mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-18 22:58:10 +01:00
Code Issues Releases Wiki Activity

Merge commit 'release-3.0.2-RC1'

Browse Source
This commit is contained in:
Nils Adermann 2010-03-02 01:05:38 +01:00
commit ee781806eb
99 changed files with 735 additions and 278 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
phpBB/adm/images/progress_bar.gif Executable file → Normal file
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.3 KiB

After

Width:  |  Height:  |  Size: 1.3 KiB

3
phpBB/adm/index.php
View File

@ -45,7 +45,7 @@ define('IN_ADMIN', true);
$phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : './';
// Some oft used variables
$safe_mode = (@ini_get('safe_mode') == '1' || @strtolower(ini_get('safe_mode')) === 'on') ? true : false;
$safe_mode = (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) === 'on') ? true : false;
$file_uploads = (@ini_get('file_uploads') == '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false;
$module_id = request_var('i', '');
$mode = request_var('mode', '');
@ -116,6 +116,7 @@ function adm_page_header($page_title)
'ROOT_PATH' => $phpbb_admin_path,
'U_LOGOUT' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout'),
'U_ADM_LOGOUT' => append_sid("{$phpbb_admin_path}index.$phpEx", 'action=admlogout'),
'U_ADM_INDEX' => append_sid("{$phpbb_admin_path}index.$phpEx"),
'U_INDEX' => append_sid("{$phpbb_root_path}index.$phpEx"),

2
phpBB/adm/style/acp_forums.html
View File

@ -96,7 +96,7 @@
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE} :: {FORUM_NAME}</h1>
<h1>{L_TITLE} <!-- IF FORUM_NAME -->:: {FORUM_NAME}<!-- ENDIF --></h1>
<p>{L_FORUM_EDIT_EXPLAIN}</p>

0
phpBB/adm/style/acp_inactive.html Executable file → Normal file
View File

0
phpBB/adm/style/install_convert.html Executable file → Normal file
View File

0
phpBB/adm/style/install_error.html Executable file → Normal file
View File

0
phpBB/adm/style/install_footer.html Executable file → Normal file
View File

0
phpBB/adm/style/install_header.html Executable file → Normal file
View File

0
phpBB/adm/style/install_install.html Executable file → Normal file
View File

0
phpBB/adm/style/install_main.html Executable file → Normal file
View File

4
phpBB/adm/style/overall_header.html
View File

@ -181,11 +181,11 @@ function switch_menu()
<span class="corners-top"><span></span></span>
<div id="content">
<!-- IF not S_USER_NOTICE -->
<div id="toggle">
<div id="toggle">
<a id="toggle-handle" accesskey="m" title="{L_MENU_TOGGLE}" onclick="switch_menu(); return false;" href="#"></a></div>
<!-- ENDIF -->
<div id="menu">
<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;]</p>
<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;][&nbsp;<a href="{U_ADM_LOGOUT}">{L_ADM_LOGOUT}</a>&nbsp;]</p>
<ul>
<!-- BEGIN l_block1 -->
<!-- IF l_block1.S_SELECTED -->

0
phpBB/develop/adjust_avatars.php Executable file → Normal file
View File

0
phpBB/develop/adjust_uids.php Executable file → Normal file
View File

0
phpBB/develop/repair_bots.php Executable file → Normal file
View File

65
phpBB/docs/CHANGELOG.html
View File

@ -53,6 +53,7 @@
<ol>
<li><a href="#changelog">Changelog</a>
<ol style="list-style-type: lower-roman;">
<li><a href="#v301">Changes since 3.0.1</a></li>
<li><a href="#v300">Changes since 3.0.0</a></li>
<li><a href="#v30rc8">Changes since RC-8</a></li>
<li><a href="#v30rc7">Changes since RC-7</a></li>
@ -81,7 +82,49 @@
<div class="content">
<a name="v300"></a><h3>1.i. Changes since 3.0.0</h3>
<a name="v301"></a><h3>1.i. Changes since 3.0.1</h3>
<ul>
<li>[Fix] Ability to set permissions on non-mysql dbms (Bug #24955)</li>
<li>[Fix] Fixed blank style on setups having no username defined within config.php (Bug #25065)</li>
<li>[Fix] Made the compress_tar class tolerate archives that do not properly have their archived contents listed (Bug #14429 / thanks to JRSweets for his patch)</li>
<li>[Fix] Moved topics should not count towards the number of topics in a forum (Bug #14648 / thanks to Schumi for his patch)</li>
<li>[Fix] Properly check for invalid characters in MySQL DB prefixes during install (Bug #18775)</li>
<li>[Change] Generalize load check (Bug #21255 / thanks to Xipher)</li>
<li>[Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)</li>
<li>[Fix] Bring the PostgreSQL backup system back to working order (Bug #22385)</li>
<li>[Change] Sort the tables at the database table backup screen</li>
<li>[Fix] Update correct theme for cached styles in style.php (Bug #25805)</li>
<li>[Fix] Also add PHPBB_INSTALLED check to download/file.php for inline avatar delivery</li>
<li>[Fix] Unable to login to some jabber server, reverted previous change (Bug #25095)</li>
<li>[Fix] Do not return BMP as valid image type for GD image manipulation (Bug #25925)</li>
<li>[Change] For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)</li>
<li>[Fix] Correctly determine safe mode for temp file creation in functions_upload.php (Bug #23525)</li>
<li>[Fix] Correctly sort by rank in memberlist (Bug #24435)</li>
<li>[Fix] Purge cache after database restore (Bug #24245)</li>
<li>[Fix] Correctly display subforum read/unread icons from RTL in FF3, Konqueror and Safari3+. (thanks arod-1 for the fix, related to Bug #14830)</li>
<li>[Feature] Added optional referer validation of POST requests as additional CSRF protection.</li>
<li>[Fix] Added missing form token in acp (thanks NBBN).</li>
<li>[Feature] Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).</li>
<li>[Fix] Do not remove whitespace in front of url containing the boards url and no relative path appended (Bug #27355)</li>
<li>[Change] Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)</li>
<li>[Feature] Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.</li>
<li>[Feature] Added ACP logout to reset an admin session.</li>
<li>[Fix] reset forum notifications in viewtopic (Bug #28025)</li>
<li>[Fix] corrected link for searching post author's other posts (Bug #26455)</li>
<li>[Fix] HTTP Authentication supports UTF-8 usernames now (Bug #21135)</li>
<li>[Fix] Topic searches by author no longer return invalid results (Bug #11777)</li>
<li>[Change] Don't allow redirects to different domains. (thanks nookieman)</li>
<li>[Fix] Delete drafts and bookmarks when deleting an user. (#27585, thanks Schumi for the fix)</li>
<li>[Fix] Set last_post_subject for new topics. (#23945)</li>
<li>[Fix] Allow moving posts to invisible forums. (#27325)</li>
<li>[Fix] Don't allow promoting unapproved group members (#16124)</li>
<li>[Fix] Correctly fetch server name if using non-standard port (#27395)</li>
<li>[Fix] Regular expression for email matching in posts will no longer die on long words.</li>
<li>[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)</li>
</ul>
<a name="v300"></a><h3>1.ii. Changes since 3.0.0</h3>
<ul>
<li>[Change] Validate birthdays (Bug #15004)</li>
@ -99,7 +142,7 @@
<li>[Fix] Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385)</li>
<li>[Fix] Check entered imagemagick path for trailing slash (Bug #18205)</li>
<li>[Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide</li>
<li>[Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)</li>
<li>[Fix] Allow calls to $user-&gt;set_cookie() define no cookie time for setting session cookies (Bug #18025)</li>
<li>[Fix] Stricter checks on smilie packs (Bug #19675)</li>
<li>[Fix] Gracefully return from cancelling pm drafts (Bug #19675)</li>
<li>[Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)</li>
@ -152,7 +195,7 @@
<li>[Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)</li>
</ul>
<a name="v30rc8"></a><h3>1.i. Changes since 3.0.RC8</h3>
<a name="v30rc8"></a><h3>1.iii. Changes since 3.0.RC8</h3>
<ul>
<li>[Fix] Cleaned usernames contain only single spaces, so &quot;a_name&quot; and &quot;a__name&quot; are treated as the same name (Bug #15634)</li>
@ -161,7 +204,7 @@
<li>[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)</li>
</ul>
<a name="v30rc7"></a><h3>1.ii. Changes since 3.0.RC7</h3>
<a name="v30rc7"></a><h3>1.iv. Changes since 3.0.RC7</h3>
<ul>
<li>[Fix] Fixed MSSQL related bug in the update system</li>
@ -196,7 +239,7 @@
<li>[Fix] No duplication of active topics (Bug #15474)</li>
</ul>
<a name="v30rc6"></a><h3>1.iii. Changes since 3.0.RC6</h3>
<a name="v30rc6"></a><h3>1.v. Changes since 3.0.RC6</h3>
<ul>
<li>[Fix] Submitting language changes using acp_language (Bug #14736)</li>
@ -206,7 +249,7 @@
<li>[Fix] Able to request new password (Bug #14743)</li>
</ul>
<a name="v30rc5"></a><h3>1.iv. Changes since 3.0.RC5</h3>
<a name="v30rc5"></a><h3>1.vi. Changes since 3.0.RC5</h3>
<ul>
<li>[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.</li>
@ -269,7 +312,7 @@
<li>[Sec] New password hashing mechanism for storing passwords (#i42)</li>
</ul>
<a name="v30rc4"></a><h3>1.v. Changes since 3.0.RC4</h3>
<a name="v30rc4"></a><h3>1.vii. Changes since 3.0.RC4</h3>
<ul>
<li>[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)</li>
@ -320,7 +363,7 @@
<li>[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)</li>
</ul>
<a name="v30rc3"></a><h3>1.vi. Changes since 3.0.RC3</h3>
<a name="v30rc3"></a><h3>1.viii. Changes since 3.0.RC3</h3>
<ul>
<li>[Fix] Fixing some subsilver2 and prosilver style issues</li>
@ -429,7 +472,7 @@
</ul>
<a name="v30rc2"></a><h3>1.vii. Changes since 3.0.RC2</h3>
<a name="v30rc2"></a><h3>1.ix. Changes since 3.0.RC2</h3>
<ul>
<li>[Fix] Re-allow searching within the memberlist</li>
@ -471,11 +514,11 @@
<li>[Fix] Some jabber related bugs (Bug #12989, #11805, #11809)</li>
<li>[Fix] Added UTF-8 support for banning via the MCP (Bug #13013)</li>
<li>[Fix] Properly detect the script name in session::extract_current_page() if PHP_SELF is not defined (Bug #12705) - patch provided by ToonArmy</li>
<li>[Fix] Show role mask for global permission class under Permissions->Permission Roles (Bug #13057)</li>
<li>[Fix] Show role mask for global permission class under Permissions-&gt;Permission Roles (Bug #13057)</li>
</ul>
<a name="v30rc1"></a><h3>1.viii. Changes since 3.0.RC1</h3>
<a name="v30rc1"></a><h3>1.x. Changes since 3.0.RC1</h3>
<ul>
<li>[Fix] (X)HTML issues within the templates (Bug #11255, #11255)</li>

4
phpBB/docs/INSTALL.html
View File

@ -273,7 +273,7 @@
<p>This package is meant for those wanting to only replace changed files from a previous version to the latest version. This package normally contains the changed files from up to five previous versions.</p>
<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.0</samp> you should select the phpBB-3.0.0_to_3.0.1.zip/tar.gz file.</p>
<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.1</samp> you should select the phpBB-3.0.1_to_3.0.2.zip/tar.gz file.</p>
<p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any MODs these files will overwrite the originals possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
@ -285,7 +285,7 @@
<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the preferred update method.</p>
<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.0 you need the phpBB-3.0.0_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.1 you need the phpBB-3.0.1_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
<p>If you do get failures you should look at using the <a href="#update_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Modifications (MODs) to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>

2
phpBB/docs/coding-guidelines.html
View File

@ -1450,7 +1450,7 @@ div
<h4>What are Unicode, UCS and UTF-8?</h4>
<p>The <a href="http://en.wikipedia.org/wiki/Universal_Character_Set">Universal Character Set (UCS)</a> described in ISO/IEC 10646 consists of a large amount of characters. Each of them has a unique name and a code point which is an integer number. <a href="http://en.wikipedia.org/wiki/Unicode">Unicode</a> - which is an industry standard - complements the Universal Character Set with further information about the characters' properties and alternative character encodings. More information on Unicode can be found on the <a href="http://www.unicode.org/">Unicode Consortium's website</a>. One of the Unicode encodings is the <a href="http://en.wikipedia.org/wiki/UTF-8">8-bit Unicode Transformation Format (UTF-8)</a>. It encodes characters with up to four bytes aiming for maximum compatability with the <a href="http://en.wikipedia.org/wiki/ASCII">American Standard Code for Information Interchange</a> which is a 7-bit encoding of a relatively small subset of the UCS.</p>
<p>The <a href="http://en.wikipedia.org/wiki/Universal_Character_Set">Universal Character Set (UCS)</a> described in ISO/IEC 10646 consists of a large amount of characters. Each of them has a unique name and a code point which is an integer number. <a href="http://en.wikipedia.org/wiki/Unicode">Unicode</a> - which is an industry standard - complements the Universal Character Set with further information about the characters' properties and alternative character encodings. More information on Unicode can be found on the <a href="http://www.unicode.org/">Unicode Consortium's website</a>. One of the Unicode encodings is the <a href="http://en.wikipedia.org/wiki/UTF-8">8-bit Unicode Transformation Format (UTF-8)</a>. It encodes characters with up to four bytes aiming for maximum compatibility with the <a href="http://en.wikipedia.org/wiki/ASCII">American Standard Code for Information Interchange</a> which is a 7-bit encoding of a relatively small subset of the UCS.</p>
<h4>phpBB's use of Unicode</h4>
<p>Unfortunately PHP does not faciliate the use of Unicode prior to version 6. Most functions simply treat strings as sequences of bytes assuming that each character takes up exactly one byte. This behaviour still allows for storing UTF-8 encoded text in PHP strings but many operations on strings have unexpected results. To circumvent this problem we have created some alternative functions to PHP's native string operations which use code points instead of bytes. These functions can be found in <code>/includes/utf/utf_tools.php</code>. They are also covered in the <a href="http://area51.phpbb.com/docs/code/">phpBB3 Sourcecode Documentation</a>. A lot of native PHP functions still work with UTF-8 as long as you stick to certain restrictions. For example <code>explode</code> still works as long as the first and the last character of the delimiter string are ASCII characters.</p>

6
phpBB/download/file.php
View File

@ -18,6 +18,12 @@ $phpEx = substr(strrchr(__FILE__, '.'), 1);
if (isset($_GET['avatar']))
{
require($phpbb_root_path . 'config.' . $phpEx);
if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
{
exit;
}
require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx);
require($phpbb_root_path . 'includes/cache.' . $phpEx);
require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);

0
phpBB/download/index.htm Executable file → Normal file
View File

0
phpBB/images/avatars/upload/.htaccess Executable file → Normal file
View File

16
phpBB/includes/acp/acp_attachments.php
View File

@ -117,7 +117,9 @@ class acp_attachments
'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'legend2' => $l_legend_cat_images,
'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
@ -156,7 +158,7 @@ class acp_attachments
if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
{
$size_var = request_var($config_name, '');
$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? ($config_value << 10) : (($size_var == 'mb') ? ($config_value << 20) : $config_value);
$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
}
if ($submit)
@ -277,13 +279,19 @@ class acp_attachments
{
$l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
}
$content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
if (empty($content))
{
continue;
}
$template->assign_block_vars('options', array(
'KEY' => $config_key,
'TITLE' => $user->lang[$vars['lang']],
'S_EXPLAIN' => $vars['explain'],
'TITLE_EXPLAIN' => $l_explain,
'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars),
'CONTENT' => $content,
)
);
@ -504,7 +512,7 @@ class acp_attachments
$allowed_forums = request_var('allowed_forums', array(0));
$allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false;
$max_filesize = request_var('max_filesize', 0);
$max_filesize = ($size_select == 'kb') ? ($max_filesize << 10) : (($size_select == 'mb') ? ($max_filesize << 20) : $max_filesize);
$max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
$allow_group = (isset($_POST['allow_group'])) ? true : false;
if ($max_filesize == $config['max_filesize'])

43
phpBB/includes/acp/acp_board.php
View File

@ -164,21 +164,21 @@ class acp_board
'legend2' => 'POSTING',
'bump_type' => false,
'edit_time' => array('lang' => 'EDIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'display_last_edited' => array('lang' => 'DISPLAY_LAST_EDITED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'flood_interval' => array('lang' => 'FLOOD_INTERVAL', 'validate' => 'int:0', 'type' => 'text:3:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'bump_interval' => array('lang' => 'BUMP_INTERVAL', 'validate' => 'int:0', 'type' => 'custom', 'method' => 'bump_interval', 'explain' => true),
'topics_per_page' => array('lang' => 'TOPICS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'posts_per_page' => array('lang' => 'POSTS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_quote_depth' => array('lang' => 'QUOTE_DEPTH_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_img_width' => array('lang' => 'MAX_POST_IMG_WIDTH', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_post_img_height' => array('lang' => 'MAX_POST_IMG_HEIGHT', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'edit_time' => array('lang' => 'EDIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'display_last_edited' => array('lang' => 'DISPLAY_LAST_EDITED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'flood_interval' => array('lang' => 'FLOOD_INTERVAL', 'validate' => 'int:0', 'type' => 'text:3:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'bump_interval' => array('lang' => 'BUMP_INTERVAL', 'validate' => 'int:0', 'type' => 'custom', 'method' => 'bump_interval', 'explain' => true),
'topics_per_page' => array('lang' => 'TOPICS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'posts_per_page' => array('lang' => 'POSTS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:2:127', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_quote_depth' => array('lang' => 'QUOTE_DEPTH_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_img_width' => array('lang' => 'MAX_POST_IMG_WIDTH', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_post_img_height' => array('lang' => 'MAX_POST_IMG_HEIGHT', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
)
);
break;
@ -323,6 +323,7 @@ class acp_board
'ip_check' => array('lang' => 'IP_VALID', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true),
'browser_check' => array('lang' => 'BROWSER_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'forwarded_for_check' => array('lang' => 'FORWARDED_FOR_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'referer_validation' => array('lang' => 'REFERER_VALID', 'validate' => 'int:0:3','type' => 'custom', 'method' => 'select_ref_check', 'explain' => true),
'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
@ -569,7 +570,7 @@ class acp_board
'TITLE' => (isset($user->lang[$vars['lang']])) ? $user->lang[$vars['lang']] : $vars['lang'],
'S_EXPLAIN' => $vars['explain'],
'TITLE_EXPLAIN' => $l_explain,
'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars),
'CONTENT' => $content,
)
);
@ -676,7 +677,17 @@ class acp_board
return h_radio('config[ip_check]', $radio_ary, $value, $key);
}
/**
* Select referer validation
*/
function select_ref_check($value, $key = '')
{
$radio_ary = array(REFERER_VALIDATE_PATH => 'REF_PATH', REFERER_VALIDATE_HOST => 'REF_HOST', REFERER_VALIDATE_NONE => 'NO_REF_VALIDATION');
return h_radio('config[referer_validation]', $radio_ary, $value, $key);
}
/**
* Select account activation method
*/

8
phpBB/includes/acp/acp_captcha.php
View File

@ -29,7 +29,7 @@ class acp_captcha
$user->add_lang('acp/board');
$captcha_vars = array(
'captcha_gd_x_grid' => 'CAPTCHA_GD_X_GRID',
'captcha_gd_y_grid' => 'CAPTCHA_GD_Y_GRID',
@ -54,7 +54,7 @@ class acp_captcha
}
$captcha = new captcha();
$captcha->execute(gen_rand_string(mt_rand(5, 8)), time());
exit_handler();
exit;
}
$config_vars = array(
@ -90,7 +90,7 @@ class acp_captcha
}
else
{
$preview_image_src = append_sid(append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;demo=demo"));
if (@extension_loaded('gd'))
{
@ -110,7 +110,7 @@ class acp_captcha
'CAPTCHA_PREVIEW' => $preview_image_src,
'PREVIEW' => isset($_POST['preview']),
));
}
}
}

33
phpBB/includes/acp/acp_database.php
View File

@ -25,7 +25,7 @@ class acp_database
function main($id, $mode)
{
global $db, $user, $auth, $template, $table_prefix;
global $cache, $db, $user, $auth, $template, $table_prefix;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$user->add_lang('acp/database');
@ -159,18 +159,20 @@ class acp_database
$extractor->write_end();
add_log('admin', 'LOG_DB_BACKUP');
if ($download == true)
{
exit;
}
add_log('admin', 'LOG_DB_BACKUP');
trigger_error($user->lang['BACKUP_SUCCESS'] . adm_back_link($this->u_action));
break;
default:
include($phpbb_root_path . 'includes/functions_install.' . $phpEx);
$tables = get_tables($db);
asort($tables);
foreach ($tables as $table_name)
{
if (strlen($table_prefix) === 0 || stripos($table_name, $table_prefix) === 0)
@ -345,7 +347,25 @@ class acp_database
while (($sql = $fgetd($fp, $delim, $read, $seek, $eof)) !== false)
{
$query = trim($sql);
$db->sql_query($query);
if (substr($query, 0, 13) == 'CREATE DOMAIN')
{
list(, , $domain) = explode(' ', $query);
$sql = "SELECT domain_name
FROM information_schema.domains
WHERE domain_name = '$domain';";
$result = $db->sql_query($sql);
if (!$db->sql_fetchrow($result))
{
$db->sql_query($query);
}
$db->sql_freeresult($result);
}
else
{
$db->sql_query($query);
}
if (substr($query, 0, 4) == 'COPY')
{
while (($sub = $fgetd($fp, "\n", $read, $seek, $eof)) !== '\.')
@ -380,6 +400,9 @@ class acp_database
$close($fp);
// Purge the cache due to updated data
$cache->purge();
add_log('admin', 'LOG_DB_RESTORE');
trigger_error($user->lang['RESTORE_SUCCESS'] . adm_back_link($this->u_action));
break;
@ -1087,7 +1110,7 @@ class postgres_extractor extends base_extractor
}
$sql_data = '-- Table: ' . $table_name . "\n";
//$sql_data .= "DROP TABLE $table_name;\n";
$sql_data .= "DROP TABLE $table_name;\n";
// PGSQL does not "tightly" bind sequences and tables, we must guess...
$sql = "SELECT relname
FROM pg_class
@ -1156,7 +1179,7 @@ class postgres_extractor extends base_extractor
$line .= ')';
}
if (!empty($row['rowdefault']))
if (isset($row['rowdefault']))
{
$line .= ' DEFAULT ' . $row['rowdefault'];
}

22
phpBB/includes/acp/acp_forums.php
View File

@ -56,7 +56,7 @@ class acp_forums
$total = request_var('total', 0);
$this->display_progress_bar($start, $total);
exit_handler();
exit;
break;
case 'delete':
@ -74,7 +74,7 @@ class acp_forums
{
trigger_error($user->lang['NO_PERMISSION_FORUM_ADD'] . adm_back_link($this->u_action . '&amp;parent_id=' . $this->parent_id), E_USER_WARNING);
}
break;
}
@ -100,7 +100,7 @@ class acp_forums
$cache->destroy('sql', FORUMS_TABLE);
trigger_error($user->lang['FORUM_DELETED'] . adm_back_link($this->u_action . '&amp;parent_id=' . $this->parent_id));
break;
case 'edit':
@ -189,7 +189,7 @@ class acp_forums
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
WHERE forum_id = ' . (int) $forum_data['forum_id'];
$db->sql_query($sql);
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
WHERE forum_id = ' . (int) $forum_data['forum_id'];
$db->sql_query($sql);
@ -245,7 +245,7 @@ class acp_forums
$auth->acl_clear_prefetch();
$cache->destroy('sql', FORUMS_TABLE);
$acl_url = '&amp;mode=setting_forum_local&amp;forum_id[]=' . $forum_data['forum_id'];
$message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED'];
@ -543,7 +543,7 @@ class acp_forums
$forum_type_options = '';
$forum_type_ary = array(FORUM_CAT => 'CAT', FORUM_POST => 'FORUM', FORUM_LINK => 'LINK');
foreach ($forum_type_ary as $value => $lang)
{
$forum_type_options .= '<option value="' . $value . '"' . (($value == $forum_data['forum_type']) ? ' selected="selected"' : '') . '>' . $user->lang['TYPE_' . $lang] . '</option>';
@ -613,7 +613,7 @@ class acp_forums
}
}
}
if (strlen($forum_data['forum_password']) == 32)
{
$errors[] = $user->lang['FORUM_PASSWORD_OLD'];
@ -918,7 +918,7 @@ class acp_forums
$forum_data['prune_days'] = $forum_data['prune_viewed'] = $forum_data['prune_freq'] = 0;
$errors[] = $user->lang['FORUM_DATA_NEGATIVE'];
}
$range_test_ary = array(
array('lang' => 'FORUM_TOPICS_PAGE', 'value' => $forum_data['forum_topics_per_page'], 'column_type' => 'TINT:0'),
);
@ -974,7 +974,7 @@ class acp_forums
$forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']);
}
unset($forum_data_sql['forum_password_unset']);
if (!isset($forum_data_sql['forum_id']))
{
// no forum_id means we're creating a new forum
@ -1632,7 +1632,7 @@ class acp_forums
WHERE p.forum_id = $forum_id
AND a.in_message = 0
AND a.topic_id = p.topic_id";
$result = $db->sql_query($sql);
$result = $db->sql_query($sql);
$topic_ids = array();
while ($row = $db->sql_fetchrow($result))
@ -1690,7 +1690,7 @@ class acp_forums
break;
default:
// Delete everything else and curse your DB for not offering multi-table deletion
$tables_ary = array(
'post_id' => array(

36
phpBB/includes/acp/acp_groups.php
View File

@ -87,24 +87,32 @@ class acp_groups
// Approve, demote or promote
$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
switch ($action)
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error)
{
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
switch ($action)
{
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;action=list&amp;g=' . $group_id));
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;action=list&amp;g=' . $group_id));
else
{
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;action=list&amp;g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':

4
phpBB/includes/acp/acp_icons.php
View File

@ -436,7 +436,7 @@ class acp_icons
default:
$suc_lang = $lang;
}
$errormsgs = '<br />';
$errormsgs = '';
foreach ($errors as $img => $error)
{
$errormsgs .= '<br />' . sprintf($user->lang[$error], $img);
@ -447,7 +447,7 @@ class acp_icons
}
else
{
trigger_error($user->lang[$suc_lang . '_ADDED'] . $errormsgs .adm_back_link($this->u_action), $level);
trigger_error($user->lang[$suc_lang . '_ADDED'] . $errormsgs . adm_back_link($this->u_action), $level);
}
break;

0
phpBB/includes/acp/acp_inactive.php Executable file → Normal file
View File

9
phpBB/includes/acp/acp_main.php
View File

@ -61,6 +61,14 @@ class acp_main
if ($action)
{
if ($action === 'admlogout')
{
$user->unset_admin();
$redirect_url = append_sid("{$phpbb_root_path}index.$phpEx");
meta_refresh(3, $redirect_url);
trigger_error($user->lang['ADM_LOGGED_OUT'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . $redirect_url . '">', '</a>'));
}
if (!confirm_box(true))
{
switch ($action)
@ -108,6 +116,7 @@ class acp_main
{
switch ($action)
{
case 'online':
if (!$auth->acl_get('a_board'))
{

2
phpBB/includes/acp/acp_permissions.php
View File

@ -1156,7 +1156,7 @@ class acp_permissions
}
// Not ideal, due to the filesort, non-use of indexes, etc.
$sql = 'SELECT DISTINCT u.user_id, u.username
$sql = 'SELECT DISTINCT u.user_id, u.username, u.username_clean, u.user_regdate
FROM ' . USERS_TABLE . ' u, ' . ACL_USERS_TABLE . " a
WHERE u.user_id = a.user_id
$sql_forum_id

9
phpBB/includes/acp/acp_styles.php
View File

@ -695,6 +695,15 @@ parse_css_file = {PARSE_CSS_FILE}
{
trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($save_changes && !check_form_key('acp_styles'))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
else if (!$save_changes)
{
add_form_key('acp_styles');
}
// save changes to the template if the user submitted any
if ($save_changes && $template_file)

0
phpBB/includes/acp/info/acp_inactive.php Executable file → Normal file
View File

2
phpBB/includes/auth.php
View File

@ -800,7 +800,7 @@ class auth
{
$this->_set_group_hold_ary($hold_ary[$row['forum_id']], $row['auth_option_id'], $row['auth_setting']);
}
else
else if (!empty($this->role_cache[$row['auth_role_id']]))
{
foreach (unserialize($this->role_cache[$row['auth_role_id']]) as $option_id => $setting)
{

6
phpBB/includes/auth/auth_apache.php
View File

@ -148,8 +148,8 @@ function autologin_apache()
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
set_var($php_auth_user, $php_auth_user, 'string');
set_var($php_auth_pw, $php_auth_pw, 'string');
set_var($php_auth_user, $php_auth_user, 'string', true);
set_var($php_auth_pw, $php_auth_pw, 'string', true);
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@ -233,7 +233,7 @@ function validate_session_apache(&$user)
}
$php_auth_user = '';
set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string');
set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true);
return ($php_auth_user === $user['username']) ? true : false;
}

5
phpBB/includes/constants.php
View File

@ -171,6 +171,11 @@ define('FIELD_BOOL', 4);
define('FIELD_DROPDOWN', 5);
define('FIELD_DATE', 6);
// referer validation
define('REFERER_VALIDATE_NONE', 0);
define('REFERER_VALIDATE_HOST', 1);
define('REFERER_VALIDATE_PATH', 2);
// Additional constants
define('VOTE_CONVERTED', 127);

48
phpBB/includes/functions.php
View File

@ -255,7 +255,7 @@ function still_on_time($extra_time = 15)
/**
*
* @version Version 0.1 / $Id$
* @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
*
* Portable PHP password hashing framework.
*
@ -1778,7 +1778,7 @@ function generate_board_url($without_script_path = false)
if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80)))
{
// HTTP HOST can carry a port number...
// HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true)
if (strpos($server_name, ':') === false)
{
$url .= ':' . $server_port;
@ -1801,6 +1801,7 @@ function generate_board_url($without_script_path = false)
/**
* Redirects the user to another page then exits the script nicely
* This function is intended for urls within the board. It's not meant to redirect to cross-domains.
*/
function redirect($url, $return = false)
{
@ -1829,7 +1830,11 @@ function redirect($url, $return = false)
}
else if (!empty($url_parts['scheme']) && !empty($url_parts['host']))
{
// Full URL
// Attention: only able to redirect within the same domain (yourdomain.com -> www.yourdomain.com will not work)
if ($url_parts['host'] !== $user->host)
{
$url = generate_board_url();
}
}
else if ($url[0] == '/')
{
@ -2045,11 +2050,14 @@ function meta_refresh($time, $url)
global $template;
$url = redirect($url, true);
$url = str_replace('&', '&amp;', $url);
// For XHTML compatibility we change back & to &amp;
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="' . $time . ';url=' . str_replace('&', '&amp;', $url) . '" />')
'META' => '<meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />')
);
return $url;
}
//Form validation
@ -2331,7 +2339,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
return;
}
meta_refresh(3, $redirect);
$redirect = meta_refresh(3, $redirect);
trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
}
@ -2771,7 +2779,7 @@ function get_preg_expression($mode)
switch ($mode)
{
case 'email':
return '(?:[a-z0-9\'\.\-_\+\|]|&amp;)+@[a-z0-9\-]+\.(?:[a-z0-9\-]+\.)*[a-z]+';
return '(?:[a-z0-9\'\.\-_\+\|]++|&amp;)+@[a-z0-9\-]+\.(?:[a-z0-9\-]+\.)*[a-z]+';
break;
case 'bbcode_htm':
@ -2941,9 +2949,15 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
{
// flush the content, else we get a white page if output buffering is on
if ((int) @ini_get('output_buffering') === 1 || strtolower(@ini_get('output_buffering')) === 'on')
{
@ob_flush();
}
// Another quick fix for those having gzip compression enabled, but do not flush if the coder wants to catch "something". ;)
if ($config['gzip_compress'])
{
if (@extension_loaded('zlib') && !headers_sent())
if (@extension_loaded('zlib') && !headers_sent() && !ob_get_level())
{
@ob_flush();
}
@ -3106,16 +3120,16 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
function obtain_guest_count($forum_id = 0)
{
global $db, $config;
if ($forum_id)
{
$reading_sql = ' AND s.session_forum_id = ' . (int) $forum_id;
}
}
else
{
$reading_sql = '';
}
$time = (time() - (intval($config['load_online_time']) * 60));
$time = (time() - (intval($config['load_online_time']) * 60));
// Get number of online guests
@ -3141,7 +3155,7 @@ function obtain_guest_count($forum_id = 0)
$result = $db->sql_query($sql, 60);
$guests_online = (int) $db->sql_fetchfield('num_guests');
$db->sql_freeresult($result);
return $guests_online;
}
@ -3173,16 +3187,16 @@ function obtain_users_online($forum_id = 0)
{
$online_users['guests_online'] = obtain_guest_count($forum_id);
}
// a little discrete magic to cache this for 30 seconds
$time = (time() - (intval($config['load_online_time']) * 60));
$time = (time() - (intval($config['load_online_time']) * 60));
$sql = 'SELECT s.session_user_id, s.session_ip, s.session_viewonline
FROM ' . SESSIONS_TABLE . ' s
WHERE s.session_time >= ' . ($time - ((int) ($time % 30))) .
$reading_sql .
' AND s.session_user_id <> ' . ANONYMOUS;
$result = $db->sql_query($sql, 30);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
@ -3203,7 +3217,7 @@ function obtain_users_online($forum_id = 0)
}
$online_users['total_online'] = $online_users['guests_online'] + $online_users['visible_online'] + $online_users['hidden_online'];
$db->sql_freeresult($result);
return $online_users;
}
@ -3652,7 +3666,7 @@ function garbage_collection()
*/
function exit_handler()
{
global $phpbb_hook;
global $phpbb_hook, $config;
if (!empty($phpbb_hook) && $phpbb_hook->call_hook(__FUNCTION__))
{
@ -3663,7 +3677,7 @@ function exit_handler()
}
// As a pre-caution... some setups display a blank page if the flush() is not there.
@flush();
(!$config['gzip_compress']) ? @flush() : @ob_flush();
exit;
}

4
phpBB/includes/functions_admin.php
View File

@ -1545,7 +1545,8 @@ function sync($mode, $where_type = '', $where_ids = '', $resync_parents = false,
$sql = 'SELECT SUM(t.topic_replies + 1) AS forum_posts
FROM ' . TOPICS_TABLE . ' t
WHERE ' . $db->sql_in_set('t.forum_id', $forum_ids) . '
AND t.topic_approved = 1';
AND t.topic_approved = 1
AND t.topic_status <> ' . ITEM_MOVED;
}
else
{
@ -1553,6 +1554,7 @@ function sync($mode, $where_type = '', $where_ids = '', $resync_parents = false,
FROM ' . TOPICS_TABLE . ' t
WHERE ' . $db->sql_in_set('t.forum_id', $forum_ids) . '
AND t.topic_approved = 1
AND t.topic_status <> ' . ITEM_MOVED . '
GROUP BY t.forum_id';
}

68
phpBB/includes/functions_compress.php
View File

@ -179,7 +179,7 @@ class compress_zip extends compress
* Extract archive
*/
function extract($dst)
{
{
// Loop the file, looking for files and folders
$dd_try = false;
rewind($this->fp);
@ -215,6 +215,12 @@ class compress_zip extends compress
// Create and folders and subfolders if they do not exist
foreach ($folders as $folder)
{
$folder = trim($folder);
if (!$folder)
{
continue;
}
$str = (!empty($str)) ? $str . '/' . $folder : $folder;
if (!is_dir($str))
{
@ -231,13 +237,19 @@ class compress_zip extends compress
}
else
{
// Some archivers are punks, they don't don't include folders in their archives!
// Some archivers are punks, they don't include folders in their archives!
$str = '';
$folders = explode('/', pathinfo($target_filename, PATHINFO_DIRNAME));
// Create and folders and subfolders if they do not exist
foreach ($folders as $folder)
{
$folder = trim($folder);
if (!$folder)
{
continue;
}
$str = (!empty($str)) ? $str . '/' . $folder : $folder;
if (!is_dir($str))
{
@ -267,7 +279,7 @@ class compress_zip extends compress
// Not compressed
fwrite($fp, $content);
break;
case 8:
// Deflate
fwrite($fp, gzinflate($content, $data['uc_size']));
@ -278,7 +290,7 @@ class compress_zip extends compress
fwrite($fp, bzdecompress($content));
break;
}
fclose($fp);
break;
@ -288,11 +300,11 @@ class compress_zip extends compress
// This case should simply never happen.. but it does exist..
case "\x50\x4b\x05\x06":
break 2;
// 'Packed to Removable Disk', ignore it and look for the next signature...
case 'PK00':
continue 2;
// We have encountered a header that is weird. Lets look for better data...
default:
if (!$dd_try)
@ -507,16 +519,24 @@ class compress_tar extends compress
$tmp = unpack('A12size', substr($buffer, 124, 12));
$filesize = octdec((int) trim($tmp['size']));
$target_filename = "$dst$filename";
if ($filetype == 5)
{
if (!is_dir("$dst$filename"))
if (!is_dir($target_filename))
{
$str = '';
$folders = explode('/', "$dst$filename");
$folders = explode('/', $target_filename);
// Create and folders and subfolders if they do not exist
foreach ($folders as $folder)
{
$folder = trim($folder);
if (!$folder)
{
continue;
}
$str = (!empty($str)) ? $str . '/' . $folder : $folder;
if (!is_dir($str))
{
@ -529,17 +549,41 @@ class compress_tar extends compress
}
}
}
else if ($filesize != 0 && ($filetype == 0 || $filetype == "\0"))
else if ($filesize >= 0 && ($filetype == 0 || $filetype == "\0"))
{
// Some archivers are punks, they don't properly order the folders in their archives!
$str = '';
$folders = explode('/', pathinfo($target_filename, PATHINFO_DIRNAME));
// Create and folders and subfolders if they do not exist
foreach ($folders as $folder)
{
$folder = trim($folder);
if (!$folder)
{
continue;
}
$str = (!empty($str)) ? $str . '/' . $folder : $folder;
if (!is_dir($str))
{
if (!@mkdir($str, 0777))
{
trigger_error("Could not create directory $folder");
}
@chmod($str, 0777);
}
}
// Write out the files
if (!($fp = fopen("$dst$filename", 'wb')))
if (!($fp = fopen($target_filename, 'wb')))
{
trigger_error("Couldn't create file $filename");
}
@chmod("$dst$filename", 0777);
@chmod($target_filename, 0777);
// Grab the file contents
fwrite($fp, $fzread($this->fp, ($filesize + 511) &~ 511), $filesize);
fwrite($fp, ($filesize) ? $fzread($this->fp, ($filesize + 511) &~ 511) : '', $filesize);
fclose($fp);
}
}

6
phpBB/includes/functions_content.php
View File

@ -438,6 +438,7 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
global $phpbb_root_path, $phpEx;
$uid = $bitfield = '';
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
if (!$text)
{
@ -461,7 +462,6 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
$uid = '';
}
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
$bitfield = $message_parser->bbcode_bitfield;
return;
@ -568,13 +568,13 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
$relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url));
$url = $url . '/' . $relative_url;
$text = $relative_url;
// this url goes to http://domain.tld/path/to/board/ which
// would result in an empty link if treated as local so
// don't touch it and let MAGIC_URL_FULL take care of it.
if (!$relative_url)
{
return $orig_url . '/'; // slash is taken away by relative url pattern
return $whitespace . $orig_url . '/'; // slash is taken away by relative url pattern
}
break;

2
phpBB/includes/functions_install.php
View File

@ -286,7 +286,7 @@ function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix,
{
case 'mysql':
case 'mysqli':
if (strpos($table_prefix, '-') !== false || strpos($table_prefix, '.') !== false)
if (strspn($table_prefix, '-./\\') !== 0)
{
$error[] = $lang['INST_ERR_PREFIX_INVALID'];
return false;

3
phpBB/includes/functions_jabber.php
View File

@ -399,12 +399,13 @@ class jabber
$second_time = isset($this->session['id']);
$this->session['id'] = $xml['stream:stream'][0]['@']['id'];
/** Currently commented out due to problems with some jabber server - reason unknown
if ($second_time)
{
// If we are here for the second time after TLS, we need to continue logging in
$this->login();
return;
}
}*/
// go on with authentication?
if (isset($this->features['stream:features'][0]['#']['bind']) || !empty($this->session['tls']))

11
phpBB/includes/functions_posting.php
View File

@ -358,6 +358,11 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
$upload = new fileupload();
if ($config['check_attachment_content'])
{
$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
}
if (!$local)
{
$filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
@ -524,6 +529,8 @@ function get_supported_image_types($type = false)
if ($type !== false)
{
// Type is one of the IMAGETYPE constants - it is fetched from getimagesize()
// We do not use the constants here, because some were not available in PHP 4.3.x
switch ($type)
{
// GIF
@ -545,8 +552,7 @@ function get_supported_image_types($type = false)
$new_type = ($format & IMG_PNG) ? IMG_PNG : false;
break;
// BMP, WBMP
case 6:
// WBMP
case 15:
$new_type = ($format & IMG_WBMP) ? IMG_WBMP : false;
break;
@ -1856,6 +1862,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
'topic_last_poster_id' => (int) $user->data['user_id'],
'topic_last_poster_name' => (!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : ''),
'topic_last_poster_colour' => $user->data['user_colour'],
'topic_last_post_subject' => (string) $subject,
);
}

26
phpBB/includes/functions_privmsgs.php
View File

@ -208,6 +208,11 @@ function get_folder($user_id, $folder_id = false)
);
}
if ($folder_id !== false && !isset($folder[$folder_id]))
{
trigger_error('UNKNOWN_FOLDER');
}
return $folder;
}
@ -1803,4 +1808,25 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode
return true;
}
/**
* Set correct users max messages in PM folder.
* If several group memberships define different amount of messages, the highest will be chosen.
*/
function set_user_message_limit()
{
global $user, $db, $config;
// Get maximum about from user memberships - if it is 0, there is no limit set and we use the maximum value within the config.
$sql = 'SELECT MAX(g.group_message_limit) as max_message_limit
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
AND ug.group_id = g.group_id';
$result = $db->sql_query($sql);
$message_limit = (int) $db->sql_fetchfield('max_message_limit');
$db->sql_freeresult($result);
$user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit;
}
?>

63
phpBB/includes/functions_upload.php
View File

@ -228,6 +228,34 @@ class filespec
{
return @filesize($filename);
}
/**
* Check the first 256 bytes for forbidden content
*/
function check_content($disallowed_content)
{
if (empty($disallowed_content))
{
return true;
}
$fp = @fopen($this->filename, 'rb');
if ($fp !== false)
{
$ie_mime_relevant = fread($fp, 256);
fclose($fp);
foreach ($disallowed_content as $forbidden)
{
if (stripos($ie_mime_relevant, '<' . $forbidden) !== false)
{
return false;
}
}
}
return true;
}
/**
* Move file to destination folder
@ -257,7 +285,7 @@ class filespec
return false;
}
$upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy';
$upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on') ? 'move' : 'copy';
$upload_mode = ($this->local) ? 'local' : $upload_mode;
$this->destination_file = $this->destination_path . '/' . basename($this->realname);
@ -427,6 +455,7 @@ class fileerror extends filespec
class fileupload
{
var $allowed_extensions = array();
var $disallowed_content = array();
var $max_filesize = 0;
var $min_width = 0;
var $min_height = 0;
@ -446,12 +475,13 @@ class fileupload
* @param int $max_height Maximum image height (only checked for images)
*
*/
function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false)
function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false, $disallowed_content = false)
{
$this->set_allowed_extensions($allowed_extensions);
$this->set_max_filesize($max_filesize);
$this->set_allowed_dimensions($min_width, $min_height, $max_width, $max_height);
$this->set_error_prefix($error_prefix);
$this->set_disallowed_content($disallowed_content);
}
/**
@ -463,6 +493,7 @@ class fileupload
$this->min_width = $this->min_height = $this->max_width = $this->max_height = 0;
$this->error_prefix = '';
$this->allowed_extensions = array();
$this->disallowed_content = array();
}
/**
@ -497,6 +528,17 @@ class fileupload
$this->max_filesize = (int) $max_filesize;
}
}
/**
* Set disallowed strings
*/
function set_disallowed_content($disallowed_content)
{
if ($disallowed_content !== false && is_array($disallowed_content))
{
$this->disallowed_content = $disallowed_content;
}
}
/**
* Set error prefix
@ -741,7 +783,7 @@ class fileupload
return $file;
}
$tmp_path = (!@ini_get('safe_mode')) ? false : $phpbb_root_path . 'cache';
$tmp_path = (!@ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'off') ? false : $phpbb_root_path . 'cache';
$filename = tempnam($tmp_path, unique_id() . '-');
if (!($fp = @fopen($filename, 'wb')))
@ -830,6 +872,12 @@ class fileupload
{
$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_EXTENSION'], $file->get('extension'));
}
// MIME Sniffing
if (!$this->valid_content($file))
{
$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_CONTENT']);
}
}
/**
@ -869,6 +917,15 @@ class fileupload
return (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none') ? true : false;
}
/**
* Check for allowed extension
*/
function valid_content(&$file)
{
return ($file->check_content($this->disallowed_content));
}
/**
* Return image type/extension mapping
*/

32
phpBB/includes/functions_user.php
View File

@ -183,7 +183,6 @@ function user_add($user_row, $cp_data = false)
'user_dateformat' => $config['default_dateformat'],
'user_lang' => $config['default_lang'],
'user_style' => (int) $config['default_style'],
'user_allow_pm' => 1,
'user_actkey' => '',
'user_ip' => '',
'user_regdate' => time(),
@ -486,7 +485,7 @@ function user_delete($mode, $user_id, $post_username = false)
break;
}
$table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE);
$table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE);
foreach ($table_ary as $table)
{
@ -1195,6 +1194,8 @@ function user_ipwhois($ip)
*/
function validate_data($data, $val_ary)
{
global $user;
$error = array();
foreach ($val_ary as $var => $val_seq)
@ -1211,7 +1212,8 @@ function validate_data($data, $val_ary)
if ($result = call_user_func_array('validate_' . $function, $validate))
{
$error[] = $result . '_' . strtoupper($var);
// Since errors are checked later for their language file existence, we need to make sure custom errors are not adjusted.
$error[] = (empty($user->lang[$result . '_' . strtoupper($var)])) ? $result : $result . '_' . strtoupper($var);
}
}
}
@ -1611,9 +1613,9 @@ function validate_email($email, $allowed_email = false)
}
}
if ($user->check_ban(false, false, $email, true) == true)
if (($ban_reason = $user->check_ban(false, false, $email, true)) !== false)
{
return 'EMAIL_BANNED';
return ($ban_reason === true) ? 'EMAIL_BANNED' : $ban_reason;
}
if (!$config['allow_emailreuse'])
@ -1953,7 +1955,7 @@ function avatar_upload($data, &$error)
// Init upload class
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers']));
if (!empty($_FILES['uploadfile']['name']))
{
@ -2909,7 +2911,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
if (!sizeof($user_id_ary) || $result !== false)
{
return false;
return 'NO_USERS';
}
if (!$group_name)
@ -2921,9 +2923,23 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
{
case 'demote':
case 'promote':
$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id
AND user_pending = 1
AND " . $db->sql_in_set('user_id', $user_id_ary);
$result = $db->sql_query_limit($sql, 1);
$not_empty = ($db->sql_fetchrow($result));
$db->sql_freeresult($result);
if ($not_empty)
{
return 'NO_VALID_USERS';
}
$sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET group_leader = ' . (($action == 'promote') ? 1 : 0) . "
WHERE group_id = $group_id
AND user_pending = 0
AND " . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
@ -3017,7 +3033,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
group_update_listings($group_id);
return true;
return false;
}
/**

43
phpBB/includes/mcp/mcp_ban.php
View File

@ -151,7 +151,7 @@ class mcp_ban
'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=mcp_ban&amp;field=ban'),
));
if ($mode != 'user')
if ($mode === 'email' && !$auth->acl_get('a_user'))
{
return;
}
@ -159,15 +159,28 @@ class mcp_ban
// As a "service" we will check if any post id is specified and populate the username of the poster id if given
$post_id = request_var('p', 0);
$user_id = request_var('u', 0);
$username = false;
$username = $pre_fill = false;
if ($user_id && $user_id <> ANONYMOUS)
{
$sql = 'SELECT username
$sql = 'SELECT username, user_email, user_ip
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$username = (string) $db->sql_fetchfield('username');
switch ($mode)
{
case 'user':
$pre_fill = (string) $db->sql_fetchfield('username');
break;
case 'ip':
$pre_fill = (string) $db->sql_fetchfield('user_ip');
break;
case 'email':
$pre_fill = (string) $db->sql_fetchfield('user_email');
break;
}
$db->sql_freeresult($result);
}
else if ($post_id)
@ -176,13 +189,29 @@ class mcp_ban
if (sizeof($post_info) && !empty($post_info[$post_id]))
{
$username = $post_info[$post_id]['username'];
switch ($mode)
{
case 'user':
$pre_fill = $post_info[$post_id]['username'];
break;
case 'ip':
$pre_fill = $post_info[$post_id]['poster_ip'];
break;
case 'email':
$pre_fill = $post_info[$post_id]['user_email'];
break;
}
}
}
if ($username)
if ($pre_fill)
{
$template->assign_var('USERNAMES', $username);
// left for legacy template compatibility
$template->assign_var('USERNAMES', $pre_fill);
$template->assign_var('BAN_QUANTIFIER', $pre_fill);
}
}
}

0
phpBB/includes/mcp/mcp_logs.php Executable file → Normal file
View File

18
phpBB/includes/mcp/mcp_main.php
View File

@ -235,7 +235,7 @@ function lock_unlock($action, $ids)
}
unset($orig_ids);
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$s_hidden_fields = build_hidden_fields(array(
$sql_id . '_list' => $ids,
@ -321,7 +321,7 @@ function change_topic_type($action, $topic_ids)
break;
}
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$s_hidden_fields = array(
'topic_id_list' => $topic_ids,
@ -542,7 +542,7 @@ function mcp_move_topic($topic_ids)
}
$to_forum_id = request_var('to_forum_id', 0);
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$additional_msg = $success_msg = '';
$s_hidden_fields = build_hidden_fields(array(
@ -554,7 +554,7 @@ function mcp_move_topic($topic_ids)
if ($to_forum_id)
{
$forum_data = get_forum_data($to_forum_id);
$forum_data = get_forum_data($to_forum_id, 'f_post');
if (!sizeof($forum_data))
{
@ -762,7 +762,7 @@ function mcp_delete_topic($topic_ids)
return;
}
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$forum_id = request_var('f', 0);
$s_hidden_fields = build_hidden_fields(array(
@ -818,7 +818,7 @@ function mcp_delete_post($post_ids)
return;
}
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$forum_id = request_var('f', 0);
$s_hidden_fields = build_hidden_fields(array(
@ -941,7 +941,7 @@ function mcp_fork_topic($topic_ids)
$to_forum_id = request_var('to_forum_id', 0);
$forum_id = request_var('f', 0);
$redirect = request_var('redirect', build_url(array('_f_', 'action', 'quickmod')));
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$additional_msg = $success_msg = '';
$s_hidden_fields = build_hidden_fields(array(
@ -953,7 +953,7 @@ function mcp_fork_topic($topic_ids)
if ($to_forum_id)
{
$forum_data = get_forum_data($to_forum_id);
$forum_data = get_forum_data($to_forum_id, 'f_post');
if (!sizeof($topic_ids))
{
@ -990,7 +990,7 @@ function mcp_fork_topic($topic_ids)
if (confirm_box(true))
{
$topic_data = get_topic_data($topic_ids);
$topic_data = get_topic_data($topic_ids, 'f_post');
$total_posts = 0;
$new_topic_id_list = array();

0
phpBB/includes/mcp/mcp_notes.php Executable file → Normal file
View File

6
phpBB/includes/mcp/mcp_queue.php
View File

@ -74,7 +74,7 @@ class mcp_queue
$this->tpl_name = 'mcp_post';
$user->add_lang('posting');
$user->add_lang(array('posting', 'viewtopic'));
$post_id = request_var('p', 0);
$topic_id = request_var('t', 0);
@ -459,7 +459,7 @@ function approve_post($post_id_list, $id, $mode)
trigger_error('NOT_AUTHORISED');
}
$redirect = request_var('redirect', build_url(array('_f_', 'quickmod')));
$redirect = request_var('redirect', build_url(array('quickmod')));
$success_msg = '';
$s_hidden_fields = build_hidden_fields(array(
@ -758,7 +758,7 @@ function disapprove_post($post_id_list, $id, $mode)
trigger_error('NOT_AUTHORISED');
}
$redirect = request_var('redirect', build_url(array('t', 'mode', '_f_', 'quickmod')) . "&amp;mode=$mode");
$redirect = request_var('redirect', build_url(array('t', 'mode', 'quickmod')) . "&amp;mode=$mode");
$reason = utf8_normalize_nfc(request_var('reason', '', true));
$reason_id = request_var('reason_id', 0);
$success_msg = $additional_msg = '';

6
phpBB/includes/mcp/mcp_reports.php Executable file → Normal file
View File

@ -450,15 +450,15 @@ function close_report($report_id_list, $mode, $action)
if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false)
{
$redirect = request_var('redirect', build_url(array('mode', '_f_', 'r', 'quickmod')) . '&amp;mode=reports');
$redirect = request_var('redirect', build_url(array('mode', 'r', 'quickmod')) . '&amp;mode=reports');
}
else if ($action == 'close' && !request_var('r', 0))
{
$redirect = request_var('redirect', build_url(array('mode', '_f_', 'p', 'quickmod')) . '&amp;mode=reports');
$redirect = request_var('redirect', build_url(array('mode', 'p', 'quickmod')) . '&amp;mode=reports');
}
else
{
$redirect = request_var('redirect', build_url(array('_f_', 'quickmod')));
$redirect = request_var('redirect', build_url(array('quickmod')));
}
$success_msg = '';
$forum_ids = array();

4
phpBB/includes/mcp/mcp_topic.php
View File

@ -386,7 +386,7 @@ function split_topic($action, $topic_id, $to_forum_id, $subject)
return;
}
$redirect = request_var('redirect', build_url(array('_f_', 'quickmod')));
$redirect = request_var('redirect', build_url(array('quickmod')));
$s_hidden_fields = build_hidden_fields(array(
'i' => 'main',
@ -550,7 +550,7 @@ function merge_posts($topic_id, $to_topic_id)
return;
}
$redirect = request_var('redirect', build_url(array('_f_', 'quickmod')));
$redirect = request_var('redirect', build_url(array('quickmod')));
$s_hidden_fields = build_hidden_fields(array(
'i' => 'main',

6
phpBB/includes/mcp/mcp_warn.php Executable file → Normal file
View File

@ -170,7 +170,7 @@ class mcp_warn
'USERNAME' => $row['username'],
'USERNAME_COLOUR' => ($row['user_colour']) ? '#' . $row['user_colour'] : '',
'U_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $row['user_id']),
'WARNING_TIME' => $user->format_date($row['user_last_warning']),
'WARNINGS' => $row['user_warnings'],
));
@ -262,11 +262,11 @@ class mcp_warn
}
$redirect = append_sid("{$phpbb_root_path}mcp.$phpEx", "i=notes&amp;mode=user_notes&amp;u=$user_id");
meta_refresh(2, $redirect);
trigger_error($user->lang['USER_WARNING_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
trigger_error($msg . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
}
// OK, they didn't submit a warning so lets build the page for them to do so
// We want to make the message available here as a reminder
// Parse the message and subject
$message = censor_text($user_row['post_text']);

6
phpBB/includes/message_parser.php
View File

@ -346,6 +346,12 @@ class bbcode_firstpass extends bbcode
$in = trim($in);
$error = false;
// Do not allow 0-sizes generally being entered
if ($width <= 0 || $height <= 0)
{
return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
}
// Apply the same size checks on flash files as on images
if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
{

4
phpBB/includes/search/fulltext_mysql.php
View File

@ -546,8 +546,8 @@ class fulltext_mysql extends search_backend
break;
case 't':
$sql_sort_table = ($type == 'posts') ? TOPICS_TABLE . ' t, ' : '';
$sql_sort_join = ($type == 'posts') ? ' AND t.topic_id = p.topic_id ' : '';
$sql_sort_table = ($type == 'posts' && !$firstpost_only) ? TOPICS_TABLE . ' t, ' : '';
$sql_sort_join = ($type == 'posts' && !$firstpost_only) ? ' AND t.topic_id = p.topic_id ' : '';
break;
case 'f':

6
phpBB/includes/search/fulltext_native.php Executable file → Normal file
View File

@ -813,8 +813,8 @@ class fulltext_native extends search_backend
break;
case 't':
$sql_sort_table = ($type == 'posts') ? TOPICS_TABLE . ' t, ' : '';
$sql_sort_join = ($type == 'posts') ? ' AND t.topic_id = p.topic_id ' : '';
$sql_sort_table = ($type == 'posts' && !$firstpost_only) ? TOPICS_TABLE . ' t, ' : '';
$sql_sort_join = ($type == 'posts' && !$firstpost_only) ? ' AND t.topic_id = p.topic_id ' : '';
break;
case 'f':
@ -900,7 +900,7 @@ class fulltext_native extends search_backend
if ($type == 'posts')
{
$sql = "SELECT $select
FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($topic_id || $firstpost_only) ? ', ' . TOPICS_TABLE . ' t' : '') . "
FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($firstpost_only) ? ', ' . TOPICS_TABLE . ' t' : '') . "
WHERE $sql_author
$sql_topic_id
$sql_firstpost

0
phpBB/includes/search/search.php Executable file → Normal file
View File

87
phpBB/includes/session.php
View File

@ -68,7 +68,7 @@ class session
foreach ($args as $key => $argument)
{
if (strpos($argument, 'sid=') === 0 || strpos($argument, '_f_=') === 0)
if (strpos($argument, 'sid=') === 0)
{
continue;
}
@ -158,8 +158,16 @@ class session
$this->cookie_data = array('u' => 0, 'k' => '');
$this->update_session_page = $update_session_page;
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : '';
$this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : '';
$this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// Since HTTP_HOST may carry a port definition, we need to remove it here...
if (strpos($this->host, ':') !== false)
{
$this->host = substr($this->host, 0, strpos($this->host, ':'));
}
$this->page = $this->extract_current_page($phpbb_root_path);
// if the forwarded for header shall be checked we have to validate its contents
@ -217,9 +225,9 @@ class session
// Load limit check (if applicable)
if ($config['limit_load'] || $config['limit_search_load'])
{
if ($load = @file_get_contents('/proc/loadavg'))
if ((function_exists('sys_getloadavg') && $load = sys_getloadavg()) || ($load = explode(' ', @file_get_contents('/proc/loadavg'))))
{
$this->load = array_slice(explode(' ', $load), 0, 1);
$this->load = array_slice($load, 0, 1);
$this->load = floatval($this->load[0]);
}
else
@ -264,7 +272,18 @@ class session
$s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : '';
$u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : '';
if ($u_ip === $s_ip && $s_browser === $u_browser && $s_forwarded_for === $u_forwarded_for)
// referer checks
// The @ before $config['referer_validation'] suppresses notices present while running the updater
$check_referer_path = (@$config['referer_validation'] == REFERER_VALIDATE_PATH);
$referer_valid = true;
// we assume HEAD and TRACE to be foul play and thus only whitelist GET
if (@$config['referer_validation'] && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) !== 'get')
{
$referer_valid = $this->validate_referer($check_referer_path);
}
if ($u_ip === $s_ip && $s_browser === $u_browser && $s_forwarded_for === $u_forwarded_for && $referer_valid)
{
$session_expired = false;
@ -343,7 +362,14 @@ class session
// Added logging temporarly to help debug bugs...
if (defined('DEBUG_EXTRA') && $this->data['user_id'] != ANONYMOUS)
{
add_log('critical', 'LOG_IP_BROWSER_FORWARDED_CHECK', $u_ip, $s_ip, $u_browser, $s_browser, htmlspecialchars($u_forwarded_for), htmlspecialchars($s_forwarded_for));
if ($referer_valid)
{
add_log('critical', 'LOG_IP_BROWSER_FORWARDED_CHECK', $u_ip, $s_ip, $u_browser, $s_browser, htmlspecialchars($u_forwarded_for), htmlspecialchars($s_forwarded_for));
}
else
{
add_log('critical', 'LOG_REFERER_INVALID', $this->referer);
}
}
}
}
@ -1101,7 +1127,7 @@ class session
trigger_error($message);
}
return ($banned) ? true : false;
return ($banned && $ban_row['ban_give_reason']) ? $ban_row['ban_give_reason'] : $banned;
}
/**
@ -1279,6 +1305,55 @@ class session
$this->set_login_key($user_id);
}
}
/**
* Check if the request originated from the same page.
* @param bool $check_script_path If true, the path will be checked as well
*/
function validate_referer($check_script_path = false)
{
// no referer - nothing to validate, user's fault for turning it off (we only check on POST; so meta can't be the reason)
if (empty($this->referer) || empty($this->host) )
{
return true;
}
$host = htmlspecialchars($this->host);
$ref = substr($this->referer, strpos($this->referer, '://') + 3);
if (!(stripos($ref , $host) === 0))
{
return false;
}
else if ($check_script_path && rtrim($this->page['root_script_path'], '/') !== '')
{
$ref = substr($ref, strlen($host));
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0)
{
$ref = substr($ref, strlen(":$server_port"));
}
if (!(stripos(rtrim($ref, '/'), rtrim($this->page['root_script_path'], '/')) === 0))
{
return false;
}
}
return true;
}
function unset_admin()
{
global $db;
$sql = 'UPDATE ' . SESSIONS_TABLE . '
SET session_admin = 0
WHERE session_id = \'' . $db->sql_escape($this->session_id) . '\'';
$db->sql_query($sql);
}
}

4
phpBB/includes/ucp/ucp_confirm.php
View File

@ -73,7 +73,9 @@ class ucp_confirm
$captcha = new captcha();
$captcha->execute($row['code'], $row['seed']);
exit;
garbage_collection();
exit_handler();
}
}

19
phpBB/includes/ucp/ucp_pm.php
View File

@ -129,15 +129,7 @@ class ucp_pm
break;
case 'options':
$sql = 'SELECT group_message_limit
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $user->data['group_id'];
$result = $db->sql_query($sql, 3600);
$message_limit = (int) $db->sql_fetchfield('group_message_limit');
$db->sql_freeresult($result);
$user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit;
set_user_message_limit();
get_folder($user->data['user_id']);
include($phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx);
@ -168,14 +160,7 @@ class ucp_pm
case 'view':
$sql = 'SELECT group_message_limit
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $user->data['group_id'];
$result = $db->sql_query($sql, 3600);
$message_limit = (int) $db->sql_fetchfield('group_message_limit');
$db->sql_freeresult($result);
$user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit;
set_user_message_limit();
if ($folder_specified)
{

8
phpBB/includes/ucp/ucp_pm_compose.php
View File

@ -636,7 +636,6 @@ function compose_pm($id, $mode, $action)
'filename_data' => $message_parser->filename_data,
'address_list' => $address_list
);
unset($message_parser);
// ((!$message_subject) ? $subject : $message_subject)
$msg_id = submit_pm($action, $subject, $pm_data);
@ -770,7 +769,6 @@ function compose_pm($id, $mode, $action)
$attachment_data = $message_parser->attachment_data;
$filename_data = $message_parser->filename_data;
$message_text = $message_parser->message;
unset($message_parser);
// MAIN PM PAGE BEGINS HERE
@ -892,8 +890,8 @@ function compose_pm($id, $mode, $action)
// Build hidden address list
$s_hidden_address_field = build_address_field($address_list);
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1);
$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;
@ -1114,7 +1112,7 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove
}
}
/**
/**
* Build the hidden field for the recipients. Needed, as the variable is not read via request_var.
*/
function build_address_field($address_list)

2
phpBB/includes/ucp/ucp_pm_viewfolder.php
View File

@ -493,7 +493,7 @@ function get_pm_from($folder_id, $folder, $user_id)
}
else
{
$pm_count = $folder[$folder_id]['num_messages'];
$pm_count = (!empty($folder[$folder_id]['num_messages'])) ? $folder[$folder_id]['num_messages'] : 0;
$sql_limit_time = '';
}

2
phpBB/includes/utf/utf_tools.php
View File

@ -1840,7 +1840,7 @@ function utf8_clean_string($text)
/**
* A wrapper for htmlspecialchars($value, ENT_COMPAT, 'UTF-8')
*/
function utf8_htmlspecialchars(&$value)
function utf8_htmlspecialchars($value)
{
return htmlspecialchars($value, ENT_COMPAT, 'UTF-8');
}

16
phpBB/install/convertors/convert_phpbb20.php
View File

@ -31,8 +31,8 @@ unset($dbpasswd);
*/
$convertor_data = array(
'forum_name' => 'phpBB 2.0.x',
'version' => '1.0.1',
'phpbb_version' => '3.0.1',
'version' => '1.0.2',
'phpbb_version' => '3.0.2',
'author' => '<a href="http://www.phpbb.com/">phpBB Group</a>',
'dbms' => $dbms,
'dbhost' => $dbhost,
@ -191,7 +191,7 @@ if (!$get_info)
{
$src_db->sql_freeresult($result);
}
/**
* Tests for further MODs can be included here.
@ -265,7 +265,7 @@ if (!$get_info)
* - empty string == execute nothing
* - string == function to execute
* - array == complex execution instructions
*
*
* Complex execution instructions:
* @todo test complex execution instructions - in theory they will work fine
*
@ -307,7 +307,7 @@ if (!$get_info)
array('target', $convert->truncate_statement . SEARCH_WORDMATCH_TABLE),
array('target', $convert->truncate_statement . LOG_TABLE),
),
// with this you are able to import all attachment files on the fly. For large boards this is not an option, therefore commented out by default.
// Instead every file gets copied while processing the corresponding attachment entry.
// if (defined("MOD_ATTACHMENT")) { import_attachment_files(); phpbb_copy_thumbnails(); }
@ -489,7 +489,7 @@ if (!$get_info)
array('poll_max_options', 1, ''),
array('poll_vote_change', 0, ''),
'left_join' => array ( 'topics LEFT JOIN vote_desc ON topics.topic_id = vote_desc.topic_id AND topics.topic_vote = 1',
'left_join' => array ( 'topics LEFT JOIN vote_desc ON topics.topic_id = vote_desc.topic_id AND topics.topic_vote = 1',
'topics LEFT JOIN posts ON topics.topic_last_post_id = posts.post_id',
),
'where' => 'topics.topic_moved_id = 0',
@ -687,7 +687,7 @@ if (!$get_info)
array('user_id', 'users.user_id', 'phpbb_user_id'),
array('folder_name', $user->lang['CONV_SAVED_MESSAGES'], ''),
array('pm_count', 0, ''),
'where' => 'users.user_id <> -1',
),
@ -711,7 +711,7 @@ if (!$get_info)
'where' => 'privmsgs.privmsgs_id = privmsgs_text.privmsgs_text_id
AND (privmsgs.privmsgs_type = 0 OR privmsgs.privmsgs_type = 1 OR privmsgs.privmsgs_type = 5)',
),
// Outbox
array(
'target' => PRIVMSGS_TO_TABLE,

85
phpBB/install/database_update.php
View File

@ -8,7 +8,7 @@
*
*/
$updates_to_version = '3.0.1';
$updates_to_version = '3.0.2-RC1';
// Return if we "just include it" to find out for which version the database update is responsible for
if (defined('IN_PHPBB') && defined('IN_INSTALL'))
@ -33,7 +33,7 @@ error_reporting(E_ALL);
// Include essential scripts
include($phpbb_root_path . 'config.' . $phpEx);
if (!isset($dbms))
if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
{
die("Please read: <a href='../docs/INSTALL.html'>INSTALL.html</a> before attempting to update.");
}
@ -496,6 +496,12 @@ $database_update_info = array(
GROUPS_TABLE => array('group_legend'),
),
),
// No changes from 3.0.1-RC1 to 3.0.1
'3.0.1-RC1' => array(),
// No changes from 3.0.1 to 3.0.2-RC1
'3.0.1' => array(),
// uncomment once RC1 out - no changes from 3.0.2-RC1 to 3.0.2
// '3.0.2-RC1' => array(),
);
// Determine mapping database type
@ -581,6 +587,11 @@ while ($row = $db->sql_fetchrow($result))
}
$db->sql_freeresult($result);
/*if ($debug_from_version !== false)
{
$config['version'] = $debug_from_version;
}*/
echo $lang['PREVIOUS_VERSION'] . ' :: <strong>' . $config['version'] . '</strong><br />';
echo $lang['UPDATED_VERSION'] . ' :: <strong>' . $updates_to_version . '</strong></p>';
@ -604,7 +615,7 @@ else
// Checks/Operations that have to be completed prior to starting the update itself
$exit = false;
if (version_compare($current_version, '3.0.RC8', '<='))
if (version_compare($current_version, '3.0.RC8', '<=')) /* && $debug_from_version === false) */
{
// Define missing language entries...
if (!isset($lang['CLEANING_USERNAMES']))
@ -932,7 +943,7 @@ if (version_compare($current_version, '3.0.RC8', '<='))
foreach ($user_ids as $i => $user_id)
{
$row = $users[$user_id];
$rank_title = $rank_img = '';
get_user_rank($row['user_rank'], $row['user_posts'], $rank_title, $rank_img, $rank_img_src);
@ -1092,13 +1103,20 @@ for ($i = 0; $i < sizeof($versions); $i++)
$next_version = (isset($versions[$i + 1])) ? $versions[$i + 1] : $updates_to_version;
if (!sizeof($schema_changes))
// If the installed version to be updated to is < than the current version, and if the current version is >= as the version to be updated to next, we will skip the process
if (version_compare($version, $current_version, '<') && version_compare($current_version, $next_version, '>='))
{
continue;
}
// If the installed version to be updated to is < than the current version, and if the current version is >= as the version to be updated to next, we will skip the process
if (version_compare($version, $current_version, '<') && version_compare($current_version, $next_version, '>='))
/* if ($debug_from_version !== false)
{
// Applying update schema for version array with key '$version'
// for version '$version' to '$next_version'
continue;
}*/
if (!sizeof($schema_changes))
{
continue;
}
@ -1209,10 +1227,7 @@ $errored = $no_updates = false;
flush();
$no_updates = true;
$versions = array(
'3.0.RC2', '3.0.RC3', '3.0.RC4', '3.0.RC5', '3.0.0'
);
$versions = array_keys($database_update_info);
// some code magic
for ($i = 0; $i < sizeof($versions); $i++)
@ -1226,8 +1241,14 @@ for ($i = 0; $i < sizeof($versions); $i++)
continue;
}
$no_updates = false;
change_database_data($version);
/* if ($debug_from_version !== false)
{
// Applying update schema for version array with key '$version'
// for version '$version' to '$next_version'
continue;
}*/
change_database_data($no_updates, $version);
}
_write_result($no_updates, $errored, $error_ary);
@ -1246,6 +1267,9 @@ $errored = $no_updates = false;
flush();
//if ($debug_from_version === false)
// {
// update the version
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$updates_to_version'
@ -1258,6 +1282,8 @@ $sql = 'UPDATE ' . USERS_TABLE . "
user_perm_from = 0";
_sql($sql, $errored, $error_ary);
// }
/* Optimize/vacuum analyze the tables where appropriate
// this should be done for each version in future along with
// the version number update
@ -1324,7 +1350,7 @@ $cache->purge();
</div>
</div>
</div>
<div id="page-footer">
Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
</div>
@ -1345,7 +1371,7 @@ if (function_exists('exit_handler'))
/**
* Function where all data changes are executed
*/
function change_database_data($version)
function change_database_data(&$no_updates, $version)
{
global $db, $map_dbms, $errored, $error_ary, $config, $phpbb_root_path;
@ -1364,7 +1390,7 @@ function change_database_data($version)
$smileys[$row['smiley_id']] = $row['code'];
}
$db->sql_freeresult($result);
foreach ($smileys as $id => $code)
{
// 2.0 only entitized lt and gt; We need to do something about double quotes.
@ -1392,6 +1418,7 @@ function change_database_data($version)
sql_create_index($map_dbms, 'ath_op_id', ACL_ROLES_DATA_TABLE, array('auth_option_id'));
}
$no_updates = false;
break;
case '3.0.RC3':
@ -1481,6 +1508,7 @@ function change_database_data($version)
set_config('allow_birthdays', '1');
set_config('cron_lock', '0', true);
$no_updates = false;
break;
case '3.0.RC4':
@ -1678,6 +1706,7 @@ function change_database_data($version)
set_config('ldap_port', '');
set_config('ldap_user_filter', '');
$no_updates = false;
break;
case '3.0.RC5':
@ -1699,7 +1728,7 @@ function change_database_data($version)
$sql = 'SELECT forum_id, forum_password
FROM ' . FORUMS_TABLE;
$result = _sql($sql, $errored, $error_ary);
while ($row = $db->sql_fetchrow($result))
{
if (!empty($row['forum_password']))
@ -1708,9 +1737,10 @@ function change_database_data($version)
}
}
$db->sql_freeresult($result);
$db->sql_transaction('commit');
$no_updates = false;
break;
case '3.0.0':
@ -1719,7 +1749,7 @@ function change_database_data($version)
SET topic_last_view_time = topic_last_post_time
WHERE topic_last_view_time = 0";
_sql($sql, $errored, $error_ary);
// Update smiley sizes
$smileys = array('icon_e_surprised.gif', 'icon_eek.gif', 'icon_cool.gif', 'icon_lol.gif', 'icon_mad.gif', 'icon_razz.gif', 'icon_redface.gif', 'icon_cry.gif', 'icon_evil.gif', 'icon_twisted.gif', 'icon_rolleyes.gif', 'icon_exclaim.gif', 'icon_question.gif', 'icon_idea.gif', 'icon_arrow.gif', 'icon_neutral.gif', 'icon_mrgreen.gif', 'icon_e_ugeek.gif');
@ -1728,18 +1758,27 @@ function change_database_data($version)
if (file_exists($phpbb_root_path . 'images/smilies/' . $smiley))
{
list($width, $height) = getimagesize($phpbb_root_path . 'images/smilies/' . $smiley);
$sql = 'UPDATE ' . SMILIES_TABLE . '
SET smiley_width = ' . $width . ', smiley_height = ' . $height . "
WHERE smiley_url = '" . $db->sql_escape($smiley) . "'";
_sql($sql, $errored, $error_ary);
}
}
// TODO: remove all form token min times
$no_updates = false;
break;
case '3.0.1-RC1':
set_config('referer_validation', '1');
set_config('check_attachment_content', '1');
set_config('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title');
$no_updates = false;
break;
}
}

0
phpBB/install/index.php Executable file → Normal file
View File

18
phpBB/install/install_convert.php
View File

@ -298,7 +298,7 @@ class install_convert extends module
if (isset($convertor_data))
{
$sort[strtolower($convertor_data['forum_name'])] = sizeof($convertors);
$convertors[] = array(
'tag' => $m[1],
'forum_name' => $convertor_data['forum_name'],
@ -585,7 +585,7 @@ class install_convert extends module
function convert_data($sub)
{
global $template, $user, $phpbb_root_path, $phpEx, $db, $lang, $config, $cache;
global $convert, $convert_row, $message_parser, $skip_rows;
global $convert, $convert_row, $message_parser, $skip_rows, $language;
require($phpbb_root_path . 'config.' . $phpEx);
require($phpbb_root_path . 'includes/constants.' . $phpEx);
@ -891,7 +891,7 @@ class install_convert extends module
{
$table = $convert->src_table_prefix . $m[1];
$tables_list[$table] = $table;
if (!empty($m[3]))
{
$aliases[] = $convert->src_table_prefix . $m[3];
@ -948,7 +948,7 @@ class install_convert extends module
// Throw an error if some tables are missing
// We used to do some guessing here, but since we have a suggestion of possible values earlier, I don't see it adding anything here to do it again
if (sizeof($missing_tables) == sizeof($tables_list))
{
$this->p_master->error($user->lang['NO_TABLES_FOUND'] . ' ' . $user->lang['CHECK_TABLE_PREFIX'], __LINE__, __FILE__);
@ -1299,7 +1299,7 @@ class install_convert extends module
if ($errored)
{
$db->sql_return_on_error(true);
// Because it errored out we will try to insert the rows one by one... most of the time this
// is caused by duplicate entries - but we also do not want to miss one...
foreach ($waiting_rows as $waiting_sql)
@ -1607,7 +1607,7 @@ class install_convert extends module
'TITLE' => $user->lang['UPDATE_TOPICS_POSTED'],
'RESULT' => $user->lang['DONE'],
));
if ($db->sql_error_triggered)
{
$template->assign_vars(array(
@ -1617,7 +1617,7 @@ class install_convert extends module
));
}
$db->sql_return_on_error(false);
$this->finish_conversion();
return;
}
@ -1949,7 +1949,7 @@ class install_convert extends module
$firstkey_set = false;
$firstkey = 0;
foreach ($fields[1] as $inner_key => $inner_value)
{
if (!$firstkey_set)
@ -1974,7 +1974,7 @@ class install_convert extends module
{
$sql_flag = true;
}
// No function assigned?
if (empty($fields[2]))
{

13
phpBB/install/install_install.php Executable file → Normal file
View File

@ -1021,6 +1021,12 @@ class install_install extends module
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') !== false)
{
$server_name = substr($server_name, 0, strpos($server_name, ':'));
}
$data['email_enable'] = ($data['email_enable'] !== '') ? $data['email_enable'] : true;
$data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : $server_name;
$data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'));
@ -1114,6 +1120,13 @@ class install_install extends module
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') !== false)
{
$server_name = substr($server_name, 0, strpos($server_name, ':'));
}
$cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : $server_name;
// Try to come up with the best solution for cookie domain...

0
phpBB/install/install_main.php Executable file → Normal file
View File

7
phpBB/install/schemas/schema_data.sql
View File

@ -64,6 +64,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('captcha_gd', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('captcha_gd_foreground_noise', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('captcha_gd_x_grid', '25');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('captcha_gd_y_grid', '25');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('check_attachment_content', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('check_dnsbl', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('chg_passforce', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('cookie_domain', '');
@ -172,8 +173,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_sig_urls', '5'
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_name_chars', '3');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_pass_chars', '6');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_search_author_chars', '3');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_time_reg', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_time_terms', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('override_user_style', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pass_complex', 'PASS_TYPE_ANY');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_edit_time', '0');
@ -184,6 +184,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('print_pm', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('queue_interval', '600');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ranks_path', 'images/ranks');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('referer_validation', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_block_size', '250');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_gc', '7200');
@ -213,7 +214,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page',
INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.2-RC1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');

2
phpBB/language/en/acp/attachments.php
View File

@ -71,6 +71,8 @@ $lang = array_merge($lang, array(
'CAT_QUICKTIME_FILES' => 'Quicktime media files',
'CAT_RM_FILES' => 'RealMedia media files',
'CAT_WM_FILES' => 'Windows Media media files',
'CHECK_CONTENT' => 'Check attachment files',
'CHECK_CONTENT_EXPLAIN' => 'Some browsers can be tricked to assume an incorrect mimetype for uploaded files. This option ensures that such files likely to cause this are rejected.',
'CREATE_GROUP' => 'Create new group',
'CREATE_THUMBNAIL' => 'Create thumbnail',
'CREATE_THUMBNAIL_EXPLAIN' => 'Create a thumbnail in all possible situations.',

11
phpBB/language/en/acp/board.php
View File

@ -206,10 +206,6 @@ $lang = array_merge($lang, array(
'ENABLE_COPPA_EXPLAIN' => 'This requires users to declare whether they are 13 or over for compliance with the U.S. COPPA. If this is disabled the COPPA specific groups will no longer be displayed.',
'MAX_CHARS' => 'Max',
'MIN_CHARS' => 'Min',
'MIN_TIME_REG' => 'Minimum time for registration',
'MIN_TIME_REG_EXPLAIN' => 'The registration form cannot be submitted before this time has passed.',
'MIN_TIME_TERMS' => 'Minimum time for accepting terms',
'MIN_TIME_TERMS_EXPLAIN' => 'The terms page cannot be skipped before this time has passed.',
'NO_AUTH_PLUGIN' => 'No suitable auth plugin found.',
'PASSWORD_LENGTH' => 'Password length',
'PASSWORD_LENGTH_EXPLAIN' => 'Minimum and maximum number of characters in passwords.',
@ -375,8 +371,6 @@ $lang = array_merge($lang, array(
'FORCE_PASS_CHANGE_EXPLAIN' => 'Require user to change their password after a set number of days. Setting this value to 0 disables this behaviour.',
'FORM_TIME_MAX' => 'Maximum time to submit forms',
'FORM_TIME_MAX_EXPLAIN' => 'The time a user has to submit a form. Use -1 to disable. Note that a form might become invalid if the session expires, regardless of this setting.',
'FORM_TIME_MIN' => 'Minimum time to submit forms',
'FORM_TIME_MIN_EXPLAIN' => 'Submissions faster than this time are ignored by the board. Use 0 to disable.',
'FORM_SID_GUESTS' => 'Tie forms to guest sessions',
'FORM_SID_GUESTS_EXPLAIN' => 'If enabled, the form token issued to guests will be session-exclusive. This can cause problems with some ISPs.',
'FORWARDED_FOR_VALID' => 'Validated <var>X_FORWARDED_FOR</var> header',
@ -386,12 +380,17 @@ $lang = array_merge($lang, array(
'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts',
'MAX_LOGIN_ATTEMPTS_EXPLAIN' => 'After this number of failed logins the user needs to additionally confirm his login visually (visual confirmation).',
'NO_IP_VALIDATION' => 'None',
'NO_REF_VALIDATION' => 'None',
'PASSWORD_TYPE' => 'Password complexity',
'PASSWORD_TYPE_EXPLAIN' => 'Determines how complex a password needs to be when set or altered, subsequent options include the previous ones.',
'PASS_TYPE_ALPHA' => 'Must contain letters and numbers',
'PASS_TYPE_ANY' => 'No requirements',
'PASS_TYPE_CASE' => 'Must be mixed case',
'PASS_TYPE_SYMBOL' => 'Must contain symbols',
'REF_HOST' => 'Only validate host',
'REF_PATH' => 'Also validate path',
'REFERER_VALID' => 'Validate Referer',
'REFERER_VALID_EXPLAIN' => 'If enabled, the referer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.',
'TPL_ALLOW_PHP' => 'Allow php in templates',
'TPL_ALLOW_PHP_EXPLAIN' => 'If this option is enabled, <code>PHP</code> and <code>INCLUDEPHP</code> statements will be recognised and parsed in templates.',
));

4
phpBB/language/en/acp/common.php
View File

@ -201,6 +201,9 @@ $lang = array_merge($lang, array(
'ADMIN_INDEX' => 'Admin index',
'ADMIN_PANEL' => 'Administration Control Panel',
'ADM_LOGOUT' => 'ACP Logout',
'ADM_LOGGED_OUT' => 'Successfully logged out from Administration Control Panel',
'BACK' => 'Back',
'COLOUR_SWATCH' => 'Web-safe colour swatch',
@ -608,6 +611,7 @@ $lang = array_merge($lang, array(
'LOG_REASON_REMOVED' => '<strong>Removed report/denial reason</strong><br />» %s',
'LOG_REASON_UPDATED' => '<strong>Updated report/denial reason</strong><br />» %s',
'LOG_REFERER_INVALID' => '<strong>Referer validation failed</strong><br />»Referer was “<em>%1$s</em>”. The request was rejected and the session killed.',
'LOG_RESET_DATE' => '<strong>Board start date reset</strong>',
'LOG_RESET_ONLINE' => '<strong>Most users online reset</strong>',
'LOG_RESYNC_POSTCOUNTS' => '<strong>User post counts resynchronised</strong>',

1
phpBB/language/en/acp/groups.php
View File

@ -108,6 +108,7 @@ $lang = array_merge($lang, array(
'NO_PERMISSIONS' => 'Do not copy permissions',
'NO_USERS' => 'You havent entered any users.',
'NO_USERS_ADDED' => 'No users were added to the group.',
'NO_VALID_USERS' => 'You havent entered any users eligible for that action.',
'SPECIAL_GROUPS' => 'Pre-defined groups',
'SPECIAL_GROUPS_EXPLAIN' => 'Pre-defined groups are special groups, they cannot be deleted or directly modified. However you can still add users and alter basic settings.',

1
phpBB/language/en/common.php
View File

@ -78,6 +78,7 @@ $lang = array_merge($lang, array(
'ATTACHED_IMAGE_NOT_IMAGE' => 'The image file you tried to attach is invalid.',
'AUTHOR' => 'Author',
'AUTH_NO_PROFILE_CREATED' => 'The creation of a user profile was unsuccessful.',
'AVATAR_DISALLOWED_CONTENT' => 'The upload was rejected because the uploaded file was identified as a possible attack vector.',
'AVATAR_DISALLOWED_EXTENSION' => 'This file cannot be displayed because the extension <strong>%s</strong> is not allowed.',
'AVATAR_EMPTY_REMOTE_DATA' => 'The specified avatar could not be uploaded because the remote data appears to be invalid or corrupted.',
'AVATAR_EMPTY_FILEUPLOAD' => 'The uploaded avatar file is empty.',

0
phpBB/language/en/install.php Executable file → Normal file
View File

1
phpBB/language/en/memberlist.php
View File

@ -132,6 +132,7 @@ $lang = array_merge($lang, array(
'USERNAME_BEGINS_WITH' => 'Username begins with',
'USER_ADMIN' => 'Administrate user',
'USER_BAN' => 'Banning',
'USER_FORUM' => 'User statistics',
'USER_ONLINE' => 'Online',
'USER_PRESENCE' => 'Board presence',

1
phpBB/language/en/posting.php
View File

@ -82,6 +82,7 @@ $lang = array_merge($lang, array(
'DISABLE_BBCODE' => 'Disable BBCode',
'DISABLE_MAGIC_URL' => 'Do not automatically parse URLs',
'DISABLE_SMILIES' => 'Disable smilies',
'DISALLOWED_CONTENT' => 'The upload was rejected because the uploaded file was identified as a possible attack vector.',
'DISALLOWED_EXTENSION' => 'The extension %s is not allowed.',
'DRAFT_LOADED' => 'Draft loaded into posting area, you may want to finish your post now.<br />Your draft will be deleted after submitting this post.',
'DRAFT_LOADED_PM' => 'Draft loaded into message area, you may want to finish your private message now.<br />Your draft will be deleted after submitting this private message.',

4
phpBB/mcp.php
View File

@ -166,7 +166,7 @@ if ($quickmod)
case 'delete_post':
case 'delete_topic':
$module->load('mcp', 'main', 'quickmod');
exit_handler();
exit;
break;
case 'topic_logs':
@ -390,7 +390,7 @@ function get_topic_data($topic_ids, $acl_list = false, $read_tracking = false)
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (!$row['forum_id'])

11
phpBB/memberlist.php
View File

@ -551,6 +551,8 @@ switch ($mode)
'S_CUSTOM_FIELDS' => (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,
'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',
'U_USER_BAN' => ($auth->acl_get('m_ban')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&amp;mode=user&amp;u=' . $user_id, true, $user->session_id) : '',
'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}") : '',
'S_ZEBRA' => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
@ -896,7 +898,7 @@ switch ($mode)
}
$sort_key_text['m'] = $user->lang['SORT_RANK'];
$sort_key_sql['m'] = 'u.user_rank DESC, u.user_posts';
$sort_key_sql['m'] = 'u.user_rank';
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
@ -1156,6 +1158,12 @@ switch ($mode)
$order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
// Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly
if ($sort_key == 'm')
{
$order_by .= ', u.user_posts DESC';
}
// Count the users ...
if ($sql_where)
{
@ -1556,6 +1564,7 @@ function show_profile($data)
'A_USERNAME' => addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),
'AVATAR_IMG' => get_user_avatar($data['user_avatar'], $data['user_avatar_type'], $data['user_avatar_width'], $data['user_avatar_height']),
'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false,
'RANK_IMG' => $rank_img,

13
phpBB/posting.php
View File

@ -114,8 +114,7 @@ switch ($mode)
else
{
upload_popup();
garbage_collection();
exit_handler();
exit;
}
break;
@ -146,7 +145,7 @@ if (!$post_data)
if ($mode == 'popup')
{
upload_popup($post_data['forum_style']);
exit_handler();
exit;
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
@ -277,7 +276,7 @@ if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
if ($mode == 'delete')
{
handle_post_delete($forum_id, $topic_id, $post_id, $post_data);
exit_handler();
exit;
}
// Handle bump mode...
@ -998,8 +997,6 @@ if ($submit || $preview || $refresh)
$data['topic_replies'] = $post_data['topic_replies'];
}
unset($message_parser);
$redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message);
$post_need_approval = (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? true : false;
@ -1155,7 +1152,6 @@ if (sizeof($post_data['poll_options']) && $post_data['poll_title'])
$message_parser->decode_message();
$post_data['poll_options'] = explode("\n", $message_parser->message);
}
unset($message_parser);
// MAIN POSTING PAGE BEGINS HERE
@ -1405,6 +1401,9 @@ function upload_popup($forum_style = 0)
);
$template->display('popup');
garbage_collection();
exit_handler();
}
/**

11
phpBB/style.php
View File

@ -20,7 +20,7 @@ error_reporting(E_ALL ^ E_NOTICE);
require($phpbb_root_path . 'config.' . $phpEx);
if (!defined('PHPBB_INSTALLED') || empty($dbms) || !isset($dbhost) || !isset($dbpasswd) || empty($dbuser))
if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
{
exit;
}
@ -57,11 +57,6 @@ if (strspn($sid, 'abcdefABCDEF0123456789') !== strlen($sid))
// server a little
if ($id)
{
if (empty($acm_type) || empty($dbms))
{
die('Hacking attempt');
}
// Include files
require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx);
require($phpbb_root_path . 'includes/cache.' . $phpEx);
@ -100,7 +95,7 @@ if ($id)
$user = array('user_id' => ANONYMOUS);
}
$sql = 'SELECT s.style_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
$sql = 'SELECT s.style_id, c.theme_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i
WHERE s.style_id = ' . $id . '
AND t.template_id = s.template_id
@ -198,7 +193,7 @@ if ($id)
);
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE theme_id = $id";
WHERE theme_id = {$theme['theme_id']}";
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);

0
phpBB/styles/prosilver/imageset/icon_user_warn.gif Executable file → Normal file
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 481 B

After

Width:  |  Height:  |  Size: 481 B

2
phpBB/styles/prosilver/imageset/imageset.cfg
View File

@ -19,7 +19,7 @@
# General Information about this style
name = prosilver
copyright = &copy; phpBB Group, 2007
version = 3.0.0
version = 3.0.2
# Images
img_site_logo = site_logo.gif*52*139

2
phpBB/styles/prosilver/style.cfg
View File

@ -19,4 +19,4 @@
# General Information about this style
name = prosilver
copyright = &copy; phpBB Group, 2007
version = 3.0.0
version = 3.0.2

2
phpBB/styles/prosilver/template/mcp_ban.html
View File

@ -44,7 +44,7 @@
<fieldset>
<dl>
<dt><label for="ban">{L_BAN_CELL}:</label></dt>
<dd><label for="ban"><textarea name="ban" id="ban" class="inputbox" cols="40" rows="3">{USERNAMES}</textarea></label></dd>
<dd><label for="ban"><textarea name="ban" id="ban" class="inputbox" cols="40" rows="3">{BAN_QUANTIFIER}</textarea></label></dd>
<!-- IF S_USERNAME_BAN --><dd><strong><a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a></strong></dd><!-- ENDIF -->
</dl>
<dl>

2
phpBB/styles/prosilver/template/mcp_queue.html
View File

@ -36,7 +36,7 @@
<!-- BEGIN postrow -->
<!-- IF postrow.S_DELETED_TOPIC -->
<li><p class="notopics">{L_DELETED_TOPIC}</li>
<li><p class="notopics">{L_DELETED_TOPIC}</p></li>
<!-- ELSE -->
<li class="row<!-- IF postrow.S_ROW_COUNT is odd --> bg1<!-- ELSE --> bg2<!-- ENDIF -->">

1
phpBB/styles/prosilver/template/memberlist_view.html
View File

@ -19,6 +19,7 @@
<dd>
<!-- IF USER_COLOR --><span style="color: {USER_COLOR}; font-weight: bold;"><!-- ELSE --><span><!-- ENDIF -->{USERNAME}</span>
<!-- IF U_USER_ADMIN --> [ <a href="{U_USER_ADMIN}">{L_USER_ADMIN}</a> ]<!-- ENDIF -->
<!-- IF U_USER_BAN --> [ <a href="{U_USER_BAN}">{L_USER_BAN}</a> ]<!-- ENDIF -->
<!-- IF U_SWITCH_PERMISSIONS --> [ <a href="{U_SWITCH_PERMISSIONS}">{L_USE_PERMISSIONS}</a> ]<!-- ENDIF -->
</dd>
<!-- IF not AVATAR_IMG -->

2
phpBB/styles/prosilver/template/template.cfg
View File

@ -19,7 +19,7 @@
# General Information about this template
name = prosilver
copyright = &copy; phpBB Group, 2007
version = 3.0.0
version = 3.0.2
# Defining a different template bitfield
template_bitfield = lNg=

2
phpBB/styles/prosilver/template/ucp_main_subscribed.html
View File

@ -81,7 +81,7 @@
<!-- IF .topicrow or .forumrow -->
<fieldset class="display-actions">
<input type="submit" name="unwatch" value="{L_UNWATCH_MARKED}" class="button2" />
<div><a href="#" onclick="marklist('ucp', '', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('ucp', '', false); return false;">{L_UNMARK_ALL}</a></div>
<div><a href="#" onclick="marklist('ucp', 't', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('ucp', 't', false); return false;">{L_UNMARK_ALL}</a></div>
{S_FORM_TOKEN}
</fieldset>
<!-- ENDIF -->

4
phpBB/styles/prosilver/template/ucp_pm_history.html
View File

@ -9,7 +9,7 @@
<div class="post <!-- IF history_row.S_ROW_COUNT is even -->bg1<!-- ELSE -->bg2<!-- ENDIF -->">
<div class="inner"><span class="corners-top"><span></span></span>
<div class="postbody" id="pr{history_row.U_MSG_ID}">
<div class="postbody" id="pr{history_row.MSG_ID}">
<!-- IF history_row.U_QUOTE -->
<ul class="profile-icons">
<li class="quote-icon"><a href="{history_row.U_QUOTE}" title="{L_QUOTE} {history_row.MESSAGE_AUTHOR}"><span>{L_QUOTE} {history_row.MESSAGE_AUTHOR}</span></a></li>
@ -19,7 +19,7 @@
<h3><a href="{history_row.U_VIEW_MESSAGE}" <!-- IF history_row.S_CURRENT_MSG -->class="current"<!-- ENDIF -->>{history_row.SUBJECT}</a></h3>
<p class="author<!-- IF history_row.S_CURRENT_MSG --> current<!-- ENDIF -->">{history_row.MINI_POST_IMG} {L_SENT_AT}: <strong>{history_row.SENT_DATE}</strong><br />
{L_MESSAGE_BY_AUTHOR} {history_row.MESSAGE_AUTHOR_FULL}</p>
<div class="content<!-- IF history_row.S_CURRENT_MSG --> current<!-- ENDIF -->" id="message_{history_row.U_MSG_ID}">
<div class="content<!-- IF history_row.S_CURRENT_MSG --> current<!-- ENDIF -->" id="message_{history_row.MSG_ID}">
{history_row.MESSAGE}
</div>
</div>

4
phpBB/styles/prosilver/theme/bidi.css
View File

@ -253,8 +253,8 @@
}
.rtl ul.topiclist li.row dt a.subforum {
padding: 0 0 0 12px;
background-position: 100% 100%;
padding-right: 12px;
background-position: right;
position: static;
}

2
phpBB/styles/prosilver/theme/theme.cfg
View File

@ -21,7 +21,7 @@
# General Information about this theme
name = prosilver
copyright = &copy; phpBB Group, 2007
version = 3.0.0
version = 3.0.2
# Some configuration options

2
phpBB/styles/subsilver2/imageset/imageset.cfg
View File

@ -19,7 +19,7 @@
# General Information about this style
name = subsilver2
copyright = &copy; phpBB Group, 2003
version = 3.0.0
version = 3.0.2
# Images
img_site_logo = site_logo.gif*94*170

2
phpBB/styles/subsilver2/style.cfg
View File

@ -19,4 +19,4 @@
# General Information about this style
name = subsilver2
copyright = &copy; 2005 phpBB Group
version = 3.0.0
version = 3.0.2

2
phpBB/styles/subsilver2/template/template.cfg
View File

@ -19,5 +19,5 @@
# General Information about this template
name = subsilver2
copyright = &copy; phpBB Group, 2003
version = 3.0.0
version = 3.0.2

2
phpBB/styles/subsilver2/theme/theme.cfg
View File

@ -21,7 +21,7 @@
# General Information about this theme
name = subsilver2
copyright = &copy; phpBB Group, 2003
version = 3.0.0
version = 3.0.2
# Some configuration options

6
phpBB/ucp.php Executable file → Normal file
View File

@ -69,7 +69,7 @@ switch ($mode)
case 'confirm':
$module->load('ucp', 'confirm');
exit_handler();
exit;
break;
case 'login':
@ -93,7 +93,7 @@ switch ($mode)
$message = ($user->data['user_id'] == ANONYMOUS) ? $user->lang['LOGOUT_REDIRECT'] : $user->lang['LOGOUT_FAILED'];
}
meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
trigger_error($message);
@ -135,7 +135,7 @@ switch ($mode)
break;
case 'delete_cookies':
// Delete Cookies with dynamic names (do NOT delete poll cookies)
if (confirm_box(true))
{

12
phpBB/viewtopic.php
View File

@ -451,9 +451,16 @@ $s_watching_topic = array(
'is_watching' => false,
);
if ($config['email_enable'] && $config['allow_topic_notify'] && $user->data['is_registered'])
if (($config['email_enable'] || $config['jab_enable']) && $config['allow_topic_notify'] && $user->data['is_registered'])
{
watch_topic_forum('topic', $s_watching_topic, $user->data['user_id'], $forum_id, $topic_id, $topic_data['notify_status'], $start);
// Reset forum notification if forum notify is set
if ($config['allow_forum_notify'] && $auth->acl_get('f_subscribe', $forum_id))
{
$s_watching_forum = $s_watching_topic;
watch_topic_forum('forum', $s_watching_forum, $user->data['user_id'], $forum_id, 0);
}
}
// Bookmarks
@ -1003,7 +1010,6 @@ while ($row = $db->sql_fetchrow($result))
'rank_image' => '',
'rank_image_src' => '',
'sig' => '',
'posts' => '',
'profile' => '',
'pm' => '',
'email' => '',
@ -1066,7 +1072,7 @@ while ($row = $db->sql_fetchrow($result))
'msn' => ($row['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=msnm&amp;u=$poster_id") : '',
'yim' => ($row['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($row['user_yim']) . '&amp;.src=pg' : '',
'jabber' => ($row['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=jabber&amp;u=$poster_id") : '',
'search' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", 'search_author=' . urlencode($row['username']) .'&amp;showresults=posts') : '',
'search' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", 'search_author=' . urlencode($row['username']) .'&amp;sr=posts') : '',
);
get_user_rank($row['user_rank'], $row['user_posts'], $user_cache[$poster_id]['rank_title'], $user_cache[$poster_id]['rank_image'], $user_cache[$poster_id]['rank_image_src']);