diff --git a/build/build_diff.php b/build/build_diff.php index ab3bb774b7..9cd99bdb72 100755 --- a/build/build_diff.php +++ b/build/build_diff.php @@ -11,9 +11,9 @@ // CONFIG - Begin $substitute_old = '3.0.6'; -$substitute_new = '3.0.7-RC1'; +$substitute_new = '3.0.7-RC2'; $simple_name_old = 'phpbb306'; -$simple_name_new = 'phpbb307-RC1'; +$simple_name_new = 'phpbb307-RC2'; $echo_changes = false; // Set this to true to just compress the changes and do not build them again // This should be used for building custom modified txt file. ;) @@ -405,4 +405,4 @@ function run_command($command) echo "\n- Command Run: " . $command . "\n"; } -?> \ No newline at end of file +?> diff --git a/build/diff_class.php b/build/diff_class.php index 0d7c2dcd3a..4625ffde24 100644 --- a/build/diff_class.php +++ b/build/diff_class.php @@ -1181,7 +1181,19 @@ class BBCodeDiffFormatter extends DiffFormatter $text = implode('', $order_array['find_c']); if ($text === "\n" || $text === "\t" || $text === '') { - return true; + if (isset($order_array['first_find_c'][0]) && + is_array($order_array['first_find_c'][0]) && + trim(implode('', $order_array['first_find_c'][0])) != '' && + isset($order_array['replace'])) + { + $order_array['add'] = $order_array['replace']; + unset($order_array['replace']); + // this is actually an after add + } + else + { + return true; + } } } @@ -1223,18 +1235,42 @@ class BBCodeDiffFormatter extends DiffFormatter $text = implode('', $order_array['find_c']); if ($text === "\n" || $text === "\t" || $text === '') { - continue; + // no real find, use first_find_c if possible! + //var_dump($order_array); + if (is_array($order_array['first_find_c'][0])) + { + $order_array['find_c'] = $order_array['first_find_c'][0]; + } + else + { + if (isset($order_array['replace']) || isset($order_array['add']) || isset($order_array['delete'])) + { + echo "skipped an edit!\n"; + var_dump($order_array); + } + continue; + } } - - if (strlen(implode('', $order_array['find_c'])) < 50 && is_array($order_array['first_find_c'][0])) + else { - $html .= "#\n#-----[ FIND ]---------------------------------------------\n# Around Line {$ybeg}\n"; - $html .= implode("", $order_array['first_find_c'][0]); - $html .= "\n"; - $ybeg += sizeof($order_array['first_find_c'][0]); + if (strlen(implode('', $order_array['find_c'])) < 50 && is_array($order_array['first_find_c'][0])) + { + $html .= "#\n#-----[ FIND ]---------------------------------------------\n# Around Line {$ybeg}\n"; + $html .= implode("", $order_array['first_find_c'][0]); + $html .= "\n"; + $ybeg += sizeof($order_array['first_find_c'][0]); + } } } + // still here but nothing to do? what the heck? + if (!isset($order_array['replace']) && !isset($order_array['add']) && !isset($order_array['delete'])) + { + echo "skipped an edit!\n"; + var_dump($order_array); + continue; + } + if (sizeof($order_array['find_c'])) { $html .= "#\n#-----[ FIND ]---------------------------------------------\n# Around Line {$ybeg}\n"; @@ -1309,7 +1345,7 @@ class BBCodeDiffFormatter extends DiffFormatter { if (isset($hunk['a']) && isset($hunk['d'])) { - /* if (sizeof($hunk['a']) == 1 && sizeof($hunk['d']) == 1) + /**/ if (sizeof($hunk['a']) == 1 && sizeof($hunk['d']) == 1) { if (preg_match('/\* @version \$Id:.+\$$/', $hunk['a'][0]) && preg_match('/\* @version \$Id:.+\$$/', $hunk['d'][0])) { @@ -1318,7 +1354,7 @@ class BBCodeDiffFormatter extends DiffFormatter $reorder = true; continue; } - }*/ + }/**/ // Compare the add and replace one... $string_1 = rtrim(trim(implode('', $hunk['a']))); @@ -1349,7 +1385,7 @@ class BBCodeDiffFormatter extends DiffFormatter { if (isset($hunk['a']) && isset($hunk['d'])) { - /* if (sizeof($hunk['a']) == 1 && sizeof($hunk['d']) == 1) + /**/ if (sizeof($hunk['a']) == 1 && sizeof($hunk['d']) == 1) { if (preg_match('/\* @version \$Id:.+\$$/', $hunk['a'][0]) && preg_match('/\* @version \$Id:.+\$$/', $hunk['d'][0])) { @@ -1358,7 +1394,7 @@ class BBCodeDiffFormatter extends DiffFormatter $reorder = true; continue; } - }*/ + }/**/ // Compare the add and replace one... $string_1 = rtrim(trim(implode('', $hunk['a']))); @@ -1673,5 +1709,3 @@ class MODXDiffFormatter extends BBCodeDiffFormatter { } } - -?> \ No newline at end of file diff --git a/build/package.php b/build/package.php index 50a9e76ab7..68bdfb5a13 100755 --- a/build/package.php +++ b/build/package.php @@ -15,7 +15,7 @@ // If RC8 drops remove the install/data directory //$versions = array('3.0.2', '3.0.3-RC1', '3.0.3', '3.0.4-RC1', '3.0.4', '3.0.5-RC1', '3.0.5', '3.0.6-RC1', '3.0.6-RC2', '3.0.6-RC3'); //$versions = array('3.0.2', '3.0.3', '3.0.4', '3.0.5', '3.0.6', '3.0.7-RC1', '3.0.7'); -$versions = array('3.0.2', '3.0.3-RC1', '3.0.3', '3.0.4-RC1', '3.0.4', '3.0.5-RC1', '3.0.5', '3.0.6-RC1', '3.0.6-RC2', '3.0.6-RC3', '3.0.6-RC4', '3.0.6', '3.0.7-RC1'); +$versions = array('3.0.2', '3.0.3-RC1', '3.0.3', '3.0.4-RC1', '3.0.4', '3.0.5-RC1', '3.0.5', '3.0.6-RC1', '3.0.6-RC2', '3.0.6-RC3', '3.0.6-RC4', '3.0.6', '3.0.7-RC1', '3.0.7-RC2'); $verbose = false; require('build_helper.php'); diff --git a/phpBB/adm/style/confirm_bbcode.html b/phpBB/adm/style/confirm_bbcode.html new file mode 100644 index 0000000000..52a6523984 --- /dev/null +++ b/phpBB/adm/style/confirm_bbcode.html @@ -0,0 +1,22 @@ + + +
+
+

{L_WARNING}

+

{MESSAGE_TEXT}

+
+
+ + + {S_HIDDEN_FIELDS} + +
+   + +
+ +
+ +
+ + diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 9f6b886932..335628cac6 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -98,7 +98,7 @@
  • [Fix] Do not link to user profile in ATOM feed entry if post has been made by the guest user. (Bug #54275)
  • [Fix] Make word censoring case insensitive. (Bug #54265)
  • [Fix] Fulltext-MySQL search for keywords and username at the same time. (Bug #54325)
    • -
  • [Fix] Various XHTML and CSS mistakes in prosilver. (Bugs #54705, #55895)
    • +
  • [Fix] Various XHTML and CSS mistakes in prosilver and subsilver2. (Bugs #54705, #55895, #57505)
  • [Fix] Correctly show topic ATOM feed link when only post id is specified. (Bug #53025)
  • [Fix] Cleanly handle forum/topic not found in ATOM Feeds. (Bug #54295)
  • [Fix] PHP 5.3 compatibility: Check if function dl() exists before calling it. (Bug #54665)
    • @@ -141,7 +141,7 @@
  • [Fix] Properly paginate unapproved posts in the MCP. (Bug #56285)
  • [Fix] Do not duplicate previous/next links in pagination text of moderator logs and user notes in MCP for subsilver2. (Bug #55045)
  • [Fix] Do not automatically unsubscribe users from topics, when email and jabber is disabled.
    • -
  • [Fix] Don't send activation email when user tries to change email without permission (fix by nrohler). (Bug #56335)
    • +
  • [Fix] Don't send activation email when user tries to change email without permission. (Bug #56335 - Fix by nrohler)
  • [Fix] Replace hard coded "px" with translated language-string. (Bug #52495)
  • [Fix] Correctly hover list menu in UCP and MCP for RTL languages. (Bug #49945)
  • [Fix] Correctly orientate quoted text image on RTL languages. (Bug #33745)
    • @@ -153,6 +153,18 @@
  • [Fix] Fix language string for PM-Reports refering to post-data. (Bug #54745)
  • [Fix] Do not store email templates in database. (Bug #54505)
  • [Fix] Fix javascript bug in the smilies ACP. (Bug #55725)
    • +
  • [Fix] Unify BBCode Selection across browsers. (Bug #38765)
    • +
  • [Fix] Allow convertors to read in configuration from files. (Bug #57265 - Patch by Dicky)
    • +
  • [Fix] Fix problems with firebird by no longer using 'count' as a column alias. (Bug #57455)
    • +
  • [Fix] Small language correction for the FAQ page. (Bug #57825)
    • +
  • [Fix] Restrict search for language/../iso.txt to folders. (Bug #57795)
    • +
  • [Fix] Make user_email_hash() function independent from system's architecture. (Bug #57755)
    • +
  • [Fix] Correct behavior of "force_approved_state" when value is false. (Bug #57715)
    • +
  • [Fix] Global announcements could not be accessed on a board using Firebird as the database server. (Bug #57525)
    • +
  • [Fix] BBCode parser now uses the user object for all settings rather than taking some from the template object (Bug #57365)
    • +
  • [Fix] Ensure a database connection is available before logging general errors. (Bug #57975)
    • +
  • [Fix] Do not delete unrelated attachments when deleting empty forums. (Bug #57375)
    • +
  • [Fix] Update: Store expected resulting file contents in cache and do not suggest further merges if the contents match, also fixes infinite merge loop (Bug #54075)
  • [Change] Move redirect into a hidden field to avoid issues with mod_security. (Bug #54145)
  • [Change] Log activation through inactive users ACP. (Bug #30145)
  • [Change] Send time of last item instead of current time in ATOM Feeds. (Bug #53305)
    • @@ -171,7 +183,11 @@
  • [Change] Tweak Q&A CAPTCHA garbage collection.
  • [Change] Show a proper preview for the Q&A CAPTCHA. (Bug #56365)
  • [Change] Speed up topic move operation by adding an index for topic_id on the topics track table. (Bug #56545)
    • +
  • [Change] Warn users about potentially dangerous BBcodes.
  • [Feature] Ability to use HTTP authentication in ATOM feeds by passing the GET parameter "auth=http".
    • +
  • [Feature] Add INTTEXT token type to custom bbcodes to allow non-ASCII letters in html attributes.
    • +
  • [Feature] Add ability to enable quick reply in all forums.
    • +

    1.ii. Changes since 3.0.5

    diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index b827d1107e..ab042f15bf 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -33,7 +33,7 @@ class acp_bbcodes // Set up general vars $action = request_var('action', ''); $bbcode_id = request_var('bbcode', 0); - + $this->tpl_name = 'acp_bbcodes'; $this->page_title = 'ACP_BBCODES'; $form_key = 'acp_bbcodes'; @@ -123,122 +123,138 @@ class acp_bbcodes case 'modify': case 'create': - - $data = $this->build_regexp($bbcode_match, $bbcode_tpl); - - // Make sure the user didn't pick a "bad" name for the BBCode tag. - $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); - - if (($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag'])) || ($action == 'create')) + + $warn_text = preg_match('%<[^>]*\{text[\d]*\}[^>]*>%i', $bbcode_tpl); + if (!$warn_text || confirm_box(true)) { - $sql = 'SELECT 1 as test - FROM ' . BBCODES_TABLE . " - WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; - $result = $db->sql_query($sql); - $info = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $data = $this->build_regexp($bbcode_match, $bbcode_tpl); - // Grab the end, interrogate the last closing tag - if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded))) + // Make sure the user didn't pick a "bad" name for the BBCode tag. + $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); + + if (($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag'])) || ($action == 'create')) { - trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); - } - } + $sql = 'SELECT 1 as test + FROM ' . BBCODES_TABLE . " + WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; + $result = $db->sql_query($sql); + $info = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (substr($data['bbcode_tag'], -1) === '=') - { - $test = substr($data['bbcode_tag'], 0, -1); - } - else - { - $test = $data['bbcode_tag']; - } - - if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) - { - trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - if (strlen($data['bbcode_tag']) > 16) - { - trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - if (strlen($bbcode_match) > 4000) - { - trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - - if (strlen($bbcode_helpline) > 255) - { - trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - $sql_ary = array( - 'bbcode_tag' => $data['bbcode_tag'], - 'bbcode_match' => $bbcode_match, - 'bbcode_tpl' => $bbcode_tpl, - 'display_on_posting' => $display_on_posting, - 'bbcode_helpline' => $bbcode_helpline, - 'first_pass_match' => $data['first_pass_match'], - 'first_pass_replace' => $data['first_pass_replace'], - 'second_pass_match' => $data['second_pass_match'], - 'second_pass_replace' => $data['second_pass_replace'] - ); - - if ($action == 'create') - { - $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id - FROM ' . BBCODES_TABLE; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - $bbcode_id = $row['max_bbcode_id'] + 1; - - // Make sure it is greater than the core bbcode ids... - if ($bbcode_id <= NUM_CORE_BBCODES) + // Grab the end, interrogate the last closing tag + if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded))) { - $bbcode_id = NUM_CORE_BBCODES + 1; + trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); } } + + if (substr($data['bbcode_tag'], -1) === '=') + { + $test = substr($data['bbcode_tag'], 0, -1); + } else { - $bbcode_id = NUM_CORE_BBCODES + 1; + $test = $data['bbcode_tag']; } - if ($bbcode_id > 1511) + if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) { - trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); + trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING); } - $sql_ary['bbcode_id'] = (int) $bbcode_id; + if (strlen($data['bbcode_tag']) > 16) + { + trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); + } - $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); - $cache->destroy('sql', BBCODES_TABLE); + if (strlen($bbcode_match) > 4000) + { + trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); + } + + + if (strlen($bbcode_helpline) > 255) + { + trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); + } - $lang = 'BBCODE_ADDED'; - $log_action = 'LOG_BBCODE_ADD'; + $sql_ary = array( + 'bbcode_tag' => $data['bbcode_tag'], + 'bbcode_match' => $bbcode_match, + 'bbcode_tpl' => $bbcode_tpl, + 'display_on_posting' => $display_on_posting, + 'bbcode_helpline' => $bbcode_helpline, + 'first_pass_match' => $data['first_pass_match'], + 'first_pass_replace' => $data['first_pass_replace'], + 'second_pass_match' => $data['second_pass_match'], + 'second_pass_replace' => $data['second_pass_replace'] + ); + + if ($action == 'create') + { + $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id + FROM ' . BBCODES_TABLE; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + $bbcode_id = $row['max_bbcode_id'] + 1; + + // Make sure it is greater than the core bbcode ids... + if ($bbcode_id <= NUM_CORE_BBCODES) + { + $bbcode_id = NUM_CORE_BBCODES + 1; + } + } + else + { + $bbcode_id = NUM_CORE_BBCODES + 1; + } + + if ($bbcode_id > 1511) + { + trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); + } + + $sql_ary['bbcode_id'] = (int) $bbcode_id; + + $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); + $cache->destroy('sql', BBCODES_TABLE); + + $lang = 'BBCODE_ADDED'; + $log_action = 'LOG_BBCODE_ADD'; + } + else + { + $sql = 'UPDATE ' . BBCODES_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE bbcode_id = ' . $bbcode_id; + $db->sql_query($sql); + $cache->destroy('sql', BBCODES_TABLE); + + $lang = 'BBCODE_EDITED'; + $log_action = 'LOG_BBCODE_EDIT'; + } + + add_log('admin', $log_action, $data['bbcode_tag']); + + trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); } else - { - $sql = 'UPDATE ' . BBCODES_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' - WHERE bbcode_id = ' . $bbcode_id; - $db->sql_query($sql); - $cache->destroy('sql', BBCODES_TABLE); - - $lang = 'BBCODE_EDITED'; - $log_action = 'LOG_BBCODE_EDIT'; + { + confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array( + 'action' => $action, + 'bbcode' => $bbcode_id, + 'bbcode_match' => $bbcode_match, + 'bbcode_tpl' => htmlspecialchars($bbcode_tpl), + 'bbcode_helpline' => $bbcode_helpline, + 'display_on_posting' => $display_on_posting, + )) + , 'confirm_bbcode.html'); } - add_log('admin', $log_action, $data['bbcode_tag']); - - trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); - break; case 'delete': @@ -299,6 +315,7 @@ class acp_bbcodes { $bbcode_match = trim($bbcode_match); $bbcode_tpl = trim($bbcode_tpl); + $utf8 = strpos($bbcode_match, 'INTTEXT') !== false; $fp_match = preg_quote($bbcode_match, '!'); $fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $bbcode_match); @@ -326,6 +343,9 @@ class acp_bbcodes 'SIMPLETEXT' => array( '!([a-zA-Z0-9-+.,_ ]+)!' => "$1" ), + 'INTTEXT' => array( + '!([\p{L}\p{N}+-,_.\s]+)!u' => "$1" + ), 'IDENTIFIER' => array( '!([a-zA-Z0-9-_]+)!' => "$1" ), @@ -343,6 +363,7 @@ class acp_bbcodes 'EMAIL' => '(' . get_preg_expression('email') . ')', 'TEXT' => '(.*?)', 'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)', + 'INTTEXT' => '([\p{L}\p{N}+-,_.\s]+)', 'IDENTIFIER' => '([a-zA-Z0-9-_]+)', 'COLOR' => '([a-zA-Z]+|#[0-9abcdefABCDEF]+)', 'NUMBER' => '([0-9]+)', @@ -350,7 +371,8 @@ class acp_bbcodes $pad = 0; $modifiers = 'i'; - + $modifiers .= ($utf8) ? 'u' : ''; + if (preg_match_all('/\{(' . implode('|', array_keys($tokens)) . ')[0-9]*\}/i', $bbcode_match, $m)) { foreach ($m[0] as $n => $token) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 20a63e646e..a5feac1902 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -34,7 +34,7 @@ class acp_board $user->add_lang('acp/board'); $action = request_var('action', ''); - $submit = (isset($_POST['submit'])) ? true : false; + $submit = (isset($_POST['submit']) || isset($_POST['allow_quick_reply_enable'])) ? true : false; $form_key = 'acp_board'; add_form_key($form_key); @@ -89,7 +89,7 @@ class acp_board 'allow_nocensors' => array('lang' => 'ALLOW_NO_CENSORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'allow_bookmarks' => array('lang' => 'ALLOW_BOOKMARKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'allow_birthdays' => array('lang' => 'ALLOW_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'custom', 'method' => 'quick_reply', 'explain' => true), 'legend2' => 'ACP_LOAD_SETTINGS', 'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), @@ -173,7 +173,7 @@ class acp_board 'allow_nocensors' => array('lang' => 'ALLOW_NO_CENSORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'allow_bookmarks' => array('lang' => 'ALLOW_BOOKMARKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'enable_post_confirm' => array('lang' => 'VISUAL_CONFIRM_POST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'allow_quick_reply' => array('lang' => 'ALLOW_QUICK_REPLY', 'validate' => 'bool', 'type' => 'custom', 'method' => 'quick_reply', 'explain' => true), 'legend2' => 'POSTING', 'bump_type' => false, @@ -472,6 +472,11 @@ class acp_board if ($submit) { set_config($config_name, $config_value); + + if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable'])) + { + enable_bitfield_column_flag(FORUMS_TABLE, 'forum_flags', log(FORUM_FLAG_QUICK_REPLY, 2)); + } } } @@ -858,6 +863,20 @@ class acp_board return h_radio('config[board_disable]', $radio_ary, $value) . '
    '; } + /** + * Global quick reply enable/disable setting and button to enable in all forums + */ + function quick_reply($value, $key) + { + global $user; + + $radio_ary = array(1 => 'YES', 0 => 'NO'); + + return h_radio('config[allow_quick_reply]', $radio_ary, $value) . + '

    '; + } + + /** * Select default dateformat */ diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index e1deb7e533..3d64a2acda 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -941,11 +941,12 @@ class acp_icons { global $db; - $sql = "SELECT COUNT(*) AS count + $sql = "SELECT COUNT(*) AS item_count FROM $table"; $result = $db->sql_query($sql); - $item_count = (int) $db->sql_fetchfield('count'); + $item_count = (int) $db->sql_fetchfield('item_count'); $db->sql_freeresult($result); + return $item_count; } } diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index 8ca45a27f6..fedae6fe67 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -1120,6 +1120,11 @@ class acp_language { while (($file = readdir($dp)) !== false) { + if (!is_dir($phpbb_root_path . 'language/' . $file)) + { + continue; + } + if ($file[0] != '.' && file_exists("{$phpbb_root_path}language/$file/iso.txt")) { if (!in_array($file, $installed)) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index f58852c00b..d77bb3c4a7 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -137,7 +137,7 @@ class bbcode if (!@file_exists($this->template_filename)) { - if (isset($template->orig_tpl_inherits_id) && $template->orig_tpl_inherits_id) + if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id']) { $this->template_filename = $phpbb_root_path . 'styles/' . $user->theme['template_inherit_path'] . '/template/bbcode.html'; if (!@file_exists($this->template_filename)) @@ -360,7 +360,7 @@ class bbcode // In order to use templates with custom bbcodes we need // to replace all {VARS} to corresponding backreferences // Note that backreferences are numbered from bbcode_match - if (preg_match_all('/\{(URL|LOCAL_URL|EMAIL|TEXT|SIMPLETEXT|IDENTIFIER|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m)) + if (preg_match_all('/\{(URL|LOCAL_URL|EMAIL|TEXT|SIMPLETEXT|INTTEXT|IDENTIFIER|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m)) { foreach ($m[0] as $i => $tok) { diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php index ef4d8e9fac..49a64b9339 100644 --- a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php @@ -137,14 +137,14 @@ class phpbb_captcha_qa return false; } - $sql = 'SELECT COUNT(question_id) as count + $sql = 'SELECT COUNT(question_id) AS question_count FROM ' . CAPTCHA_QUESTIONS_TABLE . " WHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - return ((bool) $row['count']); + return ((bool) $row['question_count']); } /** diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index c592e7ef57..0157fbd422 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -25,7 +25,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -define('PHPBB_VERSION', '3.0.7-RC1'); +define('PHPBB_VERSION', '3.0.7-RC2'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index a962696bb8..eeddf1f41b 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -429,6 +429,24 @@ class dbal return $column_name . ' & ' . (1 << $bit) . (($compare) ? ' ' . $compare : ''); } + /** + * Run binary OR operator on DB column. + * Results in sql statement: "{$column_name} | (1 << {$bit}) {$compare}" + * + * @param string $column_name The column name to use + * @param int $bit The value to use for the OR operator, will be converted to (1 << $bit). Is used by options, using the number schema... 0, 1, 2...29 + * @param string $compare Any custom SQL code after the check (for example "= 0") + */ + function sql_bit_or($column_name, $bit, $compare = '') + { + if (method_exists($this, '_sql_bit_or')) + { + return $this->_sql_bit_or($column_name, $bit, $compare); + } + + return $column_name . ' | ' . (1 << $bit) . (($compare) ? ' ' . $compare : ''); + } + /** * Run more than one insert statement. * diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index fb1ef44c55..e554b0f2fb 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -451,6 +451,11 @@ class dbal_firebird extends dbal return 'BIN_AND(' . $column_name . ', ' . (1 << $bit) . ')' . (($compare) ? ' ' . $compare : ''); } + function _sql_bit_or($column_name, $bit, $compare = '') + { + return 'BIN_OR(' . $column_name . ', ' . (1 << $bit) . ')' . (($compare) ? ' ' . $compare : ''); + } + /** * return sql error array * @access private diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index 63cdb7126d..55b3599800 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -622,6 +622,11 @@ class dbal_oracle extends dbal return 'BITAND(' . $column_name . ', ' . (1 << $bit) . ')' . (($compare) ? ' ' . $compare : ''); } + function _sql_bit_or($column_name, $bit, $compare = '') + { + return 'BITOR(' . $column_name . ', ' . (1 << $bit) . ')' . (($compare) ? ' ' . $compare : ''); + } + /** * return sql error array * @access private diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 823c71dbf0..4b73aa4af9 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -556,11 +556,11 @@ function _hash_crypt_private($password, $setting, &$itoa64) * * @param string $email Email address * -* @return string Big Integer +* @return string Unsigned Big Integer */ function phpbb_email_hash($email) { - return crc32(strtolower($email)) . strlen($email); + return sprintf('%u', crc32(strtolower($email))) . strlen($email); } /** @@ -3531,7 +3531,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) } } - if (defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) + if ((defined('DEBUG') || defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) { // let's avoid loops $db->sql_return_on_error(true); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index a1bc2e7795..c033684ae1 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -102,7 +102,7 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = { $disabled = true; } - else if (!$only_acl_post && !$auth->acl_gets(array('a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id'])) + else if (!$only_acl_post && !$auth->acl_gets(array('f_list', 'a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id'])) { $disabled = true; } @@ -913,7 +913,13 @@ function delete_attachments($mode, $ids, $resync = true) { global $db, $config; - if (is_array($ids) && sizeof($ids)) + // 0 is as bad as an empty array + if (empty($ids)) + { + return false; + } + + if (is_array($ids)) { $ids = array_unique($ids); $ids = array_map('intval', $ids); @@ -923,11 +929,6 @@ function delete_attachments($mode, $ids, $resync = true) $ids = array((int) $ids); } - if (!sizeof($ids)) - { - return false; - } - $sql_where = ''; switch ($mode) @@ -3308,4 +3309,24 @@ function obtain_latest_version_info($force_update = false, $warn_fail = false, $ return $info; } +/** + * Enables a particular flag in a bitfield column of a given table. + * + * @param string $table_name The table to update + * @param string $column_name The column containing a bitfield to update + * @param int $flag The binary flag which is OR-ed with the current column value + * @param string $sql_more This string is attached to the sql query generated to update the table. + * + * @return void + */ +function enable_bitfield_column_flag($table_name, $column_name, $flag, $sql_more = '') +{ + global $db; + + $sql = 'UPDATE ' . $table_name . ' + SET ' . $column_name . ' = ' . $db->sql_bit_or($column_name, $flag) . ' + ' . $sql_more; + $db->sql_query($sql); +} + ?> \ No newline at end of file diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 82ec114c09..048212bcfe 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -205,10 +205,12 @@ function get_group_id($group_name) /** * Generate the email hash stored in the users table +* +* Note: Deprecated, calls should directly go to phpbb_email_hash() */ function gen_email_hash($email) { - return (crc32(strtolower($email)) . strlen($email)); + return phpbb_email_hash($email); } /** @@ -1232,6 +1234,11 @@ function get_config() $convert->p_master->error($user->lang['FILE_NOT_FOUND'] . ': ' . $filename, __LINE__, __FILE__); } + if (isset($convert->config_schema['array_name'])) + { + unset($convert->config_schema['array_name']); + } + $convert_config = extract_variables_from_file($filename); if (!empty($convert->config_schema['array_name'])) { @@ -1264,6 +1271,7 @@ function restore_config($schema) global $db, $config; $convert_config = get_config(); + foreach ($schema['settings'] as $config_name => $src) { if (preg_match('/(.*)\((.*)\)/', $src, $m)) @@ -1274,8 +1282,16 @@ function restore_config($schema) } else { - $config_value = (isset($convert_config[$src])) ? $convert_config[$src] : ''; - } + if ($schema['table_format'] != 'file' || empty($schema['array_name'])) + { + $config_value = (isset($convert_config[$src])) ? $convert_config[$src] : ''; + } + else if (!empty($schema['array_name'])) + { + $src_ary = $schema['array_name']; + $config_value = (isset($convert_config[$src_ary][$src])) ? $convert_config[$src_ary][$src] : ''; + } + } if ($config_value !== '') { diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 0a31ea49a8..49ea382411 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -46,7 +46,7 @@ function generate_smilies($mode, $forum_id) page_header($user->lang['SMILIES']); - $sql = 'SELECT COUNT(smiley_id) AS count + $sql = 'SELECT COUNT(smiley_id) AS item_count FROM ' . SMILIES_TABLE . ' GROUP BY smiley_url'; $result = $db->sql_query($sql, 3600); diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index 5a6603883b..1d6b79bbec 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -32,7 +32,7 @@ unset($dbpasswd); $convertor_data = array( 'forum_name' => 'phpBB 2.0.x', 'version' => '1.0.3', - 'phpbb_version' => '3.0.6', + 'phpbb_version' => '3.0.7', 'author' => 'phpBB Group', 'dbms' => $dbms, 'dbhost' => $dbhost, @@ -78,6 +78,15 @@ $tables = array( * * 'table_format' can take the value 'file' to indicate a config file. In this case array_name * is set to indicate the name of the array the config values are stored in +* Example of using a file: +* $config_schema = array( +* 'table_format' => 'file', +* 'filename' => 'NAME OF FILE', // If the file is not in the root directory, the path needs to be added with no leading slash +* 'array_name' => 'NAME OF ARRAY', // Only used if the configuration file stores the setting in an array. +* 'settings' => array( +* 'board_email' => 'SUPPORT_EMAIL', // target config name => source target name +* ) +* ); * 'table_format' can be an array if the values are stored in a table which is an assosciative array * (as per phpBB 2.0.x) * If left empty, values are assumed to be stored in a table where each config setting is diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 1d58276b10..9bb09747da 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -8,7 +8,7 @@ * */ -$updates_to_version = '3.0.7-RC1'; +$updates_to_version = '3.0.7-RC2'; // Enter any version to update from to test updates. The version within the db will not be updated. $debug_from_version = false; @@ -906,6 +906,11 @@ function database_update_info() ), ), ), + + // No changes from 3.0.7-RC1 to 3.0.7-RC2 + '3.0.7-RC1' => array(), + // No changes from 3.0.7-RC2 to 3.0.7 + '3.0.7-RC2' => array(), ); } @@ -1597,6 +1602,46 @@ function change_database_data(&$no_updates, $version) $no_updates = false; break; + + // Changes from 3.0.7-RC1 to 3.0.7-RC2 + case '3.0.7-RC1': + + $sql = 'SELECT user_id, user_email, user_email_hash + FROM ' . USERS_TABLE . ' + WHERE user_type <> ' . USER_IGNORE . " + AND user_email <> ''"; + $result = $db->sql_query($sql); + + $i = 0; + while ($row = $db->sql_fetchrow($result)) + { + // Snapshot of the phpbb_email_hash() function + // We cannot call it directly because the auto updater updates the DB first. :/ + $user_email_hash = sprintf('%u', crc32(strtolower($row['user_email']))) . strlen($row['user_email']); + + if ($user_email_hash != $row['user_email_hash']) + { + $sql_ary = array( + 'user_email_hash' => $user_email_hash, + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . (int) $row['user_id']; + _sql($sql, $errored, $error_ary, ($i % 100 == 0)); + + ++$i; + } + } + $db->sql_freeresult($result); + + $no_updates = false; + + break; + + // No changes from 3.0.7-RC2 to 3.0.7 + case '3.0.7-RC2': + break; } } diff --git a/phpBB/install/install_update.php b/phpBB/install/install_update.php index 9f5a428029..a5e54a354a 100644 --- a/phpBB/install/install_update.php +++ b/phpBB/install/install_update.php @@ -240,6 +240,7 @@ class install_update extends module // Make sure the update list is destroyed. $cache->destroy('_update_list'); $cache->destroy('_diff_files'); + $cache->destroy('_expected_files'); break; case 'version_check': @@ -312,7 +313,14 @@ class install_update extends module case 'file_check': - // Make sure the previous file collection is no longer valid... + // retrieve info on what changes should have already been made to the files. + $expected_files = $cache->get('_expected_files'); + if (!$expected_files) + { + $expected_files = array(); + } + + // Now make sure the previous file collection is no longer valid... $cache->destroy('_diff_files'); $this->page_title = 'STAGE_FILE_CHECK'; @@ -349,7 +357,7 @@ class install_update extends module if ($get_new_list) { - $this->get_update_structure($update_list); + $this->get_update_structure($update_list, $expected_files); $cache->put('_update_list', $update_list); // Refresh the page if we are still not finished... @@ -384,6 +392,8 @@ class install_update extends module ); } + $new_expected_files = array(); + // Now assign the list to the template foreach ($update_list as $status => $filelist) { @@ -419,29 +429,38 @@ class install_update extends module $diff_url = append_sid($this->p_master->module_url, "mode=$mode&sub=file_check&action=diff&status=$status&file=" . urlencode($file_struct['filename'])); - $template->assign_block_vars($status, array( - 'STATUS' => $status, + if (isset($file_struct['as_expected']) && $file_struct['as_expected']) + { + $new_expected_files[$file_struct['filename']] = $expected_files[$file_struct['filename']]; + } + else + { + $template->assign_block_vars($status, array( + 'STATUS' => $status, - 'FILENAME' => $filename, - 'DIR_PART' => $dir_part, - 'FILE_PART' => $file_part, - 'NUM_CONFLICTS' => (isset($file_struct['conflicts'])) ? $file_struct['conflicts'] : 0, + 'FILENAME' => $filename, + 'DIR_PART' => $dir_part, + 'FILE_PART' => $file_part, + 'NUM_CONFLICTS' => (isset($file_struct['conflicts'])) ? $file_struct['conflicts'] : 0, - 'S_CUSTOM' => ($file_struct['custom']) ? true : false, - 'S_BINARY' => $s_binary, - 'CUSTOM_ORIGINAL' => ($file_struct['custom']) ? $file_struct['original'] : '', + 'S_CUSTOM' => ($file_struct['custom']) ? true : false, + 'S_BINARY' => $s_binary, + 'CUSTOM_ORIGINAL' => ($file_struct['custom']) ? $file_struct['original'] : '', - 'U_SHOW_DIFF' => $diff_url, - 'L_SHOW_DIFF' => ($status != 'up_to_date') ? $user->lang['SHOW_DIFF_' . strtoupper($status)] : '', + 'U_SHOW_DIFF' => $diff_url, + 'L_SHOW_DIFF' => ($status != 'up_to_date') ? $user->lang['SHOW_DIFF_' . strtoupper($status)] : '', - 'U_VIEW_MOD_FILE' => $diff_url . '&op=' . MERGE_MOD_FILE, - 'U_VIEW_NEW_FILE' => $diff_url . '&op=' . MERGE_NEW_FILE, - 'U_VIEW_NO_MERGE_MOD' => $diff_url . '&op=' . MERGE_NO_MERGE_MOD, - 'U_VIEW_NO_MERGE_NEW' => $diff_url . '&op=' . MERGE_NO_MERGE_NEW, - )); + 'U_VIEW_MOD_FILE' => $diff_url . '&op=' . MERGE_MOD_FILE, + 'U_VIEW_NEW_FILE' => $diff_url . '&op=' . MERGE_NEW_FILE, + 'U_VIEW_NO_MERGE_MOD' => $diff_url . '&op=' . MERGE_NO_MERGE_MOD, + 'U_VIEW_NO_MERGE_NEW' => $diff_url . '&op=' . MERGE_NO_MERGE_NEW, + )); + } } } + $cache->put('_expected_files', $new_expected_files); + $all_up_to_date = true; foreach ($update_list as $status => $filelist) { @@ -617,6 +636,7 @@ class install_update extends module // Before we do anything, let us diff the files and store the raw file information "somewhere" $get_files = false; $file_list = $cache->get('_diff_files'); + $expected_files = $cache->get('_expected_files'); if ($file_list === false || $file_list['status'] != -1) { @@ -632,6 +652,11 @@ class install_update extends module ); } + if (!isset($expected_files) || $expected_files === false) + { + $expected_files = array(); + } + $processed = 0; foreach ($update_list as $status => $files) { @@ -645,6 +670,7 @@ class install_update extends module // Skip this file if the user selected to not update it if (in_array($file_struct['filename'], $no_update)) { + $expected_files[$file_struct['filename']] = false; continue; } @@ -676,6 +702,15 @@ class install_update extends module return; } + if (file_exists($phpbb_root_path . $file_struct['filename'])) + { + $contents = file_get_contents($phpbb_root_path . $file_struct['filename']); + if (isset($expected_files[$file_struct['filename']]) && md5($contents) == $expected_files[$file_struct['filename']]) + { + continue; + } + } + $original_filename = ($file_struct['custom']) ? $file_struct['original'] : $file_struct['filename']; switch ($status) @@ -702,6 +737,7 @@ class install_update extends module break; } + $expected_files[$file_struct['filename']] = md5($contents); $file_list[$file_struct['filename']] = '_file_' . md5($file_struct['filename']); $cache->put($file_list[$file_struct['filename']], base64_encode($contents)); @@ -747,6 +783,7 @@ class install_update extends module break; } + $expected_files[$file_struct['filename']] = md5($contents); $file_list[$file_struct['filename']] = '_file_' . md5($file_struct['filename']); $cache->put($file_list[$file_struct['filename']], base64_encode($contents)); @@ -757,6 +794,7 @@ class install_update extends module } } } + $cache->put('_expected_files', $expected_files); } $file_list['status'] = -1; @@ -1217,7 +1255,7 @@ class install_update extends module /** * Collect all file status infos we need for the update by diffing all files */ - function get_update_structure(&$update_list) + function get_update_structure(&$update_list, $expected_files) { global $phpbb_root_path, $phpEx, $user; @@ -1303,7 +1341,7 @@ class install_update extends module else { // not modified? - $this->make_update_diff($update_list, $file, $file); + $this->make_update_diff($update_list, $file, $file, $expected_files); } $num_bytes_processed += (file_exists($this->new_location . $file)) ? filesize($this->new_location . $file) : 100 * 1024; @@ -1344,17 +1382,34 @@ class install_update extends module /** * Compare files for storage in update_list */ - function make_update_diff(&$update_list, $original_file, $file, $custom = false) + function make_update_diff(&$update_list, $original_file, $file, $expected_files, $custom = false) { global $phpbb_root_path, $user; - $update_ary = array('filename' => $file, 'custom' => $custom); + $update_ary = array('filename' => $file, 'custom' => $custom, 'as_expected' => false); if ($custom) { $update_ary['original'] = $original_file; } + if (file_exists($phpbb_root_path . $file)) + { + $content = file_get_contents($phpbb_root_path . $file); + + if (isset($expected_files[$file]) && // the user already selected what to do with this file + ($expected_files[$file] === false || // the user wanted this file to stay the same, so just assume it's alright + $expected_files[$file] === md5($content))) + { + // the file contains what it was supposed to contain after the merge + $update_ary['as_expected'] = true; + $update_ary['was_ignored'] = ($expected_files[$file] === false); + $update_list['up_to_date'][] = $update_ary; + + return; + } + } + // we only want to know if the files are successfully merged and newlines could result in errors (duplicate addition of lines and such things) // Therefore we check for empty diffs with two methods, preserving newlines and not preserving them (which mostly works best, therefore the first option) @@ -1364,7 +1419,7 @@ class install_update extends module { $tmp = array( 'file1' => file_get_contents($this->new_location . $original_file), - 'file2' => file_get_contents($phpbb_root_path . $file), + 'file2' => $content, ); // We need to diff the contents here to make sure the file is really the one we expect @@ -1403,7 +1458,7 @@ class install_update extends module { $tmp = array( 'file1' => file_get_contents($this->old_location . $original_file), - 'file2' => file_get_contents($phpbb_root_path . $file), + 'file2' => $content, ); // We need to diff the contents here to make sure the file is really the one we expect @@ -1414,7 +1469,7 @@ class install_update extends module $tmp = array( 'file1' => file_get_contents($this->new_location . $original_file), - 'file2' => file_get_contents($phpbb_root_path . $file), + 'file2' => $content, ); $diff = new diff($tmp['file1'], $tmp['file2'], $preserve_cr); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 572905becb..61c11701b9 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -241,7 +241,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page', INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.7-RC1'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.7-RC2'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400'); @@ -828,4 +828,4 @@ INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'mp3'); INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'ogg'); INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'ogm'); -# POSTGRES COMMIT # \ No newline at end of file +# POSTGRES COMMIT # diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 9bb76cd354..18a2d0e801 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -73,7 +73,8 @@ $lang = array_merge($lang, array( 'ALLOW_PM_REPORT' => 'Allow users to report private messages', 'ALLOW_PM_REPORT_EXPLAIN' => 'If this setting is enabled, users have the option of reporting a private message they have received or sent to the board’s moderators. These private messages will then be visible in the Moderator Control Panel.', 'ALLOW_QUICK_REPLY' => 'Allow quick reply', - 'ALLOW_QUICK_REPLY_EXPLAIN' => 'This setting defines if quick reply is enabled or not. If this setting is enabled, forums need to have their quick reply option enabled too.', + 'ALLOW_QUICK_REPLY_EXPLAIN' => 'This switch allows for the quick reply to be disabled board-wide. When enabled, forum specific settings will be used to determine whether the quick reply is displayed in individual forums.', + 'ALLOW_QUICK_REPLY_BUTTON' => 'Submit and enable quick reply in all forums', 'ALLOW_SIG' => 'Allow signatures', 'ALLOW_SIG_BBCODE' => 'Allow BBCode in user signatures', 'ALLOW_SIG_FLASH' => 'Allow use of [FLASH] BBCode tag in user signatures', diff --git a/phpBB/language/en/acp/forums.php b/phpBB/language/en/acp/forums.php index 86ce5f5ac8..eab027f295 100644 --- a/phpBB/language/en/acp/forums.php +++ b/phpBB/language/en/acp/forums.php @@ -66,7 +66,7 @@ $lang = array_merge($lang, array( 'ENABLE_POST_REVIEW' => 'Enable post review', 'ENABLE_POST_REVIEW_EXPLAIN' => 'If set to yes users are able to review their post if new posts were made to the topic while users wrote theirs. This should be disabled for chat forums.', 'ENABLE_QUICK_REPLY' => 'Enable quick reply', - 'ENABLE_QUICK_REPLY_EXPLAIN' => 'If set to yes users get a quick reply box for this forum. If the global option for quick reply is disabled or the forum not postable to the quick reply box will not be displayed, even if set to yes here.', + 'ENABLE_QUICK_REPLY_EXPLAIN' => 'Enables the quick reply in this forum. This setting is not considered if the quick reply is disabled board wide. The quick reply will only be displayed for users who have permission to post in this forum.', 'ENABLE_RECENT' => 'Display active topics', 'ENABLE_RECENT_EXPLAIN' => 'If set to yes topics made to this forum will be shown in the active topics list.', 'ENABLE_TOPIC_ICONS' => 'Enable topic icons', diff --git a/phpBB/language/en/acp/posting.php b/phpBB/language/en/acp/posting.php index 531e07f7ef..443f4a3ea2 100644 --- a/phpBB/language/en/acp/posting.php +++ b/phpBB/language/en/acp/posting.php @@ -41,6 +41,9 @@ $lang = array_merge($lang, array( 'ACP_BBCODES_EXPLAIN' => 'BBCode is a special implementation of HTML offering greater control over what and how something is displayed. From this page you can add, remove and edit custom BBCodes.', 'ADD_BBCODE' => 'Add a new BBCode', + 'BBCODE_DANGER' => 'The BBCode you are trying to add seems to use a {TEXT} token inside a HTML attribute. This is a possible XSS security issue. Try using the more restrictive {SIMPLETEXT} or {INTTEXT} types instead. Only proceed if you understand the risks involved and you consider the use of {TEXT} absolutely unavoidable.', + 'BBCODE_DANGER_PROCEED' => 'Proceed', //'I understand the risk', + 'BBCODE_ADDED' => 'BBCode added successfully.', 'BBCODE_EDITED' => 'BBCode edited successfully.', 'BBCODE_NOT_EXIST' => 'The BBCode you selected does not exist.', @@ -73,8 +76,9 @@ $lang = array_merge($lang, array( 'TOO_MANY_BBCODES' => 'You cannot create any more BBCodes. Please remove one or more BBCodes then try again.', 'tokens' => array( - 'TEXT' => 'Any text, including foreign characters, numbers, etc… You should not use this token in HTML tags. Instead try to use IDENTIFIER or SIMPLETEXT.', + 'TEXT' => 'Any text, including foreign characters, numbers, etc… You should not use this token in HTML tags. Instead try to use IDENTIFIER, INTTEXT or SIMPLETEXT.', 'SIMPLETEXT' => 'Characters from the latin alphabet (A-Z), numbers, spaces, commas, dots, minus, plus, hyphen and underscore', + 'INTTEXT' => 'Unicode letter characters, numbers, spaces, commas, dots, minus, plus, hyphen, underscore and whitespaces.', 'IDENTIFIER' => 'Characters from the latin alphabet (A-Z), numbers, hyphen and underscore', 'NUMBER' => 'Any series of digits', 'EMAIL' => 'A valid e-mail address', diff --git a/phpBB/language/en/help_faq.php b/phpBB/language/en/help_faq.php index 93ea1be5c8..c76c281df5 100644 --- a/phpBB/language/en/help_faq.php +++ b/phpBB/language/en/help_faq.php @@ -116,7 +116,7 @@ $help = array( ), array( 0 => 'How do I edit or delete a post?', - 1 => 'Unless you are a board administrator or moderator, you can only edit or delete your own posts. You can edit a post by clicking the edit button for the relevant post, sometimes for only a limited time after the post was made. If someone has already replied to the post, you will find a small piece of text output below the post when you return to the topic which lists the number of times you edited it along with the date and time. This will only appear if someone has made a reply; it will not appear if a moderator or administrator edited the post, though they may leave a note as to why they’ve edited the post at their own digression. Please note that normal users cannot delete a post once someone has replied.' + 1 => 'Unless you are a board administrator or moderator, you can only edit or delete your own posts. You can edit a post by clicking the edit button for the relevant post, sometimes for only a limited time after the post was made. If someone has already replied to the post, you will find a small piece of text output below the post when you return to the topic which lists the number of times you edited it along with the date and time. This will only appear if someone has made a reply; it will not appear if a moderator or administrator edited the post, though they may leave a note as to why they’ve edited the post at their own discretion. Please note that normal users cannot delete a post once someone has replied.' ), array( 0 => 'How do I add a signature to my post?', diff --git a/phpBB/posting.php b/phpBB/posting.php index d5a46db9f9..6a95dce489 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1113,7 +1113,7 @@ if ($submit || $preview || $refresh) } // Check the permissions for post approval. Moderators are not affected. - if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) || !empty($post_data['force_approved_state'])) + if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) { meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; diff --git a/phpBB/styles/prosilver/template/editor.js b/phpBB/styles/prosilver/template/editor.js index 1699f783d5..98dab5d7c8 100644 --- a/phpBB/styles/prosilver/template/editor.js +++ b/phpBB/styles/prosilver/template/editor.js @@ -323,8 +323,8 @@ function mozWrap(txtarea, open, close) var s3 = (txtarea.value).substring(selEnd, selLength); txtarea.value = s1 + open + s2 + close + s3; - txtarea.selectionStart = selEnd + open.length + close.length; - txtarea.selectionEnd = txtarea.selectionStart; + txtarea.selectionStart = selStart + open.length; + txtarea.selectionEnd = selEnd + open.length; txtarea.focus(); txtarea.scrollTop = scrollTop; diff --git a/phpBB/styles/subsilver2/template/editor.js b/phpBB/styles/subsilver2/template/editor.js index b4a426df4e..0c48c93ad3 100644 --- a/phpBB/styles/subsilver2/template/editor.js +++ b/phpBB/styles/subsilver2/template/editor.js @@ -276,8 +276,8 @@ function mozWrap(txtarea, open, close) var s3 = (txtarea.value).substring(selEnd, selLength); txtarea.value = s1 + open + s2 + close + s3; - txtarea.selectionStart = selEnd + open.length + close.length; - txtarea.selectionEnd = txtarea.selectionStart; + txtarea.selectionStart = selStart + open.length; + txtarea.selectionEnd = selEnd + open.length; txtarea.focus(); txtarea.scrollTop = scrollTop; diff --git a/phpBB/styles/subsilver2/template/mcp_logs.html b/phpBB/styles/subsilver2/template/mcp_logs.html index 6b78df3e5e..8b69197b0f 100644 --- a/phpBB/styles/subsilver2/template/mcp_logs.html +++ b/phpBB/styles/subsilver2/template/mcp_logs.html @@ -22,7 +22,7 @@ - {L_SEARCH_KEYWORDS}:   + {L_SEARCH_KEYWORDS}:   {L_DISPLAY_LOG}: {S_SELECT_SORT_DAYS} {L_SORT_BY} {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}  diff --git a/phpBB/styles/subsilver2/template/mcp_notes_user.html b/phpBB/styles/subsilver2/template/mcp_notes_user.html index 522c19fa05..4ee3f9e04e 100644 --- a/phpBB/styles/subsilver2/template/mcp_notes_user.html +++ b/phpBB/styles/subsilver2/template/mcp_notes_user.html @@ -55,7 +55,7 @@ - {L_SEARCH_KEYWORDS}:   + {L_SEARCH_KEYWORDS}:   {L_DISPLAY_LOG}: {S_SELECT_SORT_DAYS} {L_SORT_BY}: {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}  diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 8f42342a87..29c4e5cdc1 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -186,6 +186,13 @@ $sql_array = array( 'FROM' => array(FORUMS_TABLE => 'f'), ); +// Firebird handles two columns of the same name a little differently, this +// addresses that by forcing the forum_id to come from the forums table. +if ($db->sql_layer === 'firebird') +{ + $sql_array['SELECT'] = 'f.forum_id AS forum_id, ' . $sql_array['SELECT']; +} + // The FROM-Order is quite important here, else t.* columns can not be correctly bound. if ($post_id) {