The new logo is slightly wider than the old logo. If we changed the size in the
imageset.cfg we would cause a conflict for everyone who replaced the logo with
their own and modified the size. Instead we overwrite the width and height in
the img() function in session.php only if its contents are that of the stock
phpbb logo.
PHPBB3-10250
* naderman/ticket/9992:
[ticket/9992] Clarify explanations of ip and account limits on login
[ticket/9992] Add a comma to language for IP_LOGIN_LIMIT_MAX_EXPLAIN
[ticket/9992] Use sql_fetchfield for single row and single column result
[ticket/9992] Adding a limit on login attempts per IP.
[ticket/9992] Make sql_create_table and sql_table_exists available in updater
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
* ticket/bantu/9802:
[ticket/9802] Remove unnecessary htmlspecialchars() call on REMOTE_ADDR.
[ticket/9802] Only check for IPv4-mapped address when address is IPv6.
[ticket/9802] Fix tiny logic bug in loop determining REMOTE_ADDR.
[ticket/9802] Remove redundant character class definition from preg_replace.
[ticket/9802] Fix redundant str_replace call. No need to replace ' ' with ' '.
The value in $_SERVER['REMOTE_ADDR'] is either validated to be a valid IP
address or is replaced by our default value. Valid IP addresses do not contain
HTML special characters, thus the htmlspecialchars() call is unnecessary.
PHPBB3-9802
The comment in the code says: "We now get the first number passed and will
select the key based upon this number". But the loop over the arguments is not
left and therefore it uses the last int-value not the first one.
PHPBB3-9949
The check to avoid the double inclusion of the captcha factory class in the
garbage collection code was faulty, checking for "captcha_factory" instead of "phpbb_captcha_factory".
TerryE pointed the problem out, thanks!
Previously search robots could stumble upon a board link somewhere on the web
containing a SID they'd follow it and end up indexing that page with the SID
in the request URI, this fix prevents that by redirecting them to the same URI
just without the SID.
This issue affects any forum (i.e. https://myforum/phpBB3/) where:
- the forum is located in a directory underneath the web root (i.e., NOT https://myforum/)
- a user accesses the forum with a URI pointing to a directory rather than a script (i.e., NOT https://myforum/phpBB3/index.php)
- the URI used ends in a slash (i.e., NOT https://myforum/phpBB3)
If these conditions are met, after successful login the user is redirected to an invalid URI (i.e., https://myforum/phpBB3/phpBB3?sid=).
This change fixes extract_current_page() to handle the case correctly where the URI ends in a slash and is not the web root. So after successful login, the redirection back to the main page will work (i.e., https://myforum/phpBB3/?sid=)
This feature does not change anything for those not using the constant and this feature is also quite in-flux. We need to test this with some applications and bridges and there may be other locations able to benefit from it.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10008 89ea8834-ac86-4346-8a33-228a782c2dd0
- [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users.
As a coincidence also Bug #46535 got fixed.
Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0
- Correctly count topic views for guests visiting the website the first time by entering the topic directly (Bug #43445)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9411 89ea8834-ac86-4346-8a33-228a782c2dd0
