References are not really needed in PHP due to copy-on-write. Since
PHP5, objects are always passed around as identifiers, which means they
are mutable. So it is no longer required to pass these by reference
either.
PHPBB3-9608
* develop-olympus:
[ticket/9892] Correct copyright year
[ticket/9892] Remove incorrect use of camel case
[ticket/9892] Removing closing php tag from create_schema_files
[ticket/9892] Transaction support for database update sql execution function
[ticket/9892] count is a keyword in firebird, so renaming this alias
[ticket/9892] Q&A CAPTCHA did not work on firebird, so no need to change config
[ticket/9892] Shorten login_attempt key names to avoid firebird length problems
[ticket/9892] Drop Q&A CAPTCHA tables if left in inconsistent state
[ticket/9892] Adding a number of tests for db_tools
[ticket/9892] Table prefix lengths influence index lengths in db_tools
[ticket/9892] Shorten the index names on the q&a captcha
[ticket/9892] column & index name limits, firebird auto increment in db_tools
Conflicts:
phpBB/develop/create_schema_files.php
* develop-olympus:
[ticket/9992] Clarify explanations of ip and account limits on login
[ticket/9992] Add a comma to language for IP_LOGIN_LIMIT_MAX_EXPLAIN
[ticket/9992] Use sql_fetchfield for single row and single column result
[ticket/9992] Adding a limit on login attempts per IP.
[ticket/9992] Make sql_create_table and sql_table_exists available in updater
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
- throw an error if an image that's edited into an imageset doesn't exist
- convert the password not its hash ;-)
- only update user_login_attempts if necessary
- make password requirements even clearer
git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by )
git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
- Better resync explanations in ACP
- relative link to board shouldn't result in an empty link [Bug #7762]
- allow spaces to define multiple classes [Bug #7700]
- forgot addslashes for password conversion [Bug #7530]
- adjusted get_post_data call in mcp_post to retrieve read tracking info [Bug #7538]
- fixed sorting in reports/queue by properly generating the pagination links [Bug #7666]
- send UTF-8 charset header in database_update.php [Bug #7564]
git-svn-id: file:///svn/phpbb/trunk@6974 89ea8834-ac86-4346-8a33-228a782c2dd0
* feature/igorw/request-class:
[feature/request-class] Convert some remaining cookies
[feature/request-class] Adjust misleading comment
[feature/request-class] Remove direct access to _REQUEST in acp_search
[feature/request-class] Special case of direct access to _REQUEST
Closing tags converted using Oleg's script.
remove-php-end-tags.py -a .
Trailing newlines added using the following where $ext is file extension.
find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s;
Extensions: php, css, html, js, xml.
PHPBB3-9556
* develop-olympus:
[ticket/7332] Fix post details expand link rendering on Webkit.
[ticket/9162] Prevent notice on unset poll title
[ticket/7417] Also focus search keywords and username in subsilver2.
[ticket/7417] Focus username field when prosilver login page is loaded.
[ticket/7417] Focus search keywords field when prosilver search page is loaded.
[ticket/9841] Change "Save" to "Save draft", "Load" to "Load draft".
[ticket/9664] Resolve conflict with accesskey="t", change addlitsitem to "y".
[ticket/7538] Limit user_login_attempts to prevent SQL errors.
[ticket/9848] Add avatars, attachments and store files to .gitignore.
[ticket/9822] Correct some style related ACP explain statements.
[ticket/9698] Add .htaccess to the includes subdirectory.
[ticket/9830] Redirect to install directly when config.php does not exist.
[ticket/9816] Remove config.php from repository
[ticket/9810] Hide "Select All" of code bbcode on print page
The autoloader is registered in install without caching, since caching is set
up during installation. This provides the same functionality, performance is
not a concern during installation anyway.
In common.php the autoloader is instantiated after the cache is initialised and
is started with the standard cache backend used for other cached values.
A few places in the code using class_exists had to be updated to explicitly
avoid autoloading, since they are used to check whether a file needs to be
included which does not (yet) follow the naming scheme the autoloader follows.
PHPBB3-9682
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue
git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
- all changes to styles/subsilver/template are purely cosmetic (no functional changes)
- cosmetics
- bugfixes
- add index to modules table
- use modules ordering code for forums too
git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there
git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0
- fix serious bugs in permissions (always allowing if permissions explicitly set and getting wrong permission options from bitfield)
- added option for returning an array to make_forum_select
- again fixing bugs in module system (one for a very query consuming part and one for correctly filling the cache)
git-svn-id: file:///svn/phpbb/trunk@5517 89ea8834-ac86-4346-8a33-228a782c2dd0
