From cdf4f5ef85f05c0f94eae1a9edb1c28d4ac3515f Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 14 Jul 2019 16:44:59 +0200 Subject: [ticket/security/246] Check form key no matter if submit is set SECURITY-246 --- phpBB/includes/acp/acp_bbcodes.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 1f7374a07f..56079061ce 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -33,7 +33,6 @@ class acp_bbcodes // Set up general vars $action = $request->variable('action', ''); $bbcode_id = $request->variable('bbcode', 0); - $submit = $request->is_set_post('submit'); $this->tpl_name = 'acp_bbcodes'; $this->page_title = 'ACP_BBCODES'; @@ -41,11 +40,6 @@ class acp_bbcodes add_form_key($form_key); - if ($submit && !check_form_key($form_key)) - { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); - } - // Set up mode-specific vars switch ($action) { @@ -179,6 +173,12 @@ class acp_bbcodes extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars))); $warn_text = preg_match('%<[^>]*\{text[\d]*\}[^>]*>%i', $bbcode_tpl); + + if (!$warn_text && !check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if (!$warn_text || confirm_box(true)) { $data = $this->build_regexp($bbcode_match, $bbcode_tpl); -- cgit v1.2.1 From 54c684051bb603415e2fedb274ad12adac7e1bd4 Mon Sep 17 00:00:00 2001 From: kinerity Date: Tue, 20 Aug 2019 20:01:27 -0400 Subject: [ticket/16134] Exclude group leaders on group member purge PHPBB3-16134 --- phpBB/includes/acp/acp_prune.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 3eee4f7922..c5f7789de8 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -537,6 +537,7 @@ class acp_prune AND ug.user_id <> ' . ANONYMOUS . ' AND u.user_type <> ' . USER_FOUNDER . ' AND ug.user_pending = 0 + AND ug.group_leader = 0 AND u.user_id = ug.user_id ' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : ''); $result = $db->sql_query($sql); -- cgit v1.2.1 From 56477a8f7c1421ecc01f15258f0739ce8438db32 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 30 Jun 2019 22:40:34 +0200 Subject: [ticket/security/244] Add form token check to plupload SECURTIY-244 --- phpBB/includes/message_parser.php | 29 +++++++++++++++++++++++++++++ phpBB/includes/ucp/ucp_pm_compose.php | 7 +++++-- 2 files changed, 34 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 0b79cca864..e1c28223dc 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1524,6 +1524,35 @@ class parse_message extends bbcode_firstpass } } + /** + * Check attachment form token depending on submit type + * + * @param \phpbb\language\language $language Language + * @param \phpbb\request\request_interface $request Request + * @param string $form_name Form name for checking form key + * + * @return bool True if form token is not needed or valid, false if needed and invalid + */ + function check_attachment_form_token(\phpbb\language\language $language, \phpbb\request\request_interface $request, $form_name) + { + $add_file = $request->is_set_post('add_file'); + $delete_file = $request->is_set_post('delete_file'); + + if (($add_file || $delete_file) && !check_form_key($form_name)) + { + $this->warn_msg[] = $language->lang('FORM_INVALID'); + + if ($request->is_ajax() && $this->plupload) + { + $this->plupload->emit_error(-400, 'FORM_INVALID'); + } + + return false; + } + + return true; + } + /** * Parse Attachments */ diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index cb45112b01..06baa279a5 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -26,7 +26,7 @@ if (!defined('IN_PHPBB')) function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user, $cache; - global $phpbb_root_path, $phpEx, $config; + global $phpbb_root_path, $phpEx, $config, $language; global $request, $phpbb_dispatcher, $phpbb_container; // Damn php and globals - i know, this is horrible @@ -799,7 +799,10 @@ function compose_pm($id, $mode, $action, $user_folders = array()) extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_parse_before', compact($vars))); // Parse Attachments - before checksum is calculated - $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); + if ($message_parser->check_attachment_form_token($language, $request, 'ucp_pm_compose')) + { + $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); + } if (count($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) { -- cgit v1.2.1 From 2e7d58c63b4b27036f76b6e5637ac3e1d7852a05 Mon Sep 17 00:00:00 2001 From: oxcom Date: Fri, 30 Aug 2019 09:07:20 +0200 Subject: [ticket/16143] Add new events before and after move topics PHPBB3-16143 --- phpBB/includes/functions_admin.php | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index c19d48b0be..cc82fdbda3 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -543,6 +543,20 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true) $topic_ids = array($topic_ids); } + /** + * Perform additional actions before topics move + * + * @event core.move_topics_before + * @var array topic_ids Array of the moved topic ids + * @var string forum_id The forum id from where the topics are moved + * @since 3.2.9-RC1 + */ + $vars = array( + 'topic_ids', + 'forum_id', + ); + extract($phpbb_dispatcher->trigger_event('core.move_topics_before', compact($vars))); + $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('topic_moved_id', $topic_ids) . ' AND forum_id = ' . $forum_id; @@ -593,6 +607,22 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true) } unset($table_ary); + /** + * Perform additional actions after topics move + * + * @event core.move_topics_after + * @var array topic_ids Array of the moved topic ids + * @var string forum_id The forum id from where the topics were moved + * @var array forum_ids Array of the forums where the topics were moved (includes also forum_id) + * @since 3.2.9-RC1 + */ + $vars = array( + 'topic_ids', + 'forum_id', + 'forum_ids', + ); + extract($phpbb_dispatcher->trigger_event('core.move_topics_after', compact($vars))); + if ($auto_sync) { sync('forum', 'forum_id', $forum_ids, true, true); -- cgit v1.2.1 From a1e8282e672e0cddd2239c1ece30cf6eb96a09eb Mon Sep 17 00:00:00 2001 From: oxcom Date: Mon, 2 Sep 2019 14:31:07 +0200 Subject: [ticket/16146] New core event: after move forum PHPBB3-16146 --- phpBB/includes/acp/acp_forums.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index cb0593b14a..03c178f968 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1576,6 +1576,19 @@ class acp_forums $db->sql_query($sql); } + /** + * Event when content has been moved from one forum to another + * + * @event core.acp_manage_forums_move_content + * @var int from_id If of the current parent forum + * @var int to_id If of the new parent forum + * @var bool sync Shall we sync the "to"-forum's data + * + * @since 3.2.9-RC1 + */ + $vars = array('from_id', 'to_id', 'sync'); + extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_move_content_after', compact($vars))); + if ($sync) { // Delete ghost topics that link back to the same forum then resync counters -- cgit v1.2.1 From 776a7302a4daf88ce760e89c6f9617482c0ae5e5 Mon Sep 17 00:00:00 2001 From: oxcom Date: Tue, 3 Sep 2019 08:15:00 +0200 Subject: [ticket/16146] fix event name in comment PHPBB3-16146 --- phpBB/includes/acp/acp_forums.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 03c178f968..25545e9265 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1579,7 +1579,7 @@ class acp_forums /** * Event when content has been moved from one forum to another * - * @event core.acp_manage_forums_move_content + * @event core.acp_manage_forums_move_content_after * @var int from_id If of the current parent forum * @var int to_id If of the new parent forum * @var bool sync Shall we sync the "to"-forum's data -- cgit v1.2.1 From 2a32d74d2067e046ee0167490a57fe904186c6f4 Mon Sep 17 00:00:00 2001 From: mrgoldy Date: Wed, 4 Sep 2019 15:29:50 +0200 Subject: [ticket/15422] Remove redundant BBCode helpline PHPBB3-15422 --- phpBB/includes/functions_display.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 792467019f..5d137b22eb 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -1117,7 +1117,6 @@ function display_custom_bbcodes() 'BBCODE_TAG' => $row['bbcode_tag'], 'BBCODE_TAG_CLEAN' => str_replace('=', '-', $row['bbcode_tag']), 'BBCODE_HELPLINE' => $row['bbcode_helpline'], - 'A_BBCODE_HELPLINE' => str_replace(array('&', '"', "'", '<', '>'), array('&', '"', "\'", '<', '>'), $row['bbcode_helpline']), ); /** -- cgit v1.2.1 From 850ea776d9757e6cabc6a176b2071ca7471117a0 Mon Sep 17 00:00:00 2001 From: mrgoldy Date: Thu, 5 Sep 2019 15:43:33 +0200 Subject: [ticket/16123] Show proper banned email message PHPBB3-16123 --- phpBB/includes/functions_user.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 3bf4aa16b7..35fb54d7d3 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1947,7 +1947,10 @@ function validate_user_email($email, $allowed_email = false) if (($ban = $user->check_ban(false, false, $email, true)) !== false) { - return ($ban === true) ? 'EMAIL_BANNED' : (!empty($ban['ban_give_reason']) ? $ban['ban_give_reason'] : $ban); + if ($ban !== false) + { + return !empty($ban['ban_give_reason']) ? $ban['ban_give_reason'] : 'EMAIL_BANNED'; + } } if (!$config['allow_emailreuse']) -- cgit v1.2.1 From 56e2f1a3f66602efa2977e5c2abe31e884e56bf6 Mon Sep 17 00:00:00 2001 From: mrgoldy Date: Thu, 5 Sep 2019 16:36:29 +0200 Subject: [ticket/16123] Check with empty() PHPBB3-16123 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 35fb54d7d3..6e12c847c8 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1947,7 +1947,7 @@ function validate_user_email($email, $allowed_email = false) if (($ban = $user->check_ban(false, false, $email, true)) !== false) { - if ($ban !== false) + if (!empty($ban)) { return !empty($ban['ban_give_reason']) ? $ban['ban_give_reason'] : 'EMAIL_BANNED'; } -- cgit v1.2.1 From 6e20cd5d2286e716dc6b9a9b3e7f9e75dcde4f8b Mon Sep 17 00:00:00 2001 From: mrgoldy Date: Sat, 7 Sep 2019 16:47:47 +0200 Subject: [ticket/16123] Remove redundant if check PHPBB3-16123 --- phpBB/includes/functions_user.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 6e12c847c8..e0b6a9d0c6 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1945,12 +1945,10 @@ function validate_user_email($email, $allowed_email = false) return $validate_email; } - if (($ban = $user->check_ban(false, false, $email, true)) !== false) + $ban = $user->check_ban(false, false, $email, true); + if (!empty($ban)) { - if (!empty($ban)) - { - return !empty($ban['ban_give_reason']) ? $ban['ban_give_reason'] : 'EMAIL_BANNED'; - } + return !empty($ban['ban_give_reason']) ? $ban['ban_give_reason'] : 'EMAIL_BANNED'; } if (!$config['allow_emailreuse']) -- cgit v1.2.1 From 6600fc6cad5f6d43acdcc9a303be4ce91ed48f2e Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Sun, 8 Sep 2019 03:29:27 +0200 Subject: [ticket/16151] Enable Emojis and rich text in forum name PHPBB3-16151 --- phpBB/includes/acp/acp_forums.php | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index cb0593b14a..0bbaf96dec 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -986,10 +986,30 @@ class acp_forums $errors[] = $user->lang['FORUM_NAME_EMPTY']; } - // No Emojis + /** + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySql to NCR. + * Using their Numeric Character Reference's Hexadecimal notation. + * Doesn't interfere with Japanese or Cyrillic etc. + * + * @see https://www.w3.org/TR/xml11/ + * @see https://www.opentag.com/xfaq_charrep.htm + */ + if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $forum_data_ary['forum_name'], $matches)) + { + foreach ($matches as $key => $emoji) + { + $forum_data_ary['forum_name'] = str_replace($emoji, utf8_encode_ncr($emoji), $forum_data_ary['forum_name']); + } + } + + /** + * This should never happen again. + * Leaving the fallback hre just in case there will be the need of it. + */ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $forum_data_ary['forum_name'], $matches)) { $character_list = implode('
', $matches[0]); + $errors[] = $user->lang('FORUM_NAME_EMOJI', $character_list); } -- cgit v1.2.1 From 08842e6ba505b162573dff8b942bd7bd832e938a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 8 Sep 2019 21:52:42 +0200 Subject: [prep-release-3.2.8] Update version numbers for 3.2.8 release --- phpBB/includes/constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index fedd297895..99576b8ce6 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -@define('PHPBB_VERSION', '3.2.8-RC1'); +@define('PHPBB_VERSION', '3.2.8'); // QA-related // define('PHPBB_QA', 1); -- cgit v1.2.1 From ce93b224107a65b43253c36812b636321eb55a78 Mon Sep 17 00:00:00 2001 From: stevendegroote Date: Tue, 17 Sep 2019 23:01:59 +0200 Subject: [ticket/16159] Wrap post times in html time tag PHPBB3-16159 --- phpBB/includes/functions_display.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 32bee14eef..e5d6d683fe 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -547,11 +547,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $last_post_subject = $last_post_subject_truncated = ''; } $last_post_time = $user->format_date($row['forum_last_post_time']); + $last_post_time_rfc3339 = gmdate("Y-m-d H:i:sP", $row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } else { - $last_post_subject = $last_post_time = $last_post_url = $last_post_subject_truncated = ''; + $last_post_subject = $last_post_time = $last_post_time_rfc3339 = $last_post_url = $last_post_subject_truncated = ''; } // Output moderator listing ... if applicable @@ -622,6 +623,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'LAST_POST_SUBJECT' => $last_post_subject, 'LAST_POST_SUBJECT_TRUNCATED' => $last_post_subject_truncated, 'LAST_POST_TIME' => $last_post_time, + 'LAST_POST_TIME_RFC3339'=> $last_post_time_rfc3339, 'LAST_POSTER' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_FULL' => get_username_string('full', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), -- cgit v1.2.1 From 8160a8a1efe06de06a199be5c7e8262e0c199873 Mon Sep 17 00:00:00 2001 From: stevendegroote Date: Wed, 18 Sep 2019 20:58:13 +0200 Subject: [ticket/16159] Use predefined DATE_RFC3339 PHPBB3-16159 --- phpBB/includes/functions_display.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index d0a0c97c4e..f8c882e771 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -547,7 +547,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $last_post_subject = $last_post_subject_truncated = ''; } $last_post_time = $user->format_date($row['forum_last_post_time']); - $last_post_time_rfc3339 = gmdate("Y-m-d H:i:sP", $row['forum_last_post_time']); + $last_post_time_rfc3339 = gmdate(DATE_RFC3339, $row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } else -- cgit v1.2.1 From 813a55b01d5a81559d8b2d8fab45a4c6157a222a Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Sun, 22 Sep 2019 05:58:59 +0200 Subject: [ticket/16161] Enable BBcodes without closing tag PHPBB3-16161 --- phpBB/includes/acp/acp_bbcodes.php | 5 ----- 1 file changed, 5 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 56079061ce..bd8df6a63b 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -211,11 +211,6 @@ class acp_bbcodes $test = $data['bbcode_tag']; } - if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) - { - trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING); - } - if (strlen($data['bbcode_tag']) > 16) { trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); -- cgit v1.2.1 From ab7345d96d2bc7e96b2567867b815c4129b1d6f3 Mon Sep 17 00:00:00 2001 From: kasimi Date: Thu, 17 Oct 2019 12:49:30 +0200 Subject: [ticket/16182] Add core.generate_smilies_modify_rowset PHPBB3-16182 --- phpBB/includes/functions_posting.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 2cce77e092..ed4b573cc2 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -114,6 +114,22 @@ function generate_smilies($mode, $forum_id) } $db->sql_freeresult($result); + /** + * Modify smilies before they are assigned to the template + * + * @event core.generate_smilies_modify_rowset + * @var string mode Smiley mode, either window or inline + * @var int forum_id Forum where smilies are generated + * @var array smilies Smiley rows fetched from the database + * @since 3.2.9-RC1 + */ + $vars = [ + 'mode', + 'forum_id', + 'smilies', + ]; + extract($phpbb_dispatcher->trigger_event('core.generate_smilies_modify_rowset', compact($vars))); + if (count($smilies)) { $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_path_helper->get_web_root_path(); -- cgit v1.2.1 From 84e0f5a2ebf8477a70c185c6496a02f0e2ed8918 Mon Sep 17 00:00:00 2001 From: kasimi Date: Thu, 17 Oct 2019 12:54:42 +0200 Subject: [ticket/16183] Add core.generate_smilies_count_sql_before PHPBB3-16183 --- phpBB/includes/functions_posting.php | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 2cce77e092..0fb4ef2c49 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -52,9 +52,28 @@ function generate_smilies($mode, $forum_id) page_header($user->lang['SMILIES']); - $sql = 'SELECT COUNT(smiley_id) AS item_count - FROM ' . SMILIES_TABLE . ' - GROUP BY smiley_url'; + $sql_ary = [ + 'SELECT' => 'COUNT(s.smiley_id) AS item_count', + 'FROM' => [ + SMILIES_TABLE => 's', + ], + 'GROUP_BY' => 's.smiley_url', + ]; + + /** + * Modify SQL query that fetches the total number of smilies in window mode + * + * @event core.generate_smilies_count_sql_before + * @var int forum_id Forum where smilies are generated + * @var array sql_ary Array with the SQL query + * @since 3.2.9-RC1 + */ + $vars = [ + 'forum_id', + 'sql_ary', + ]; + extract($phpbb_dispatcher->trigger_event('core.generate_smilies_count_sql_before', compact($vars))); + $result = $db->sql_query($sql, 3600); $smiley_count = 0; -- cgit v1.2.1 From fed05012c05f870170b104af5153ef90cdc8b338 Mon Sep 17 00:00:00 2001 From: kasimi Date: Thu, 17 Oct 2019 13:11:29 +0200 Subject: [ticket/16184] Don't entity-encode & character in AJAX response PHPBB3-16184 --- phpBB/includes/functions_display.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index ea42b1916d..3d45648ea1 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -70,7 +70,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $data = array( 'NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], - 'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}index.$phpEx", 'hash=' . generate_link_hash('global') . '&mark=forums&mark_time=' . time()) : '', + 'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}index.$phpEx", 'hash=' . generate_link_hash('global') . '&mark=forums&mark_time=' . time(), false) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['FORUMS_MARKED'] ); @@ -355,7 +355,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $data = array( 'NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], - 'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . '&f=' . $root_data['forum_id'] . '&mark=forums&mark_time=' . time()) : '', + 'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . '&f=' . $root_data['forum_id'] . '&mark=forums&mark_time=' . time(), false) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['FORUMS_MARKED'] ); -- cgit v1.2.1 From 6df8b7f3678ba242480a0c50b651b1653a0d2d6b Mon Sep 17 00:00:00 2001 From: kasimi Date: Sun, 20 Oct 2019 20:50:34 +0200 Subject: [ticket/16183] Generate SQL query from array PHPBB3-16183 --- phpBB/includes/functions_posting.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 0fb4ef2c49..844481f1bd 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -74,6 +74,7 @@ function generate_smilies($mode, $forum_id) ]; extract($phpbb_dispatcher->trigger_event('core.generate_smilies_count_sql_before', compact($vars))); + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql, 3600); $smiley_count = 0; -- cgit v1.2.1 From 4e816b58c6fdc6351f44f0d50b0ea5db52278245 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sat, 26 Oct 2019 21:23:47 +0200 Subject: [ticket/16146] Fix typos in event description PHPBB3-16146 --- phpBB/includes/acp/acp_forums.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 25545e9265..668f2f8ebd 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1423,8 +1423,8 @@ class acp_forums * This event may be triggered, when a forum is deleted * * @event core.acp_manage_forums_move_children - * @var int from_id If of the current parent forum - * @var int to_id If of the new parent forum + * @var int from_id Id of the current parent forum + * @var int to_id Id of the new parent forum * @var array errors Array of errors, should be strings and not * language key. * @since 3.1.0-a1 @@ -1529,8 +1529,8 @@ class acp_forums * Event when we move content from one forum to another * * @event core.acp_manage_forums_move_content - * @var int from_id If of the current parent forum - * @var int to_id If of the new parent forum + * @var int from_id Id of the current parent forum + * @var int to_id Id of the new parent forum * @var bool sync Shall we sync the "to"-forum's data * @var array errors Array of errors, should be strings and not * language key. If this array is not empty, @@ -1580,8 +1580,8 @@ class acp_forums * Event when content has been moved from one forum to another * * @event core.acp_manage_forums_move_content_after - * @var int from_id If of the current parent forum - * @var int to_id If of the new parent forum + * @var int from_id Id of the current parent forum + * @var int to_id Id of the new parent forum * @var bool sync Shall we sync the "to"-forum's data * * @since 3.2.9-RC1 -- cgit v1.2.1 From 2cdc2e751eb03b6ba6c34889dc3db2a301b8c326 Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Mon, 28 Oct 2019 02:34:59 +0100 Subject: [ticket/16151] Enable Emojis and rich text in forum name Move to a new function() PHPBB3-16151 --- phpBB/includes/acp/acp_forums.php | 16 +++------------ phpBB/includes/utf/utf_tools.php | 43 ++++++++++++++++++++++++++++----------- 2 files changed, 34 insertions(+), 25 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 0bbaf96dec..d31404fa22 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -987,24 +987,14 @@ class acp_forums } /** - * Replace Emojis and other 4bit UTF-8 chars not allowed by MySql to NCR. + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySql to UCR / NCR. * Using their Numeric Character Reference's Hexadecimal notation. - * Doesn't interfere with Japanese or Cyrillic etc. - * - * @see https://www.w3.org/TR/xml11/ - * @see https://www.opentag.com/xfaq_charrep.htm */ - if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $forum_data_ary['forum_name'], $matches)) - { - foreach ($matches as $key => $emoji) - { - $forum_data_ary['forum_name'] = str_replace($emoji, utf8_encode_ncr($emoji), $forum_data_ary['forum_name']); - } - } + $forum_data_ary['forum_name'] = utf8_encode_ucr($forum_data_ary['forum_name']); /** * This should never happen again. - * Leaving the fallback hre just in case there will be the need of it. + * Leaving the fallback here just in case there will be the need of it. */ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $forum_data_ary['forum_name'], $matches)) { diff --git a/phpBB/includes/utf/utf_tools.php b/phpBB/includes/utf/utf_tools.php index 89de454427..bb155aeae5 100644 --- a/phpBB/includes/utf/utf_tools.php +++ b/phpBB/includes/utf/utf_tools.php @@ -418,24 +418,43 @@ function utf8_recode($string, $encoding) } /** -* Replace all UTF-8 chars that are not in ASCII with their NCR -* -* @param string $text UTF-8 string in NFC -* @return string ASCII string using NCRs for non-ASCII chars -*/ + * Replace some special UTF-8 chars that are not in ASCII with their UCR. + * using their Numeric Character Reference's Hexadecimal notation. + * + * Doesn't interfere with Japanese or Cyrillic etc. + * Unicode character visualization will depend on the character support + * of your web browser and the fonts installed on your system. + * + * @see https://en.wikibooks.org/wiki/Unicode/Character_reference/1F000-1FFFF + * + * @param string $text UTF-8 string in NFC + * @return string ASCII string using NCR for non-ASCII chars + */ +function utf8_encode_ucr($text) +{ + return preg_replace_callback('/[\\xF0-\\xF4].../', 'utf8_encode_ncr_callback', $text); +} + +/** + * Replace all UTF-8 chars that are not in ASCII with their NCR + * using their Numeric Character Reference's Hexadecimal notation. + * + * @param string $text UTF-8 string in NFC + * @return string ASCII string using NCRs for non-ASCII chars + */ function utf8_encode_ncr($text) { return preg_replace_callback('#[\\xC2-\\xF4][\\x80-\\xBF]{1,3}#', 'utf8_encode_ncr_callback', $text); } /** -* Callback used in encode_ncr() -* -* Takes a UTF-8 char and replaces it with its NCR. Attention, $m is an array -* -* @param array $m 0-based numerically indexed array passed by preg_replace_callback() -* @return string A HTML NCR if the character is valid, or the original string otherwise -*/ + * Callback used in utf8_encode_ncr() and utf8_encode_ucr() + * + * Takes a UTF-8 char and replaces it with its NCR. Attention, $m is an array + * + * @param array $m 0-based numerically indexed array passed by preg_replace_callback() + * @return string A HTML NCR if the character is valid, or the original string otherwise + */ function utf8_encode_ncr_callback($m) { return '&#' . utf8_ord($m[0]) . ';'; -- cgit v1.2.1