* develop-olympus:
[ticket/9892] Correct copyright year
[ticket/9892] Remove incorrect use of camel case
[ticket/9892] Removing closing php tag from create_schema_files
[ticket/9892] Transaction support for database update sql execution function
[ticket/9892] count is a keyword in firebird, so renaming this alias
[ticket/9892] Q&A CAPTCHA did not work on firebird, so no need to change config
[ticket/9892] Shorten login_attempt key names to avoid firebird length problems
[ticket/9892] Drop Q&A CAPTCHA tables if left in inconsistent state
[ticket/9892] Adding a number of tests for db_tools
[ticket/9892] Table prefix lengths influence index lengths in db_tools
[ticket/9892] Shorten the index names on the q&a captcha
[ticket/9892] column & index name limits, firebird auto increment in db_tools
Conflicts:
phpBB/develop/create_schema_files.php
* develop-olympus:
[ticket/9992] Clarify explanations of ip and account limits on login
[ticket/9992] Add a comma to language for IP_LOGIN_LIMIT_MAX_EXPLAIN
[ticket/9992] Use sql_fetchfield for single row and single column result
[ticket/9992] Adding a limit on login attempts per IP.
[ticket/9992] Make sql_create_table and sql_table_exists available in updater
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
* develop-olympus:
[ticket/8138] Add autocomplete="off" to acp_board and ldap settings
[ticket/8138] Add autocomplete="off" to a user and forum ACP.
Conflicts:
phpBB/adm/index.php
No longer use LDAP_NO_SERVER_CONNECTION in case ldap_search() fails.
Add and use LDAP_SEARCH_FAILED instead, so users can tell the difference
between ldap_connect() failing and ldap_search() failing.
PHPBB3-8792
- [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users.
As a coincidence also Bug #46535 got fixed.
Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0
- restricted access to "Recent searches" to admins who are allowed to configure search [Bug #14085]
git-svn-id: file:///svn/phpbb/trunk@8064 89ea8834-ac86-4346-8a33-228a782c2dd0
- added ldap_user_filter to add additional restrictions on the user objects used for authentication [Bug #12627]
- improved ldap explanations a bit
- display searchable subforums of invisible parents in advanced search forum selection [Bug #11395]
git-svn-id: file:///svn/phpbb/trunk@8047 89ea8834-ac86-4346-8a33-228a782c2dd0
- throw an error if an image that's edited into an imageset doesn't exist
- convert the password not its hash ;-)
- only update user_login_attempts if necessary
- make password requirements even clearer
git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by )
git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
- Better resync explanations in ACP
- relative link to board shouldn't result in an empty link [Bug #7762]
- allow spaces to define multiple classes [Bug #7700]
- forgot addslashes for password conversion [Bug #7530]
- adjusted get_post_data call in mcp_post to retrieve read tracking info [Bug #7538]
- fixed sorting in reports/queue by properly generating the pagination links [Bug #7666]
- send UTF-8 charset header in database_update.php [Bug #7564]
git-svn-id: file:///svn/phpbb/trunk@6974 89ea8834-ac86-4346-8a33-228a782c2dd0
* feature/igorw/request-class:
[feature/request-class] Convert some remaining cookies
[feature/request-class] Adjust misleading comment
[feature/request-class] Remove direct access to _REQUEST in acp_search
[feature/request-class] Special case of direct access to _REQUEST
Closing tags converted using Oleg's script.
remove-php-end-tags.py -a .
Trailing newlines added using the following where $ext is file extension.
find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s;
Extensions: php, css, html, js, xml.
PHPBB3-9556
* develop-olympus:
[ticket/7332] Fix post details expand link rendering on Webkit.
[ticket/9162] Prevent notice on unset poll title
[ticket/7417] Also focus search keywords and username in subsilver2.
[ticket/7417] Focus username field when prosilver login page is loaded.
[ticket/7417] Focus search keywords field when prosilver search page is loaded.
[ticket/9841] Change "Save" to "Save draft", "Load" to "Load draft".
[ticket/9664] Resolve conflict with accesskey="t", change addlitsitem to "y".
[ticket/7538] Limit user_login_attempts to prevent SQL errors.
[ticket/9848] Add avatars, attachments and store files to .gitignore.
[ticket/9822] Correct some style related ACP explain statements.
[ticket/9698] Add .htaccess to the includes subdirectory.
[ticket/9830] Redirect to install directly when config.php does not exist.
[ticket/9816] Remove config.php from repository
[ticket/9810] Hide "Select All" of code bbcode on print page
The autoloader is registered in install without caching, since caching is set
up during installation. This provides the same functionality, performance is
not a concern during installation anyway.
In common.php the autoloader is instantiated after the cache is initialised and
is started with the standard cache backend used for other cached values.
A few places in the code using class_exists had to be updated to explicitly
avoid autoloading, since they are used to check whether a file needs to be
included which does not (yet) follow the naming scheme the autoloader follows.
PHPBB3-9682
- flash enabled on user side by default, so that admins can actually change anything by activating it (still disabled by default)
- properly implemented password complexity check [Bug #6584]
- do not ldap_escape paramaters for the bind function [Bug #6208]
- deleted words in edited post subjects weren't getting there search cache refreshed [Bug #6288]
- made common word threshold configurable [Bug #6168]
- recreated word match table entries after installation, side effect of bug #6060
- option to only allow ASCII usernames
- adjusted search page pagination [Bug #6424]
- correctly calculate unformatted search result extract length
git-svn-id: file:///svn/phpbb/trunk@6814 89ea8834-ac86-4346-8a33-228a782c2dd0
- allow searching forums with unsearchable subforums [Bug #6056]
- addition of an optional HTTP_X_FORWARDED_FOR check in sessions, including bans
- do not index forums which have indexing disabled on index recreation [Bug #6060]
- properly handle html entities in the theme editor [Bug #6048]
- anonymous access is no longer required for the LDAP auth plugin [Bug #6046]
- corrected mcp_front queue link to point to approve_details [Bug #6134]
- added direct (dis)approval to mcp_front queue items [Bug #6134]
- proper mysql version test for fulltext-compatibility [Bug #6054]
- added note to style/language "used by" column so it's clear that bots are included
- correctly update bot last visit time [Bug #6108]
git-svn-id: file:///svn/phpbb/trunk@6740 89ea8834-ac86-4346-8a33-228a782c2dd0
- fixed string length checking by also decoding entities for the sake of checking
- used the new html_entity_decode function
git-svn-id: file:///svn/phpbb/trunk@6545 89ea8834-ac86-4346-8a33-228a782c2dd0
- corrected paths for templates stored in the db and filenames displayed in the template editor [Bug #3662]
- removed some useless language strings [Bug #3648]
- corrected escaping of usernames and passwords in auth modules [Bug #3696], added ldap_escape
git-svn-id: file:///svn/phpbb/trunk@6266 89ea8834-ac86-4346-8a33-228a782c2dd0
