mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-05 07:07:51 +02:00
Code Issues Releases Wiki Activity

- display age in user profile and make it available on viewtopic

Browse Source 
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue


git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann 2006-07-07 12:36:44 +00:00
parent 8c128de642
commit a5c23243c7
22 changed files with 306 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/acp/acp_board.php
View File

@ -390,7 +390,7 @@ class acp_board
{
include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx);
$method = 'admin_' . $method;
$method = 'acp_' . $method;
if (function_exists($method))
{
if ($fields = $method($this->new_config))
@ -518,7 +518,7 @@ class acp_board
{
if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx))
{
$method = 'admin_' . $method;
$method = 'acp_' . $method;
if (function_exists($method))
{
$fields = $method($this->new_config);

21
phpBB/includes/acp/acp_styles.php
View File

@ -483,16 +483,17 @@ pagination_sep = \'{PAGINATION_SEP}\'
$filelist = $filelist_cats = array();
$template_data = (!empty($_POST['template_data'])) ? ((STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data']) : '';
// we want newlines no carriage returns!
$_POST['template_data'] = (isset($_POST['template_data']) && !empty($_POST['template_data'])) ? str_replace(array("\n\r", "\r"), array("\n", "\n"), $_POST['template_data']) : '';
$template_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data'];
$template_file = request_var('template_file', '');
$text_rows = max(5, min(999, request_var('text_rows', 20)));
$save_changes = (isset($_POST['save'])) ? true : false;
// make sure template_file path doesn't go upwards
$template_file = str_replace('..', '.', $template_file);
// we want newlines no carriage returns!
$template_data = str_replace(array("\n\r", "\r"), array("\n", "\n"), $template_data);
// Retrieve some information about the template
$sql = 'SELECT template_storedb, template_path, template_name
FROM ' . STYLES_TEMPLATE_TABLE . "
@ -815,20 +816,22 @@ pagination_sep = \'{PAGINATION_SEP}\'
$this->page_title = 'EDIT_THEME';
// we want newlines no carriage returns!
$_POST['css_data'] = (isset($_POST['css_data']) && !empty($_POST['css_data'])) ? str_replace(array("\n\r", "\r"), array("\n", "\n"), $_POST['css_data']) : '';
$template_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data'];
// get user input
$text_rows = max(5, min(999, request_var('text_rows', 20)));
$hide_css = request_var('hidecss', false);
$show_css = !$hide_css && request_var('showcss', false);
$edit_class = request_var('css_class', '');
$custom_class = request_var('custom_class', '');
$css_data = (!empty($_POST['css_data'])) ? ((STRIP) ? stripslashes($_POST['css_data']) : $_POST['css_data']) : '';
$css_data = (STRIP) ? stripslashes($_POST['css_data']) : $_POST['css_data'];
$submit = isset($_POST['submit']) ? true : false;
$add_custom = isset($_POST['add_custom']) ? true : false;
$matches = array();
// we want newlines no carriage returns!
$css_data = str_replace(array("\n\r", "\r"), array("\n", "\n"), $css_data);
// Retrieve some information about the theme
$sql = 'SELECT theme_storedb, theme_path, theme_name, theme_data
FROM ' . STYLES_THEME_TABLE . "
@ -2254,7 +2257,7 @@ pagination_sep = \'{PAGINATION_SEP}\'
// heck of a lot of data ...
$sql_ary = array(
'template_id' => $style_id,
'template_filename' => "$template_pathfile$file",
'template_filename' => "$template_path$pathfile$file",
'template_included' => (isset($includes[$file])) ? implode(':', $includes[$file]) . ':' : '',
'template_mtime' => filemtime("{$phpbb_root_path}styles/$template_path$pathfile$file"),
'template_data' => file_get_contents("{$phpbb_root_path}styles/$template_path$pathfile$file"),

34
phpBB/includes/auth.php
View File

@ -717,6 +717,40 @@ class auth
{
$login = $method($username, $password);
// If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS
if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE)
{
// we are going to use the user_add function so include functions_user.php if it wasn't defined yet
if (!function_exists('user_add'))
{
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
user_add($login['user_row'], (isset($login['cp_data'])) ? $login['cp_data'] : false);
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
FROM ' . USERS_TABLE . "
WHERE username = '" . $db->sql_escape($username) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
'error_msg' => 'AUTH_NO_PROFILE_CREATED',
'user_row' => array('user_id' => ANONYMOUS),
);
}
$login = array(
'status' => LOGIN_SUCCESS,
'error_msg' => false,
'user_row' => $row,
);
}
// If login succeeded, we will log the user in... else we pass the login array through...
if ($login['status'] == LOGIN_SUCCESS)
{

104
phpBB/includes/auth/auth_apache.php
View File

@ -4,13 +4,6 @@
*
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*
* This is for initial authentication via Apaches basic realm authentication methods,
* user data is then obtained from the integrated user table
*
* You can do any kind of checking you like here ... the return data format is
* either the resulting row of user information, an integer zero (indicating an
* inactive user) or some error string
*
* @package login
* @version $Id$
* @copyright (c) 2005 phpBB Group
@ -18,6 +11,24 @@
*
*/
/**
* Checks whether the user is identified to apache
* Only allow changing authentication to apache if the user is identified
* Called in acp_board while setting authentication plugins
*
* @return boolean|string false if the user is identified and else an error message
*/
function init_apache()
{
global $user;
if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER'])
{
return $user->lang['APACHE_SETUP_BEFORE_USE'];
}
return false;
}
/**
* Login function
*/
@ -25,11 +36,29 @@ function login_apache(&$username, &$password)
{
global $db;
if (!isset($_SERVER['PHP_AUTH_USER']))
{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE',
'user_row' => array('user_id' => ANONYMOUS),
);
}
$php_auth_user = $_SERVER['PHP_AUTH_USER'];
$php_auth_pw = $_SERVER['PHP_AUTH_PW'];
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
if ($php_auth_user !== $username)
{
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
);
}
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
FROM ' . USERS_TABLE . "
WHERE username = '" . $db->sql_escape($php_auth_user) . "'";
@ -57,11 +86,11 @@ function login_apache(&$username, &$password)
);
}
// the user does not exist
// this is the user's first login so create an empty profile
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
'status' => LOGIN_SUCCESS_CREATE_PROFILE,
'error_msg' => false,
'user_row' => user_row_apache($php_auth_user, $php_auth_pw),
);
}
@ -82,6 +111,11 @@ function autologin_apache()
{
global $db;
if (!isset($_SERVER['PHP_AUTH_USER']))
{
return array();
}
$php_auth_user = $_SERVER['PHP_AUTH_USER'];
$php_auth_pw = $_SERVER['PHP_AUTH_PW'];
@ -98,11 +132,57 @@ function autologin_apache()
{
return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row;
}
// create the user if he does not exist yet
user_add(user_row_apache($php_auth_user, $php_auth_pw));
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
WHERE username = '" . $db->sql_escape($php_auth_user) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
return $row;
}
}
return array();
}
/**
* This function generates an array which can be passed to the user_add function in order to create a user
*/
function user_row_apache($username, $password)
{
global $db, $config, $user;
// first retrieve default group id
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "
WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
AND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_GROUP');
}
// generate user account data
return array(
'username' => $username,
'user_password' => $password,
'user_email' => '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $user->ip,
);
}
/**
* The session validation function checks whether the user is still logged in
*
@ -110,7 +190,7 @@ function autologin_apache()
*/
function validate_session_apache(&$user)
{
return ($_SERVER['PHP_AUTH_USER'] === $user['username']) ? true : false;
return (isset($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_USER'] === $user['username'])) ? true : false;
}
?>

4
phpBB/includes/auth/auth_db.php
View File

@ -6,10 +6,6 @@
*
* This is for authentication via the integrated user table
*
* You can do any kind of checking you like here ... the return data format is
* either the resulting row of user information, an integer zero (indicating an
* inactive user) or some error string
*
* @package login
* @version $Id$
* @copyright (c) 2005 phpBB Group

105
phpBB/includes/auth/auth_ldap.php
View File

@ -5,13 +5,6 @@
*
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*
* This is for initial authentication via an LDAP server, user information is then
* obtained from the integrated user table
*
* You can do any kind of checking you like here ... the return data format is
* either the resulting row of user information, an integer zero (indicating an
* inactive user) or some error string
*
* @package login
* @version $Id$
* @copyright (c) 2005 phpBB Group
@ -39,9 +32,17 @@ function init_ldap()
}
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid']));
$search = @ldap_search(
$ldap,
$config['ldap_base_dn'],
'(' . $config['ldap_uid'] . '=' . $user->data['username'] . ')',
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0,
1
);
if ($search === false)
{
@ -52,6 +53,11 @@ function init_ldap()
@ldap_close($ldap);
if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']]))
{
return $user->lang['LDAP_NO_EMAIL'];
}
if (is_array($result) && sizeof($result) > 1)
{
return false;
@ -65,7 +71,7 @@ function init_ldap()
*/
function login_ldap(&$username, &$password)
{
global $db, $config;
global $db, $config, $user;
if (!@extension_loaded('ldap'))
{
@ -86,13 +92,22 @@ function login_ldap(&$username, &$password)
}
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $username, array($config['ldap_uid']));
$result = @ldap_get_entries($ldap, $search);
$search = @ldap_search(
$ldap,
$config['ldap_base_dn'],
'(' . $config['ldap_uid'] . '=' . $username . ')',
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0,
1
);
if (is_array($result) && sizeof($result) > 1)
$ldap_result = @ldap_get_entries($ldap, $search);
if (is_array($ldap_result) && sizeof($ldap_result) > 1)
{
if (@ldap_bind($ldap, $result[0]['dn'], $password))
if (@ldap_bind($ldap, $ldap_result[0]['dn'], $password))
{
@ldap_close($ldap);
@ -105,6 +120,8 @@ function login_ldap(&$username, &$password)
if ($row)
{
unset($ldap_result);
// User inactive...
if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
{
@ -122,9 +139,45 @@ function login_ldap(&$username, &$password)
'user_row' => $row,
);
}
else
{
// retrieve default group id
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "
WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
AND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_GROUP');
}
// generate user account data
$ldap_user_row = array(
'username' => $username,
'user_password' => $password,
'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $user->ip,
);
unset($ldap_result);
// this is the user's first login so create an empty profile
return array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE,
'error_msg' => false,
'user_row' => $ldap_user_row,
);
}
}
else
{
unset($ldap_result);
@ldap_close($ldap);
// Give status about wrong password...
@ -149,14 +202,10 @@ function login_ldap(&$username, &$password)
* This function is used to output any required fields in the authentication
* admin panel. It also defines any required configuration table fields.
*/
function admin_ldap(&$new)
function acp_ldap(&$new)
{
global $user;
/**
* @todo Using same approach as with cfg_build_template?
*/
$tpl = '
<dl>
@ -171,27 +220,17 @@ function admin_ldap(&$new)
<dt><label for="ldap_uid">' . $user->lang['LDAP_UID'] . ':</label><br /><span>' . $user->lang['LDAP_UID_EXPLAIN'] . '</span></dt>
<dd><input type="text" id="ldap_uid" size="40" name="config[ldap_uid]" value="' . $new['ldap_uid'] . '" /></dd>
</dl>
<dl>
<dt><label for="ldap_uid">' . $user->lang['LDAP_EMAIL'] . ':</label><br /><span>' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '</span></dt>
<dd><input type="text" id="ldap_uid" size="40" name="config[ldap_email]" value="' . $new['ldap_email'] . '" /></dd>
</dl>
';
// These are fields required in the config table
return array(
'tpl' => $tpl,
'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid')
'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid', 'ldap_email')
);
}
/**
* Would be nice to allow syncing of 'appropriate' data when user updates
* their username, password, etc. ... should be up to the plugin what data
* is updated.
*
* @todo implement this functionality (probably 3.2)
*
* @param new|update|delete $mode defining the action to take on user updates
*/
function usercp_ldap($mode)
{
global $db, $config;
}
?>

1
phpBB/includes/constants.php
View File

@ -39,6 +39,7 @@ define('ACL_NO', -1);
define('LOGIN_CONTINUE', 1);
define('LOGIN_BREAK', 2);
define('LOGIN_SUCCESS', 3);
define('LOGIN_SUCCESS_CREATE_PROFILE', 20);
define('LOGIN_ERROR_USERNAME', 10);
define('LOGIN_ERROR_PASSWORD', 11);
define('LOGIN_ERROR_ACTIVE', 12);

10
phpBB/includes/functions_user.php
View File

@ -148,7 +148,7 @@ function user_add($user_row, $cp_data = false)
// These are the additional vars able to be specified
$additional_vars = array(
'user_permissions' => '',
'user_timezone' => 0,
'user_timezone' => $config['board_timezone'],
'user_dateformat' => $config['default_dateformat'],
'user_lang' => $config['default_lang'],
'user_style' => $config['default_style'],
@ -242,6 +242,14 @@ function user_add($user_row, $cp_data = false)
// Now make it the users default group...
group_set_user_default($user_row['group_id'], array($user_id));
// set the newest user and adjust the user count if the user is a normal user and no activation mail is sent
if ($user_row['user_type'] == USER_NORMAL || !$config['email_enable'])
{
set_config('newest_user_id', $user_id, true);
set_config('newest_username', $user_row['username'], true);
set_config('num_users', $config['num_users'] + 1, true);
}
return $user_id;
}

15
phpBB/includes/mcp/mcp_queue.php
View File

@ -181,6 +181,8 @@ class mcp_queue
$forum_list[] = $row['forum_id'];
}
$global_id = $forum_list[0];
if (!($forum_list = implode(', ', $forum_list)))
{
trigger_error('NOT_MODERATOR');
@ -192,8 +194,6 @@ class mcp_queue
$result = $db->sql_query($sql);
$forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics');
$db->sql_freeresult($result);
$global_id = $forum_list[0];
}
else
{
@ -250,7 +250,7 @@ class mcp_queue
if (sizeof($post_ids))
{
$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_username, p.poster_id, p.post_time, u.username
$sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u
WHERE p.post_id IN (" . implode(', ', $post_ids) . ")
AND t.topic_id = p.topic_id
@ -281,7 +281,7 @@ class mcp_queue
}
else
{
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username
$sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username
FROM ' . TOPICS_TABLE . " t
WHERE topic_approved = 0
AND forum_id IN (0, $forum_list)
@ -336,15 +336,13 @@ class mcp_queue
$template->assign_block_vars('postrow', array(
'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
// Q: Why accessing the topic by a post_id instead of its topic_id?
// A: To prevent the post from being hidden because of wrong encoding or different charset
'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''),
'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&amp;start=$start&amp;mode=approve_details&amp;f={$row['forum_id']}&amp;p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&amp;t={$row['topic_id']}" : '')),
'U_VIEWPROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['poster_id']) : '',
'POST_ID' => $row['post_id'],
'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'],
'TOPIC_TITLE' => $row['topic_title'],
'POST_SUBJECT' => $row['post_subject'],
'POSTER' => $poster,
'POST_TIME' => $user->format_date($row['post_time']))
);
@ -360,6 +358,7 @@ class mcp_queue
'S_FORUM_OPTIONS' => $forum_options,
'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')),
'S_TOPICS' => ($mode == 'unapproved_posts') ? false : true,
'PAGINATION' => generate_pagination($this->u_action . "&amp;f=$forum_id", $total, $config['topics_per_page'], $start),
'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start),

19
phpBB/includes/mcp/mcp_reports.php
View File

@ -191,6 +191,8 @@ class mcp_reports
$forum_list[] = $row['forum_id'];
}
$global_id = $forum_list[0];
if (!($forum_list = implode(', ', $forum_list)))
{
trigger_error('NOT_MODERATOR');
@ -214,6 +216,7 @@ class mcp_reports
$forum_info = $forum_info[$forum_id];
$forum_list = $forum_id;
$global_id = $forum_id;
}
$forum_list .= ', 0';
@ -297,16 +300,20 @@ class mcp_reports
$poster = $row['username'];
}
$global_topic = ($row['forum_id']) ? false : true;
if ($global_topic)
{
$row['forum_id'] = $global_id;
}
$template->assign_block_vars('postrow', array(
'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']),
// Q: Why accessing the topic by a post_id instead of its topic_id?
// A: To prevent the post from being hidden because of wrong encoding or different charset
'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . '#p' . $row['post_id'],
'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&amp;start=$start&amp;mode=report_details&amp;f={$forum_id}&amp;p={$row['post_id']}"),
'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&amp;p=' . $row['post_id']) . '#p' . $row['post_id'],
'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&amp;start=$start&amp;mode=report_details&amp;f={$row['forum_id']}&amp;p={$row['post_id']}"),
'U_VIEW_POSTER_PROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['poster_id']) : '',
'U_VIEW_REPORTER_PROFILE' => ($row['reporter_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['reporter_id']) : '',
'FORUM_NAME' => ($row['forum_id']) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['ALL_FORUMS'],
'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'],
'POSTER' => $poster,
'POST_ID' => $row['post_id'],
'POST_SUBJECT' => $row['post_subject'],

2
phpBB/includes/search/fulltext_native.php
View File

@ -232,7 +232,7 @@ class fulltext_native extends search_backend
for ($i = 0, $n = sizeof($text); $i < $n; $i++)
{
if ($lengths[$i] < $config['fulltext_native_min_chars'] || $lengths[$i] > $config['fulltext_native_max_chars'])
if ($lengths[$i] < $config['fulltext_native_min_chars'] || $lengths[$i] > $config['fulltext_native_max_chars'] || strlen($text[$i]) > 252)
{
unset($text[$i]);
}

7
phpBB/includes/ucp/ucp_register.php
View File

@ -345,13 +345,6 @@ class ucp_register
$db->sql_freeresult($result);
}
}
if ($user_type == USER_NORMAL || !$config['email_enable'])
{
set_config('newest_user_id', $user_id, true);
set_config('newest_username', $username, true);
set_config('num_users', $config['num_users'] + 1, true);
}
unset($data);
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');

1
phpBB/install/schemas/schema_data.sql
View File

@ -107,6 +107,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_port', '5222')
INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_resource', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_username', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_email', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_server', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('limit_load', '0');

8
phpBB/language/en/acp/board.php
View File

@ -287,11 +287,15 @@ $lang = array_merge($lang, array(
'ACP_AUTH_SETTINGS_EXPLAIN' => 'phpBB2 supports authentication plug-ins, or modules. These allow you determine how users are authenticated when they log into the board. By default three plug-ins are provided; DB, LDAP and Apache. Not all methods require additional information so only fill out fields if they are relevant to the selected method.',
'AUTH_METHOD' => 'Select an authentication method',
'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username.',
'LDAP_DN' => 'LDAP base dn',
'LDAP_DN_EXPLAIN' => 'This is the Distinguished Name, locating the user information, e.g. o=My Company,c=US',
'LDAP_EMAIL' => 'LDAP email attribute',
'LDAP_EMAIL_EXPLAIN' => 'Set this to the name of your user entry email attribute (if one exists) in order to automatically set the email address for new users. Leaving this empty results in empty email address for users who log in for the first time.',
'LDAP_NO_EMAIL' => 'The specified email attribute does not exist.',
'LDAP_NO_IDENTITY' => 'Could not find a login identity for %s',
'LDAP_NO_LDAP_EXTENSION' => 'LDAP extension not availible',
'LDAP_NO_SERVER_CONNECTION' => 'Could not connect to LDAP server',
'LDAP_SERVER' => 'LDAP server name',
'LDAP_SERVER_EXPLAIN' => 'If using LDAP this is the name or IP address of the server.',
'LDAP_UID' => 'LDAP uid',

3
phpBB/language/en/common.php
View File

@ -65,6 +65,7 @@ $lang = array_merge($lang, array(
'ASCENDING' => 'Ascending',
'ATTACHMENTS' => 'Attachments',
'AUTHOR' => 'Author',
'AUTH_NO_PROFILE_CREATED' => 'Creating a user profile failed',
'AVATAR_DISALLOWED_EXTENSION' => 'The extension %s is not allowed',
'AVATAR_EMPTY_REMOTE_DATA' => 'Avatar could not be uploaded, the remote data appears to be invalid or corrupted.',
'AVATAR_INVALID_FILENAME' => '%s is an invalid filename',
@ -246,6 +247,8 @@ $lang = array_merge($lang, array(
'LAST_POST' => 'Last post',
'LAST_UPDATED' => 'Last updated',
'LAST_VISIT' => 'Last visit',
'LDAP_NO_LDAP_EXTENSION' => 'LDAP extension not availible',
'LDAP_NO_SERVER_CONNECTION' => 'Could not connect to LDAP server',
'LEGEND' => 'Legend',
'LOCATION' => 'Location',
'LOCK_POST' => 'Lock Post',

15
phpBB/memberlist.php
View File

@ -1276,8 +1276,23 @@ function show_profile($data)
$online = false;
}
$age = '';
if ($data['user_birthday'])
{
list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $data['user_birthday']));
if ($bday_year)
{
$time = time() + $user->timezone + $user->dst;
$age = (int) (date('Y', $time) - $bday_year - ((((date('n', $time) - $bday_month) < 0) || ((date('j', $time) - $bday_day) < 0)) ? 1 : 0));
}
}
// Dump it out to the template
return array(
'AGE' => $age,
'USERNAME' => $username,
'USER_COLOR' => (!empty($data['user_colour'])) ? $data['user_colour'] : '',
'RANK_TITLE' => $rank_title,

2
phpBB/search.php
View File

@ -141,7 +141,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
else if ($auth->acl_getf_global('m_approve'))
{
$m_approve_fid_ary = array_diff(array_keys($auth->acl_getf('!m_approve', true)), $ex_fid_ary);
$m_approve_fid_sql = ' AND (p.post_approved = 1 OR p.forum_id NOT IN (' . implode(', ', $m_approve_fid_ary) . '))';
$m_approve_fid_sql = ' AND (p.post_approved = 1' . (($m_approve_fid_ary) ? ' OR p.forum_id NOT IN (' . implode(', ', $m_approve_fid_ary) . ')') . ')' : '';
}
else
{

2
phpBB/styles/subSilver/template/mcp_notes_user.html
View File

@ -54,7 +54,7 @@
<!-- BEGIN usernotes -->
<!-- IF usernotes.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
<td<!-- IF not S_CLEAR_ALLOWED --> colspan="2"<!-- ENDIF -->><span class="gensmall">{L_REPORT_BY}: <b>{usernotes.REPORT_BY}</b> {L_ON} {usernotes.REPORT_AT}</span><hr /><span class="gen">{usernotes.ACTION}</span></td>
<td<!-- IF not S_CLEAR_ALLOWED --> colspan="2"<!-- ENDIF -->><span class="gensmall">{L_REPORT_BY}: <b>{usernotes.REPORT_BY}</b> {L_REPORTED}: {usernotes.REPORT_AT}</span><hr /><span class="gen">{usernotes.ACTION}</span></td>
<!-- IF S_CLEAR_ALLOWED --><td width="5%" align="center"><input type="checkbox" class="radio" name="marknote[]" value="{usernotes.ID}" /></td><!-- ENDIF -->
</tr>
<!-- END usernotes -->

4
phpBB/styles/subSilver/template/mcp_queue.html
View File

@ -10,7 +10,7 @@
<td colspan="5" class="cat" align="center"><span class="gensmall">{L_DISPLAY_ITEMS}:</span> {S_SELECT_SORT_DAYS}&nbsp;<span class="gensmall">{L_SORT_BY}</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}&nbsp;<span class="gensmall">{L_FORUM}</span> <select name="f">{S_FORUM_OPTIONS}</select> &nbsp; <!-- IF TOPIC_ID --><input type="checkbox" class="radio" name="t" value="{TOPIC_ID}" checked="checked" />&nbsp; <b>{L_ONLY_TOPIC}</b> &nbsp; <!-- ENDIF --><input class="btnlite" type="submit" name="sort" value="{L_GO}" /></span></td>
</tr>
<tr>
<th>&nbsp;{L_TOPIC}&nbsp;</th>
<th>&nbsp;<!-- IF S_TOPICS -->{L_TOPIC}<!-- ELSE -->{L_POST}<!-- ENDIF -->&nbsp;</th>
<th>&nbsp;{L_AUTHOR}&nbsp;</th>
<th>&nbsp;{L_POST_TIME}&nbsp;</th>
<th width="5%">&nbsp;{L_SELECT}&nbsp;</th>
@ -18,7 +18,7 @@
<!-- BEGIN postrow -->
<!-- IF postrow.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
<td style="padding: 4px;"><p class="topictitle"><a href="{postrow.U_VIEWTOPIC}">{postrow.TOPIC_TITLE}</a></p>
<td style="padding: 4px;"><p class="topictitle"><a href="{postrow.U_VIEWPOST}">{postrow.POST_SUBJECT}</a></p>
<span class="gensmall"><!-- IF postrow.U_VIEWFORUM -->{L_FORUM}: <a href="{postrow.U_VIEWFORUM}">{postrow.FORUM_NAME}</a><!-- ELSE -->{postrow.FORUM_NAME}<!-- ENDIF --></span></td>
<td style="padding: 4px;" align="left" valign="top" nowrap="nowrap"><span class="gen"><!-- IF postrow.U_VIEWPROFILE --><a href="{postrow.U_VIEWPROFILE}">{postrow.POSTER}</a><!-- ELSE -->{postrow.POSTER}<!-- ENDIF --></span><br />
<span class="gensmall">[ <a href="{postrow.U_VIEW_DETAILS}">{L_VIEW_DETAILS}</a> ]</span></td>

5
phpBB/styles/subSilver/template/mcp_reports.html
View File

@ -19,9 +19,8 @@
<!-- BEGIN postrow -->
<!-- IF postrow.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
<td style="padding: 4px;"><p class="topictitle"><a href="{postrow.U_VIEWTOPIC}">{postrow.POST_SUBJECT}</a></p>
<span class="gensmall">{L_TOPIC}: <a href="{postrow.U_VIEWTOPIC}">{postrow.TOPIC_TITLE}</a></span><br />
<span class="gensmall">{L_FORUM}: <a href="{postrow.U_VIEWFORUM}">{postrow.FORUM_NAME}</a></span></td>
<td style="padding: 4px;"><p class="topictitle"><a href="{postrow.U_VIEWPOST}">{postrow.POST_SUBJECT}</a></p>
<span class="gensmall"><!-- IF postrow.U_VIEWFORUM -->{L_FORUM}: <a href="{postrow.U_VIEWFORUM}">{postrow.FORUM_NAME}</a><!-- ELSE -->{postrow.FORUM_NAME}<!-- ENDIF --></span></td>
<td style="padding: 4px;" align="left" valign="top" nowrap="nowrap"><span class="gen"><!-- IF postrow.U_VIEW_POSTER_PROFILE --><a href="{postrow.U_VIEW_POSTER_PROFILE}">{postrow.POSTER}</a><!-- ELSE -->{postrow.POSTER}<!-- ENDIF --></span><br />
<span class="gensmall">{postrow.POST_TIME}</span></td>
<td style="padding: 4px;" align="left" valign="top" nowrap="nowrap"><span class="gen"><!-- IF postrow.U_VIEW_REPORTER_PROFILE --><a href="{postrow.U_VIEW_REPOTER_PROFILE}">{postrow.REPORTER}</a><!-- ELSE -->{postrow.REPORTER}<!-- ENDIF --></span></td>

12
phpBB/styles/subSilver/template/memberlist_view.html
View File

@ -129,19 +129,23 @@
<td class="gen" align="right" nowrap="nowrap">{L_USERGROUPS}: </td>
<td><select name="g">{S_GROUP_OPTIONS}</select> <input class="btnlite" type="submit" name="submit" value="{L_GO}" /></td>
</tr>
<tr>
<tr>
<td class="gen" align="right" nowrap="nowrap">{L_LOCATION}: </td>
<td><b class="genmed">{LOCATION}</b></td>
</tr>
<tr>
<tr>
<td class="gen" align="right" nowrap="nowrap">{L_AGE}: </td>
<td><b class="genmed">{AGE}</b></td>
</tr>
<tr>
<td class="gen" align="right" nowrap="nowrap">{L_OCCUPATION}: </td>
<td><b class="genmed">{OCCUPATION}</b></td>
</tr>
<tr>
<tr>
<td class="gen" align="right" nowrap="nowrap">{L_INTERESTS}: </td>
<td><b class="genmed">{INTERESTS}</b></td>
</tr>
<tr>
<tr>
<td class="gen" align="right" nowrap="nowrap">{L_WEBSITE}: </td>
<td><b><!-- IF U_WWW --><a class="genmed" href="{U_WWW}" target="_userwww">{U_WWW}</a><!-- ENDIF --></b></td>
</tr>

31
phpBB/viewtopic.php
View File

@ -118,7 +118,7 @@ if ($view && !$post_id)
else
{
$topic_id = $row['topic_id'];
// Check for global announcement correctness?
if (!$row['forum_id'] && !$forum_id)
{
@ -175,7 +175,7 @@ if ($user->data['is_registered'])
if ($config['load_db_lastread'])
{
$sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time';
$sql_array['LEFT_JOIN'][] = array(
'FROM' => array(TOPICS_TRACK_TABLE => 'tt'),
'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id'
@ -203,7 +203,7 @@ $sql_array['WHERE'] .= ' AND (f.forum_id = t.forum_id';
if (!$forum_id)
{
// If it is a global announcement make sure to set the forum id to a postable forum
$sql_array['WHERE'] .= ' OR (t.topic_type = ' . POST_GLOBAL . '
$sql_array['WHERE'] .= ' OR (t.topic_type = ' . POST_GLOBAL . '
AND f.forum_type = ' . FORUM_POST . ')';
}
else
@ -646,7 +646,7 @@ if (!empty($topic_data['poll_start']))
'vote_user_id' => (int) $user->data['user_id'],
'vote_user_ip' => (string) $user->ip,
);
$sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
}
@ -840,6 +840,9 @@ $sql = $db->sql_build_query('SELECT', array(
$result = $db->sql_query($sql);
$today = explode('-', date('j-n-Y', time() + $user->timezone + $user->dst));
$today = array('day' => (int) $today[0], 'month' => (int) $today[1], 'year' => (int) $today[2]);
// Posts are stored in the $rowset array while $attach_list, $user_cache
// and the global bbcode_bitfield are built
while ($row = $db->sql_fetchrow($result))
@ -949,7 +952,8 @@ while ($row = $db->sql_fetchrow($result))
'jabber' => '',
'search' => '',
'username' => ($row['user_colour']) ? '<span style="color:#' . $row['user_colour'] . '">' . $poster . '</span>' : $poster,
'age' => '',
'warnings' => 0,
);
}
@ -977,6 +981,7 @@ while ($row = $db->sql_fetchrow($result))
'viewonline' => $row['user_allow_viewonline'],
'avatar' => '',
'age' => '',
'online' => false,
'profile' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=viewprofile&amp;u=$poster_id"),
@ -1055,10 +1060,21 @@ while ($row = $db->sql_fetchrow($result))
$user_cache[$poster_id]['icq_status_img'] = '';
$user_cache[$poster_id]['icq'] = '';
}
if (!empty($row['user_birthday']))
{
list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $row['user_birthday']));
if ($bday_year)
{
$user_cache[$poster_id]['age'] = (int) ($today['year'] - $bday_year - ((($today['month'] - $bday_month) < 0) || (($today['day'] - $bday_day) < 0)) ? 1 : 0);
}
}
}
}
}
$db->sql_freeresult($result);
unset($today);
// Load custom profile fields
if ($config['load_cpf_viewtopic'])
@ -1309,7 +1325,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
if ($topic_data['topic_bumped'] && $row['post_id'] == $topic_data['topic_last_post_id'] && isset($user_cache[$topic_data['topic_bumper']]) )
{
// It is safe to grab the username from the user cache array, we are at the last
// post and only the topic poster and last poster are allowed to bump. However, a
// post and only the topic poster and last poster are allowed to bump. However, a
// check is still needed incase an admin bumped the topic (but didn't post in the topic)
$l_bumped_by = '<br /><br />' . sprintf($user->lang['BUMPED_BY'], $user_cache[$topic_data['topic_bumper']]['username'], $user->format_date($topic_data['topic_last_post_time']));
}
@ -1327,7 +1343,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
}
$post_unread = (isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id]) ? true : false;
$s_first_unread = false;
if (!$first_unread && $post_unread)
{
@ -1345,6 +1361,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
'POSTER_FROM' => $user_cache[$poster_id]['from'],
'POSTER_AVATAR' => $user_cache[$poster_id]['avatar'],
'POSTER_WARNINGS' => $user_cache[$poster_id]['warnings'],
'POSTER_AGE' => $user_cache[$poster_id]['age'],
'POST_DATE' => $user->format_date($row['post_time']),
'POST_SUBJECT' => $row['post_subject'],