetime', 'AGO'), max(0, (int) floor($delta / 60))); - } - - if (!$midnight) - { - list($d, $m, $y) = explode(' ', gmdate('j n Y', time() + $zone_offset)); - $midnight = gmmktime(0, 0, 0, $m, $d, $y) - $zone_offset; - } - - if ($date_cache[$format]['is_short'] !== false && !$forcedate && !($gmepoch < $midnight - 86400 || $gmepoch > $midnight + 172800)) - { - $day = false; - - if ($gmepoch > $midnight + 86400) - { - $day = 'TOMORROW'; - } - else if ($gmepoch > $midnight) - { - $day = 'TODAY'; - } - else if ($gmepoch > $midnight - 86400) - { - $day = 'YESTERDAY'; - } - - if ($day !== false) - { - return str_replace('||', $this->lang['datetime'][$day], strtr(@gmdate($date_cache[$format]['format_short'], $gmepoch + $zone_offset), $date_cache[$format]['lang'])); - } - } - - return strtr(@gmdate($date_cache[$format]['format_long'], $gmepoch + $zone_offset), $date_cache[$format]['lang']); - } - - /** - * Get language id currently used by the user - */ - function get_iso_lang_id() - { - global $config, $db; - - if (!empty($this->lang_id)) - { - return $this->lang_id; - } - - if (!$this->lang_name) - { - $this->lang_name = $config['default_lang']; - } - - $sql = 'SELECT lang_id - FROM ' . LANG_TABLE . " - WHERE lang_iso = '" . $db->sql_escape($this->lang_name) . "'"; - $result = $db->sql_query($sql); - $this->lang_id = (int) $db->sql_fetchfield('lang_id'); - $db->sql_freeresult($result); - - return $this->lang_id; - } - - /** - * Get users profile fields - */ - function get_profile_fields($user_id) - { - global $db; - - if (isset($this->profile_fields)) - { - return; - } - - $sql = 'SELECT * - FROM ' . PROFILE_FIELDS_DATA_TABLE . " - WHERE user_id = $user_id"; - $result = $db->sql_query_limit($sql, 1); - $this->profile_fields = (!($row = $db->sql_fetchrow($result))) ? array() : $row; - $db->sql_freeresult($result); - } - - /** - * Specify/Get image - */ - function img($img, $alt = '') - { - $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; - return '' . $alt . ''; - } - - /** - * Get option bit field from user options. - * - * @param int $key option key, as defined in $keyoptions property. - * @param int $data bit field value to use, or false to use $this->data['user_options'] - * @return bool true if the option is set in the bit field, false otherwise - */ - function optionget($key, $data = false) - { - $var = ($data !== false) ? $data : $this->data['user_options']; - return phpbb_optionget($this->keyoptions[$key], $var); - } - - /** - * Set option bit field for user options. - * - * @param int $key Option key, as defined in $keyoptions property. - * @param bool $value True to set the option, false to clear the option. - * @param int $data Current bit field value, or false to use $this->data['user_options'] - * @return int|bool If $data is false, the bit field is modified and - * written back to $this->data['user_options'], and - * return value is true if the bit field changed and - * false otherwise. If $data is not false, the new - * bitfield value is returned. - */ - function optionset($key, $value, $data = false) - { - $var = ($data !== false) ? $data : $this->data['user_options']; - - $new_var = phpbb_optionset($this->keyoptions[$key], $value, $var); - - if ($data === false) - { - if ($new_var != $var) - { - $this->data['user_options'] = $new_var; - return true; - } - else - { - return false; - } - } - else - { - return $new_var; - } - } - - /** - * Funtion to make the user leave the NEWLY_REGISTERED system group. - * @access public - */ - function leave_newly_registered() - { - global $db; - - if (empty($this->data['user_new'])) - { - return false; - } - - if (!function_exists('remove_newly_registered')) - { - global $phpbb_root_path, $phpEx; - - include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - } - if ($group = remove_newly_registered($this->data['user_id'], $this->data)) - { - $this->data['group_id'] = $group; - - } - $this->data['user_permissions'] = ''; - $this->data['user_new'] = 0; - - return true; - } - - /** - * Returns all password protected forum ids the user is currently NOT authenticated for. - * - * @return array Array of forum ids - * @access public - */ - function get_passworded_forums() - { - global $db; - - $sql = 'SELECT f.forum_id, fa.user_id - FROM ' . FORUMS_TABLE . ' f - LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa - ON (fa.forum_id = f.forum_id - AND fa.session_id = '" . $db->sql_escape($this->session_id) . "') - WHERE f.forum_password <> ''"; - $result = $db->sql_query($sql); - - $forum_ids = array(); - while ($row = $db->sql_fetchrow($result)) - { - $forum_id = (int) $row['forum_id']; - - if ($row['user_id'] != $this->data['user_id']) - { - $forum_ids[$forum_id] = $forum_id; - } - } - $db->sql_freeresult($result); - - return $forum_ids; - } -} -- cgit v1.2.1 From 42dd60edad6c3533f6b718e731d43661641fd1fc Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Tue, 29 May 2012 14:54:04 +0200 Subject: [ticket/10913] Redirect to index if session id is required but was not sent PHPBB3-10913 --- phpBB/includes/session.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/session.php') diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index a894242a39..496c12a0d1 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -322,8 +322,15 @@ class session } } - // Is session_id is set or session_id is set and matches the url param if required - if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === $_GET['sid']))) + // if no session id is set, redirect to index.php + if (defined('NEED_SID') && (!isset($_GET['sid']) || $this->session_id !== $_GET['sid'])) + { + send_status_line(401, 'Not authorized'); + redirect(append_sid("{$phpbb_root_path}index.$phpEx")); + } + + // if session id is set + if (!empty($this->session_id)) { $sql = 'SELECT u.*, s.* FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u -- cgit v1.2.1