1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-24 21:26:24 +02:00
Commit Graph

77 Commits

Author SHA1 Message Date
Chris Smith
76348ce43f [ticket/9760] Remove unrestricted wildcards from search terms.
Wildcards without any further result restrictions will cause phpBB to search
for everything, potentially allowing a DoS attack against the DB server by any
user who can use the search system.

PHPBB3-9760
2010-08-08 14:02:34 +01:00
Andreas Fischer
f4aa5b7ac7 Safe us some more calls to $db->sql_escape().
Authorised by: naderman :-P


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10399 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-11 23:26:56 +00:00
Nils Adermann
dd02aed6e1 Improved search query performance through sorting words by their occurance. [Bug #21555]
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10377 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-12-23 19:38:09 +00:00
Joas Schilling
ee65d2147b fix r9713 for #36565
Authorised by: AcydBurn

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9931 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-08-05 15:28:46 +00:00
Joas Schilling
2854705096 Fix bug #36565 - Search by authorname does not display posts of guests and deleted users
Authorised by: naderman


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9713 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-07-02 10:28:32 +00:00
Meik Sievertsen
59763841b3 Search for 'topic title only' and 'first post' should work again for non-mysql dbms. (Bug #40605)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9473 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-18 17:46:34 +00:00
Meik Sievertsen
eb49218428 Fix topic title only and first post search option with the SQL_CALC_FOUND_ROWS fix
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9472 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-18 17:42:31 +00:00
Meik Sievertsen
7b07476207 erm, forgot to globalize $config. :/
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9471 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-18 17:30:58 +00:00
Meik Sievertsen
0319733ea8 [Change] Performance improvements for native fulltext search (patch by Paul)
(This has been tested for 2 weeks in a live environment)

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9440 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-11 13:49:32 +00:00
Meik Sievertsen
4d9b106db2 New search option: Maximum number of words allowed to search for.
(the more words the more database load)

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9438 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-11 11:09:45 +00:00
Nils Adermann
c931ce3a54 not quite
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9173 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-12-04 17:01:39 +00:00
Nils Adermann
945e6e1e78 Use a left join for the topics table on search to avoid trouble with FROM syntax on some databases (Bug #37005)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9172 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-12-04 16:56:56 +00:00
Nils Adermann
63b089f653 Tell users to recreate the search index after changing the common word threshold for fulltext_native (Bug #36345)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9126 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-11-26 19:17:52 +00:00
Meik Sievertsen
69a8e33d48 cleanup, related to bug #19195
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8879 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-09-18 14:32:15 +00:00
Meik Sievertsen
8b63049936 Fix native full text search on postgresql while using excluding keyword matches. (Bug #19195)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8878 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-09-18 14:31:03 +00:00
Nils Adermann
fb1d71bd05 Topic searches by author no longer return invalid results [Bug #11777]
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8604 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-06-04 17:25:50 +00:00
Nils Adermann
fd57f020f7 removed executable props [Bug #6464]
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8598 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-06-04 15:37:06 +00:00
Meik Sievertsen
7de5bb3498 dumdidum... sorry. ;)
git-svn-id: file:///svn/phpbb/trunk@8147 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-05 14:36:34 +00:00
Meik Sievertsen
acf0c0ddeb err, forgot to commit
git-svn-id: file:///svn/phpbb/trunk@7961 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-27 17:33:27 +00:00
Henry Sudhof
dbb226f244 a little comment
git-svn-id: file:///svn/phpbb/trunk@7931 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-23 17:13:44 +00:00
Henry Sudhof
e8ae63daf6 #13579
This changes the signature of author_search. Search backends will need adjustment.


git-svn-id: file:///svn/phpbb/trunk@7930 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-07-23 17:03:37 +00:00
Meik Sievertsen
38e08367d2 label changes, language fixes...
git-svn-id: file:///svn/phpbb/trunk@7608 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-16 14:45:13 +00:00
Nils Adermann
4b876ffee5 - correctly transfer the search query across search result pages
- changed highlighting so foo* will match foo again [Bug #10031]
- restructured magic urls (functionality still mostly the same), added a check for entities in urls and punctuation at the end of magic urls [Bugs #10639, #10293]
- undid the workaround for urls in quotes, as it's fixed by the new magic url handling
- allow magic urls enclosed in BBCode [Bug #10319]
- added handling for IPv6 addresses to the IP checking without adding extra options [Bug #9538]
- correctly handle search in search results of search queries with brackets [Bug #10581]
- added information about requirements for auth_apache [Bug #10107]


git-svn-id: file:///svn/phpbb/trunk@7559 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-13 16:15:20 +00:00
Meik Sievertsen
a5704a0b01 Better support for nested transactions...
git-svn-id: file:///svn/phpbb/trunk@7469 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-05 10:22:24 +00:00
David M
1cffdb2d33 can't be negative
git-svn-id: file:///svn/phpbb/trunk@7378 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-21 03:19:23 +00:00
Nils Adermann
405b22f64e - correctly initialise $words in fulltext_native [Bug #347]
- display ignored words from sub-search-queries
- "Return to search page" [Bug #9591]
- spelling in coding guidelines
- htmlspecialchars forwarded_for before logging


git-svn-id: file:///svn/phpbb/trunk@7310 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-09 16:04:30 +00:00
Nils Adermann
59231a0024 quick fix
git-svn-id: file:///svn/phpbb/trunk@7190 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-14 20:54:41 +00:00
David M
07d1ebb264 *** empty log message ***
git-svn-id: file:///svn/phpbb/trunk@7186 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-14 03:19:58 +00:00
Nils Adermann
ce8b00801e - improvements to search indexing performance, espacially tidy() by adding a word_count column, the database update from b5 to next version will take quite a while on bigger databases, I also lowered the default common word threshold from 20 to 5 percent, big boards might want to use 3 or 2 percent, 20 was way too high
- added some keys to ACL tables, great improvement of auth query performance
- we will only add new language strings to install.php language file and won't modify any, if a language file is updated before phpBB is updated, the updater will not overwrite the user's language with english if install.php was modified


git-svn-id: file:///svn/phpbb/trunk@7182 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-13 22:00:55 +00:00
Nils Adermann
ac21b7d47b - added a UNIQUE index on the wordmatch table
- some modifications of search indexing which might improve the speed and hopefully fixes [Bug #8352]
- added logging to search indexing [Bug #8384]


git-svn-id: file:///svn/phpbb/trunk@7119 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-04 16:05:17 +00:00
David M
932e16dfd3 #8074
git-svn-id: file:///svn/phpbb/trunk@7041 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-23 14:52:16 +00:00
David M
42f3115763 #8244
- cleaned up the TRUNCATE/DELETE FROM in the native search backend
- fixed an imporoper default value on some upgrades


git-svn-id: file:///svn/phpbb/trunk@7036 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-22 19:58:05 +00:00
David M
9a685e7a48 - should fix some Firebird issues ( can't believe that nobody found this until now )
git-svn-id: file:///svn/phpbb/trunk@6954 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-01 03:13:08 +00:00
Nils Adermann
eaef76a100 - ignore too short/too long search words [Bug #7438]
git-svn-id: file:///svn/phpbb/trunk@6944 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-28 13:43:46 +00:00
Meik Sievertsen
576bb754e9 fixing some bugs, most being submitted grammatical/spelling errors.
git-svn-id: file:///svn/phpbb/trunk@6915 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-21 18:33:45 +00:00
Nils Adermann
e6421f9274 - solved a problem with magic urls inside brackets, and with bbcodes being treated as IPv6 addresses
- turn NOT IN () and IN () into 1=1 and 1=0 so the database will understand it, instead of throwing an error in sql_in_set [Bug #7118]
- some tiny fixes to fulltext_native


git-svn-id: file:///svn/phpbb/trunk@6886 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-13 22:32:03 +00:00
Nils Adermann
b41365fcd4 - display search type as page title for premade searches [Bug #6508]
- flash enabled on user side by default, so that admins can actually change anything by activating it (still disabled by default)
- properly implemented password complexity check [Bug #6584]
- do not ldap_escape paramaters for the bind function [Bug #6208]
- deleted words in edited post subjects weren't getting there search cache refreshed [Bug #6288]
- made common word threshold configurable [Bug #6168]
- recreated word match table entries after installation, side effect of bug #6060
- option to only allow ASCII usernames
- adjusted search page pagination [Bug #6424]
- correctly calculate unformatted search result extract length


git-svn-id: file:///svn/phpbb/trunk@6814 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-27 00:06:39 +00:00
David M
8e72037e67 #6414
git-svn-id: file:///svn/phpbb/trunk@6800 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-23 19:06:53 +00:00
Nils Adermann
9d9624a886 - author search should use clean names for searching [Bug #5752]
- local moderators are moderators too!
- don't show a "word is not contained in any post" message for ignored common words
- bold search words in search error messages [Bug #5762]


git-svn-id: file:///svn/phpbb/trunk@6708 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-03 18:03:33 +00:00
Meik Sievertsen
1f118ba2ae #5610
git-svn-id: file:///svn/phpbb/trunk@6674 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-27 19:32:18 +00:00
Meik Sievertsen
d9387842ac adjust some comments to work with phpdocumentor. :)
git-svn-id: file:///svn/phpbb/trunk@6595 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-17 19:37:57 +00:00
Meik Sievertsen
548cc2c10b - fixes for the following bugs:
#5326
#5318
#5304
#5290
#5288
#5278
#5276
#5272
#5266
- also fixed the "Call-time pass-by-reference" bug #5252
- within this step changed the normalize calls to require references.
- added captcha size variables to the class scope (suggestion was posted at area51)


git-svn-id: file:///svn/phpbb/trunk@6584 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-15 15:35:50 +00:00
Meik Sievertsen
a5e32e5a94 keywords is a string...
git-svn-id: file:///svn/phpbb/trunk@6562 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-10 14:55:49 +00:00
Nils Adermann
11d2a37032 - Bug #5090
git-svn-id: file:///svn/phpbb/trunk@6559 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-05 20:52:52 +00:00
Meik Sievertsen
7ab232a455 ok, i am an idiot...
git-svn-id: file:///svn/phpbb/trunk@6548 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-03 21:05:25 +00:00
Meik Sievertsen
fcd9b898f1 Revised attachment categories a bit
Fixes for the following bugs:
#4830
#4818
#4816
#4810
#4808
#4798
#4796
#4772
#4662
#4646
#4546
#4524
#4270

I hope not having introduced additional severe errors :)


git-svn-id: file:///svn/phpbb/trunk@6511 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-19 13:55:48 +00:00
Meik Sievertsen
4afaca12dc - store sql_layer directly within the layer itself
- new method sql_multi_insert to circumvent db-specific hacks
(hopefully not introduced any parsing errors)


git-svn-id: file:///svn/phpbb/trunk@6497 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-14 14:56:46 +00:00
Nils Adermann
c65048bd91 - introducing clean usernames, needs to be tested more, I'm not sure I didn't miss anything
- homograph list should probably be extended


git-svn-id: file:///svn/phpbb/trunk@6494 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-13 22:10:18 +00:00
Meik Sievertsen
f8528a659c tried to begin adjusting all string functions where applicable - still a *lot* to do.
i hope i catched all relevant sections and did not mess something up.


git-svn-id: file:///svn/phpbb/trunk@6452 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-07 12:36:31 +00:00
David M
bc15445b58 - forgot to make the same change to the ODBC driver
- MySQL 3.x works now
- FirebirdSQL is now on the same level as MySQL and PostgreSQL, zero hacks exist inside the core code now


git-svn-id: file:///svn/phpbb/trunk@6422 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-01 08:48:32 +00:00