Merge branch 'develop-ascraeus' into develop

* develop-ascraeus:
  [ticket/13271] Disable CC sender feature for anonymous users
  [prep-release-3.1.1] Add 3.1.1 CHANGELOG
  [prep-release-3.1.1] Add 3.1.1 migration file
  [ticket/13263] Make sure default style exists and clean up code
  [ticket/13263] Only install/set prosilver if no style available
  [ticket/13263] Use prosilver as default style if user's style doesn't exist
  [ticket/security-164] Correctly format page_name
  [ticket/security-164] Sanitize all global variables in symfony_request class
  [ticket/13248] Use functional framework login method in tests
  [ticket/13248] Correctly pass provider name
  [ticket/13248] Always use provider collection for getting provider
  [ticket/13248] Allow specifying different auth provider in provider collection
  [ticket/13248] Use auth provider collection for getting provider
  [ticket/13262] Mention htaccess file when updating from 3.0 to 3.1
  [ticket/13267] Update Automatic Update instructions to include vendor directory
  [ticket/13268] Properly append ternary result in get_existing_indexes()
  [prep-release-3.1.1] Update version number to 3.1.1

Conflicts:
	build/build.xml
	phpBB/includes/constants.php
	phpBB/install/schemas/schema_data.sql
	phpBB/styles/prosilver/style.cfg
	phpBB/styles/subsilver2/style.cfg
	phpBB/styles/subsilver2/template/memberlist_email.html

phpBB/phpbb/auth/auth.php

@@ -927,11 +927,11 @@ class auth
 	*/
 	function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0)
 	{
-		global $config, $db, $user, $phpbb_root_path, $phpEx, $phpbb_container;
+		global $db, $user, $phpbb_root_path, $phpEx, $phpbb_container;
 
-		$method = trim(basename($config['auth_method']));
+		$provider_collection = $phpbb_container->get('auth.provider_collection');
 
-		$provider = $phpbb_container->get('auth.provider.' . $method);
+		$provider = $provider_collection->get_provider();
 		if ($provider)
 		{
 			$login = $provider->login($username, $password);

phpBB/phpbb/auth/provider_collection.php

@@ -38,6 +38,7 @@ class provider_collection extends \phpbb\di\service_collection
 	/**
 	* Get an auth provider.
 	*
+	* @param string $provider_name The name of the auth provider
 	* @return object	Default auth provider selected in config if it
 	*			does exist. Otherwise the standard db auth
 	*			provider.
@@ -46,11 +47,12 @@ class provider_collection extends \phpbb\di\service_collection
 	*			auth provider exist. The db auth provider
 	*			should always exist in a phpBB installation.
 	*/
-	public function get_provider()
+	public function get_provider($provider_name = '')
 	{
-		if ($this->offsetExists('auth.provider.' . basename(trim($this->config['auth_method']))))
+		$provider_name = ($provider_name !== '') ? $provider_name : basename(trim($this->config['auth_method']));
+		if ($this->offsetExists('auth.provider.' . $provider_name))
 		{
-			return $this->offsetGet('auth.provider.' . basename(trim($this->config['auth_method'])));
+			return $this->offsetGet('auth.provider.' . $provider_name);
 		}
 		// Revert to db auth provider if selected method does not exist
 		else if ($this->offsetExists('auth.provider.db'))

phpBB/phpbb/db/migration/data/v31x/style_update.php

@@ -0,0 +1,136 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class style_update extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array('\phpbb\db\migration\data\v310\gold');
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('custom', array(array($this, 'update_installed_styles'))),
+		);
+	}
+
+	public function update_installed_styles()
+	{
+		// Get all currently available styles
+		$styles = $this->find_style_dirs();
+		$style_paths = $style_ids = array();
+
+		$sql = 'SELECT style_path, style_id
+				FROM ' . $this->table_prefix . 'styles';
+		$result = $this->db->sql_query($sql);
+		while ($styles_row = $this->db->sql_fetchrow())
+		{
+			if (in_array($styles_row['style_path'], $styles))
+			{
+				$style_paths[] = $styles_row['style_path'];
+				$style_ids[] = $styles_row['style_id'];
+			}
+		}
+		$this->db->sql_freeresult($result);
+
+		// Install prosilver if no style is available and prosilver can be installed
+		if (empty($style_paths) && in_array('prosilver', $styles))
+		{
+			// Try to parse config file
+			$cfg = parse_cfg_file($this->phpbb_root_path . 'styles/prosilver/style.cfg');
+
+			// Stop running this if prosilver cfg file can't be read
+			if (empty($cfg))
+			{
+				throw new \RuntimeException('No styles available and could not fall back to prosilver.');
+			}
+
+			$style = array(
+				'style_name'		=> 'prosilver',
+				'style_copyright'	=> '&copy; phpBB Limited',
+				'style_active'		=> 1,
+				'style_path'		=> 'prosilver',
+				'bbcode_bitfield'	=> 'kNg=',
+				'style_parent_id'	=> 0,
+				'style_parent_tree'	=> '',
+			);
+
+			// Add to database
+			$this->db->sql_transaction('begin');
+
+			$sql = 'INSERT INTO ' . $this->table_prefix . 'styles
+					' . $this->db->sql_build_array('INSERT', $style);
+			$this->db->sql_query($sql);
+
+			$style_id = $this->db->sql_nextid();
+			$style_ids[] = $style_id;
+
+			$this->db->sql_transaction('commit');
+
+			// Set prosilver to default style
+			$this->config->set('default_style', $style_id);
+		}
+		else if (empty($styles) && empty($available_styles))
+		{
+			throw new \RuntimeException('No valid styles available');
+		}
+
+		// Make sure default style is available
+		if (!in_array($this->config['default_style'], $style_ids))
+		{
+			$this->config->set('default_style', array_pop($style_ids));
+		}
+
+		// Reset users to default style if their user_style is nonexistent
+		$sql = 'UPDATE ' . $this->table_prefix . "users
+			SET user_style = {$this->config['default_style']}
+			WHERE " . $this->db->sql_in_set('user_style', $style_ids, true, true);
+		$this->db->sql_query($sql);
+	}
+
+	/**
+	 * Find all directories that have styles
+	 * Copied from acp_styles
+	 *
+	 * @return array Directory names
+	 */
+	protected function find_style_dirs()
+	{
+		$styles = array();
+		$styles_path = $this->phpbb_root_path . 'styles/';
+
+		$dp = @opendir($styles_path);
+		if ($dp)
+		{
+			while (($file = readdir($dp)) !== false)
+			{
+				$dir = $styles_path . $file;
+				if ($file[0] == '.' || !is_dir($dir))
+				{
+					continue;
+				}
+
+				if (file_exists("{$dir}/style.cfg"))
+				{
+					$styles[] = $file;
+				}
+			}
+			closedir($dp);
+		}
+
+		return $styles;
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v311.php

@@ -0,0 +1,32 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v311 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v310\gold',
+			'\phpbb\db\migration\data\v31x\style_update',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.1')),
+		);
+	}
+}

phpBB/phpbb/db/tools.php

@@ -2643,7 +2643,7 @@ class tools
 							AND cols.id = ix.id
 					WHERE ix.id = object_id('{$table_name}')
 						AND cols.name = '{$column_name}'
-						AND INDEXPROPERTY(ix.id, ix.name, 'IsUnique') = " . ($unique) ? '1' : '0';
+						AND INDEXPROPERTY(ix.id, ix.name, 'IsUnique') = " . ($unique ? '1' : '0');
 				}
 				else
 				{
@@ -2657,7 +2657,7 @@ class tools
 							AND cols.object_id = ix.object_id
 					WHERE ix.object_id = object_id('{$table_name}')
 						AND cols.name = '{$column_name}'
-						AND ix.is_unique = " . ($unique) ? '1' : '0';
+						AND ix.is_unique = " . ($unique ? '1' : '0');
 				}
 			break;
 

phpBB/phpbb/message/form.php

@@ -146,7 +146,7 @@ abstract class form
 				WHERE user_id = ' . $this->user->data['user_id'];
 			$this->db->sql_query($sql);
 
-			if ($this->cc_sender)
+			if ($this->cc_sender && $this->user->data['is_registered'])
 			{
 				$this->message->cc_sender();
 			}

phpBB/phpbb/session.php

@@ -87,7 +87,7 @@ class session
 		$symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo());
 		if ($symfony_request_path !== '/')
 		{
-			$page_name .= $symfony_request_path;
+			$page_name .= str_replace('%2F', '/', urlencode($symfony_request_path));
 		}
 
 		// current directory within the phpBB root (for example: adm)

phpBB/phpbb/symfony_request.php

@@ -38,6 +38,9 @@ class symfony_request extends Request
 
 		array_walk_recursive($get_parameters, $sanitizer);
 		array_walk_recursive($post_parameters, $sanitizer);
+		array_walk_recursive($server_parameters, $sanitizer);
+		array_walk_recursive($files_parameters, $sanitizer);
+		array_walk_recursive($cookie_parameters, $sanitizer);
 
 		parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
 	}