From 4c5c289f75c267e1f3e789c0304054ed4e3e2564 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Fri, 11 Mar 2016 10:51:07 +0100
Subject: [ticket/14241] Prevent empty q&a as a result of improper settings

Improper setup of the q&a captcha in combination with the admin choosing a
default language that does not have any questions and answers set might
result in the user being presented empty questions and answers. This
change will try to fall back to any question in case the admin incorrectly
set the default language and has no questions & answers set. If that does
not work, the captcha will not allow passing it and suggest to contact the
board admin to resolve this issue.

PHPBB3-14241
---
 phpBB/phpbb/captcha/plugins/qa.php | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

(limited to 'phpBB/phpbb/captcha')

diff --git a/phpBB/phpbb/captcha/plugins/qa.php b/phpBB/phpbb/captcha/plugins/qa.php
index 2771369e57..e6059b968f 100644
--- a/phpBB/phpbb/captcha/plugins/qa.php
+++ b/phpBB/phpbb/captcha/plugins/qa.php
@@ -100,6 +100,28 @@ class qa
 			$db->sql_freeresult($result);
 		}
 
+		// final fallback to any language
+		if (!sizeof($this->question_ids))
+		{
+			$this->question_lang = '';
+
+			$sql = 'SELECT q.question_id, q.lang_iso
+				FROM ' . $this->table_captcha_questions . ' q, ' . $this->table_captcha_answers . ' a
+				WHERE q.question_id = a.question_id
+				GROUP BY lang_iso';
+			$result = $db->sql_query($sql, 7200);
+
+			while ($row = $db->sql_fetchrow($result))
+			{
+				if (empty($this->question_lang))
+				{
+					$this->question_lang = $row['lang_iso'];
+				}
+				$this->question_ids[$row['question_id']] = $row['question_id'];
+			}
+			$db->sql_freeresult($result);
+		}
+
 		// okay, if there is a confirm_id, we try to load that confirm's state. If not, we try to find one
 		if (!$this->load_answer() && (!$this->load_confirm_id() || !$this->load_answer()))
 		{
@@ -200,7 +222,7 @@ class qa
 	{
 		global $template;
 
-		if ($this->is_solved())
+		if ($this->is_solved() || !count($this->question_ids))
 		{
 			return false;
 		}
@@ -370,7 +392,7 @@ class qa
 
 		if (!sizeof($this->question_ids))
 		{
-			return false;
+			return $user->lang['CONFIRM_QUESTION_MISSING'];
 		}
 
 		if (!$this->confirm_id)
-- 
cgit v1.2.1