[prep-release-3.3.6] Update changelog for 3.3.6

[ticket/security-273] Reset reset token info when re-activating account

.github/PULL_REQUEST_TEMPLATE.md

@@ -2,7 +2,7 @@ Checklist:
 
 - [ ] Correct branch: master for new features; 3.3.x for fixes
 - [ ] Tests pass
-- [ ] Code follows coding guidelines: [master](https://area51.phpbb.com/docs/dev/master/development/coding_guidelines.html) and [3.3.x](https://area51.phpbb.com/docs/dev/3.3.x/development/coding_guidelines.html)
+- [ ] Code follows coding guidelines: [master](https://area51.phpbb.com/docs/master/coding-guidelines.html) and [3.3.x](https://area51.phpbb.com/docs/dev/3.3.x/development/coding_guidelines.html)
 - [ ] Commit follows commit message [format](https://area51.phpbb.com/docs/dev/3.3.x/development/git.html)
 
 Tracker ticket (set the ticket ID to **your ticket ID**):

.github/workflows/tests.yml

@@ -126,6 +126,8 @@ jobs:
                       db: "mysql:5.7"
                     - php: '8.1'
                       db: "mysql:5.7"
+                    - php: '8.2'
+                      db: "mysql:5.7"
 
         name: PHP ${{ matrix.php }} - ${{ matrix.db_alias != '' && matrix.db_alias || matrix.db }}
 
@@ -253,6 +255,10 @@ jobs:
                       db: "postgres:12"
                     - php: '8.0'
                       db: "postgres:13"
+                    - php: '8.1'
+                      db: "postgres:14"
+                    - php: '8.2'
+                      db: "postgres:14"
 
         name: PHP ${{ matrix.php }} - ${{ matrix.db }}
 
@@ -442,18 +448,36 @@ jobs:
 
     # Test with IIS & PostgreSQL on Windows
     windows-tests:
-        runs-on: windows-2016
+        runs-on: windows-latest
         strategy:
             matrix:
                 include:
                     - php: '7.4'
                       db: "postgres"
+                      type: 'unit'
                     - php: '8.0'
                       db: "postgres"
+                      type: 'unit'
                     - php: '8.1'
                       db: "postgres"
+                      type: 'unit'
+                    - php: '8.2'
+                      db: "postgres"
+                      type: 'unit'
+                    - php: '7.4'
+                      db: "postgres"
+                      type: 'functional'
+                    - php: '8.0'
+                      db: "postgres"
+                      type: 'functional'
+                    - php: '8.1'
+                      db: "postgres"
+                      type: 'functional'
+                    - php: '8.2'
+                      db: "postgres"
+                      type: 'functional'
 
-        name: Windows - PHP ${{ matrix.php }} - ${{ matrix.db }}
+        name: Windows - PHP ${{ matrix.php }} - ${{ matrix.db }} - ${{ matrix.type }}
 
         steps:
             - name: Prepare git for Windows
@@ -530,17 +554,27 @@ jobs:
               run: |
                   $postgreSqlSvc = Get-Service "postgresql*"
                   Set-Service $postgreSqlSvc.Name -StartupType manual
-                  $postgreSqlSvc.Start()
+                  $runningStatus = [System.ServiceProcess.ServiceControllerStatus]::Running
+                  $maxStartTimeout = New-TimeSpan -Seconds 30
                   try {
-                    (Get-Service "postgresql*").Start()
+                    $postgreSqlSvc.Start()
+                    $postgreSqlSvc.WaitForStatus($runningStatus, $maxStartTimeout)
                   } catch  {
                     $_ | select *
                   }
                   [System.Environment]::SetEnvironmentVariable('PATH',$Env:PATH+";${env:PGBIN}")
                   $env:PGPASSWORD = 'root'
+                  psql -c 'ALTER SYSTEM SET hot_standby = on;' -U postgres
+                  psql -c 'ALTER SYSTEM SET wal_level = minimal;' -U postgres
                   psql -c 'DROP DATABASE IF EXISTS phpbb_tests;' -U postgres
                   psql -c 'create database phpbb_tests;' -U postgres
-                  Add-MpPreference -ExclusionPath "${env:PGDATA}" # Exclude PGDATA directory from Windows Defender
+                  Set-MpPreference -ExclusionPath "${env:PGDATA}" # Exclude PGDATA directory from Windows Defender
+                  Set-MpPreference -DisableRealtimeMonitoring $true
             - name: Run unit tests
+              if: ${{ matrix.type == 'unit' }}
               run: |
-                  phpBB/vendor/bin/phpunit --configuration .github/phpunit-psql-windows-github.xml --verbose --stop-on-error
+                  phpBB/vendor/bin/phpunit --configuration .github/phpunit-psql-windows-github.xml --verbose --stop-on-error --exclude-group functional
+            - name: Run unit tests
+              if: ${{ matrix.type == 'functional' }}
+              run: |
+                  phpBB/vendor/bin/phpunit --configuration .github/phpunit-psql-windows-github.xml --verbose --stop-on-error --group functional

.gitignore

@@ -1,33 +1,54 @@
-*~
-/phpunit.xml
+# Excludes cache
 /phpBB/cache/*
 !/phpBB/cache/.htaccess
 !/phpBB/cache/index.html
-/phpBB/composer.phar
+
+# Excludes user data
 /phpBB/config*.php*
 /phpBB/ext/*
 /phpBB/files/*
 /phpBB/images/avatars/gallery/*
 /phpBB/images/avatars/upload/*
 /phpBB/images/ranks/*
-/phpBB/install/schemas/schema.json
+/phpBB/store/*
+
+# Excludes all custom langages
 /phpBB/language/*
 !/phpBB/language/en
-/phpBB/store/*
+
+# Excludes all custom styles
 /phpBB/styles/*
 !/phpBB/styles/prosilver
 /phpBB/styles/prosilver/theme/*/
 !/phpBB/styles/prosilver/theme/en
 !/phpBB/styles/prosilver/theme/images
 !/phpBB/styles/all
-node_modules
+
+# Excludes all custom env
+/phpBB/config/*
+!/phpBB/config/default
+!/phpBB/config/development
+!/phpBB/config/installer
+!/phpBB/config/production
+!/phpBB/config/test
+!/phpBB/config/.htaccess
+
+# Excludes vendors
 /phpBB/vendor
+
+# Excludes test / dev files
+/phpunit.xml
+/phpBB/composer.phar
 /tests/phpbb_unit_tests.sqlite*
 /tests/test_config*.php
 /tests/tmp/*
 /tests/vendor
 /vagrant/phpbb-install-config.yml
 .vagrant
+node_modules
+
+# Excludes IDE / editors files
+*~
 .idea
 *.DS_Store*
 /.vscode

build/build.xml

@@ -2,9 +2,9 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.3.5" />
-	<property name="prevversion" value="3.3.4" />
-	<property name="olderversions" value="3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.10, 3.2.11, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.5-RC1" />
+	<property name="newversion" value="3.3.6" />
+	<property name="prevversion" value="3.3.5" />
+	<property name="olderversions" value="3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.10, 3.2.11, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.6-RC1" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />

phpBB/adm/style/acp_attachments.html

@@ -29,7 +29,7 @@
 
 	<!-- BEGIN upload -->
 		:: {upload.FILE_INFO}<br />
-		<!-- IF upload.S_DENIED --><span class="error">{upload.DENIED}</span><!-- ELSEIF upload.ERROR_MSG --><span class="error">{upload.ERROR_MSG}</span><!-- ELSE --><span class="success">{L_SUCCESSFULLY_UPLOADED}</span><!-- ENDIF -->
+		<!-- IF upload.S_DENIED --><span class="error">{upload.L_DENIED}</span><!-- ELSEIF upload.ERROR_MSG --><span class="error">{upload.ERROR_MSG}</span><!-- ELSE --><span class="success">{L_SUCCESSFULLY_UPLOADED}</span><!-- ENDIF -->
 		<br /><br />
 	<!-- END upload -->
 

phpBB/adm/style/acp_icons.html

@@ -105,7 +105,7 @@
 	<!-- BEGIN items -->
 		<tr>
 
-		<td style="text-align: center;"><img src="{items.IMG_SRC}" alt="{items.TEXT_ALT}" title="{items.TEXT_ALT}" /><input type="hidden" name="image[{items.IMG}]" value="1" /></td>
+		<td style="text-align: center;"><img src="{items.IMG_SRC}" alt="{items.TEXT_ALT}" title="{items.TEXT_ALT}" style="max-width: 160px;"><input type="hidden" name="image[{items.IMG}]" value="1" /></td>
 		<td style="vertical-align: top;">[{items.IMG}]</td>
 		<!-- IF S_SMILIES -->
 			<td><input class="text post" type="text" name="code[{items.IMG}]" value="{items.CODE}" size="10" maxlength="50" /></td>

phpBB/adm/style/acp_main.html

@@ -140,7 +140,6 @@
 						<td class="tabled"><strong>{{ PHP_VERSION_INFO }}</strong></td>
 					</tr>
 					<tr>
-					{% if S_TOTAL_ORPHAN %}
 						<td class="tabled">{{ lang('NUMBER_ORPHAN') ~ lang('COLON') }}</td>
 						<td class="tabled">
 						{% if TOTAL_ORPHAN > 0 %}
@@ -149,8 +148,6 @@
 							<strong>{{ TOTAL_ORPHAN }}</strong>
 						{% endif %}
 						</td>
-						{% else %}
-					{% endif %}
 					</tr>
 					{% if S_VERSIONCHECK %}
 					<tr>
@@ -204,10 +201,12 @@
 						<td class="tabled">{{ lang('FILES_PER_DAY') ~ lang('COLON') }}</td>
 						<td class="tabled"><strong>{{ FILES_PER_DAY }}</strong></td>
 					</tr>
+					{% if S_VERSIONCHECK %}
 					<tr>
 						<td class="tabled">&nbsp;</td>
 						<td class="tabled">&nbsp;</td>
 					</tr>
+					{% endif %}
 				</tbody>
 			</table>
 		</div>

phpBB/adm/style/acp_ranks.html

@@ -85,7 +85,7 @@
 	<!-- BEGIN ranks -->
 	<tr>
 		<!-- EVENT acp_ranks_list_column_before -->
-		<td style="text-align: center;"><!-- IF ranks.S_RANK_IMAGE --><img src="{ranks.RANK_IMAGE}" alt="{ranks.RANK_TITLE}" title="{ranks.RANK_TITLE}" /><!-- ELSE -->&nbsp; - &nbsp;<!-- ENDIF --></td>
+		<td style="text-align: center;"><!-- IF ranks.S_RANK_IMAGE --><img src="{ranks.RANK_IMAGE}" alt="{ranks.RANK_TITLE}" title="{ranks.RANK_TITLE}" style="max-width: 160px;"><!-- ELSE -->&nbsp; - &nbsp;<!-- ENDIF --></td>
 		<td style="text-align: center;">{ranks.RANK_TITLE}</td>
 		<td style="text-align: center;"><!-- IF ranks.S_SPECIAL_RANK -->&nbsp; - &nbsp;<!-- ELSE -->{ranks.MIN_POSTS}<!-- ENDIF --></td>
 		<!-- EVENT acp_ranks_list_column_after -->

phpBB/common.php

@@ -96,6 +96,8 @@ include($phpbb_root_path . 'includes/functions_compatibility.' . $phpEx);
 require($phpbb_root_path . 'includes/constants.' . $phpEx);
 require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 
+// Registered before building the container so the development environment stay capable of intercepting
+// the container builder exceptions.
 if (PHPBB_ENVIRONMENT === 'development')
 {
 	\phpbb\debug\debug::enable();
@@ -129,6 +131,11 @@ catch (InvalidArgumentException $e)
 	}
 }
 
+if ($phpbb_container->getParameter('debug.error_handler'))
+{
+	\phpbb\debug\debug::enable();
+}
+
 $phpbb_class_loader->set_cache($phpbb_container->get('cache.driver'));
 $phpbb_class_loader_ext->set_cache($phpbb_container->get('cache.driver'));
 

phpBB/composer.lock

@@ -42,16 +42,16 @@
         },
         {
             "name": "composer/package-versions-deprecated",
-            "version": "1.11.99.3",
+            "version": "1.11.99.5",
             "source": {
                 "type": "git",
                 "url": "https://github.com/composer/package-versions-deprecated.git",
-                "reference": "fff576ac850c045158a250e7e27666e146e78d18"
+                "reference": "b4f54f74ef3453349c24a845d22392cd31e65f1d"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/composer/package-versions-deprecated/zipball/fff576ac850c045158a250e7e27666e146e78d18",
-                "reference": "fff576ac850c045158a250e7e27666e146e78d18",
+                "url": "https://api.github.com/repos/composer/package-versions-deprecated/zipball/b4f54f74ef3453349c24a845d22392cd31e65f1d",
+                "reference": "b4f54f74ef3453349c24a845d22392cd31e65f1d",
                 "shasum": ""
             },
             "require": {
@@ -95,7 +95,7 @@
             "description": "Composer plugin that provides efficient querying for installed package versions (no runtime IO)",
             "support": {
                 "issues": "https://github.com/composer/package-versions-deprecated/issues",
-                "source": "https://github.com/composer/package-versions-deprecated/tree/1.11.99.3"
+                "source": "https://github.com/composer/package-versions-deprecated/tree/1.11.99.5"
             },
             "funding": [
                 {
@@ -111,7 +111,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-08-17T13:49:14+00:00"
+            "time": "2022-01-17T14:14:24+00:00"
         },
         {
             "name": "google/recaptcha",
@@ -238,16 +238,16 @@
         },
         {
             "name": "guzzlehttp/promises",
-            "version": "1.4.1",
+            "version": "1.5.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/promises.git",
-                "reference": "8e7d04f1f6450fef59366c399cfad4b9383aa30d"
+                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/8e7d04f1f6450fef59366c399cfad4b9383aa30d",
-                "reference": "8e7d04f1f6450fef59366c399cfad4b9383aa30d",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
+                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
                 "shasum": ""
             },
             "require": {
@@ -259,7 +259,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "1.4-dev"
+                    "dev-master": "1.5-dev"
                 }
             },
             "autoload": {
@@ -275,10 +275,25 @@
                 "MIT"
             ],
             "authors": [
+                {
+                    "name": "Graham Campbell",
+                    "email": "hello@gjcampbell.co.uk",
+                    "homepage": "https://github.com/GrahamCampbell"
+                },
                 {
                     "name": "Michael Dowling",
                     "email": "mtdowling@gmail.com",
                     "homepage": "https://github.com/mtdowling"
+                },
+                {
+                    "name": "Tobias Nyholm",
+                    "email": "tobias.nyholm@gmail.com",
+                    "homepage": "https://github.com/Nyholm"
+                },
+                {
+                    "name": "Tobias Schultze",
+                    "email": "webmaster@tubo-world.de",
+                    "homepage": "https://github.com/Tobion"
                 }
             ],
             "description": "Guzzle promises library",
@@ -287,22 +302,36 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/1.4.1"
+                "source": "https://github.com/guzzle/promises/tree/1.5.1"
             },
-            "time": "2021-03-07T09:25:29+00:00"
+            "funding": [
+                {
+                    "url": "https://github.com/GrahamCampbell",
+                    "type": "github"
+                },
+                {
+                    "url": "https://github.com/Nyholm",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2021-10-22T20:56:57+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
-            "version": "1.8.2",
+            "version": "1.8.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/psr7.git",
-                "reference": "dc960a912984efb74d0a90222870c72c87f10c91"
+                "reference": "1afdd860a2566ed3c2b0b4a3de6e23434a79ec85"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/psr7/zipball/dc960a912984efb74d0a90222870c72c87f10c91",
-                "reference": "dc960a912984efb74d0a90222870c72c87f10c91",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/1afdd860a2566ed3c2b0b4a3de6e23434a79ec85",
+                "reference": "1afdd860a2566ed3c2b0b4a3de6e23434a79ec85",
                 "shasum": ""
             },
             "require": {
@@ -327,25 +356,46 @@
                 }
             },
             "autoload": {
-                "psr-4": {
-                    "GuzzleHttp\\Psr7\\": "src/"
-                },
                 "files": [
                     "src/functions_include.php"
-                ]
+                ],
+                "psr-4": {
+                    "GuzzleHttp\\Psr7\\": "src/"
+                }
             },
             "notification-url": "https://packagist.org/downloads/",
             "license": [
                 "MIT"
             ],
             "authors": [
+                {
+                    "name": "Graham Campbell",
+                    "email": "hello@gjcampbell.co.uk",
+                    "homepage": "https://github.com/GrahamCampbell"
+                },
                 {
                     "name": "Michael Dowling",
                     "email": "mtdowling@gmail.com",
                     "homepage": "https://github.com/mtdowling"
                 },
+                {
+                    "name": "George Mponos",
+                    "email": "gmponos@gmail.com",
+                    "homepage": "https://github.com/gmponos"
+                },
+                {
+                    "name": "Tobias Nyholm",
+                    "email": "tobias.nyholm@gmail.com",
+                    "homepage": "https://github.com/Nyholm"
+                },
+                {
+                    "name": "Márk Sági-Kazár",
+                    "email": "mark.sagikazar@gmail.com",
+                    "homepage": "https://github.com/sagikazarmark"
+                },
                 {
                     "name": "Tobias Schultze",
+                    "email": "webmaster@tubo-world.de",
                     "homepage": "https://github.com/Tobion"
                 }
             ],
@@ -362,9 +412,23 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/psr7/issues",
-                "source": "https://github.com/guzzle/psr7/tree/1.8.2"
+                "source": "https://github.com/guzzle/psr7/tree/1.8.3"
             },
-            "time": "2021-04-26T09:17:50+00:00"
+            "funding": [
+                {
+                    "url": "https://github.com/GrahamCampbell",
+                    "type": "github"
+                },
+                {
+                    "url": "https://github.com/Nyholm",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2021-10-05T13:56:00+00:00"
         },
         {
             "name": "lusitanian/oauth",
@@ -439,16 +503,16 @@
         },
         {
             "name": "marc1706/fast-image-size",
-            "version": "v1.1.6",
+            "version": "v1.1.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/marc1706/fast-image-size.git",
-                "reference": "3a3a2b036be20f43fa06ce00dfa754df503e6684"
+                "reference": "aea6934a273182208bced600953f19a3d2eaeca0"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/marc1706/fast-image-size/zipball/3a3a2b036be20f43fa06ce00dfa754df503e6684",
-                "reference": "3a3a2b036be20f43fa06ce00dfa754df503e6684",
+                "url": "https://api.github.com/repos/marc1706/fast-image-size/zipball/aea6934a273182208bced600953f19a3d2eaeca0",
+                "reference": "aea6934a273182208bced600953f19a3d2eaeca0",
                 "shasum": ""
             },
             "require": {
@@ -466,8 +530,7 @@
             },
             "autoload": {
                 "psr-4": {
-                    "FastImageSize\\": "lib",
-                    "FastImageSize\\tests\\": "tests"
+                    "FastImageSize\\": "lib"
                 }
             },
             "notification-url": "https://packagist.org/downloads/",
@@ -494,9 +557,9 @@
             ],
             "support": {
                 "issues": "https://github.com/marc1706/fast-image-size/issues",
-                "source": "https://github.com/marc1706/fast-image-size/tree/v1.1.6"
+                "source": "https://github.com/marc1706/fast-image-size/tree/v1.1.7"
             },
-            "time": "2019-12-07T08:02:07+00:00"
+            "time": "2022-01-12T16:29:39+00:00"
         },
         {
             "name": "ocramius/proxy-manager",
@@ -859,16 +922,16 @@
         },
         {
             "name": "s9e/text-formatter",
-            "version": "2.10.0",
+            "version": "2.11.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/s9e/TextFormatter.git",
-                "reference": "00df71d0a803c041efa320ce2f2c0e56c1a6fca9"
+                "reference": "b9d9d7ac480301f0cf718345daf591ddf475d9f1"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/s9e/TextFormatter/zipball/00df71d0a803c041efa320ce2f2c0e56c1a6fca9",
-                "reference": "00df71d0a803c041efa320ce2f2c0e56c1a6fca9",
+                "url": "https://api.github.com/repos/s9e/TextFormatter/zipball/b9d9d7ac480301f0cf718345daf591ddf475d9f1",
+                "reference": "b9d9d7ac480301f0cf718345daf591ddf475d9f1",
                 "shasum": ""
             },
             "require": {
@@ -895,7 +958,7 @@
             },
             "type": "library",
             "extra": {
-                "version": "2.10.0"
+                "version": "2.11.0"
             },
             "autoload": {
                 "psr-4": {
@@ -927,9 +990,9 @@
             ],
             "support": {
                 "issues": "https://github.com/s9e/TextFormatter/issues",
-                "source": "https://github.com/s9e/TextFormatter/tree/2.10.0"
+                "source": "https://github.com/s9e/TextFormatter/tree/2.11.0"
             },
-            "time": "2021-08-11T15:45:12+00:00"
+            "time": "2021-10-02T19:08:06+00:00"
         },
         {
             "name": "symfony/config",
@@ -1611,21 +1674,24 @@
         },
         {
             "name": "symfony/polyfill-ctype",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce"
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/46cd95797e9df938fdd2b03693b5fca5e64b01ce",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.1"
             },
+            "provide": {
+                "ext-ctype": "*"
+            },
             "suggest": {
                 "ext-ctype": "For best performance"
             },
@@ -1670,7 +1736,7 @@
                 "portable"
             ],
             "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0"
             },
             "funding": [
                 {
@@ -1686,20 +1752,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-02-19T12:13:01+00:00"
+            "time": "2021-10-20T20:35:02+00:00"
         },
         {
             "name": "symfony/polyfill-intl-idn",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-intl-idn.git",
-                "reference": "65bd267525e82759e7d8c4e8ceea44f398838e65"
+                "reference": "749045c69efb97c70d25d7463abba812e91f3a44"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/65bd267525e82759e7d8c4e8ceea44f398838e65",
-                "reference": "65bd267525e82759e7d8c4e8ceea44f398838e65",
+                "url": "https://api.github.com/repos/symfony/polyfill-intl-idn/zipball/749045c69efb97c70d25d7463abba812e91f3a44",
+                "reference": "749045c69efb97c70d25d7463abba812e91f3a44",
                 "shasum": ""
             },
             "require": {
@@ -1757,7 +1823,7 @@
                 "shim"
             ],
             "support": {
-                "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.24.0"
             },
             "funding": [
                 {
@@ -1773,11 +1839,11 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-05-27T09:27:20+00:00"
+            "time": "2021-09-14T14:02:44+00:00"
         },
         {
             "name": "symfony/polyfill-intl-normalizer",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-intl-normalizer.git",
@@ -1841,7 +1907,7 @@
                 "shim"
             ],
             "support": {
-                "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.24.0"
             },
             "funding": [
                 {
@@ -1861,21 +1927,24 @@
         },
         {
             "name": "symfony/polyfill-mbstring",
-            "version": "v1.23.1",
+            "version": "v1.24.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6"
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9174a3d80210dca8daa7f31fec659150bbeabfc6",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825",
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.1"
             },
+            "provide": {
+                "ext-mbstring": "*"
+            },
             "suggest": {
                 "ext-mbstring": "For best performance"
             },
@@ -1921,7 +1990,7 @@
                 "shim"
             ],
             "support": {
-                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0"
             },
             "funding": [
                 {
@@ -1937,7 +2006,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-05-27T12:26:48+00:00"
+            "time": "2021-11-30T18:21:41+00:00"
         },
         {
             "name": "symfony/polyfill-php56",
@@ -2077,7 +2146,7 @@
         },
         {
             "name": "symfony/polyfill-php72",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-php72.git",
@@ -2133,7 +2202,7 @@
                 "shim"
             ],
             "support": {
-                "source": "https://github.com/symfony/polyfill-php72/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-php72/tree/v1.24.0"
             },
             "funding": [
                 {
@@ -2543,31 +2612,32 @@
         },
         {
             "name": "twig/twig",
-            "version": "v2.13.1",
+            "version": "v2.14.11",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "57e96259776ddcacf1814885fc3950460c8e18ef"
+                "reference": "66baa66f29ee30e487e05f1679903e36eb01d727"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/57e96259776ddcacf1814885fc3950460c8e18ef",
-                "reference": "57e96259776ddcacf1814885fc3950460c8e18ef",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/66baa66f29ee30e487e05f1679903e36eb01d727",
+                "reference": "66baa66f29ee30e487e05f1679903e36eb01d727",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.1.3",
                 "symfony/polyfill-ctype": "^1.8",
-                "symfony/polyfill-mbstring": "^1.3"
+                "symfony/polyfill-mbstring": "^1.3",
+                "symfony/polyfill-php72": "^1.8"
             },
             "require-dev": {
                 "psr/container": "^1.0",
-                "symfony/phpunit-bridge": "^4.4.9|^5.0.9"
+                "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "2.13-dev"
+                    "dev-master": "2.14-dev"
                 }
             },
             "autoload": {
@@ -2606,7 +2676,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v2.13.1"
+                "source": "https://github.com/twigphp/Twig/tree/v2.14.11"
             },
             "funding": [
                 {
@@ -2618,7 +2688,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2020-08-05T15:09:04+00:00"
+            "time": "2022-02-04T06:57:25+00:00"
         },
         {
             "name": "zendframework/zend-code",
@@ -2947,9 +3017,6 @@
             "require": {
                 "php": "^7.1 || ^8.0"
             },
-            "replace": {
-                "myclabs/deep-copy": "self.version"
-            },
             "require-dev": {
                 "doctrine/collections": "^1.0",
                 "doctrine/common": "^2.6",
@@ -2957,12 +3024,12 @@
             },
             "type": "library",
             "autoload": {
-                "psr-4": {
-                    "DeepCopy\\": "src/DeepCopy/"
-                },
                 "files": [
                     "src/DeepCopy/deep_copy.php"
-                ]
+                ],
+                "psr-4": {
+                    "DeepCopy\\": "src/DeepCopy/"
+                }
             },
             "notification-url": "https://packagist.org/downloads/",
             "license": [
@@ -3100,16 +3167,16 @@
         },
         {
             "name": "phing/phing",
-            "version": "2.17.0",
+            "version": "2.17.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phingofficial/phing.git",
-                "reference": "c0a3bce822c088d60b30a577c25debb42325d0f8"
+                "reference": "a386de3986429c07434476844726a9f2679e8af2"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phingofficial/phing/zipball/c0a3bce822c088d60b30a577c25debb42325d0f8",
-                "reference": "c0a3bce822c088d60b30a577c25debb42325d0f8",
+                "url": "https://api.github.com/repos/phingofficial/phing/zipball/a386de3986429c07434476844726a9f2679e8af2",
+                "reference": "a386de3986429c07434476844726a9f2679e8af2",
                 "shasum": ""
             },
             "require": {
@@ -3192,7 +3259,7 @@
             "support": {
                 "irc": "irc://irc.freenode.net/phing",
                 "issues": "https://www.phing.info/trac/report",
-                "source": "https://github.com/phingofficial/phing/tree/2.17.0"
+                "source": "https://github.com/phingofficial/phing/tree/2.17.1"
             },
             "funding": [
                 {
@@ -3208,20 +3275,20 @@
                     "type": "patreon"
                 }
             ],
-            "time": "2021-08-31T13:33:01+00:00"
+            "time": "2022-01-17T11:33:15+00:00"
         },
         {
             "name": "php-webdriver/webdriver",
-            "version": "1.11.1",
+            "version": "1.12.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/php-webdriver/php-webdriver.git",
-                "reference": "da16e39968f8dd5cfb7d07eef91dc2b731c69880"
+                "reference": "99d4856ed7dffcdf6a52eccd6551e83d8d557ceb"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/php-webdriver/php-webdriver/zipball/da16e39968f8dd5cfb7d07eef91dc2b731c69880",
-                "reference": "da16e39968f8dd5cfb7d07eef91dc2b731c69880",
+                "url": "https://api.github.com/repos/php-webdriver/php-webdriver/zipball/99d4856ed7dffcdf6a52eccd6551e83d8d557ceb",
+                "reference": "99d4856ed7dffcdf6a52eccd6551e83d8d557ceb",
                 "shasum": ""
             },
             "require": {
@@ -3230,20 +3297,19 @@
                 "ext-zip": "*",
                 "php": "^5.6 || ~7.0 || ^8.0",
                 "symfony/polyfill-mbstring": "^1.12",
-                "symfony/process": "^2.8 || ^3.1 || ^4.0 || ^5.0"
+                "symfony/process": "^2.8 || ^3.1 || ^4.0 || ^5.0 || ^6.0"
             },
             "replace": {
                 "facebook/webdriver": "*"
             },
             "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.0",
                 "ondram/ci-detector": "^2.1 || ^3.5 || ^4.0",
                 "php-coveralls/php-coveralls": "^2.4",
                 "php-mock/php-mock-phpunit": "^1.1 || ^2.0",
                 "php-parallel-lint/php-parallel-lint": "^1.2",
                 "phpunit/phpunit": "^5.7 || ^7 || ^8 || ^9",
                 "squizlabs/php_codesniffer": "^3.5",
-                "symfony/var-dumper": "^3.3 || ^4.0 || ^5.0"
+                "symfony/var-dumper": "^3.3 || ^4.0 || ^5.0 || ^6.0"
             },
             "suggest": {
                 "ext-SimpleXML": "For Firefox profile creation"
@@ -3272,9 +3338,9 @@
             ],
             "support": {
                 "issues": "https://github.com/php-webdriver/php-webdriver/issues",
-                "source": "https://github.com/php-webdriver/php-webdriver/tree/1.11.1"
+                "source": "https://github.com/php-webdriver/php-webdriver/tree/1.12.0"
             },
-            "time": "2021-05-21T15:12:49+00:00"
+            "time": "2021-10-14T09:30:02+00:00"
         },
         {
             "name": "phpdocumentor/reflection-common",
@@ -3629,16 +3695,16 @@
         },
         {
             "name": "phpunit/php-file-iterator",
-            "version": "2.0.4",
+            "version": "2.0.5",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/php-file-iterator.git",
-                "reference": "28af674ff175d0768a5a978e6de83f697d4a7f05"
+                "reference": "42c5ba5220e6904cbfe8b1a1bda7c0cfdc8c12f5"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/28af674ff175d0768a5a978e6de83f697d4a7f05",
-                "reference": "28af674ff175d0768a5a978e6de83f697d4a7f05",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/42c5ba5220e6904cbfe8b1a1bda7c0cfdc8c12f5",
+                "reference": "42c5ba5220e6904cbfe8b1a1bda7c0cfdc8c12f5",
                 "shasum": ""
             },
             "require": {
@@ -3677,7 +3743,7 @@
             ],
             "support": {
                 "issues": "https://github.com/sebastianbergmann/php-file-iterator/issues",
-                "source": "https://github.com/sebastianbergmann/php-file-iterator/tree/2.0.4"
+                "source": "https://github.com/sebastianbergmann/php-file-iterator/tree/2.0.5"
             },
             "funding": [
                 {
@@ -3685,7 +3751,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2021-07-19T06:46:01+00:00"
+            "time": "2021-12-02T12:42:26+00:00"
         },
         {
             "name": "phpunit/php-text-template",
@@ -4199,16 +4265,16 @@
         },
         {
             "name": "sebastian/exporter",
-            "version": "3.1.3",
+            "version": "3.1.4",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/exporter.git",
-                "reference": "6b853149eab67d4da22291d36f5b0631c0fd856e"
+                "reference": "0c32ea2e40dbf59de29f3b49bf375176ce7dd8db"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/6b853149eab67d4da22291d36f5b0631c0fd856e",
-                "reference": "6b853149eab67d4da22291d36f5b0631c0fd856e",
+                "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/0c32ea2e40dbf59de29f3b49bf375176ce7dd8db",
+                "reference": "0c32ea2e40dbf59de29f3b49bf375176ce7dd8db",
                 "shasum": ""
             },
             "require": {
@@ -4217,7 +4283,7 @@
             },
             "require-dev": {
                 "ext-mbstring": "*",
-                "phpunit/phpunit": "^6.0"
+                "phpunit/phpunit": "^8.5"
             },
             "type": "library",
             "extra": {
@@ -4264,7 +4330,7 @@
             ],
             "support": {
                 "issues": "https://github.com/sebastianbergmann/exporter/issues",
-                "source": "https://github.com/sebastianbergmann/exporter/tree/3.1.3"
+                "source": "https://github.com/sebastianbergmann/exporter/tree/3.1.4"
             },
             "funding": [
                 {
@@ -4272,7 +4338,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2020-11-30T07:47:53+00:00"
+            "time": "2021-11-11T13:51:24+00:00"
         },
         {
             "name": "sebastian/global-state",
@@ -4554,7 +4620,6 @@
                     "type": "github"
                 }
             ],
-            "abandoned": true,
             "time": "2020-11-30T07:30:19+00:00"
         },
         {
@@ -4606,16 +4671,16 @@
         },
         {
             "name": "squizlabs/php_codesniffer",
-            "version": "3.6.0",
+            "version": "3.6.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
-                "reference": "ffced0d2c8fa8e6cdc4d695a743271fab6c38625"
+                "reference": "5e4e71592f69da17871dba6e80dd51bce74a351a"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/ffced0d2c8fa8e6cdc4d695a743271fab6c38625",
-                "reference": "ffced0d2c8fa8e6cdc4d695a743271fab6c38625",
+                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/5e4e71592f69da17871dba6e80dd51bce74a351a",
+                "reference": "5e4e71592f69da17871dba6e80dd51bce74a351a",
                 "shasum": ""
             },
             "require": {
@@ -4658,7 +4723,7 @@
                 "source": "https://github.com/squizlabs/PHP_CodeSniffer",
                 "wiki": "https://github.com/squizlabs/PHP_CodeSniffer/wiki"
             },
-            "time": "2021-04-09T00:54:41+00:00"
+            "time": "2021-12-12T21:44:58+00:00"
         },
         {
             "name": "symfony/browser-kit",
@@ -4975,5 +5040,5 @@
     "platform-overrides": {
         "php": "7.1.3"
     },
-    "plugin-api-version": "2.0.0"
+    "plugin-api-version": "2.2.0"
 }

phpBB/config/development/config.yml

@@ -11,6 +11,7 @@ core:
         sql_explain: true
         memory: true
         show_errors: true
+        error_handler: true
 
     twig:
         debug: true

phpBB/develop/export_events_for_bbcode.php

@@ -0,0 +1,126 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+if (php_sapi_name() != 'cli')
+{
+	die("This program must be run from the command line.\n");
+}
+
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+$phpbb_root_path = __DIR__ . '/../';
+define('IN_PHPBB', true);
+
+function usage()
+{
+	echo "Usage: export_events_for_bbcode.php COMMAND [VERSION] [EXTENSION]\n";
+	echo "\n";
+	echo "COMMAND:\n";
+	echo "    diff:\n";
+	echo "        Generate the Event Diff for the release highlights\n";
+	echo "\n";
+	echo "    php:\n";
+	echo "        Generate the PHP event section of Event_List\n";
+	echo "\n";
+	echo "    adm:\n";
+	echo "        Generate the ACP Template event section of Event_List\n";
+	echo "\n";
+	echo "    styles:\n";
+	echo "        Generate the Styles Template event section of Event_List\n";
+	echo "\n";
+	echo "VERSION (diff only):\n";
+	echo "    Filter events (minimum version)\n";
+	echo "\n";
+	echo "EXTENSION (Optional):\n";
+	echo "    If not given, only core events will be exported.\n";
+	echo "    Otherwise only events from the extension will be exported.\n";
+	echo "\n";
+	exit(2);
+}
+
+function validate_argument_count($arguments, $count)
+{
+	if ($arguments <= $count)
+	{
+		usage();
+	}
+}
+
+validate_argument_count($argc, 1);
+
+$action = $argv[1];
+$extension = isset($argv[2]) ? $argv[2] : null;
+$min_version = null;
+require __DIR__ . '/../phpbb/event/php_exporter.' . $phpEx;
+require __DIR__ . '/../phpbb/event/md_exporter.' . $phpEx;
+require __DIR__ . '/../phpbb/event/rst_exporter.' . $phpEx;
+require __DIR__ . '/../includes/functions.' . $phpEx;
+require __DIR__ . '/../phpbb/event/recursive_event_filter_iterator.' . $phpEx;
+require __DIR__ . '/../phpbb/recursive_dot_prefix_filter_iterator.' . $phpEx;
+
+switch ($action)
+{
+
+	case 'diff':
+		echo "[size=200]Event changes[/size]\n\n";
+		$min_version = $extension;
+		$extension = isset($argv[3]) ? $argv[3] : null;
+
+	case 'php':
+		$exporter = new \phpbb\event\php_exporter($phpbb_root_path, $extension, $min_version);
+		$exporter->crawl_phpbb_directory_php();
+		echo $exporter->export_events_for_bbcode($action);
+
+		if ($action === 'php')
+		{
+			break;
+		}
+		echo "\n\n";
+		// no break;
+
+	case 'styles':
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
+		if ($min_version && $action === 'diff')
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'styles');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_styles('docs/events.md');
+		}
+		echo $exporter->export_events_for_bbcode($action);
+
+		if ($action === 'styles')
+		{
+			break;
+		}
+		echo "\n\n";
+		// no break;
+
+	case 'adm':
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
+		if ($min_version && $action === 'diff')
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'adm');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_adm('docs/events.md');
+		}
+		echo $exporter->export_events_for_bbcode($action);
+
+		echo "\n";
+	break;
+
+	default:
+		usage();
+}

phpBB/docs/CHANGELOG.html

@@ -50,6 +50,8 @@
 <ol>
 	<li><a href="#changelog">Changelog</a>
 	<ul>
+		<li><a href="#v336rc1">Changes since 3.3.6-RC1</a></li>
+		<li><a href="#v335">Changes since 3.3.5</a></li>
 		<li><a href="#v335rc1">Changes since 3.3.5-RC1</a></li>
 		<li><a href="#v334">Changes since 3.3.4</a></li>
 		<li><a href="#v334rc1">Changes since 3.3.4-RC1</a></li>
@@ -158,6 +160,68 @@
 		<div class="inner">
 
 		<div class="content">
+			<a name="v336rc1"></a><h3>Changes since 3.3.6-RC1</h3>
+			<h4>Bug</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16872">PHPBB3-16872</a>] - Create event exporter to BBCode</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16956">PHPBB3-16956</a>] - White screen after disable extention</li>
+			</ul>
+			<h4>Improvement</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-15028">PHPBB3-15028</a>] - Change update instructions in ACP</li>
+			</ul>
+			<h4>Task</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16964">PHPBB3-16964</a>] - Update composer and composer dependencies to latest versions</li>
+			</ul>
+			<h4>Hardening</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/SECURITY-272">SECURITY-272</a>] - Use longer random string for activation key</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/SECURITY-273">SECURITY-273</a>] - Reset reset token info when re-activating account</li>
+			</ul>
+
+			<a name="v335"></a><h3>Changes since 3.3.5</h3>
+			<h4>Bug</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16881">PHPBB3-16881</a>] - Fix ACP Statistic Table</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16883">PHPBB3-16883</a>] - Check if var is array before using count in installer diff</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16887">PHPBB3-16887</a>] - Update required PHP version</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16889">PHPBB3-16889</a>] - Postgres on windows builds keep failing</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16892">PHPBB3-16892</a>] - Duplicate entry for jav files in extension guesser</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16895">PHPBB3-16895</a>] - 'Permission' migration tool incorrectly handles role removal</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16897">PHPBB3-16897</a>] - sqlite3 drivers generates warnings when executing an explain query plan that fails</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16900">PHPBB3-16900</a>] - Invalid email subject header on long topic titles</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16904">PHPBB3-16904</a>] - Regression for topic selection in MCP in 3.3.5</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16908">PHPBB3-16908</a>] - PHP warning on non-existent post id requests</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16910">PHPBB3-16910</a>] - PHP warning if trying to attach orphaned files to non existent posts</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16914">PHPBB3-16914</a>] - Missing id in memberlist email template</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16924">PHPBB3-16924</a>] - Double escaping of config values inserted with db config</li>
+			</ul>
+			<h4>Improvement</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-13508">PHPBB3-13508</a>] - Support using INCLUDEJS and INCLUDECSS in twig template format</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16828">PHPBB3-16828</a>] - Add hook event before find_users_for_notification() execute</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16859">PHPBB3-16859</a>] - Language selection option is displayed on register if only 1 language is installed</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16885">PHPBB3-16885</a>] - Add filters to Twig - INT and FLOAT</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16888">PHPBB3-16888</a>] - Add the list of allowed attachment types using accept attribute </li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16896">PHPBB3-16896</a>] - Improve .gitignore visibility</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16898">PHPBB3-16898</a>] - Do not restrict the debug error handler to the development environment</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16899">PHPBB3-16899</a>] - Add SVG and WEBP image type to ranks, smilies and topic icons</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16902">PHPBB3-16902</a>] - Improve search results count for MySQL</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16909">PHPBB3-16909</a>] - Add PHP 8.2 builds to test matrix</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16912">PHPBB3-16912</a>] - Improve mail encoding to better match RFC 2047</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16921">PHPBB3-16921</a>] - Increase PHP requirements in the DOCS</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16930">PHPBB3-16930</a>] - Remove redundant topic ID from last post URL</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16933">PHPBB3-16933</a>] - Inconsistent handling of hyphen by phpBB Native search backend</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16939">PHPBB3-16939</a>] - Wait for postgres service to start in GitHub Actions windows builds</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16940">PHPBB3-16940</a>] - Optimize phpBB Native Search</li>
+			</ul>
+			<h4>Task</h4>
+			<ul>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16927">PHPBB3-16927</a>] - Update plupload to latest version</li>
+				<li>[<a href="https://tracker.phpbb.com/browse/PHPBB3-16928">PHPBB3-16928</a>] - Update composer and composer dependencies to latest versions</li>
+			</ul>
+
 			<a name="v335rc1"></a><h3>Changes since 3.3.5-RC1</h3>
 			<h4>Bug</h4>
 			<ul>

phpBB/docs/INSTALL.html

@@ -64,7 +64,7 @@
 		<li><a href="#update_full">Full package</a></li>
 		<li><a href="#update_files">Changed files</a></li>
 		<li><a href="#update_patch">Patch file</a></li>
-		<li><a href="#update_auto">Automatic update package</a></li>
+		<li><a href="#update_advanced">Advanced update package</a></li>
 		<li><a href="#update_all">All package types</a></li>
 	</ol>
 	</li>
@@ -147,7 +147,7 @@
 			<li>Oracle</li>
 		</ul>
 		</li>
-		<li><strong>PHP 7.1.3+</strong> up to and including <strong>PHP 7.4</strong> with support for the database you intend to use.</li>
+		<li><strong>PHP 7.1.3+</strong> up to and including <strong>PHP 8.1</strong> with support for the database you intend to use.</li>
 		<li>The following PHP modules are required:
 		<ul>
 			<li>json</li>
@@ -291,7 +291,7 @@
 
 	<p>The patch file package is for those wanting to update through the patch application, and should only be used by those who are comfortable with it.</p>
 
-	<p>The patch file is one solution for those with changes in to the phpBB core files and do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application, but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the recommended update method.</p>
+	<p>The patch file is one solution for those with changes in to the phpBB core files and do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application, but still want to use this update approach, we strongly recommend the <a href="#update_full">Full package update</a> explained above. It is also the recommended update method.</p>
 
 	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is <strong>3.3.0</strong>, you need the <code>phpBB-3.3.1-patch.zip/tar.bz2</code> file. Place the correct patch in the parent directory containing the phpBB core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <code>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</code> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
@@ -299,11 +299,13 @@
 
 	<p>You should, of course, delete the patch file (or files) after use. As for the other update procedures, you should navigate to <code>/install/app.php/update</code>, select "Update database only" and submit the page after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number. If you have shell access to your server, you may wish to update via the command line interface. From your board's root, execute the following command: <code>php bin/phpbbcli.php --safe-mode db:migrate</code>.</p>
 
-<a name="update_auto"></a><h3>4.iv. Automatic update package</h3>
+<a name="update_advanced"></a><h3>4.iv. Advanced update package (Expert users)</h3>
 
-	<p>This update method is only recommended for installations with modifications to core phpBB files. This package detects changed files automatically and merges in changes if needed.</p>
+	<p>This update method should only be used for installations with modifications to core phpBB files. If you simply use Extensions or custom Styles and have not modified core files, please use the Full Package update.</p>
 
-	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.3.0</strong>, you need the <code>phpBB-3.3.0_to_3.3.1.zip/tar.bz2</code> file.</p>
+	<p>This package detects changed files and merges in changes if needed. Since this type of update has a potential to cause issues while upgrading, it should only be used by expert users.</p>
+
+	<p>The advanced update package will update the board from a given version to the latest version. A number of advanced update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.3.0</strong>, you need the <code>phpBB-3.3.0_to_3.3.1.zip/tar.bz2</code> file.</p>
 
 	<p>To perform the update, either follow the instructions from the <strong>Administration Control Panel-&gt;System</strong> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 

phpBB/docs/README.html

@@ -104,7 +104,7 @@
 
 	<ul>
 		<li>Updates from phpBB 3.0 RC1, 3.1 RC1 and 3.2 RC1 to the latest version</li>
-		<li>Note: if using the <em>Automatic Update Package</em>, updates are supported from phpBB 3.0.2 onward. To update a pre-3.0.2 installation, first update to 3.0.2 and then update to the current version.</li>
+		<li>Note: if using the <em>Advanced Update Package</em>, updates are supported from phpBB 3.0.2 onward. To update a pre-3.0.2 installation, first update to 3.0.2 and then update to the current version.</li>
 		<li>Conversions from phpBB 2.0.x to the latest version</li>
 		<li>New installations of phpBB 3.2.x - only the latest released version</li>
 		<li>New installations of phpBB 3.3.x - only the latest released version</li>

phpBB/includes/acp/acp_attachments.php

@@ -1000,29 +1000,45 @@ class acp_attachments
 						$result = $db->sql_query($sql);
 
 						$files_added = $space_taken = 0;
+						$error_msg = '';
+						$upload_row = [];
 						while ($row = $db->sql_fetchrow($result))
 						{
-							$post_row = $post_info[$upload_list[$row['attach_id']]];
+							$upload_row = [
+								'FILE_INFO'	=> $user->lang('UPLOADING_FILE_TO', $row['real_filename'], $upload_list[$row['attach_id']]),
+							];
 
-							$template->assign_block_vars('upload', array(
-								'FILE_INFO'		=> sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
-								'S_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
-								'L_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
-							);
+							if (isset($post_info[$upload_list[$row['attach_id']]]))
+							{
+								$post_row = $post_info[$upload_list[$row['attach_id']]];
+								$upload_row = array_merge($upload_row, [
+									'S_DENIED'	=> !$auth->acl_get('f_attach', $post_row['forum_id']),
+									'L_DENIED'	=> !$auth->acl_get('f_attach', $post_row['forum_id']) ? $user->lang('UPLOAD_DENIED_FORUM', $forum_names[$row['forum_id']]) : '',
+								]);
+							}
+							else
+							{
+								$error_msg = $user->lang('UPLOAD_POST_NOT_EXIST', $row['real_filename'], $upload_list[$row['attach_id']]);
+								$upload_row = array_merge($upload_row, [
+									'ERROR_MSG'	=> $error_msg,
+								]);
+							};
 
-							if (!$auth->acl_get('f_attach', $post_row['forum_id']))
+							$template->assign_block_vars('upload', $upload_row);
+
+							if ($error_msg || !$auth->acl_get('f_attach', $post_row['forum_id']))
 							{
 								continue;
 							}
 
 							// Adjust attachment entry
-							$sql_ary = array(
+							$sql_ary = [
 								'in_message'	=> 0,
 								'is_orphan'		=> 0,
 								'poster_id'		=> $post_row['poster_id'],
 								'post_msg_id'	=> $post_row['post_id'],
 								'topic_id'		=> $post_row['topic_id'],
-							);
+							];
 
 							$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
 								SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
@@ -1042,7 +1058,7 @@ class acp_attachments
 							$space_taken += $row['filesize'];
 							$files_added++;
 
-							$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_FILEUPLOAD', false, array($post_row['post_id'], $row['real_filename']));
+							$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACH_FILEUPLOAD', false, [$post_row['post_id'], $row['real_filename']]);
 						}
 						$db->sql_freeresult($result);
 
@@ -1054,9 +1070,9 @@ class acp_attachments
 					}
 				}
 
-				$template->assign_vars(array(
-					'S_ORPHAN'		=> true)
-				);
+				$template->assign_vars([
+					'S_ORPHAN'		=> true,
+				]);
 
 				$attachments_per_page = (int) $config['topics_per_page'];
 
@@ -1084,15 +1100,15 @@ class acp_attachments
 
 				while ($row = $db->sql_fetchrow($result))
 				{
-					$template->assign_block_vars('orphan', array(
+					$template->assign_block_vars('orphan', [
 						'FILESIZE'			=> get_formatted_filesize($row['filesize']),
 						'FILETIME'			=> $user->format_date($row['filetime']),
 						'REAL_FILENAME'		=> utf8_basename($row['real_filename']),
 						'PHYSICAL_FILENAME'	=> utf8_basename($row['physical_filename']),
 						'ATTACH_ID'			=> $row['attach_id'],
-						'POST_IDS'			=> (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
-						'U_FILE'			=> append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id']))
-					);
+						'POST_ID'			=> (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
+						'U_FILE'			=> append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&id=' . $row['attach_id']),
+					]);
 				}
 				$db->sql_freeresult($result);
 
@@ -1105,10 +1121,10 @@ class acp_attachments
 					$start
 				);
 
-				$template->assign_vars(array(
+				$template->assign_vars([
 					'TOTAL_FILES'		=> $num_files,
 					'TOTAL_SIZE'		=> get_formatted_filesize($total_size),
-				));
+				]);
 
 			break;
 

phpBB/includes/acp/acp_icons.php

@@ -91,29 +91,43 @@ class acp_icons
 				{
 					$img_size = getimagesize($phpbb_root_path . $img_path . '/' . $path . $img);
 
-					if (!$img_size[0] || !$img_size[1] || strlen($img) > 255)
+					if ($img_size)
 					{
-						continue;
-					}
+						if (!$img_size[0] || !$img_size[1] || strlen($img) > 255)
+						{
+							continue;
+						}
 
-					// adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons)
-					if ($mode == 'icons')
+						// adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons)
+						if ($mode == 'icons')
+						{
+							if ($img_size[0] > 127 && $img_size[0] > $img_size[1])
+							{
+								$img_size[1] = (int) ($img_size[1] * (127 / $img_size[0]));
+								$img_size[0] = 127;
+							}
+							else if ($img_size[1] > 127)
+							{
+								$img_size[0] = (int) ($img_size[0] * (127 / $img_size[1]));
+								$img_size[1] = 127;
+							}
+						}
+					}
+					else
 					{
-						if ($img_size[0] > 127 && $img_size[0] > $img_size[1])
-						{
-							$img_size[1] = (int) ($img_size[1] * (127 / $img_size[0]));
-							$img_size[0] = 127;
-						}
-						else if ($img_size[1] > 127)
-						{
-							$img_size[0] = (int) ($img_size[0] * (127 / $img_size[1]));
-							$img_size[1] = 127;
-						}
+						// getimagesize can't read the dimensions of the SVG files
+						// https://bugs.php.net/bug.php?id=71517
+						$xml_get = simplexml_load_file($phpbb_root_path . $img_path . '/' . $path . $img);
+
+						$svg_width = intval($xml_get['width']);
+						$svg_height = intval($xml_get['height']);
 					}
 
 					$_images[$path . $img]['file'] = $path . $img;
-					$_images[$path . $img]['width'] = $img_size[0];
-					$_images[$path . $img]['height'] = $img_size[1];
+
+					// Give SVG a fallback on failure
+					$_images[$path . $img]['width'] = $img_size ? $img_size[0] : ($svg_width ?: 32);
+					$_images[$path . $img]['height'] = $img_size ? $img_size[1] : ($svg_height ?: 32);
 				}
 			}
 			unset($imglist);

phpBB/includes/acp/acp_main.php

@@ -544,20 +544,13 @@ class acp_main
 			$files_per_day = $total_files;
 		}
 
-		if ($config['allow_attachments'] || $config['allow_pm_attach'])
-		{
-			$sql = 'SELECT COUNT(attach_id) AS total_orphan
-				FROM ' . ATTACHMENTS_TABLE . '
-				WHERE is_orphan = 1
-					AND filetime < ' . (time() - 3*60*60);
-			$result = $db->sql_query($sql);
-			$total_orphan = (int) $db->sql_fetchfield('total_orphan');
-			$db->sql_freeresult($result);
-		}
-		else
-		{
-			$total_orphan = false;
-		}
+		$sql = 'SELECT COUNT(attach_id) AS total_orphan
+			FROM ' . ATTACHMENTS_TABLE . '
+			WHERE is_orphan = 1
+				AND filetime < ' . (time() - 3*60*60);
+		$result = $db->sql_query($sql);
+		$total_orphan = (int) $db->sql_fetchfield('total_orphan');
+		$db->sql_freeresult($result);
 
 		$dbsize = get_database_size();
 
@@ -575,7 +568,6 @@ class acp_main
 			'DBSIZE'			=> $dbsize,
 			'UPLOAD_DIR_SIZE'	=> $upload_dir_size,
 			'TOTAL_ORPHAN'		=> $total_orphan,
-			'S_TOTAL_ORPHAN'	=> ($total_orphan === false) ? false : true,
 			'GZIP_COMPRESSION'	=> ($config['gzip_compress'] && @extension_loaded('zlib')) ? $user->lang['ON'] : $user->lang['OFF'],
 			'DATABASE_INFO'		=> $db->sql_server_info(),
 			'PHP_VERSION_INFO'	=> PHP_VERSION,

phpBB/includes/acp/acp_ranks.php

@@ -55,8 +55,8 @@ class acp_ranks
 				$min_posts = ($special_rank) ? 0 : max(0, $request->variable('min_posts', 0));
 				$rank_image = $request->variable('rank_image', '');
 
-				// The rank image has to be a jpg, gif or png
-				if ($rank_image != '' && !preg_match('#(\.gif|\.png|\.jpg|\.jpeg)$#i', $rank_image))
+				// The rank image has to be a jp(e)g, gif, png, svg or webp
+				if ($rank_image != '' && !preg_match('#(\.gif|\.png|\.jpg|\.jpeg|\.svg|\.webp)$#i', $rank_image))
 				{
 					$rank_image = '';
 				}

phpBB/includes/acp/acp_search.php

@@ -322,9 +322,9 @@ class acp_search
 						{
 							$sql = 'SELECT post_id, poster_id, forum_id
 								FROM ' . POSTS_TABLE . '
-								WHERE post_id >= ' . (int) ($post_counter + 1) . '
-									AND post_id <= ' . (int) ($post_counter + $this->batch_size);
-							$result = $db->sql_query($sql);
+								WHERE post_id > ' . (int) $post_counter . '
+								ORDER BY post_id ASC';
+							$result = $db->sql_query_limit($sql, $this->batch_size);
 
 							$ids = $posters = $forum_ids = array();
 							while ($row = $db->sql_fetchrow($result))
@@ -339,14 +339,13 @@ class acp_search
 							if (count($ids))
 							{
 								$this->search->index_remove($ids, $posters, $forum_ids);
+								$post_counter = $ids[count($ids) - 1];
 							}
-
-							$post_counter += $this->batch_size;
 						}
 						// save the current state
 						$this->save_state();
 
-						if ($post_counter <= $this->max_post_id)
+						if ($post_counter < $this->max_post_id)
 						{
 							$totaltime = microtime(true) - $starttime;
 							$rows_per_second = $row_count / $totaltime;
@@ -393,9 +392,9 @@ class acp_search
 						{
 							$sql = 'SELECT post_id, post_subject, post_text, poster_id, forum_id
 								FROM ' . POSTS_TABLE . '
-								WHERE post_id >= ' . (int) ($post_counter + 1) . '
-									AND post_id <= ' . (int) ($post_counter + $this->batch_size);
-							$result = $db->sql_query($sql);
+								WHERE post_id > ' . (int) $post_counter . '
+								ORDER BY post_id ASC';
+							$result = $db->sql_query_limit($sql, $this->batch_size);
 
 							$buffer = $db->sql_buffer_nested_transactions();
 
@@ -416,13 +415,12 @@ class acp_search
 									$this->search->index('post', $row['post_id'], $row['post_text'], $row['post_subject'], $row['poster_id'], $row['forum_id']);
 								}
 								$row_count++;
+								$post_counter = $row['post_id'];
 							}
 							if (!$buffer)
 							{
 								$db->sql_freeresult($result);
 							}
-
-							$post_counter += $this->batch_size;
 						}
 						// save the current state
 						$this->save_state();
@@ -434,7 +432,7 @@ class acp_search
 						$this->search->tidy();
 						$config['num_posts'] = $num_posts;
 
-						if ($post_counter <= $this->max_post_id)
+						if ($post_counter < $this->max_post_id)
 						{
 							$totaltime = microtime(true) - $starttime;
 							$rows_per_second = $row_count / $totaltime;

phpBB/includes/constants.php

@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-@define('PHPBB_VERSION', '3.3.5');
+@define('PHPBB_VERSION', '3.3.6');
 
 // QA-related
 // define('PHPBB_QA', 1);

phpBB/includes/diff/diff.php

@@ -168,8 +168,14 @@ class diff
 				$final = $edit->final;
 
 				// We can simplify one case where the array is usually supposed to be empty...
-				if (count($orig) == 1 && trim($orig[0]) === '') $orig = array();
-				if (count($final) == 1 && trim($final[0]) === '') $final = array();
+				if (is_array($orig) && count($orig) == 1 && trim($orig[0]) === '')
+				{
+					$orig = array();
+				}
+				if (is_array($final) && count($final) == 1 && trim($final[0]) === '')
+				{
+					$final = array();
+				}
 
 				if (!$orig && !$final)
 				{

phpBB/includes/functions.php

@@ -263,49 +263,68 @@ function phpbb_version_compare($version1, $version2, $operator = null)
 // functions used for building option fields
 
 /**
-* Pick a language, any language ...
-*/
-function language_select($default = '')
+ * Pick a language, any language ...
+ *
+ * @param string $default	Language ISO code to be selected by default in the dropdown list
+ * @param array $langdata	Language data in format of array(array('lang_iso' => string, lang_local_name => string), ...)
+ *
+ * @return string			HTML options for language selection dropdown list.
+ */
+function language_select($default = '', array $langdata = [])
 {
 	global $db;
 
-	$sql = 'SELECT lang_iso, lang_local_name
-		FROM ' . LANG_TABLE . '
-		ORDER BY lang_english_name';
-	$result = $db->sql_query($sql);
+	if (empty($langdata))
+	{
+		$sql = 'SELECT lang_iso, lang_local_name
+			FROM ' . LANG_TABLE . '
+			ORDER BY lang_english_name';
+		$result = $db->sql_query($sql);
+		$langdata = (array) $db->sql_fetchrowset($result);
+		$db->sql_freeresult($result);
+	}
 
 	$lang_options = '';
-	while ($row = $db->sql_fetchrow($result))
+	foreach ($langdata as $row)
 	{
 		$selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : '';
 		$lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>';
 	}
-	$db->sql_freeresult($result);
 
 	return $lang_options;
 }
 
 /**
-* Pick a template/theme combo,
-*/
-function style_select($default = '', $all = false)
+ * Pick a template/theme combo
+ *
+ * @param string $default	Style ID to be selected by default in the dropdown list
+ * @param bool $all			Flag indicating if all styles data including inactive ones should be fetched
+ * @param array $styledata	Style data in format of array(array('style_id' => int, style_name => string), ...)
+ *
+ * @return string			HTML options for style selection dropdown list.
+ */
+function style_select($default = '', $all = false, array $styledata = [])
 {
 	global $db;
 
-	$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
-	$sql = 'SELECT style_id, style_name
-		FROM ' . STYLES_TABLE . "
-		$sql_where
-		ORDER BY style_name";
-	$result = $db->sql_query($sql);
+	if (empty($styledata))
+	{
+		$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
+		$sql = 'SELECT style_id, style_name
+			FROM ' . STYLES_TABLE . "
+			$sql_where
+			ORDER BY style_name";
+		$result = $db->sql_query($sql);
+		$styledata = (array) $db->sql_fetchrowset($result);
+		$db->sql_freeresult($result);
+	}
 
 	$style_options = '';
-	while ($row = $db->sql_fetchrow($result))
+	foreach ($styledata as $row)
 	{
 		$selected = ($row['style_id'] == $default) ? ' selected="selected"' : '';
 		$style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>';
 	}
-	$db->sql_freeresult($result);
 
 	return $style_options;
 }

phpBB/includes/functions_admin.php

@@ -479,7 +479,7 @@ function copy_forum_permissions($src_forum_id, $dest_forum_ids, $clear_dest_perm
 /**
 * Get physical file listing
 */
-function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png')
+function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png|svg|webp')
 {
 	$matches = array($dir => array());
 

phpBB/includes/functions_mcp.php

@@ -35,7 +35,7 @@ function phpbb_module_notes_url($mode, $module_row)
 	}
 
 	global $user_id;
-	return ($user_id) ? "&u=$user_id" : '';
+	return phpbb_extra_url();
 }
 
 function phpbb_module_warn_url($mode, $module_row)
@@ -43,34 +43,18 @@ function phpbb_module_warn_url($mode, $module_row)
 	if ($mode == 'front' || $mode == 'list')
 	{
 		global $forum_id;
-
-		return ($forum_id) ? "&f=$forum_id" : '';
+		return phpbb_extra_url();
 	}
 
 	if ($mode == 'warn_post')
 	{
 		global $forum_id, $post_id;
-
-		if ($post_id)
-		{
-			$url_extra = "&p=$post_id";
-		}
-		else if ($forum_id)
-		{
-			$url_extra = "&f=$forum_id";
-		}
-		else
-		{
-			$url_extra = '';
-		}
-
-		return $url_extra;
+		return phpbb_extra_url();
 	}
 	else
 	{
 		global $user_id;
-
-		return ($user_id) ? "&u=$user_id" : '';
+		return phpbb_extra_url();
 	}
 }
 
@@ -99,30 +83,34 @@ function phpbb_module_reports_url($mode, $module_row)
 	return phpbb_extra_url();
 }
 
-function phpbb_extra_url()
+/**
+ * Generate URL parameters for MCP modules
+ *
+ * @param array $additional_parameters	Array with additional parameters in format of ['key' => 'parameter_name']
+ *
+ * @return string						String with URL parameters (empty string if not any)
+ */
+function phpbb_extra_url($additional_parameters = [])
 {
-	global $forum_id, $topic_id, $post_id, $report_id, $user_id;
+	$url_extra = [];
+	$url_parameters = array_merge([
+		'f' => 'forum_id',
+		't' => 'topic_id',
+		'p' => 'post_id',
+		'r' => 'report_id',
+		'u' => 'user_id',
+	], $additional_parameters);
 
-	if ($post_id)
+	foreach ($url_parameters as $key => $value)
 	{
-		$url_extra = "&p=$post_id";
+		global $$value;
+		if (isset($$value) && $parameter = $$value)
+		{
+			$url_extra[] = "$key=$parameter";
+		}
 	}
-	else if ($topic_id)
-	{
-		$url_extra = "&t=$topic_id";
-	}
-	else if ($forum_id)
-	{
-		$url_extra = "&f=$forum_id";
-	}
-	else
-	{
-		$url_extra = '';
-	}
-	$url_extra .= ($user_id) ? "&u=$user_id" : '';
-	$url_extra .= ($report_id) ? "&r=$report_id" : '';
 
-	return $url_extra;
+	return implode('&', $url_extra);
 }
 
 /**

phpBB/includes/functions_messenger.php

@@ -1840,65 +1840,84 @@ class smtp_class
 }
 
 /**
-* Encodes the given string for proper display in UTF-8.
-*
-* This version is using base64 encoded data. The downside of this
-* is if the mail client does not understand this encoding the user
-* is basically doomed with an unreadable subject.
-*
-* Please note that this version fully supports RFC 2045 section 6.8.
-*
-* @param string $str
-* @param string $eol End of line we are using (optional to be backwards compatible)
-*/
+ * Encodes the given string for proper display in UTF-8 or US-ASCII.
+ *
+ * This version is based on iconv_mime_encode() implementation
+ * from symfomy/polyfill-iconv
+ * https://github.com/symfony/polyfill-iconv/blob/fd324208ec59a39ebe776e6e9ec5540ad4f40aaa/Iconv.php#L355
+ *
+ * @param string $str
+ * @param string $eol Lines delimiter (optional to be backwards compatible)
+ *
+ * @return string
+ */
 function mail_encode($str, $eol = "\r\n")
 {
 	// Check if string contains ASCII only characters
 	$is_ascii = strlen($str) === utf8_strlen($str);
 
-	// Define start delimimter, end delimiter and spacer
+	$scheme = $is_ascii ? 'Q' : 'B';
+
+	// Define start delimiter, end delimiter
 	// Use the Quoted-Printable encoding for ASCII strings to avoid unnecessary encoding in Base64
-	$start = $is_ascii ? "=?US-ASCII?Q?" : "=?UTF-8?B?";
-	$end = "?=";
-	$delimiter = "$eol ";
+	$start = '=?' . ($is_ascii ? 'US-ASCII' : 'UTF-8') . '?' . $scheme . '?';
+	$end = '?=';
 
 	// Maximum encoded-word length is 75 as per RFC 2047 section 2.
-	// $split_length *must* be a multiple of 4, but <= 75 - strlen($start . $delimiter . $end)!!!
-	$split_length = 75 - strlen($start . $delimiter . $end);
+	// $split_length *must* be a multiple of 4, but <= 75 - strlen($start . $eol . $end)!!!
+	$split_length = 75 - strlen($start . $eol . $end);
 	$split_length = $split_length - $split_length % 4;
 
-	// Use the Quoted-Printable encoding for ASCII strings to avoid unnecessary encoding in Base64
-	$encoded_str = $is_ascii ? quoted_printable_encode($str) : base64_encode($str);
+	$line_length = strlen($start) + strlen($end);
+	$line_offset = strlen($start) + 1;
+	$line_data = '';
 
-	// If encoded string meets the limits, we just return with the correct data.
-	if (strlen($encoded_str) <= $split_length)
+	$is_quoted_printable = 'Q' === $scheme;
+
+	preg_match_all('/./us', $str, $chars);
+	$chars = $chars[0] ?? [];
+
+	$str = [];
+	foreach ($chars as $char)
 	{
-		return $start . $encoded_str . $end;
-	}
+		$encoded_char = $is_quoted_printable
+			? $char = preg_replace_callback(
+				'/[=_\?\x20\x00-\x1F\x80-\xFF]/',
+				function ($matches)
+				{
+					$hex = dechex(ord($matches[0]));
+					$hex = strlen($hex) == 1 ? "0$hex" : $hex;
+					return '=' . strtoupper($hex);
+				},
+				$char
+			)
+			: base64_encode($line_data . $char);
 
-	// If there is only ASCII data, we just return what we want, correctly splitting the lines.
-	if ($is_ascii)
-	{
-		return $start . implode($end . $delimiter . $start, str_split($encoded_str, $split_length)) . $end;
-	}
-
-	// UTF-8 data, compose encoded lines
-	$array = utf8_str_split($str);
-	$str = '';
-
-	while (count($array))
-	{
-		$text = '';
-
-		while (count($array) && intval((strlen($text . $array[0]) + 2) / 3) << 2 <= $split_length)
+		if (isset($encoded_char[$split_length - $line_length]))
 		{
-			$text .= array_shift($array);
+			if (!$is_quoted_printable)
+			{
+				$line_data = base64_encode($line_data);
+			}
+			$str[] = $start . $line_data . $end;
+			$line_length = $line_offset;
+			$line_data = '';
 		}
 
-		$str .= $start . base64_encode($text) . $end . $delimiter;
+		$line_data .= $char;
+		$is_quoted_printable && $line_length += strlen($char);
 	}
 
-	return substr($str, 0, -strlen($delimiter));
+	if ($line_data !== '')
+	{
+		if (!$is_quoted_printable)
+		{
+			$line_data = base64_encode($line_data);
+		}
+		$str[] = $start . $line_data . $end;
+	}
+
+	return implode($eol . ' ', $str);
 }
 
 /**
@@ -1906,7 +1925,7 @@ function mail_encode($str, $eol = "\r\n")
  */
 function phpbb_mail($to, $subject, $msg, $headers, $eol, &$err_msg)
 {
-	global $config, $phpbb_root_path, $phpEx;
+	global $config, $phpbb_root_path, $phpEx, $phpbb_dispatcher;
 
 	// Convert Numeric Character References to UTF-8 chars (ie. Emojis)
 	$subject = utf8_decode_ncr($subject);
@@ -1935,8 +1954,54 @@ function phpbb_mail($to, $subject, $msg, $headers, $eol, &$err_msg)
 	 */
 	$additional_parameters = $config['email_force_sender'] ? '-f' . $config['board_email'] : '';
 
+	/**
+	 * Modify data before sending out emails with PHP's mail function
+	 *
+	 * @event core.phpbb_mail_before
+	 * @var	string	to						The message recipient
+	 * @var	string	subject					The message subject
+	 * @var	string	msg						The message text
+	 * @var string	headers					The email headers
+	 * @var string	eol						The endline character
+	 * @var string	additional_parameters	The additional parameters
+	 * @since 3.3.6-RC1
+	 */
+	$vars = [
+		'to',
+		'subject',
+		'msg',
+		'headers',
+		'eol',
+		'additional_parameters',
+	];
+	extract($phpbb_dispatcher->trigger_event('core.phpbb_mail_before', compact($vars)));
+
 	$result = mail($to, mail_encode($subject, ''), wordwrap(utf8_wordwrap($msg), 997, "\n", true), $headers, $additional_parameters);
 
+	/**
+	 * Execute code after sending out emails with PHP's mail function
+	 *
+	 * @event core.phpbb_mail_after
+	 * @var	string	to						The message recipient
+	 * @var	string	subject					The message subject
+	 * @var	string	msg						The message text
+	 * @var string	headers					The email headers
+	 * @var string	eol						The endline character
+	 * @var string	additional_parameters	The additional parameters
+	 * @var bool	result					True if the email was sent, false otherwise
+	 * @since 3.3.6-RC1
+	 */
+	$vars = [
+		'to',
+		'subject',
+		'msg',
+		'headers',
+		'eol',
+		'additional_parameters',
+		'result',
+	];
+	extract($phpbb_dispatcher->trigger_event('core.phpbb_mail_after', compact($vars)));
+
 	$collector->uninstall();
 	$err_msg = $collector->format_errors();
 

phpBB/includes/functions_module.php

@@ -662,7 +662,7 @@ class p_master
 		// Add url_extra parameter to u_action url
 		if (!empty($this->module_ary) && $this->active_module !== false && $this->module_ary[$this->active_module_row_id]['url_extra'])
 		{
-			$this->module->u_action .= $this->module_ary[$this->active_module_row_id]['url_extra'];
+			$this->module->u_action .= '&' . $this->module_ary[$this->active_module_row_id]['url_extra'];
 		}
 
 		// Assign the module path for re-usage
@@ -920,7 +920,7 @@ class p_master
 			}
 
 			// Was not allowed in categories before - /*!$item_ary['cat'] && */
-			$u_title .= (isset($item_ary['url_extra'])) ? $item_ary['url_extra'] : '';
+			$u_title .= (isset($item_ary['url_extra']) && $item_ary['url_extra']) ? '&' . $item_ary['url_extra'] : '';
 
 			// Only output a categories items if it's currently selected
 			if (!$depth || ($depth && (in_array($item_ary['parent'], array_values($this->module_cache['parents'])) || $item_ary['parent'] == $this->p_parent)))

phpBB/includes/functions_posting.php

@@ -813,20 +813,42 @@ function posting_gen_inline_attachments(&$attachment_data)
 }
 
 /**
-* Generate inline attachment entry
-*/
-function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true)
+ * Generate inline attachment entry
+ *
+ * @param array		$attachment_data	The attachment data
+ * @param string	$filename_data		The filename data (filecomment)
+ * @param bool		$show_attach_box	Whether to show the attach box
+ * @param mixed		$forum_id			The forum id to check or false if private message
+ * @return int
+ */
+function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true, $forum_id = false)
 {
-	global $template, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher;
+	global $template, $cache, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher;
+
+	$allowed_attachments = array_keys($cache->obtain_attach_extensions($forum_id)['_allowed_']);
 
 	// Some default template variables
-	$template->assign_vars(array(
+	$default_vars = [
 		'S_SHOW_ATTACH_BOX'				=> $show_attach_box,
 		'S_HAS_ATTACHMENTS'				=> count($attachment_data),
 		'FILESIZE'						=> $config['max_filesize'],
 		'FILE_COMMENT'					=> (isset($filename_data['filecomment'])) ? $filename_data['filecomment'] : '',
 		'MAX_ATTACHMENT_FILESIZE'		=> $config['max_filesize'] > 0 ? $user->lang('MAX_ATTACHMENT_FILESIZE', get_formatted_filesize($config['max_filesize'])) : '',
-	));
+		'ALLOWED_ATTACHMENTS'			=> !empty($allowed_attachments) ? implode(',', $allowed_attachments) : '',
+	];
+
+	/**
+	 * Modify default attachments template vars
+	 *
+	 * @event core.modify_default_attachments_template_vars
+	 * @var	array	allowed_attachments		Array containing allowed attachments data
+	 * @var	array	default_vars			Array containing default attachments template vars
+	 * @since 3.3.6-RC1
+	 */
+	$vars = ['allowed_attachments', 'default_vars'];
+	extract($phpbb_dispatcher->trigger_event('core.modify_default_attachments_template_vars', compact($vars)));
+
+	$template->assign_vars($default_vars);
 
 	if (count($attachment_data))
 	{

phpBB/includes/ucp/ucp_activate.php

@@ -76,10 +76,12 @@ class ucp_activate
 		if ($update_password)
 		{
 			$sql_ary = array(
-				'user_actkey'		=> '',
-				'user_password'		=> $user_row['user_newpasswd'],
-				'user_newpasswd'	=> '',
-				'user_login_attempts'	=> 0,
+				'user_actkey'				=> '',
+				'user_password'				=> $user_row['user_newpasswd'],
+				'user_newpasswd'			=> '',
+				'user_login_attempts'		=> 0,
+				'reset_token'				=> '',
+				'reset_token_expiration'	=> 0,
 			);
 
 			$sql = 'UPDATE ' . USERS_TABLE . '
@@ -101,8 +103,14 @@ class ucp_activate
 
 			user_active_flip('activate', $user_row['user_id']);
 
-			$sql = 'UPDATE ' . USERS_TABLE . "
-				SET user_actkey = ''
+			$sql_ary = [
+				'user_actkey'				=> '',
+				'reset_token'				=> '',
+				'reset_token_expiration'	=> 0,
+			];
+
+			$sql = 'UPDATE ' . USERS_TABLE . '
+				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 				WHERE user_id = {$user_row['user_id']}";
 			$db->sql_query($sql);
 

phpBB/includes/ucp/ucp_prefs.php

@@ -159,33 +159,23 @@ class ucp_prefs
 				phpbb_timezone_select($template, $user, $data['tz'], true);
 
 				// check if there are any user-selectable languages
-				$sql = 'SELECT COUNT(lang_id) as languages_count
-								FROM ' . LANG_TABLE;
+				$sql = 'SELECT lang_iso, lang_local_name
+					FROM ' . LANG_TABLE . '
+					ORDER BY lang_english_name';
 				$result = $db->sql_query($sql);
-				if ($db->sql_fetchfield('languages_count') > 1)
-				{
-					$s_more_languages = true;
-				}
-				else
-				{
-					$s_more_languages = false;
-				}
+				$lang_row = (array) $db->sql_fetchrowset($result);
 				$db->sql_freeresult($result);
+				$s_more_languages = count($lang_row) > 1;
 
 				// check if there are any user-selectable styles
-				$sql = 'SELECT COUNT(style_id) as styles_count
-								FROM ' . STYLES_TABLE . '
-								WHERE style_active = 1';
+				$sql = 'SELECT style_id, style_name
+					FROM ' . STYLES_TABLE . '
+					WHERE style_active = 1
+					ORDER BY style_name';
 				$result = $db->sql_query($sql);
-				if ($db->sql_fetchfield('styles_count') > 1)
-				{
-					$s_more_styles = true;
-				}
-				else
-				{
-					$s_more_styles = false;
-				}
+				$styles_row = (array) $db->sql_fetchrowset($result);
 				$db->sql_freeresult($result);
+				$s_more_styles = count($styles_row) > 1;
 
 				$template->assign_vars(array(
 					'ERROR'				=> (count($error)) ? implode('<br />', $error) : '',
@@ -205,11 +195,11 @@ class ucp_prefs
 					'DEFAULT_DATEFORMAT'	=> $config['default_dateformat'],
 					'A_DEFAULT_DATEFORMAT'	=> addslashes($config['default_dateformat']),
 
-					'S_MORE_LANGUAGES'	=> $s_more_languages,
+					'S_MORE_LANGUAGES'		=> $s_more_languages,
 					'S_MORE_STYLES'			=> $s_more_styles,
 
-					'S_LANG_OPTIONS'		=> language_select($data['lang']),
-					'S_STYLE_OPTIONS'		=> ($config['override_user_style']) ? '' : style_select($data['user_style']),
+					'S_LANG_OPTIONS'		=> language_select($data['lang'], $lang_row),
+					'S_STYLE_OPTIONS'		=> ($config['override_user_style']) ? '' : style_select($data['user_style'], false, $styles_row),
 					'S_CAN_HIDE_ONLINE'		=> ($auth->acl_get('u_hideonline')) ? true : false,
 					'S_SELECT_NOTIFY'		=> ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false)
 				);

phpBB/includes/ucp/ucp_register.php

@@ -150,15 +150,11 @@ class ucp_register
 			}
 
 			// Checking amount of available languages
-			$sql = 'SELECT lang_id
-				FROM ' . LANG_TABLE;
+			$sql = 'SELECT lang_iso, lang_local_name
+				FROM ' . LANG_TABLE . '
+				ORDER BY lang_english_name';
 			$result = $db->sql_query($sql);
-
-			$lang_row = array();
-			while ($row = $db->sql_fetchrow($result))
-			{
-				$lang_row[] = $row;
-			}
+			$lang_row = (array) $db->sql_fetchrowset($result);
 			$db->sql_freeresult($result);
 
 			if ($coppa === false && $config['coppa_enable'])
@@ -171,7 +167,7 @@ class ucp_register
 				unset($now);
 
 				$template_vars = array(
-					'S_LANG_OPTIONS'	=> (count($lang_row) > 1) ? language_select($user_lang) : '',
+					'S_LANG_OPTIONS'	=> (count($lang_row) > 1) ? language_select($user_lang, $lang_row) : '',
 					'L_COPPA_NO'		=> $user->lang('UCP_COPPA_BEFORE', $coppa_birthday),
 					'L_COPPA_YES'		=> $user->lang('UCP_COPPA_ON_AFTER', $coppa_birthday),
 
@@ -186,7 +182,7 @@ class ucp_register
 			else
 			{
 				$template_vars = array(
-					'S_LANG_OPTIONS'	=> (count($lang_row) > 1) ? language_select($user_lang) : '',
+					'S_LANG_OPTIONS'	=> (count($lang_row) > 1) ? language_select($user_lang, $lang_row) : '',
 					'L_TERMS_OF_USE'	=> sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
 
 					'S_SHOW_COPPA'		=> false,
@@ -367,7 +363,7 @@ class ucp_register
 					$config['require_activation'] == USER_ACTIVATION_SELF ||
 					$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
 				{
-					$user_actkey = gen_rand_string(mt_rand(6, 10));
+					$user_actkey = strtolower(gen_rand_string(32));
 					$user_type = USER_INACTIVE;
 					$user_inactive_reason = INACTIVE_REGISTER;
 					$user_inactive_time = time();
@@ -633,6 +629,14 @@ class ucp_register
 		// Assign template vars for timezone select
 		phpbb_timezone_select($template, $user, $data['tz'], true);
 
+		// Checking amount of available languages
+		$sql = 'SELECT lang_iso, lang_local_name
+			FROM ' . LANG_TABLE . '
+			ORDER BY lang_english_name';
+		$result = $db->sql_query($sql);
+		$lang_row = (array) $db->sql_fetchrowset($result);
+		$db->sql_freeresult($result);
+
 		$template_vars = array(
 			'USERNAME'			=> $data['username'],
 			'PASSWORD'			=> $data['new_password'],
@@ -643,7 +647,7 @@ class ucp_register
 			'L_USERNAME_EXPLAIN'		=> $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
 			'L_PASSWORD_EXPLAIN'		=> $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
 
-			'S_LANG_OPTIONS'	=> language_select($data['lang']),
+			'S_LANG_OPTIONS'	=> (count($lang_row) > 1) ? language_select($data['lang'], $lang_row) : '',
 			'S_TZ_PRESELECT'	=> !$submit,
 			'S_CONFIRM_REFRESH'	=> ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false,
 			'S_REGISTRATION'	=> true,

phpBB/install/convertors/convert_phpbb20.php

@@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms);
 $convertor_data = array(
 	'forum_name'	=> 'phpBB 2.0.x',
 	'version'		=> '1.0.3',
-	'phpbb_version'	=> '3.3.5',
+	'phpbb_version'	=> '3.3.6',
 	'author'		=> '<a href="https://www.phpbb.com/">phpBB Limited</a>',
 	'dbms'			=> $dbms,
 	'dbhost'		=> $dbhost,

phpBB/install/phpbbcli.php

@@ -23,7 +23,7 @@ if (php_sapi_name() !== 'cli')
 define('IN_PHPBB', true);
 define('IN_INSTALL', true);
 define('PHPBB_ENVIRONMENT', 'production');
-define('PHPBB_VERSION', '3.3.5');
+define('PHPBB_VERSION', '3.3.6');
 $phpbb_root_path = __DIR__ . '/../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 

phpBB/install/schemas/schema_data.sql

@@ -316,7 +316,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('update_hashes_lock
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.3.5');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.3.6');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 

phpBB/language/en/acp/attachments.php

@@ -170,4 +170,5 @@ $lang = array_merge($lang, array(
 	'UPLOAD_DIR_EXPLAIN'			=> 'Storage path for attachments. Please note that if you change this directory while already having uploaded attachments you need to manually copy the files to their new location.',
 	'UPLOAD_ICON'					=> 'Upload icon',
 	'UPLOAD_NOT_DIR'				=> 'The upload location you specified does not appear to be a directory.',
+	'UPLOAD_POST_NOT_EXIST'			=> 'File “%1$s” can not be uploaded to post number %2$d as the post does not exist.',
 ));

phpBB/language/en/install.php

@@ -347,7 +347,7 @@ $lang = array_merge($lang, array(
 // Common updater messages
 $lang = array_merge($lang, array(
 	'UPDATE_INSTALLATION'			=> 'Update phpBB installation',
-	'UPDATE_INSTALLATION_EXPLAIN'	=> 'With this option, it is possible to update your phpBB installation to the latest version.<br />During the process all of your files will be checked for their integrity. You are able to review all differences and files before the update.<br /><br />The file update itself can be done in two different ways.</p><h2>Manual Update</h2><p>With this update you only download your personal set of changed files to make sure you do not lose your file modifications you may have done. After you downloaded this package you need to manually upload the files to their correct position under your phpBB root directory. Once done, you are able to do the file check stage again to see if you moved the files to their correct location.</p><h2>Automatic Update with FTP</h2><p>This method is similar to the first one but without the need to download the changed files and uploading them on your own. This will be done for you. In order to use this method you need to know your FTP login details since you will be asked for them. Once finished you will be redirected to the file check again to make sure everything got updated correctly.<br /><br />',
+	'UPDATE_INSTALLATION_EXPLAIN'	=> 'With this option, it is possible to update your phpBB installation to the latest version.<br />During the process all of your files will be checked for their integrity. You are able to review all differences and files before the update.<br /><br />The file update itself can be done in two different ways.</p><h2>Manual Update</h2><p>With this update you only download your personal set of changed files to make sure you do not lose your file modifications you may have done. After you downloaded this package you need to manually upload the files to their correct position under your phpBB root directory. Once done, you are able to do the file check stage again to see if you moved the files to their correct location.</p><h2>Advanced Update with FTP</h2><p>This method is similar to the first one but without the need to download the changed files and uploading them on your own. This will be done for you. In order to use this method you need to know your FTP login details since you will be asked for them. Once finished you will be redirected to the file check again to make sure everything got updated correctly.<br /><br />',
 	'UPDATE_INSTRUCTIONS'			=> '
 
 		<h1>Release announcement</h1>
@@ -358,7 +358,7 @@ $lang = array_merge($lang, array(
 
 		<h1>How to update your installation with the Full Package</h1>
 
-		<p>The recommended way of updating your installation is using the full package. If core phpBB files have been modified in your installation you may wish to use the automatic update package in order to not lose these changes. You are also able to update your installation using the other methods listed within the INSTALL.html document. The steps for updating phpBB3 using the full package are:</p>
+		<p>The recommended way of updating your installation is using the full package. If core phpBB files have been modified in your installation you may wish to use the advanced update package in order to not lose these changes. You are also able to update your installation using the other methods listed within the INSTALL.html document. The steps for updating phpBB3 using the full package are:</p>
 
 		<ol style="margin-left: 20px; font-size: 1.1em;">
 			<li><strong class="error">Backup all board files and the database.</strong></li>
@@ -379,12 +379,12 @@ $lang = array_merge($lang, array(
 			<li>Update your style<br><br></li>
 		</ul>
 
-		<h1>How to update your installation with the Automatic Update Package</h1>
+		<h1>How to update your installation with the Advanced Update Package</h1>
 
-		<p>The automatic update package is only recommended in case core phpBB files have been modified in your installation. You are also able to update your installation using the methods listed within the INSTALL.html document. The steps for updating phpBB3 using the automatic update package are:</p>
+		<p>The advanced update package is only recommended for expert users in case core phpBB files have been modified in your installation. You are also able to update your installation using the methods listed within the INSTALL.html document. The steps for updating phpBB3 using the advanced update package are:</p>
 
 		<ol style="margin-left: 20px; font-size: 1.1em;">
-			<li>Go to the <a href="https://www.phpbb.com/downloads/" title="https://www.phpbb.com/downloads/">phpBB.com downloads page</a> and download the "Automatic Update Package" archive.</li>
+			<li>Go to the <a href="https://www.phpbb.com/downloads/" title="https://www.phpbb.com/downloads/">phpBB.com downloads page</a> and download the "Advanced Update Package" archive.</li>
 			<li>Unpack the archive.</li>
 			<li>Upload the complete uncompressed "install" and "vendor" folders to your phpBB root directory (where your config.php file is).<br><br></li>
 		</ol>

phpBB/language/en/migrator.php

@@ -77,5 +77,6 @@ $lang = array_merge($lang, array(
 	'PARENT_MODULE_FIND_ERROR'			=> 'Unable to determine the parent module identifier: %s',
 	'PERMISSION_NOT_EXIST'				=> 'The permission setting "%s" unexpectedly does not exist.',
 
+	'ROLE_ASSIGNED_NOT_EXIST'			=> 'The permission role assigned to group "%1$s" unexpectedly does not exist. Role id: "%2$s"',
 	'ROLE_NOT_EXIST'					=> 'The permission role "%s" unexpectedly does not exist.',
 ));

phpBB/phpbb/config/db.php

@@ -170,9 +170,9 @@ class db extends config
 		if (!isset($this->config[$key]))
 		{
 			$sql = 'INSERT INTO ' . $this->table . ' ' . $this->db->sql_build_array('INSERT', array(
-				'config_name'	=> $this->db->sql_escape($key),
-				'config_value'	=> $this->db->sql_escape($new_value),
-				'is_dynamic'	=> ($use_cache) ? 0 : 1));
+				'config_name'	=> $key,
+				'config_value'	=> $new_value,
+				'is_dynamic'	=> $use_cache ? 0 : 1));
 			$this->db->sql_query($sql);
 		}
 

phpBB/phpbb/db/driver/sqlite3.php

@@ -390,7 +390,7 @@ class sqlite3 extends \phpbb\db\driver\driver
 				{
 					$html_table = false;
 
-					if ($result = $this->dbo->query("EXPLAIN QUERY PLAN $explain_query"))
+					if ($result = @$this->dbo->query("EXPLAIN QUERY PLAN $explain_query"))
 					{
 						while ($row = $result->fetchArray(SQLITE3_ASSOC))
 						{

phpBB/phpbb/db/migration/data/v33x/remove_orphaned_roles.php

@@ -0,0 +1,74 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v33x;
+
+class remove_orphaned_roles extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return ['\phpbb\db\migration\data\v33x\v335'];
+	}
+
+	public function update_data()
+	{
+		return [
+			['custom', [[$this, 'acl_remove_orphaned_roles']]],
+		];
+	}
+
+	public function acl_remove_orphaned_roles()
+	{
+		$role_ids = [];
+
+		$sql = 'SELECT auth_role_id
+			FROM ' . ACL_GROUPS_TABLE . '
+			WHERE auth_role_id <> 0
+				AND forum_id = 0';
+		$result = $this->db->sql_query($sql);
+		$auth_role_ids = array_keys($this->db->sql_fetchrowset($result));
+		$this->db->sql_freeresult($result);
+
+		if (count($auth_role_ids))
+		{
+			$sql = 'SELECT role_id
+				FROM ' . ACL_ROLES_TABLE . '
+				WHERE ' . $this->db->sql_in_set('role_id', $auth_role_ids);
+			$result = $this->db->sql_query($sql);
+			$role_ids = array_keys($this->db->sql_fetchrowset($result));
+			$this->db->sql_freeresult($result);
+		}
+
+		$non_existent_role_ids = array_diff($auth_role_ids, $role_ids);
+
+		// Nothing to do, there are no non-existent roles assigned to groups
+		if (empty($non_existent_role_ids))
+		{
+			return true;
+		}
+
+		// Remove assigned non-existent roles from users and groups
+		$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
+			WHERE ' . $this->db->sql_in_set('auth_role_id', $non_existent_role_ids);
+		$this->db->sql_query($sql);
+
+		$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
+			WHERE ' . $this->db->sql_in_set('auth_role_id', $non_existent_role_ids);
+		$this->db->sql_query($sql);
+
+		$auth = new \phpbb\auth\auth();
+		$auth->acl_clear_prefetch();
+
+		return true;
+	}
+}

phpBB/phpbb/db/migration/data/v33x/v336.php

@@ -0,0 +1,36 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\db\migration\data\v33x;
+
+class v336 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return version_compare($this->config['version'], '3.3.6', '>=');
+	}
+
+	public static function depends_on()
+	{
+		return [
+			'\phpbb\db\migration\data\v33x\v336rc1',
+		];
+	}
+
+	public function update_data()
+	{
+		return [
+			['config.update', ['version', '3.3.6']],
+		];
+	}
+}

phpBB/phpbb/db/migration/data/v33x/v336rc1.php

@@ -0,0 +1,36 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\db\migration\data\v33x;
+
+class v336rc1 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return version_compare($this->config['version'], '3.3.6-RC1', '>=');
+	}
+
+	public static function depends_on()
+	{
+		return [
+			'\phpbb\db\migration\data\v33x\remove_orphaned_roles',
+		];
+	}
+
+	public function update_data()
+	{
+		return [
+			['config.update', ['version', '3.3.6-RC1']],
+		];
+	}
+}

phpBB/phpbb/db/migration/tool/permission.php

@@ -21,6 +21,9 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 	/** @var \phpbb\auth\auth */
 	protected $auth;
 
+	/** @var \includes\acp\auth\auth_admin */
+	protected $auth_admin;
+
 	/** @var \phpbb\cache\service */
 	protected $cache;
 
@@ -49,6 +52,12 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 		$this->auth = $auth;
 		$this->phpbb_root_path = $phpbb_root_path;
 		$this->php_ext = $php_ext;
+
+		if (!class_exists('auth_admin'))
+		{
+			include($this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext);
+		}
+		$this->auth_admin = new \auth_admin();
 	}
 
 	/**
@@ -118,12 +127,6 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 		// We've added permissions, so set to true to notify the user.
 		$this->permissions_added = true;
 
-		if (!class_exists('auth_admin'))
-		{
-			include($this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext);
-		}
-		$auth_admin = new \auth_admin();
-
 		// We have to add a check to see if the !$global (if global, local, and if local, global) permission already exists.  If it does, acl_add_option currently has a bug which would break the ACL system, so we are having a work-around here.
 		if ($this->exists($auth_option, !$global))
 		{
@@ -140,19 +143,19 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 		{
 			if ($global)
 			{
-				$auth_admin->acl_add_option(array('global' => array($auth_option)));
+				$this->auth_admin->acl_add_option(array('global' => array($auth_option)));
 			}
 			else
 			{
-				$auth_admin->acl_add_option(array('local' => array($auth_option)));
+				$this->auth_admin->acl_add_option(array('local' => array($auth_option)));
 			}
 		}
 
 		// The permission has been added, now we can copy it if needed
-		if ($copy_from && isset($auth_admin->acl_options['id'][$copy_from]))
+		if ($copy_from && isset($this->auth_admin->acl_options['id'][$copy_from]))
 		{
-			$old_id = $auth_admin->acl_options['id'][$copy_from];
-			$new_id = $auth_admin->acl_options['id'][$auth_option];
+			$old_id = $this->auth_admin->acl_options['id'][$copy_from];
+			$new_id = $this->auth_admin->acl_options['id'][$auth_option];
 
 			$tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE);
 
@@ -177,7 +180,7 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 				}
 			}
 
-			$auth_admin->acl_clear_prefetch();
+			$this->auth_admin->acl_clear_prefetch();
 		}
 	}
 
@@ -291,6 +294,8 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 
 		$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
 		$this->db->sql_query($sql);
+
+		return $this->db->sql_nextid();
 	}
 
 	/**
@@ -327,6 +332,66 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 			return;
 		}
 
+		// Get the role type
+		$sql = 'SELECT role_type
+			FROM ' . ACL_ROLES_TABLE . '
+			WHERE role_id = ' . (int) $role_id;
+		$result = $this->db->sql_query($sql);
+		$role_type = $this->db->sql_fetchfield('role_type');
+		$this->db->sql_freeresult($result);
+
+		// Get complete auth array
+		$sql = 'SELECT auth_option, auth_option_id
+			FROM ' . ACL_OPTIONS_TABLE . "
+			WHERE auth_option " . $this->db->sql_like_expression($role_type . $this->db->get_any_char());
+		$result = $this->db->sql_query($sql);
+
+		$auth_settings = [];
+		while ($row = $this->db->sql_fetchrow($result))
+		{
+			$auth_settings[$row['auth_option']] = ACL_NO;
+		}
+		$this->db->sql_freeresult($result);
+
+		// Get the role auth settings we need to re-set...
+		$sql = 'SELECT o.auth_option, r.auth_setting
+			FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
+			WHERE o.auth_option_id = r.auth_option_id
+				AND r.role_id = ' . (int) $role_id;
+		$result = $this->db->sql_query($sql);
+
+		while ($row = $this->db->sql_fetchrow($result))
+		{
+			$auth_settings[$row['auth_option']] = $row['auth_setting'];
+		}
+		$this->db->sql_freeresult($result);
+
+		// Get role assignments
+		$hold_ary = $this->auth_admin->get_role_mask($role_id);
+
+		// Re-assign permissions
+		foreach ($hold_ary as $forum_id => $forum_ary)
+		{
+			if (isset($forum_ary['users']))
+			{
+				$this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
+			}
+
+			if (isset($forum_ary['groups']))
+			{
+				$this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
+			}
+		}
+
+		// Remove role from users and groups just to be sure (happens through acl_set)
+		$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
+			WHERE auth_role_id = ' . $role_id;
+		$this->db->sql_query($sql);
+
+		$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
+			WHERE auth_role_id = ' . $role_id;
+		$this->db->sql_query($sql);
+
 		$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
 			WHERE role_id = ' . $role_id;
 		$this->db->sql_query($sql);
@@ -425,6 +490,11 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 						WHERE role_id = ' . $role_id;
 					$this->db->sql_query($sql);
 					$role_data = $this->db->sql_fetchrow();
+					if (!$role_data)
+					{
+						throw new \phpbb\db\migration\exception('ROLE_ASSIGNED_NOT_EXIST', $name, $role_id);
+					}
+
 					$role_name = $role_data['role_name'];
 					$role_type = $role_data['role_type'];
 
@@ -571,6 +641,10 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 						WHERE role_id = ' . $role_id;
 					$this->db->sql_query($sql);
 					$role_name = $this->db->sql_fetchfield('role_name');
+					if (!$role_name)
+					{
+						throw new \phpbb\db\migration\exception('ROLE_ASSIGNED_NOT_EXIST', $name, $role_id);
+					}
 
 					return $this->permission_unset($role_name, $auth_option, 'role');
 				}

phpBB/phpbb/di/extension/container_configuration.php

@@ -40,6 +40,7 @@ class container_configuration implements ConfigurationInterface
 						->booleanNode('sql_explain')->defaultValue(false)->end()
 						->booleanNode('memory')->defaultValue(false)->end()
 						->booleanNode('show_errors')->defaultValue(false)->end()
+						->booleanNode('error_handler')->defaultValue(false)->end()
 					->end()
 				->end()
 				->arrayNode('twig')

phpBB/phpbb/event/md_exporter.php

@@ -364,6 +364,64 @@ class md_exporter
 		return $rst_exporter->get_rst_output();
 	}
 
+	/**
+	 * Format the md events as BBCode list
+	 *
+	 * @param string $action
+	 * @return string		Events BBCode
+	 */
+	public function export_events_for_bbcode(string $action = ''): string
+	{
+		if ($this->filter === 'adm')
+		{
+			if ($action === 'diff')
+			{
+				$bbcode_text = "[size=150]ACP Template Events[/size]\n";
+			}
+			else
+			{
+				$bbcode_text = "[size=200]ACP Template Events[/size]\n";
+			}
+		}
+		else
+		{
+			if ($action === 'diff')
+			{
+				$bbcode_text = "[size=150]Template Events[/size]\n";
+			}
+			else
+			{
+				$bbcode_text = "[size=200]Template Events[/size]\n";
+			}
+		}
+
+		if (!count($this->events))
+		{
+			return $bbcode_text . "[list][*][i]None[/i][/list]\n";
+		}
+
+		foreach ($this->events as $event_name => $event)
+		{
+			$bbcode_text .= "[list]\n";
+			$bbcode_text .= "[*][b]{$event_name}[/b]\n";
+
+			if ($this->filter === 'adm')
+			{
+				$bbcode_text .= "Placement: " . implode(', ', $event['files']['adm']) . "\n";
+			}
+			else
+			{
+				$bbcode_text .= "Prosilver Placement: " . implode(', ', $event['files']['prosilver']) . "\n";
+			}
+
+			$bbcode_text .= "Added in Release: {$event['since']}\n";
+			$bbcode_text .= "Explanation: {$event['description']}\n";
+			$bbcode_text .= "[/list]\n";
+		}
+
+		return $bbcode_text;
+	}
+
 	/**
 	* Validates a template event name
 	*

phpBB/phpbb/event/php_exporter.php

@@ -207,6 +207,37 @@ class php_exporter
 		return $rst_exporter->get_rst_output();
 	}
 
+	/**
+	 * Format the PHP events as a BBCode list
+	 *
+	 * @param string $action
+	 * @return string
+	 */
+	public function export_events_for_bbcode(string $action = ''): string
+	{
+		if ($action === 'diff')
+		{
+			$bbcode_text = '[size=150]PHP Events[/size]' . "\n";
+		}
+		else
+		{
+			$bbcode_text = '[size=200]PHP Events[/size]' . "\n";
+		}
+
+		foreach ($this->events as $event)
+		{
+			$bbcode_text .= "[list]\n";
+			$bbcode_text .= "[*][b]{$event['event']}[/b]\n";
+			$bbcode_text .= "Placement: {$event['file']}\n";
+			$bbcode_text .= 'Arguments: ' . implode(', ', $event['arguments']) . "\n";
+			$bbcode_text .= "Added in Release: {$event['since']}\n";
+			$bbcode_text .= "Explanation: {$event['description']}\n";
+			$bbcode_text .= "[/list]\n";
+		}
+
+		return $bbcode_text;
+	}
+
 	/**
 	* @param string $file
 	* @return int Number of events found in this file

phpBB/phpbb/mimetype/extension_guesser.php

@@ -163,7 +163,6 @@ class extension_guesser extends guesser_base
 		'ivr'		=> 'i-world/i-vrml',
 		'ivy'		=> 'application/x-livescreen',
 		'jam'		=> 'audio/x-jam',
-		'jav'		=> 'text/plain',
 		'jav'		=> 'text/x-java-source',
 		'java'		=> 'text/x-java-source',
 		'jcm'		=> 'application/x-java-commerce',

phpBB/phpbb/notification/manager.php

@@ -255,9 +255,36 @@ class manager
 			'ignore_users'		=> array(),
 		), $options);
 
+		$notified_users = [];
+		$add_notifications_override = false;
+
+		/**
+		* Get notification data before find_users_for_notification() execute
+		*
+		* @event core.notification_manager_add_notifications_before
+		* @var	bool			add_notifications_override	Flag indicating whether function should return after event
+		* @var	array|string	notification_type_name		Type identifier or array of item types
+		* @var	string			data						Data specific for this notification type that will be inserted
+		* @var	array 			notified_users				Array of notified users
+		* @var	string			options						Optional options to control what notifications are loaded
+		* @since 3.3.6-RC1
+		*/
+		$vars = [
+			'add_notifications_override',
+			'notification_type_name',
+			'data',
+			'notified_users',
+			'options',
+		];
+		extract($this->phpbb_dispatcher->trigger_event('core.notification_manager_add_notifications_before', compact($vars)));
+
+		if ($add_notifications_override)
+		{
+			return $notified_users;
+		}
+
 		if (is_array($notification_type_name))
 		{
-			$notified_users = array();
 			$temp_options = $options;
 
 			foreach ($notification_type_name as $type)

phpBB/phpbb/search/fulltext_mysql.php

@@ -568,8 +568,8 @@ class fulltext_mysql extends \phpbb\search\base
 		);
 		extract($this->phpbb_dispatcher->trigger_event('core.search_mysql_keywords_main_query_before', compact($vars)));
 
-		$sql_select			= (!$result_count) ? 'SQL_CALC_FOUND_ROWS ' : '';
-		$sql_select			= ($type == 'posts') ? $sql_select . 'p.post_id' : 'DISTINCT ' . $sql_select . 't.topic_id';
+		$sql_select			= ($type == 'posts') ? 'p.post_id' : 'DISTINCT t.topic_id';
+		$sql_select			.= $sort_by_sql[$sort_key] ? ", {$sort_by_sql[$sort_key]}" : '';
 		$sql_from			= ($join_topic) ? TOPICS_TABLE . ' t, ' : '';
 		$field				= ($type == 'posts') ? 'post_id' : 'topic_id';
 		if (count($author_ary) && $author_name)
@@ -610,11 +610,10 @@ class fulltext_mysql extends \phpbb\search\base
 		$this->db->sql_freeresult($result);
 
 		$id_ary = array_unique($id_ary);
-
 		// if the total result count is not cached yet, retrieve it from the db
 		if (!$result_count && count($id_ary))
 		{
-			$sql_found_rows = 'SELECT FOUND_ROWS() as result_count';
+			$sql_found_rows = str_replace("SELECT $sql_select", "SELECT COUNT(*) as result_count", $sql);
 			$result = $this->db->sql_query($sql_found_rows);
 			$result_count = (int) $this->db->sql_fetchfield('result_count');
 			$this->db->sql_freeresult($result);
@@ -828,12 +827,13 @@ class fulltext_mysql extends \phpbb\search\base
 		extract($this->phpbb_dispatcher->trigger_event('core.search_mysql_author_query_before', compact($vars)));
 
 		// If the cache was completely empty count the results
-		$calc_results = ($result_count) ? '' : 'SQL_CALC_FOUND_ROWS ';
+		$sql_select	= ($type == 'posts') ? 'p.post_id' : 't.topic_id';
+		$sql_select	.= $sort_by_sql[$sort_key] ? ", {$sort_by_sql[$sort_key]}" : '';
 
 		// Build the query for really selecting the post_ids
 		if ($type == 'posts')
 		{
-			$sql = "SELECT {$calc_results}p.post_id
+			$sql = "SELECT $sql_select
 				FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($firstpost_only) ? ', ' . TOPICS_TABLE . ' t ' : ' ') . "
 				WHERE $sql_author
 					$sql_topic_id
@@ -847,7 +847,7 @@ class fulltext_mysql extends \phpbb\search\base
 		}
 		else
 		{
-			$sql = "SELECT {$calc_results}t.topic_id
+			$sql = "SELECT $sql_select
 				FROM " . $sql_sort_table . TOPICS_TABLE . ' t, ' . POSTS_TABLE . " p
 				WHERE $sql_author
 					$sql_topic_id
@@ -857,7 +857,7 @@ class fulltext_mysql extends \phpbb\search\base
 					AND t.topic_id = p.topic_id
 					$sql_sort_join
 					$sql_time
-				GROUP BY t.topic_id
+				GROUP BY $sql_select
 				ORDER BY $sql_sort";
 			$field = 'topic_id';
 		}
@@ -874,9 +874,10 @@ class fulltext_mysql extends \phpbb\search\base
 		// retrieve the total result count if needed
 		if (!$result_count)
 		{
-			$sql_found_rows = 'SELECT FOUND_ROWS() as result_count';
+			$sql_found_rows = str_replace("SELECT $sql_select", "SELECT COUNT(*) as result_count", $sql);
 			$result = $this->db->sql_query($sql_found_rows);
-			$result_count = (int) $this->db->sql_fetchfield('result_count');
+			$result_count = ($type == 'posts') ? (int) $this->db->sql_fetchfield('result_count') : count($this->db->sql_fetchrowset($result));
+
 			$this->db->sql_freeresult($result);
 
 			if (!$result_count)

phpBB/phpbb/search/fulltext_native.php

@@ -253,6 +253,16 @@ class fulltext_native extends \phpbb\search\base
 						$keywords[$i] = ' ';
 					break;
 					case '-':
+						// Ignore hyphen if followed by a space
+						if (isset($keywords[$i + 1]) && $keywords[$i + 1] == ' ')
+						{
+							$keywords[$i] = ' ';
+						}
+						else
+						{
+							$space = $keywords[$i];
+						}
+					break;
 					case '+':
 						$space = $keywords[$i];
 					break;
@@ -898,9 +908,6 @@ class fulltext_native extends \phpbb\search\base
 			switch ($this->db->get_sql_layer())
 			{
 				case 'mysqli':
-
-					// 3.x does not support SQL_CALC_FOUND_ROWS
-					// $sql_array['SELECT'] = 'SQL_CALC_FOUND_ROWS ' . $sql_array['SELECT'];
 					$is_mysql = true;
 
 				break;
@@ -958,16 +965,10 @@ class fulltext_native extends \phpbb\search\base
 			);
 		}
 
-		// if using mysql and the total result count is not calculated yet, get it from the db
-		if (!$total_results && $is_mysql)
-		{
-			// Also count rows for the query as if there was not LIMIT. Add SQL_CALC_FOUND_ROWS to SQL
-			$sql_array['SELECT'] = 'SQL_CALC_FOUND_ROWS ' . $sql_array['SELECT'];
-		}
-
 		$sql_array['WHERE'] = implode(' AND ', $sql_where);
 		$sql_array['GROUP_BY'] = ($group_by) ? (($type == 'posts') ? 'p.post_id' : 'p.topic_id') . ', ' . $sort_by_sql[$sort_key] : '';
 		$sql_array['ORDER_BY'] = $sql_sort;
+		$sql_array['SELECT'] .= $sort_by_sql[$sort_key] ? ", {$sort_by_sql[$sort_key]}" : '';
 
 		unset($sql_where, $sql_sort, $group_by);
 
@@ -980,10 +981,10 @@ class fulltext_native extends \phpbb\search\base
 		}
 		$this->db->sql_freeresult($result);
 
+		// If using mysql and the total result count is not calculated yet, get it from the db
 		if (!$total_results && $is_mysql)
 		{
-			// Get the number of results as calculated by MySQL
-			$sql_count = 'SELECT FOUND_ROWS() as total_results';
+			$sql_count = str_replace("SELECT {$sql_array['SELECT']}", "SELECT COUNT(DISTINCT {$sql_array['SELECT']}) as total_results", $sql);
 			$result = $this->db->sql_query($sql_count);
 			$total_results = (int) $this->db->sql_fetchfield('total_results');
 			$this->db->sql_freeresult($result);
@@ -1005,7 +1006,6 @@ class fulltext_native extends \phpbb\search\base
 				$id_ary[] = (int) $row[(($type == 'posts') ? 'post_id' : 'topic_id')];
 			}
 			$this->db->sql_freeresult($result);
-
 		}
 
 		// store the ids, from start on then delete anything that isn't on the current page because we only need ids for one page
@@ -1137,6 +1137,7 @@ class fulltext_native extends \phpbb\search\base
 		}
 
 		$select = ($type == 'posts') ? 'p.post_id' : 't.topic_id';
+		$select .= $sort_by_sql[$sort_key] ? ", {$sort_by_sql[$sort_key]}" : '';
 		$is_mysql = false;
 
 		/**
@@ -1192,7 +1193,6 @@ class fulltext_native extends \phpbb\search\base
 			switch ($this->db->get_sql_layer())
 			{
 				case 'mysqli':
-//					$select = 'SQL_CALC_FOUND_ROWS ' . $select;
 					$is_mysql = true;
 				break;
 
@@ -1285,15 +1285,9 @@ class fulltext_native extends \phpbb\search\base
 
 		if (!$total_results && $is_mysql)
 		{
-			// Count rows for the executed queries. Replace $select within $sql with SQL_CALC_FOUND_ROWS, and run it.
-			$sql_calc = str_replace('SELECT ' . $select, 'SELECT SQL_CALC_FOUND_ROWS ' . $select, $sql);
-
-			$result = $this->db->sql_query($sql_calc);
-			$this->db->sql_freeresult($result);
-
-			$sql_count = 'SELECT FOUND_ROWS() as total_results';
+			$sql_count = str_replace("SELECT $select", "SELECT COUNT(*) as total_results", $sql);
 			$result = $this->db->sql_query($sql_count);
-			$total_results = (int) $this->db->sql_fetchfield('total_results');
+			$total_results = ($type == 'posts') ? (int) $this->db->sql_fetchfield('total_results') : count($this->db->sql_fetchrowset($result));
 			$this->db->sql_freeresult($result);
 
 			if (!$total_results)

phpBB/phpbb/search/fulltext_postgres.php

@@ -836,8 +836,9 @@ class fulltext_postgres extends \phpbb\search\base
 					GROUP BY t.topic_id, $sort_by_sql[$sort_key]";
 			}
 
-			$this->db->sql_query($sql_count);
-			$result_count = (int) $this->db->sql_fetchfield('result_count');
+			$result = $this->db->sql_query($sql_count);
+			$result_count = ($type == 'posts') ? (int) $this->db->sql_fetchfield('result_count') : count($this->db->sql_fetchrowset($result));
+			$this->db->sql_freeresult($result);
 
 			if (!$result_count)
 			{

phpBB/phpbb/template/twig/extension.php

@@ -79,6 +79,8 @@ class extension extends \Twig\Extension\AbstractExtension
 			new \Twig\TwigFilter('subset', array($this, 'loop_subset'), array('needs_environment' => true)),
 			// @deprecated 3.2.0 Uses twig's JS escape method instead of addslashes
 			new \Twig\TwigFilter('addslashes', 'addslashes'),
+			new \Twig\TwigFilter('int', 'intval'),
+			new \Twig\TwigFilter('float', 'floatval'),
 		);
 	}
 

phpBB/posting.php

@@ -87,24 +87,25 @@ switch ($mode)
 		$post_id = $request->variable('p', 0);
 		if ($post_id)
 		{
-			$topic_forum = array();
+			$topic_forum = [];
 
 			$sql = 'SELECT t.topic_id, t.forum_id
 				FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
 				WHERE p.post_id = ' . $post_id . '
 				AND t.topic_id = p.topic_id';
 			$result = $db->sql_query($sql);
-			$topic_forum = $db->sql_fetchrow();
-			$topic_id = (int) $topic_forum['topic_id'];
-			$forum_id = (int) $topic_forum['forum_id'];
+			$topic_forum = $db->sql_fetchrow($result);
 			$db->sql_freeresult($result);
 		}
 
-		if (!$post_id || !$topic_id || !$forum_id)
+		if (!$post_id || !$topic_forum)
 		{
 			$user->setup('posting');
 			trigger_error('NO_POST');
 		}
+
+		$topic_id = (int) $topic_forum['topic_id'];
+		$forum_id = (int) $topic_forum['forum_id'];
 	break;
 }
 
@@ -2078,7 +2079,7 @@ if ($allowed)
 }
 
 // Attachment entry
-posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
+posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
 
 // Output page ...
 page_header($page_title);

phpBB/styles/prosilver/style.cfg

@@ -21,8 +21,8 @@
 # General Information about this style
 name = prosilver
 copyright = © phpBB Limited, 2007
-style_version = 3.3.5
-phpbb_version = 3.3.5
+style_version = 3.3.6
+phpbb_version = 3.3.6
 
 # Defining a different template bitfield
 # template_bitfield = //g=

phpBB/styles/prosilver/template/memberlist_email.html

@@ -71,7 +71,7 @@
 			<dl>
 				<dt><label for="lang">{L_DEST_LANG}{L_COLON}</label><br />
 					<span>{L_DEST_LANG_EXPLAIN}</span></dt>
-				<dd><select name="lang">{S_LANG_OPTIONS}</select></dd>
+				<dd><select name="lang" id="lang">{S_LANG_OPTIONS}</select></dd>
 			</dl>
 		<!-- ENDIF -->
 		<dl>

phpBB/styles/prosilver/template/posting_attach_body.html

@@ -8,7 +8,7 @@
 	<dl>
 		<dt><label for="fileupload">{L_FILENAME}{L_COLON}</label></dt>
 		<dd>
-			<input type="file" name="fileupload" id="fileupload" class="inputbox autowidth" />
+			<input type="file" accept="{{ ALLOWED_ATTACHMENTS }}" name="fileupload" id="fileupload" class="inputbox autowidth" />
 			<input type="submit" name="add_file" value="{L_ADD_FILE}" class="button2" onclick="upload = true;" />
 		</dd>
 	</dl>

phpBB/styles/prosilver/template/ucp_register.html

@@ -57,10 +57,12 @@
 	<hr />
 
 	<!-- EVENT ucp_register_options_before -->
+	{% if S_LANG_OPTIONS %}
 	<dl>
-		<dt><label for="lang">{L_LANGUAGE}{L_COLON}</label></dt>
-		<dd><select name="lang" id="lang" onchange="change_language(this.value); return false;" tabindex="6" title="{L_LANGUAGE}">{S_LANG_OPTIONS}</select></dd>
+		<dt><label for="lang">{{ lang('LANGUAGE') ~ lang('COLON') }}</label></dt>
+		<dd><select name="lang" id="lang" onchange="change_language(this.value); return false;" tabindex="6" title="{{ lang('LANGUAGE') }}">{{ S_LANG_OPTIONS }}</select></dd>
 	</dl>
+	{% endif %}
 
 	<!-- INCLUDE timezone_option.html -->
 

phpBB/styles/prosilver/theme/content.css

@@ -735,6 +735,10 @@ fieldset.polls dd div {
 	margin-bottom: 10px;
 }
 
+.profile-rank img {
+	max-width: 160px;
+}
+
 /* Post-profile avatars */
 .postprofile .has-avatar .avatar-container {
 	margin-bottom: 3px;

phpBB/styles/prosilver/theme/stylesheet.css

@@ -11,9 +11,9 @@
 @import url("base.css?hash=7c5543be");
 @import url("utilities.css?hash=d8f72c42");
 @import url("common.css?hash=a9741ba1");
-@import url("links.css?hash=cbeb92cc");
-@import url("content.css?hash=56f9e623");
-@import url("buttons.css?hash=5856472d");
+@import url("links.css?hash=18286e16");
+@import url("content.css?hash=be57a41d");
+@import url("buttons.css?hash=56f0d25f");
 @import url("cp.css?hash=50d868ab");
 @import url("forms.css?hash=b64464fb");
 @import url("icons.css?hash=64da33ce");

phpBB/viewforum.php

@@ -999,7 +999,7 @@ if (count($topic_list))
 			'S_TOPIC_MOVED'			=> ($row['topic_status'] == ITEM_MOVED) ? true : false,
 
 			'U_NEWEST_POST'			=> $auth->acl_get('f_read', $forum_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&view=unread') . '#unread' : false,
-			'U_LAST_POST'			=> $auth->acl_get('f_read', $forum_id)  ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&p=' . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'] : false,
+			'U_LAST_POST'			=> $auth->acl_get('f_read', $forum_id)  ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'] : false,
 			'U_LAST_POST_AUTHOR'	=> get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']),
 			'U_TOPIC_AUTHOR'		=> get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']),
 			'U_VIEW_TOPIC'			=> $view_topic_url,

tests/config/db_test.php

@@ -86,6 +86,17 @@ class phpbb_config_db_test extends phpbb_database_test_case
 		$this->cache->checkVar($this, 'config', array('foo' => '23', 'foobar' => '5'));
 	}
 
+	public function test_set_new_json()
+	{
+		$json_value = '{"menu":{"id":"file","value":"File"}}';
+		$this->config->set('foobar_json', $json_value);
+		$this->assertEquals($json_value, $this->config['foobar_json']);
+
+		// re-read config and populate cache
+		$config2 = new \phpbb\config\db($this->db, $this->cache, 'phpbb_config');
+		$this->cache->checkVar($this, 'config', ['foo' => '23', 'foobar_json' => $json_value]);
+	}
+
 	public function test_set_new_uncached()
 	{
 		$this->config->set('foobar', '5', false);

tests/config/db_text_test.php

@@ -46,6 +46,13 @@ class phpbb_config_db_text_test extends phpbb_database_test_case
 		$this->assertSame('phpbb', $this->config_text->get('barz'));
 	}
 
+	public function test_set_new_get_json()
+	{
+		$json_value = '{"menu":{"id":"file","value":"File"}}';
+		$this->config_text->set('foobar_json', $json_value);
+		$this->assertEquals($json_value, $this->config_text->get('foobar_json'));
+	}
+
 	public function test_set_replace_get()
 	{
 		$this->config_text->set('foo', '24');

tests/dbal/migrator_tool_permission_role_test.php

@@ -0,0 +1,198 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+class phpbb_dbal_migrator_tool_permission_role_test extends phpbb_database_test_case
+{
+	/** @var \phpbb\auth\auth */
+	protected $auth;
+
+	/** @var \includes\acp\auth\auth_admin */
+	protected $auth_admin;
+
+	/** @var \phpbb\db\migration\tool\permission */
+	protected $tool;
+
+	public $group_ids = [
+		'REGISTERED' => 2,
+		'GLOBAL_MODERATORS' => 4,
+		'ADMINISTRATORS' => 5,
+	];
+
+	public $new_roles = [
+		[
+			'ROLE_ADMIN_NEW',
+			'a_',
+			'A new admin role',
+			'a_new',
+		],
+		[
+			'ROLE_MODERATOR_NEW',
+			'm_',
+			'A new mod role',
+			'm_new',
+		],
+		[
+			'ROLE_USER_NEW',
+			'u_',
+			'A new user role',
+			'u_new',
+		],
+	];
+
+	public $new_role_ids = [];
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(__DIR__.'/fixtures/migrator_permission.xml');
+	}
+
+	protected function setUp(): void
+	{
+		// Global $db and $cache are needed in acp/auth.php constructor
+		global $phpbb_root_path, $phpEx, $db, $cache;
+
+		parent::setup();
+
+		$db = $this->db = $this->new_dbal();
+		$cache = $this->cache = new \phpbb\cache\service(new \phpbb\cache\driver\dummy(), new \phpbb\config\config(array()), $this->db, $phpbb_root_path, $phpEx);
+		$this->auth = new \phpbb\auth\auth();
+
+		// Initialize this auth_admin instance later after adding new auth options via this->tool->add()
+		if (!class_exists('auth_admin'))
+		{
+			include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
+		}
+
+		$this->tool = new \phpbb\db\migration\tool\permission($this->db, $this->cache, $this->auth, $phpbb_root_path, $phpEx);
+
+		$this->new_roles_add();
+	}
+
+	public function new_roles_add()
+	{
+		foreach ($this->new_roles as $new_role_data)
+		{
+			$role_name = $new_role_data[0];
+			$role_type = $new_role_data[1];
+			$role_description = $new_role_data[2];
+			$role_auth_option = $new_role_data[3];
+
+			$this->tool->add($role_auth_option);
+			$this->new_role_ids[$role_name] = $this->tool->role_add($role_name, $role_type, $role_description);
+		}
+
+		// Initialize external auth_admin instance here to keep acl_options array in sync with the one from the permission tool
+		$this->auth_admin = new \auth_admin();
+	}
+
+	public function data_test_new_role_exists()
+	{
+		return [
+			['ROLE_ADMIN_NEW', true],
+			['ROLE_MODERATOR_NEW', true],
+			['ROLE_USER_NEW', true],
+		];
+	}
+
+	/**
+	 * @dataProvider data_test_new_role_exists
+	 */
+	public function test_permission_new_role_exists($role_name, $expected)
+	{
+		$this->assertEquals($expected, (bool) $this->tool->role_exists($role_name));
+	}
+
+	public function data_test_permission_assign_new_roles()
+	{
+		return [
+			[
+				'group',
+				0,
+				'ADMINISTRATORS',
+				['a_new' => true],
+				'ROLE_ADMIN_NEW',
+			],
+			[
+				'group',
+				0,
+				'GLOBAL_MODERATORS',
+				['m_new' => true],
+				'ROLE_MODERATOR_NEW',
+			],
+			[
+				'group',
+				0,
+				'REGISTERED',
+				['u_new' => true],
+				'ROLE_USER_NEW',
+			],
+		];
+	}
+
+	/**
+	 * @dataProvider data_test_permission_assign_new_roles
+	 */
+	public function test_permission_assign_new_roles($ug_type, $forum_id, $group_name, $auth, $role_name, $clear_prefetch = true)
+	{
+		$auth_option = key($auth);
+		$group_id = (int) $this->group_ids[$group_name];
+		$role_id = (int) $this->new_role_ids[$role_name];
+		$expected = current($auth);
+
+		// Set auth options for each role
+		$this->tool->permission_set($role_name, $auth_option, 'role', true);
+
+		// Assign roles to groups
+		$this->auth_admin->acl_set($ug_type, $forum_id, $group_id, $auth, $role_id, $clear_prefetch);
+
+		// Test if role based group permissions assigned correctly
+		$new_perm_state = $this->auth->acl_group_raw_data($group_id, $auth_option);
+		$this->assertEquals($expected, !empty($new_perm_state), "$auth_option is " . ($expected ? 'empty' : 'not empty') . " for $group_name");
+	}
+
+	/**
+	 * @dataProvider data_test_permission_assign_new_roles
+	 * @depends test_permission_new_role_exists
+	 * @depends test_permission_assign_new_roles
+	 */
+	public function test_permission_new_role_remove($ug_type, $forum_id, $group_name, $auth, $role_name)
+	{
+		$auth_option = key($auth);
+		$group_id = (int) $this->group_ids[$group_name];
+		$role_id = (int) $this->new_role_ids[$role_name];
+
+		$sql = 'SELECT agt.auth_role_id
+			FROM ' . ACL_GROUPS_TABLE . ' agt, ' . ACL_ROLES_TABLE . ' art
+			WHERE agt.auth_role_id = art.role_id
+				AND art.role_id = ' . $role_id;
+
+		// Set auth options for each role
+		$this->tool->permission_set($role_name, $auth_option, 'role', true);
+
+		// Assign roles to groups
+		$this->auth_admin->acl_set($ug_type, $forum_id, $group_id, $auth, $role_id);
+
+		// Check if the role is assigned to the group
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($role_id, $this->db->sql_fetchfield('auth_role_id'));
+		$this->db->sql_freeresult($result);
+
+		$this->tool->role_remove($role_name);
+		$this->assertFalse((bool) $this->tool->role_exists($role_name));
+
+		// Check if the role is unassigned
+		$result = $this->db->sql_query($sql);
+		$this->assertFalse($this->db->sql_fetchfield('auth_role_id'));
+		$this->db->sql_freeresult($result);
+	}
+}

tests/email/headers_encoding_test.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+class phpbb_headers_encoding_test extends phpbb_test_case
+{
+	protected function setUp(): void
+	{
+		global $phpbb_root_path, $phpEx;
+
+		if (!function_exists('mail_encode'))
+		{
+			include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+		}
+	}
+
+	public function headers_encoding_data()
+	{
+		return [
+			['test@yourdomain.com <phpBB fake test email>', 'Q', 'US-ASCII'],
+			['test@yourdomain.com <Несуществующий почтовый адрес phpBB>', 'B', 'UTF-8'],
+			["\xE3\x83\x86\xE3\x82\xB9\xE3\x83\x88\xE3\x83\x86\xE3\x82\xB9\xE3\x83\x88", 'B', 'UTF-8'],
+		];
+	}
+
+	/**
+	 * @dataProvider headers_encoding_data
+	 */
+	public function test_headers_encoding($header, $scheme, $encoding)
+	{
+		$encoded_string = mail_encode($header);
+		$this->assertStringStartsWith("=?$encoding?$scheme?", $encoded_string);
+		$this->assertStringEndsWith('?=', $encoded_string);
+
+		// Result of iconv_mime_decode() on decoded header should be equal to initial header
+		$decoded_string = iconv_mime_decode($encoded_string, 0, $encoding);
+		$this->assertEquals(0, strcmp($header, $decoded_string));
+	}
+}

tests/extension/manager_test.php

@@ -30,6 +30,7 @@ class phpbb_extension_manager_test extends phpbb_database_test_case
 	{
 		parent::setUp();
 
+		$this->db = null;
 		$this->extension_manager = $this->create_extension_manager();
 	}
 
@@ -95,7 +96,10 @@ class phpbb_extension_manager_test extends phpbb_database_test_case
 
 		$this->assertEquals(array('vendor2/foo'), array_keys($this->extension_manager->all_enabled()));
 		$this->extension_manager->enable('vendor2/bar');
-		$this->assertEquals(array('vendor2/bar', 'vendor2/foo'), array_keys($this->extension_manager->all_enabled()));
+
+		// We should see the extension as being disabled
+		$this->assertEquals(array('vendor2/bar', 'vendor2/foo'), array_keys($this->create_extension_manager()->all_enabled()));
+
 		$this->assertEquals(array('vendor/moo', 'vendor2/bar', 'vendor2/foo'), array_keys($this->extension_manager->all_configured()));
 
 		$this->assertEquals(4, vendor2\bar\ext::$state);
@@ -119,7 +123,9 @@ class phpbb_extension_manager_test extends phpbb_database_test_case
 
 		$this->assertEquals(array('vendor2/foo'), array_keys($this->extension_manager->all_enabled()));
 		$this->extension_manager->disable('vendor2/foo');
-		$this->assertEquals(array(), array_keys($this->extension_manager->all_enabled()));
+
+		$this->assertEquals([], array_keys($this->extension_manager->all_enabled()));
+
 		$this->assertEquals(array('vendor/moo', 'vendor2/foo'), array_keys($this->extension_manager->all_configured()));
 
 		$this->assertTrue(vendor2\foo\ext::$disabled);
@@ -147,7 +153,6 @@ class phpbb_extension_manager_test extends phpbb_database_test_case
 
 	protected function create_extension_manager($with_cache = true)
 	{
-
 		$config = new \phpbb\config\config(array('version' => PHPBB_VERSION));
 		$db = $this->new_dbal();
 		$factory = new \phpbb\db\tools\factory();

tests/functional/acp_attachments_test.php

@@ -0,0 +1,118 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+ * @group functional
+ */
+class phpbb_functional_acp_attachments_test extends phpbb_functional_test_case
+{
+	private $path;
+
+	protected function setUp(): void
+	{
+		parent::setUp();
+		$this->path = __DIR__ . '/fixtures/files/';
+		$this->add_lang('posting');
+	}
+
+	protected function tearDown(): void
+	{
+		$iterator = new DirectoryIterator(__DIR__ . '/../../phpBB/files/');
+		foreach ($iterator as $fileinfo)
+		{
+			if (
+				$fileinfo->isDot()
+				|| $fileinfo->isDir()
+				|| $fileinfo->getFilename() === 'index.htm'
+				|| $fileinfo->getFilename() === '.htaccess'
+			)
+			{
+				continue;
+			}
+
+			unlink($fileinfo->getPathname());
+		}
+	}
+
+	private function upload_file($filename, $mimetype)
+	{
+		$crawler = self::$client->request(
+			'GET',
+			'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid
+		);
+
+		$file_form_data = array_merge(['add_file' => $this->lang('ADD_FILE')], $this->get_hidden_fields($crawler, 'posting.php?mode=reply&f=2&t=1&sid=' . $this->sid));
+
+		$file = array(
+			'tmp_name' => $this->path . $filename,
+			'name' => $filename,
+			'type' => $mimetype,
+			'size' => filesize($this->path . $filename),
+			'error' => UPLOAD_ERR_OK,
+		);
+
+		$crawler = self::$client->request(
+			'POST',
+			'posting.php?mode=reply&t=1&sid=' . $this->sid,
+			$file_form_data,
+			array('fileupload' => $file)
+		);
+
+		return $crawler;
+	}
+
+	public function test_orphaned_attachments()
+	{
+		$this->login();
+		$this->add_lang(['common', 'acp/common', 'acp/attachments']);
+		$crawler = $this->upload_file('valid.jpg', 'image/jpeg');
+
+		// Ensure there was no error message rendered
+		$this->assertStringNotContainsString('<h2>' . $this->lang('INFORMATION') . '</h2>', $this->get_content());
+
+		// Also the file name should be in the first row of the files table
+		$this->assertEquals('valid.jpg', $crawler->filter('span.file-name > a')->text());
+		
+		$attach_link = $crawler->filter('span.file-name > a')->attr('href');
+		$attach_id = $this->get_parameter_from_link($attach_link, 'id');
+
+		// Set file time older than 3 hours to consider it orphan
+		$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
+			SET filetime = filetime - ' . 4*60*60 . '
+			WHERE attach_id = ' . (int) $attach_id;
+		$this->db->sql_query($sql);
+
+		$this->admin_login();
+		$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_attachments&mode=orphan');
+		$this->assertContainsLang('ACP_ORPHAN_ATTACHMENTS_EXPLAIN', $this->get_content());
+		$this->assertStringContainsString('valid.jpg', $crawler->filter('tbody a')->text());
+
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form([
+			"post_id[$attach_id]"	=> 99999, // Random
+		]);
+		$form["add[$attach_id]"]->tick();
+		$crawler = self::submit($form);
+
+		$this->assertContainsLang('UPLOADING_FILES', $this->get_content());
+		$this->assertStringContainsString($this->lang('UPLOADING_FILE_TO', 'valid.jpg', 99999), $this->get_content());
+		$this->assertStringContainsString($this->lang('UPLOAD_POST_NOT_EXIST', 'valid.jpg', 99999), $crawler->filter('span[class="error"]')->text());
+
+		// Delete the file
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
+		$form["delete[$attach_id]"]->tick();
+		$crawler = self::submit($form);
+
+		$this->assertContainsLang('NOTIFY', $crawler->filter('.successbox')->text());
+		$this->assertStringContainsString(strip_tags($this->lang('LOG_ATTACH_ORPHAN_DEL', 'valid.jpg')), $crawler->filter('.successbox > p')->text());
+	}
+}

tests/functional/auth_test.php

@@ -101,7 +101,7 @@ class phpbb_functional_auth_test extends phpbb_functional_test_case
 		$this->assertStringContainsString($this->lang('AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE'), $crawler->filter('h3')->text());
 		$form = $crawler->selectButton($this->lang('UCP_AUTH_LINK_LINK'))->form();
 		$crawler = self::submit($form);
-		$this->assertStringContainsString('Google Accounts', $crawler->filter('title')->text());
+		$this->assertStringContainsString('accounts.google.com', $crawler->filter('base')->attr('href'));
 
 		// Test OAuth linking for registration
 		$this->logout();
@@ -111,7 +111,7 @@ class phpbb_functional_auth_test extends phpbb_functional_test_case
 		$crawler = self::submit($form);
 		$this->assertContainsLang('AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE', $crawler->filter('a[class="button2"]')->text());
 		$crawler = self::request('GET', 'ucp.php?mode=login&login=external&oauth_service=google');
-		$this->assertStringContainsString('Google Accounts', $crawler->filter('title')->text());
+		$this->assertStringContainsString('accounts.google.com', $crawler->filter('base')->attr('href'));
 
 		// Restore default auth method, but unset random keys first
 		// Restart webclient as we were redirected to external site before

tests/functional/extension_acp_test.php

@@ -43,8 +43,6 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case
 
 		$this->purge_cache();
 
-		$this->get_db();
-
 		// Clear the phpbb_ext table
 		$this->db->sql_query('DELETE FROM phpbb_ext');
 

tests/functional/feed_test.php

@@ -868,24 +868,6 @@ class phpbb_functional_feed_test extends phpbb_functional_test_case
 		$this->set_flood_interval(15);
 	}
 
-	protected function set_flood_interval($flood_interval)
-	{
-		$this->login();
-		$this->admin_login();
-
-		$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_board&mode=post');
-
-		$form = $crawler->selectButton('Submit')->form();
-		$values = $form->getValues();
-
-		$values['config[flood_interval]'] = $flood_interval;
-		$form->setValues($values);
-		$crawler = self::submit($form);
-		self::assertGreaterThan(0, $crawler->filter('.successbox')->count());
-
-		$this->logout();
-	}
-
 	public function test_feeds_unapproved_topic_admin()
 	{
 		$this->load_ids(array(

tests/functional/mcp/mcp_logs_test.php

@@ -0,0 +1,35 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @group functional
+*/
+class phpbb_functional_mcp_logs_test extends phpbb_functional_test_case
+{
+	public function test_delete_logs()
+	{
+		$this->add_lang(['mcp', 'common']);
+
+		$this->login();
+		$crawler = self::request('GET', "mcp.php?i=mcp_logs&mode=front&sid={$this->sid}");
+		$this->assertGreaterThanOrEqual(1, $crawler->filter('input[type=checkbox]')->count());
+
+		$form = $crawler->selectButton($this->lang('DELETE_ALL'))->form();
+		$crawler = self::submit($form);
+
+		$form = $crawler->selectButton($this->lang('YES'))->form();
+		$crawler = self::submit($form);
+
+		$this->assertCount(0, $crawler->filter('input[type=checkbox]'));
+	}
+}

tests/functional/mcp/mcp_main_test.php

@@ -0,0 +1,319 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @group functional
+*/
+class phpbb_functional_mcp_main_test extends phpbb_functional_test_case
+{
+	public function test_create_topics()
+	{
+		$this->add_lang(['acp/common', 'acp/forums', 'common']);
+		$this->login();
+		$this->admin_login();
+
+		$this->set_flood_interval(0);
+
+		// Create a forum to move topics around
+		$forum_name = 'MCP Test #1';
+		$crawler = self::request('GET', "adm/index.php?i=acp_forums&mode=manage&sid={$this->sid}");
+		$form = $crawler->selectButton($this->lang('CREATE_FORUM'))->form([
+			'forum_name'	=> $forum_name,
+		]);
+		$crawler = self::submit($form);
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form([
+			'forum_parent_id'	=> 1,
+			'forum_perm_from'	=> 2,
+		]);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('FORUM_CREATED', $crawler->text());
+
+		// Create topics to test with
+		$post = [];
+		$post[] = $this->create_topic(2, 'Test Topic 3', 'Testing forum moderation actions from MCP/View forum page.');
+		$crawler = self::request('GET', "viewtopic.php?t={$post[0]['topic_id']}&sid={$this->sid}");
+		$this->assertStringContainsString('Testing forum moderation actions from MCP/View forum page.', $crawler->filter('html')->text());
+
+		$post[] = $this->create_topic(2, 'Topic to merge with', 'Testing merge topics moderation actions from MCP/View forum page.');
+		$crawler = self::request('GET', "viewtopic.php?t={$post[1]['topic_id']}&sid={$this->sid}");
+		$this->assertStringContainsString('Testing merge topics moderation actions from MCP/View forum page.', $crawler->filter('html')->text());
+
+		$this->set_flood_interval(15);
+
+		return $post;
+}
+
+
+	/**
+	 * @depends test_create_topics
+	 */
+	public function test_mcp_view_forum($post)
+	{
+		$this->add_lang(['common']);
+		$this->login();
+
+		// Browse MCP main page from forum view (gives &f=2)
+		$crawler = self::request('GET', "viewforum.php?f=2&sid={$this->sid}");
+		$crawler = self::$client->click($crawler->selectLink($this->lang('MCP_SHORT'))->link());
+
+		// Test forum moderation page has a list of topics to select
+		$this->assertGreaterThanOrEqual(3, $crawler->filter('input[type=checkbox]')->count());
+
+		return $post;
+	}
+
+	public function mcp_view_forum_actions_data()
+	{
+		// action, success message, require_confirmation
+		return [
+			['delete_topic', 'TOPIC_DELETED_SUCCESS', true],
+			['restore_topic', 'TOPIC_RESTORED_SUCCESS', true],
+			['fork', 'TOPIC_FORKED_SUCCESS', true],
+			['lock', 'TOPIC_LOCKED_SUCCESS', true],
+			['unlock', 'TOPIC_UNLOCKED_SUCCESS', true],
+			['resync', 'TOPIC_RESYNC_SUCCESS', false],
+			['make_global', 'TOPIC_TYPE_CHANGED', true],
+			['make_announce', 'TOPIC_TYPE_CHANGED', true],
+			['make_sticky', 'TOPIC_TYPE_CHANGED', true],
+			['make_normal', 'TOPIC_TYPE_CHANGED', true],
+			['merge_topics', 'POSTS_MERGED_SUCCESS', true],
+			['move', 'TOPIC_MOVED_SUCCESS', true],
+		];
+	}
+
+	/**
+	 * @depends test_mcp_view_forum
+	 * @dataProvider mcp_view_forum_actions_data
+	 */
+	public function test_mcp_view_forum_actions($action, $message, $require_confirmation, $post)
+	{
+		$topic_id_1 = $post[0]['topic_id'];
+		$topic_id_2 = $post[1]['topic_id'];
+
+		$this->add_lang(['common', 'mcp']);
+		$this->login();
+
+		$crawler = self::request('GET', "viewforum.php?f=2&sid={$this->sid}");
+		$crawler = self::$client->click($crawler->selectLink($this->lang('MCP_SHORT'))->link());
+
+		// Test actions
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form()->disableValidation()->setValues([
+			'action' => $action,
+			'topic_id_list' => [$action == 'move' ? $topic_id_2 : $topic_id_1], // while moving, topic_id_1 has been already merged into topic_id_2
+		]);
+		$crawler = self::submit($form);
+
+		if ($require_confirmation)
+		{
+			if ($action == 'merge_topics')
+			{
+				// Merge topic_id_1 into topic_id_2
+				$select_for_merge_link = $crawler->selectLink($this->lang('SELECT_MERGE'))->reduce(
+					function ($node, $i) use ($topic_id_2)
+					{
+						return (bool) strpos($node->attr('href'), "to_topic_id=$topic_id_2");
+					}
+				)->link();
+
+				$crawler = self::$client->click($select_for_merge_link);
+			}
+
+			$form = $crawler->selectButton($this->lang('YES'))->form();
+
+			if (in_array($action, ['fork', 'move']))
+			{
+				// Fork or move the topic to the 'MCP Test #1'
+				$forum_id = $crawler->filter('select > option')->reduce(
+					function ($node, $i)
+					{
+						return (bool) strpos($node->text(), 'MCP Test #1');
+					}
+				)->attr('value');
+				$form['to_forum_id']->select($forum_id);
+			}
+
+			$crawler = self::submit($form);
+		}
+
+		$this->assertStringContainsString($this->lang($message), $crawler->filter('#message p')->text());
+	}
+
+	/**
+	 * @depends test_mcp_view_forum_actions
+	 */
+	public function test_mcp_view_forum_permanently_delete_topic()
+	{
+		$this->add_lang(['common', 'mcp']);
+		$this->login();
+
+		// Get to the forum 'MCP Test #1' where the topic has been moved to in previous test
+		$crawler = self::request('GET', "index.php?sid={$this->sid}");
+		$crawler = self::$client->click($crawler->selectLink('MCP Test #1')->link());
+		$crawler = self::$client->click($crawler->selectLink($this->lang('MCP_SHORT'))->link());
+
+		// Get topic ids to delete (forked and moved topics in the previous test)
+		$topic_link_1 = $crawler->selectLink('Test Topic 3')->attr('href');
+		$topic_link_2 = $crawler->selectLink('Topic to merge with')->attr('href');
+		$topic_ids = [
+			(int) $this->get_parameter_from_link($topic_link_1, 't'),
+			(int) $this->get_parameter_from_link($topic_link_2, 't'),
+		];
+
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form()->disableValidation()->setValues([
+			'action' => 'delete_topic',
+			'topic_id_list' => $topic_ids, // tick both topics in the list
+		]);
+		$crawler = self::submit($form);
+
+		$form = $crawler->selectButton($this->lang('YES'))->form();
+		$form['delete_permanent']->tick();
+		$crawler = self::submit($form);
+		$this->assertStringContainsString($this->lang('TOPICS_DELETED_SUCCESS'), $crawler->filter('#message p')->text());
+	}
+
+	public function mcp_view_topic_actions_data()
+	{
+		// action, success message, require_confirmation
+		return [
+			['lock_post', 'POSTS_LOCKED_SUCCESS', true],
+			['unlock_post', 'POSTS_UNLOCKED_SUCCESS', true],
+			['resync', 'TOPIC_RESYNC_SUCCESS', false],
+			['split_all', 'TOPIC_SPLIT_SUCCESS', true],
+			['split_beyond', 'TOPIC_SPLIT_SUCCESS', true],
+			['merge_posts', 'POSTS_MERGED_SUCCESS', true],
+			['delete_post', 'POSTS_DELETED_SUCCESS', true],
+		];
+	}
+
+	public function test_create_topic_with_replies()
+	{
+		$this->login();
+
+		// Create topic and replies to test with
+		$post = [];
+		$post[] = $this->create_topic(2, 'Test Topic 4', 'Testing topic moderation actions from MCP/View topic page.');
+		$crawler = self::request('GET', "viewtopic.php?t={$post[0]['topic_id']}&sid={$this->sid}");
+		$this->assertStringContainsString('Testing topic moderation actions from MCP/View topic page.', $crawler->filter('html')->text());
+
+		// Create replies. Flood control was disabled above
+		for ($i = 1; $i <= 15; $i++)
+		{
+			sleep(1);
+			$post_text = "This is reply number $i to the Test Topic 4 to test moderation actions from MCP/View topic page.";
+			$post[$i] = $this->create_post(2, $post[0]['topic_id'], 'Re: Test Topic 4', $post_text);
+			$crawler = self::request('GET', "viewtopic.php?p={$post[$i]['post_id']}&sid={$this->sid}#p{$post[$i]['post_id']}");
+			$this->assertStringContainsString($post_text, $crawler->filter('html')->text());
+		}
+
+		return $post;
+	}
+
+	/**
+	 * @depends test_create_topic_with_replies
+	 * @dataProvider mcp_view_topic_actions_data
+	 */
+	public function test_mcp_view_topic_actions($action, $message, $require_confirmation, $post)
+	{
+		$this->add_lang(['common', 'mcp']);
+		$this->login();
+
+		$crawler = self::request('GET', "viewtopic.php?t={$post[0]['topic_id']}&sid={$this->sid}");
+		$crawler = self::$client->click($crawler->selectLink($this->lang('MCP_SHORT'))->link());
+		$this->assertLessThanOrEqual(count($post), $crawler->filter('input[type=checkbox]')->count());
+
+		// Test actions
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
+
+		// Set posts to select for actions
+		$post_id_list = [];
+		switch ($action)
+		{
+			case 'lock_post':
+			case 'unlock_post':
+				$post_id_list = [$post[1]['post_id'], $post[2]['post_id']];
+			break;
+
+			case 'split_all':
+				$post_id_list = [$post[13]['post_id'], $post[14]['post_id'], $post[15]['post_id']]; // Split last 3 replies
+				$subject = '[Split] Topic 1';
+			break;
+
+			case 'split_beyond':
+				$post_id_list = [$post[10]['post_id']]; // Split from 10th reply
+				$subject = '[Split] Topic 2';
+			break;
+
+			case 'merge_posts':
+				$post_id_list = [$post[7]['post_id'], $post[8]['post_id'], $post[9]['post_id']]; // Split replies 7, 8, 9
+			break;
+
+			case 'delete_post':
+				$post_id_list = [$post[4]['post_id'], $post[5]['post_id'], $post[6]['post_id']]; // Delete posts 4, 5, 6
+			break;
+
+			default:
+			break;
+		}
+
+		$form->disableValidation()->setValues([
+			'action' => $action,
+			'post_id_list' => $post_id_list, // tick post ids
+		]);
+		$crawler = self::submit($form);
+
+		if ($require_confirmation)
+		{
+			if ($action == 'merge_posts')
+			{
+				// Merge posts into '[Split] Topic 1'
+				// Get topics list to select from
+				$crawler = self::$client->click($crawler->selectLink($this->lang('SELECT_TOPIC'))->link());
+
+				// Get '[Split] Topic 1' topic_id
+				$to_topic_link = $crawler->selectLink('[Split] Topic 1')->attr('href');
+				$to_topic_id = (int) $this->get_parameter_from_link($to_topic_link, 't');
+				
+				// Select '[Split] Topic 1'
+				$select_for_merge_link = $crawler->selectLink($this->lang('SELECT_MERGE'))->reduce(
+					function ($node, $i) use ($to_topic_id)
+					{
+						return (bool) strpos($node->attr('href'), "to_topic_id=$to_topic_id");
+					}
+				)->link();
+
+				$crawler = self::$client->click($select_for_merge_link);
+
+				$this->assertEquals($to_topic_id, (int) $crawler->filter('#to_topic_id')->attr('value'));
+
+				// Reselect post ids to move
+				$form = $crawler->selectButton($this->lang('SUBMIT'))->form()->disableValidation()->setValues(['post_id_list' => $post_id_list]);
+				$crawler = self::submit($form);
+			}
+
+			if (in_array($action, ['split_all', 'split_beyond']))
+			{
+				$form = $crawler->selectButton($this->lang('SUBMIT'))->form()->disableValidation()->setValues([
+					'subject' => $subject,
+					'post_id_list' => $post_id_list, // tick post ids
+					'to_forum_id' => 2,
+				]);
+				$crawler = self::submit($form);	
+			}
+
+			$form = $crawler->selectButton($this->lang('YES'))->form();
+			$crawler = self::submit($form);
+		}
+
+		$this->assertStringContainsString($this->lang($message), $crawler->filter('#message p')->text());
+	}
+}

tests/functional/mcp/mcp_quickmod_tools_test.php

@@ -14,7 +14,7 @@
 /**
 * @group functional
 */
-class phpbb_functional_mcp_test extends phpbb_functional_test_case
+class phpbb_functional_mcp_quickmod_tools_test extends phpbb_functional_test_case
 {
 	public function test_post_new_topic()
 	{
@@ -30,8 +30,8 @@ class phpbb_functional_mcp_test extends phpbb_functional_test_case
 	}
 
 	/**
-	* @depends test_post_new_topic
-	*/
+	 * @depends test_post_new_topic
+	 */
 	public function test_handle_quickmod($crawler)
 	{
 		// Test moving a post
@@ -39,10 +39,12 @@ class phpbb_functional_mcp_test extends phpbb_functional_test_case
 	}
 
 	/**
-	* @depends test_handle_quickmod
-	*/
+	 * @depends test_handle_quickmod
+	 */
 	public function test_move_post_to_topic($crawler)
 	{
+		$this->add_lang('common');
+
 		// Select the post in MCP
 		$form = $crawler->selectButton($this->lang('SUBMIT'))->form(array(
 			'to_topic_id'	=> 1,
@@ -55,8 +57,8 @@ class phpbb_functional_mcp_test extends phpbb_functional_test_case
 	}
 
 	/**
-	* @depends test_move_post_to_topic
-	*/
+	 * @depends test_move_post_to_topic
+	 */
 	public function test_confirm_result($crawler)
 	{
 		$this->add_lang('mcp');
@@ -64,20 +66,4 @@ class phpbb_functional_mcp_test extends phpbb_functional_test_case
 		$crawler = self::submit($form);
 		$this->assertStringContainsString($this->lang('POSTS_MERGED_SUCCESS'), $crawler->text());
 	}
-
-	public function test_delete_logs()
-	{
-		$this->login();
-		$crawler = self::request('GET', "mcp.php?i=mcp_logs&mode=front&sid={$this->sid}");
-		$this->assertGreaterThanOrEqual(1, $crawler->filter('input[type=checkbox]')->count());
-
-		$this->add_lang('mcp');
-		$form = $crawler->selectButton($this->lang('DELETE_ALL'))->form();
-		$crawler = self::submit($form);
-
-		$form = $crawler->selectButton('Yes')->form();
-		$crawler = self::submit($form);
-
-		$this->assertCount(0, $crawler->filter('input[type=checkbox]'));
-	}
 }

tests/functional/mcp/mcp_test.php

@@ -0,0 +1,55 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @group functional
+*/
+class phpbb_functional_mcp_test extends phpbb_functional_test_case
+{
+	public function test_all_mcp_module_links()
+	{
+		$this->login();
+		$this->add_lang(['common', 'mcp']);
+
+		// Browse MCP main page
+		$crawler = self::request('GET', 'index.php');
+		$crawler = self::$client->click($crawler->selectLink($this->lang('MCP_SHORT'))->link());
+
+		// Get all MCP module URLs array
+		$mcp_modules = $crawler->filter('.tabs a')->each(
+			function ($node, $i)
+			{
+				return $node->link();
+			}
+		);
+
+		// Browse all MCP modules and get their mode URLs array
+		$mcp_submodules = [];
+		foreach ($mcp_modules as $module)
+		{
+			$crawler = self::$client->click($module);
+			$mcp_submodules = array_merge($mcp_submodules, $crawler->filter('.cp-menu a')->each(
+				function ($node, $i)
+				{
+					return $node->link();
+				}
+			));
+		}
+
+		// Browse all MCP submodules' modes
+		foreach ($mcp_submodules as $mcp_submodule)
+		{
+			self::$client->click($mcp_submodule);
+		}
+	}
+}

tests/functional/posting_test.php

@@ -300,4 +300,26 @@ class phpbb_functional_posting_test extends phpbb_functional_test_case
 			$crawler->filter('#preview .content')->html()
 		);
 	}
+
+	public function nonexistent_post_id_data()
+	{
+		$nonexistent_post_id = 999999; // Random value
+		return [
+			['edit', $nonexistent_post_id],
+			['delete', $nonexistent_post_id],
+			['quote', $nonexistent_post_id],
+			['soft_delete', $nonexistent_post_id],
+		];
+	}
+
+	/**
+	 * @dataProvider nonexistent_post_id_data
+	 */
+	public function test_nonexistent_post_id($mode, $nonexistent_post_id)
+	{
+		$this->add_lang('posting');
+		$this->login();
+		$crawler = self::request('GET', "posting.php?mode={$mode}&p={$nonexistent_post_id}&sid={$this->sid}");
+		$this->assertContainsLang('NO_POST', $crawler->text());
+	}
 }

tests/functional/search/base.php

@@ -16,32 +16,80 @@
 */
 abstract class phpbb_functional_search_base extends phpbb_functional_test_case
 {
-	protected function assert_search_found($keywords, $posts_found, $words_highlighted)
+	protected function assert_search_found($keywords, $posts_found, $words_highlighted, $sort_key = '')
 	{
-		$crawler = self::request('GET', 'search.php?keywords=' . $keywords);
-		$this->assertEquals($posts_found, $crawler->filter('.postbody')->count());
-		$this->assertEquals($words_highlighted, $crawler->filter('.posthilit')->count());
+		$this->purge_cache();
+		$crawler = self::request('GET', 'search.php?keywords=' . $keywords . ($sort_key ? "&sk=$sort_key" : ''));
+		$this->assertEquals($posts_found, $crawler->filter('.postbody')->count(), $this->search_backend);
+		$this->assertEquals($words_highlighted, $crawler->filter('.posthilit')->count(), $this->search_backend);
+		$this->assertStringContainsString("Search found $posts_found match", $crawler->filter('.searchresults-title')->text(), $this->search_backend);
+	}
+
+	protected function assert_search_found_topics($keywords, $topics_found, $sort_key = '')
+	{
+		$this->purge_cache();
+		$crawler = self::request('GET', 'search.php?sr=topics&keywords=' . $keywords . ($sort_key ? "&sk=$sort_key" : ''));
+		$this->assertEquals($topics_found, $crawler->filter('.row')->count(), $this->search_backend);
+		$this->assertStringContainsString("Search found $topics_found match", $crawler->filter('.searchresults-title')->text(), $this->search_backend);
+	}
+
+	protected function assert_search_posts_by_author($author, $posts_found, $sort_key = '')
+	{
+		$this->purge_cache();
+		$crawler = self::request('GET', 'search.php?author=' . $author . ($sort_key ? "&sk=$sort_key" : ''));
+		$this->assertEquals($posts_found, $crawler->filter('.postbody')->count(), $this->search_backend);
+		$this->assertStringContainsString("Search found $posts_found match", $crawler->filter('.searchresults-title')->text(), $this->search_backend);
+	}
+
+	protected function assert_search_topics_by_author($author, $topics_found, $sort_key = '')
+	{
+		$this->purge_cache();
+		$crawler = self::request('GET', 'search.php?sr=topics&author=' . $author . ($sort_key ? "&sk=$sort_key" : ''));
+		$this->assertEquals($topics_found, $crawler->filter('.row')->count(), $this->search_backend);
+		$this->assertStringContainsString("Search found $topics_found match", $crawler->filter('.searchresults-title')->text(), $this->search_backend);
 	}
 
 	protected function assert_search_not_found($keywords)
 	{
 		$crawler = self::request('GET', 'search.php?keywords=' . $keywords);
-		$this->assertEquals(0, $crawler->filter('.postbody')->count());
-		$split_keywords_string = str_replace(array('+', '-'), ' ', $keywords);
-		$this->assertEquals($split_keywords_string, $crawler->filter('#keywords')->attr('value'));
+		$this->assertEquals(0, $crawler->filter('.postbody')->count(), $this->search_backend);
+		$split_keywords_string = str_replace('+', ' ', $keywords);
+		$this->assertEquals($split_keywords_string, $crawler->filter('#keywords')->attr('value'), $this->search_backend);
+	}
+
+	protected function assert_search_for_author_not_found($author)
+	{
+		$this->add_lang('search');
+		$crawler = self::request('GET', 'search.php?author=' . $author);
+		$this->assertContainsLang('NO_SEARCH_RESULTS', $crawler->text(), $this->search_backend);
 	}
 
 	public function test_search_backend()
 	{
+		$this->add_lang('common');
+
+		// Create a new standard user if needed, topic and post to test searh for author
+		if (!$this->user_exists('searchforauthoruser'))
+		{
+			$searchforauthoruser_id = $this->create_user('searchforauthoruser');
+		}
+		$this->remove_user_group('NEWLY_REGISTERED', ['searchforauthoruser']);
+		$this->set_flood_interval(0);
+		$this->login('searchforauthoruser');
+		$topic_by_author = $this->create_topic(2, 'Test Topic from searchforauthoruser', 'This is a test topic posted by searchforauthoruser to test searching by author.');
+		$this->create_post(2, $topic_by_author['topic_id'], 'Re: Test Topic from searchforauthoruser', 'This is a test post posted by searchforauthoruser');
+		$this->logout();
+
 		$this->login();
 		$this->admin_login();
 
 		$this->create_search_index('\phpbb\search\fulltext_native');
 
 		$post = $this->create_topic(2, 'Test Topic 1 foosubject', 'This is a test topic posted by the barsearch testing framework.');
+		$this->set_flood_interval(15);
 
 		$crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=settings&sid=' . $this->sid);
-		$form = $crawler->selectButton('Submit')->form();
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
 		$values = $form->getValues();
 
 		if ($values["config[search_type]"] != $this->search_backend)
@@ -50,7 +98,7 @@ abstract class phpbb_functional_search_base extends phpbb_functional_test_case
 			$form->setValues($values);
 			$crawler = self::submit($form);
 
-			$form = $crawler->selectButton('Yes')->form();
+			$form = $crawler->selectButton($this->lang('YES'))->form();
 			$values = $form->getValues();
 			$crawler = self::submit($form);
 
@@ -58,6 +106,7 @@ abstract class phpbb_functional_search_base extends phpbb_functional_test_case
 			if ($crawler->filter('.errorbox')->count() > 0)
 			{
 				$this->delete_topic($post['topic_id']);
+				$this->delete_topic($topic_by_author['topic_id']);
 				$this->markTestSkipped("Search backend is not supported/running");
 			}
 
@@ -65,47 +114,73 @@ abstract class phpbb_functional_search_base extends phpbb_functional_test_case
 		}
 
 		$this->logout();
-		$this->assert_search_found('phpbb3+installation', 1, 3);
-		$this->assert_search_found('foosubject+barsearch', 1, 2);
+
+		foreach (['', 'a', 't', 'f', 'i', 's'] as $sort_key)
+		{
+			$this->assert_search_found('phpbb3+installation', 1, 3, $sort_key);
+			$this->assert_search_found('foosubject+barsearch', 1, 2, $sort_key);
+			$this->assert_search_found('barsearch-testing', 1, 2, $sort_key); // test hyphen ignored
+			$this->assert_search_found('barsearch+-+testing', 1, 2, $sort_key); // test hyphen wrapped with space ignored
+			$this->assert_search_found_topics('phpbb3+installation', 1, $sort_key);
+			$this->assert_search_found_topics('foosubject+barsearch', 1, $sort_key);
+
+			$this->assert_search_posts_by_author('searchforauthoruser', 2, $sort_key);
+			$this->assert_search_topics_by_author('searchforauthoruser', 1, $sort_key);
+		}
+
 		$this->assert_search_not_found('loremipsumdedo');
+		$this->assert_search_not_found('barsearch+-testing'); // test excluding keyword
+		$this->assert_search_for_author_not_found('authornotexists');
 
 		$this->login();
 		$this->admin_login();
 		$this->delete_search_index();
 		$this->delete_topic($post['topic_id']);
+		$this->delete_topic($topic_by_author['topic_id']);
 	}
 
 	protected function create_search_index($backend = null)
 	{
 		$this->add_lang('acp/search');
+		$search_type = $backend ?? $this->search_backend;
 		$crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid);
-		$form = $crawler->selectButton('Create index')->form();
+		$form = $crawler->selectButton($this->lang('CREATE_INDEX'))->form();
 		$form_values = $form->getValues();
 		$form_values = array_merge($form_values,
-			array(
-				'search_type'	=> ( ($backend === null) ? $this->search_backend : $backend ),
+			[
+				'search_type'	=> $search_type,
 				'action'		=> 'create',
-			)
+			]
 		);
 		$form->setValues($form_values);
 		$crawler = self::submit($form);
 		$this->assertContainsLang('SEARCH_INDEX_CREATED', $crawler->text());
+
+		// Ensure search index has been actually created
+		$crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid);
+		$posts_indexed = (int) $crawler->filter('#acp_search_index_' . $search_type . ' td')->eq(1)->text();
+		$this->assertTrue($posts_indexed > 0);
 	}
 
 	protected function delete_search_index()
 	{
 		$this->add_lang('acp/search');
 		$crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid);
-		$form = $crawler->selectButton('Delete index')->form();
+		$form = $crawler->selectButton($this->lang('DELETE_INDEX'))->form();
 		$form_values = $form->getValues();
 		$form_values = array_merge($form_values,
-			array(
+			[
 				'search_type'	=> $this->search_backend,
 				'action'		=> 'delete',
-			)
+			]
 		);
 		$form->setValues($form_values);
 		$crawler = self::submit($form);
 		$this->assertContainsLang('SEARCH_INDEX_REMOVED', $crawler->text());
+
+		// Ensure search index has been actually removed
+		$crawler = self::request('GET', 'adm/index.php?i=acp_search&mode=index&sid=' . $this->sid);
+		$posts_indexed = (int) $crawler->filter('#acp_search_index_' . $this->search_backend . ' td')->eq(1)->text();
+		$this->assertEquals(0, $posts_indexed);
 	}
 }

tests/functional/visibility_disapprove_test.php

@@ -255,19 +255,6 @@ class phpbb_functional_visibility_disapprove_test extends phpbb_functional_test_
 		$this->assertEquals($details, $data, "Forum {$forum_id} does not match expected {$additional_error_message}");
 	}
 
-	protected function set_flood_interval($flood_interval)
-	{
-		$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_board&mode=post');
-
-		$form = $crawler->selectButton('Submit')->form();
-		$values = $form->getValues();
-
-		$values["config[flood_interval]"] = $flood_interval;
-		$form->setValues($values);
-		$crawler = self::submit($form);
-		$this->assertGreaterThan(0, $crawler->filter('.successbox')->count());
-	}
-
 	protected function load_ids($data)
 	{
 		$this->db = $this->get_db();

tests/functional/visibility_reapprove_test.php

@@ -351,19 +351,6 @@ class phpbb_functional_visibility_reapprove_test extends phpbb_functional_test_c
 		$this->assertEquals($details, $data, "Forum {$forum_id} does not match expected {$additional_error_message}");
 	}
 
-	protected function set_flood_interval($flood_interval)
-	{
-		$crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_board&mode=post');
-
-		$form = $crawler->selectButton('Submit')->form();
-		$values = $form->getValues();
-
-		$values["config[flood_interval]"] = $flood_interval;
-		$form->setValues($values);
-		$crawler = self::submit($form);
-		$this->assertGreaterThan(0, $crawler->filter('.successbox')->count());
-	}
-
 	protected function load_ids($data)
 	{
 		$this->db = $this->get_db();

tests/functional/visibility_unapproved_posts_test.php

@@ -268,19 +268,6 @@ class phpbb_functional_visibility_unapproved_test extends phpbb_functional_test_
 		$this->assertEquals($details, $data, "Forum {$forum_id} does not match expected {$additional_error_message}");
 	}
 
-	protected function set_flood_interval($flood_interval)
-	{
-		$crawler = self::request('GET', "adm/index.php?sid={$this->sid}&i=acp_board&mode=post");
-
-		$form = $crawler->selectButton('Submit')->form();
-		$values = $form->getValues();
-
-		$values['config[flood_interval]'] = $flood_interval;
-		$form->setValues($values);
-		$crawler = self::submit($form);
-		$this->assertGreaterThan(0, $crawler->filter('.successbox')->count());
-	}
-
 	protected function load_ids($data)
 	{
 		$this->db = $this->get_db();

tests/mock/dummy_router.php

@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+class phpbb_mock_dummy_router extends phpbb_mock_router
+{
+	public function __construct()
+	{
+	}
+
+	public function get_matcher()
+	{
+		$this->create_new_url_matcher();
+		return parent::get_matcher();
+	}
+
+	public function get_generator()
+	{
+		$this->create_new_url_generator();
+		return parent::get_generator();
+	}
+}

tests/mock/extension_manager.php

@@ -11,6 +11,7 @@
 *
 */
 
+
 class phpbb_mock_extension_manager extends \phpbb\extension\manager
 {
 	public function __construct($phpbb_root_path, $extensions = array(), $container = null)

tests/template/template_includecss_test.php

@@ -125,4 +125,18 @@ class phpbb_template_template_includecss_test extends phpbb_template_template_te
 		// Run test
 		$this->run_template('includecss.html', array(), array(), array(), $expected);
 	}
+
+	/**
+	 * @dataProvider template_data
+	 */
+	public function test_include_css_compilation($vars, $expected)
+	{
+		// Reset the engine state
+		$this->setup_engine(array('assets_version' => 1));
+
+		$this->template->assign_vars($vars);
+
+		// Run test
+		$this->run_template('includecss_twig.html', array(), array(), array(), $expected);
+	}
 }

tests/template/template_includejs_test.php

@@ -106,4 +106,18 @@ class phpbb_template_template_includejs_test extends phpbb_template_template_tes
 		// Run test
 		$this->run_template('includejs.html', array_merge(array('PARENT' => 'parent_only.js', 'SUBDIR' => 'subdir', 'EXT' => 'js'), $vars), array(), array(), $expected);
 	}
+
+	/**
+	 * @dataProvider template_data
+	 */
+	public function test_include_js_compilation($vars, $expected)
+	{
+		// Reset the engine state
+		$this->setup_engine(array('assets_version' => 1));
+
+		$this->template->assign_vars($vars);
+
+		// Run test
+		$this->run_template('includejs_twig.html', array_merge(array('PARENT' => 'parent_only.js', 'SUBDIR' => 'subdir', 'EXT' => 'js'), $vars), array(), array(), $expected);
+	}
 }

tests/template/templates/includecss_twig.html

@@ -0,0 +1,10 @@
+{% if TEST === 1 %}
+	{% INCLUDECSS('child_only.css') %}
+{% elseif TEST === 2 %}
+	{% INCLUDECSS('parent_only.css') %}
+{% elseif TEST === 3 %}
+	{% INCLUDECSS('@include_css/test.css') %}
+{% elseif TEST === 4 %}
+	{% INCLUDECSS('@include_css/child_only.css') %}
+{% endif %}
+{$STYLESHEETS}

tests/template/templates/includejs_twig.html

@@ -0,0 +1,36 @@
+{% if TEST === 1 %}
+	{% INCLUDEJS('parent_and_child.js') %}
+{% elseif TEST === 2 %}
+	{% INCLUDEJS('parent_and_child.js?assets_version=0') %}
+{% elseif TEST === 3 %}
+	{% INCLUDEJS('parent_and_child.js?test=1&assets_version=0') %}
+{% elseif TEST === 4 %}
+	{% INCLUDEJS('parent_and_child.js?test=1&assets_version=0') %}
+{% elseif TEST === 6 %}
+	{% INCLUDEJS(PARENT) %}
+{% elseif TEST === 7 %}
+	{% set test_var = 'child_only.js' %}
+	{% INCLUDEJS(test_var) %}
+{% elseif TEST === 8 %}
+	{% INCLUDEJS('subdir/' ~ PARENT) %}
+{% elseif TEST === 9 %}
+	{% INCLUDEJS(SUBDIR ~ '/subsubdir/' ~ PARENT) %}
+{% elseif TEST === 10 %}
+	{% INCLUDEJS(SUBDIR ~ '/parent_only.' ~ EXT) %}
+{% elseif TEST === 11 %}
+	{% set test_var = 'child_only.js?test1=1&test2=2#test3' %}
+	{% INCLUDEJS(test_var) %}
+{% elseif TEST === 12 %}
+	{% INCLUDEJS('parent_only.js?test1=1&test2=2#test3') %}
+{% elseif TEST === 14 %}
+	{% INCLUDEJS('parent_only.js?test1="#test3') %}
+{% elseif TEST === 15 %}
+	{% INCLUDEJS('http://phpbb.com/b.js?c=d#f') %}
+{% elseif TEST === 16 %}
+	{% INCLUDEJS('http://phpbb.com/b.js?c=d&assets_version=2#f') %}
+{% elseif TEST === 17 %}
+	{% INCLUDEJS('//phpbb.com/b.js') %}
+{% elseif TEST === 18 %}
+	{% INCLUDEJS('parent_and_child.js?test=1&test2=0') %}
+{% endif %}
+{$SCRIPTS}

tests/test_framework/phpbb_functional_test_case.php

@@ -1180,9 +1180,12 @@ class phpbb_functional_test_case extends phpbb_test_case
 			return null;
 		}
 
-		$url = $crawler->selectLink($form_data['subject'])->link()->getUri();
+		$post_link = $crawler->filter('.postbody a[title="Post"]')->last()->attr('href');
+		$topic_link = $crawler->filter('h2[class="topic-title"] > a')->attr('href');
+
+		$post_id = $this->get_parameter_from_link($post_link, 'p');
+		$topic_id = $this->get_parameter_from_link($topic_link, 't');
 
-		$topic_id = $this->get_parameter_from_link($url, 't');
 		if (!$topic_id)
 		{
 			$topic_id = $form_data['topic_id'];
@@ -1190,7 +1193,7 @@ class phpbb_functional_test_case extends phpbb_test_case
 
 		return array(
 			'topic_id'	=> $topic_id,
-			'post_id'	=> $this->get_parameter_from_link($url, 'p'),
+			'post_id'	=> $post_id,
 		);
 	}
 
@@ -1433,4 +1436,87 @@ class phpbb_functional_test_case extends phpbb_test_case
 
 		return $file_form_data;
 	}
+
+	/**
+	 * Get username of currently logged in user
+	 *
+	 * @return string|bool username if logged in, false otherwise
+	 */
+	protected function get_logged_in_user()
+	{
+		$username_logged_in = false;
+		$crawler = self::request('GET', 'index.php');
+		$is_logged_in = strpos($crawler->filter('div[class="navbar"]')->text(), 'Login') === false;
+		if ($is_logged_in)
+		{
+			$username_logged_in = $crawler->filter('li[id="username_logged_in"] > div > a > span')->text();
+		}
+		return $username_logged_in;
+	}
+
+	/**
+	 * Posting flood control
+	 */
+	protected function set_flood_interval($flood_interval)
+	{
+		$relogin_back = false;
+		$logged_in_username = $this->get_logged_in_user();
+		if ($logged_in_username && $logged_in_username !== 'admin')
+		{
+			$this->logout();
+			$relogin_back = true;
+		}
+
+		if (!$logged_in_username || $relogin_back)
+		{
+			$this->login();
+			$this->admin_login();
+		}
+
+		$this->add_lang('acp/common');
+		$crawler = self::request('GET', 'adm/index.php?i=acp_board&mode=post&sid=' . $this->sid);
+		$form = $crawler->selectButton('submit')->form([
+			'config[flood_interval]'	=> $flood_interval,
+		]);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('CONFIG_UPDATED', $crawler->text());
+
+		// Get logged out back or get logged in in user back if needed
+		if (!$logged_in_username)
+		{
+			$this->logout();
+		}
+
+		if ($relogin_back)
+		{
+			$this->logout();
+			$this->login($logged_in_username);
+		}
+	}
+
+	/**
+	* Check if a user exists by username or user_id
+	*
+	* @param string $username The username to check or empty if user_id is used
+	* @param int $user_id The user id to check or empty if username is used
+	*
+	* @return bool Returns true if a user exists, false otherwise
+	*/
+	protected function user_exists($username, $user_id = null)
+	{
+		global $db;
+
+		$db = $this->get_db();
+
+		if (!function_exists('utf_clean_string'))
+		{
+			require_once(__DIR__ . '/../../phpBB/includes/utf/utf_tools.php');
+		}
+		if (!function_exists('user_get_id_name'))
+		{
+			require_once(__DIR__ . '/../../phpBB/includes/functions_user.php');
+		}
+
+		return user_get_id_name($user_id, $username) ? false : true;
+	}
 }