From 882a3c383103802c491404032c5d267e4f5271a0 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 22 Jul 2017 17:26:41 +0200
Subject: [PATCH 01/21] [ticket/security/211] Make sure website URL only uses
 http & https schemes

SECURITY-211
---
 phpBB/includes/functions.php                |  5 +++++
 phpBB/includes/functions_convert.php        |  2 +-
 phpBB/phpbb/profilefields/type/type_url.php |  2 +-
 tests/profilefields/type_url_test.php       | 13 +++++++++++++
 4 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 84178f74e4..7aa63f2e0c 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -3409,6 +3409,11 @@ function get_preg_expression($mode)
 			return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
+		case 'url_http':
+			// generated with regex_idn.php file in the develop folder
+			return "http[s]?:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+		break;
+
 		case 'url_inline':
 			// generated with regex_idn.php file in the develop folder
 			return "[a-z][a-z\d+]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php
index da4820134d..ba354d39ef 100644
--- a/phpBB/includes/functions_convert.php
+++ b/phpBB/includes/functions_convert.php
@@ -249,7 +249,7 @@ function validate_website($url)
 	{
 		return '';
 	}
-	else if (!preg_match('#^[a-z0-9]+://#i', $url) && strlen($url) > 0)
+	else if (!preg_match('#^http[s]?://#i', $url) && strlen($url) > 0)
 	{
 		return 'http://' . $url;
 	}
diff --git a/phpBB/phpbb/profilefields/type/type_url.php b/phpBB/phpbb/profilefields/type/type_url.php
index 375cf5b19a..2bc0002262 100644
--- a/phpBB/phpbb/profilefields/type/type_url.php
+++ b/phpBB/phpbb/profilefields/type/type_url.php
@@ -64,7 +64,7 @@ class type_url extends type_string
 			return false;
 		}
 
-		if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $field_value))
+		if (!preg_match('#^' . get_preg_expression('url_http') . '$#iu', $field_value))
 		{
 			return $this->user->lang('FIELD_INVALID_URL', $this->get_field_name($field_data['lang_name']));
 		}
diff --git a/tests/profilefields/type_url_test.php b/tests/profilefields/type_url_test.php
index cc37f04f30..aaba227348 100644
--- a/tests/profilefields/type_url_test.php
+++ b/tests/profilefields/type_url_test.php
@@ -89,6 +89,19 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 				'FIELD_INVALID_URL-field',
 				'Field should reject invalid URL having multi value parameters',
 			),
+			// Not allowed schemes
+			array(
+				'ftp://example.com/',
+				array(),
+				'FIELD_INVALID_URL-field',
+				'Field should reject invalid URL having multi value parameters',
+			),
+			array(
+				'javascript://alert.com',
+				array(),
+				'FIELD_INVALID_URL-field',
+				'Field should reject invalid URL having multi value parameters',
+			),
 
 			// IDN url type profilefields
 			array(

From 2749bfe26ccae7db4174cdd83453d79366113c28 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 23 Jul 2017 10:40:30 +0200
Subject: [PATCH 02/21] [ticket/security/211] Only run make_clickable() on URL
 type profile fields

SECURITY-211
---
 .../profilefields/type/type_string_common.php     |  1 -
 phpBB/phpbb/profilefields/type/type_url.php       | 15 +++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/phpBB/phpbb/profilefields/type/type_string_common.php b/phpBB/phpbb/profilefields/type/type_string_common.php
index f5e1992044..2648d03930 100644
--- a/phpBB/phpbb/profilefields/type/type_string_common.php
+++ b/phpBB/phpbb/profilefields/type/type_string_common.php
@@ -108,7 +108,6 @@ abstract class type_string_common extends type_base
 			return null;
 		}
 
-		$field_value = make_clickable($field_value);
 		$field_value = censor_text($field_value);
 		$field_value = bbcode_nl2br($field_value);
 		return $field_value;
diff --git a/phpBB/phpbb/profilefields/type/type_url.php b/phpBB/phpbb/profilefields/type/type_url.php
index 2bc0002262..7bdd60e19d 100644
--- a/phpBB/phpbb/profilefields/type/type_url.php
+++ b/phpBB/phpbb/profilefields/type/type_url.php
@@ -71,4 +71,19 @@ class type_url extends type_string
 
 		return false;
 	}
+
+	/**
+	 * {@inheritDoc}
+	 */
+	public function get_profile_value($field_value, $field_data)
+	{
+		if (!preg_match('#^' . get_preg_expression('url_http') . '$#iu', $field_value))
+		{
+			return null;
+		}
+
+		$field_value = make_clickable($field_value);
+
+		return parent::get_profile_value($field_value, $field_data);
+	}
 }

From 91f9050a70d95a472daf9f6fa15187c195f05909 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 23 Jul 2017 11:18:07 +0200
Subject: [PATCH 03/21] [ticket/security/211] Extend tests for profile field
 values

SECURITY-211
---
 tests/profilefields/type_string_test.php | 12 ++++++
 tests/profilefields/type_url_test.php    | 54 ++++++++++++++++++++++++
 2 files changed, 66 insertions(+)

diff --git a/tests/profilefields/type_string_test.php b/tests/profilefields/type_string_test.php
index 0417afbfab..43f88c01ae 100644
--- a/tests/profilefields/type_string_test.php
+++ b/tests/profilefields/type_string_test.php
@@ -270,6 +270,18 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 				null,
 				'Field should simply output null for empty vlaue',
 			),
+			array(
+				'http://foobar.com',
+				array('field_show_novalue' => false),
+				'http://foobar.com',
+				'Field should output the given value but not make it clickable',
+			),
+			array(
+				'javascript://foobar.com',
+				array('field_show_novalue' => true),
+				'javascript://foobar.com',
+				'Field should output the given value but not make it clickable',
+			),
 		);
 	}
 
diff --git a/tests/profilefields/type_url_test.php b/tests/profilefields/type_url_test.php
index aaba227348..af17cc125a 100644
--- a/tests/profilefields/type_url_test.php
+++ b/tests/profilefields/type_url_test.php
@@ -12,6 +12,8 @@
 */
 
 require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_content.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php';
 
 class phpbb_profilefield_type_url_test extends phpbb_test_case
 {
@@ -26,6 +28,9 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 	*/
 	public function setUp()
 	{
+		global $request, $user, $cache;
+
+		$cache = new phpbb_mock_cache;
 		$user = $this->getMock('\phpbb\user', array(), array('\phpbb\datetime'));
 		$user->expects($this->any())
 			->method('lang')
@@ -175,6 +180,55 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 		);
 	}
 
+	public function profile_value_data()
+	{
+		return array(
+			array(
+				'http://foobar.com',
+				array('field_show_novalue' => true),
+				'<!-- l --><a class="postlink-local" href="http://foobar.com">foobar.com</a><!-- l -->',
+				'Field should output the given value',
+			),
+			array(
+				'http://foobar.com',
+				array('field_show_novalue' => false),
+				'<!-- l --><a class="postlink-local" href="http://foobar.com">foobar.com</a><!-- l -->',
+				'Field should output the given value',
+			),
+			array(
+				'test',
+				array('field_show_novalue' => true),
+				null,
+				'Field should output nothing for empty value',
+			),
+			array(
+				'test',
+				array('field_show_novalue' => false),
+				null,
+				'Field should simply output null for empty value',
+			),
+			array(
+				'javascript://foobar.com',
+				array('field_show_novalue' => true),
+				null,
+				'Field should output nothing for empty value',
+			),
+		);
+	}
+
+
+	/**
+	 * @dataProvider profile_value_data
+	 */
+	public function test_get_profile_value($value, $field_options, $expected, $description)
+	{
+		$field_options = array_merge($this->field_options, $field_options);
+
+		$result = $this->cp->get_profile_value($value, $field_options);
+
+		$this->assertSame($expected, $result, $description);
+	}
+
 	/**
 	* @dataProvider profile_value_raw_data
 	*/

From 0aba1faa0803af6013c9ac2071e87f117e9c4835 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Wed, 26 Jul 2017 21:14:05 +0200
Subject: [PATCH 04/21] [ticket/security/211] Do not match javascript URIs with
 URL regexes

SECURITY-211
---
 phpBB/develop/regex_idn.php             | 2 +-
 phpBB/includes/functions.php            | 4 ++--
 tests/functions/make_clickable_test.php | 8 ++++++++
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/phpBB/develop/regex_idn.php b/phpBB/develop/regex_idn.php
index d871695c50..30373f8de3 100644
--- a/phpBB/develop/regex_idn.php
+++ b/phpBB/develop/regex_idn.php
@@ -120,7 +120,7 @@ do
 	$pct_encoded = "%[\dA-F]{2}";
 	$unreserved = "$add_chars\pL0-9\-._~";
 	$sub_delims = ($inline) ? '!$&\'(*+,;=' : '!$&\'()*+,;=';
-	$scheme = ($inline) ? '[a-z][a-z\d+]*': '[a-z][a-z\d+\-.]*' ; // avoid automatic parsing of "word" in "last word.http://..."
+	$scheme = ($inline) ? '[a-z][a-z\d+]*(?<!javascript)': '[a-z][a-z\d+\-.]*(?<!javascript)' ; // avoid automatic parsing of "word" in "last word.http://..."
 	$pchar = "(?:[^$remove_chars]*[$unreserved$sub_delims:@|]+|$pct_encoded)"; // rfc: no "|"
 
 	$reg_name = "(?:[^$remove_chars]*[$unreserved$sub_delims:@|]+|$pct_encoded)+"; // rfc: * instead of + and no "|" and no "@" and no ":" (included instead of userinfo)
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 7aa63f2e0c..29abadfcaf 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -3406,7 +3406,7 @@ function get_preg_expression($mode)
 
 		case 'url':
 			// generated with regex_idn.php file in the develop folder
-			return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+			return "[a-z][a-z\d+\-.]*(?<!javascript):/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
 		case 'url_http':
@@ -3416,7 +3416,7 @@ function get_preg_expression($mode)
 
 		case 'url_inline':
 			// generated with regex_idn.php file in the develop folder
-			return "[a-z][a-z\d+]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+			return "[a-z][a-z\d+]*(?<!javascript):/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
 		case 'www_url':
diff --git a/tests/functions/make_clickable_test.php b/tests/functions/make_clickable_test.php
index 63beeb06b2..2cdefe689d 100644
--- a/tests/functions/make_clickable_test.php
+++ b/tests/functions/make_clickable_test.php
@@ -55,6 +55,10 @@ class phpbb_functions_make_clickable_test extends phpbb_test_case
 				'http://testhost/viewtopic.php?t=1',
 				'<!-- l --><a class="postlink-local" href="http://testhost/viewtopic.php?t=1">viewtopic.php?t=1</a><!-- l -->'
 			),
+			array(
+				'javascript://testhost/viewtopic.php?t=1',
+				'javascript://testhost/viewtopic.php?t=1'
+			),
 			array(
 				'email@domain.com',
 				'<!-- e --><a href="mailto:email@domain.com">email@domain.com</a><!-- e -->'
@@ -92,6 +96,10 @@ class phpbb_functions_make_clickable_test extends phpbb_test_case
 				'ftp://ftp.täst.de/',
 				'<!-- m --><a class="postlink" href="ftp://ftp.täst.de/">ftp://ftp.täst.de/</a><!-- m -->'
 			),
+			array(
+				'javascript://täst.de/',
+				'javascript://täst.de/'
+			),
 			array(
 				'sip://bantu@täst.de',
 				'<!-- m --><a class="postlink" href="sip://bantu@täst.de">sip://bantu@täst.de</a><!-- m -->'

From f7d387f93c421e93ef13375bd5e0fb408e921598 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Thu, 27 Jul 2017 18:23:43 +0200
Subject: [PATCH 05/21] [ticket/security/211] Add test for line breaks in URL

SECURITY-211
---
 tests/functions/make_clickable_test.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/functions/make_clickable_test.php b/tests/functions/make_clickable_test.php
index 2cdefe689d..2bb7721d21 100644
--- a/tests/functions/make_clickable_test.php
+++ b/tests/functions/make_clickable_test.php
@@ -59,6 +59,10 @@ class phpbb_functions_make_clickable_test extends phpbb_test_case
 				'javascript://testhost/viewtopic.php?t=1',
 				'javascript://testhost/viewtopic.php?t=1'
 			),
+			array(
+				"java\nscri\npt://testhost/viewtopic.php?t=1",
+				"java\nscri\n<!-- m --><a class=\"postlink\" href=\"pt://testhost/viewtopic.php?t=1\">pt://testhost/viewtopic.php?t=1</a><!-- m -->"
+			),
 			array(
 				'email@domain.com',
 				'<!-- e --><a href="mailto:email@domain.com">email@domain.com</a><!-- e -->'

From 342a7cbd55829283663ad6ba29f924eeb53fca38 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Thu, 3 Aug 2017 22:20:33 +0200
Subject: [PATCH 06/21] [ticket/security/211] Allow make_clickable() again
 after change to regex

SECURITY-211
---
 phpBB/phpbb/profilefields/type/type_string_common.php | 1 +
 phpBB/phpbb/profilefields/type/type_url.php           | 2 --
 tests/profilefields/type_string_test.php              | 4 ++--
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/phpBB/phpbb/profilefields/type/type_string_common.php b/phpBB/phpbb/profilefields/type/type_string_common.php
index 2648d03930..f5e1992044 100644
--- a/phpBB/phpbb/profilefields/type/type_string_common.php
+++ b/phpBB/phpbb/profilefields/type/type_string_common.php
@@ -108,6 +108,7 @@ abstract class type_string_common extends type_base
 			return null;
 		}
 
+		$field_value = make_clickable($field_value);
 		$field_value = censor_text($field_value);
 		$field_value = bbcode_nl2br($field_value);
 		return $field_value;
diff --git a/phpBB/phpbb/profilefields/type/type_url.php b/phpBB/phpbb/profilefields/type/type_url.php
index 7bdd60e19d..37815b66a5 100644
--- a/phpBB/phpbb/profilefields/type/type_url.php
+++ b/phpBB/phpbb/profilefields/type/type_url.php
@@ -82,8 +82,6 @@ class type_url extends type_string
 			return null;
 		}
 
-		$field_value = make_clickable($field_value);
-
 		return parent::get_profile_value($field_value, $field_data);
 	}
 }
diff --git a/tests/profilefields/type_string_test.php b/tests/profilefields/type_string_test.php
index 43f88c01ae..9709b48470 100644
--- a/tests/profilefields/type_string_test.php
+++ b/tests/profilefields/type_string_test.php
@@ -273,8 +273,8 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 			array(
 				'http://foobar.com',
 				array('field_show_novalue' => false),
-				'http://foobar.com',
-				'Field should output the given value but not make it clickable',
+				'<!-- l --><a class="postlink-local" href="http://foobar.com">foobar.com</a><!-- l -->',
+				'Field should output the given value and make it clickable',
 			),
 			array(
 				'javascript://foobar.com',

From 4fe09b98b0157309fc7e3da9109e30970575249a Mon Sep 17 00:00:00 2001
From: Derky <derky@phpbb.com>
Date: Sun, 31 Dec 2017 15:55:10 +0100
Subject: [PATCH 07/21] [ticket/15489] Remove NO_FORUMS message for categories
 with subforums

PHPBB3-15489
---
 phpBB/styles/prosilver/template/viewforum_body.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html
index 994d75f244..c3547b3e16 100644
--- a/phpBB/styles/prosilver/template/viewforum_body.html
+++ b/phpBB/styles/prosilver/template/viewforum_body.html
@@ -250,7 +250,7 @@
 		<strong>{L_NO_TOPICS}</strong>
 		</div>
 	</div>
-	<!-- ELSE IF not S_USER_CAN_POST -->
+	<!-- ELSE IF not S_HAS_SUBFORUM -->
 	<div class="panel">
 		<div class="inner">
 			<strong>{L_NO_FORUMS}</strong>

From 949f07e8ba81f6d711b7f7fa6024a19da71dc249 Mon Sep 17 00:00:00 2001
From: abyssmedia <30393121+abyssmedia@users.noreply.github.com>
Date: Mon, 24 Jul 2017 00:04:43 +0400
Subject: [PATCH 08/21] [ticket/15303] Correctly refer to $memcached and not
 $memcache

PHPBB3-15303
---
 phpBB/phpbb/cache/driver/memcached.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/phpbb/cache/driver/memcached.php b/phpBB/phpbb/cache/driver/memcached.php
index a7da22d7e8..808e15afe8 100644
--- a/phpBB/phpbb/cache/driver/memcached.php
+++ b/phpBB/phpbb/cache/driver/memcached.php
@@ -68,7 +68,7 @@ class memcached extends \phpbb\cache\driver\memory
 		foreach (explode(',', PHPBB_ACM_MEMCACHE) as $u)
 		{
 			preg_match('#(.*)/(\d+)#', $u, $parts);
-			$this->memcache->addServer(trim($parts[1]), (int) trim($parts[2]));
+			$this->memcached->addServer(trim($parts[1]), (int) trim($parts[2]));
 		}
 	}
 

From a2daf30415b7e67439f3d41bd843a133b400b03f Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 31 Dec 2017 16:31:04 +0100
Subject: [PATCH 09/21] [prep-release-3.1.12] Update version numbers to 3.1.12

---
 phpBB/install/convertors/convert_phpbb20.php | 2 +-
 phpBB/styles/prosilver/style.cfg             | 4 ++--
 phpBB/styles/subsilver2/style.cfg            | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php
index 4aca80188a..027627aacf 100644
--- a/phpBB/install/convertors/convert_phpbb20.php
+++ b/phpBB/install/convertors/convert_phpbb20.php
@@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms);
 $convertor_data = array(
 	'forum_name'	=> 'phpBB 2.0.x',
 	'version'		=> '1.0.3',
-	'phpbb_version'	=> '3.1.11',
+	'phpbb_version'	=> '3.1.12',
 	'author'		=> '<a href="https://www.phpbb.com/">phpBB Limited</a>',
 	'dbms'			=> $dbms,
 	'dbhost'		=> $dbhost,
diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg
index 019db11bc7..763c668ee3 100644
--- a/phpBB/styles/prosilver/style.cfg
+++ b/phpBB/styles/prosilver/style.cfg
@@ -21,8 +21,8 @@
 # General Information about this style
 name = prosilver
 copyright = © phpBB Limited, 2007
-style_version = 3.1.11
-phpbb_version = 3.1.11
+style_version = 3.1.12
+phpbb_version = 3.1.12
 
 # Defining a different template bitfield
 # template_bitfield = lNg=
diff --git a/phpBB/styles/subsilver2/style.cfg b/phpBB/styles/subsilver2/style.cfg
index 65d846402d..9a65efa87c 100644
--- a/phpBB/styles/subsilver2/style.cfg
+++ b/phpBB/styles/subsilver2/style.cfg
@@ -21,8 +21,8 @@
 # General Information about this style
 name = subsilver2
 copyright = © 2005 phpBB Limited
-style_version = 3.1.11
-phpbb_version = 3.1.11
+style_version = 3.1.12
+phpbb_version = 3.1.12
 
 # Defining a different template bitfield
 # template_bitfield = lNg=

From 92350db572f3814630f5bb6e609d503ffd2c4bd5 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 31 Dec 2017 16:36:16 +0100
Subject: [PATCH 10/21] [prep-release-3.1.12] Update version numbers to 3.1.12

---
 build/build.xml                       | 2 +-
 phpBB/includes/constants.php          | 2 +-
 phpBB/install/schemas/schema_data.sql | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build/build.xml b/build/build.xml
index 462983b83d..14af4b24ed 100644
--- a/build/build.xml
+++ b/build/build.xml
@@ -2,7 +2,7 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.1.12-dev" />
+	<property name="newversion" value="3.1.12" />
 	<property name="prevversion" value="3.1.11" />
 	<property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10" />
 	<!-- no configuration should be needed beyond this point -->
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index 0c1a0b03ba..7eae5f5be3 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.1.12-dev');
+define('PHPBB_VERSION', '3.1.12');
 
 // QA-related
 // define('PHPBB_QA', 1);
diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql
index cb0b06eb46..1928eca89a 100644
--- a/phpBB/install/schemas/schema_data.sql
+++ b/phpBB/install/schemas/schema_data.sql
@@ -273,7 +273,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.12-dev');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.12');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 

From 5def7e255ec46175b74a31523f89309136e78869 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 31 Dec 2017 16:39:02 +0100
Subject: [PATCH 11/21] [prep-release-3.1.12] Add migration for 3.1.12

---
 phpBB/phpbb/db/migration/data/v31x/v3112.php | 36 ++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 phpBB/phpbb/db/migration/data/v31x/v3112.php

diff --git a/phpBB/phpbb/db/migration/data/v31x/v3112.php b/phpBB/phpbb/db/migration/data/v31x/v3112.php
new file mode 100644
index 0000000000..0d75d35184
--- /dev/null
+++ b/phpBB/phpbb/db/migration/data/v31x/v3112.php
@@ -0,0 +1,36 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v3112 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return phpbb_version_compare($this->config['version'], '3.1.12', '>=');
+	}
+
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v31x\v3111',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.12')),
+		);
+	}
+}

From 0c3f7c6c8e352a73dacc1ff21a2b39a556ea6deb Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 31 Dec 2017 16:41:47 +0100
Subject: [PATCH 12/21] [prep-release-3.1.12] Update changelog for 3.1.12

---
 phpBB/docs/CHANGELOG.html | 44 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index a149e3d6c5..6914aa5060 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -50,6 +50,7 @@
 <ol>
 	<li><a href="#changelog">Changelog</a>
 	<ul>
+		<li><a href="#v3111">Changes since 3.1.11</a></li>
 		<li><a href="#v3110">Changes since 3.1.10</a></li>
 		<li><a href="#v319">Changes since 3.1.9</a></li>
 		<li><a href="#v318">Changes since 3.1.8</a></li>
@@ -120,6 +121,49 @@
 
 <div class="content">
 
+	<a name="v3111"></a><h3>Changes since 3.1.11</h3>
+
+	<h4>Bug</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9533">PHPBB3-9533</a>] - phpbb_own_realpath() doesn't always replicate realpath() behaviour</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12835">PHPBB3-12835</a>] - Jump-box dropdown menu doesn't expand with according to line length in IE8</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13360">PHPBB3-13360</a>] - rename_too_long_indexes migration never deleted the old unique index</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13464">PHPBB3-13464</a>] - problem with drop down options and Arabic letters in chrome</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13574">PHPBB3-13574</a>] - Last post not showing in &quot;Active topics&quot; when Prosilver goes responsive</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15174">PHPBB3-15174</a>] - Unable to purge cache (ext &amp; acp)</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15285">PHPBB3-15285</a>] - Travis tests are failing due to trusty changes</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15303">PHPBB3-15303</a>] - Typo in memcached driver</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15347">PHPBB3-15347</a>] - Password updater in cron generates invalid postgres SQL</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15367">PHPBB3-15367</a>] - Sphinx search backend doesn't escape special characters</li>
+	</ul>
+	<h4>Improvement</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10122">PHPBB3-10122</a>] - [list=] - should support &quot;none&quot;, along with CSS2 types</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11063">PHPBB3-11063</a>] - Change version check to SSL</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14820">PHPBB3-14820</a>] - Style Version Missing</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14919">PHPBB3-14919</a>] - Inconsistent use of globals vs class elements in acp_extensions</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14927">PHPBB3-14927</a>] - event core.user_add_modify_data</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14944">PHPBB3-14944</a>] - Add possibility to search for template loop indexes by key</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-14995">PHPBB3-14995</a>] - Add ACP template events acp_ext_list_*_name_after</li>
+	</ul>
+	<h4>New Feature</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13344">PHPBB3-13344</a>] - Add new events for logging</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15122">PHPBB3-15122</a>] - Support using memcached instead of memcache</li>
+	</ul>
+	<h4>Sub-task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11182">PHPBB3-11182</a>] - Ensure that template files use L_COLON instead of colons.</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11676">PHPBB3-11676</a>] - generate_text_for_storage on includes/acp/acp_users.php</li>
+	</ul>
+	<h4>Task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10758">PHPBB3-10758</a>] - Improve Functional Test Code Coverage</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10791">PHPBB3-10791</a>] - Add a section for extensions to readme.html</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10792">PHPBB3-10792</a>] - Add a section for 3.0 to 3.1 upgrades to install.html</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13874">PHPBB3-13874</a>] - Add master to sami API docs</li>
+	</ul>
+
 	<a name="v3110"></a><h3>Changes since 3.1.10</h3>
 
 	<h4>Bug</h4>

From 2119dee53d6409cbe77ec944fd322e3f8df0dcae Mon Sep 17 00:00:00 2001
From: Derky <derky@phpbb.com>
Date: Thu, 4 Jan 2018 21:09:39 +0100
Subject: [PATCH 13/21] [ticket/15489] Add NO_FORUMS_IN_CATEGORY message

PHPBB3-15489
---
 phpBB/language/en/viewforum.php                     | 1 +
 phpBB/styles/prosilver/template/viewforum_body.html | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/phpBB/language/en/viewforum.php b/phpBB/language/en/viewforum.php
index cab205ddf9..e2a6e2a718 100644
--- a/phpBB/language/en/viewforum.php
+++ b/phpBB/language/en/viewforum.php
@@ -54,6 +54,7 @@ $lang = array_merge($lang, array(
 	'NO_NEW_POSTS_HOT'		=> 'No new posts [ Popular ]',	// Not used anymore
 	'NO_NEW_POSTS_LOCKED'	=> 'No new posts [ Locked ]',	// Not used anymore
 	'NO_READ_ACCESS'		=> 'You do not have the required permissions to view or read topics within this forum.',
+	'NO_FORUMS_IN_CATEGORY'	=> 'This category has no forums.',
 	'NO_UNREAD_POSTS_HOT'		=> 'No unread posts [ Popular ]',
 	'NO_UNREAD_POSTS_LOCKED'	=> 'No unread posts [ Locked ]',
 
diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html
index c3547b3e16..b5e12cdde4 100644
--- a/phpBB/styles/prosilver/template/viewforum_body.html
+++ b/phpBB/styles/prosilver/template/viewforum_body.html
@@ -253,7 +253,7 @@
 	<!-- ELSE IF not S_HAS_SUBFORUM -->
 	<div class="panel">
 		<div class="inner">
-			<strong>{L_NO_FORUMS}</strong>
+			<strong>{L_NO_FORUMS_IN_CATEGORY}</strong>
 		</div>
 	</div>
 	<!-- ENDIF -->

From e31474542dac500c76ed67d2b80f90a38da149d1 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jan 2018 10:53:12 +0100
Subject: [PATCH 14/21] [ticket/15498] Do not pass whether URL uses router to
 is_route

is_route expects a flag of whether this is a route that was generated
with the router as opposed to is_router_used() which returns whether
the router will be used via app.php.

PHPBB3-15498
---
 phpBB/includes/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 2cd62d7bac..97e1e8e340 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2185,7 +2185,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
 
 	// re-add sid / transform & to &amp; for user->page (user->page is always using &)
 	$use_page = ($u_action) ? $u_action : str_replace('&', '&amp;', $user->page['page']);
-	$u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite']), $phpbb_path_helper->is_router_used());
+	$u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite']));
 	$u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;
 
 	$template->assign_vars(array(

From 101e6c8f96e29d96c4b66c6257f809366dbfe351 Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Tue, 21 Mar 2017 22:31:18 +0700
Subject: [PATCH 15/21] [ticket/14972] Fix create_insert_array() declaration in
 admin_activate_user

PHPBB3-14972
---
 phpBB/phpbb/notification/type/admin_activate_user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/phpbb/notification/type/admin_activate_user.php b/phpBB/phpbb/notification/type/admin_activate_user.php
index 9f2ae857ef..78c10ac36a 100644
--- a/phpBB/phpbb/notification/type/admin_activate_user.php
+++ b/phpBB/phpbb/notification/type/admin_activate_user.php
@@ -175,7 +175,7 @@ class admin_activate_user extends \phpbb\notification\type\base
 	/**
 	* {@inheritdoc}
 	*/
-	public function create_insert_array($user, $pre_create_data)
+	public function create_insert_array($user, $pre_create_data = array())
 	{
 		$this->set_data('user_actkey', $user['user_actkey']);
 		$this->notification_time = $user['user_regdate'];

From d05c7fd34288375683c5b0467930748b1457ac75 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jan 2018 16:06:59 +0100
Subject: [PATCH 16/21] [ticket/15496] Add sort key to SELECT in
 fulltext_postgres

Postgres requires that the column being ordered also appears in the
SELECT part of the query.

PHPBB3-15496
---
 phpBB/phpbb/search/fulltext_postgres.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/phpbb/search/fulltext_postgres.php b/phpBB/phpbb/search/fulltext_postgres.php
index 8dbc7212a1..30aeb35ee0 100644
--- a/phpBB/phpbb/search/fulltext_postgres.php
+++ b/phpBB/phpbb/search/fulltext_postgres.php
@@ -498,7 +498,7 @@ class fulltext_postgres extends \phpbb\search\base
 		);
 		extract($this->phpbb_dispatcher->trigger_event('core.search_postgres_keywords_main_query_before', compact($vars)));
 
-		$sql_select			= ($type == 'posts') ? 'p.post_id' : 'DISTINCT t.topic_id';
+		$sql_select			= ($type == 'posts') ? 'p.post_id' : 'DISTINCT t.topic_id, ' . $sort_by_sql[$sort_key];
 		$sql_from			= ($join_topic) ? TOPICS_TABLE . ' t, ' : '';
 		$field				= ($type == 'posts') ? 'post_id' : 'topic_id';
 

From 57179fbb7944e75a92e15cdbd5a9955bcc1677c7 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jan 2018 19:23:20 +0100
Subject: [PATCH 17/21] [ticket/15353] Do not use empty to not offer empty
 archive for download

PHPBB3-15353
---
 .../install/module/update_filesystem/task/diff_files.php      | 4 ++--
 .../module/update_filesystem/task/download_updated_files.php  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php b/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
index 8151a24f2d..b15e32cc82 100644
--- a/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
+++ b/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
@@ -208,7 +208,7 @@ class diff_files extends task_base
 
 				foreach ($update_files as $type => $files)
 				{
-					if (empty($files))
+					if (count($files) < 1)
 					{
 						unset($update_files[$type]);
 					}
@@ -226,7 +226,7 @@ class diff_files extends task_base
 
 		foreach ($update_files as $type => $files)
 		{
-			if (empty($files))
+			if (count($files) < 1)
 			{
 				unset($update_files[$type]);
 			}
diff --git a/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php b/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
index 0b83e9a79d..2fc756c20a 100644
--- a/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
+++ b/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
@@ -101,12 +101,12 @@ class download_updated_files extends task_base
 				'update_recheck_files_submit'	=> array(
 					'label'			=> 'UPDATE_RECHECK_UPDATE_FILES',
 					'type'			=> 'submit',
-					'is_secondary'	=> empty($file_update_info),
+					'is_secondary'	=> count($file_update_info) < 1,
 				),
 				'database_update_submit'	=> array(
 					'label'		=> 'UPDATE_CONTINUE_UPDATE_PROCESS',
 					'type'		=> 'submit',
-					'disabled'	=> !empty($file_update_info),
+					'disabled'	=> count($file_update_info) > 0,
 				),
 			));
 

From e7c5fc32d2aedbc89a5e54362af83d538600ba87 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 7 Jan 2018 11:43:54 +0100
Subject: [PATCH 18/21] [prep-release-3.2.2] Update changelog for 3.2.2 release

---
 phpBB/docs/CHANGELOG.html | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index cacd1835a0..667e9b9ca3 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -129,6 +129,10 @@
 
 		<div class="content">
 			<a name="v321"></a><h3>Changes since 3.2.1</h3>
+			<h4>Security Issue</h4>
+			<ul>
+				<li>[SECURITY-211] - URLs with javascript scheme should not be made clickable</li>
+			</ul>
 			<h4>Bug</h4>
 			<ul>
 				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-7845">PHPBB3-7845</a>] - Error on posting local image when script path is empty</li>
@@ -191,6 +195,10 @@
 				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15464">PHPBB3-15464</a>] - Can't reparse [IMG] - in uppercase</li>
 				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15475">PHPBB3-15475</a>] - Restore Travis PR commit message validation</li>
 				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15478">PHPBB3-15478</a>] - core.js $loadingIndicator JavaScript errors</li>
+				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15489">PHPBB3-15489</a>] - Wrong footer text on forum of type &quot;category&quot;</li>
+				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15496">PHPBB3-15496</a>] - SQL Error in PostgreSQL Fulltext search when results displayed as topics</li>
+				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15497">PHPBB3-15497</a>] - Declaration of admin_activate_user::create_insert_array not compatible with base</li>
+				<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15498">PHPBB3-15498</a>] - confirm_box() adds duplicate strings to URLs in extensions</li>
 			</ul>
 			<h4>Improvement</h4>
 			<ul>

From f8180ca97bf6d9e92a0a080e2af8af2f0654bfbe Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 7 Jan 2018 11:45:49 +0100
Subject: [PATCH 19/21] [prep-release-3.2.2] Add migration for 3.2.2

---
 phpBB/phpbb/db/migration/data/v32x/v322.php | 37 +++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 phpBB/phpbb/db/migration/data/v32x/v322.php

diff --git a/phpBB/phpbb/db/migration/data/v32x/v322.php b/phpBB/phpbb/db/migration/data/v32x/v322.php
new file mode 100644
index 0000000000..7ecbbb3e79
--- /dev/null
+++ b/phpBB/phpbb/db/migration/data/v32x/v322.php
@@ -0,0 +1,37 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v32x;
+
+class v322 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return phpbb_version_compare($this->config['version'], '3.2.2', '>=');
+	}
+
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v31x\v3112',
+			'\phpbb\db\migration\data\v32x\v322rc1',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.2.2')),
+		);
+	}
+}

From f38fce5ce570318ac64c95601e891cfe2e8f4d1a Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 7 Jan 2018 11:47:59 +0100
Subject: [PATCH 20/21] [prep-release-3.1.12] Update changelog

---
 phpBB/docs/CHANGELOG.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 6914aa5060..6c6e539405 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -123,6 +123,10 @@
 
 	<a name="v3111"></a><h3>Changes since 3.1.11</h3>
 
+	<h4>Security Issue</h4>
+	<ul>
+		<li>[SECURITY-211] - URLs with javascript scheme should not be made clickable</li>
+	</ul>
 	<h4>Bug</h4>
 	<ul>
 		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9533">PHPBB3-9533</a>] - phpbb_own_realpath() doesn't always replicate realpath() behaviour</li>

From 77b275181aeddf43e1077d06abce11a9722bb85a Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 7 Jan 2018 16:59:14 +0100
Subject: [PATCH 21/21] [prep-release-3.2.2] Add 3.1.12 to build and fix
 display of download box

---
 build/build.xml                                            | 2 +-
 .../install/module/update_filesystem/task/diff_files.php   | 4 ++--
 .../update_filesystem/task/download_updated_files.php      | 7 ++++---
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/build/build.xml b/build/build.xml
index 92c3860192..2ef9016a17 100644
--- a/build/build.xml
+++ b/build/build.xml
@@ -4,7 +4,7 @@
 	<!-- a few settings for the build -->
 	<property name="newversion" value="3.2.2" />
 	<property name="prevversion" value="3.2.1" />
-	<property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.2-RC1" />
+	<property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.2-RC1" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />
diff --git a/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php b/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
index 7114e60ba1..2f6048b4fd 100644
--- a/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
+++ b/phpBB/phpbb/install/module/update_filesystem/task/diff_files.php
@@ -208,7 +208,7 @@ class diff_files extends task_base
 
 				foreach ($update_files as $type => $files)
 				{
-					if (count($files) < 1)
+					if (empty($files))
 					{
 						unset($update_files[$type]);
 					}
@@ -226,7 +226,7 @@ class diff_files extends task_base
 
 		foreach ($update_files as $type => $files)
 		{
-			if (count($files) < 1)
+			if (empty($files))
 			{
 				unset($update_files[$type]);
 			}
diff --git a/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php b/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
index 2fc756c20a..4d7f0e0cdf 100644
--- a/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
+++ b/phpBB/phpbb/install/module/update_filesystem/task/download_updated_files.php
@@ -86,7 +86,8 @@ class download_updated_files extends task_base
 		{
 			$file_update_info = $this->installer_config->get('update_files', array());
 
-			if (count($file_update_info) > 0)
+			// Display download box only if the archive won't be empty
+			if (!empty($file_update_info) && !(isset($file_update_info['delete']) && count($file_update_info) == 1))
 			{
 				// Render download box
 				$this->iohandler->add_download_link(
@@ -101,12 +102,12 @@ class download_updated_files extends task_base
 				'update_recheck_files_submit'	=> array(
 					'label'			=> 'UPDATE_RECHECK_UPDATE_FILES',
 					'type'			=> 'submit',
-					'is_secondary'	=> count($file_update_info) < 1,
+					'is_secondary'	=> empty($file_update_info),
 				),
 				'database_update_submit'	=> array(
 					'label'		=> 'UPDATE_CONTINUE_UPDATE_PROCESS',
 					'type'		=> 'submit',
-					'disabled'	=> count($file_update_info) > 0,
+					'disabled'	=> !empty($file_update_info),
 				),
 			));