1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-25 13:46:50 +02:00
Commit Graph

99 Commits

Author SHA1 Message Date
Joas Schilling
2231488543 [ticket/10252] Correctly document behaviour of acl_get_list() for a_ permission
Be careful when using this function with permissions a_, m_, u_ and f_ ! It may not work correctly. When a user group grants an a_* permission, e.g. a_foo, but the user's a_foo permission is set to "Never", then the user does not in fact have the a_ permission. But the user will still be listed as having the a_ permission.

PHPBB3-10252
2011-07-15 10:23:06 +02:00
Nils Adermann
2dee57fd43 [ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.

PHPBB3-9992
2011-06-10 12:18:19 +02:00
Oleg Pudeyev
f49656986c [ticket/10141] Save a hash lookup when value is not in cache.
PHPBB3-10141
2011-04-21 23:15:51 -04:00
Andreas Fischer
b1367bce48 [ticket/10141] Split double-assignment into conditional and unconditional part.
PHPBB3-10141
2011-04-22 00:20:09 +02:00
Bart van Bragt
11dd4b54fa [ticket/10141] Use a cache in $auth->_fill_acl() for better performance.
Many sequences being converted are the same. Use a local cache to
convert each sequence once, speeding up the function.

PHPBB3-10141
2011-04-21 04:21:09 -04:00
Meik Sievertsen
686f84a8fc Fix Bug #48875 - we compare the bitlength, therefore we indeed do not need to re-cache if we think acl options got changed (which we did)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9894 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-07-30 14:35:29 +00:00
Meik Sievertsen
d7d96223e7 - Display coloured usernames in ACP groups management screens
- Changed behaviour of group_create() function to support specifying additional group columns
- New groups option to excempt group leaders from group permissions


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9625 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-06-19 09:51:50 +00:00
Meik Sievertsen
ab5146a72a Implemented strict check for cached user permissions and existing ACL options. This fix makes sure cached permissions are valid, even if they got already cached.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8985 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-10-09 13:18:38 +00:00
Meik Sievertsen
c1c3b9f912 fixing two potential problems
- blank style
- check for correct role assignment within auth.php (should not happen, but seems like some users are not able to persist from manually messing with the db)

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8502 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-04-11 14:14:23 +00:00
Meik Sievertsen
2003152c8d - Remove left join for query used to retrieve already assigned users and groups within permission panel - #20235
- also test the serialize/unserialize approach for cached roles

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8390 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-02-23 14:06:46 +00:00
Meik Sievertsen
9e55e17388 revamp how we query permissions. This is half-experimental actually, needs a bit of testing.
Should fix the bug with low max_join_size values, but may give problems for those on very low memory settings.

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8384 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-02-15 19:10:02 +00:00
Meik Sievertsen
e6c79242e6 dumdidum... sorry. ;)
git-svn-id: file:///svn/phpbb/trunk@8146 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-05 14:30:11 +00:00
Henry Sudhof
a2d1a8706f space, where art thou?
git-svn-id: file:///svn/phpbb/trunk@7979 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-29 11:48:39 +00:00
Henry Sudhof
bb3c365f45 #13863 (oops)
git-svn-id: file:///svn/phpbb/trunk@7977 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-29 11:22:40 +00:00
Meik Sievertsen
48d88164e1 do not consider permissions the admin is not able to change, track or see.
git-svn-id: file:///svn/phpbb/trunk@7873 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-12 08:55:38 +00:00
Meik Sievertsen
5aa220bcd2 tweak the sql_like_expression feature a little bit to allow correct escaping
git-svn-id: file:///svn/phpbb/trunk@7789 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-06-24 12:49:13 +00:00
Meik Sievertsen
318418b0f2 new wrapper for LIKE expressions to streamline the fixes. We actually need to adjust them for different DBMS as well as SQLite2 not supporting escaping characters in LIKE statements (which is a reason why we think about dropping sqlite support completely).
git-svn-id: file:///svn/phpbb/trunk@7788 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-06-23 12:16:20 +00:00
Meik Sievertsen
455536773f ok, mess around with the templates + fixing some bugs + adjusting headers for those files already modified to circumvent conflicts for those having their editor set to remove trailing spaces (not recommended!)
git-svn-id: file:///svn/phpbb/trunk@7736 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-06-09 11:11:20 +00:00
David M
f34547cad7 erm... um... NOBODY SAW THIS :P
git-svn-id: file:///svn/phpbb/trunk@7665 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-23 02:01:21 +00:00
David M
3899e337e6 #11255
#11259
#11291
#11335
#11457
#11473
#11475
#11511
#11523
#11527


git-svn-id: file:///svn/phpbb/trunk@7663 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-22 21:32:26 +00:00
Meik Sievertsen
6b28ae8b22 some tiny changes
git-svn-id: file:///svn/phpbb/trunk@7452 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-02 21:08:50 +00:00
David M
202861eec9 #10255
git-svn-id: file:///svn/phpbb/trunk@7427 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-29 20:22:38 +00:00
Meik Sievertsen
5cb586461b changed the cache files to save some memory (all global ones are hold in memory, doubling it).
git-svn-id: file:///svn/phpbb/trunk@7386 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-22 18:09:03 +00:00
Meik Sievertsen
9f82dec04b some changes/bugfixes
git-svn-id: file:///svn/phpbb/trunk@7241 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-30 10:49:06 +00:00
Nils Adermann
ce8b00801e - improvements to search indexing performance, espacially tidy() by adding a word_count column, the database update from b5 to next version will take quite a while on bigger databases, I also lowered the default common word threshold from 20 to 5 percent, big boards might want to use 3 or 2 percent, 20 was way too high
- added some keys to ACL tables, great improvement of auth query performance
- we will only add new language strings to install.php language file and won't modify any, if a language file is updated before phpBB is updated, the updater will not overwrite the user's language with english if install.php was modified


git-svn-id: file:///svn/phpbb/trunk@7182 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-13 22:00:55 +00:00
Nils Adermann
c64e48a372 a performance improvement
git-svn-id: file:///svn/phpbb/trunk@7177 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-12 18:05:43 +00:00
Meik Sievertsen
fcc22ef2b0 show dropdown box for choosing the forum in user management screen -> permissions
git-svn-id: file:///svn/phpbb/trunk@6808 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-25 15:19:45 +00:00
Nils Adermann
1e34820cd8 - Optimize acl_getf_global a bit
- a little performance improvement of the IP regular expressions
- convert post_text/subject collation to utf8_unicode_ci if a user wants to use mysql_fulltext to allow case insensitivity [Bug #6272]
- mysql_fulltext should alter all necessary columns at once to speed up the process
- validate URLs against RFC3986
- fixed some weirdness in make_clickable
I hope I didn't break any URLs with this commit, if I did then report it to the bugtracker please!


git-svn-id: file:///svn/phpbb/trunk@6774 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-16 20:24:34 +00:00
Meik Sievertsen
bb718d8406 - the same procedure as every... oh. this is taken.
- also including the first bugfix within beta4, just noticed at area51 that quicktools are not working in global announcements. :D


git-svn-id: file:///svn/phpbb/trunk@6681 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-27 23:31:09 +00:00
Meik Sievertsen
e264a62b73 - a handful of mcp fixed, the most important one is the change for check_ids() - it is now supporting ids from more than one forum too, making it possible to use some mcp features as designed initially. We really need to get our moderator team testing the mcp extensively.
- fixed some other tiny glitches
- if a forum category with subforums get changed to a link type forum give options of what to do with the subforums (#5334)
- other bugfixes


git-svn-id: file:///svn/phpbb/trunk@6601 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-18 16:27:35 +00:00
Meik Sievertsen
22129be21f - now username changes should work as desired
- removed some extract() calls


git-svn-id: file:///svn/phpbb/trunk@6517 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-22 13:32:33 +00:00
Meik Sievertsen
4afaca12dc - store sql_layer directly within the layer itself
- new method sql_multi_insert to circumvent db-specific hacks
(hopefully not introduced any parsing errors)


git-svn-id: file:///svn/phpbb/trunk@6497 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-14 14:56:46 +00:00
Nils Adermann
c65048bd91 - introducing clean usernames, needs to be tested more, I'm not sure I didn't miss anything
- homograph list should probably be extended


git-svn-id: file:///svn/phpbb/trunk@6494 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-13 22:10:18 +00:00
Meik Sievertsen
f8528a659c tried to begin adjusting all string functions where applicable - still a *lot* to do.
i hope i catched all relevant sections and did not mess something up.


git-svn-id: file:///svn/phpbb/trunk@6452 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-07 12:36:31 +00:00
Meik Sievertsen
5284f32178 - extend config checking to include check for writeable path
- removed not utilized user_allow_email column from schema
- removed inactive groups (they had no use at all, since inactive users are not able to login)
	The only benefit those brought are distinguish users - but this is no longer needed too due to the inactive code present. This also allows us to retain group memberships as well as default settings for users being set inactive due to profile changes.
- rewrote user_active_flip to support multiple users and a mode, as well as coping with the aforementioned changes
- implemented updated jabber class to support SRV server records and for better jabberd2 support.
- jabber errors now logged to the error log with a full transaction
- fixed user_delete calls to include usernames where possible and also update last post information correctly
- implemented additioal checks to user management to cope with common mistakes
- On installation, guess the required mysql schema as best as possible. Users now only need to decide if they want to use the mysqli extension or not (mysqli selected by default) and no longer need to know their mysql version.
- founders do not need to re-activate their account on profile changes
- remove older session if re-authentication was successful (re-authentication always assigns a new session id)
- set the cookie directly instead of using php's function
- added inactive_remind to see which users got deactivated because of reminders (or re-activation) sent out

hopefully not introduced too many bugs - those testing with CVS releases, please concentrate on user registration, activation, profile changes (email/password)...


git-svn-id: file:///svn/phpbb/trunk@6436 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-03 18:35:59 +00:00
Meik Sievertsen
79137c312c - Fix some bugs
- fixed retrieving of permissions if the LIKE statement is used as well as proper supporting (needs testing on mssql)


git-svn-id: file:///svn/phpbb/trunk@6366 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-09-14 14:57:29 +00:00
Meik Sievertsen
8405f0d324 sql_in_set changes
git-svn-id: file:///svn/phpbb/trunk@6271 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-08-12 13:14:39 +00:00
Meik Sievertsen
b15a3111be - fixing some bugs
- removed file_exists calls for auth plugins since they need to be there once set up


git-svn-id: file:///svn/phpbb/trunk@6228 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-08-02 15:53:19 +00:00
Nils Adermann
a5c23243c7 - display age in user profile and make it available on viewtopic
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue


git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-07-07 12:36:44 +00:00
Meik Sievertsen
8b1555c15b change ACL_NO to ACL_NEVER and ACL_UNSET to ACL_NO to let our users get what is meant on the first look.
the downside is that the information is no more accurate (permissions are still unset, defaulting to no) - someone might to overlook all explanations. :)


git-svn-id: file:///svn/phpbb/trunk@6115 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-22 16:49:04 +00:00
Meik Sievertsen
10846d462a fix bugs #2271 and #2273
git-svn-id: file:///svn/phpbb/trunk@6081 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-17 11:28:21 +00:00
Meik Sievertsen
b0c3e39582 - removed db cache (might re-appear, but for now we do not see the need for it)
- all changes to styles/subsilver/template are purely cosmetic (no functional changes)
- cosmetics
- bugfixes
- add index to modules table
- use modules ordering code for forums too


git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-16 16:54:51 +00:00
Meik Sievertsen
1aac08acc0 make sure custom profile fields are created correctly on registration (#2225)
git-svn-id: file:///svn/phpbb/trunk@6058 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-13 21:06:29 +00:00
Meik Sievertsen
dd9ad539fd ok, this one is rather large... the most important change:
re-introduce append_sid: old style continues to work, not a performance hog as it was in 2.0.x -> structure is different

apart from this, code cleanage, bug fixing, etc.


git-svn-id: file:///svn/phpbb/trunk@6015 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-06 20:53:46 +00:00
Meik Sievertsen
eaeaf5bfb6 hopefully fixing bug #2022 with this
git-svn-id: file:///svn/phpbb/trunk@5987 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-30 16:40:16 +00:00
Meik Sievertsen
7ba89a0b2d fixing bug #1860
git-svn-id: file:///svn/phpbb/trunk@5920 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-17 16:26:54 +00:00
Meik Sievertsen
d1c418b9e2 - david: copy&paste error? ;)
git-svn-id: file:///svn/phpbb/trunk@5908 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-13 10:59:16 +00:00
David M
3d2a45ab04 I hope nothing broke!
- Added a query builder, it is currently only used for complex queries that involve a FROM clause with two tables and a left join
- Changed some function calls in the DBAL
- Made the viewtopic queries nicer


git-svn-id: file:///svn/phpbb/trunk@5885 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-05 22:06:17 +00:00
Meik Sievertsen
856650861f - removed group settings from roles
- added forum icon in front of forums in permissions acp
- added trace permissions in permission masks (thanks naderman for writing the first code and for the idea... :))
- some bugfixes
- PHP6 fix


git-svn-id: file:///svn/phpbb/trunk@5824 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-04-22 16:18:40 +00:00
Meik Sievertsen
a0f8e1323a - clean up marklist calls (global function)
- added new feature: test out others permissions (admin permissions will not be copied)
- changed attachment processing by directly using the template engine
- fixed some attachment related bugs
- additional tiny fixes


git-svn-id: file:///svn/phpbb/trunk@5790 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-04-17 13:09:50 +00:00