Merge remote-tracking branch 'upstream/develop' into ticket/11015

* upstream/develop: (101 commits)
  [ticket/10491] Make recreate_database static.
  [ticket/11088] Pass required objects in as arguments
  [ticket/11088] Globalize objects in new permission function
  [ticket/11088] Move permission creation to a function
  [ticket/11088] Copy a_styles permission for a_extensions
  [ticket/11088] Remove extraneous word from sentence in comment
  [ticket/11088] Changed "file extensions" to "attachment extensions"
  [ticket/11088] Fix the database updater to correctly manipulate the modules
  [ticket/11088] Put language pack module move below extension module creation
  [ticket/11088] Untested, progress on update script
  [ticket/11088] Fix typo (period instead of comma)
  [ticket/11088] Untested progress for update script
  [ticket/11088] Added missing comma
  [ticket/11088] Removed added space
  [ticket/11088] Move style, extension and language pack management to customise
  [ticket/11243] Show download all link on all pages of topic with attachments
  [feature/template-events] Pass arguments in correct order.
  [feature/template-events] Pass arguments in correct order.
  [ticket/10491] Install board once per test run.
  [ticket/11257] Do not require set_name() method to exist
  ...

phpBB/includes/acp/info/acp_extensions.php

@@ -16,10 +16,10 @@ class acp_extensions_info
 	{
 		return array(
 			'filename'	=> 'acp_extensions',
-			'title'		=> 'ACP_EXTENSIONS',
+			'title'		=> 'ACP_EXTENSIONS_MANAGEMENT',
 			'version'	=> '1.0.0',
 			'modes'		=> array(
-				'main'		=> array('title' => 'ACP_EXTENSIONS', 'auth' => 'acl_a_extensions', 'cat' => array('ACP_GENERAL_TASKS')),
+				'main'		=> array('title' => 'ACP_EXTENSIONS', 'auth' => 'acl_a_extensions', 'cat' => array('ACP_EXTENSIONS_MANAGEMENT')),
 			),
 		);
 	}

phpBB/includes/acp/info/acp_language.php

@@ -19,7 +19,7 @@ class acp_language_info
 			'title'		=> 'ACP_LANGUAGE',
 			'version'	=> '1.0.0',
 			'modes'		=> array(
-				'lang_packs'		=> array('title' => 'ACP_LANGUAGE_PACKS', 'auth' => 'acl_a_language', 'cat' => array('ACP_GENERAL_TASKS')),
+				'lang_packs'		=> array('title' => 'ACP_LANGUAGE_PACKS', 'auth' => 'acl_a_language', 'cat' => array('ACP_LANGUAGE')),
 			),
 		);
 	}

phpBB/includes/bbcode.php

@@ -134,7 +134,7 @@ class bbcode
 
 			$style_resource_locator = new phpbb_style_resource_locator();
 			$style_path_provider = new phpbb_style_extension_path_provider($phpbb_extension_manager, new phpbb_style_path_provider());
-			$template = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, new phpbb_template_context());
+			$template = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, new phpbb_template_context(), $phpbb_extension_manager);
 			$style = new phpbb_style($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, $style_path_provider, $template);
 			$style->set_style();
 			$template->set_filenames(array('bbcode.html' => 'bbcode.html'));

phpBB/includes/db/driver/mssql.php

@@ -22,11 +22,19 @@ if (!defined('IN_PHPBB'))
 */
 class phpbb_db_driver_mssql extends phpbb_db_driver
 {
+	var $connect_error = '';
+
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false)
 	{
+		if (!function_exists('mssql_connect'))
+		{
+			$this->connect_error = 'mssql_connect function does not exist, is mssql extension installed?';
+			return $this->sql_error('');
+		}
+
 		$this->persistency = $persistency;
 		$this->user = $sqluser;
 		$this->dbname = $database;
@@ -353,34 +361,44 @@ class phpbb_db_driver_mssql extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		$error = array(
-			'message'	=> @mssql_get_last_message(),
-			'code'		=> ''
-		);
-
-		// Get error code number
-		$result_id = @mssql_query('SELECT @@ERROR as code', $this->db_connect_id);
-		if ($result_id)
+		if (function_exists('mssql_get_last_message'))
 		{
-			$row = @mssql_fetch_assoc($result_id);
-			$error['code'] = $row['code'];
-			@mssql_free_result($result_id);
-		}
+			$error = array(
+				'message'	=> @mssql_get_last_message(),
+				'code'		=> '',
+			);
 
-		// Get full error message if possible
-		$sql = 'SELECT CAST(description as varchar(255)) as message
-			FROM master.dbo.sysmessages
-			WHERE error = ' . $error['code'];
-		$result_id = @mssql_query($sql);
-		
-		if ($result_id)
-		{
-			$row = @mssql_fetch_assoc($result_id);
-			if (!empty($row['message']))
+			// Get error code number
+			$result_id = @mssql_query('SELECT @@ERROR as code', $this->db_connect_id);
+			if ($result_id)
 			{
-				$error['message'] .= '<br />' . $row['message'];
+				$row = @mssql_fetch_assoc($result_id);
+				$error['code'] = $row['code'];
+				@mssql_free_result($result_id);
 			}
-			@mssql_free_result($result_id);
+
+			// Get full error message if possible
+			$sql = 'SELECT CAST(description as varchar(255)) as message
+				FROM master.dbo.sysmessages
+				WHERE error = ' . $error['code'];
+			$result_id = @mssql_query($sql);
+
+			if ($result_id)
+			{
+				$row = @mssql_fetch_assoc($result_id);
+				if (!empty($row['message']))
+				{
+					$error['message'] .= '<br />' . $row['message'];
+				}
+				@mssql_free_result($result_id);
+			}
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
 		return $error;

phpBB/includes/db/driver/mssql_odbc.php

@@ -29,6 +29,7 @@ if (!defined('IN_PHPBB'))
 class phpbb_db_driver_mssql_odbc extends phpbb_db_driver
 {
 	var $last_query_text = '';
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -65,7 +66,24 @@ class phpbb_db_driver_mssql_odbc extends phpbb_db_driver
 			@ini_set('odbc.defaultlrl', $max_size);
 		}
 
-		$this->db_connect_id = ($this->persistency) ? @odbc_pconnect($this->server, $this->user, $sqlpassword) : @odbc_connect($this->server, $this->user, $sqlpassword);
+		if ($this->persistency)
+		{
+			if (!function_exists('odbc_pconnect'))
+			{
+				$this->connect_error = 'odbc_pconnect function does not exist, is odbc extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @odbc_pconnect($this->server, $this->user, $sqlpassword);
+		}
+		else
+		{
+			if (!function_exists('odbc_connect'))
+			{
+				$this->connect_error = 'odbc_connect function does not exist, is odbc extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @odbc_connect($this->server, $this->user, $sqlpassword);
+		}
 
 		return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
 	}
@@ -347,10 +365,22 @@ class phpbb_db_driver_mssql_odbc extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		return array(
-			'message'	=> @odbc_errormsg(),
-			'code'		=> @odbc_error()
-		);
+		if (function_exists('odbc_errormsg'))
+		{
+			$error = array(
+				'message'	=> @odbc_errormsg(),
+				'code'		=> @odbc_error(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
+		}
+
+		return $error;
 	}
 
 	/**

phpBB/includes/db/driver/mssqlnative.php

@@ -196,16 +196,18 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver
 	var $m_insert_id = NULL;
 	var $last_query_text = '';
 	var $query_options = array();
+	var $connect_error = '';
 
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false)
 	{
-		# Test for driver support, to avoid suppressed fatal error
+		// Test for driver support, to avoid suppressed fatal error
 		if (!function_exists('sqlsrv_connect'))
 		{
-			trigger_error('Native MS SQL Server driver for PHP is missing or needs to be updated. Version 1.1 or later is required to install phpBB3. You can download the driver from: http://www.microsoft.com/sqlserver/2005/en/us/PHP-Driver.aspx\n', E_USER_ERROR);
+			$this->connect_error = 'Native MS SQL Server driver for PHP is missing or needs to be updated. Version 1.1 or later is required to install phpBB3. You can download the driver from: http://www.microsoft.com/sqlserver/2005/en/us/PHP-Driver.aspx';
+			return $this->sql_error('');
 		}
 
 		//set up connection variables
@@ -519,31 +521,43 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		$errors = @sqlsrv_errors(SQLSRV_ERR_ERRORS);
-		$error_message = '';
-		$code = 0;
-
-		if ($errors != null)
+		if (function_exists('sqlsrv_errors'))
 		{
-			foreach ($errors as $error)
+			$errors = @sqlsrv_errors(SQLSRV_ERR_ERRORS);
+			$error_message = '';
+			$code = 0;
+
+			if ($errors != null)
 			{
-				$error_message .= "SQLSTATE: ".$error[ 'SQLSTATE']."\n";
-				$error_message .= "code: ".$error[ 'code']."\n";
-				$code = $error['code'];
-				$error_message .= "message: ".$error[ 'message']."\n";
+				foreach ($errors as $error)
+				{
+					$error_message .= "SQLSTATE: " . $error[ 'SQLSTATE'] . "\n";
+					$error_message .= "code: " . $error[ 'code'] . "\n";
+					$code = $error['code'];
+					$error_message .= "message: " . $error[ 'message'] . "\n";
+				}
+				$this->last_error_result = $error_message;
+				$error = $this->last_error_result;
 			}
-			$this->last_error_result = $error_message;
-			$error = $this->last_error_result;
+			else
+			{
+				$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			}
+
+			$error = array(
+				'message'	=> $error,
+				'code'		=> $code,
+			);
 		}
 		else
 		{
-			$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
-		return array(
-			'message'	=> $error,
-			'code'		=> $code,
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/driver/mysql.php

@@ -27,6 +27,7 @@ if (!defined('IN_PHPBB'))
 class phpbb_db_driver_mysql extends phpbb_db_driver
 {
 	var $multi_insert = true;
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -41,7 +42,24 @@ class phpbb_db_driver_mysql extends phpbb_db_driver
 
 		$this->sql_layer = 'mysql4';
 
-		$this->db_connect_id = ($this->persistency) ? @mysql_pconnect($this->server, $this->user, $sqlpassword) : @mysql_connect($this->server, $this->user, $sqlpassword, $new_link);
+		if ($this->persistency)
+		{
+			if (!function_exists('mysql_pconnect'))
+			{
+				$this->connect_error = 'mysql_pconnect function does not exist, is mysql extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @mysql_pconnect($this->server, $this->user, $sqlpassword);
+		}
+		else
+		{
+			if (!function_exists('mysql_connect'))
+			{
+				$this->connect_error = 'mysql_connect function does not exist, is mysql extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @mysql_connect($this->server, $this->user, $sqlpassword, $new_link);
+		}
 
 		if ($this->db_connect_id && $this->dbname != '')
 		{
@@ -424,18 +442,29 @@ class phpbb_db_driver_mysql extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		if (!$this->db_connect_id)
+		if ($this->db_connect_id)
 		{
-			return array(
+			$error = array(
+				'message'	=> @mysql_error($this->db_connect_id),
+				'code'		=> @mysql_errno($this->db_connect_id),
+			);
+		}
+		else if (function_exists('mysql_error'))
+		{
+			$error = array(
 				'message'	=> @mysql_error(),
-				'code'		=> @mysql_errno()
+				'code'		=> @mysql_errno(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
 			);
 		}
 
-		return array(
-			'message'	=> @mysql_error($this->db_connect_id),
-			'code'		=> @mysql_errno($this->db_connect_id)
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/driver/mysqli.php

@@ -24,12 +24,19 @@ if (!defined('IN_PHPBB'))
 class phpbb_db_driver_mysqli extends phpbb_db_driver
 {
 	var $multi_insert = true;
+	var $connect_error = '';
 
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false , $new_link = false)
 	{
+		if (!function_exists('mysqli_connect'))
+		{
+			$this->connect_error = 'mysqli_connect function does not exist, is mysqli extension installed?';
+			return $this->sql_error('');
+		}
+
 		// Mysqli extension supports persistent connection since PHP 5.3.0
 		$this->persistency = (version_compare(PHP_VERSION, '5.3.0', '>=')) ? $persistency : false;
 		$this->user = $sqluser;
@@ -421,18 +428,29 @@ class phpbb_db_driver_mysqli extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		if (!$this->db_connect_id)
+		if ($this->db_connect_id)
 		{
-			return array(
+			$error = array(
+				'message'	=> @mysqli_error($this->db_connect_id),
+				'code'		=> @mysqli_errno($this->db_connect_id)
+			);
+		}
+		else if (function_exists('mysqli_connect_error'))
+		{
+			$error = array(
 				'message'	=> @mysqli_connect_error(),
-				'code'		=> @mysqli_connect_errno()
+				'code'		=> @mysqli_connect_errno(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
 			);
 		}
 
-		return array(
-			'message'	=> @mysqli_error($this->db_connect_id),
-			'code'		=> @mysqli_errno($this->db_connect_id)
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/driver/oracle.php

@@ -22,6 +22,7 @@ if (!defined('IN_PHPBB'))
 class phpbb_db_driver_oracle extends phpbb_db_driver
 {
 	var $last_query_text = '';
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -45,7 +46,33 @@ class phpbb_db_driver_oracle extends phpbb_db_driver
 			$connect = $sqlserver . (($port) ? ':' . $port : '') . '/' . $database;
 		}
 
-		$this->db_connect_id = ($new_link) ? @ocinlogon($this->user, $sqlpassword, $connect, 'UTF8') : (($this->persistency) ? @ociplogon($this->user, $sqlpassword, $connect, 'UTF8') : @ocilogon($this->user, $sqlpassword, $connect, 'UTF8'));
+		if ($new_link)
+		{
+			if (!function_exists('ocinlogon'))
+			{
+				$this->connect_error = 'ocinlogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ocinlogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
+		else if ($this->persistency)
+		{
+			if (!function_exists('ociplogon'))
+			{
+				$this->connect_error = 'ociplogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ociplogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
+		else
+		{
+			if (!function_exists('ocilogon'))
+			{
+				$this->connect_error = 'ocilogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ocilogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
 
 		return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
 	}
@@ -644,17 +671,27 @@ class phpbb_db_driver_oracle extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		$error = @ocierror();
-		$error = (!$error) ? @ocierror($this->query_result) : $error;
-		$error = (!$error) ? @ocierror($this->db_connect_id) : $error;
-
-		if ($error)
+		if (function_exists('ocierror'))
 		{
-			$this->last_error_result = $error;
+			$error = @ocierror();
+			$error = (!$error) ? @ocierror($this->query_result) : $error;
+			$error = (!$error) ? @ocierror($this->db_connect_id) : $error;
+
+			if ($error)
+			{
+				$this->last_error_result = $error;
+			}
+			else
+			{
+				$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			}
 		}
 		else
 		{
-			$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
 		return $error;

phpBB/includes/db/driver/sqlite.php

@@ -22,6 +22,8 @@ if (!defined('IN_PHPBB'))
 */
 class phpbb_db_driver_sqlite extends phpbb_db_driver
 {
+	var $connect_error = '';
+
 	/**
 	* Connect to server
 	*/
@@ -33,7 +35,24 @@ class phpbb_db_driver_sqlite extends phpbb_db_driver
 		$this->dbname = $database;
 
 		$error = '';
-		$this->db_connect_id = ($this->persistency) ? @sqlite_popen($this->server, 0666, $error) : @sqlite_open($this->server, 0666, $error);
+		if ($this->persistency)
+		{
+			if (!function_exists('sqlite_popen'))
+			{
+				$this->connect_error = 'sqlite_popen function does not exist, is sqlite extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @sqlite_popen($this->server, 0666, $error);
+		}
+		else
+		{
+			if (!function_exists('sqlite_open'))
+			{
+				$this->connect_error = 'sqlite_open function does not exist, is sqlite extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @sqlite_open($this->server, 0666, $error);
+		}
 
 		if ($this->db_connect_id)
 		{
@@ -278,10 +297,22 @@ class phpbb_db_driver_sqlite extends phpbb_db_driver
 	*/
 	function _sql_error()
 	{
-		return array(
-			'message'	=> @sqlite_error_string(@sqlite_last_error($this->db_connect_id)),
-			'code'		=> @sqlite_last_error($this->db_connect_id)
-		);
+		if (function_exists('sqlite_error_string'))
+		{
+			$error = array(
+				'message'	=> @sqlite_error_string(@sqlite_last_error($this->db_connect_id)),
+				'code'		=> @sqlite_last_error($this->db_connect_id),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
+		}
+
+		return $error;
 	}
 
 	/**

phpBB/includes/di/service_collection.php

@@ -43,7 +43,7 @@ class phpbb_di_service_collection extends ArrayObject
 	public function add($name)
 	{
 		$task = $this->container->get($name);
-		$task->set_name($name);
+
 		$this->offsetSet($name, $task);
 	}
 }

phpBB/includes/functions.php

@@ -4893,13 +4893,108 @@ function phpbb_http_login($param)
 	trigger_error('NOT_AUTHORISED');
 }
 
+/**
+* Escapes and quotes a string for use as an HTML/XML attribute value.
+*
+* This is a port of Python xml.sax.saxutils quoteattr.
+*
+* The function will attempt to choose a quote character in such a way as to
+* avoid escaping quotes in the string. If this is not possible the string will
+* be wrapped in double quotes and double quotes will be escaped.
+*
+* @param string $data The string to be escaped
+* @param array $entities Associative array of additional entities to be escaped
+* @return string Escaped and quoted string
+*/
+function phpbb_quoteattr($data, $entities = null)
+{
+	$data = str_replace('&', '&', $data);
+	$data = str_replace('>', '>', $data);
+	$data = str_replace('<', '&lt;', $data);
+
+	$data = str_replace("\n", '&#10;', $data);
+	$data = str_replace("\r", '&#13;', $data);
+	$data = str_replace("\t", '&#9;', $data);
+
+	if (!empty($entities))
+	{
+		$data = str_replace(array_keys($entities), array_values($entities), $data);
+	}
+
+	if (strpos($data, '"') !== false)
+	{
+		if (strpos($data, "'") !== false)
+		{
+			$data = '"' . str_replace('"', '&quot;', $data) . '"';
+		}
+		else
+		{
+			$data = "'" . $data . "'";
+		}
+	}
+	else
+	{
+		$data = '"' . $data . '"';
+	}
+
+	return $data;
+}
+
+/**
+* Converts query string (GET) parameters in request into hidden fields.
+*
+* Useful for forwarding GET parameters when submitting forms with GET method.
+*
+* It is possible to omit some of the GET parameters, which is useful if
+* they are specified in the form being submitted.
+*
+* sid is always omitted.
+*
+* @param phpbb_request $request Request object
+* @param array $exclude A list of variable names that should not be forwarded
+* @return string HTML with hidden fields
+*/
+function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
+{
+	$names = $request->variable_names(phpbb_request_interface::GET);
+	$hidden = '';
+	foreach ($names as $name)
+	{
+		// Sessions are dealt with elsewhere, omit sid always
+		if ($name == 'sid')
+		{
+			continue;
+		}
+
+		// Omit any additional parameters requested
+		if (!empty($exclude) && in_array($name, $exclude))
+		{
+			continue;
+		}
+
+		$escaped_name = phpbb_quoteattr($name);
+
+		// Note: we might retrieve the variable from POST or cookies
+		// here. To avoid exposing cookies, skip variables that are
+		// overwritten somewhere other than GET entirely.
+		$value = $request->variable($name, '', true);
+		$get_value = $request->variable($name, '', true, phpbb_request_interface::GET);
+		if ($value === $get_value)
+		{
+			$escaped_value = phpbb_quoteattr($value);
+			$hidden .= "<input type='hidden' name=$escaped_name value=$escaped_value />";
+		}
+	}
+	return $hidden;
+}
+
 /**
 * Generate page header
 */
 function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
 {
 	global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
-	global $phpbb_dispatcher;
+	global $phpbb_dispatcher, $request;
 
 	if (defined('HEADER_INC'))
 	{
@@ -5088,6 +5183,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
 		$timezone_name = $user->lang['timezones'][$timezone_name];
 	}
 
+	$hidden_fields_for_jumpbox = phpbb_build_hidden_fields_for_query_params($request, array('f'));
+
 	// The following assigns all _common_ variables that may be used at any point in a template.
 	$template->assign_vars(array(
 		'SITENAME'						=> $config['sitename'],
@@ -5102,6 +5199,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
 		'RECORD_USERS'					=> $l_online_record,
 		'PRIVATE_MESSAGE_INFO'			=> $l_privmsgs_text,
 		'PRIVATE_MESSAGE_INFO_UNREAD'	=> $l_privmsgs_text_unread,
+		'HIDDEN_FIELDS_FOR_JUMPBOX'	=> $hidden_fields_for_jumpbox,
 
 		'S_USER_NEW_PRIVMSG'			=> $user->data['user_new_privmsg'],
 		'S_USER_UNREAD_PRIVMSG'			=> $user->data['user_unread_privmsg'],

phpBB/includes/functions_messenger.php

@@ -210,7 +210,7 @@ class messenger
 		{
 			$style_resource_locator = new phpbb_style_resource_locator();
 			$style_path_provider = new phpbb_style_extension_path_provider($phpbb_extension_manager, new phpbb_style_path_provider());
-			$tpl = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, new phpbb_template_context());
+			$tpl = new phpbb_template($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, new phpbb_template_context(), $extension_manager);
 			$style = new phpbb_style($phpbb_root_path, $phpEx, $config, $user, $style_resource_locator, $style_path_provider, $tpl);
 
 			$this->tpl_msg[$template_lang . $template_file] = $tpl;
@@ -231,7 +231,7 @@ class messenger
 				}
 			}
 
-			$style->set_custom_style($template_lang . '_email', array($template_path, $fallback_template_path), '');
+			$style->set_custom_style($template_lang . '_email', array($template_path, $fallback_template_path), array(), '');
 
 			$tpl->set_filenames(array(
 				'body'		=> $template_file . '.txt',

phpBB/includes/style/style.php

@@ -91,16 +91,22 @@ class phpbb_style
 	{
 		$style_path = $this->user->style['style_path'];
 		$style_dirs = ($this->user->style['style_parent_id']) ? array_reverse(explode('/', $this->user->style['style_parent_tree'])) : array();
-		$paths = array($this->get_style_path($style_path));
+
+		$names = array($style_path);
 		foreach ($style_dirs as $dir)
 		{
-			$paths[] = $this->get_style_path($dir);
+			$names[] = $dir;
+		}
+		// Add 'all' path, used as last fallback path by events and extensions
+		//$names[] = 'all';
+
+		$paths = array();
+		foreach ($names as $name)
+		{
+			$paths[] = $this->get_style_path($name);
 		}
 
-		// Add 'all' path, used as last fallback path by hooks and extensions
-		$paths[] = $this->get_style_path('all');
-
-		return $this->set_custom_style($style_path, $paths);
+		return $this->set_custom_style($style_path, $paths, $names);
 	}
 
 	/**
@@ -110,18 +116,27 @@ class phpbb_style
 	*
 	* @param string $name Name of style, used for cache prefix. Examples: "admin", "prosilver"
 	* @param array or string $paths Array of style paths, relative to current root directory
+	* @param array $names Array of names of templates in inheritance tree order, used by extensions. If empty, $name will be used.
 	* @param string $template_path Path to templates, relative to style directory. False if path should be set to default (templates/).
 	*/
-	public function set_custom_style($name, $paths, $template_path = false)
+	public function set_custom_style($name, $paths, $names = array(), $template_path = false)
 	{
 		if (is_string($paths))
 		{
 			$paths = array($paths);
 		}
 
+		if (empty($names))
+		{
+			$names = array($name);
+		}
+		$this->names = $names;
+
 		$this->provider->set_styles($paths);
 		$this->locator->set_paths($this->provider);
 
+		$this->template->set_style_names($names);
+
 		if ($template_path !== false)
 		{
 			$this->locator->set_template_path($template_path);

phpBB/includes/template/compile.php

@@ -35,16 +35,23 @@ class phpbb_template_compile
 	/**
 	* Constructor.
 	*
-	* @param bool @allow_php Whether PHP code will be allowed in templates (inline PHP code, PHP tag and INCLUDEPHP tag)
+	* @param bool $allow_php Whether PHP code will be allowed in templates (inline PHP code, PHP tag and INCLUDEPHP tag)
+	* @param array $style_names Name of style to which the template being compiled belongs and parents in style tree order
 	* @param phpbb_style_resource_locator $locator Resource locator
 	* @param string $phpbb_root_path Path to phpBB root directory
+	* @param phpbb_extension_manager $extension_manager Extension manager to use for finding template fragments in extensions; if null, template events will not be invoked
+	* @param phpbb_user $user Current user
 	*/
-	public function __construct($allow_php, $locator, $phpbb_root_path)
+	public function __construct($allow_php, $style_names, $locator, $phpbb_root_path, $extension_manager = null, $user = null)
 	{
 		$this->filter_params = array(
 			'allow_php'	=> $allow_php,
+			'style_names'	=> $style_names,
 			'locator'	=> $locator,
-			'phpbb_root_path'	=> $phpbb_root_path
+			'phpbb_root_path'	=> $phpbb_root_path,
+			'extension_manager'	=> $extension_manager,
+			'user'          => $user,
+			'template_compile'	=> $this,
 		);
 	}
 

phpBB/includes/template/filter.php

@@ -87,6 +87,37 @@ class phpbb_template_filter extends php_user_filter
 	*/
 	private $phpbb_root_path;
 
+	/**
+	* Name of the style that the template being compiled and/or rendered
+	* belongs to, and its parents, in inheritance tree order.
+	*
+	* Used to invoke style-specific template events.
+	*
+	* @var array
+	*/
+	private $style_names;
+
+	/**
+	* Extension manager.
+	*
+	* @var phpbb_extension_manager
+	*/
+	private $extension_manager;
+
+	/**
+	* Current user
+	*
+	* @var phpbb_user
+	*/
+	private $user;
+
+	/**
+	* Template compiler.
+	*
+	* @var phpbb_template_compile
+	*/
+	private $template_compile;
+
 	/**
 	* Stream filter
 	*
@@ -138,8 +169,10 @@ class phpbb_template_filter extends php_user_filter
 	/**
 	* Initializer, called on creation.
 	*
-	* Get the allow_php option, root directory and locator from params,
+	* Get the allow_php option, style_names, root directory and locator from params,
 	* which are passed to stream_filter_append.
+	*
+	* @return boolean Returns true
 	*/
 	public function onCreate()
 	{
@@ -148,6 +181,13 @@ class phpbb_template_filter extends php_user_filter
 		$this->allow_php = $this->params['allow_php'];
 		$this->locator = $this->params['locator'];
 		$this->phpbb_root_path = $this->params['phpbb_root_path'];
+		$this->style_names = $this->params['style_names'];
+		$this->extension_manager = $this->params['extension_manager'];
+		if (isset($this->params['user']))
+		{
+			$this->user = $this->params['user'];
+		}
+		$this->template_compile = $this->params['template_compile'];
 		return true;
 	}
 
@@ -229,7 +269,9 @@ class phpbb_template_filter extends php_user_filter
 	}
 
 	/**
-	* Callback for replacing matched tokens with PHP code
+	* Callback for replacing matched tokens with compiled template code.
+	*
+	* Compiled template code is an HTML stream with embedded PHP.
 	*
 	* @param array $matches Regular expression matches
 	* @return string compiled template code
@@ -317,6 +359,10 @@ class phpbb_template_filter extends php_user_filter
 				return '<!-- ENDPHP -->';
 			break;
 
+			case 'EVENT':
+				return '<?php ' . $this->compile_tag_event($matches[2]) . '?>';
+			break;
+
 			default:
 				return $matches[0];
 			break;
@@ -835,6 +881,97 @@ class phpbb_template_filter extends php_user_filter
 		return "\$_template->_php_include('$tag_args');";
 	}
 
+	/**
+	* Compile EVENT tag.
+	*
+	* $tag_args should be a single string identifying the event.
+	* The event name can contain letters, numbers and underscores only.
+	* If an invalid event name is specified, an E_USER_ERROR will be
+	* triggered.
+	*
+	* Event tags are only functional when the template engine has
+	* an instance of the extension manager. Extension manager would
+	* be called upon to find all extensions listening for the specified
+	* event, and to obtain additional template fragments. All such
+	* template fragments will be compiled and included in the generated
+	* compiled template code for the current template being compiled.
+	*
+	* The above means that whenever an extension is enabled or disabled,
+	* template cache should be cleared in order to update the compiled
+	* template code for the active set of template event listeners.
+	*
+	* This also means that extensions cannot return different template
+	* fragments at different times. Once templates are compiled, changing
+	* such template fragments would have no effect.
+	*
+	* @param string $tag_args EVENT tag arguments, as a string - for EVENT this is the event name
+	* @return string compiled template code
+	*/
+	private function compile_tag_event($tag_args)
+	{
+		if (!preg_match('/^\w+$/', $tag_args))
+		{
+			// The event location is improperly formatted,
+			if ($this->user)
+			{
+				trigger_error($this->user->lang('ERR_TEMPLATE_EVENT_LOCATION', $tag_args), E_USER_ERROR);
+			}
+			else
+			{
+				trigger_error(sprintf('The specified template event location <em>[%s]</em> is improperly formatted.', $tag_args), E_USER_ERROR);
+			}
+		}
+		$location = $tag_args;
+
+		if ($this->extension_manager)
+		{
+			$finder = $this->extension_manager->get_finder();
+
+			$files = $finder
+				->extension_prefix($location)
+				->extension_suffix('.html')
+				->extension_directory("/styles/all/template")
+				->get_files();
+
+			foreach ($this->style_names as $style_name)
+			{
+				$more_files = $finder
+					->extension_prefix($location)
+					->extension_suffix('.html')
+					->extension_directory("/styles/" . $style_name . "/template")
+					->get_files();
+				if (!empty($more_files))
+				{
+					$files = array_merge($files, $more_files);
+					break;
+				}
+			}
+
+			$all_compiled = '';
+			foreach ($files as $file)
+			{
+				$compiled = $this->template_compile->compile_file($file);
+
+				if ($compiled === false)
+				{
+					if ($this->user)
+					{
+						trigger_error($this->user->lang('ERR_TEMPLATE_COMPILATION', phpbb_filter_root_path($file)), E_USER_ERROR);
+					}
+					else
+					{
+						trigger_error(sprintf('The file could not be compiled: %s', phpbb_filter_root_path($file)), E_USER_ERROR);
+					}
+				}
+
+				$all_compiled .= $compiled;
+			}
+			// Need spaces inside php tags as php cannot grok
+			// < ?php? > sans the spaces
+			return ' ?' . '>' . $all_compiled . '<?php ';
+		}
+	}
+
 	/**
 	* parse expression
 	* This is from Smarty

phpBB/includes/template/locator.php

@@ -39,7 +39,7 @@ interface phpbb_template_locator
 	* Sets the template filenames for handles. $filename_array
 	* should be a hash of handle => filename pairs.
 	*
-	* @param array $filname_array Should be a hash of handle => filename pairs.
+	* @param array $filename_array Should be a hash of handle => filename pairs.
 	*/
 	public function set_filenames(array $filename_array);
 
@@ -66,7 +66,7 @@ interface phpbb_template_locator
 	* returns actually exists, it is faster than get_source_file_for_handle.
 	*
 	* Use get_source_file_for_handle to obtain the actual path that is
-	* guaranteed to exist (which might come from the parent style 
+	* guaranteed to exist (which might come from the parent style
 	* directory if primary style has parent styles).
 	*
 	* This function will trigger an error if the handle was never

phpBB/includes/template/template.php

@@ -74,6 +74,23 @@ class phpbb_template
 	*/
 	private $locator;
 
+	/**
+	* Extension manager.
+	*
+	* @var phpbb_extension_manager
+	*/
+	private $extension_manager;
+
+	/**
+	* Name of the style that the template being compiled and/or rendered
+	* belongs to, and its parents, in inheritance tree order.
+	*
+	* Used to invoke style-specific template events.
+	*
+	* @var array
+	*/
+	private $style_names;
+
 	/**
 	* Constructor.
 	*
@@ -81,8 +98,9 @@ class phpbb_template
 	* @param user $user current user
 	* @param phpbb_template_locator $locator template locator
 	* @param phpbb_template_context $context template context
+	* @param phpbb_extension_manager $extension_manager extension manager, if null then template events will not be invoked
 	*/
-	public function __construct($phpbb_root_path, $php_ext, $config, $user, phpbb_template_locator $locator, phpbb_template_context $context)
+	public function __construct($phpbb_root_path, $php_ext, $config, $user, phpbb_template_locator $locator, phpbb_template_context $context, phpbb_extension_manager $extension_manager = null)
 	{
 		$this->phpbb_root_path = $phpbb_root_path;
 		$this->php_ext = $php_ext;
@@ -90,12 +108,13 @@ class phpbb_template
 		$this->user = $user;
 		$this->locator = $locator;
 		$this->context = $context;
+		$this->extension_manager = $extension_manager;
 	}
 
 	/**
 	* Sets the template filenames for handles.
 	*
-	* @param array $filname_array Should be a hash of handle => filename pairs.
+	* @param array $filename_array Should be a hash of handle => filename pairs.
 	*/
 	public function set_filenames(array $filename_array)
 	{
@@ -104,6 +123,18 @@ class phpbb_template
 		return true;
 	}
 
+	/**
+	* Sets the style names corresponding to style hierarchy being compiled
+	* and/or rendered.
+	*
+	* @param array $style_names List of style names in inheritance tree order
+	* @return null
+	*/
+	public function set_style_names(array $style_names)
+	{
+		$this->style_names = $style_names;
+	}
+
 	/**
 	* Clears all variables and blocks assigned to this template.
 	*/
@@ -282,7 +313,7 @@ class phpbb_template
 			return new phpbb_template_renderer_include($output_file, $this);
 		}
 
-		$compile = new phpbb_template_compile($this->config['tpl_allow_php'], $this->locator, $this->phpbb_root_path);
+		$compile = new phpbb_template_compile($this->config['tpl_allow_php'], $this->style_names, $this->locator, $this->phpbb_root_path, $this->extension_manager, $this->user);
 
 		if ($compile->compile_file_to_file($source_file, $output_file) !== false)
 		{

phpBB/includes/ucp/info/ucp_profile.php

@@ -19,7 +19,7 @@ class ucp_profile_info
 			'title'		=> 'UCP_PROFILE',
 			'version'	=> '1.0.0',
 			'modes'		=> array(
-				'profile_info'	=> array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => '', 'cat' => array('UCP_PROFILE')),
+				'profile_info'	=> array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => 'acl_u_chgprofileinfo', 'cat' => array('UCP_PROFILE')),
 				'signature'		=> array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => 'acl_u_sig', 'cat' => array('UCP_PROFILE')),
 				'avatar'		=> array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')),
 				'reg_details'	=> array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')),

phpBB/includes/ucp/ucp_profile.php

@@ -251,6 +251,11 @@ class ucp_profile
 			break;
 
 			case 'profile_info':
+				// Do not display profile information panel if not authed to do so
+				if (!$auth->acl_get('u_chgprofileinfo'))
+				{
+					trigger_error('NO_AUTH_PROFILEINFO');
+				}
 
 				include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);