Wildcards without any further result restrictions will cause phpBB to search
for everything, potentially allowing a DoS attack against the DB server by any
user who can use the search system.
PHPBB3-9760
The native SQL Server plugin used to return an error string when calling
sql_error. However, some error condition checks are done using is_array.
This patch wraps the error into an array to follow the error logic used
elsewhere.
PHPBB3-9521
The template variable {HISTORY_TITLE} was always being set to the empty string.
It is now filled with the title of the currently displayed message. It is not
showed in prosilver or subsilver2 for aesthetic reasons (title is already
prominent)
PHPBB3-9757
The Fulltext_mysql class had different behavior when a dash was entered in the
search query than the fulltext_native class. Specifically, a dash was
automatically turned into boolean NOT even when the user wanted to search for
legitimate hyphenated words like farty-pants
PHPBB3-9749
The "notify user" check box would not do anything if checked in this case, but
it was still presented. The checkbox is now only shown if there are
notification options enabled.
PHPBB3-9679
This reverts r8025 to includes/functions_messenger.php. That code caused
problems on hosters with email limits less than package_size*2.5. And it isn't
desirable in general to over-ride the admin's configuration options.
PHPBB3-9559
Split topics takes too long in some cases because of wrong variables or arrays
values types adjustment. Cast values representing topic and forum ids as int.
PHPBB3-9658
Gallery avatars are discovered on the server filesystem; to allow linking to
the images, the filenames are urlencoded before being written to the database.
However, getimagesize needs the decoded filename as input.
PHPBB3-9504
Changed the wrong word "new" to "unread" as that is, what we show with the
red-icons, not whether the post is new or not. Language variables were
kept for backwards compatibility.
PHPBB3-7720
Because the existing cache is global, there is no way to differentiate between
each of two databases which may be two different DBAL objects pointing to
servers with wildly different versions of an RDBMS. phpBB only has this
situation in the UCF, thus only one file changed outside the DBAL. I have
added a second optional parameter, $use_cache to each of the implementations
of dbal::sql_server_info()
PHPBB3-9637
style.php takes a session ID to ensure it gets the right language for a user,
but that session ID is always passed in GET. This allows change allows the SID
to be read from the cookie, and theoretically makes it friendlier for caching
engines like Varnish.
PHPBB3-9629
This reverts Oracle support to the state it was in prior to phpBB 3.0.6. That is, storage of long strings works again (e.g. posts > 4 KB), but the database backup/restore functionality is broken. We feel that the ability to store long strings is more important than the DB restore, since Oracle 10g itself provides tools for backing up databases.
PHPBB3-9132
