Changes:
- Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed.
- A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added.
git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0
- remove the lower case functions, they were stupid anyway
- added some indexes
- added a group_name_clean column
git-svn-id: file:///svn/phpbb/trunk@8315 89ea8834-ac86-4346-8a33-228a782c2dd0
- restricted access to "Recent searches" to admins who are allowed to configure search [Bug #14085]
git-svn-id: file:///svn/phpbb/trunk@8064 89ea8834-ac86-4346-8a33-228a782c2dd0
- added ldap_user_filter to add additional restrictions on the user objects used for authentication [Bug #12627]
- improved ldap explanations a bit
- display searchable subforums of invisible parents in advanced search forum selection [Bug #11395]
git-svn-id: file:///svn/phpbb/trunk@8047 89ea8834-ac86-4346-8a33-228a782c2dd0
- throw an error if an image that's edited into an imageset doesn't exist
- convert the password not its hash ;-)
- only update user_login_attempts if necessary
- make password requirements even clearer
git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by )
git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
- Better resync explanations in ACP
- relative link to board shouldn't result in an empty link [Bug #7762]
- allow spaces to define multiple classes [Bug #7700]
- forgot addslashes for password conversion [Bug #7530]
- adjusted get_post_data call in mcp_post to retrieve read tracking info [Bug #7538]
- fixed sorting in reports/queue by properly generating the pagination links [Bug #7666]
- send UTF-8 charset header in database_update.php [Bug #7564]
git-svn-id: file:///svn/phpbb/trunk@6974 89ea8834-ac86-4346-8a33-228a782c2dd0
- flash enabled on user side by default, so that admins can actually change anything by activating it (still disabled by default)
- properly implemented password complexity check [Bug #6584]
- do not ldap_escape paramaters for the bind function [Bug #6208]
- deleted words in edited post subjects weren't getting there search cache refreshed [Bug #6288]
- made common word threshold configurable [Bug #6168]
- recreated word match table entries after installation, side effect of bug #6060
- option to only allow ASCII usernames
- adjusted search page pagination [Bug #6424]
- correctly calculate unformatted search result extract length
git-svn-id: file:///svn/phpbb/trunk@6814 89ea8834-ac86-4346-8a33-228a782c2dd0
- allow searching forums with unsearchable subforums [Bug #6056]
- addition of an optional HTTP_X_FORWARDED_FOR check in sessions, including bans
- do not index forums which have indexing disabled on index recreation [Bug #6060]
- properly handle html entities in the theme editor [Bug #6048]
- anonymous access is no longer required for the LDAP auth plugin [Bug #6046]
- corrected mcp_front queue link to point to approve_details [Bug #6134]
- added direct (dis)approval to mcp_front queue items [Bug #6134]
- proper mysql version test for fulltext-compatibility [Bug #6054]
- added note to style/language "used by" column so it's clear that bots are included
- correctly update bot last visit time [Bug #6108]
git-svn-id: file:///svn/phpbb/trunk@6740 89ea8834-ac86-4346-8a33-228a782c2dd0
- fixed string length checking by also decoding entities for the sake of checking
- used the new html_entity_decode function
git-svn-id: file:///svn/phpbb/trunk@6545 89ea8834-ac86-4346-8a33-228a782c2dd0
- corrected paths for templates stored in the db and filenames displayed in the template editor [Bug #3662]
- removed some useless language strings [Bug #3648]
- corrected escaping of usernames and passwords in auth modules [Bug #3696], added ldap_escape
git-svn-id: file:///svn/phpbb/trunk@6266 89ea8834-ac86-4346-8a33-228a782c2dd0
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue
git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
- all changes to styles/subsilver/template are purely cosmetic (no functional changes)
- cosmetics
- bugfixes
- add index to modules table
- use modules ordering code for forums too
git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there
git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0
- fix serious bugs in permissions (always allowing if permissions explicitly set and getting wrong permission options from bitfield)
- added option for returning an array to make_forum_select
- again fixing bugs in module system (one for a very query consuming part and one for correctly filling the cache)
git-svn-id: file:///svn/phpbb/trunk@5517 89ea8834-ac86-4346-8a33-228a782c2dd0
- introduced is_registered and is_bot flags for correct determinition of guest/registered/bot users
- changed bot code to act on useragent || ip
git-svn-id: file:///svn/phpbb/trunk@5117 89ea8834-ac86-4346-8a33-228a782c2dd0
