mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-02-23 03:19:01 +01:00
Code Issues Releases Wiki Activity

Merge branch 'develop' of git://github.com/phpbb/phpbb3 into ticket/11103

Browse Source 
Conflicts:
	phpBB/includes/functions.php
This commit is contained in:
Nathan Guse 2012-10-18 18:23:22 -05:00
commit 3f27890a5e
8 changed files with 139 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/common.php
View File

@ -29,6 +29,8 @@ if (file_exists($phpbb_root_path . 'config.' . $phpEx))
if (!defined('PHPBB_INSTALLED'))
{
// Redirect the user to the installer
require($phpbb_root_path . 'includes/functions.' . $phpEx);
// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
// available as used by the redirect function
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
@ -41,10 +43,13 @@ if (!defined('PHPBB_INSTALLED'))
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
}
// $phpbb_root_path accounts for redirects from e.g. /adm
$script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/index.' . $phpEx;
// Replace any number of consecutive backslashes and/or slashes with a single slash
// (could happen on some proxy setups and/or Windows servers)
$script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx;
$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
// Eliminate . and .. from the path
$script_path = phpbb_clean_path($script_path);
$url = (($secure) ? 'https://' : 'http://') . $server_name;

96
phpBB/includes/functions.php
View File

@ -1018,6 +1018,36 @@ else
}
}
/**
* Eliminates useless . and .. components from specified path.
*
* @param string $path Path to clean
* @return string Cleaned path
*/
function phpbb_clean_path($path)
{
$exploded = explode('/', $path);
$filtered = array();
foreach ($exploded as $part)
{
if ($part === '.' && !empty($filtered))
{
continue;
}
if ($part === '..' && !empty($filtered) && $filtered[sizeof($filtered) - 1] !== '..')
{
array_pop($filtered);
}
else
{
$filtered[] = $part;
}
}
$path = implode('/', $filtered);
return $path;
}
// functions used for building option fields
/**
@ -1280,6 +1310,10 @@ function phpbb_timezone_select($user, $default = '', $truncate = false)
* Marks a topic/forum as read
* Marks a topic as posted to
*
* @param string $mode (all, topics, topic, post)
* @param int|bool $forum_id Used in all, topics, and topic mode
* @param int|bool $topic_id Used in topic and post mode
* @param int $post_time 0 means current time(), otherwise to set a specific mark time
* @param int $user_id can only be used with $mode == 'post'
*/
function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
@ -1287,6 +1321,8 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
global $db, $user, $config;
global $request, $phpbb_notifications;
$post_time = ($post_time === 0 || $post_time > time()) ? time() : (int) $post_time;
if ($mode == 'all')
{
if ($forum_id === false || !sizeof($forum_id))
@ -1298,9 +1334,21 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
if ($config['load_db_lastread'] && $user->data['is_registered'])
{
$db->sql_query('DELETE FROM ' . TOPICS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
$db->sql_query('DELETE FROM ' . FORUMS_TRACK_TABLE . " WHERE user_id = {$user->data['user_id']}");
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
// Mark all forums read (index page)
$tables = array(TOPICS_TRACK_TABLE, FORUMS_TRACK_TABLE);
foreach ($tables as $table)
{
$sql = 'DELETE FROM ' . $table . "
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time";
$db->sql_query($sql);
}
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_lastmark = $post_time
WHERE user_id = {$user->data['user_id']}
AND user_lastmark < $post_time";
$db->sql_query($sql);
}
else if ($config['load_anon_lastread'] || $user->data['is_registered'])
{
@ -1310,16 +1358,20 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
unset($tracking_topics['tf']);
unset($tracking_topics['t']);
unset($tracking_topics['f']);
$tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36);
$tracking_topics['l'] = base_convert($post_time - $config['board_startdate'], 10, 36);
$user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
$user->set_cookie('track', tracking_serialize($tracking_topics), $post_time + 31536000);
$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking_topics), phpbb_request_interface::COOKIE);
unset($tracking_topics);
if ($user->data['is_registered'])
{
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . time() . " WHERE user_id = {$user->data['user_id']}");
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_lastmark = $post_time
WHERE user_id = {$user->data['user_id']}
AND user_lastmark < $post_time";
$db->sql_query($sql);
}
}
}
@ -1358,12 +1410,14 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
{
$sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . "
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time
AND " . $db->sql_in_set('forum_id', $forum_id);
$db->sql_query($sql);
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . "
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time
AND " . $db->sql_in_set('forum_id', $forum_id);
$result = $db->sql_query($sql);
@ -1376,9 +1430,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
if (sizeof($sql_update))
{
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
SET mark_time = ' . time() . "
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . "
SET mark_time = $post_time
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time
AND " . $db->sql_in_set('forum_id', $sql_update);
$db->sql_query($sql);
}
@ -1391,7 +1446,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$sql_ary[] = array(
'user_id' => (int) $user->data['user_id'],
'forum_id' => (int) $f_id,
'mark_time' => time()
'mark_time' => $post_time,
);
}
@ -1422,7 +1477,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
unset($tracking['f'][$f_id]);
}
$tracking['f'][$f_id] = base_convert(time() - $config['board_startdate'], 10, 36);
$tracking['f'][$f_id] = base_convert($post_time - $config['board_startdate'], 10, 36);
}
if (isset($tracking['tf']) && empty($tracking['tf']))
@ -1430,7 +1485,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
unset($tracking['tf']);
}
$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
$user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000);
$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), phpbb_request_interface::COOKIE);
unset($tracking);
@ -1451,9 +1506,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
if ($config['load_db_lastread'] && $user->data['is_registered'])
{
$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . '
SET mark_time = ' . (($post_time) ? $post_time : time()) . "
$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . "
SET mark_time = $post_time
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time
AND topic_id = $topic_id";
$db->sql_query($sql);
@ -1466,7 +1522,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
'user_id' => (int) $user->data['user_id'],
'topic_id' => (int) $topic_id,
'forum_id' => (int) $forum_id,
'mark_time' => ($post_time) ? (int) $post_time : time(),
'mark_time' => $post_time,
);
$db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
@ -1486,7 +1542,6 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$tracking['tf'][$forum_id][$topic_id36] = true;
}
$post_time = ($post_time) ? $post_time : time();
$tracking['t'][$topic_id36] = base_convert($post_time - $config['board_startdate'], 10, 36);
// If the cookie grows larger than 10000 characters we will remove the smallest value
@ -1522,7 +1577,12 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
if ($user->data['is_registered'])
{
$user->data['user_lastmark'] = intval(base_convert(max($time_keys) + $config['board_startdate'], 36, 10));
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_lastmark = ' . $user->data['user_lastmark'] . " WHERE user_id = {$user->data['user_id']}");
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_lastmark = $post_time
WHERE user_id = {$user->data['user_id']}
AND mark_time < $post_time";
$db->sql_query($sql);
}
else
{
@ -1530,7 +1590,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
}
}
$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
$user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000);
$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), phpbb_request_interface::COOKIE);
}
@ -1552,7 +1612,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$sql_ary = array(
'user_id' => (int) $use_user_id,
'topic_id' => (int) $topic_id,
'topic_posted' => 1
'topic_posted' => 1,
);
$db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));

10
phpBB/includes/functions_display.php
View File

@ -54,12 +54,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
// Handle marking everything read
if ($mark_read == 'all')
{
$redirect = build_url(array('mark', 'hash'));
$redirect = build_url(array('mark', 'hash', 'mark_time'));
meta_refresh(3, $redirect);
if (check_link_hash(request_var('hash', ''), 'global'))
{
markread('all');
markread('all', false, false, request_var('mark_time', 0));
trigger_error(
$user->lang['FORUMS_MARKED'] . '<br /><br />' .
@ -305,11 +305,11 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
// Handle marking posts
if ($mark_read == 'forums')
{
$redirect = build_url(array('mark', 'hash'));
$redirect = build_url(array('mark', 'hash', 'mark_time'));
$token = request_var('hash', '');
if (check_link_hash($token, 'global'))
{
markread('topics', $forum_ids);
markread('topics', $forum_ids, false, request_var('mark_time', 0));
$message = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect . '">', '</a>');
meta_refresh(3, $redirect);
@ -551,7 +551,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
}
$template->assign_vars(array(
'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . '&amp;f=' . $root_data['forum_id'] . '&amp;mark=forums') : '',
'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . '&amp;f=' . $root_data['forum_id'] . '&amp;mark=forums&amp;mark_time=' . time()) : '',
'S_HAS_SUBFORUM' => ($visible_forums) ? true : false,
'L_SUBFORUM' => ($visible_forums == 1) ? $user->lang['SUBFORUM'] : $user->lang['SUBFORUMS'],
'LAST_POST_IMG' => $user->img('icon_topic_latest', 'VIEW_LATEST_POST'),

3
phpBB/includes/ucp/ucp_pm_compose.php
View File

@ -749,7 +749,8 @@ function compose_pm($id, $mode, $action, $user_folders = array())
$return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX';
$message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>');
$save_message = ($action === 'edit') ? $user->lang['MESSAGE_EDITED'] : $user->lang['MESSAGE_STORED'];
$message = $save_message . '<br /><br />' . $user->lang('VIEW_PRIVATE_MESSAGE', '<a href="' . $return_message_url . '">', '</a>');
$last_click_type = 'CLICK_RETURN_FOLDER';
if ($folder_url)

2
phpBB/index.php
View File

@ -189,7 +189,7 @@ $template->assign_vars(array(
'S_LOGIN_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
'S_DISPLAY_BIRTHDAY_LIST' => ($config['load_birthdays']) ? true : false,
'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}index.$phpEx", 'hash=' . generate_link_hash('global') . '&amp;mark=forums') : '',
'U_MARK_FORUMS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}index.$phpEx", 'hash=' . generate_link_hash('global') . '&amp;mark=forums&amp;mark_time=' . time()) : '',
'U_MCP' => ($auth->acl_get('m_') || $auth->acl_getf_global('m_')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&amp;mode=front', true, $user->session_id) : '')
);

1
phpBB/language/en/ucp.php
View File

@ -268,6 +268,7 @@ $lang = array_merge($lang, array(
'MESSAGE_BY_AUTHOR' => 'by',
'MESSAGE_COLOURS' => 'Message colours',
'MESSAGE_DELETED' => 'Message successfully deleted.',
'MESSAGE_EDITED' => 'Message successfully edited.',
'MESSAGE_HISTORY' => 'Message history',
'MESSAGE_REMOVED_FROM_OUTBOX' => 'This message was deleted by its author.',
'MESSAGE_SENT_ON' => 'on',

4
phpBB/viewforum.php
View File

@ -176,7 +176,7 @@ if ($mark_read == 'topics')
$token = request_var('hash', '');
if (check_link_hash($token, 'global'))
{
markread('topics', array($forum_id));
markread('topics', array($forum_id), false, request_var('mark_time', 0));
}
$redirect_url = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id);
meta_refresh(3, $redirect_url);
@ -340,7 +340,7 @@ $template->assign_vars(array(
'U_MCP' => ($auth->acl_get('m_', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "f=$forum_id&amp;i=main&amp;mode=forum_view", true, $user->session_id) : '',
'U_POST_NEW_TOPIC' => ($auth->acl_get('f_post', $forum_id) || $user->data['user_id'] == ANONYMOUS) ? append_sid("{$phpbb_root_path}posting.$phpEx", 'mode=post&amp;f=' . $forum_id) : '',
'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id" . ((strlen($u_sort_param)) ? "&amp;$u_sort_param" : '') . (($start == 0) ? '' : "&amp;start=$start")),
'U_MARK_TOPICS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . "&amp;f=$forum_id&amp;mark=topics") : '',
'U_MARK_TOPICS' => ($user->data['is_registered'] || $config['load_anon_lastread']) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'hash=' . generate_link_hash('global') . "&amp;f=$forum_id&amp;mark=topics&amp;mark_time=" . time()) : '',
));
// Grab icons

44
tests/functions/clean_path_test.php Normal file
View File

@ -0,0 +1,44 @@
<?php
/**
*
* @package testing
* @copyright (c) 2012 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
class phpbb_clean_path_test extends phpbb_test_case
{
public function clean_path_test_data()
{
return array(
array('foo', 'foo'),
array('foo/bar', 'foo/bar'),
array('foo/bar/', 'foo/bar/'),
array('foo/./bar', 'foo/bar'),
array('foo/./././bar', 'foo/bar'),
array('foo/bar/.', 'foo/bar'),
array('./foo/bar', './foo/bar'),
array('../foo/bar', '../foo/bar'),
array('one/two/three', 'one/two/three'),
array('one/two/../three', 'one/three'),
array('one/../two/three', 'two/three'),
array('one/two/..', 'one'),
array('one/two/../', 'one/'),
array('one/two/../three/../four', 'one/four'),
array('one/two/three/../../four', 'one/four'),
);
}
/**
* @dataProvider clean_path_test_data
*/
public function test_clean_path($input, $expected)
{
$output = phpbb_clean_path($input);
$this->assertEquals($expected, $output);
}
}