diff --git a/phpBB/cache/.htaccess b/phpBB/cache/.htaccess
index aa5afc1640..44242b5418 100644
--- a/phpBB/cache/.htaccess
+++ b/phpBB/cache/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
\ No newline at end of file
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
diff --git a/phpBB/config/.htaccess b/phpBB/config/.htaccess
index 4128d345ab..163ddd802f 100644
--- a/phpBB/config/.htaccess
+++ b/phpBB/config/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
\ No newline at end of file
diff --git a/phpBB/files/.htaccess b/phpBB/files/.htaccess
index aa5afc1640..163ddd802f 100644
--- a/phpBB/files/.htaccess
+++ b/phpBB/files/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
\ No newline at end of file
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
\ No newline at end of file
diff --git a/phpBB/images/avatars/upload/.htaccess b/phpBB/images/avatars/upload/.htaccess
index aa5afc1640..163ddd802f 100644
--- a/phpBB/images/avatars/upload/.htaccess
+++ b/phpBB/images/avatars/upload/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
\ No newline at end of file
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
\ No newline at end of file
diff --git a/phpBB/includes/.htaccess b/phpBB/includes/.htaccess
index 4128d345ab..163ddd802f 100644
--- a/phpBB/includes/.htaccess
+++ b/phpBB/includes/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
\ No newline at end of file
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index 0a3dc7ac13..c056d93fb4 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -118,7 +118,7 @@ function generate_smilies($mode, $forum_id)
SMILIES_TABLE => 's',
],
'GROUP_BY' => 's.smiley_url, s.smiley_width, s.smiley_height',
- 'ORDER_BY' => 's.min_smiley_order',
+ 'ORDER_BY' => 'min_smiley_order',
];
}
else
diff --git a/phpBB/phpbb/profilefields/manager.php b/phpBB/phpbb/profilefields/manager.php
index 5daa61076c..8af2fe12ad 100644
--- a/phpBB/phpbb/profilefields/manager.php
+++ b/phpBB/phpbb/profilefields/manager.php
@@ -254,6 +254,13 @@ class manager
/** @var \phpbb\profilefields\type\type_interface $profile_field */
$profile_field = $this->type_collection[$row['field_type']];
$cp_data['pf_' . $row['field_ident']] = $profile_field->get_profile_field($row);
+
+ /**
+ * Replace Emoji and other 4bit UTF-8 chars not allowed by MySQL
+ * with their Numeric Character Reference's Hexadecimal notation.
+ */
+ $cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
+
$check_value = $cp_data['pf_' . $row['field_ident']];
if (($cp_result = $profile_field->validate_profile_field($check_value, $row)) !== false)
diff --git a/phpBB/store/.htaccess b/phpBB/store/.htaccess
index aa5afc1640..163ddd802f 100644
--- a/phpBB/store/.htaccess
+++ b/phpBB/store/.htaccess
@@ -1,4 +1,33 @@
-<Files *>
- Order Allow,Deny
- Deny from All
-</Files>
\ No newline at end of file
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+ <IfVersion < 2.4>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfVersion>
+ <IfVersion >= 2.4>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+ <IfModule !mod_authz_core.c>
+ <Files "*">
+ Order Allow,Deny
+ Deny from All
+ </Files>
+ </IfModule>
+ <IfModule mod_authz_core.c>
+ <Files "*">
+ Require all denied
+ </Files>
+ </IfModule>
+</IfModule>
\ No newline at end of file
diff --git a/tests/functional/smilies_test.php b/tests/functional/smilies_test.php
new file mode 100644
index 0000000000..f17171bd1f
--- /dev/null
+++ b/tests/functional/smilies_test.php
@@ -0,0 +1,47 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @group functional
+*/
+class phpbb_functional_smilies_test extends phpbb_functional_test_case
+{
+ public function test_smilies_mode()
+ {
+ $this->login();
+
+ // Get smilies data
+ $db = $this->get_db();
+ $sql_ary = [
+ 'SELECT' => 's.smiley_url, MIN(s.emotion) AS emotion, MIN(s.code) AS code, s.smiley_width, s.smiley_height, MIN(s.smiley_order) AS min_smiley_order',
+ 'FROM' => [
+ SMILIES_TABLE => 's',
+ ],
+ 'GROUP_BY' => 's.smiley_url, s.smiley_width, s.smiley_height',
+ 'ORDER_BY' => 'min_smiley_order',
+ ];
+ $sql = $db->sql_build_query('SELECT', $sql_ary);
+ $result = $db->sql_query($sql);
+ $smilies = $db->sql_fetchrowset($result);
+ $db->sql_freeresult($result);
+
+ // Visit smilies page
+ $crawler = self::request('GET', 'posting.php?mode=smilies');
+ foreach ($smilies as $index => $smiley)
+ {
+ $this->assertContains($smiley['smiley_url'],
+ $crawler->filter('div[class="inner"] > a > img')->eq($index)->attr('src')
+ );
+ }
+ }
+}
diff --git a/tests/functional/ucp_profile_test.php b/tests/functional/ucp_profile_test.php
index 2d68704162..68263c11f7 100644
--- a/tests/functional/ucp_profile_test.php
+++ b/tests/functional/ucp_profile_test.php
@@ -44,4 +44,23 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
$this->assertEquals('phpbb_twitter', $form->get('pf_phpbb_twitter')->getValue());
$this->assertEquals('phpbb.youtube', $form->get('pf_phpbb_youtube')->getValue());
}
+
+ public function test_submitting_emoji()
+ {
+ $this->add_lang('ucp');
+ $this->login();
+
+ $crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
+ $this->assertContainsLang('UCP_PROFILE_PROFILE_INFO', $crawler->filter('#cp-main h2')->text());
+
+ $form = $crawler->selectButton('Submit')->form([
+ 'pf_phpbb_location' => '😁', // grinning face with smiling eyes Emoji
+ ]);
+ $crawler = self::submit($form);
+ $this->assertContainsLang('PROFILE_UPDATED', $crawler->filter('#message')->text());
+
+ $crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
+ $form = $crawler->selectButton('Submit')->form();
+ $this->assertEquals('😁', $form->get('pf_phpbb_location')->getValue());
+ }
}