[develop-olympus] Add changelog for 3.0.13 release.

[ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO).

.gitignore

@@ -4,9 +4,7 @@
 /phpBB/cache/*.php
 /phpBB/cache/*.lock
 /phpBB/composer.phar
-/phpBB/config.php
-/phpBB/config_dev.php
-/phpBB/config_test.php
+/phpBB/config*.php
 /phpBB/ext/*
 /phpBB/files/*
 /phpBB/images/avatars/gallery/*
@@ -14,5 +12,5 @@
 /phpBB/store/*
 /phpBB/vendor
 /tests/phpbb_unit_tests.sqlite2
-/tests/test_config.php
+/tests/test_config*.php
 /tests/tmp/*

.travis.yml

@@ -17,15 +17,17 @@ before_script:
   - sh -c "if [ '$DB' = 'mariadb' ]; then travis/setup-mariadb.sh; fi"
   - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3' -a '$DB' = 'mysql' ]; then mysql -e 'SET GLOBAL storage_engine=MyISAM;'; fi"
   - sh -c "if [ '$DB' = 'mysql' -o '$DB' = 'mariadb' ]; then mysql -e 'create database IF NOT EXISTS phpbb_tests;'; fi"
-  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then pear install --force phpunit/DbUnit; phpenv rehash; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then travis/install-phpunit-5-2.sh; fi"
   - cd phpBB
   - sh -c "if [ '$TRAVIS_PHP_VERSION' != '5.2' ]; then php ../composer.phar install --dev --no-interaction --prefer-source; fi"
   - cd ..
   - sh -c "if [ `php -r "echo (int) version_compare(PHP_VERSION, '5.3.19', '>=');"` = "1" ]; then travis/setup-webserver.sh; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' ]; then sudo apt-get update; sudo apt-get install -y parallel libimage-exiftool-perl; fi"
 
 script:
-  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then phpunit --configuration travis/phpunit-$DB-travis.xml; else phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml; fi"
-  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.5' -a '$DB' = 'mysql' -a '$TRAVIS_PULL_REQUEST' != 'false' ]; then git-tools/commit-msg-hook-range.sh origin/$TRAVIS_BRANCH..FETCH_HEAD; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then php -d include_path='.:phpunit' phpunit/phpunit.php --configuration travis/phpunit-$DB-5-2-travis.xml; else phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' -a '$TRAVIS_PULL_REQUEST' != 'false' ]; then git-tools/commit-msg-hook-range.sh origin/$TRAVIS_BRANCH..FETCH_HEAD; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' ]; then find . -type f -not -path './phpBB/vendor/*' -iregex '.*\.\(gif\|jpg\|jpeg\|png\)$' | parallel --gnu --keep-order 'phpBB/develop/strip_icc_profiles.sh {}' || exit 1; fi"
 
 matrix:
   include:
@@ -35,3 +37,4 @@ matrix:
       env: DB=postgres
   allow_failures:
     - php: hhvm
+  fast_finish: true

build/build.xml

@@ -2,7 +2,7 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.0.13-dev" />
+	<property name="newversion" value="3.0.13-RC1" />
 	<property name="prevversion" value="3.0.12" />
 	<property name="olderversions" value="3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.7-PL1, 3.0.8, 3.0.9, 3.0.10, 3.0.11" />
 	<!-- no configuration should be needed beyond this point -->
@@ -67,22 +67,22 @@
 		<exec dir="."
 			command="phpBB/vendor/bin/phpunit
 			--log-junit build/logs/phpunit.xml
-			--configuration phpunit.xml.all
 			--group slow
 			--coverage-clover build/logs/clover-slow.xml
 			--coverage-html build/coverage-slow"
 			passthru="true" />
 	</target>
 
+	<!-- Builds docs for current branch into build/api/output/master -->
 	<target name="docs">
-		<!-- only works if you setup phpdoctor:
-                     git clone https://github.com/peej/phpdoctor.git
-                     and then create an executable phpdoctor in your path containing
-                     #!/bin/sh
-                     php -f /path/to/phpdoctor/phpdoc.php $@
-                -->
-		<exec dir="build"
-			command="phpdoctor phpdoc-phpbb.ini"
+		<exec dir="."
+			command="phpBB/vendor/bin/sami.php update build/sami-checkout.conf.php"
+			passthru="true" />
+	</target>
+	<!-- Builds docs for multiple branches/tags into build/api/output/$branch -->
+	<target name="docs-all">
+		<exec dir="."
+			command="phpBB/vendor/bin/sami.php update build/sami-all.conf.php"
 			passthru="true" />
 	</target>
 

build/phpdoc-phpbb.ini

@@ -1,145 +0,0 @@
-; Default configuration file for PHPDoctor
-
-; This config file will cause PHPDoctor to generate API documentation of
-; itself.
-
-
-; PHPDoctor settings
-; -----------------------------------------------------------------------------
-
-; Names of files to parse. This can be a single filename, or a comma separated
-; list of filenames. Wildcards are allowed.
-
-files = "*.php"
-
-; Names of files or directories to ignore. This can be a single filename, or a
-; comma separated list of filenames. Wildcards are NOT allowed.
-
-;ignore = "CVS, .svn, .git, _compiled"
-ignore = templates_c/,*HTML/default/*,spec/,*config.php*,*CVS/,test_chora.php,testupdate/,cache/,store/,*proSilver/,develop/,includes/utf/data/,includes/captcha/fonts/,install/update/,install/update.new/,files/,*phpinfo.php*,*update_script.php*,*upgrade.php*,*convert.php*,install/converter/,language/de/,script/,*swatch.php*,*test.php*,*test2.php*,*install.php*,*functions_diff.php*,*acp_update.php*,acm_xcache.php
-
-; The directory to look for files in, if not used the PHPDoctor will look in
-; the current directory (the directory it is run from).
-
-source_path = "../phpBB/"
-
-; If you do not want PHPDoctor to look in each sub directory for files
-; uncomment this line.
-
-;subdirs = off
-
-; Set how loud PHPDoctor is as it runs. Quiet mode suppresses all output other
-; than warnings and errors. Verbose mode outputs additional messages during
-; execution.
-
-quiet = on
-;verbose = on
-
-; Select the doclet to use for generating output.
-
-doclet = standard
-;doclet = debug
-
-; The directory to find the doclet in. Doclets control the HTML output of
-; phpDoctor and can be modified to suit your needs. They are expected to be 
-; in a directory named after themselves at the location given.
-
-;doclet_path = ./doclets
-
-; Select the formatter to use for generating output.
-
-;formatter = htmlStandardFormatter
-
-; The directory to find the formatter in. Formatters convert textual markup
-; for use by the doclet.
-
-;formatter_path = ./formatters
-
-; The directory to find taglets in. Taglets allow you to make PHPDoctor handle
-; new tags and to alter the behavour of existing tags and their output.
-
-;taglet_path = ./taglets
-
-; If the code you are parsing does not use package tags or not all elements
-; have package tags, use this setting to place unbound elements into a
-; particular package.
-
-default_package = "phpBB"
-
-use_class_path_as_package = off
-
-ignore_package_tags = off
-
-; Specifies the name of a HTML file containing text for the overview
-; documentation to be placed on the overview page. The path is relative to
-; "source_path" unless an absolute path is given.
-
-overview = ../README.md
-
-; Package comments will be looked for in a file named package.html in the same
-; directory as the first source file parsed in that package or in the directory
-; given below. If package comments are placed in the directory given below then
-; they should be named "<packageName>.html".
-
-package_comment_dir = ./
-
-; Parse out global variables and/or global constants?
-
-;globals = off
-;constants = off
-
-; Generate documentation for all class members
-
-;private = on
-
-; Generate documentation for public and protected class members
-
-;protected = on
-
-; Generate documentation for only public class members
-
-;public = on
-
-; Use the PEAR compatible handling of the docblock first sentence
-
-;pear_compat = on
-
-; Standard doclet settings
-; -----------------------------------------------------------------------------
-
-; The directory to place generated documentation in. If the given path is
-; relative to it will be relative to "source_path".
-
-d = "../build/api/"
-
-; Specifies the title to be placed in the HTML <title> tag.
-
-windowtitle = "phpBB3"
-
-; Specifies the title to be placed near the top of the overview summary file.
-
-doctitle = "phpBB3 Sourcecode Documentation"
-
-; Specifies the header text to be placed at the top of each output file. The
-; header will be placed to the right of the upper navigation bar. 
-
-header = "phpBB3"
-
-; Specifies the footer text to be placed at the bottom of each output file. The
-; footer will be placed to the right of the lower navigation bar.
-
-footer = "phpBB3"
-
-; Specifies the text to be placed at the bottom of each output file. The text
-; will be placed at the bottom of the page, below the lower navigation bar.
-
-;bottom = "This document was generated by <a href="http://peej.github.com/phpdoctor/">PHPDoctor: The PHP Documentation Creator</a>"
-
-; Create a class tree?
-
-;tree = off
-
-; Use GeSHi to include formatted source files in the documentation. PHPDoctor will look in the current doclet directory for a /geshi subdirectory. Unpack the GeSHi archive from http://qbnz.com/highlighter to get this directory - it will contain a php script and a subdirectory with formatting files.
-
-include_source = off
-

build/sami-all.conf.php

@@ -0,0 +1,30 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+require __DIR__ . '/sami-checkout.conf.php';
+
+$config['versions'] = Sami\Version\GitVersionCollection::create(__DIR__ . '/../')
+	/*
+	This would be nice, but currently causes various problems that need
+	debugging.
+	->addFromTags('release-3.0.*')
+	->add('develop-olympus', '3.0-next (olympus)')
+	->addFromTags('release-3.1.*')
+	->add('develop-ascraeus', '3.1-next (ascraeus)')
+	->add('develop')
+	*/
+	->add('develop-olympus')
+	->add('develop-ascraeus')
+;
+
+return new Sami\Sami($iterator, $config);

build/sami-checkout.conf.php

@@ -0,0 +1,44 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+// Prevent 'Class "acm" does not exist.' exception on removeClass().
+class PhpbbArrayStore extends Sami\Store\ArrayStore
+{
+	public function removeClass(Sami\Project $project, $name)
+	{
+		unset($this->classes[$name]);
+	}
+}
+
+$iterator = Symfony\Component\Finder\Finder::create()
+	->files()
+	->name('*.php')
+	->in(__DIR__ . '/../phpBB/')
+	->notPath('#^cache/#')
+	->notPath('#^develop/#')
+	->notPath('#^ext/#')
+	->notPath('#^vendor/#')
+	->notPath('data')
+;
+
+$config = array(
+	'theme'                => 'enhanced',
+	'title'                => 'phpBB API Documentation',
+	'build_dir'            => __DIR__.'/api/output/%version%',
+	'cache_dir'            => __DIR__.'/api/cache/%version%',
+	'default_opened_level' => 2,
+	// Do not use JsonStore. See https://github.com/fabpot/Sami/issues/79
+	'store'                => new PhpbbArrayStore,
+);
+
+return new Sami\Sami($iterator, $config);

git-tools/hooks/commit-msg

@@ -191,12 +191,12 @@ do
 				err=$ERR_HEADER;
 				echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] .+$"
 				result=$?
-				if ! echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [A-Z].+$"
+				if ! echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [a-zA-Z].+$"
 				then
 					# Don't be too strict.
 					# Commits may be temporary, intended to be squashed later.
 					# Just issue a warning here.
-					complain "$severity: heading should be a sentence beginning with a capital letter." 1>&2
+					complain "$severity: heading should be a sentence beginning with a letter." 1>&2
 					complain "You entered:" 1>&2
 					complain "$line" 1>&2
 				fi

phpBB/.htaccess

@@ -8,12 +8,50 @@
 #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
 #</IfModule>
 
-<Files "config.php">
-Order Allow,Deny
-Deny from All
-</Files>
-
-<Files "common.php">
-Order Allow,Deny
-Deny from All
-</Files>
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+	<IfVersion < 2.4>
+		<Files "config.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+		<Files "common.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+	</IfVersion>
+	<IfVersion >= 2.4>
+		<Files "config.php">
+			Require all denied
+		</Files>
+		<Files "common.php">
+			Require all denied
+		</Files>
+	</IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+	<IfModule !mod_authz_core.c>
+		<Files "config.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+		<Files "common.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+	</IfModule>
+	<IfModule mod_authz_core.c>
+		<Files "config.php">
+			Require all denied
+		</Files>
+		<Files "common.php">
+			Require all denied
+		</Files>
+	</IfModule>
+</IfModule>

phpBB/composer.json

@@ -1,8 +1,9 @@
 {
 	"require-dev": {
 		"fabpot/goutte": "1.0.*",
-		"phpunit/dbunit": "1.2.*",
-		"phpunit/phpunit": "3.7.*",
-		"phing/phing": "2.4.*"
+		"phpunit/dbunit": "1.3.*",
+		"phpunit/phpunit": "4.1.*",
+		"phing/phing": "2.4.*",
+		"sami/sami": "1.*"
 	}
 }

phpBB/develop/strip_icc_profiles.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# @copyright (c) 2014 phpBB Group
+# @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+#
+
+if [ "$#" -ne 1 ]
+then
+	SCRIPT=$(basename "$0")
+	echo "Description: Finds and strips ICC Profiles from given image file." >&2
+	echo "Usage: $SCRIPT /path/to/image/file" >&2
+	echo "Exit Status: 0 if no ICC profiles have been stripped, otherwise 1." >&2
+	echo "Requires: exiftool" >&2
+	exit 1
+fi
+
+FILE=$1
+HASH_OLD=$(md5sum "$FILE")
+exiftool -icc_profile"-<=" -overwrite_original_in_place "$FILE" > /dev/null 2>&1
+HASH_NEW=$(md5sum "$FILE")
+
+if [ "$HASH_OLD" != "$HASH_NEW" ]
+then
+	echo "Stripped ICC Profile from $FILE."
+	exit 1
+fi

phpBB/docs/AUTHORS

@@ -24,9 +24,9 @@ phpBB Lead Developer:  naderman (Nils Adermann)
 
 phpBB Developers:      bantu (Andreas Fischer)
                        dhruv.goel92 (Dhruv Goel)
-                       EXreaction (Nathan Guse)
-                       imkingdavid (David King)
+                       marc1706 (Marc Alexander)
                        nickvergessen (Joas Schilling)
+                       nicofuma (Tristan Darricau)
                        prototech (Cesar Gallegos)
 
 Contributions by:      leviatan21 (Gabriel Vazquez)
@@ -51,9 +51,11 @@ phpBB Developers:      A_Jelly_Doughnut (Josh Woody) [01/2010 - 11/2010]
                        ckwalsh (Cullen Walsh)        [01/2010 - 07/2011]
                        DavidMJ (David M.)            [12/2005 - 08/2009]
                        dhn (Dominik Dröscher)        [05/2007 - 01/2011]
+                       EXreaction (Nathan Guse)      [07/2012 - 05/2014]
                        GrahamJE (Graham Eames)       [09/2005 - 11/2006]
-                       kellanved (Henry Sudhof)      [04/2007 - 03/2011]
                        igorw (Igor Wiedler)          [08/2010 - 02/2013]
+                       imkingdavid (David King)      [11/2012 - 06/2014]
+                       kellanved (Henry Sudhof)      [04/2007 - 03/2011]
                        Oleg (Oleg Pudeyev)           [01/2011 - 05/2013]
                        rxu (Ruslan Uzdenov)          [04/2010 - 12/2012]
                        TerraFrost (Jim Wigginton)    [04/2009 - 01/2011]

phpBB/docs/CHANGELOG.html

@@ -53,6 +53,7 @@
 <ol>
 	<li><a href="#changelog">Changelog</a>
 	<ol style="list-style-type: lower-roman;">
+		<li><a href="#v3012">Changes since 3.0.12</a></li>
 		<li><a href="#v3011">Changes since 3.0.11</a></li>
 		<li><a href="#v3010">Changes since 3.0.10</a></li>
 		<li><a href="#v309">Changes since 3.0.9</a></li>
@@ -93,7 +94,140 @@
 
 		<div class="content">
 
-	<a name="v3011"></a><h3>1.i. Changes since 3.0.11</h3>
+	<a name="v3012"></a><h3>1.i. Changes since 3.0.12</h3>
+
+<h4>Bug</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-6703">PHPBB3-6703</a>] - Problem with russian letter while converting from 2.0.x</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8960">PHPBB3-8960</a>] - Allow changing allow_avatar_remote when images/avatars/upload is not writable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9420">PHPBB3-9420</a>] - BBCode - Unable to use a proper URI token</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9724">PHPBB3-9724</a>] - Wrong return &quot;Return to ACP&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9725">PHPBB3-9725</a>] - MSSQL Schema is not azure compatible</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10023">PHPBB3-10023</a>] - Password change requirement notification in UCP is not noticable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10423">PHPBB3-10423</a>] - Searching for the term &quot;test *&quot; will highlight nearly every word and displays htmlspecialchars as htmlentities.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10442">PHPBB3-10442</a>] - XHTML is invalid when a forum link without redirect counter is present</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10687">PHPBB3-10687</a>] - UNABLE_GET_IMAGE_SIZE text misleading for remote avatars</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10729">PHPBB3-10729</a>] - Post editor information is not updated when user being deleted with posts</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10776">PHPBB3-10776</a>] - Grammar errors in docs/README.html</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10796">PHPBB3-10796</a>] - SQL Azure does not allow SELECT FROM sysfiles</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10851">PHPBB3-10851</a>] - HTML files containing certain tags being rejected as possible attack vectors with &quot;Check attachment file&quot; set to &quot;No&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10863">PHPBB3-10863</a>] - Permission mask does not accurately show some forum permissions if user has MOD parmissions</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10917">PHPBB3-10917</a>] - Updater notice &quot;Update files are out of date...&quot; when updating to unreleased version</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10985">PHPBB3-10985</a>] - Error bbcode.html not found when updating with custom style inheriting from prosilver</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11062">PHPBB3-11062</a>] - In Automatic Update, new language strings from install.php are only loaded from English</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11224">PHPBB3-11224</a>] - SQL cache destroy does not destroy queries to tables joined</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11288">PHPBB3-11288</a>] - &quot;Fulltext native&quot; search fooled by hyphens</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11480">PHPBB3-11480</a>] - Prevent Private Message system from returning &quot;Unknown folder&quot; when inbox folder is full</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11613">PHPBB3-11613</a>] - Cookies do not work for netbios domain</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11686">PHPBB3-11686</a>] - Not checking for phpBB Debug errors on functional tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11699">PHPBB3-11699</a>] - PHP Lint Test should exclude selected subdirectories of the build directory.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11726">PHPBB3-11726</a>] - Don't run lint tests on Travis on postgres</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11762">PHPBB3-11762</a>] - generate_text_for_display() treats &quot;0&quot; as an empty string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11789">PHPBB3-11789</a>] - Inline css with color value in subsilver2</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11794">PHPBB3-11794</a>] - Coding Guidelines document says to place a comma after every array element, but fails to do so itself</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11799">PHPBB3-11799</a>] - Anti Abuse Headers missing for sendpassword</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11811">PHPBB3-11811</a>] - Chrome 30 adds outline to focused elements</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11821">PHPBB3-11821</a>] - Wrong comma usage &quot;You are receiving this notification&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11823">PHPBB3-11823</a>] - Travis-CI webserver not matching PHP files with anything after the .php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11829">PHPBB3-11829</a>] - Closed reports may seem open in detailed view</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11860">PHPBB3-11860</a>] - .htaccess not working for Apache 2.4</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11864">PHPBB3-11864</a>] - Do not call exit after display_progress_bar in acp_forums</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11879">PHPBB3-11879</a>] - Compatibility error in forum_fn.js: .live should be replaced with .on</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11968">PHPBB3-11968</a>] - Travis Image are broken due to repository rename</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12037">PHPBB3-12037</a>] - acp_inactive.html has hard-coded text</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12048">PHPBB3-12048</a>] - Custom BBCodes Fail to Render Language Strings with a Number</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12061">PHPBB3-12061</a>] - Keyboard shortcut alt+h doesn't work properly in firefox</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12072">PHPBB3-12072</a>] - Missing word &quot;send&quot; in comment in schema_data.sql</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12093">PHPBB3-12093</a>] - IE 11 javascript selection is no longer supported</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12118">PHPBB3-12118</a>] - Add noindex meta tag to subsilver2 pm/topic view-print template</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12119">PHPBB3-12119</a>] - Remove keywords and description meta tags from prosilver view-print templates</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12120">PHPBB3-12120</a>] - Update docs/AUTHORS for 3.0.13-RC1</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12140">PHPBB3-12140</a>] - Avoid endless loop in build script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12161">PHPBB3-12161</a>] - build/save directories are no longer created</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12162">PHPBB3-12162</a>] - Binary files missing from update packages</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12176">PHPBB3-12176</a>] - No error shown when attempting to delete a founder</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12186">PHPBB3-12186</a>] - MCP should open &quot;Reported posts&quot; instead of PM Reports</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12188">PHPBB3-12188</a>] - Add php 5.6 to travis tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12202">PHPBB3-12202</a>] - Variables read from style.cfg etc. should be htmlspecialchared</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12205">PHPBB3-12205</a>] - Custom Profile Field display bug</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12210">PHPBB3-12210</a>] - dbtools::sql_create_table incorrectly throws error related to auto-increment length on non auto-increment fields</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12310">PHPBB3-12310</a>] - SMTP username and password should not autocomplete during install</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12316">PHPBB3-12316</a>] - develop-ascraeus build status missing from &quot;Automated Testing&quot; section in README.md</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12353">PHPBB3-12353</a>] - User attachments in ACP are not displaying every attachment</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12359">PHPBB3-12359</a>] - Day and Month of Birthday Misaligned When Editing</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12381">PHPBB3-12381</a>] - Broken error message when selecting invalid DB driver</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12397">PHPBB3-12397</a>] - db_tools::sql_unique_index_exists() has wrong doc block</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12429">PHPBB3-12429</a>] - Update phpunit to 3.8+</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12467">PHPBB3-12467</a>] - Add config_*.php  and tests_config_*.php to .gitignore</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12472">PHPBB3-12472</a>] - Set fast finish for .travis.yml</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12485">PHPBB3-12485</a>] - Broken tests due to absolute exclude</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12492">PHPBB3-12492</a>] - DB_TEST: Special chars are not supported.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12540">PHPBB3-12540</a>] - WRONG_FILESIZE contains broken placeholders</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12660">PHPBB3-12660</a>] - Undefined offset error when phpinfo() disabled and debug enabled</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12695">PHPBB3-12695</a>] - Undefined index: MISSING_INLINE_ATTACHMENT notice given when viewing post details</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12720">PHPBB3-12720</a>] - Git commit hook should not require commit message to start with a capital letter</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12741">PHPBB3-12741</a>] - Functional tests on Travis fail since php update last night</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12755">PHPBB3-12755</a>] - Remote upload stuck in infinite loop if server sends keep-alive</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13086">PHPBB3-13086</a>] - Update ACP_MASS_EMAIL_EXPLAIN language key</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13096">PHPBB3-13096</a>] - ldap_escape() added to PHP 5.6.0</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13138">PHPBB3-13138</a>] - Banned users cause infinite recursion</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13168">PHPBB3-13168</a>] - Warning displayed in PHP 5.6 for mbstring.http_input</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13234">PHPBB3-13234</a>] - Remember me cookie gets unset by admin reauthentication</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13341">PHPBB3-13341</a>] - Tests fail when generating coverage report</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13376">PHPBB3-13376</a>] - deregister_globals() does not work correctly when $_COOKIE['GLOBALS'] - is specified</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13519">PHPBB3-13519</a>] - Correctly validate imagick path as path and not string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13523">PHPBB3-13523</a>] - PHP 5.2 Unit Tests no longer work due to deprecated PHPUnit PEAR channel</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13526">PHPBB3-13526</a>] - Correctly validate ucp_pm_options form key</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13527">PHPBB3-13527</a>] - Escape information received from version server</li>
+</ul>
+<h4>Improvement</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10037">PHPBB3-10037</a>] - Add Smiley Buttons in Signature Editor</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10174">PHPBB3-10174</a>] - Rename &quot;Ban usernames&quot; to &quot;Ban users&quot; in ACP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10549">PHPBB3-10549</a>] - Languages variables should be used, not hardcoded</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10555">PHPBB3-10555</a>] - Copyright notice in overall_header.html is not translatable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10945">PHPBB3-10945</a>] - Show entered search query in the search box when no results are found.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11254">PHPBB3-11254</a>] - Check CRLF line endings in the test suite</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11295">PHPBB3-11295</a>] - Drop tables for postgres in the test suite</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11297">PHPBB3-11297</a>] - Running tests doc should mention dbunit dependency</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11704">PHPBB3-11704</a>] - phing build script does not include vendor folder, even if there are dependencies</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11766">PHPBB3-11766</a>] - Remove Quote and Edit button when topic is lock</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11801">PHPBB3-11801</a>] - missing semi colons in css</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11814">PHPBB3-11814</a>] - Topic reply notification email text change</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12035">PHPBB3-12035</a>] - Add a link to user's posts in the ACP user overview page</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12106">PHPBB3-12106</a>] - Document exceptions to &quot;Disable Board&quot; in ACP.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12146">PHPBB3-12146</a>] - Add color demo when editing a group from the UCP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12247">PHPBB3-12247</a>] - include poster's username in email notifications of posts that get approved by moderators</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12259">PHPBB3-12259</a>] - Too many redundant tests are run on Travis</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12468">PHPBB3-12468</a>] - Allow mbstring.http_input='' besides 'pass' for PHP 5.6 compatibility</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13531">PHPBB3-13531</a>] - Disallow trailing paths (e.g. using the PATH_INFO feature)</li>
+</ul>
+<h4>Task</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10839">PHPBB3-10839</a>] - Remove phpunit.xml.functional and always include functional tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11509">PHPBB3-11509</a>] - Travis should check commit message format</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11876">PHPBB3-11876</a>] - Upgrade package checksums from MD5 to SHA256</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11877">PHPBB3-11877</a>] - Create package download links and checksums for announcement via script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11920">PHPBB3-11920</a>] - Add MariaDB tests to Travis-CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11951">PHPBB3-11951</a>] - Add MariaDB to supported RDBMS list</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11970">PHPBB3-11970</a>] - Use 'set -x' in Travis CI setup scripts</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12046">PHPBB3-12046</a>] - Use PHP_BINARY environment variable in lint unit test</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12056">PHPBB3-12056</a>] - Make sure each unit test runs on its own</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12147">PHPBB3-12147</a>] - Remove Travis CI notification configuration</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12302">PHPBB3-12302</a>] - Upgrade composer.phar to 1.0.0-alpha8</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12318">PHPBB3-12318</a>] - Correctly setup HHVM functional tests on Travis CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12319">PHPBB3-12319</a>] - Backport Travis CI HHVM environment enabling to develop-olympus.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12320">PHPBB3-12320</a>] - No longer allow Travis CI HHVM environment to fail</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12341">PHPBB3-12341</a>] - Add tests for get_username_string()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12384">PHPBB3-12384</a>] - Run Travis CI HHVM tests against MySQLi instead of MySQL</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12417">PHPBB3-12417</a>] - hhvm-nightly 2014.04.16~precise breaks tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12495">PHPBB3-12495</a>] - Add Sami to composer dependencies and build script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12582">PHPBB3-12582</a>] - Strip away copyrighted ICC profile from images</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12917">PHPBB3-12917</a>] - Move commit check and file executable checks to 5.3.3 build on travis</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13324">PHPBB3-13324</a>] - Composer no longer downloads sami/sami and fabpot/goutte</li>
+</ul>
+
+	<a name="v3011"></a><h3>1.ii. Changes since 3.0.11</h3>
 
 <h4>Bug</h4>
 <ul>
@@ -248,7 +382,7 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11753">PHPBB3-11753</a>] - Upgrade mysql_upgrader.php schema data.</li>
 </ul>
 
-	<a name="v3010"></a><h3>1.ii. Changes since 3.0.10</h3>
+	<a name="v3010"></a><h3>1.iii. Changes since 3.0.10</h3>
 
 <h4>Bug</h4>
 <ul>
@@ -373,7 +507,7 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10909">PHPBB3-10909</a>] - Update Travis Test Configuration: Travis no longer supports PHP 5.3.2</li>
 </ul>
 
-	<a name="v309"></a><h3>1.iii. Changes since 3.0.9</h3>
+	<a name="v309"></a><h3>1.iv. Changes since 3.0.9</h3>
 
 <h4>Bug</h4>
 <ul>
@@ -509,7 +643,7 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10480">PHPBB3-10480</a>] - Automate changelog building</li>
 </ul>
 
-	<a name="v308"></a><h3>1.iv. Changes since 3.0.8</h3>
+	<a name="v308"></a><h3>1.v. Changes since 3.0.8</h3>
 
 <h4>        Bug
 </h4>
@@ -574,7 +708,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9924'>PHPBB3-9924</a>] -         $template-&gt;display hook does not pass $template instance
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9925'>PHPBB3-9925</a>] -         prosilver logo margin bug in IE 6-7-8 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9925'>PHPBB3-9925</a>] -         prosilver logo margin bug in IE 6-7-8
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9928'>PHPBB3-9928</a>] -         Do not link &quot;login to your board&quot; to the &quot;send statistics&quot; page after completed update.
 </li>
@@ -582,7 +716,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9932'>PHPBB3-9932</a>] -         The Bing bot is not added when converting.
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9933'>PHPBB3-9933</a>] -         Wrong handling of consecutive multiple asterisks in word censor 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9933'>PHPBB3-9933</a>] -         Wrong handling of consecutive multiple asterisks in word censor
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9934'>PHPBB3-9934</a>] -         Mass Mail missing under the system tab on a fresh install
 </li>
@@ -594,7 +728,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9948'>PHPBB3-9948</a>] -         Inline quicktime files won&#39;t display
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9949'>PHPBB3-9949</a>] -         $user-&gt;lang() is not handling arguments as per documentation 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9949'>PHPBB3-9949</a>] -         $user-&gt;lang() is not handling arguments as per documentation
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9950'>PHPBB3-9950</a>] -         Problem with localized button images after uprading from 3.0.7-PL1 to 3.0.8
 </li>
@@ -757,7 +891,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10250'>PHPBB3-10250</a>] -         phpBB Logo needs the Registered Trademark Symbol
 </li>
 </ul>
-    
+
 <h4>        Improvement
 </h4>
 <ul>
@@ -814,7 +948,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10186'>PHPBB3-10186</a>] -         UCP signature panel displays when not authed for signatures
 </li>
 </ul>
-    
+
 <h4>        New Feature
 </h4>
 <ul>
@@ -825,7 +959,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10110'>PHPBB3-10110</a>] -         Redis caching module
 </li>
 </ul>
-    
+
 <h4>        Task
 </h4>
 <ul>
@@ -864,7 +998,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10107'>PHPBB3-10107</a>] -         Improve docs for non-apache webserver configuration
 </li>
 </ul>
-    
+
 <h4>        Sub-task
 </h4>
 <ul>
@@ -877,7 +1011,7 @@
 </ul>
 
 
-	<a name="v307-PL1"></a><h3>1.v. Changes since 3.0.7-PL1</h3>
+	<a name="v307-PL1"></a><h3>1.vi. Changes since 3.0.7-PL1</h3>
 <h4>        Security
 </h4>
 <ul>
@@ -1335,13 +1469,13 @@
 </ul>
 
 
-	<a name="v307"></a><h3>1.vi. Changes since 3.0.7</h3>
+	<a name="v307"></a><h3>1.vii. Changes since 3.0.7</h3>
 
 	<ul>
 		<li>[Sec] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)</li>
 	</ul>
 
-	<a name="v306"></a><h3>1.vii. Changes since 3.0.6</h3>
+	<a name="v306"></a><h3>1.viii. Changes since 3.0.6</h3>
 
 	<ul>
 		<li>[Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)</li>
@@ -1445,7 +1579,7 @@
 
 	</ul>
 
-	<a name="v305"></a><h3>1.viii. Changes since 3.0.5</h3>
+	<a name="v305"></a><h3>1.ix. Changes since 3.0.5</h3>
 
 	<ul>
 		<li>[Fix] Allow whitespaces in avatar gallery names. (Bug #44955)</li>
@@ -1667,7 +1801,7 @@
 		<li>[Feature] Send anonymous statistical information to phpBB on installation and update (optional).</li>
 	</ul>
 
-	<a name="v304"></a><h3>1.ix. Changes since 3.0.4</h3>
+	<a name="v304"></a><h3>1.x. Changes since 3.0.4</h3>
 
 	<ul>
 		<li>[Fix] Delete user entry from ban list table upon user deletion (Bug #40015 - Patch by TerraFrost)</li>
@@ -1756,7 +1890,7 @@
 		<li>[Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen)</li>
 	</ul>
 
-	<a name="v303"></a><h3>1.x. Changes since 3.0.3</h3>
+	<a name="v303"></a><h3>1.xi. Changes since 3.0.3</h3>
 
 	<ul>
 		<li>[Fix] Allow mixed-case template directories to be inherited (Bug #36725)</li>
@@ -1788,7 +1922,7 @@
 		<li>[Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)</li>
 	</ul>
 
-	<a name="v302"></a><h3>1.xi. Changes since 3.0.2</h3>
+	<a name="v302"></a><h3>1.xii. Changes since 3.0.2</h3>
 
 	<ul>
 		<li>[Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048)</li>
@@ -1887,7 +2021,7 @@
 		<li>[Sec Precaution] Stricter validation of the HTTP_HOST header (Thanks to Techie-Micheal et al for pointing out possible issues in derived code)</li>
 	</ul>
 
-	<a name="v301"></a><h3>1.xii. Changes since 3.0.1</h3>
+	<a name="v301"></a><h3>1.xiii. Changes since 3.0.1</h3>
 
 	<ul>
 		<li>[Fix] Ability to set permissions on non-mysql dbms (Bug #24955)</li>
@@ -1935,7 +2069,7 @@
 		<li>[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)</li>
 	</ul>
 
-	<a name="v300"></a><h3>1.xiii Changes since 3.0.0</h3>
+	<a name="v300"></a><h3>1.xiv Changes since 3.0.0</h3>
 
 	<ul>
 		<li>[Change] Validate birthdays (Bug #15004)</li>
@@ -2006,7 +2140,7 @@
 		<li>[Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)</li>
 	</ul>
 
-	<a name="v30rc8"></a><h3>1.xiv. Changes since 3.0.RC8</h3>
+	<a name="v30rc8"></a><h3>1.xv. Changes since 3.0.RC8</h3>
 
 	<ul>
 		<li>[Fix] Cleaned usernames contain only single spaces, so &quot;a_name&quot; and &quot;a__name&quot; are treated as the same name (Bug #15634)</li>
@@ -2015,7 +2149,7 @@
 		<li>[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)</li>
 	</ul>
 
-	<a name="v30rc7"></a><h3>1.xv. Changes since 3.0.RC7</h3>
+	<a name="v30rc7"></a><h3>1.xvi. Changes since 3.0.RC7</h3>
 
 	<ul>
 		<li>[Fix] Fixed MSSQL related bug in the update system</li>
@@ -2050,7 +2184,7 @@
 		<li>[Fix] No duplication of active topics (Bug #15474)</li>
 	</ul>
 
-	<a name="v30rc6"></a><h3>1.xvi. Changes since 3.0.RC6</h3>
+	<a name="v30rc6"></a><h3>1.xvii. Changes since 3.0.RC6</h3>
 
 	<ul>
 		<li>[Fix] Submitting language changes using acp_language (Bug #14736)</li>
@@ -2060,7 +2194,7 @@
 		<li>[Fix] Able to request new password (Bug #14743)</li>
 	</ul>
 
-	<a name="v30rc5"></a><h3>1.xvii. Changes since 3.0.RC5</h3>
+	<a name="v30rc5"></a><h3>1.xviii. Changes since 3.0.RC5</h3>
 
 	<ul>
 		<li>[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.</li>
@@ -2123,7 +2257,7 @@
 		<li>[Sec] New password hashing mechanism for storing passwords (#i42)</li>
 	</ul>
 
-	<a name="v30rc4"></a><h3>1.xviii. Changes since 3.0.RC4</h3>
+	<a name="v30rc4"></a><h3>1.xix. Changes since 3.0.RC4</h3>
 
 	<ul>
 		<li>[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)</li>
@@ -2174,7 +2308,7 @@
 		<li>[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)</li>
 	</ul>
 
-	<a name="v30rc3"></a><h3>1.xix. Changes since 3.0.RC3</h3>
+	<a name="v30rc3"></a><h3>1.xx. Changes since 3.0.RC3</h3>
 
 	<ul>
 		<li>[Fix] Fixing some subsilver2 and prosilver style issues</li>
@@ -2283,7 +2417,7 @@
 
 	</ul>
 
-	<a name="v30rc2"></a><h3>1.xx. Changes since 3.0.RC2</h3>
+	<a name="v30rc2"></a><h3>1.xxi. Changes since 3.0.RC2</h3>
 
 	<ul>
 		<li>[Fix] Re-allow searching within the memberlist</li>
@@ -2329,7 +2463,7 @@
 
 	</ul>
 
-	<a name="v30rc1"></a><h3>1.xxi. Changes since 3.0.RC1</h3>
+	<a name="v30rc1"></a><h3>1.xxii. Changes since 3.0.RC1</h3>
 
 	<ul>
 		<li>[Fix] (X)HTML issues within the templates (Bug #11255, #11255)</li>

phpBB/docs/INSTALL.html

@@ -276,7 +276,7 @@
 
 	<p>This package is meant for those wanting to only replace the files that were changed between a previous version and the latest version.</p>
 
-	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <strong>3.0.11</strong> you should select the appropriate <code>phpBB-3.0.12-files.zip/tar.bz2</code> file.</p>
+	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <strong>3.0.12</strong> you should select the appropriate <code>phpBB-3.0.13-files.zip/tar.bz2</code> file.</p>
 
 	<p>The directory structure has been preserved, enabling you (if you wish) to simply upload the uncompressed contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any modifications (MODs) these files will overwrite the originals, possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
 
@@ -288,7 +288,7 @@
 
 	<p>The patch file is one solution for those with many Modifications (MODs) or other changes and do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application, but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the recommended update method.</p>
 
-	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is <strong>3.0.11</strong>, you need the <code>phpBB-3.0.12-patch.zip/tar.bz2</code> file. Place the correct patch in the parent directory containing the phpBB core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <code>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</code> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is <strong>3.0.12</strong>, you need the <code>phpBB-3.0.13-patch.zip/tar.bz2</code> file. Place the correct patch in the parent directory containing the phpBB core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <code>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</code> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
 	<p>If you do get failures, you should look at using the <a href="#update_files">Changed Files</a> package to replace the files which failed to patch. Please note that you will need to manually re-add any MODs to these particular files. Alternatively, if you know how, you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
@@ -298,7 +298,7 @@
 
 	<p>This update method is the recommended method for updating. This package detects changed files automatically and merges in changes if needed.</p>
 
-	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.11</strong>, you need the <code>phpBB-3.0.11_to_3.0.12.zip/tar.bz2</code> file.</p>
+	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.12</strong>, you need the <code>phpBB-3.0.12_to_3.0.13.zip/tar.bz2</code> file.</p>
 
 	<p>To perform the update, either follow the instructions from the <strong>Administration Control Panel-&gt;System</strong> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 

phpBB/feed.php

@@ -71,9 +71,6 @@ if ($feed === false)
 	trigger_error('NO_FEED');
 }
 
-// Get attachments for this feed
-$feed->fetch_attachments();
-
 // Open Feed
 $feed->open();
 
@@ -109,7 +106,7 @@ while ($row = $feed->get_item())
 		'title'			=> censor_text($title),
 		'category'		=> ($config['feed_item_statistics'] && !empty($row['forum_id'])) ? $board_url . '/viewforum.' . $phpEx . '?f=' . $row['forum_id'] : '',
 		'category_name'	=> ($config['feed_item_statistics'] && isset($row['forum_name'])) ? $row['forum_name'] : '',
-		'description'	=> censor_text(feed_generate_content($row[$feed->get('text')], $row[$feed->get('bbcode_uid')], $row[$feed->get('bitfield')], $options, $row['forum_id'], (($row['post_attachment']) ? $feed->attachments[$row['post_id']] : array()))),
+		'description'	=> censor_text(feed_generate_content($row[$feed->get('text')], $row[$feed->get('bbcode_uid')], $row[$feed->get('bitfield')], $options)),
 		'statistics'	=> '',
 	);
 
@@ -275,16 +272,8 @@ function feed_format_date($time)
 
 /**
 * Generate text content
-*
-* @param string $content is feed text content
-* @param string $uid is bbcode_uid
-* @param string $bitfield is bbcode bitfield
-* @param int $options bbcode flag options
-* @param int $forum_id is the forum id
-* @param array $post_attachments is an array containing the attachments and their respective info
-* @return string the html content to be printed for the feed
 **/
-function feed_generate_content($content, $uid, $bitfield, $options, $forum_id, $post_attachments)
+function feed_generate_content($content, $uid, $bitfield, $options)
 {
 	global $user, $config, $phpbb_root_path, $phpEx, $board_url;
 
@@ -333,15 +322,8 @@ function feed_generate_content($content, $uid, $bitfield, $options, $forum_id, $
 	// Remove some specials html tag, because somewhere there are a mod to allow html tags ;)
 	$content	= preg_replace( '#<(script|iframe)([^[]+)\1>#siU', ' <strong>$1</strong> ', $content);
 
-	// Parse inline images to display with the feed
-	if (!empty($post_attachments))
-	{
-		$update_count = array();
-		parse_attachments($forum_id, $content, $post_attachments, $update_count);
-	}	
-
 	// Remove Comments from inline attachments [ia]
-	$content = preg_replace('#<dd>(.*?)</dd>#','',$content);
+	$content	= preg_replace('#<div class="(inline-attachment|attachtitle)">(.*?)<!-- ia(.*?) -->(.*?)<!-- ia(.*?) -->(.*?)</div>#si','$4',$content);
 
 	// Replace some entities with their unicode counterpart
 	$entities = array(
@@ -359,9 +341,6 @@ function feed_generate_content($content, $uid, $bitfield, $options, $forum_id, $
 	// Other control characters
 	$content = preg_replace('#(?:[\x00-\x1F\x7F]+|(?:\xC2[\x80-\x9F])+)#', '', $content);
 
-	// Convert attachments' relative path to absolute path
-	$content = str_replace($phpbb_root_path . 'download/file.' . $phpEx, $board_url . '/download/file.' . $phpEx, $content);
-
 	return $content;
 }
 
@@ -681,7 +660,6 @@ class phpbb_feed_base
 class phpbb_feed_post_base extends phpbb_feed_base
 {
 	var $num_items = 'feed_limit_post';
-	var $attachments = array();
 
 	function set_keys()
 	{
@@ -715,45 +693,6 @@ class phpbb_feed_post_base extends phpbb_feed_base
 				. (($this->is_moderator_approve_forum($row['forum_id']) && !$row['post_approved']) ? ' ' . $this->separator_stats . ' ' . $user->lang['POST_UNAPPROVED'] : '');
 		}
 	}
-
-	function fetch_attachments()
-	{
-		global $db;
-
-		$sql_array = array(
-			'SELECT'	=> 'a.*',
-			'FROM'		=> array(
-				ATTACHMENTS_TABLE	=>	'a'
-			),
-			'WHERE'		=> 'a.in_message = 0 ',
-			'ORDER_BY'	=> 'a.filetime DESC, a.post_msg_id ASC',
-		);
-
-		if (isset($this->topic_id))
-		{
-			$sql_array['WHERE'] .= 'AND a.topic_id = ' . (int) $this->topic_id;
-		}
-		else if (isset($this->forum_id))
-		{
-			$sql_array['LEFT_JOIN'] = array(
-				array(
-					'FROM'  => array(TOPICS_TABLE => 't'),
-					'ON'    => 'a.topic_id = t.topic_id',
-				)
-			);
-			$sql_array['WHERE'] .= 'AND t.forum_id = ' . (int) $this->forum_id;
-		}
-
-		$sql = $db->sql_build_query('SELECT', $sql_array);
-		$result = $db->sql_query($sql);
-
-		// Set attachments in feed items
-		while ($row = $db->sql_fetchrow($result))
-		{
-			$this->attachments[$row['post_msg_id']][] = $row;
-		}
-		$db->sql_freeresult($result);
-	}
 }
 
 /**
@@ -856,7 +795,7 @@ class phpbb_feed_overall extends phpbb_feed_post_base
 		// Get the actual data
 		$this->sql = array(
 			'SELECT'	=>	'f.forum_id, f.forum_name, ' .
-							'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
+							'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				USERS_TABLE		=> 'u',
@@ -988,7 +927,7 @@ class phpbb_feed_forum extends phpbb_feed_post_base
 		}
 
 		$this->sql = array(
-			'SELECT'	=>	'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
+			'SELECT'	=>	'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				POSTS_TABLE		=> 'p',
@@ -1153,7 +1092,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base
 		global $auth, $db;
 
 		$this->sql = array(
-			'SELECT'	=>	'p.post_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
+			'SELECT'	=>	'p.post_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				POSTS_TABLE		=> 'p',
@@ -1318,7 +1257,7 @@ class phpbb_feed_news extends phpbb_feed_topic_base
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time, t.topic_last_post_time,
-							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment',
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',
@@ -1391,7 +1330,7 @@ class phpbb_feed_topics extends phpbb_feed_topic_base
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time, t.topic_last_post_time,
-							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment',
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',
@@ -1488,7 +1427,7 @@ class phpbb_feed_topics_active extends phpbb_feed_topic_base
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_replies, t.topic_replies_real, t.topic_views,
 							t.topic_last_poster_id, t.topic_last_poster_name, t.topic_last_post_time,
-							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment',
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',

phpBB/includes/acm/acm_memory.php

@@ -292,12 +292,24 @@ class acm_memory
 		// determine which tables this query belongs to
 		// Some queries use backticks, namely the get_database_size() query
 		// don't check for conformity, the SQL would error and not reach here.
-		if (!preg_match('/FROM \\(?(`?\\w+`?(?: \\w+)?(?:, ?`?\\w+`?(?: \\w+)?)*)\\)?/', $query, $regs))
+		if (!preg_match_all('/(?:FROM \\(?(`?\\w+`?(?: \\w+)?(?:, ?`?\\w+`?(?: \\w+)?)*)\\)?)|(?:JOIN (`?\\w+`?(?: \\w+)?))/', $query, $regs, PREG_SET_ORDER))
 		{
 			// Bail out if the match fails.
 			return;
 		}
-		$tables = array_map('trim', explode(',', $regs[1]));
+
+		$tables = array();
+		foreach ($regs as $match)
+		{
+			if ($match[0][0] == 'F')
+			{
+				$tables = array_merge($tables, array_map('trim', explode(',', $match[1])));
+			}
+			else
+			{
+				$tables[] = $match[2];
+			}
+		}
 
 		foreach ($tables as $table_name)
 		{

phpBB/includes/acp/acp_attachments.php

@@ -127,7 +127,7 @@ class acp_attachments
 						'img_create_thumbnail'		=> array('lang' => 'CREATE_THUMBNAIL',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'img_max_thumb_width'		=> array('lang' => 'MAX_THUMB_WIDTH',		'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_min_thumb_filesize'	=> array('lang' => 'MIN_THUMB_FILESIZE',	'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
-						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'string',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
+						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'path',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
 						'img_max'					=> array('lang' => 'MAX_IMAGE_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_link'					=> array('lang' => 'IMAGE_LINK_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 					)

phpBB/includes/acp/acp_board.php

@@ -123,7 +123,7 @@ class acp_board
 						'avatar_filesize'		=> array('lang' => 'MAX_FILESIZE',			'validate' => 'int:0',	'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
 						'avatar_min'			=> array('lang' => 'MIN_AVATAR_SIZE',		'validate' => 'int:0',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'avatar_max'			=> array('lang' => 'MAX_AVATAR_SIZE',		'validate' => 'int:0',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
-						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rwpath',	'type' => 'text:20:255', 'explain' => true),
+						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 						'avatar_gallery_path'	=> array('lang' => 'AVATAR_GALLERY_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true)
 					)
 				);

phpBB/includes/acp/acp_main.php

@@ -606,8 +606,8 @@ class acp_main
 				'S_MBSTRING_LOADED'						=> true,
 				'S_MBSTRING_FUNC_OVERLOAD_FAIL'			=> (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)),
 				'S_MBSTRING_ENCODING_TRANSLATION_FAIL'	=> (@ini_get('mbstring.encoding_translation') != 0),
-				'S_MBSTRING_HTTP_INPUT_FAIL'			=> (@ini_get('mbstring.http_input') != 'pass'),
-				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> (@ini_get('mbstring.http_output') != 'pass'),
+				'S_MBSTRING_HTTP_INPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_input'), array('pass', '')),
+				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_output'), array('pass', '')),
 			));
 		}
 

phpBB/includes/acp/acp_php_info.php

@@ -47,7 +47,7 @@ class acp_php_info
 		// for this was nabbed from the PHP annotated manual
 		preg_match_all('#<body[^>]*>(.*)</body>#si', $phpinfo, $output);
 
-		if (empty($phpinfo) || empty($output))
+		if (empty($phpinfo) || empty($output[1][0]))
 		{
 			trigger_error('NO_PHPINFO_AVAILABLE', E_USER_WARNING);
 		}

phpBB/includes/acp/acp_update.php

@@ -34,10 +34,7 @@ class acp_update
 		$this->page_title = 'ACP_VERSION_CHECK';
 
 		// Get current and latest version
-		$errstr = '';
-		$errno = 0;
-
-		$info = obtain_latest_version_info(request_var('versioncheck_force', false));
+		$info = htmlspecialchars(obtain_latest_version_info(request_var('versioncheck_force', false)));
 
 		if (empty($info))
 		{

phpBB/includes/acp/acp_users.php

@@ -2015,7 +2015,7 @@ class acp_users
 					WHERE a.poster_id = ' . $user_id . "
 						AND a.is_orphan = 0
 					ORDER BY $order_by";
-				$result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
+				$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
 
 				while ($row = $db->sql_fetchrow($result))
 				{

phpBB/includes/auth/auth_ldap.php

@@ -282,7 +282,7 @@ function ldap_user_filter($username)
 {
 	global $config;
 
-	$filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')';
+	$filter = '(' . $config['ldap_uid'] . '=' . phpbb_ldap_escape(htmlspecialchars_decode($username)) . ')';
 	if ($config['ldap_user_filter'])
 	{
 		$_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})";
@@ -294,7 +294,7 @@ function ldap_user_filter($username)
 /**
 * Escapes an LDAP AttributeValue
 */
-function ldap_escape($string)
+function phpbb_ldap_escape($string)
 {
 	return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string);
 }

phpBB/includes/bbcode.php

@@ -135,6 +135,11 @@ class bbcode
 			$this->template_bitfield = new bitfield($user->theme['bbcode_bitfield']);
 			$this->template_filename = $phpbb_root_path . 'styles/' . $user->theme['template_path'] . '/template/bbcode.html';
 
+			if (empty($user->theme['template_inherits_id']) && !empty($template->orig_tpl_inherits_id))
+			{
+				$user->theme['template_inherits_id'] = $template->orig_tpl_inherits_id;
+			}
+
 			if (!@file_exists($this->template_filename))
 			{
 				if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id'])

phpBB/includes/constants.php

@@ -25,7 +25,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.0.13-dev');
+define('PHPBB_VERSION', '3.0.13-RC1');
 
 // QA-related
 // define('PHPBB_QA', 1);

phpBB/includes/db/db_tools.php

@@ -875,7 +875,7 @@ class phpbb_db_tools
 			}
 		}
 
-		// Add unqiue indexes?
+		// Add unique indexes?
 		if (!empty($schema_changes['add_unique_index']))
 		{
 			foreach ($schema_changes['add_unique_index'] as $table => $index_array)
@@ -1286,7 +1286,7 @@ class phpbb_db_tools
 	}
 
 	/**
-	* Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.
+	* Check if a specified index exists in table. Does not return PRIMARY KEY indexes.
 	*
 	* @param string	$table_name		Table to check the index at
 	* @param string	$index_name		The index name to check

phpBB/includes/functions_content.php

@@ -21,6 +21,7 @@ if (!defined('IN_PHPBB'))
 * make_jumpbox()
 * bump_topic_allowed()
 * get_context()
+* phpbb_clean_search_string()
 * decode_message()
 * strip_bbcode()
 * generate_text_for_display()
@@ -360,6 +361,23 @@ function get_context($text, $words, $length = 400)
 	}
 }
 
+/**
+* Cleans a search string by removing single wildcards from it and replacing multiple spaces with a single one.
+*
+* @param string $search_string The full search string which should be cleaned.
+*
+* @return string The cleaned search string without any wildcards and multiple spaces.
+*/
+function phpbb_clean_search_string($search_string)
+{
+	// This regular expressions matches every single wildcard.
+	// That means one after a whitespace or the beginning of the string or one before a whitespace or the end of the string.
+	$search_string = preg_replace('#(?<=^|\s)\*+(?=\s|$)#', '', $search_string);
+	$search_string = trim($search_string);
+	$search_string = preg_replace(array('#\s+#u', '#\*+#u'), array(' ', '*'), $search_string);
+	return $search_string;
+}
+
 /**
 * Decode text whereby text is coming from the db and expected to be pre-parsed content
 * We are placing this outside of the message parser because we are often in need of it...

phpBB/includes/functions_install.php

@@ -309,7 +309,7 @@ function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix,
 	if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true)))
 	{
 		$db_error = $db->sql_error();
-		$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . (($db_error['message']) ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
+		$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . (($db_error['message']) ? utf8_convert_message($db_error['message']) : $lang['INST_ERR_DB_NO_ERROR']);
 	}
 	else
 	{

phpBB/includes/functions_posting.php

@@ -394,6 +394,10 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 	{
 		$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
 	}
+	else if (!$config['check_attachment_content'])
+	{
+		$upload->set_disallowed_content(array());
+	}
 
 	if (!$local)
 	{

phpBB/includes/functions_privmsgs.php

@@ -208,7 +208,7 @@ function get_folder($user_id, $folder_id = false)
 		);
 	}
 
-	if ($folder_id !== false && !isset($folder[$folder_id]))
+	if ($folder_id !== false && $folder_id !== PRIVMSGS_HOLD_BOX && !isset($folder[$folder_id]))
 	{
 		trigger_error('UNKNOWN_FOLDER');
 	}

phpBB/includes/functions_upload.php

@@ -466,6 +466,9 @@ class fileupload
 	var $max_height = 0;
 	var $error_prefix = '';
 
+	/** @var int Timeout for remote upload */
+	var $upload_timeout = 6;
+
 	/**
 	* Init file upload class.
 	*
@@ -795,13 +798,28 @@ class fileupload
 		fputs($fsock, "HOST: " . $host . "\r\n");
 		fputs($fsock, "Connection: close\r\n\r\n");
 
+		// Set a proper timeout for the socket
+		socket_set_timeout($fsock, $this->upload_timeout);
+
 		$get_info = false;
 		$data = '';
-		while (!@feof($fsock))
+		$length = false;
+		$timer_stop = time() + $this->upload_timeout;
+
+		while ((!$length || $filesize < $length) && !@feof($fsock))
 		{
 			if ($get_info)
 			{
-				$block = @fread($fsock, 1024);
+				if ($length)
+				{
+					// Don't attempt to read past end of file if server indicated length
+					$block = @fread($fsock, min($length - $filesize, 1024));
+				}
+				else
+				{
+					$block = @fread($fsock, 1024);
+				}
+
 				$filesize += strlen($block);
 
 				if ($remote_max_filesize && $filesize > $remote_max_filesize)
@@ -847,6 +865,15 @@ class fileupload
 					}
 				}
 			}
+
+			$stream_meta_data = stream_get_meta_data($fsock);
+
+			// Cancel upload if we exceed timeout
+			if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
+			{
+				$file = new fileerror($user->lang[$this->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']);
+				return $file;
+			}
 		}
 		@fclose($fsock);
 

phpBB/includes/functions_user.php

@@ -329,11 +329,16 @@ function user_add($user_row, $cp_data = false)
 }
 
 /**
-* Remove User
-*/
+ * Remove User
+ *
+ * @param string	$mode		'retain' or 'remove'
+ * @param int		$user_id
+ * @param mixed		$post_username
+ * @return bool
+ */
 function user_delete($mode, $user_id, $post_username = false)
 {
-	global $cache, $config, $db, $user, $auth;
+	global $cache, $config, $db, $user;
 	global $phpbb_root_path, $phpEx;
 
 	$sql = 'SELECT *
@@ -439,11 +444,6 @@ function user_delete($mode, $user_id, $post_username = false)
 					WHERE poster_id = $user_id";
 				$db->sql_query($sql);
 
-				$sql = 'UPDATE ' . POSTS_TABLE . '
-					SET post_edit_user = ' . ANONYMOUS . "
-					WHERE post_edit_user = $user_id";
-				$db->sql_query($sql);
-
 				$sql = 'UPDATE ' . TOPICS_TABLE . '
 					SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''
 					WHERE topic_poster = $user_id";
@@ -501,6 +501,18 @@ function user_delete($mode, $user_id, $post_username = false)
 
 	$cache->destroy('sql', MODERATOR_CACHE_TABLE);
 
+	// Change user_id to anonymous for posts edited by this user
+	$sql = 'UPDATE ' . POSTS_TABLE . '
+		SET post_edit_user = ' . ANONYMOUS . '
+		WHERE post_edit_user = ' . $user_id;
+	$db->sql_query($sql);
+
+	// Change user_id to anonymous for pms edited by this user
+	$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
+		SET message_edit_user = ' . ANONYMOUS . '
+		WHERE message_edit_user = ' . $user_id;
+	$db->sql_query($sql);
+
 	// Delete user log entries about this user
 	$sql = 'DELETE FROM ' . LOG_TABLE . '
 		WHERE reportee_id = ' . $user_id;

phpBB/includes/mcp/info/mcp_pm_reports.php

@@ -20,7 +20,7 @@ class mcp_pm_reports_info
 			'title'		=> 'MCP_PM_REPORTS',
 			'version'	=> '1.0.0',
 			'modes'		=> array(
-				'pm_reports'			=> array('title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
+				'pm_reports'		=> array('title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 				'pm_reports_closed'	=> array('title' => 'MCP_PM_REPORTS_CLOSED', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 				'pm_report_details'	=> array('title' => 'MCP_PM_REPORT_DETAILS', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 			),

phpBB/includes/mcp/mcp_post.php

@@ -157,6 +157,7 @@ function mcp_post_details($id, $mode, $action)
 
 		if (sizeof($attachments))
 		{
+			$user->add_lang('viewtopic');
 			$update_count = array();
 			parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
 		}

phpBB/includes/session.php

@@ -556,7 +556,12 @@ class session
 		$method = 'autologin_' . $method;
 		if (function_exists($method))
 		{
-			$this->data = $method();
+			$user_data = $method();
+
+			if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+			{
+				$this->data = $user_data;
+			}
 
 			if (sizeof($this->data))
 			{
@@ -576,11 +581,18 @@ class session
 					AND k.user_id = u.user_id
 					AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
 			$result = $db->sql_query($sql);
-			$this->data = $db->sql_fetchrow($result);
+			$user_data = $db->sql_fetchrow($result);
+
+			if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+			{
+				$this->data = $user_data;
+				$bot = false;
+			}
+
 			$db->sql_freeresult($result);
-			$bot = false;
 		}
-		else if ($user_id !== false && !sizeof($this->data))
+
+		if ($user_id !== false && !sizeof($this->data))
 		{
 			$this->cookie_data['k'] = '';
 			$this->cookie_data['u'] = $user_id;
@@ -1037,7 +1049,7 @@ class session
 
 		$name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata);
 		$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);
-		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain'];
+		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == '127.0.0.1' || strpos($config['cookie_domain'], '.') === false) ? '' : '; domain=' . $config['cookie_domain'];
 
 		header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
 	}

phpBB/includes/startup.php

@@ -80,31 +80,13 @@ function deregister_globals()
 	{
 		if (isset($not_unset[$varname]))
 		{
-			// Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely)
-			if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
+			// Hacking attempt. No point in continuing.
+			if (isset($_COOKIE[$varname]))
 			{
-				exit;
-			}
-			else
-			{
-				$cookie = &$_COOKIE;
-				while (isset($cookie['GLOBALS']))
-				{
-					if (!is_array($cookie['GLOBALS']))
-					{
-						break;
-					}
-
-					foreach ($cookie['GLOBALS'] as $registered_var => $value)
-					{
-						if (!isset($not_unset[$registered_var]))
-						{
-							unset($GLOBALS[$registered_var]);
-						}
-					}
-					$cookie = &$cookie['GLOBALS'];
-				}
+				echo "Clear your cookies. ";
 			}
+			echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals.";
+			exit;
 		}
 
 		unset($GLOBALS[$varname]);
@@ -113,6 +95,54 @@ function deregister_globals()
 	unset($input);
 }
 
+/**
+ * Check if requested page uses a trailing path
+ *
+ * @param string $phpEx PHP extension
+ *
+ * @return bool True if trailing path is used, false if not
+ */
+function phpbb_has_trailing_path($phpEx)
+{
+	// Check if path_info is being used
+	if (!empty($_SERVER['PATH_INFO']) || !empty($_SERVER['ORIG_PATH_INFO']))
+	{
+		return true;
+	}
+
+	// Match any trailing path appended to a php script in the REQUEST_URI.
+	// It is assumed that only actual PHP scripts use names like foo.php. Due
+	// to this, any phpBB board inside a directory that has the php extension
+	// appended to its name will stop working, i.e. if the board is at
+	// example.com/phpBB/test.php/ or example.com/test.php/
+	if (preg_match('#^[^?]+\.' . preg_quote($phpEx, '#') . '/#', $_SERVER['REQUEST_URI']))
+	{
+		return true;
+	}
+
+	return false;
+}
+
+// Check if trailing path is used
+if (phpbb_has_trailing_path($phpEx))
+{
+	if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi')
+	{
+		$prefix = 'Status:';
+	}
+	else if (!empty($_SERVER['SERVER_PROTOCOL']))
+	{
+		$prefix = $_SERVER['SERVER_PROTOCOL'];
+	}
+	else
+	{
+		$prefix = 'HTTP/1.0';
+	}
+	header("$prefix 404 Not Found", true, 404);
+	echo 'Trailing paths and PATH_INFO is not supported by phpBB 3.0';
+	exit;
+}
+
 // Register globals and magic quotes have been dropped in PHP 5.4
 if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
 {

phpBB/includes/ucp/ucp_pm_options.php

@@ -29,7 +29,11 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
 	// Change "full folder" setting - what to do if folder is full
 	if (isset($_POST['fullfolder']))
 	{
-		check_form_key('ucp_pm_options', $config['form_token_lifetime'], $redirect_url);
+		if (!check_form_key('ucp_pm_options'))
+		{
+			trigger_error('FORM_INVALID');
+		}
+
 		$full_action = request_var('full_action', 0);
 
 		$set_folder_id = 0;

phpBB/install/convertors/convert_phpbb20.php

@@ -32,7 +32,7 @@ unset($dbpasswd);
 $convertor_data = array(
 	'forum_name'	=> 'phpBB 2.0.x',
 	'version'		=> '1.0.3',
-	'phpbb_version'	=> '3.0.12',
+	'phpbb_version'	=> '3.0.13',
 	'author'		=> '<a href="https://www.phpbb.com/">phpBB Group</a>',
 	'dbms'			=> $dbms,
 	'dbhost'		=> $dbhost,

phpBB/install/database_update.php

@@ -8,7 +8,7 @@
 *
 */
 
-define('UPDATES_TO_VERSION', '3.0.13-dev');
+define('UPDATES_TO_VERSION', '3.0.13-RC1');
 
 // Enter any version to update from to test updates. The version within the db will not be updated.
 define('DEBUG_FROM_VERSION', false);
@@ -949,7 +949,7 @@ function database_update_info()
 						// this column was removed from the database updater
 						// after 3.0.9-RC3 was released. It might still exist
 						// in 3.0.9-RCX installations and has to be dropped in
-						// 3.0.13 after the db_tools class is capable of properly
+						// 3.0.14 after the db_tools class is capable of properly
 						// removing a primary key.
 						// 'attempt_id'			=> array('UINT', NULL, 'auto_increment'),
 						'attempt_ip'			=> array('VCHAR:40', ''),
@@ -1011,8 +1011,10 @@ function database_update_info()
 		'3.0.12-RC2'	=> array(),
 		// No changes from 3.0.12-RC3 to 3.0.12
 		'3.0.12-RC3'	=> array(),
+		// No changes from 3.0.12 to 3.0.13-RC1
+		'3.0.12'		=> array(),
 
-		/** @todo DROP LOGIN_ATTEMPT_TABLE.attempt_id in 3.0.13-RC1 */
+		/** @todo DROP LOGIN_ATTEMPT_TABLE.attempt_id in 3.0.14-RC1 */
 	);
 }
 
@@ -2254,6 +2256,10 @@ function change_database_data(&$no_updates, $version)
 		// No changes from 3.0.12-RC3 to 3.0.12
 		case '3.0.12-RC3':
 		break;
+
+		// No changes from 3.0.12 to 3.0.13-RC1
+		case '3.0.12':
+		break;
 	}
 }
 

phpBB/install/install_convert.php

@@ -417,7 +417,7 @@ class install_convert extends module
 
 			if (!isset($available_dbms[$src_dbms]) || !$available_dbms[$src_dbms]['AVAILABLE'])
 			{
-				$error['db'][] = $lang['INST_ERR_NO_DB'];
+				$error[] = $lang['INST_ERR_NO_DB'];
 				$connect_test = false;
 			}
 			else

phpBB/install/install_install.php

@@ -273,8 +273,8 @@ class install_install extends module
 			$checks = array(
 				array('func_overload', '&', MB_OVERLOAD_MAIL|MB_OVERLOAD_STRING),
 				array('encoding_translation', '!=', 0),
-				array('http_input', '!=', 'pass'),
-				array('http_output', '!=', 'pass')
+				array('http_input', '!=', array('pass', '')),
+				array('http_output', '!=', array('pass', ''))
 			);
 
 			foreach ($checks as $mb_checks)
@@ -295,7 +295,8 @@ class install_install extends module
 					break;
 
 					case '!=':
-						if ($ini_val != $mb_checks[2])
+						if (!is_array($mb_checks[2]) && $ini_val != $mb_checks[2] ||
+							is_array($mb_checks[2]) && !in_array($ini_val, $mb_checks[2]))
 						{
 							$result = '<strong style="color:red">' . $lang['NO'] . '</strong>';
 							$passed['mbstring'] = false;
@@ -1624,6 +1625,45 @@ class install_install extends module
 				$_module->move_module_by($row, 'move_up', 5);
 			}
 
+			if ($module_class == 'mcp')
+			{
+				// Move pm report details module 3 down...
+				$sql = 'SELECT *
+					FROM ' . MODULES_TABLE . "
+					WHERE module_basename = 'pm_reports'
+						AND module_class = 'mcp'
+						AND module_mode = 'pm_report_details'";
+				$result = $db->sql_query($sql);
+				$row = $db->sql_fetchrow($result);
+				$db->sql_freeresult($result);
+
+				$_module->move_module_by($row, 'move_down', 3);
+
+				// Move closed pm reports module 3 down...
+				$sql = 'SELECT *
+					FROM ' . MODULES_TABLE . "
+					WHERE module_basename = 'pm_reports'
+						AND module_class = 'mcp'
+						AND module_mode = 'pm_reports_closed'";
+				$result = $db->sql_query($sql);
+				$row = $db->sql_fetchrow($result);
+				$db->sql_freeresult($result);
+
+				$_module->move_module_by($row, 'move_down', 3);
+
+				// Move open pm reports module 3 down...
+				$sql = 'SELECT *
+					FROM ' . MODULES_TABLE . "
+					WHERE module_basename = 'pm_reports'
+						AND module_class = 'mcp'
+						AND module_mode = 'pm_reports'";
+				$result = $db->sql_query($sql);
+				$row = $db->sql_fetchrow($result);
+				$db->sql_freeresult($result);
+
+				$_module->move_module_by($row, 'move_down', 3);
+			}
+
 			if ($module_class == 'ucp')
 			{
 				// Move attachment module 4 down...

phpBB/install/schemas/schema_data.sql

@@ -246,7 +246,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page',
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.13-dev');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.13-RC1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 

phpBB/language/en/acp/board.php

@@ -104,7 +104,7 @@ $lang = array_merge($lang, array(
 	'AVATAR_GALLERY_PATH'			=> 'Avatar gallery path',
 	'AVATAR_GALLERY_PATH_EXPLAIN'	=> 'Path under your phpBB root directory for pre-loaded images, e.g. <samp>images/avatars/gallery</samp>.',
 	'AVATAR_STORAGE_PATH'			=> 'Avatar storage path',
-	'AVATAR_STORAGE_PATH_EXPLAIN'	=> 'Path under your phpBB root directory, e.g. <samp>images/avatars/upload</samp>.',
+	'AVATAR_STORAGE_PATH_EXPLAIN'	=> 'Path under your phpBB root directory, e.g. <samp>images/avatars/upload</samp>.<br />Avatar uploading <strong>will not be available</strong> if this path is not writable.',
 	'MAX_AVATAR_SIZE'				=> 'Maximum avatar dimensions',
 	'MAX_AVATAR_SIZE_EXPLAIN'		=> 'Width x Height in pixels.',
 	'MAX_FILESIZE'					=> 'Maximum avatar file size',

phpBB/language/en/acp/email.php

@@ -37,7 +37,7 @@ if (empty($lang) || !is_array($lang))
 
 // Email settings
 $lang = array_merge($lang, array(
-	'ACP_MASS_EMAIL_EXPLAIN'		=> 'Here you can e-mail a message to either all of your users or all users of a specific group <strong>having the option to receive mass e-mails enabled</strong>. To achieve this an e-mail will be sent out to the administrative e-mail address supplied, with a blind carbon copy sent to all recipients. The default setting is to only include 50 recipients in such an e-mail, for more recipients more e-mails will be sent. If you are emailing a large group of people please be patient after submitting and do not stop the page halfway through. It is normal for a mass emailing to take a long time, you will be notified when the script has completed.',
+	'ACP_MASS_EMAIL_EXPLAIN'		=> 'Here you can e-mail a message to either all of your users or all users of a specific group <strong>having the option to receive mass e-mails enabled</strong>. To achieve this an e-mail will be sent out to the administrative e-mail address supplied, with a blind carbon copy sent to all recipients. The default setting is to only include 20 recipients in such an e-mail, for more recipients more e-mails will be sent. If you are emailing a large group of people please be patient after submitting and do not stop the page halfway through. It is normal for a mass emailing to take a long time, you will be notified when the script has completed.',
 	'ALL_USERS'						=> 'All users',
 
 	'COMPOSE'				=> 'Compose',

phpBB/language/en/common.php

@@ -88,9 +88,10 @@ $lang = array_merge($lang, array(
 	'AVATAR_PARTIAL_UPLOAD'			=> 'The specified file was only partially uploaded.',
 	'AVATAR_PHP_SIZE_NA'			=> 'The avatar’s filesize is too large.<br />The maximum allowed filesize set in php.ini could not be determined.',
 	'AVATAR_PHP_SIZE_OVERRUN'		=> 'The avatar’s filesize is too large. The maximum allowed upload size is %1$d %2$s.<br />Please note this is set in php.ini and cannot be overridden.',
+	'AVATAR_REMOTE_UPLOAD_TIMEOUT'		=> 'The specified avatar could not be uploaded because the request timed out.',
 	'AVATAR_URL_INVALID'			=> 'The URL you specified is invalid.',
 	'AVATAR_URL_NOT_FOUND'			=> 'The file specified could not be found.',
-	'AVATAR_WRONG_FILESIZE'			=> 'The avatar’s filesize must be between 0 and %1d %2s.',
+	'AVATAR_WRONG_FILESIZE'			=> 'The avatar’s filesize must be between 0 and %1$d %2$s.',
 	'AVATAR_WRONG_SIZE'				=> 'The submitted avatar is %5$d pixels wide and %6$d pixels high. Avatars must be at least %1$d pixels wide and %2$d pixels high, but no larger than %3$d pixels wide and %4$d pixels high.',
 
 	'BACK_TO_TOP'			=> 'Top',
@@ -654,7 +655,7 @@ $lang = array_merge($lang, array(
 	'TOTAL_USERS_ZERO'	=> 'Total members <strong>0</strong>',
 	'TRACKED_PHP_ERROR'	=> 'Tracked PHP errors: %s',
 
-	'UNABLE_GET_IMAGE_SIZE'	=> 'It was not possible to determine the dimensions of the image.',
+	'UNABLE_GET_IMAGE_SIZE'	=> 'It was not possible to determine the dimensions of the image. Please verify that the URL you entered is correct.',
 	'UNABLE_TO_DELIVER_FILE'=> 'Unable to deliver file.',
 	'UNKNOWN_BROWSER'		=> 'Unknown browser',
 	'UNMARK_ALL'			=> 'Unmark all',

phpBB/language/en/posting.php

@@ -178,6 +178,7 @@ $lang = array_merge($lang, array(
 
 	'QUOTE_DEPTH_EXCEEDED'		=> 'You may embed only %1$d quotes within each other.',
 
+	'REMOTE_UPLOAD_TIMEOUT'		=> 'The specified file could not be uploaded because the request timed out.',
 	'SAVE'						=> 'Save',
 	'SAVE_DATE'					=> 'Saved at',
 	'SAVE_DRAFT'				=> 'Save draft',
@@ -219,7 +220,7 @@ $lang = array_merge($lang, array(
 	'VIEW_MESSAGE'				=> '%sView your submitted message%s',
 	'VIEW_PRIVATE_MESSAGE'		=> '%sView your submitted private message%s',
 
-	'WRONG_FILESIZE'			=> 'The file is too big, maximum allowed size is %1d %2s.',
+	'WRONG_FILESIZE'			=> 'The file is too big, maximum allowed size is %1$d %2$s.',
 	'WRONG_SIZE'				=> 'The image must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high. The submitted image is %5$d pixels wide and %6$d pixels high.',
 ));
 

phpBB/language/en/ucp.php

@@ -266,7 +266,7 @@ $lang = array_merge($lang, array(
 	'MOVE_DELETED_MESSAGES_TO'		=> 'Move messages from removed folder to',
 	'MOVE_DOWN'						=> 'Move down',
 	'MOVE_MARKED_TO_FOLDER'			=> 'Move marked to %s',
-	'MOVE_PM_ERROR'					=> 'An error occurred while moving the messages to the new folder, only %1d from %2d messages were moved.',
+	'MOVE_PM_ERROR'					=> 'An error occurred while moving the messages to the new folder, only %1$d from %2$d messages were moved.',
 	'MOVE_TO_FOLDER'				=> 'Move to folder',
 	'MOVE_UP'						=> 'Move up',
 

phpBB/search.php

@@ -574,9 +574,9 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 	}
 
 	// define some vars for urls
-	$hilit = implode('|', explode(' ', preg_replace('#\s+#u', ' ', str_replace(array('+', '-', '|', '(', ')', '"'), ' ', $keywords))));
-	// Do not allow *only* wildcard being used for hilight
-	$hilit = (strspn($hilit, '*') === strlen($hilit)) ? '' : $hilit;
+	// A single wildcard will make the search results look ugly
+	$hilit = phpbb_clean_search_string(str_replace(array('+', '-', '|', '(', ')', '"'), ' ', $keywords));
+	$hilit = str_replace(' ', '|', $hilit);
 
 	$u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit)));
 	$u_show_results = '&sr=' . $show_results;
@@ -840,7 +840,8 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 			$hilit_array = array_filter(explode('|', $hilit), 'strlen');
 			foreach ($hilit_array as $key => $value)
 			{
-				$hilit_array[$key] = str_replace('\*', '\w*?', preg_quote($value, '#'));
+				$hilit_array[$key] = phpbb_clean_search_string($value);
+				$hilit_array[$key] = str_replace('\*', '\w*?', preg_quote($hilit_array[$key], '#'));
 				$hilit_array[$key] = preg_replace('#(^|\s)\\\\w\*\?(\s|$)#', '$1\w+?$2', $hilit_array[$key]);
 			}
 			$hilit = implode('|', $hilit_array);

phpBB/styles/prosilver/imageset/imageset.cfg

@@ -19,7 +19,7 @@
 # General Information about this style
 name = prosilver
 copyright = © phpBB Group, 2007
-version = 3.0.12
+version = 3.0.13
 
 # Images
 img_site_logo = site_logo.gif*52*139

phpBB/styles/prosilver/style.cfg

@@ -19,4 +19,4 @@
 # General Information about this style
 name = prosilver
 copyright = © phpBB Group, 2007
-version = 3.0.12
+version = 3.0.13

phpBB/styles/prosilver/template/forumlist_body.html

@@ -47,6 +47,8 @@
 						<!-- IF forumrow.LAST_POST_TIME --><dfn>{L_LAST_POST}</dfn> {L_POST_BY_AUTHOR} {forumrow.LAST_POSTER_FULL}
 						<!-- IF not S_IS_BOT --><a href="{forumrow.U_LAST_POST}">{LAST_POST_IMG}</a> <!-- ENDIF --><br />{forumrow.LAST_POST_TIME}<!-- ELSE -->{L_NO_POSTS}<br />&nbsp;<!-- ENDIF --></span>
 					</dd>
+				<!-- ELSE -->
+					<dd>&nbsp;</dd>
 				<!-- ENDIF -->
 			</dl>
 		</li>

phpBB/styles/prosilver/template/template.cfg

@@ -19,7 +19,7 @@
 # General Information about this template
 name = prosilver
 copyright = © phpBB Group, 2007
-version = 3.0.12
+version = 3.0.13
 
 # Defining a different template bitfield
 template_bitfield = lNg=

phpBB/styles/prosilver/template/ucp_profile_profile_info.html

@@ -50,9 +50,9 @@
 		<dl>
 			<dt><label for="bday_day">{L_BIRTHDAY}:</label><br /><span>{L_BIRTHDAY_EXPLAIN}</span></dt>
 			<dd>
-				<label for="bday_day">{L_DAY}: <select name="bday_day" id="bday_day" style="width: 4em;">{S_BIRTHDAY_DAY_OPTIONS}</select></label> 
-				<label for="bday_month">{L_MONTH}: <select name="bday_month" id="bday_month" style="width: 4em;">{S_BIRTHDAY_MONTH_OPTIONS}</select></label> 
-				<label for="bday_year">{L_YEAR}: <select name="bday_year" id="bday_year" style="width: 6em;">{S_BIRTHDAY_YEAR_OPTIONS}</select></label>
+				<label for="bday_day">{L_DAY}: <select name="bday_day" id="bday_day">{S_BIRTHDAY_DAY_OPTIONS}</select></label> 
+				<label for="bday_month">{L_MONTH}: <select name="bday_month" id="bday_month">{S_BIRTHDAY_MONTH_OPTIONS}</select></label> 
+				<label for="bday_year">{L_YEAR}: <select name="bday_year" id="bday_year">{S_BIRTHDAY_YEAR_OPTIONS}</select></label>
 			</dd>
 		</dl>
 	<!-- ENDIF -->

phpBB/styles/prosilver/theme/theme.cfg

@@ -21,7 +21,7 @@
 # General Information about this theme
 name = prosilver
 copyright = © phpBB Group, 2007
-version = 3.0.12
+version = 3.0.13
 
 # Some configuration options
 

phpBB/styles/subsilver2/imageset/imageset.cfg

@@ -19,7 +19,7 @@
 # General Information about this style
 name = subsilver2
 copyright = © phpBB Group, 2003
-version = 3.0.12
+version = 3.0.13
 
 # Images
 img_site_logo = site_logo.gif*94*170

phpBB/styles/subsilver2/style.cfg

@@ -19,4 +19,4 @@
 # General Information about this style
 name = subsilver2
 copyright = © 2005 phpBB Group
-version = 3.0.12
+version = 3.0.13

phpBB/styles/subsilver2/template/template.cfg

@@ -19,7 +19,7 @@
 # General Information about this template
 name = subsilver2
 copyright = © phpBB Group, 2003
-version = 3.0.12
+version = 3.0.13
 
 # Template inheritance
 # See http://blog.phpbb.com/2008/07/31/templating-just-got-easier/

phpBB/styles/subsilver2/theme/theme.cfg

@@ -21,7 +21,7 @@
 # General Information about this theme
 name = subsilver2
 copyright = © phpBB Group, 2003
-version = 3.0.12
+version = 3.0.13
 
 # Some configuration options
 

phpBB/viewtopic.php

@@ -471,17 +471,11 @@ else
 $highlight_match = $highlight = '';
 if ($hilit_words)
 {
-	foreach (explode(' ', trim($hilit_words)) as $word)
-	{
-		if (trim($word))
-		{
-			$word = str_replace('\*', '\w+?', preg_quote($word, '#'));
-			$word = preg_replace('#(^|\s)\\\\w\*\?(\s|$)#', '$1\w+?$2', $word);
-			$highlight_match .= (($highlight_match != '') ? '|' : '') . $word;
-		}
-	}
-
-	$highlight = urlencode($hilit_words);
+	$highlight_match = phpbb_clean_search_string($hilit_words);
+	$highlight = urlencode($highlight_match);
+	$highlight_match = str_replace('\*', '\w+?', preg_quote($highlight_match, '#'));
+	$highlight_match = preg_replace('#(?<=^|\s)\\\\w\*\?(?=\s|$)#', '\w+?', $highlight_match);
+	$highlight_match = str_replace(' ', '|', $highlight_match);
 }
 
 // Make sure $start is set to the last page if it exceeds the amount

phpunit.xml.all

@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<phpunit backupGlobals="true"
-         backupStaticAttributes="true"
-         colors="true"
-         convertErrorsToExceptions="true"
-         convertNoticesToExceptions="true"
-         convertWarningsToExceptions="true"
-         processIsolation="false"
-         stopOnFailure="false"
-         syntaxCheck="false"
-         bootstrap="tests/bootstrap.php"
->
-    <testsuites>
-        <testsuite name="phpBB Test Suite">
-            <directory suffix="_test.php">./tests/</directory>
-            <exclude>./tests/functional</exclude>
-            <exclude>tests/lint_test.php</exclude>
-        </testsuite>
-        <testsuite name="phpBB Lint Test">
-            <file>tests/lint_test.php</file>
-        </testsuite>
-        <testsuite name="phpBB Functional Tests">
-            <directory suffix="_test.php" phpVersion="5.3.0" phpVersionOperator=">=">./tests/functional</directory>
-        </testsuite>
-    </testsuites>
-
-    <filter>
-        <blacklist>
-            <directory>./tests/</directory>
-        </blacklist>
-    </filter>
-</phpunit>

phpunit.xml.dist

@@ -13,28 +13,27 @@
 >
     <testsuites>
         <testsuite name="phpBB Test Suite">
-            <directory suffix="_test.php">./tests/</directory>
+            <directory suffix="_test.php">./tests</directory>
             <exclude>./tests/functional</exclude>
-            <exclude>tests/lint_test.php</exclude>
-        </testsuite>
-        <testsuite name="phpBB Lint Test">
-            <file>tests/lint_test.php</file>
+            <exclude>./tests/lint_test.php</exclude>
         </testsuite>
         <testsuite name="phpBB Functional Tests">
             <directory suffix="_test.php" phpVersion="5.3.0" phpVersionOperator=">=">./tests/functional</directory>
         </testsuite>
+        <testsuite name="phpBB Lint Test">
+            <file>./tests/lint_test.php</file>
+        </testsuite>
     </testsuites>
 
     <groups>
         <exclude>
-            <group>functional</group>
             <group>slow</group>
         </exclude>
     </groups>
 
     <filter>
-        <blacklist>
-            <directory>./tests/</directory>
-        </blacklist>
+        <whitelist>
+            <directory suffix=".php">./phpBB/includes/</directory>
+        </whitelist>
     </filter>
 </phpunit>

phpunit.xml.functional

@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<phpunit backupGlobals="true"
-         backupStaticAttributes="true"
-         colors="true"
-         convertErrorsToExceptions="true"
-         convertNoticesToExceptions="true"
-         convertWarningsToExceptions="true"
-         processIsolation="false"
-         stopOnFailure="false"
-         syntaxCheck="false"
-         bootstrap="tests/bootstrap.php"
->
-    <testsuites>
-        <testsuite name="phpBB Test Suite">
-            <directory suffix="_test.php">./tests/</directory>
-            <exclude>./tests/functional</exclude>
-            <exclude>tests/lint_test.php</exclude>
-        </testsuite>
-        <testsuite name="phpBB Lint Test">
-            <file>tests/lint_test.php</file>
-        </testsuite>
-        <testsuite name="phpBB Functional Tests">
-            <directory suffix="_test.php" phpVersion="5.3.0" phpVersionOperator=">=">./tests/functional</directory>
-        </testsuite>
-    </testsuites>
-
-    <groups>
-        <include>
-            <group>functional</group>
-        </include>
-    </groups>
-
-    <filter>
-        <blacklist>
-            <directory>./tests/</directory>
-        </blacklist>
-    </filter>
-</phpunit>

tests/RUNNING_TESTS.md

@@ -110,12 +110,16 @@ Slow tests
 --------------
 
 Certain tests, such as the UTF-8 normalizer or the DNS tests tend to be slow.
-Thus these tests are in the `slow` group, which is excluded by default. You can
-enable slow tests by copying the phpunit.xml.all file to phpunit.xml. If you
+Thus these tests are in the `slow` group, which is excluded by default. If you
 only want the slow tests, run:
 
     $ phpBB/vendor/bin/phpunit --group slow
 
+If you want all tests, run:
+
+    $ phpBB/vendor/bin/phpunit --group __nogroup__,functional,slow
+
+
 Functional tests
 -----------------
 
@@ -136,10 +140,10 @@ on which to run tests.
 
     $phpbb_functional_url = 'http://localhost/phpBB3/';
 
-To then run the tests, you run PHPUnit, but use the phpunit.xml.functional
-config file instead of the default one. Specify this through the "-c" option:
+Functional tests are automatically run, if '$phpbb_functional_url' is configured.
+If you only want the functional tests, run:
 
-    $ phpBB/vendor/bin/phpunit -c phpunit.xml.functional
+    $ phpBB/vendor/bin/phpunit --group functional
 
 This will change your board's config.php file, but it makes a backup at
 config_dev.php, so you can restore it after the test run is complete.

tests/cache/cache_memory.php

@@ -0,0 +1,62 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/acm/acm_memory.php';
+
+class phpbb_cache_memory extends acm_memory
+{
+	protected $data = array();
+
+	/**
+	* Set cache path
+	*/
+	function phpbb_cache_memory()
+	{
+	}
+
+	/**
+	* Fetch an item from the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @return mixed Cached data
+	*/
+	function _read($var)
+	{
+		return $this->data[$var];
+	}
+
+	/**
+	* Store data in the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @param mixed $data Data to store
+	* @param int $ttl Time-to-live of cached data
+	* @return bool True if the operation succeeded
+	*/
+	function _write($var, $data, $ttl = 2592000)
+	{
+		$this->data[$var] = $data;
+		return true;
+	}
+
+	/**
+	* Remove an item from the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @return bool True if the operation succeeded
+	*/
+	function _delete($var)
+	{
+		unset($this->data[$var]);
+		return true;
+	}
+}

tests/cache/cache_memory_test.php

@@ -0,0 +1,125 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/cache_memory.php';
+
+class phpbb_cache_memory_test extends phpbb_database_test_case
+{
+	protected $cache;
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/cache_memory.xml');
+	}
+
+	protected function setUp()
+	{
+		global $db;
+		parent::setUp();
+
+		$this->cache = new phpbb_cache_memory();
+		$db = $this->new_dbal();
+	}
+
+	static public function cache_single_query_data()
+	{
+		return array(
+			array(
+				array(
+					array(
+						'SELECT * FROM ' . POSTS_TABLE,
+						3,
+					),
+				),
+				POSTS_TABLE,
+			),
+			array(
+				array(
+					array(
+						'SELECT * FROM ' . POSTS_TABLE,
+						3,
+					),
+					array(
+						'SELECT * FROM ' . POSTS_TABLE . ' p
+							LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id',
+						3,
+					),
+				),
+				POSTS_TABLE,
+			),
+			array(
+				array(
+					array(
+						'SELECT * FROM ' . POSTS_TABLE,
+						3,
+					),
+					array(
+						'SELECT * FROM ' . POSTS_TABLE . ' p
+							LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id',
+						3,
+					),
+					array(
+						'SELECT * FROM ' . POSTS_TABLE . ' p
+							LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id
+							LEFT JOIN ' . USERS_TABLE . ' u ON p.poster_id = u.user_id',
+						3,
+					),
+				),
+				POSTS_TABLE,
+			),
+			array(
+				array(
+					array(
+						'SELECT * FROM ' . POSTS_TABLE . ' p
+							LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id',
+						3,
+					),
+					array(
+						'SELECT * FROM ' . POSTS_TABLE . ' p
+							LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id
+							LEFT JOIN ' . USERS_TABLE . ' u ON p.poster_id = u.user_id',
+						3,
+					),
+				),
+				TOPICS_TABLE,
+			),
+		);
+	}
+
+	/**
+	* @dataProvider cache_single_query_data
+	*/
+	public function test_cache_single_query($sql_queries, $table)
+	{
+		global $db;
+
+		foreach ($sql_queries as $query)
+		{
+			$sql_request_res = $db->sql_query($query[0]);
+
+			$this->cache->sql_save($query[0], $sql_request_res, 1);
+
+			$results = array();
+			$query_id = $this->cache->sql_load($query[0]);
+			while ($row = $this->cache->sql_fetchrow($query_id))
+			{
+				$results[] = $row;
+			}
+			$this->cache->sql_freeresult($query_id);
+			$this->assertEquals($query[1], sizeof($results));
+		}
+
+		$this->cache->destroy('sql', $table);
+
+		foreach ($sql_queries as $query)
+		{
+			$this->assertNotEquals(false, $this->cache->sql_load($query[0]));
+		}
+	}
+}

tests/cache/fixtures/cache_memory.xml

@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<dataset>
+	<table name="phpbb_topics">
+		<column>topic_id</column>
+		<column>forum_id</column>
+		<column>topic_title</column>
+		<column>topic_first_post_id</column>
+		<column>topic_last_post_id</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>Topic</value>
+			<value>2</value>
+			<value>2</value>
+		</row>
+	</table>
+	<table name="phpbb_posts">
+		<column>post_id</column>
+		<column>poster_id</column>
+		<column>topic_id</column>
+		<column>forum_id</column>
+		<column>post_text</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Post 1</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Post 2</value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>3</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Post 3</value>
+		</row>
+	</table>
+	<table name="phpbb_users">
+		<column>user_id</column>
+		<column>user_posts</column>
+		<column>username</column>
+		<column>username_clean</column>
+		<column>user_permissions</column>
+		<column>user_sig</column>
+		<column>user_occ</column>
+		<column>user_interests</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>user 1</value>
+			<value>user 1</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>1</value>
+			<value>user 2</value>
+			<value>user 2</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>1</value>
+			<value>user 3</value>
+			<value>user 3</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+</dataset>

tests/functional/private_messages_test.php

@@ -0,0 +1,65 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @group functional
+*/
+class phpbb_functional_private_messages_test extends phpbb_functional_test_case
+{
+	public function test_setup_config()
+	{
+		$this->login();
+		$this->admin_login();
+
+		$crawler = self::request('GET', "adm/index.php?sid={$this->sid}&i=board&mode=message");
+
+		$form = $crawler->selectButton('Submit')->form();
+		$values = $form->getValues();
+
+		// Set the maximum number of private messages per folder to 1
+		$values['config[pm_max_msgs]'] = 1;
+
+		$form->setValues($values);
+
+		$crawler = self::submit($form);
+		$this->assertContains($this->lang('CONFIG_UPDATED'), $crawler->filter('.successbox')->text());
+	}
+
+	public function test_inbox_full()
+	{
+		$this->login();
+		$message_id = $this->create_private_message('Test private message #1', 'This is a test private message sent by the testing framework.', array(2));
+
+		$crawler = self::request('GET', "ucp.php?i=pm&mode=view&sid{$this->sid}&p={$message_id}");
+		$this->assertContains($this->lang('UCP_PM_VIEW'), $crawler->filter('html')->text());
+
+		$message_id = $this->create_private_message('Test private message #2', 'This is a test private message sent by the testing framework.', array(2));
+
+		$crawler = self::request('GET', "ucp.php?i=pm&mode=view&sid{$this->sid}&p={$message_id}");
+		$this->assertContains($this->lang('NO_AUTH_READ_HOLD_MESSAGE'), $crawler->filter('html')->text());
+	}
+
+	public function test_restore_config()
+	{
+		$this->login();
+		$this->admin_login();
+
+		$crawler = self::request('GET', "adm/index.php?sid={$this->sid}&i=board&mode=message");
+
+		$form = $crawler->selectButton('Submit')->form();
+		$values = $form->getValues();
+
+		$values['config[pm_max_msgs]'] = 50;
+
+		$form->setValues($values);
+
+		$crawler = self::submit($form);
+		$this->assertContains($this->lang('CONFIG_UPDATED'), $crawler->filter('.successbox')->text());
+	}
+}

tests/functions_content/get_username_string_test.php

@@ -0,0 +1,125 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_content.php';
+
+class phpbb_functions_content_get_username_string_test extends phpbb_test_case
+{
+	public function setUp()
+	{
+		parent::setUp();
+
+		global $auth, $user;
+		$auth = $this->getMock('auth');
+		$auth->expects($this->any())
+			->method('acl_get')
+			->with($this->stringContains('_'), $this->anything())
+			->will($this->returnValueMap(array(
+				array('u_viewprofile', true),
+			)));
+		$user->data['user_id'] = ANONYMOUS;
+		$user->lang['GUEST'] = 'Guest';
+	}
+
+	public function get_username_string_profile_data()
+	{
+		global $phpbb_root_path, $phpEx;
+
+		return array(
+			array(ANONYMOUS, 'Anonymous', '', false, false, ''),
+			array(2, 'Administrator', 'FF0000', false, false, "{$phpbb_root_path}memberlist.$phpEx?mode=viewprofile&amp;u=2"),
+			array(42, 'User42', '', false, 'http://www.example.org/user.php?mode=show', 'http://www.example.org/user.php?mode=show&amp;u=42'),
+		);
+	}
+
+	/**
+	* @dataProvider get_username_string_profile_data
+	*/
+	public function test_get_username_string_profile($user_id, $username, $user_colour, $guest_username, $custom_profile_url, $expected)
+	{
+		$this->assertEquals($expected, get_username_string('profile', $user_id, $username, $user_colour, $guest_username, $custom_profile_url));
+	}
+
+	public function get_username_string_username_data()
+	{
+		return array(
+			array(ANONYMOUS, '', '', false, false, 'Guest'),
+			array(ANONYMOUS, '', '', 'CustomName', false, 'CustomName'),
+			array(2, 'User2', '', false, false, 'User2'),
+			array(5, 'User5', '', 'Anonymous', false, 'User5'),
+			array(128, 'User128', '', false, false, 'User128'),
+		);
+	}
+
+	/**
+	* @dataProvider get_username_string_username_data
+	*/
+	public function test_get_username_string_username($user_id, $username, $user_colour, $guest_username, $custom_profile_url, $expected)
+	{
+		$this->assertEquals($expected, get_username_string('username', $user_id, $username, $user_colour, $guest_username, $custom_profile_url));
+	}
+
+	public function get_username_string_colour_data()
+	{
+		return array(
+			array(0, '', '', false, false, ''),
+			array(0, '', 'F0F0F0', false, false, '#F0F0F0'),
+			array(ANONYMOUS, 'Anonymous', '000000', false, false, '#000000'),
+			array(2, 'Administrator', '', false, false, ''),
+		);
+	}
+
+	/**
+	* @dataProvider get_username_string_colour_data
+	*/
+	public function test_get_username_string_colour($user_id, $username, $user_colour, $guest_username, $custom_profile_url, $expected)
+	{
+		$this->assertEquals($expected, get_username_string('colour', $user_id, $username, $user_colour, $guest_username, $custom_profile_url));
+	}
+
+	public function get_username_string_full_data()
+	{
+		global $phpbb_root_path, $phpEx;
+
+		return array(
+			array(0, '', '', false, false, 'Guest'),
+			array(ANONYMOUS, 'Anonymous', '', false, false, 'Anonymous'),
+			array(2, 'Administrator', 'FF0000', false, false, '<a href="' . $phpbb_root_path . 'memberlist.' . $phpEx . '?mode=viewprofile&amp;u=2" style="color: #FF0000;" class="username-coloured">Administrator</a>'),
+			array(5, 'User5', '', false, 'http://www.example.org/user.php?mode=show', '<a href="http://www.example.org/user.php?mode=show&amp;u=5">User5</a>'),
+			array(8, 'Eight', '', false, false, '<a href="' . $phpbb_root_path . 'memberlist.php?mode=viewprofile&amp;u=8">Eight</a>'),
+		);
+	}
+
+	/**
+	* @dataProvider get_username_string_full_data
+	*/
+	public function test_get_username_string_full($user_id, $username, $user_colour, $guest_username, $custom_profile_url, $expected)
+	{
+		$this->assertEquals($expected, get_username_string('full', $user_id, $username, $user_colour, $guest_username, $custom_profile_url));
+	}
+
+	public function get_username_string_no_profile_data()
+	{
+		return array(
+			array(ANONYMOUS, 'Anonymous', '', false, false, 'Anonymous'),
+			array(ANONYMOUS, 'Anonymous', '', '', false, 'Guest'),
+			array(2, 'Administrator', 'FF0000', false, false, '<span style="color: #FF0000;" class="username-coloured">Administrator</span>'),
+			array(8, 'Eight', '', false, false, 'Eight'),
+		);
+	}
+
+	/**
+	* @dataProvider get_username_string_no_profile_data
+	*/
+	public function test_get_username_string_no_profile($user_id, $username, $user_colour, $guest_username, $custom_profile_url, $expected)
+	{
+		$this->assertEquals($expected, get_username_string('no_profile', $user_id, $username, $user_colour, $guest_username, $custom_profile_url));
+	}
+}

tests/functions_content/phpbb_clean_search_string_test.php

@@ -0,0 +1,38 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_content.php';
+
+class phpbb_functions_content_phpbb_clean_search_string_test extends phpbb_test_case
+{
+	public function phpbb_clean_search_string_data()
+	{
+		return array(
+			array('*', ''),
+			array('* *', ''),
+			array('test', 'test'),
+			array(' test ', 'test'),
+			array(' test * ', 'test'),
+			array('test* *', 'test*'),
+			array('* *test*', '*test*'),
+			array('test  test  * test', 'test test test'),
+			array(' some  wild*cards *    between wo*rds  ', 'some wild*cards between wo*rds'),
+			array(' we * now have*** multiple wild***cards * ', 'we now have* multiple wild*cards'),
+			array('pi is *** . * **** * *****', 'pi is .'),
+		);
+	}
+
+	/**
+	* @dataProvider phpbb_clean_search_string_data
+	*/
+	public function test_phpbb_clean_search_string($search_string, $expected)
+	{
+		$this->assertEquals($expected, phpbb_clean_search_string($search_string));
+	}
+}

tests/functions_user/delete_user_test.php

@@ -0,0 +1,436 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php';
+require_once dirname(__FILE__) . '/../mock/null_cache.php';
+
+class phpbb_functions_user_delete_user_test extends phpbb_database_test_case
+{
+	/** @var \dbal */
+	protected $db;
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/delete_user.xml');
+	}
+
+	protected function setUp()
+	{
+		parent::setUp();
+
+		global $cache, $config, $db;
+
+		$db = $this->db = $this->new_dbal();
+		$config = array(
+			'load_online_time'	=> 5,
+			'search_type'		=> 'fulltext_mysql',
+		);
+		$cache = new phpbb_mock_null_cache();
+	}
+
+	 public function first_last_post_data()
+	{
+		return array(
+			array(
+				'retain', false,
+				array(
+					array('post_id' => 1, 'poster_id' => ANONYMOUS, 'post_username' => ''),
+					array('post_id' => 2, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+					array('post_id' => 3, 'poster_id' => ANONYMOUS, 'post_username' => ''),
+					array('post_id' => 4, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+				),
+				array(
+					array(
+						'topic_id' => 1,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => '', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => '', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 2,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 3,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => '', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => '', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 4,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+				),
+				array(
+					array('forum_id' => 1, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 2, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 3, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 4, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+				),
+			),
+			array(
+				'remove', false,
+				array(
+					array('post_id' => 2, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+					array('post_id' => 4, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+				),
+				array(
+					array(
+						'topic_id' => 2,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 4,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+				),
+				array(
+					array('forum_id' => 1, 'forum_last_poster_id' => 0, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 2, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 3, 'forum_last_poster_id' => 0, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 4, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+				),
+			),
+			array(
+				'retain', 'Bertie',
+				array(
+					array('post_id' => 1, 'poster_id' => ANONYMOUS, 'post_username' => 'Bertie'),
+					array('post_id' => 2, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+					array('post_id' => 3, 'poster_id' => ANONYMOUS, 'post_username' => 'Bertie'),
+					array('post_id' => 4, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+				),
+				array(
+					array(
+						'topic_id' => 1,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Bertie', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Bertie', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 2,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 3,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Bertie', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Bertie', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 4,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+				),
+				array(
+					array('forum_id' => 1, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Bertie', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 2, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 3, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Bertie', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 4, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+				),
+			),
+			array(
+				'remove', 'Bertie',
+				array(
+					array('post_id' => 2, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+					array('post_id' => 4, 'poster_id' => ANONYMOUS, 'post_username' => 'Other'),
+				),
+				array(
+					array(
+						'topic_id' => 2,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+					array(
+						'topic_id' => 4,
+						'topic_poster' => ANONYMOUS, 'topic_first_poster_name' => 'Other', 'topic_first_poster_colour' => '',
+						'topic_last_poster_id' => ANONYMOUS, 'topic_last_poster_name' => 'Other', 'topic_last_poster_colour' => '',
+					),
+				),
+				array(
+					array('forum_id' => 1, 'forum_last_poster_id' => 0, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 2, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 3, 'forum_last_poster_id' => 0, 'forum_last_poster_name' => '', 'forum_last_poster_colour' => ''),
+					array('forum_id' => 4, 'forum_last_poster_id' => ANONYMOUS, 'forum_last_poster_name' => 'Other', 'forum_last_poster_colour' => ''),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider first_last_post_data
+	*/
+	public function test_first_last_post_info($mode, $post_username, $expected_posts, $expected_topics, $expected_forums)
+	{
+		$this->assertFalse(user_delete($mode, 2, $post_username));
+
+		$sql = 'SELECT post_id, poster_id, post_username
+			FROM ' . POSTS_TABLE . '
+			ORDER BY post_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_posts, $this->db->sql_fetchrowset($result), 'Post table poster info is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT topic_id, topic_poster, topic_first_poster_name, topic_first_poster_colour, topic_last_poster_id, topic_last_poster_name, topic_last_poster_colour
+			FROM ' . TOPICS_TABLE . '
+			ORDER BY topic_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_topics, $this->db->sql_fetchrowset($result), 'Topic table first/last poster info is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT forum_id, forum_last_poster_id, forum_last_poster_name, forum_last_poster_colour
+			FROM ' . FORUMS_TABLE . '
+			ORDER BY forum_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_forums, $this->db->sql_fetchrowset($result), 'Forum table last poster info is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+	}
+
+	 public function report_attachment_data()
+	{
+		return array(
+			array(
+				'retain',
+				array(
+					array('post_id' => 1, 'post_reported' => 1, 'post_edit_user' => 1),
+					array('post_id' => 2, 'post_reported' => 1, 'post_edit_user' => 1),
+					array('post_id' => 3, 'post_reported' => 0, 'post_edit_user' => 1),
+					array('post_id' => 4, 'post_reported' => 0, 'post_edit_user' => 1),
+				),
+				array(
+					array('report_id' => 1, 'post_id' => 1, 'user_id' => 1),
+					array('report_id' => 3, 'post_id' => 2, 'user_id' => 1),
+				),
+				array(
+					array('topic_id' => 1, 'topic_reported' => 1),
+					array('topic_id' => 2, 'topic_reported' => 1),
+					array('topic_id' => 3, 'topic_reported' => 0),
+					array('topic_id' => 4, 'topic_reported' => 0),
+				),
+				array(
+					array('attach_id' => 1, 'post_msg_id' => 1, 'poster_id' => 1),
+					array('attach_id' => 2, 'post_msg_id' => 2, 'poster_id' => 1),
+					array('attach_id' => 3, 'post_msg_id' => 0, 'poster_id' => 1), // TODO should be deleted: PHPBB3-13089
+				),
+			),
+			array(
+				'remove',
+				array(
+					array('post_id' => 2, 'post_reported' => 1, 'post_edit_user' => 1),
+					array('post_id' => 4, 'post_reported' => 0, 'post_edit_user' => 1),
+				),
+				array(
+					array('report_id' => 3, 'post_id' => 2, 'user_id' => 1),
+				),
+				array(
+					array('topic_id' => 2, 'topic_reported' => 1),
+					array('topic_id' => 4, 'topic_reported' => 0),
+				),
+				array(
+					array('attach_id' => 2, 'post_msg_id' => 2, 'poster_id' => 1),
+					array('attach_id' => 3, 'post_msg_id' => 0, 'poster_id' => 2), // TODO should be deleted: PHPBB3-13089
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider report_attachment_data
+	*/
+	public function test_report_attachment_info($mode, $expected_posts, $expected_reports, $expected_topics, $expected_attach)
+	{
+		$this->assertFalse(user_delete($mode, 2));
+
+		$sql = 'SELECT post_id, post_reported, post_edit_user
+			FROM ' . POSTS_TABLE . '
+			ORDER BY post_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_posts, $this->db->sql_fetchrowset($result), 'Post report status content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT report_id, post_id, user_id
+			FROM ' . REPORTS_TABLE . '
+			ORDER BY report_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_reports, $this->db->sql_fetchrowset($result), 'Report table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT topic_id, topic_reported
+			FROM ' . TOPICS_TABLE . '
+			ORDER BY topic_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_topics, $this->db->sql_fetchrowset($result), 'Topic report status is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT attach_id, post_msg_id, poster_id
+			FROM ' . ATTACHMENTS_TABLE . '
+			ORDER BY attach_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_attach, $this->db->sql_fetchrowset($result), 'Attachment table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+	}
+
+	 public function delete_data()
+	{
+		return array(
+			array(
+				'retain',
+				array(array('user_id' => 1, 'user_posts' => 4)),
+				array(array('user_id' => 1, 'zebra_id' => 3)),
+				array(array('ban_id' => 2), array('ban_id' => 3)),
+				array(array('session_id' => '12345678901234567890123456789013')),
+				array(
+					array('log_id' => 2, 'user_id' => 1, 'reportee_id' => 1),
+					array('log_id' => 3, 'user_id' => 1, 'reportee_id' => 1),
+				),
+				array(
+					array('msg_id' => 1, 'author_id' => 3, 'message_edit_user' => 3),
+					array('msg_id' => 2, 'author_id' => 1, 'message_edit_user' => 1),
+				),
+			),
+			array(
+				'remove',
+				array(array('user_id' => 1, 'user_posts' => 2)),
+				array(array('user_id' => 1, 'zebra_id' => 3)),
+				array(array('ban_id' => 2), array('ban_id' => 3)),
+				array(array('session_id' => '12345678901234567890123456789013')),
+				array(
+					array('log_id' => 2, 'user_id' => 1, 'reportee_id' => 1),
+					array('log_id' => 3, 'user_id' => 1, 'reportee_id' => 1),
+				),
+				array(
+					array('msg_id' => 1, 'author_id' => 3, 'message_edit_user' => 3),
+					array('msg_id' => 2, 'author_id' => 1, 'message_edit_user' => 1),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider delete_data
+	*/
+	public function test_delete_data($mode, $expected_users, $expected_zebra, $expected_ban, $expected_sessions, $expected_logs, $expected_pms)
+	{
+		$this->assertFalse(user_delete($mode, 2));
+
+		$sql = 'SELECT user_id, user_posts
+			FROM ' . USERS_TABLE . '
+			ORDER BY user_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_users, $this->db->sql_fetchrowset($result), 'User table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT user_id, zebra_id
+			FROM ' . ZEBRA_TABLE . '
+			ORDER BY user_id ASC, zebra_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_zebra, $this->db->sql_fetchrowset($result), 'Zebra table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT ban_id
+			FROM ' . BANLIST_TABLE . '
+			ORDER BY ban_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_ban, $this->db->sql_fetchrowset($result), 'Ban table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT session_id
+			FROM ' . SESSIONS_TABLE . '
+			ORDER BY session_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_sessions, $this->db->sql_fetchrowset($result), 'Session table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT log_id, user_id, reportee_id
+			FROM ' . LOG_TABLE . '
+			ORDER BY log_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_logs, $this->db->sql_fetchrowset($result), 'Log table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+
+		$sql = 'SELECT msg_id, author_id, message_edit_user
+			FROM ' . PRIVMSGS_TABLE . '
+			ORDER BY msg_id ASC';
+		$result = $this->db->sql_query($sql);
+		$this->assertEquals($expected_pms, $this->db->sql_fetchrowset($result), 'Private messages table content is mismatching after deleting a user.');
+		$this->db->sql_freeresult($result);
+	}
+
+	 public function delete_user_id_data()
+	{
+		return array(
+			array(
+				'retain',
+				array(
+					USER_GROUP_TABLE,
+					TOPICS_WATCH_TABLE,
+					FORUMS_WATCH_TABLE,
+					ACL_USERS_TABLE,
+					TOPICS_TRACK_TABLE,
+					TOPICS_POSTED_TABLE,
+					FORUMS_TRACK_TABLE,
+					PROFILE_FIELDS_DATA_TABLE,
+					MODERATOR_CACHE_TABLE,
+					DRAFTS_TABLE,
+					BOOKMARKS_TABLE,
+					SESSIONS_KEYS_TABLE,
+					PRIVMSGS_FOLDER_TABLE,
+					PRIVMSGS_RULES_TABLE,
+				),
+			),
+			array(
+				'remove',
+				array(
+					USER_GROUP_TABLE,
+					TOPICS_WATCH_TABLE,
+					FORUMS_WATCH_TABLE,
+					ACL_USERS_TABLE,
+					TOPICS_TRACK_TABLE,
+					TOPICS_POSTED_TABLE,
+					FORUMS_TRACK_TABLE,
+					PROFILE_FIELDS_DATA_TABLE,
+					MODERATOR_CACHE_TABLE,
+					DRAFTS_TABLE,
+					BOOKMARKS_TABLE,
+					SESSIONS_KEYS_TABLE,
+					PRIVMSGS_FOLDER_TABLE,
+					PRIVMSGS_RULES_TABLE,
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider delete_user_id_data
+	*/
+	public function test_delete_user_id_data($mode, $cleaned_tables)
+	{
+		$this->assertFalse(user_delete($mode, 2));
+
+		foreach ($cleaned_tables as $table)
+		{
+			$sql = 'SELECT user_id
+				FROM ' . $table . '
+				WHERE user_id = 2';
+			$result = $this->db->sql_query($sql);
+			$this->assertFalse($this->db->sql_fetchfield('user_id'), 'Found data for deleted user in table: ' . $table);
+			$this->db->sql_freeresult($result);
+
+			$sql = 'SELECT user_id
+				FROM ' . $table . '
+				WHERE user_id = 3';
+			$result = $this->db->sql_query($sql);
+			$this->assertEquals(3, $this->db->sql_fetchfield('user_id'), 'Missing data for user in table: ' . $table);
+			$this->db->sql_freeresult($result);
+		}
+	}
+}

tests/functions_user/fixtures/delete_user.xml

@@ -0,0 +1,531 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<dataset>
+	<table name="phpbb_attachments">
+		<column>attach_id</column>
+		<column>post_msg_id</column>
+		<column>topic_id</column>
+		<column>in_message</column>
+		<column>poster_id</column>
+		<column>is_orphan</column>
+		<column>attach_comment</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>0</value>
+			<value>2</value>
+			<value>0</value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>2</value>
+			<value>0</value>
+			<value>1</value>
+			<value>0</value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>0</value>
+			<value>0</value>
+			<value>0</value>
+			<value>2</value>
+			<value>1</value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_banlist">
+		<column>ban_id</column>
+		<column>ban_userid</column>
+		<column>ban_email</column>
+		<column>ban_reason</column>
+		<column>ban_give_reason</column>
+		<row>
+			<value>1</value>
+			<value>2</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>3</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>0</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_forums">
+		<column>forum_id</column>
+		<column>forum_last_poster_id</column>
+		<column>forum_last_poster_name</column>
+		<column>forum_last_poster_colour</column>
+		<column>forum_parents</column>
+		<column>forum_desc</column>
+		<column>forum_rules</column>
+		<row>
+			<value>1</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>4</value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_log">
+		<column>log_id</column>
+		<column>user_id</column>
+		<column>reportee_id</column>
+		<column>log_operation</column>
+		<column>log_data</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>2</value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>1</value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>1</value>
+			<value>1</value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>4</value>
+			<value>2</value>
+			<value>2</value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_posts">
+		<column>post_id</column>
+		<column>poster_id</column>
+		<column>post_edit_user</column>
+		<column>post_username</column>
+		<column>topic_id</column>
+		<column>forum_id</column>
+		<column>post_approved</column>
+		<column>post_time</column>
+		<column>post_text</column>
+		<column>post_reported</column>
+		<row>
+			<value>1</value>
+			<value>2</value>
+			<value>2</value>
+			<value></value>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value></value>
+			<value>1</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Other</value>
+			<value>2</value>
+			<value>2</value>
+			<value>1</value>
+			<value>1</value>
+			<value></value>
+			<value>1</value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>2</value>
+			<value>2</value>
+			<value></value>
+			<value>3</value>
+			<value>3</value>
+			<value>1</value>
+			<value>1</value>
+			<value></value>
+			<value>1</value>
+		</row>
+		<row>
+			<value>4</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Other</value>
+			<value>4</value>
+			<value>4</value>
+			<value>1</value>
+			<value>1</value>
+			<value></value>
+			<value>1</value>
+		</row>
+	</table>
+	<table name="phpbb_privmsgs">
+		<column>msg_id</column>
+		<column>author_id</column>
+		<column>message_edit_user</column>
+		<column>message_text</column>
+		<column>to_address</column>
+		<column>bcc_address</column>
+		<row>
+			<value>1</value>
+			<value>3</value>
+			<value>3</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>2</value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_privmsgs_to">
+		<column>msg_id</column>
+		<column>user_id</column>
+		<column>author_id</column>
+		<row>
+			<value>1</value>
+			<value>3</value>
+			<value>3</value>
+		</row>
+		<row>
+			<value>1</value>
+			<value>2</value>
+			<value>3</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>3</value>
+			<value>2</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>2</value>
+		</row>
+	</table>
+	<table name="phpbb_reports">
+		<column>report_id</column>
+		<column>post_id</column>
+		<column>user_id</column>
+		<column>report_text</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Post Removed?</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>3</value>
+			<value>2</value>
+			<value>Post Removed?</value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>2</value>
+			<value>1</value>
+			<value>Keep</value>
+		</row>
+		<row>
+			<value>4</value>
+			<value>4</value>
+			<value>2</value>
+			<value>Remove Report</value>
+		</row>
+	</table>
+	<table name="phpbb_sessions">
+		<column>session_id</column>
+		<column>session_user_id</column>
+		<column>session_page</column>
+		<row>
+			<value>12345678901234567890123456789012</value>
+			<value>2</value>
+			<value></value>
+		</row>
+		<row>
+			<value>12345678901234567890123456789013</value>
+			<value>3</value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_topics">
+		<column>topic_id</column>
+		<column>forum_id</column>
+		<column>topic_reported</column>
+		<column>topic_poster</column>
+		<column>topic_first_poster_name</column>
+		<column>topic_first_poster_colour</column>
+		<column>topic_last_poster_id</column>
+		<column>topic_last_poster_name</column>
+		<column>topic_last_poster_colour</column>
+		<row>
+			<value>1</value>
+			<value>1</value>
+			<value>1</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>2</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value>3</value>
+			<value>1</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+			<value>2</value>
+			<value></value>
+			<value>00AA00</value>
+		</row>
+		<row>
+			<value>4</value>
+			<value>4</value>
+			<value>1</value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+			<value>1</value>
+			<value>Other</value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_users">
+		<column>user_id</column>
+		<column>username_clean</column>
+		<column>user_permissions</column>
+		<column>user_sig</column>
+		<column>user_occ</column>
+		<column>user_interests</column>
+		<column>user_posts</column>
+		<row>
+			<value>1</value>
+			<value>Anonymous</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value>2</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>Foobar</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value>2</value>
+		</row>
+	</table>
+	<table name="phpbb_zebra">
+		<column>user_id</column>
+		<column>zebra_id</column>
+		<row>
+			<value>1</value>
+			<value>2</value>
+		</row>
+		<row>
+			<value>1</value>
+			<value>3</value>
+		</row>
+		<row>
+			<value>2</value>
+			<value>1</value>
+		</row>
+	</table>
+	<table name="phpbb_user_group">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_topics_watch">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_forums_watch">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_acl_users">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_topics_track">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_forums_track">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_topics_posted">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_profile_fields_data">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_moderator_cache">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_bookmarks">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_sessions_keys">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_privmsgs_folder">
+		<column>user_id</column>
+		<row>
+			<value>2</value>
+		</row>
+		<row>
+			<value>3</value>
+		</row>
+	</table>
+	<table name="phpbb_privmsgs_rules">
+		<column>user_id</column>
+		<column>rule_string</column>
+		<row>
+			<value>2</value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_drafts">
+		<column>user_id</column>
+		<column>draft_message</column>
+		<row>
+			<value>2</value>
+			<value></value>
+		</row>
+		<row>
+			<value>3</value>
+			<value></value>
+		</row>
+	</table>
+</dataset>

tests/security/trailing_path_test.php

@@ -0,0 +1,55 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2011 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/startup.php';
+
+class phpbb_security_trailing_path_test extends phpbb_test_case
+{
+	public function data_has_trailing_path()
+	{
+		return array(
+			array(false, '', '', ''),
+			array(true, '/', '', ''),
+			array(true, '/foo', '', ''),
+			array(true, '', '/foo', ''),
+			array(true, '/foo', '/foo', ''),
+			array(false, '', '', '/'),
+			array(false, '', '', '/?/x.php/'),
+			array(false, '', '', '/index.php'),
+			array(false, '', '', '/dir.phpisfunny/foo.php'),
+			array(true, '', '', '/index.php/foo.php'),
+			array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5'),
+			array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5/'),
+			array(false, '', '', '/phpBB/viewtopic.php?f=3&amp;t=5/foo'),
+			array(true, '/foo', '/foo', '/phpBB/viewtopic.php?f=3&amp;t=5/foo'),
+			array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5/'),
+			array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5'),
+			array(false, '', '', '/projects/php.bb/phpBB/viewtopic.php?f=3&amp;t=5/foo.php/'),
+			array(false, '', '', '/projects/php.bb/phpBB/index.php'),
+			array(true, '', '', '/projects/php.bb/phpBB/index.php/'),
+			array(true, '', '', '/phpBB/index.php/?foo/a'),
+			array(true, '', '', '/projects/php.bb/phpBB/index.php/?a=5'),
+			array(false, '', '', '/projects/php.bb/phpBB/index.php?/a=5'),
+		);
+	}
+
+	/**
+	 * @dataProvider data_has_trailing_path
+	 */
+	public function test_has_trailing_path($expected, $path_info, $orig_path_info, $request_uri)
+	{
+		global $phpEx;
+
+		$_SERVER['PATH_INFO'] = $path_info;
+		$_SERVER['ORIG_PATH_INFO'] = $orig_path_info;
+		$_SERVER['REQUEST_URI'] = $request_uri;
+
+		$this->assertSame($expected, phpbb_has_trailing_path($phpEx));
+	}
+}

tests/session/fixtures/sessions_empty.xml

@@ -38,4 +38,11 @@
 		<column>session_ip</column>
 		<column>session_browser</column>
 	</table>
+	<table name="phpbb_banlist">
+		<column>ban_id</column>
+		<column>ban_userid</column>
+		<column>ban_email</column>
+		<column>ban_reason</column>
+		<column>ban_give_reason</column>
+	</table>
 </dataset>

tests/test_framework/phpbb_functional_test_case.php

@@ -665,6 +665,64 @@ class phpbb_functional_test_case extends phpbb_test_case
 	{
 		$this->add_lang('posting');
 
+		$crawler = $this->submit_message($posting_url, $posting_contains, $form_data);
+
+		$this->assertContains($this->lang('POST_STORED'), $crawler->filter('html')->text());
+		$url = $crawler->selectLink($this->lang('VIEW_MESSAGE', '', ''))->link()->getUri();
+
+		return array(
+			'topic_id'	=> $this->get_parameter_from_link($url, 't'),
+			'post_id'	=> $this->get_parameter_from_link($url, 'p'),
+		);
+	}
+
+	/**
+	* Creates a private message
+	*
+	* Be sure to login before creating
+	*
+	* @param string $subject
+	* @param string $message
+	* @param array $to
+	* @param array $additional_form_data Any additional form data to be sent in the request
+	* @return int private_message_id
+	*/
+	public function create_private_message($subject, $message, $to, $additional_form_data = array())
+	{
+		$this->add_lang(array('ucp', 'posting'));
+
+		$posting_url = "ucp.php?i=pm&mode=compose&sid={$this->sid}";
+
+		$form_data = array_merge(array(
+			'subject'		=> $subject,
+			'message'		=> $message,
+			'post'			=> true,
+		), $additional_form_data);
+
+		foreach ($to as $user_id)
+		{
+			$form_data['address_list[u][' . $user_id . ']'] = 'to';
+		}
+
+		$crawler = self::submit_message($posting_url, 'POST_NEW_PM', $form_data);
+
+		$this->assertContains($this->lang('MESSAGE_STORED'), $crawler->filter('html')->text());
+		$url = $crawler->selectLink($this->lang('VIEW_PRIVATE_MESSAGE', '', ''))->link()->getUri();
+
+		return $this->get_parameter_from_link($url, 'p');
+	}
+
+	/**
+	* Helper for submitting a message (post or private message)
+	*
+	* @param string $posting_url
+	* @param string $posting_contains
+	* @param array $form_data
+	* @return \Symfony\Component\DomCrawler\Crawler the crawler object
+	*/
+	protected function submit_message($posting_url, $posting_contains, $form_data)
+	{
+
 		$crawler = self::request('GET', $posting_url);
 		$this->assertContains($this->lang($posting_contains), $crawler->filter('html')->text());
 
@@ -689,14 +747,7 @@ class phpbb_functional_test_case extends phpbb_test_case
 		// I use a request because the form submission method does not allow you to send data that is not
 		// contained in one of the actual form fields that the browser sees (i.e. it ignores "hidden" inputs)
 		// Instead, I send it as a request with the submit button "post" set to true.
-		$crawler = self::request('POST', $posting_url, $form_data);
-		$this->assertContains($this->lang('POST_STORED'), $crawler->filter('html')->text());
-		$url = $crawler->selectLink($this->lang('VIEW_MESSAGE', '', ''))->link()->getUri();
-
-		return array(
-			'topic_id'	=> $this->get_parameter_from_link($url, 't'),
-			'post_id'	=> $this->get_parameter_from_link($url, 'p'),
-		);
+		return self::request('POST', $posting_url, $form_data);
 	}
 
 	/**

travis/install-phpunit-5-2.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+#
+# @copyright (c) 2015 phpBB Group
+# @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+#
+
+# $1 - URL to .tar.gz
+download() {
+	wget -q -O - "$1" | tar xzvf - --strip-components 1
+}
+
+mkdir phpunit
+cd phpunit
+download https://github.com/sebastianbergmann/phpunit/archive/3.6.12.tar.gz
+download https://github.com/sebastianbergmann/php-file-iterator/archive/1.3.1.tar.gz
+download https://github.com/sebastianbergmann/php-code-coverage/archive/1.1.3.tar.gz
+download https://github.com/sebastianbergmann/php-token-stream/archive/1.1.3.tar.gz
+download https://github.com/sebastianbergmann/php-text-template/archive/1.1.2.tar.gz
+download https://github.com/sebastianbergmann/php-timer/archive/1.0.2.tar.gz
+download https://github.com/sebastianbergmann/phpunit-mock-objects/archive/1.1.1.tar.gz
+download https://github.com/sebastianbergmann/dbunit/archive/1.1.2.tar.gz
+cd ..

travis/phpunit-mariadb-travis.xml

@@ -13,9 +13,9 @@
          bootstrap="../tests/bootstrap.php">
 	<testsuites>
 		<testsuite name="phpBB Test Suite">
-			<directory suffix="_test.php">../tests/</directory>
-			<exclude>tests/functional</exclude>
-			<exclude>tests/lint_test.php</exclude>
+			<directory suffix="_test.php">../tests</directory>
+			<exclude>../tests/functional</exclude>
+			<exclude>../tests/lint_test.php</exclude>
 		</testsuite>
 		<testsuite name="phpBB Functional Tests">
 			<directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory>

travis/phpunit-mysql-5-2-travis.xml

@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit backupGlobals="true"
+         backupStaticAttributes="true"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false"
+         stopOnFailure="false"
+         syntaxCheck="true"
+         strict="true"
+         verbose="true"
+         bootstrap="../tests/bootstrap.php">
+	<testsuites>
+		<testsuite name="phpBB Test Suite">
+			<directory suffix="_test.php">../tests/</directory>
+			<exclude>tests/functional</exclude>
+			<exclude>tests/lint_test.php</exclude>
+		</testsuite>
+		<testsuite name="phpBB Lint Test">
+			<file>tests/lint_test.php</file>
+		</testsuite>
+		<testsuite name="phpBB Functional Tests">
+			<directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory>
+		</testsuite>
+	</testsuites>
+
+	<groups>
+		<exclude>
+			<group>slow</group>
+		</exclude>
+	</groups>
+
+	<php>
+		<server name="PHPBB_TEST_DBMS" value="mysqli" />
+		<server name="PHPBB_TEST_DBHOST" value="0.0.0.0" />
+		<server name="PHPBB_TEST_DBPORT" value="3306" />
+		<server name="PHPBB_TEST_DBNAME" value="phpbb_tests" />
+		<server name="PHPBB_TEST_DBUSER" value="root" />
+		<server name="PHPBB_TEST_DBPASSWD" value="" />
+		<server name="PHPBB_TEST_TABLE_PREFIX" value="phpbb_"/>
+		<server name="PHPBB_FUNCTIONAL_URL" value="http://localhost/" />
+	</php>
+</phpunit>

travis/phpunit-mysql-travis.xml

@@ -13,12 +13,12 @@
          bootstrap="../tests/bootstrap.php">
 	<testsuites>
 		<testsuite name="phpBB Test Suite">
-			<directory suffix="_test.php">../tests/</directory>
-			<exclude>tests/functional</exclude>
-			<exclude>tests/lint_test.php</exclude>
+			<directory suffix="_test.php">../tests</directory>
+			<exclude>../tests/functional</exclude>
+			<exclude>../tests/lint_test.php</exclude>
 		</testsuite>
 		<testsuite name="phpBB Lint Test">
-			<file>tests/lint_test.php</file>
+			<file>../tests/lint_test.php</file>
 		</testsuite>
 		<testsuite name="phpBB Functional Tests">
 			<directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory>

travis/phpunit-postgres-travis.xml

@@ -13,9 +13,9 @@
          bootstrap="../tests/bootstrap.php">
 	<testsuites>
 		<testsuite name="phpBB Test Suite">
-			<directory suffix="_test.php">../tests/</directory>
-			<exclude>tests/functional</exclude>
-			<exclude>tests/lint_test.php</exclude>
+			<directory suffix="_test.php">../tests</directory>
+			<exclude>../tests/functional</exclude>
+			<exclude>../tests/lint_test.php</exclude>
 		</testsuite>
 		<testsuite name="phpBB Functional Tests">
 			<directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory>

travis/setup-webserver.sh

@@ -1,55 +1,76 @@
 #!/bin/bash
 #
-# @copyright (c) 2013 phpBB Group
+# @copyright (c) 2014 phpBB Group
 # @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
 #
 set -e
 set -x
 
+if [ "$TRAVIS_PHP_VERSION" = 'hhvm' ]
+then
+	# Add PPA providing dependencies for recent HHVM on Ubuntu 12.04.
+	sudo add-apt-repository -y ppa:mapnik/boost
+fi
+
 sudo apt-get update
 sudo apt-get install -y nginx realpath
 
 sudo service nginx stop
 
 DIR=$(dirname "$0")
-PHPBB_ROOT_PATH=$(realpath "$DIR/../phpBB")
-
-NGINX_CONF="/etc/nginx/sites-enabled/default"
-
-PHP_FPM_BIN="$HOME/.phpenv/versions/$TRAVIS_PHP_VERSION/sbin/php-fpm"
-PHP_FPM_CONF="$DIR/php-fpm.conf"
-PHP_FPM_SOCK=$(realpath "$DIR")/php-fpm.sock
-
 USER=$(whoami)
+PHPBB_ROOT_PATH=$(realpath "$DIR/../phpBB")
+NGINX_CONF="/etc/nginx/sites-enabled/default"
+APP_SOCK=$(realpath "$DIR")/php-app.sock
 
-# php-fpm configuration
+if [ "$TRAVIS_PHP_VERSION" = 'hhvm' ]
+then
+	# Upgrade to a recent stable version of HHVM
+	sudo apt-get -o Dpkg::Options::="--force-confnew" install -y hhvm-nightly
+
+	HHVM_LOG=$(realpath "$DIR")/hhvm.log
+
+	sudo hhvm \
+		--mode daemon \
+		--user "$USER" \
+		-vServer.Type=fastcgi \
+		-vServer.FileSocket="$APP_SOCK" \
+		-vLog.File="$HHVM_LOG"
+else
+	# php-fpm
+	PHP_FPM_BIN="$HOME/.phpenv/versions/$TRAVIS_PHP_VERSION/sbin/php-fpm"
+	PHP_FPM_CONF="$DIR/php-fpm.conf"
+
+	echo "
+		[global]
+
+		[travis]
+		user = $USER
+		group = $USER
+		listen = $APP_SOCK
+		listen.mode = 0666
+		pm = static
+		pm.max_children = 2
+
+		php_admin_value[memory_limit] = 128M
+	" > $PHP_FPM_CONF
+
+	sudo $PHP_FPM_BIN \
+		--fpm-config "$DIR/php-fpm.conf"
+fi
+
+# nginx
 echo "
-[global]
+	server {
+		listen	80;
+		root	$PHPBB_ROOT_PATH/;
+		index	index.php index.html;
 
-[travis]
-user = $USER
-group = $USER
-listen = $PHP_FPM_SOCK
-pm = static
-pm.max_children = 2
-
-php_admin_value[memory_limit] = 128M
-" > $PHP_FPM_CONF
-
-# nginx configuration
-echo "
-server {
-	listen	80;
-	root	$PHPBB_ROOT_PATH/;
-	index	index.php index.html;
-
-	location ~ \.php {
-		fastcgi_pass	unix:$PHP_FPM_SOCK;
-		include			fastcgi_params;
+		location ~ \.php {
+			fastcgi_pass	unix:$APP_SOCK;
+			include			fastcgi_params;
+		}
 	}
-}
 " | sudo tee $NGINX_CONF > /dev/null
 
-# Start daemons
-sudo $PHP_FPM_BIN --fpm-config "$DIR/php-fpm.conf"
 sudo service nginx start