Merge pull request #3699 from nickvergessen/ticket/13823

[ticket/13823] Move the part of the query, so the update will get it …

.gitignore

@@ -1,9 +1,8 @@
 *~
 /phpunit.xml
-/phpBB/cache/twig/*
-/phpBB/cache/*.html
-/phpBB/cache/*.php
-/phpBB/cache/*.lock
+/phpBB/cache/*
+!/phpBB/cache/.htaccess
+!/phpBB/cache/index.html
 /phpBB/composer.phar
 /phpBB/config*.php
 /phpBB/ext/*
@@ -22,3 +21,4 @@
 /tests/phpbb_unit_tests.sqlite*
 /tests/test_config*.php
 /tests/tmp/*
+/tests/vendor

.jscsrc

@@ -0,0 +1,78 @@
+
+{
+  "excludeFiles": ["node_modules/**", "**/build/**"],
+  "requireCurlyBraces": [
+    "if", "else", "for", "while", "do", "try", "catch"
+  ],
+  "requireSpaceBeforeKeywords": [
+    "else", "while", "catch"
+  ],
+  "requireSpaceAfterKeywords": [
+    "do", "for", "if", "else", "switch", "case", "try", "catch", "while", "return", "typeof"
+  ],
+  "requireSpaceBeforeBlockStatements": true,
+  "requireParenthesesAroundIIFE": true,
+  "requireSpacesInConditionalExpression": {
+    "afterTest": true,
+    "beforeConsequent": true,
+    "afterConsequent": true,
+    "beforeAlternate": true
+  },
+  "requireSpacesInAnonymousFunctionExpression": {
+    "beforeOpeningCurlyBrace": true
+  },
+  "disallowSpacesInNamedFunctionExpression": {
+    "beforeOpeningRoundBrace": true
+  },
+  "requireSpacesInFunction": {
+    "beforeOpeningCurlyBrace": true
+  },
+  "disallowSpacesInCallExpression": true,
+  "requireBlocksOnNewline": true,
+  "requirePaddingNewlinesBeforeKeywords": ["case"],
+  "disallowEmptyBlocks": true,
+  "disallowSpacesInsideArrayBrackets": "nested",
+  "disallowSpacesInsideParentheses": true,
+  "requireSpacesInsideObjectBrackets": "all",
+  "disallowQuotedKeysInObjects": "allButReserved",
+  "disallowSpaceAfterObjectKeys": true,
+  "requireSpaceBeforeObjectValues": true,
+  "requireCommaBeforeLineBreak": true,
+  "requireOperatorBeforeLineBreak": [
+    "?", "=", "+", "-", "/", "*", "===", "!==", ">", ">=", "<", "<="
+  ],
+  "disallowSpaceAfterPrefixUnaryOperators": ["++", "--", "+", "-", "~", "!"],
+  "disallowSpaceBeforePostfixUnaryOperators": ["++", "--"],
+  "requireSpaceBeforeBinaryOperators": [
+    "=", "+", "+=", "-", "-=", "/", "/=", "*", "*=", "===", "!==", "<", "<=", ">", ">="
+  ],
+  "requireSpaceAfterBinaryOperators": [
+    "=", "+", "+=", "-", "-=", "/", "/=", "*", "*=", "===", "!==", "<", "<=", ">", ">="
+  ],
+  "disallowKeywords": ["with"],
+  "disallowMultipleLineStrings": true,
+  "disallowMixedSpacesAndTabs": "smart",
+  "disallowTrailingWhitespace": true,
+  "disallowTrailingComma": true,
+  "disallowKeywordsOnNewLine": ["else"],
+  "requireLineFeedAtFileEnd": true,
+  "maximumLineLength": {
+    "value": 120,
+    "tabSize": 4,
+    "allowUrlComments": true,
+    "allowRegex": true
+  },
+  "requireCapitalizedConstructors": true,
+  "requireDotNotation": true,
+  "disallowYodaConditions": true,
+  "requireSpaceAfterLineComment": {
+    "allExcept": ["#", "="]
+  },
+  "disallowNewlineBeforeBlockStatements": true,
+  "validateQuoteMarks": {
+    "mark": "'",
+    "escape": true
+  },
+  "validateParameterSeparator": ", ",
+  "safeContextKeyword": ["that"]
+}

.jshintrc

@@ -0,0 +1,24 @@
+
+{
+  "bitwise": true,
+  "curly": true,
+  "eqeqeq": true,
+  "es3": true,
+  "forin": false,
+  "freeze": true,
+  "newcap": true,
+  "noarg": true,
+  "noempty": true,
+  "nonbsp": true,
+  "undef": true,
+  "unused": true,
+  "strict": true,
+
+  "browser": true,
+  "devel": true,
+  "jquery": true,
+
+  "globals": {
+    "JSON": true
+  }
+}

.travis.yml

@@ -16,13 +16,18 @@ matrix:
       env: DB=postgres
     - php: 5.4
       env: DB=sqlite3
+    - php: 5.4
+      env: DB=mysqli;SLOWTESTS=1
     - php: 5.5
       env: DB=mysqli
     - php: 5.6
       env: DB=mysqli
+    - php: 7.0
+      env: DB=mysqli
     - php: hhvm
       env: DB=mysqli
   allow_failures:
+    - php: 7.0
     - php: hhvm
   fast_finish: true
 
@@ -34,12 +39,15 @@ install:
 
 before_script:
   - travis/setup-database.sh $DB $TRAVIS_PHP_VERSION
+  - phantomjs --webdriver=8910 > /dev/null &
 
 script:
   - travis/phing-sniff.sh $DB $TRAVIS_PHP_VERSION
   - travis/check-sami-parse-errors.sh $DB $TRAVIS_PHP_VERSION
   - travis/check-image-icc-profiles.sh $DB $TRAVIS_PHP_VERSION
   - travis/check-executable-files.sh $DB $TRAVIS_PHP_VERSION ./
-  - phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml
+  - sh -c "if [ '$SLOWTESTS' != '1' -a '$DB' = 'mysqli' ]; then phpBB/vendor/bin/phpunit tests/lint_test.php; fi"
+  - sh -c "if [ '$SLOWTESTS' != '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml; fi"
+  - sh -c "if [ '$SLOWTESTS' = '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml --group slow; fi"
   - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysqli' -a '$TRAVIS_PULL_REQUEST' != 'false' ]; then git-tools/commit-msg-hook-range.sh origin/$TRAVIS_BRANCH..FETCH_HEAD; fi"
 

CONTRIBUTING.md

@@ -0,0 +1,6 @@
+## CONTRIBUTE
+
+1. [Create an account on phpBB.com](http://www.phpbb.com/community/ucp.php?mode=register)
+2. [Create a ticket (unless there already is one)](http://tracker.phpbb.com/secure/CreateIssue!default.jspa)
+3. Read our [Coding guidelines](https://wiki.phpbb.com/Coding_guidelines) and [Git Contribution Guidelines](http://wiki.phpbb.com/Git); if you're new to git, also read [the introduction guide](http://wiki.phpbb.com/display/DEV/Working+with+Git)
+4. Send us a pull request

README.md

@@ -27,9 +27,9 @@ To be able to run an installation from the repo (and not from a pre-built packag
 
 We have unit and functional tests in order to prevent regressions. You can view the bamboo continuous integration [here](http://bamboo.phpbb.com) or check our travis build below:
 
-* develop [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop)](http://travis-ci.org/phpbb/phpbb)
-* develop-ascraeus [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop-ascraeus)](http://travis-ci.org/phpbb/phpbb)
-* develop-olympus [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop-olympus)](http://travis-ci.org/phpbb/phpbb)
+* [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=master)](http://travis-ci.org/phpbb/phpbb) **master** - Latest development version
+* [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=3.1.x)](http://travis-ci.org/phpbb/phpbb) **3.1.x** - Development of version 3.1.x
+* [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=3.0.x)](http://travis-ci.org/phpbb/phpbb) **3.0.x** - Development of version 3.0.x
 
 ## LICENSE
 

build/build.xml

@@ -2,9 +2,9 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.1.0" />
-	<property name="prevversion" value="3.1.0-RC6" />
-	<property name="olderversions" value="3.0.12, 3.1.0-a1, 3.1.0-a2, 3.1.0-a3, 3.1.0-b1, 3.1.0-b2, 3.1.0-b3, 3.1.0-b4, 3.1.0-RC1, 3.1.0-RC2, 3.1.0-RC3, 3.1.0-RC4, 3.1.0-RC5" />
+	<property name="newversion" value="3.1.5-RC1" />
+	<property name="prevversion" value="3.1.4" />
+	<property name="olderversions" value="3.0.12, 3.0.13, 3.0.13-PL1, 3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />
@@ -75,14 +75,14 @@
 
 	<target name="sniff">
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-strict-core.xml
 				--ignore=${project.basedir}/phpBB/phpbb/db/migration/data/v30x/*
 				phpBB/phpbb"
 			dir="." returnProperty="retval-php-strict" passthru="true" />
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-legacy-core.xml
 				--ignore=${project.basedir}/phpBB/cache/*
@@ -98,7 +98,7 @@
 				phpBB"
 			dir="." returnProperty="retval-php-legacy" passthru="true" />
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-extensions.xml
 				--ignore=${project.basedir}/phpBB/ext/*/tests/*
@@ -117,9 +117,16 @@
 		</if>
 	</target>
 
+	<!-- Builds docs for current branch into build/api/output/master -->
 	<target name="docs">
 		<exec dir="."
-			command="phpBB/vendor/bin/sami.php update build/sami.conf.php"
+			command="phpBB/vendor/bin/sami.php update build/sami-checkout.conf.php"
+			passthru="true" />
+	</target>
+	<!-- Builds docs for multiple branches/tags into build/api/output/$branch -->
+	<target name="docs-all">
+		<exec dir="."
+			command="phpBB/vendor/bin/sami.php update build/sami-all.conf.php"
 			passthru="true" />
 	</target>
 
@@ -142,7 +149,7 @@
 			<property name="dir" value="build/old_versions/release-${version}" />
 		</phingcall>
 
-		<exec dir="build/old_versions" command="LC_ALL=C diff -crNEBwd release-${version} release-${newversion} >
+		<exec dir="build/old_versions" command="LC_ALL=C diff -crNEBZbd release-${version} release-${newversion} >
 			../new_version/patches/phpBB-${version}_to_${newversion}.patch" escape="false" />
 		<exec dir="build/old_versions" command="LC_ALL=C diff -qr release-${version} release-${newversion} | grep 'Only in release-${version}' > ../new_version/patches/phpBB-${version}_to_${newversion}.deleted" escape="false" />
 	</target>
@@ -170,13 +177,13 @@
 	<target name="package" depends="clean,prepare,prepare-new-version,old-version-diffs">
 		<exec dir="build" command="php -f package.php '${versions}' > logs/package.log" escape="false" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/language new_version/phpBB3/language >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/language new_version/phpBB3/language >
 				save/phpbb-${prevversion}_to_${newversion}_language.patch" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/styles/prosilver new_version/phpBB3/styles/prosilver >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/styles/prosilver new_version/phpBB3/styles/prosilver >
 				save/phpbb-${prevversion}_to_${newversion}_prosilver.patch" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/styles/subsilver2 new_version/phpBB3/styles/subsilver2 >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/styles/subsilver2 new_version/phpBB3/styles/subsilver2 >
 				save/phpbb-${prevversion}_to_${newversion}_subsilver2.patch" />
 
 		<exec dir="build" escape="false"

build/build_helper.php

@@ -22,11 +22,11 @@ class build_package
 	// -r - compare recursive
 	// -N - Treat missing files as empty
 	// -E - Ignore tab expansions
-	//		not used: -b - Ignore space changes.
-	// -w - Ignore all whitespace
+	// -Z - Ignore white space at line end.
+	// -b - Ignore changes in the amount of white space.
 	// -B - Ignore blank lines
 	// -d - Try to find smaller set of changes
-	var $diff_options = '-crNEBwd';
+	var $diff_options = '-crNEBZbd';
 	var $diff_options_long = '-x images -crNEB'; // -x fonts -x imageset //imageset not used here, because it includes the imageset.cfg file. ;)
 
 	var $verbose = false;

build/code_sniffer/phpbb/Sniffs/Commenting/FileCommentSniff.php

@@ -60,14 +60,14 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 			return;
 		}
 		// Mark as error if this is not a doc comment
-		else if ($start === false || $tokens[$start]['code'] !== T_DOC_COMMENT)
+		else if ($start === false || $tokens[$start]['code'] !== T_DOC_COMMENT_OPEN_TAG)
 		{
 			$phpcsFile->addError('Missing required file doc comment.', $stackPtr);
 			return;
 		}
 
 		// Find comment end token
-		$end = $phpcsFile->findNext(T_DOC_COMMENT, $start + 1, null, true) - 1;
+		$end = $tokens[$start]['comment_closer'];
 
 		// If there is no end, skip processing here
 		if ($end === false)
@@ -75,38 +75,30 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 			return;
 		}
 
-		// List of found comment tags
-		$tags = array();
-
 		// check comment lines without the first(/**) an last(*/) line
-		for ($i = $start + 1, $c = $end - 1; $i <= $c; ++$i)
+		for ($token = $start + 1, $c = $end - 2; $token <= $c; ++$token)
 		{
-			$line = $tokens[$i]['content'];
-
 			// Check that each line starts with a '*'
-			if (substr($line, 0, 1) !== '*')
+			if ($tokens[$token]['column'] === 1 && (($tokens[$token]['content'] !== '*' && $tokens[$token]['content'] !== ' ') || ($tokens[$token]['content'] === ' ' && $tokens[$token + 1]['content'] !== '*')))
 			{
-				$message = 'The file doc comment should not be idented.';
-				$phpcsFile->addWarning($message, $i);
-			}
-			else if (preg_match('/^\*\s+@([\w]+)\s+(.*)$/', $line, $match) !== 0)
-			{
-				if (!isset($tags[$match[1]]))
-				{
-					$tags[$match[1]] = array();
-				}
-
-				$tags[$match[1]][] = array($match[2], $i);
+				$message = 'The file doc comment should not be indented.';
+				$phpcsFile->addWarning($message, $token);
 			}
 		}
 
 		// Check that the first and last line is empty
-		if (trim($tokens[$start + 1]['content']) !== '*')
+		// /**T_WHITESPACE
+		// (T_WHITESPACE)*T_WHITESPACE
+		// (T_WHITESPACE)* ...
+		// (T_WHITESPACE)*T_WHITESPACE
+		// T_WHITESPACE*/
+		if (!(($tokens[$start + 2]['content'] !== '*' && $tokens[$start + 4]['content'] !== '*') || ($tokens[$start + 3]['content'] !== '*' && $tokens[$start + 6]['content'] !== '*')))
 		{
 			$message = 'The first file comment line should be empty.';
 			$phpcsFile->addWarning($message, ($start + 1));
 		}
-		if (trim($tokens[$end - 1]['content']) !== '*')
+
+		if ($tokens[$end - 3]['content'] !== '*' && $tokens[$end - 6]['content'] !== '*')
 		{
 			$message = 'The last file comment line should be empty.';
 			$phpcsFile->addWarning($message, $end - 1);
@@ -114,8 +106,8 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 
 		//$this->processPackage($phpcsFile, $start, $tags);
 		//$this->processVersion($phpcsFile, $start, $tags);
-		$this->processCopyright($phpcsFile, $start, $tags);
-		$this->processLicense($phpcsFile, $start, $tags);
+		$this->processCopyright($phpcsFile, $start, $tokens[$start]['comment_tags']);
+		$this->processLicense($phpcsFile, $start, $tokens[$start]['comment_tags']);
 	}
 
 	/**
@@ -176,17 +168,24 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 	protected function processCopyright(PHP_CodeSniffer_File $phpcsFile, $ptr, $tags)
 	{
 		$copyright = '(c) phpBB Limited <https://www.phpbb.com>';
+		$tokens = $phpcsFile->getTokens();
 
-		if (!isset($tags['copyright']))
+		foreach ($tags as $tag)
 		{
-			$message = 'Missing require @copyright tag in file doc comment.';
-			$phpcsFile->addError($message, $ptr);
-		}
-		else if ($tags['copyright'][0][0] !== $copyright)
-		{
-			$message = 'Invalid content found for the first @copyright tag, use "' . $copyright . '".';
-			$phpcsFile->addError($message, $tags['copyright'][0][1]);
+			if ($tokens[$tag]['content'] === '@copyright')
+			{
+				if ($tokens[$tag + 2]['content'] !== $copyright)
+				{
+					$message = 'Invalid content found for the first @copyright tag, use "' . $copyright . '".';
+					$phpcsFile->addError($message, $tags['copyright'][0][1]);
+				}
+
+				return;
+			}
 		}
+
+		$message = 'Missing require @copyright tag in file doc comment.';
+		$phpcsFile->addError($message, $ptr);
 	}
 
 	/**
@@ -201,22 +200,33 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 	protected function processLicense(PHP_CodeSniffer_File $phpcsFile, $ptr, $tags)
 	{
 		$license = 'GNU General Public License, version 2 (GPL-2.0)';
+		$tokens = $phpcsFile->getTokens();
 
-		if (!isset($tags['license']))
+		$found = false;
+		foreach ($tags as $tag)
+		{
+			if ($tokens[$tag]['content'] === '@license')
+			{
+				if ($found)
+				{
+					$message = 'It must be only one @license tag in file doc comment.';
+					$phpcsFile->addError($message, $ptr);
+				}
+
+				$found = true;
+
+				if ($tokens[$tag + 2]['content'] !== $license)
+				{
+					$message = 'Invalid content found for @license tag, use "' . $license . '".';
+					$phpcsFile->addError($message, $tags['license'][0][1]);
+				}
+			}
+		}
+
+		if (!$found)
 		{
 			$message = 'Missing require @license tag in file doc comment.';
 			$phpcsFile->addError($message, $ptr);
 		}
-		else if (sizeof($tags['license']) !== 1)
-		{
-			$message = 'It must be only one @license tag in file doc comment.';
-			$phpcsFile->addError($message, $ptr);
-		}
-		else if (trim($tags['license'][0][0]) !== $license)
-		{
-			$message = 'Invalid content found for @license tag, use '
-				. '"' . $license . '".';
-			$phpcsFile->addError($message, $tags['license'][0][1]);
-		}
 	}
 }

build/code_sniffer/phpbb/Sniffs/ControlStructures/OpeningBraceBsdAllmanSniff.php

@@ -0,0 +1,143 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+ * Checks that the opening brace of a control structures is on the line after.
+ * From Generic_Sniffs_Functions_OpeningFunctionBraceBsdAllmanSniff
+ */
+class phpbb_Sniffs_ControlStructures_OpeningBraceBsdAllmanSniff implements PHP_CodeSniffer_Sniff
+{
+	/**
+	 * Registers the tokens that this sniff wants to listen for.
+	 */
+	public function register()
+	{
+		return array(
+			T_IF,
+			T_ELSE,
+			T_FOREACH,
+			T_WHILE,
+			T_DO,
+			T_FOR,
+			T_SWITCH,
+		);
+	}
+
+	/**
+	 * Processes this test, when one of its tokens is encountered.
+	 *
+	 * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
+	 * @param int                  $stackPtr  The position of the current token in the
+	 *                                        stack passed in $tokens.
+	 *
+	 * @return void
+	 */
+	public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
+	{
+		$tokens = $phpcsFile->getTokens();
+
+		if (isset($tokens[$stackPtr]['scope_opener']) === false)
+		{
+			return;
+		}
+
+		/*
+		 * ...
+		 * }
+		 * else if ()
+		 * {
+		 * ...
+		 */
+		if ($tokens[$stackPtr]['code'] === T_ELSE && $tokens[$stackPtr + 2]['code'] === T_IF)
+		{
+			return;
+		}
+
+		$openingBrace = $tokens[$stackPtr]['scope_opener'];
+
+		/*
+		 * ...
+		 * do
+		 * {
+		 *     <code>
+		 * } while();
+		 * ...
+		 * }
+		 * else
+		 * {
+		 * ...
+		 */
+		if ($tokens[$stackPtr]['code'] === T_DO ||$tokens[$stackPtr]['code'] === T_ELSE)
+		{
+			$cs_line = $tokens[$stackPtr]['line'];
+		}
+		else
+		{
+			// The end of the function occurs at the end of the argument list. Its
+			// like this because some people like to break long function declarations
+			// over multiple lines.
+			$cs_line = $tokens[$tokens[$stackPtr]['parenthesis_closer']]['line'];
+		}
+
+		$braceLine    = $tokens[$openingBrace]['line'];
+
+		$lineDifference = ($braceLine - $cs_line);
+
+		if ($lineDifference === 0)
+		{
+			$error = 'Opening brace should be on a new line';
+			$phpcsFile->addError($error, $openingBrace, 'BraceOnSameLine');
+			return;
+		}
+
+		if ($lineDifference > 1)
+		{
+			$error = 'Opening brace should be on the line after the declaration; found %s blank line(s)';
+			$data  = array(($lineDifference - 1));
+			$phpcsFile->addError($error, $openingBrace, 'BraceSpacing', $data);
+			return;
+		}
+
+		// We need to actually find the first piece of content on this line,
+		// as if this is a method with tokens before it (public, static etc)
+		// or an if with an else before it, then we need to start the scope
+		// checking from there, rather than the current token.
+		$lineStart = $stackPtr;
+		while (($lineStart = $phpcsFile->findPrevious(array(T_WHITESPACE), ($lineStart - 1), null, false)) !== false)
+		{
+			if (strpos($tokens[$lineStart]['content'], $phpcsFile->eolChar) !== false)
+			{
+				break;
+			}
+		}
+
+		// We found a new line, now go forward and find the first non-whitespace
+		// token.
+		$lineStart = $phpcsFile->findNext(array(T_WHITESPACE), $lineStart, null, true);
+
+		// The opening brace is on the correct line, now it needs to be
+		// checked to be correctly indented.
+		$startColumn = $tokens[$lineStart]['column'];
+		$braceIndent = $tokens[$openingBrace]['column'];
+
+		if ($braceIndent !== $startColumn)
+		{
+			$error = 'Opening brace indented incorrectly; expected %s spaces, found %s';
+			$data  = array(
+				($startColumn - 1),
+				($braceIndent - 1),
+			);
+			$phpcsFile->addError($error, $openingBrace, 'BraceIndent', $data);
+		}
+	}
+}

build/code_sniffer/phpbb/Sniffs/Namespaces/UnusedUseSniff.php

@@ -24,6 +24,23 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 		return array(T_USE);
 	}
 
+	protected function check($phpcsFile, $found_name, $full_name, $short_name, $line)
+	{
+
+		if ($found_name === $full_name)
+		{
+			$error = 'Either use statement or full name must be used.';
+			$phpcsFile->addError($error, $line, 'FullName');
+		}
+
+		if ($found_name === $short_name)
+		{
+			return true;
+		}
+
+		return false;
+	}
+
 	/**
 	* {@inheritdoc}
 	*/
@@ -74,16 +91,7 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 
 				$simple_class_name = trim($phpcsFile->getTokensAsString($simple_class_name_start, ($simple_class_name_end - $simple_class_name_start)));
 
-				if ($simple_class_name === $class_name_full)
-				{
-					$error = 'Either use statement or full name must be used.';
-					$phpcsFile->addError($error, $simple_statement, 'FullName');
-				}
-
-				if ($simple_class_name === $class_name_short)
-				{
-					$ok = true;
-				}
+				$ok = $this->check($phpcsFile, $simple_class_name, $class_name_full, $class_name_short, $simple_statement) ? true : $ok;
 			}
 		}
 
@@ -98,16 +106,7 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 
 			$paamayim_nekudotayim_class_name = trim($phpcsFile->getTokensAsString($paamayim_nekudotayim_class_name_start + 1, ($paamayim_nekudotayim_class_name_end - $paamayim_nekudotayim_class_name_start)));
 
-			if ($paamayim_nekudotayim_class_name === $class_name_full)
-			{
-				$error = 'Either use statement or full name must be used.';
-				$phpcsFile->addError($error, $paamayim_nekudotayim, 'FullName');
-			}
-
-			if ($paamayim_nekudotayim_class_name === $class_name_short)
-			{
-				$ok = true;
-			}
+			$ok = $this->check($phpcsFile, $paamayim_nekudotayim_class_name, $class_name_full, $class_name_short, $paamayim_nekudotayim) ? true : $ok;
 		}
 
 		// Checks in implements
@@ -126,16 +125,7 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 
 				$implements_class_name = trim($phpcsFile->getTokensAsString($implements_class_name_start, ($implements_class_name_end - $implements_class_name_start)));
 
-				if ($implements_class_name === $class_name_full)
-				{
-					$error = 'Either use statement or full name must be used.';
-					$phpcsFile->addError($error, $implements, 'FullName');
-				}
-
-				if ($implements_class_name === $class_name_short)
-				{
-					$ok = true;
-				}
+				$ok = $this->check($phpcsFile, $implements_class_name, $class_name_full, $class_name_short, $implements) ? true : $ok;
 			}
 		}
 
@@ -145,34 +135,67 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 		{
 			$old_function_declaration = $function_declaration;
 
-			$end_function = $phpcsFile->findNext(array(T_CLOSE_PARENTHESIS), ($function_declaration + 1));
-			$old_argument = $function_declaration;
-			while (($argument = $phpcsFile->findNext(T_VARIABLE, ($old_argument + 1), $end_function)) !== false)
+			// Check docblocks
+			$find = array(
+				T_COMMENT,
+				T_DOC_COMMENT_CLOSE_TAG,
+				T_DOC_COMMENT,
+				T_CLASS,
+				T_FUNCTION,
+				T_OPEN_TAG,
+			);
+
+			$comment_end = $phpcsFile->findPrevious($find, ($function_declaration - 1));
+			if ($comment_end !== false)
 			{
-				$old_argument = $argument;
-
-				$start_argument = $phpcsFile->findPrevious(array(T_OPEN_PARENTHESIS, T_COMMA), $argument);
-				$argument_class_name_start = $phpcsFile->findNext(array(T_NS_SEPARATOR, T_STRING), ($start_argument + 1), $argument);
-
-				// Skip the parameter if no type is defined.
-				if ($argument_class_name_start !== false)
+				if ($tokens[$comment_end]['code'] === T_DOC_COMMENT_CLOSE_TAG)
 				{
-					$argument_class_name_end = $phpcsFile->findNext($find, ($argument_class_name_start + 1), null, true);
+					$comment_start = $tokens[$comment_end]['comment_opener'];
+					foreach ($tokens[$comment_start]['comment_tags'] as $tag) {
+						if ($tokens[$tag]['content'] !== '@param' && $tokens[$tag]['content'] !== '@return' && $tokens[$tag]['content'] !== '@throws') {
+							continue;
+						}
 
-					$argument_class_name = $phpcsFile->getTokensAsString($argument_class_name_start, ($argument_class_name_end - $argument_class_name_start - 1));
+						$classes = $tokens[($tag + 2)]['content'];
+						$space = strpos($classes, ' ');
+						if ($space !== false) {
+							$classes = substr($classes, 0, $space);
+						}
 
-					if ($argument_class_name === $class_name_full)
-					{
-						$error = 'Either use statement or full name must be used.';
-						$phpcsFile->addError($error, $function_declaration, 'FullName');
-					}
+						$tab = strpos($classes, "\t");
+						if ($tab !== false) {
+							$classes = substr($classes, 0, $tab);
+						}
 
-					if ($argument_class_name === $class_name_short)
-					{
-						$ok = true;
+						$classes = explode('|', str_replace('[]', '', $classes));
+						foreach ($classes as $class)
+						{
+							$ok = $this->check($phpcsFile, $class, $class_name_full, $class_name_short, $tokens[$tag + 2]['line']) ? true : $ok;
+						}
 					}
 				}
 			}
+
+			// Check type hint
+			$params = $phpcsFile->getMethodParameters($function_declaration);
+			foreach ($params as $param)
+			{
+				$ok = $this->check($phpcsFile, $param['type_hint'], $class_name_full, $class_name_short, $function_declaration) ? true : $ok;
+			}
+		}
+
+		// Checks in catch blocks
+		$old_catch = $stackPtr;
+		while (($catch = $phpcsFile->findNext(T_CATCH, ($old_catch + 1))) !== false)
+		{
+			$old_catch = $catch;
+
+			$caught_class_name_start = $phpcsFile->findNext(array(T_NS_SEPARATOR, T_STRING), $catch + 1);
+			$caught_class_name_end = $phpcsFile->findNext($find, $caught_class_name_start + 1, null, true);
+
+			$caught_class_name = trim($phpcsFile->getTokensAsString($caught_class_name_start, ($caught_class_name_end - $caught_class_name_start)));
+
+			$ok = $this->check($phpcsFile, $caught_class_name, $class_name_full, $class_name_short, $catch) ? true : $ok;
 		}
 
 		if (!$ok)

build/code_sniffer/ruleset-minimum.xml

@@ -12,4 +12,7 @@
  <!-- Tabs MUST be used for indentation -->
  <rule ref="Generic.WhiteSpace.DisallowSpaceIndent" />
 
+ <!-- ALL braces MUST be on their own lines. -->
+ <rule ref="./phpbb/Sniffs/ControlStructures/OpeningBraceBsdAllmanSniff.php" />
+
 </ruleset>

build/package.php

@@ -394,6 +394,7 @@ if (sizeof($package->old_packages))
 		$package->run_command('mkdir ' . $package->get('files_directory') . '/release');
 		$package->run_command('cp -Rp ' . $package->get('dest_dir') . '/docs ' . $package->get('files_directory') . '/release');
 		$package->run_command('cp -Rp ' . $package->get('dest_dir') . '/install ' . $package->get('files_directory') . '/release');
+		$package->run_command('cp -Rp ' . $package->get('dest_dir') . '/vendor ' . $package->get('files_directory') . '/release');
 
 		$package->run_command('rm -v ' . $package->get('files_directory') . '/release/install/install_install.php');
 		$package->run_command('rm -v ' . $package->get('files_directory') . '/release/install/install_update.php');

build/sami-all.conf.php

@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+require __DIR__ . '/sami-checkout.conf.php';
+
+$config['versions'] = Sami\Version\GitVersionCollection::create(__DIR__ . '/../')
+	/*
+	This would be nice, but currently causes various problems that need
+	debugging.
+	->addFromTags('release-3.0.*')
+	->add('3.0.x', '3.0-next (olympus)')
+	->addFromTags('release-3.1.*')
+	->add('3.1.x', '3.1-next (ascraeus)')
+	->add('master')
+	*/
+	->add('3.0.x')
+	->add('3.1.x')
+	->add('master')
+;
+
+return new Sami\Sami($iterator, $config);

build/sami-checkout.conf.php

@@ -31,23 +31,8 @@ $iterator = Symfony\Component\Finder\Finder::create()
 	->notPath('data')
 ;
 
-$versions = Sami\Version\GitVersionCollection::create(__DIR__ . '/../')
-	/*
-	This would be nice, but currently causes various problems that need
-	debugging.
-	->addFromTags('release-3.0.*')
-	->add('develop-olympus', '3.0-next (olympus)')
-	->addFromTags('release-3.1.*')
-	->add('develop-ascraeus', '3.1-next (ascraeus)')
-	->add('develop')
-	*/
-	->add('develop-olympus')
-	->add('develop-ascraeus')
-;
-
 $config = array(
 	'theme'                => 'enhanced',
-	'versions'             => $versions,
 	'title'                => 'phpBB API Documentation',
 	'build_dir'            => __DIR__.'/api/output/%version%',
 	'cache_dir'            => __DIR__.'/api/cache/%version%',

phpBB/adm/style/acp_email.html

@@ -47,6 +47,8 @@
 	<dd><input id="send" type="checkbox" class="radio" name="send_immediately" checked="checked" /></dd>
 </dl>
 
+<!-- EVENT acp_email_options_after -->
+
 <p class="submit-buttons">
 	<input class="button1" type="submit" id="submit" name="submit" value="{L_SEND_EMAIL}" />&nbsp;
 	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />

phpBB/adm/style/acp_forums.html

@@ -111,6 +111,7 @@
 
 	<fieldset>
 		<legend>{L_FORUM_SETTINGS}</legend>
+	<!-- EVENT acp_forums_main_settings_prepend -->
 	<dl>
 		<dt><label for="forum_type">{L_FORUM_TYPE}{L_COLON}</label></dt>
 		<dd><select id="forum_type" name="forum_type" onchange="display_options(this.options[this.selectedIndex].value);">{S_FORUM_TYPE_OPTIONS}</select></dd>
@@ -182,6 +183,7 @@
 		<dt><label for="forum_style">{L_FORUM_STYLE}{L_COLON}</label></dt>
 		<dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd>
 	</dl>
+	<!-- EVENT acp_forums_main_settings_append -->
 	</fieldset>
 
 	<div id="forum_cat_options">
@@ -198,6 +200,7 @@
 	<div id="forum_post_options">
 		<fieldset>
 			<legend>{L_GENERAL_FORUM_SETTINGS}</legend>
+		<!-- EVENT acp_forums_normal_settings_prepend -->
 		<dl>
 			<dt><label for="forum_status">{L_FORUM_STATUS}{L_COLON}</label></dt>
 			<dd><select id="forum_status" name="forum_status">{S_STATUS_OPTIONS}</select></dd>
@@ -246,6 +249,7 @@
 
 		<fieldset>
 			<legend>{L_FORUM_PRUNE_SETTINGS}</legend>
+		<!-- EVENT acp_forums_prune_settings_prepend -->
 		<dl>
 			<dt><label for="enable_prune">{L_FORUM_AUTO_PRUNE}{L_COLON}</label><br /><span>{L_FORUM_AUTO_PRUNE_EXPLAIN}</span></dt>
 			<dd><label><input type="radio" class="radio" name="enable_prune" value="1"<!-- IF S_PRUNE_ENABLE --> id="enable_prune" checked="checked"<!-- ENDIF --> /> {L_YES}</label>
@@ -291,6 +295,7 @@
 			<dt><label for="prune_shadow_days">{L_AUTO_PRUNE_SHADOW_DAYS}{L_COLON}</label><br /><span>{L_AUTO_PRUNE_SHADOW_DAYS_EXPLAIN}</span></dt>
 			<dd><input type="number" id="prune_shadow_days" name="prune_shadow_days" value="{PRUNE_SHADOW_DAYS}" maxlength="4" size="4" min="0" max="9999" /> {L_DAYS}</dd>
 		</dl>
+		<!-- EVENT acp_forums_prune_settings_append -->
 		</fieldset>
 	</div>
 
@@ -317,6 +322,7 @@
 	<div id="forum_rules_options">
 		<fieldset>
 			<legend>{L_FORUM_RULES}</legend>
+		<!-- EVENT acp_forums_rules_settings_prepend -->
 		<dl>
 			<dt><label for="forum_rules_link">{L_FORUM_RULES_LINK}{L_COLON}</label><br /><span>{L_FORUM_RULES_LINK_EXPLAIN}</span></dt>
 			<dd><input class="text medium" type="text" id="forum_rules_link" name="forum_rules_link" value="{FORUM_RULES_LINK}" maxlength="255" /></dd>
@@ -334,6 +340,7 @@
 				<label><input type="checkbox" class="radio" name="rules_parse_smilies"<!-- IF S_SMILIES_CHECKED --> checked="checked"<!-- ENDIF --> /> {L_PARSE_SMILIES}</label>
 				<label><input type="checkbox" class="radio" name="rules_parse_urls"<!-- IF S_URLS_CHECKED --> checked="checked"<!-- ENDIF --> /> {L_PARSE_URLS}</label></dd>
 		</dl>
+		<!-- EVENT acp_forums_rules_settings_append -->
 		</fieldset>
 	</div>
 

phpBB/adm/style/acp_icons.html

@@ -7,7 +7,7 @@
 	<script type="text/javascript" defer="defer">
 	// <![CDATA[
 	<!-- IF S_ADD_CODE -->
-	
+
 			var smiley = Array();
 			<!-- BEGIN smile -->
 				smiley['{smile.SMILEY_URL}'] = Array();
@@ -37,10 +37,10 @@
 					}
 				}
 			}
-		
+
 	<!-- ENDIF -->
 
-	
+
 	function toggle_select(icon, display, select)
 	{
 		var disp = document.getElementById('order_disp_' + select);
@@ -101,7 +101,7 @@
 	<tbody>
 	<!-- BEGIN items -->
 		<tr>
-	
+
 		<td style="text-align: center;"><img src="{items.IMG_SRC}" alt="" title="" /><input type="hidden" name="image[{items.IMG}]" value="1" /></td>
 		<td style="vertical-align: top;">[{items.IMG}]</td>
 		<!-- IF S_SMILIES -->
@@ -121,7 +121,7 @@
 				<optgroup id="order_disp_{items.S_ROW_COUNT}" label="{L_DISPLAY_POSTING}" <!-- IF not items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_DISPLAY}</optgroup>
 				<optgroup id="order_no_disp_{items.S_ROW_COUNT}" label="{L_DISPLAY_POSTING_NO}" <!-- IF  items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_UNDISPLAY}</optgroup>
 			</select></td>
-		<!-- ENDIF -->	
+		<!-- ENDIF -->
 		<!-- IF S_ADD -->
 			<td><input type="checkbox" class="radio" name="add_img[{items.IMG}]" value="1" /></td>
 		<!-- ENDIF -->
@@ -147,6 +147,8 @@
 	</tr>
 	<!-- ENDIF -->
 	<!-- ELSE -->
+	</thead>
+	<tbody>
 	<tr class="row3">
 		<td colspan="{COLSPAN}">{L_NO_ICONS}</td>
 	</tr>
@@ -174,7 +176,7 @@
 
 	<fieldset>
 		<legend>{L_IMPORT}</legend>
-	
+
 	<!-- IF not S_PAK_OPTIONS -->
 		<p>{L_NO_PAK_OPTIONS}</p>
 
@@ -259,7 +261,7 @@
 	</table>
 	<div class="pagination">
 	<!-- IF .pagination -->
-		<!-- INCLUDE pagination.html -->	
+		<!-- INCLUDE pagination.html -->
 	<!-- ENDIF -->
 	</div>
 	<p class="quick">

phpBB/adm/style/acp_jabber.html

@@ -39,7 +39,7 @@
 </dl>
 <dl>
 	<dt><label for="jab_password">{L_JAB_PASSWORD}{L_COLON}</label><br /><span>{L_JAB_PASSWORD_EXPLAIN}</span></dt>
-	<dd><input type="password" id="jab_password" name="jab_password" value="{JAB_PASSWORD}" /></dd>
+	<dd><input type="password" id="jab_password" name="jab_password" value="{JAB_PASSWORD}" autocomplete="off" /></dd>
 </dl>
 <!-- IF S_CAN_USE_SSL -->
 <dl>

phpBB/adm/style/acp_users_profile.html

@@ -2,6 +2,7 @@
 
 	<fieldset>
 		<legend>{L_USER_PROFILE}</legend>
+	<!-- EVENT acp_users_profile_before -->
 	<dl>
 		<dt><label for="jabber">{L_UCP_JABBER}{L_COLON}</label></dt>
 		<dd><input type="email" id="jabber" name="jabber" value="{JABBER}" /></dd>
@@ -10,6 +11,7 @@
 		<dt><label for="birthday">{L_BIRTHDAY}{L_COLON}</label><br /><span>{L_BIRTHDAY_EXPLAIN}</span></dt>
 		<dd>{L_DAY}{L_COLON} <select id="birthday" name="bday_day">{S_BIRTHDAY_DAY_OPTIONS}</select> {L_MONTH}{L_COLON} <select name="bday_month">{S_BIRTHDAY_MONTH_OPTIONS}</select> {L_YEAR}{L_COLON} <select name="bday_year">{S_BIRTHDAY_YEAR_OPTIONS}</select></dd>
 	</dl>
+	<!-- EVENT acp_users_profile_after -->
 	</fieldset>
 
 	<!-- IF .profile_fields -->
@@ -26,7 +28,7 @@
 		<!-- END profile_fields -->
 		</fieldset>
 	<!-- ENDIF -->
-
+	<!-- EVENT acp_users_profile_custom_after -->
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 		{S_FORM_TOKEN}

phpBB/adm/style/install_header.html

@@ -2,7 +2,7 @@
 <html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
 <head>
 <meta charset="utf-8">
-<meta name="viewport" content="width=device-width" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
 <!-- IF META -->{META}<!-- ENDIF -->
 <title>{PAGE_TITLE}</title>
 

phpBB/adm/style/install_update_diff.html

@@ -2,7 +2,7 @@
 <html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
 <head>
 <meta charset="utf-8">
-<meta name="viewport" content="width=device-width" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
 <!-- IF META -->{META}<!-- ENDIF -->
 <title>{PAGE_TITLE}</title>
 

phpBB/adm/style/overall_header.html

@@ -2,7 +2,7 @@
 <html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
 <head>
 <meta charset="utf-8">
-<meta name="viewport" content="width=device-width" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
 <!-- IF META -->{META}<!-- ENDIF -->
 <title>{PAGE_TITLE}</title>
 

phpBB/adm/style/simple_header.html

@@ -2,6 +2,7 @@
 <html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
 <head>
 <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1" />
 <!-- IF META -->{META}<!-- ENDIF -->
 <title>{PAGE_TITLE}</title>
 

phpBB/assets/javascript/core.js

@@ -1,3 +1,5 @@
+/* global bbfontstyle */
+
 var phpbb = {};
 phpbb.alertTime = 100;
 
@@ -13,7 +15,7 @@ var keymap = {
 };
 
 var $dark = $('#darkenwrapper');
-var $loadingIndicator = $('#loading_indicator');
+var $loadingIndicator;
 var phpbbAlertTimer = null;
 
 phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
@@ -21,9 +23,14 @@ phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
 /**
  * Display a loading screen
  *
- * @returns object Returns loadingIndicator.
+ * @returns {object} Returns loadingIndicator.
  */
 phpbb.loadingIndicator = function() {
+	if (!$loadingIndicator) {
+		$loadingIndicator = $('<div />', { id: 'loading_indicator' });
+		$loadingIndicator.appendTo('#page-footer');
+	}
+
 	if (!$loadingIndicator.is(':visible')) {
 		$loadingIndicator.fadeIn(phpbb.alertTime);
 		// Wait fifteen seconds and display an error if nothing has been returned by then.
@@ -54,7 +61,7 @@ phpbb.clearLoadingTimeout = function() {
 /**
 * Close popup alert after a specified delay
 *
-* @param int Delay in ms until darkenwrapper's click event is triggered
+* @param {int} delay Delay in ms until darkenwrapper's click event is triggered
 */
 phpbb.closeDarkenWrapper = function(delay) {
 	phpbbAlertTimer = setTimeout(function() {
@@ -67,14 +74,12 @@ phpbb.closeDarkenWrapper = function(delay) {
  *
  * You can only call one alert or confirm box at any one time.
  *
- * @param string title Title of the message, eg "Information" (HTML).
- * @param string msg Message to display (HTML).
- * @param bool fadedark Remove the dark background when done? Defaults
- *     to yes.
+ * @param {string} title Title of the message, eg "Information" (HTML).
+ * @param {string} msg Message to display (HTML).
  *
- * @returns object Returns the div created.
+ * @returns {object} Returns the div created.
  */
-phpbb.alert = function(title, msg, fadedark) {
+phpbb.alert = function(title, msg) {
 	var $alert = $('#phpbb_alert');
 	$alert.find('.alert_title').html(title);
 	$alert.find('.alert_text').html(msg);
@@ -94,7 +99,7 @@ phpbb.alert = function(title, msg, fadedark) {
 /**
 * Handler for opening an alert box.
 *
-* @param jQuery $alert			jQuery object.
+* @param {jQuery} $alert jQuery object.
 */
 phpbb.alert.open = function($alert) {
 	if (!$dark.is(':visible')) {
@@ -134,8 +139,8 @@ phpbb.alert.open = function($alert) {
 /**
 * Handler for closing an alert box.
 *
-* @param jQuery $alert			jQuery object.
-* @param bool fadedark			Whether to remove dark background.
+* @param {jQuery} $alert jQuery object.
+* @param {bool} fadedark Whether to remove dark background.
 */
 phpbb.alert.close = function($alert, fadedark) {
 	var $fade = (fadedark) ? $dark : $alert;
@@ -153,13 +158,13 @@ phpbb.alert.close = function($alert, fadedark) {
  *
  * You can only call one alert or confirm box at any one time.
  *
- * @param string msg Message to display (HTML).
- * @param function callback Callback. Bool param, whether the user pressed
+ * @param {string} msg Message to display (HTML).
+ * @param {function} callback Callback. Bool param, whether the user pressed
  *     yes or no (or whatever their language is).
- * @param bool fadedark Remove the dark background when done? Defaults
+ * @param {bool} fadedark Remove the dark background when done? Defaults
  *     to yes.
  *
- * @returns object Returns the div created.
+ * @returns {object} Returns the div created.
  */
 phpbb.confirm = function(msg, callback, fadedark) {
 	var $confirmDiv = $('#phpbb_confirm');
@@ -197,8 +202,8 @@ phpbb.confirm = function(msg, callback, fadedark) {
 /**
  * Turn a querystring into an array.
  *
- * @argument string string The querystring to parse.
- * @returns object The object created.
+ * @argument {string} string The querystring to parse.
+ * @returns {object} The object created.
  */
 phpbb.parseQuerystring = function(string) {
 	var params = {}, i, split;
@@ -223,12 +228,7 @@ phpbb.parseQuerystring = function(string) {
  * For more info, view the following page on the phpBB wiki:
  * http://wiki.phpbb.com/JavaScript_Function.phpbb.ajaxify
  *
- * @param object options Options.
- * @param bool/function refresh If we are sent back a refresh, should it be
- *     acted upon? This can either be true / false / a function.
- * @param function callback Callback to call on completion of event. Has
- *     three parameters: the element that the event was evoked from, the JSON
- *     that was returned and (if it is a form) the form action.
+ * @param {object} options Options.
  */
 phpbb.ajaxify = function(options) {
 	var $elements = $(options.selector),
@@ -262,11 +262,16 @@ phpbb.ajaxify = function(options) {
 				console.log('AJAX error. status: ' + textStatus + ', message: ' + errorThrown);
 			}
 			phpbb.clearLoadingTimeout();
-			var errorText = false;
-			if (typeof errorThrown === 'string' && errorThrown.length > 0) {
+			var responseText, errorText = false;
+			try {
+				responseText = JSON.parse(jqXHR.responseText);
+				responseText = responseText.message;
+			} catch (e) {}
+			if (typeof responseText === 'string' && responseText.length > 0) {
+				errorText = responseText;
+			} else if (typeof errorThrown === 'string' && errorThrown.length > 0) {
 				errorText = errorThrown;
-			}
-			else {
+			} else {
 				errorText = $dark.attr('data-ajax-error-text-' + textStatus);
 				if (typeof errorText !== 'string' || !errorText.length) {
 					errorText = $dark.attr('data-ajax-error-text');
@@ -283,7 +288,7 @@ phpbb.ajaxify = function(options) {
 		 * It cannot be called from outside this function, and is purely here to
 		 * avoid repetition of code.
 		 *
-		 * @param object res The object sent back by the server.
+		 * @param {object} res The object sent back by the server.
 		 */
 		function returnHandler(res) {
 			var alert;
@@ -386,7 +391,8 @@ phpbb.ajaxify = function(options) {
 				type: method,
 				data: data,
 				success: returnHandler,
-				error: errorHandler
+				error: errorHandler,
+				cache: false
 			});
 			request.always(function() {
 				$loadingIndicator.fadeOut(phpbb.alertTime);
@@ -407,7 +413,9 @@ phpbb.ajaxify = function(options) {
 		$elements.find('input:submit').click(function () {
 			var $this = $(this);
 
-			$this.siblings('[data-clicked]').removeAttr('data-clicked');
+			// Remove data-clicked attribute from any submit button of form
+			$this.parents('form:first').find('input:submit[data-clicked]').removeAttr('data-clicked');
+
 			$this.attr('data-clicked', 'true');
 		});
 	}
@@ -424,10 +432,10 @@ phpbb.search = {
 };
 
 /**
- * Get cached search data. 
+ * Get cached search data.
  *
- * @param string id		Search ID.
- * @return bool|object.	Cached data object. Returns false if no data exists.
+ * @param {string} id Search ID.
+ * @returns {bool|object} Cached data object. Returns false if no data exists.
  */
 phpbb.search.cache.get = function(id) {
 	if (this.data[id]) {
@@ -437,39 +445,35 @@ phpbb.search.cache.get = function(id) {
 };
 
 /**
- * Set search cache data value. 
+ * Set search cache data value.
  *
- * @param string id		Search ID.
- * @param string key	Data key.
- * @param string value	Data value.
- *
- * @return undefined
+ * @param {string} id		Search ID.
+ * @param {string} key		Data key.
+ * @param {string} value	Data value.
  */
 phpbb.search.cache.set = function(id, key, value) {
 	if (!this.data[id]) {
-		this.data[id] = {results: []};
+		this.data[id] = { results: [] };
 	}
 	this.data[id][key] = value;
 };
 
 /**
- * Cache search result. 
+ * Cache search result.
  *
- * @param string id			Search ID.
- * @param string keyword	Keyword.
- * @param array results		Search results.
- *
- * @return undefined
+ * @param {string} id		Search ID.
+ * @param {string} keyword	Keyword.
+ * @param {Array} results	Search results.
  */
-phpbb.search.cache.setResults = function(id, keyword, value) {
-	this.data[id].results[keyword] = value;
+phpbb.search.cache.setResults = function(id, keyword, results) {
+	this.data[id].results[keyword] = results;
 };
 
 /**
  * Trim spaces from keyword and lower its case.
  *
- * @param string keyword	Search keyword to clean.
- * @return string Cleaned string.
+ * @param {string} keyword Search keyword to clean.
+ * @returns {string} Cleaned string.
  */
 phpbb.search.cleanKeyword = function(keyword) {
 	return $.trim(keyword).toLowerCase();
@@ -479,11 +483,11 @@ phpbb.search.cleanKeyword = function(keyword) {
  * Get clean version of search keyword. If textarea supports several keywords
  * (one per line), it fetches the current keyword based on the caret position.
  *
- * @param jQuery $input		Search input|textarea.
- * @param string keyword	Input|textarea value.
- * @param bool multiline	Whether textarea supports multiple search keywords.
+ * @param {jQuery} $input	Search input|textarea.
+ * @param {string} keyword	Input|textarea value.
+ * @param {bool} multiline	Whether textarea supports multiple search keywords.
  *
- * @return string Clean string.
+ * @returns string Clean string.
  */
 phpbb.search.getKeyword = function($input, keyword, multiline) {
 	if (multiline) {
@@ -495,10 +499,10 @@ phpbb.search.getKeyword = function($input, keyword, multiline) {
 
 /**
  * Get the textarea line number on which the keyword resides - for textareas
- * that support multiple keywords (one per line). 
+ * that support multiple keywords (one per line).
  *
- * @param jQuery $textarea	Search textarea.
- * @return int
+ * @param {jQuery} $textarea Search textarea.
+ * @returns {int} The line number.
  */
 phpbb.search.getKeywordLine = function ($textarea) {
 	var selectionStart = $textarea.get(0).selectionStart;
@@ -509,11 +513,9 @@ phpbb.search.getKeywordLine = function ($textarea) {
  * Set the value on the input|textarea. If textarea supports multiple
  * keywords, only the active keyword is replaced.
  *
- * @param jQuery $input		Search input|textarea.
- * @param string value		Value to set.
- * @param bool multiline	Whether textarea supports multiple search keywords.	
- *
- * @return undefined
+ * @param {jQuery} $input	Search input|textarea.
+ * @param {string} value	Value to set.
+ * @param {bool} multiline	Whether textarea supports multiple search keywords.
  */
 phpbb.search.setValue = function($input, value, multiline) {
 	if (multiline) {
@@ -526,14 +528,13 @@ phpbb.search.setValue = function($input, value, multiline) {
 };
 
 /**
- * Sets the onclick event to set the value on the input|textarea to the selected search result. 
+ * Sets the onclick event to set the value on the input|textarea to the
+ * selected search result.
  *
- * @param jQuery $input		Search input|textarea.
- * @param object value		Result object.
- * @param jQuery $row		Result element.
- * @param jQuery $container	jQuery object for the search container.
- *
- * @return undefined
+ * @param {jQuery} $input		Search input|textarea.
+ * @param {object} value		Result object.
+ * @param {jQuery} $row			Result element.
+ * @param {jQuery} $container	jQuery object for the search container.
  */
 phpbb.search.setValueOnClick = function($input, value, $row, $container) {
 	$row.click(function() {
@@ -548,16 +549,16 @@ phpbb.search.setValueOnClick = function($input, value, $row, $container) {
  * already, those are displayed instead. Executes the AJAX request function
  * itself due to the need to use a timeout to limit the number of requests.
  *
- * @param array data			Data to be sent to the server.
- * @param object event			Onkeyup event object.
- * @param function sendRequest	Function to execute AJAX request.
+ * @param {Array} data				Data to be sent to the server.
+ * @param {object} event			Onkeyup event object.
+ * @param {function} sendRequest	Function to execute AJAX request.
  *
- * @return bool Returns false.
+ * @returns {bool} Returns false.
  */
 phpbb.search.filter = function(data, event, sendRequest) {
 	var $this = $(this),
 		dataName = ($this.attr('data-name') !== undefined) ? $this.attr('data-name') : $this.attr('name'),
-		minLength = parseInt($this.attr('data-min-length')),
+		minLength = parseInt($this.attr('data-min-length'), 10),
 		searchID = $this.attr('data-results'),
 		keyword = phpbb.search.getKeyword($this, data[dataName], $this.attr('data-multiline')),
 		cache = phpbb.search.cache.get(searchID),
@@ -579,7 +580,10 @@ phpbb.search.filter = function(data, event, sendRequest) {
 			} else {
 				// Do we already have results for this?
 				if (cache.results[keyword]) {
-					var response = {keyword: keyword, results: cache.results[keyword]};
+					var response = {
+						keyword: keyword,
+						results: cache.results[keyword]
+					};
 					phpbb.search.handleResponse(response, $this, true);
 					proceed = false;
 				}
@@ -590,8 +594,8 @@ phpbb.search.filter = function(data, event, sendRequest) {
 					phpbb.search.cache.set(searchID, 'lastSearch', keyword);
 					phpbb.search.cache.setResults(searchID, keyword, []);
 					proceed = false;
-				}		
-			}		
+				}
+			}
 		}
 
 		if (proceed) {
@@ -604,14 +608,12 @@ phpbb.search.filter = function(data, event, sendRequest) {
 };
 
 /**
- * Handle search result response. 
+ * Handle search result response.
  *
- * @param object res		Data received from server.
- * @param jQuery $input		Search input|textarea.
- * @param bool fromCache	Whether the results are from the cache.
- * @param function callback	Optional callback to run when assigning each search result.
- *
- * @return undefined
+ * @param {object} res			Data received from server.
+ * @param {jQuery} $input		Search input|textarea.
+ * @param {bool} fromCache		Whether the results are from the cache.
+ * @param {function} callback	Optional callback to run when assigning each search result.
  */
 phpbb.search.handleResponse = function(res, $input, fromCache, callback) {
 	if (typeof res !== 'object') {
@@ -638,12 +640,10 @@ phpbb.search.handleResponse = function(res, $input, fromCache, callback) {
 /**
  * Show search results.
  *
- * @param array results		Search results.
- * @param jQuery $input		Search input|textarea.
- * @param jQuery $container	Search results container element.
- * @param function callback	Optional callback to run when assigning each search result.
- *
- * @return undefined
+ * @param {Array} results		Search results.
+ * @param {jQuery} $input		Search input|textarea.
+ * @param {jQuery} $container	Search results container element.
+ * @param {function} callback	Optional callback to run when assigning each search result.
  */
 phpbb.search.showResults = function(results, $input, $container, callback) {
 	var $resultContainer = $('.search-results', $container);
@@ -680,8 +680,7 @@ phpbb.search.showResults = function(results, $input, $container, callback) {
 /**
  * Clear search results.
  *
- * @param jQuery $container	Search results container.
- * @return undefined
+ * @param {jQuery} $container Search results container.
  */
 phpbb.search.clearResults = function($container) {
 	$container.children(':not(.search-result-tpl)').remove();
@@ -700,8 +699,8 @@ phpbb.history = {};
 /**
 * Check whether a method in the native history object is supported.
 *
-* @param string fn	Method name.
-* @return bool Returns true if the method is supported.
+* @param {string} fn Method name.
+* @returns {bool} Returns true if the method is supported.
 */
 phpbb.history.isSupported = function(fn) {
 	return !(typeof history === 'undefined' || typeof history[fn] === 'undefined');
@@ -711,12 +710,10 @@ phpbb.history.isSupported = function(fn) {
 * Wrapper for the pushState and replaceState methods of the
 * native history object.
 *
-* @param string mode	Mode. Either push or replace.
-* @param string url	New URL.
-* @param string title Optional page title.
-* @patam object obj	Optional state object.
-*
-* @return undefined
+* @param {string} mode		Mode. Either push or replace.
+* @param {string} url		New URL.
+* @param {string} [title]	Optional page title.
+* @param {object} [obj]		Optional state object.
 */
 phpbb.history.alterUrl = function(mode, url, title, obj) {
 	var fn = mode + 'State';
@@ -737,11 +734,9 @@ phpbb.history.alterUrl = function(mode, url, title, obj) {
 /**
 * Wrapper for the native history.replaceState method.
 *
-* @param string url	New URL.
-* @param string title Optional page title.
-* @patam object obj	Optional state object.
-*
-* @return undefined
+* @param {string} url		New URL.
+* @param {string} [title]	Optional page title.
+* @param {object} [obj]		Optional state object.
 */
 phpbb.history.replaceUrl = function(url, title, obj) {
 	phpbb.history.alterUrl('replace', url, title, obj);
@@ -750,11 +745,9 @@ phpbb.history.replaceUrl = function(url, title, obj) {
 /**
 * Wrapper for the native history.pushState method.
 *
-* @param string url	New URL.
-* @param string title Optional page title.
-* @patam object obj	Optional state object.
-*
-* @return undefined
+* @param {string} url		New URL.
+* @param {string} [title]	Optional page title.
+* @param {object} [obj]		Optional state object.
 */
 phpbb.history.pushUrl = function(url, title, obj) {
 	phpbb.history.alterUrl('push', url, title, obj);
@@ -763,7 +756,8 @@ phpbb.history.pushUrl = function(url, title, obj) {
 /**
 * Hide the optgroups that are not the selected timezone
 *
-* @param	bool	keepSelection		Shall we keep the value selected, or shall the user be forced to repick one.
+* @param {bool} keepSelection Shall we keep the value selected, or shall the
+* 	user be forced to repick one.
 */
 phpbb.timezoneSwitchDate = function(keepSelection) {
 	var $timezoneCopy = $('#timezone_copy');
@@ -786,7 +780,7 @@ phpbb.timezoneSwitchDate = function(keepSelection) {
 	}
 
 	if ($tzDate.val() !== '') {
-		$timezone.children('optgroup').remove(':not([data-tz-value="' + $('#tz_date').val() + '"])');
+		$timezone.children('optgroup').remove(':not([data-tz-value="' + $tzDate.val() + '"])');
 	}
 
 	if ($tzDate.val() === $tzSelectDateSuggest.attr('data-suggested-tz')) {
@@ -794,7 +788,7 @@ phpbb.timezoneSwitchDate = function(keepSelection) {
 	} else {
 		$tzSelectDateSuggest.css('display', 'inline');
 	}
-	
+
 	var $tzOptions = $timezone.children('optgroup[data-tz-value="' + $tzDate.val() + '"]').children('option');
 
 	if ($tzOptions.length === 1) {
@@ -821,7 +815,7 @@ phpbb.timezoneEnableDateSelection = function() {
 /**
 * Preselect a date/time or suggest one, if it is not picked.
 *
-* @param	bool	forceSelector		Shall we select the suggestion?
+* @param {bool} forceSelector Shall we select the suggestion?
 */
 phpbb.timezonePreselectSelect = function(forceSelector) {
 
@@ -890,8 +884,8 @@ phpbb.ajaxCallbacks = {};
  *
  * See the phpbb.ajaxify comments for information on stuff like parameters.
  *
- * @param string id The name of the callback.
- * @param function callback The callback to be called.
+ * @param {string} id The name of the callback.
+ * @param {function} callback The callback to be called.
  */
 phpbb.addAjaxCallback = function(id, callback) {
 	if (typeof callback === 'function') {
@@ -982,7 +976,7 @@ phpbb.addAjaxCallback('toggle_link', function() {
 * types text.
 *
 * @param {jQuery} $items jQuery object(s) to resize
-* @param {object} options Optional parameter that adjusts default
+* @param {object} [options] Optional parameter that adjusts default
 * 	configuration. See configuration variable
 *
 * Optional parameters:
@@ -1019,15 +1013,19 @@ phpbb.resizeTextArea = function($items, options) {
 	function resetAutoResize(item) {
 		var $item = $(item);
 		if ($item.hasClass('auto-resized')) {
-			$(item).css({height: '', resize: ''}).removeClass('auto-resized');
+			$(item)
+				.css({ height: '', resize: '' })
+				.removeClass('auto-resized');
 			configuration.resetCallback.call(item, $item);
 		}
 	}
 
 	function autoResize(item) {
 		function setHeight(height) {
-			height += parseInt($item.css('height')) - $item.height();
-			$item.css({height: height + 'px', resize: 'none'}).addClass('auto-resized');
+			height += parseInt($item.css('height'), 10) - $item.height();
+			$item
+				.css({ height: height + 'px', resize: 'none' })
+				.addClass('auto-resized');
 			configuration.resizeCallback.call(item, $item);
 		}
 
@@ -1043,7 +1041,7 @@ phpbb.resizeTextArea = function($items, options) {
 				configuration.maxHeight
 			),
 			$item = $(item),
-			height = parseInt($item.height()),
+			height = parseInt($item.height(), 10),
 			scrollHeight = (item.scrollHeight) ? item.scrollHeight : 0;
 
 		if (height < 0) {
@@ -1052,8 +1050,7 @@ phpbb.resizeTextArea = function($items, options) {
 
 		if (height > maxHeight) {
 			setHeight(maxHeight);
-		}
-		else if (scrollHeight > (height + 5)) {
+		} else if (scrollHeight > (height + 5)) {
 			setHeight(Math.min(maxHeight, scrollHeight));
 		}
 	}
@@ -1082,7 +1079,7 @@ phpbb.resizeTextArea = function($items, options) {
 * @param {Array} endTags List of end tags to look for
 *		For example, Array('[/code]')
 *
-* @return {boolean} True if cursor is in bbcode tag
+* @returns {boolean} True if cursor is in bbcode tag
 */
 phpbb.inBBCodeTag = function(textarea, startTags, endTags) {
 	var start = textarea.selectionStart,
@@ -1154,7 +1151,7 @@ phpbb.applyCodeEditor = function(textarea) {
 	* @param {boolean} stripCodeStart If true, only part of line
 	*		after [code] tag will be returned.
 	*
-	* @return {string} Line of text
+	* @returns {string} Line of text
 	*/
 	function getLastLine(stripCodeStart) {
 		var start = textarea.selectionStart,
@@ -1170,7 +1167,7 @@ phpbb.applyCodeEditor = function(textarea) {
 					var tagLength = startTags[i].length;
 
 					value = value.substring(index + tagLength);
-					if (startTags[i].lastIndexOf(startTagsEnd) != tagLength) {
+					if (startTags[i].lastIndexOf(startTagsEnd) !== tagLength) {
 						index = value.indexOf(startTagsEnd);
 
 						if (index >= 0) {
@@ -1187,7 +1184,7 @@ phpbb.applyCodeEditor = function(textarea) {
 	/**
 	* Append text at cursor position
 	*
-	* @param {string} Text Text to append
+	* @param {string} text Text to append
 	*/
 	function appendText(text) {
 		var start = textarea.selectionStart,
@@ -1229,6 +1226,31 @@ phpbb.applyCodeEditor = function(textarea) {
 	});
 };
 
+/**
+ * Show drag and drop animation when textarea is present
+ *
+ * This function will enable the drag and drop animation for a specified
+ * textarea.
+ *
+ * @param {HTMLElement} textarea Textarea DOM object to apply editor to
+ */
+phpbb.showDragNDrop = function(textarea) {
+	if (!textarea) {
+		return;
+	}
+
+	$('body').on('dragenter dragover', function () {
+		$(textarea).addClass('drag-n-drop');
+	}).on('dragleave dragout dragend drop', function() {
+		$(textarea).removeClass('drag-n-drop');
+	});
+	$(textarea).on('dragenter dragover', function () {
+		$(textarea).addClass('drag-n-drop-highlight');
+	}).on('dragleave dragout dragend drop', function() {
+		$(textarea).removeClass('drag-n-drop-highlight');
+	});
+};
+
 /**
 * List of classes that toggle dropdown menu,
 * list of classes that contain visible dropdown menu
@@ -1321,12 +1343,15 @@ phpbb.toggleDropdown = function() {
 					fullFreeSpace = freeSpace + parent.outerWidth();
 
 				options.dropdown.find('.dropdown-contents').each(function() {
-					contentWidth = parseInt($(this).outerWidth());
-					$(this).css({marginLeft: 0, left: 0});
+					contentWidth = parseInt($(this).outerWidth(), 10);
+					$(this).css({ marginLeft: 0, left: 0 });
 				});
 
 				var maxOffset = Math.min(contentWidth, fullFreeSpace) + 'px';
-				options.dropdown.css({'width': maxOffset, 'margin-left': '-' + maxOffset});
+				options.dropdown.css({
+					width: maxOffset,
+					marginLeft: -maxOffset
+				});
 			}
 		} else {
 			options.dropdown.css('margin-right', '-' + (windowWidth + freeSpace) + 'px');
@@ -1388,14 +1413,12 @@ phpbb.registerDropdown = function(toggle, dropdown, options) {
 /**
 * Get the HTML for a color palette table.
 *
-* @param string dir Palette direction - either v or h
-* @param int width Palette cell width.
-* @param int height Palette cell height.
+* @param {string} dir Palette direction - either v or h
+* @param {int} width Palette cell width.
+* @param {int} height Palette cell height.
 */
 phpbb.colorPalette = function(dir, width, height) {
-	var r = 0, 
-		g = 0, 
-		b = 0,
+	var r, g, b,
 		numberList = new Array(6),
 		color = '',
 		html = '';
@@ -1406,32 +1429,33 @@ phpbb.colorPalette = function(dir, width, height) {
 	numberList[3] = 'BF';
 	numberList[4] = 'FF';
 
-	var tableClass = (dir == 'h') ? 'horizontal-palette' : 'vertical-palette';
+	var tableClass = (dir === 'h') ? 'horizontal-palette' : 'vertical-palette';
 	html += '<table class="not-responsive colour-palette ' + tableClass + '" style="width: auto;">';
 
 	for (r = 0; r < 5; r++) {
-		if (dir == 'h') {
+		if (dir === 'h') {
 			html += '<tr>';
 		}
 
 		for (g = 0; g < 5; g++) {
-			if (dir == 'v') {
+			if (dir === 'v') {
 				html += '<tr>';
 			}
 
 			for (b = 0; b < 5; b++) {
-				color = String(numberList[r]) + String(numberList[g]) + String(numberList[b]);
-				html += '<td style="background-color: #' + color + '; width: ' + width + 'px; height: ' + height + 'px;">';
-				html += '<a href="#" data-color="' + color + '" style="display: block; width: ' + width + 'px; height: ' + height + 'px; " alt="#' + color + '" title="#' + color + '"></a>';
+				color = '' + numberList[r] + numberList[g] + numberList[b];
+				html += '<td style="background-color: #' + color + '; width: ' + width + 'px; height: ' +
+					height + 'px;"><a href="#" data-color="' + color + '" style="display: block; width: ' +
+					width + 'px; height: ' + height + 'px; " alt="#' + color + '" title="#' + color + '"></a>';
 				html += '</td>';
 			}
 
-			if (dir == 'v') {
+			if (dir === 'v') {
 				html += '</tr>';
 			}
 		}
 
-		if (dir == 'h') {
+		if (dir === 'h') {
 			html += '</tr>';
 		}
 	}
@@ -1442,7 +1466,7 @@ phpbb.colorPalette = function(dir, width, height) {
 /**
 * Register a color palette.
 *
-* @param object el jQuery object for the palette container.
+* @param {jQuery} el jQuery object for the palette container.
 */
 phpbb.registerPalette = function(el) {
 	var	orientation	= el.attr('data-orientation'),
@@ -1471,15 +1495,15 @@ phpbb.registerPalette = function(el) {
 		}
 		e.preventDefault();
 	});
-}
+};
 
 /**
 * Set display of page element
 *
-* @param string	id	The ID of the element to change
-* @param int	action	Set to 0 if element display should be toggled, -1 for
+* @param {string} id The ID of the element to change
+* @param {int} action Set to 0 if element display should be toggled, -1 for
 *			hiding the element, and 1 for showing it.
-* @param string	type	Display type that should be used, e.g. inline, block or
+* @param {string} type Display type that should be used, e.g. inline, block or
 *			other CSS "display" types
 */
 phpbb.toggleDisplay = function(id, action, type) {
@@ -1500,8 +1524,7 @@ phpbb.toggleDisplay = function(id, action, type) {
 * Toggle additional settings based on the selected
 * option of select element.
 *
-* @param jQuery el jQuery select element object.
-* @return undefined
+* @param {jQuery} el jQuery select element object.
 */
 phpbb.toggleSelectSettings = function(el) {
 	el.children().each(function() {
@@ -1515,11 +1538,11 @@ phpbb.toggleSelectSettings = function(el) {
 * Get function from name.
 * Based on http://stackoverflow.com/a/359910
 *
-* @param string functionName Function to get.
-* @return function
+* @param {string} functionName Function to get.
+* @returns function
 */
 phpbb.getFunctionByName = function (functionName) {
- 	var namespaces = functionName.split('.'),
+	var namespaces = functionName.split('.'),
 		func = namespaces.pop(),
 		context = window;
 

phpBB/assets/javascript/editor.js

@@ -159,7 +159,7 @@ function insert_text(text, spaces, popup) {
 /**
 * Add inline attachment at position
 */
-function attach_inline(index, filename) {
+function attachInline(index, filename) {
 	insert_text('[attachment=' + index + ']' + filename + '[/attachment]');
 	document.forms[form_name].elements[text_name].focus();
 }
@@ -355,6 +355,9 @@ function getCaretPosition(txtarea) {
 		textarea = doc.forms[form_name].elements[text_name];
 
 		phpbb.applyCodeEditor(textarea);
+		if ($('#attach-panel').length) {
+			phpbb.showDragNDrop(textarea);
+		}
 	});
 })(jQuery);
 

phpBB/assets/javascript/plupload.js

@@ -1,26 +1,26 @@
+/* global phpbb, plupload, attachInline */
+
 plupload.addI18n(phpbb.plupload.i18n);
 phpbb.plupload.ids = [];
 
 (function($) {  // Avoid conflicts with other libraries
 
-"use strict";
+'use strict';
 
 /**
  * Set up the uploader.
- *
- * @return undefined
  */
 phpbb.plupload.initialize = function() {
 	// Initialize the Plupload uploader.
-	uploader.init();
+	phpbb.plupload.uploader.init();
 
 	// Set attachment data.
 	phpbb.plupload.setData(phpbb.plupload.data);
 	phpbb.plupload.updateMultipartParams(phpbb.plupload.getSerializedData());
 
 	// Only execute if Plupload initialized successfully.
-	uploader.bind('Init', function() {
-		phpbb.plupload.form = $(phpbb.plupload.config.form_hook)[0],
+	phpbb.plupload.uploader.bind('Init', function() {
+		phpbb.plupload.form = $(phpbb.plupload.config.form_hook)[0];
 		phpbb.plupload.rowTpl = $('#attach-row-tpl')[0].outerHTML;
 
 		// Hide the basic upload panel and remove the attach row template.
@@ -29,48 +29,51 @@ phpbb.plupload.initialize = function() {
 		$('#attach-panel-multi').show();
 	});
 
-	uploader.bind('PostInit', function() {
+	phpbb.plupload.uploader.bind('PostInit', function() {
 		// Point out the drag-and-drop zone if it's supported.
-		if (uploader.features.dragdrop) {
+		if (phpbb.plupload.uploader.features.dragdrop) {
 			$('#drag-n-drop-message').show();
 		}
+
+		// Ensure "Add files" button position is correctly calculated.
+		if ($('#attach-panel-multi').is(':visible')) {
+			phpbb.plupload.uploader.refresh();
+		}
+		$('[data-subpanel="attach-panel"]').one('click', function() {
+			phpbb.plupload.uploader.refresh();
+		});
 	});
 };
 
 /**
  * Unsets all elements in the object uploader.settings.multipart_params whose keys
  * begin with 'attachment_data['
- *
- * @return undefined
  */
 phpbb.plupload.clearParams = function() {
-	var obj = uploader.settings.multipart_params;
+	var obj = phpbb.plupload.uploader.settings.multipart_params;
 	for (var key in obj) {
 		if (!obj.hasOwnProperty(key) || key.indexOf('attachment_data[') !== 0) {
 			continue;
 		}
 
-		delete uploader.settings.multipart_params[key];
+		delete phpbb.plupload.uploader.settings.multipart_params[key];
 	}
 };
 
 /**
  * Update uploader.settings.multipart_params object with new data.
  *
- * @param object obj
- * @return undefined
+ * @param {object} obj
  */
 phpbb.plupload.updateMultipartParams = function(obj) {
-	uploader.settings.multipart_params = $.extend(
-		uploader.settings.multipart_params,
-		obj
-	);
+	var settings = phpbb.plupload.uploader.settings;
+	settings.multipart_params = $.extend(settings.multipart_params, obj);
 };
 
 /**
  * Convert the array of attachment objects into an object that PHP would expect as POST data.
  *
- * @return object An object in the form 'attachment_data[i][key]': value as
+ * @returns {object} An object in the form 'attachment_data[i][key]': value as
  * 	expected by the server
  */
 phpbb.plupload.getSerializedData = function() {
@@ -92,22 +95,19 @@ phpbb.plupload.getSerializedData = function() {
  * Get the index from the phpbb.plupload.data array where the given
  * attachment id appears.
  *
- * @param int attach_id The attachment id of the file.
- * @return bool	Returns false if the id cannot be found.
- * @return int	Returns the index of the file if it exists.
+ * @param {int} attachId The attachment id of the file.
+ * @returns {bool|int} Index of the file if exists, otherwise false.
  */
-phpbb.plupload.getIndex = function(attach_id) {
-	var index = $.inArray(Number(attach_id), phpbb.plupload.ids);
+phpbb.plupload.getIndex = function(attachId) {
+	var index = $.inArray(Number(attachId), phpbb.plupload.ids);
 	return (index !== -1) ? index : false;
 };
 
 /**
  * Set the data in phpbb.plupload.data and phpbb.plupload.ids arrays.
- * 
- * @param array data	Array containing the new data to use. In the form of 
- * array(index => object(property: value). Requires attach_id to be one of the object properties.
  *
- * @return undefined
+ * @param {Array} data	Array containing the new data to use. In the form of
+ * array(index => object(property: value). Requires attach_id to be one of the object properties.
  */
 phpbb.plupload.setData = function(data) {
 	// Make sure that the array keys are reset.
@@ -121,12 +121,11 @@ phpbb.plupload.setData = function(data) {
 
 /**
  * Update the attachment data in the HTML and the phpbb & phpbb.plupload objects.
- * 
- * @param array data		Array containing the new data to use.
- * @param string action		The action that required the update. Used to update the inline attachment bbcodes.
- * @param int index			The index from phpbb.plupload_ids that was affected by the action.
- * @param array downloadUrl	Optional array of download urls to update.
- * @return undefined
+ *
+ * @param {Array} data			Array containing the new data to use.
+ * @param {string} action		The action that required the update. Used to update the inline attachment bbcodes.
+ * @param {int} index			The index from phpbb.plupload_ids that was affected by the action.
+ * @param {Array} downloadUrl	Optional array of download urls to update.
  */
 phpbb.plupload.update = function(data, action, index, downloadUrl) {
 
@@ -139,9 +138,8 @@ phpbb.plupload.update = function(data, action, index, downloadUrl) {
 
 /**
  * Update the relevant elements and hidden data for all attachments.
- * 
- * @param array downloadUrl	Optional array of download urls to update.
- * @return undefined
+ *
+ * @param {Array} downloadUrl Optional array of download urls to update.
  */
 phpbb.plupload.updateRows = function(downloadUrl) {
 	for (var i = 0; i < phpbb.plupload.ids.length; i++) {
@@ -154,9 +152,8 @@ phpbb.plupload.updateRows = function(downloadUrl) {
  * using the id "attach-row-tpl" to be present. This snippet is cloned and the
  * data for the file inserted into it. The row is then appended or prepended to
  * #file-list based on the attach_order setting.
- * 
- * @param object file	Plupload file object for the new attachment.
- * @return undefined
+ *
+ * @param {object} file Plupload file object for the new attachment.
  */
 phpbb.plupload.insertRow = function(file) {
 	var row = $(phpbb.plupload.rowTpl);
@@ -165,7 +162,7 @@ phpbb.plupload.insertRow = function(file) {
 	row.find('.file-name').html(plupload.xmlEncode(file.name));
 	row.find('.file-size').html(plupload.formatSize(file.size));
 
-	if (phpbb.plupload.order == 'desc') {
+	if (phpbb.plupload.order === 'desc') {
 		$('#file-list').prepend(row);
 	} else {
 		$('#file-list').append(row);
@@ -174,10 +171,9 @@ phpbb.plupload.insertRow = function(file) {
 
 /**
  * Update the relevant elements and hidden data for an attachment.
- * 
- * @param int index	The index from phpbb.plupload.ids of the attachment to edit.
- * @param array downloadUrl	Optional array of download urls to update. 
- * @return undefined
+ *
+ * @param {int} index The index from phpbb.plupload.ids of the attachment to edit.
+ * @param {Array} downloadUrl Optional array of download urls to update.
  */
 phpbb.plupload.updateRow = function(index, downloadUrl) {
 	var attach = phpbb.plupload.data[index],
@@ -189,7 +185,7 @@ phpbb.plupload.updateRow = function(index, downloadUrl) {
 			link = $('<a></a>');
 
 		link.attr('href', url).html(attach.real_filename);
-		row.find('.file-name').html(link)	
+		row.find('.file-name').html(link);
 	}
 
 	row.find('textarea').attr('name', 'comment_list[' + index + ']');
@@ -199,18 +195,21 @@ phpbb.plupload.updateRow = function(index, downloadUrl) {
 /**
  * Update hidden input data for an attachment.
  *
- * @param object row	jQuery object for the attachment row.
- * @param object attach	Attachment data object from phpbb.plupload.data
- * @param int index		Attachment index from phpbb.plupload.ids
- * @return undefined
+ * @param {object} row		jQuery object for the attachment row.
+ * @param {object} attach	Attachment data object from phpbb.plupload.data
+ * @param {int} index		Attachment index from phpbb.plupload.ids
  */
 phpbb.plupload.updateHiddenData = function(row, attach, index) {
 	row.find('input[type="hidden"]').remove();
 
 	for (var key in attach) {
+		if (!attach.hasOwnProperty(key)) {
+			return;
+		}
+
 		var input = $('<input />')
 			.attr('type', 'hidden')
-			.attr('name', 'attachment_data[' + index + '][' + key +']')
+			.attr('name', 'attachment_data[' + index + '][' + key + ']')
 			.attr('value', attach[key]);
 		$('textarea', row).after(input);
 	}
@@ -222,16 +221,14 @@ phpbb.plupload.updateHiddenData = function(row, attach, index) {
  * responds with the updated attachment data list so that any future
  * uploads can maintain state with the server
  *
- * @param object row	jQuery object for the attachment row.
- * @param int attachId	Attachment id of the file to be removed.
- *
- * @return undefined
+ * @param {object} row		jQuery object for the attachment row.
+ * @param {int} attachId	Attachment id of the file to be removed.
  */
 phpbb.plupload.deleteFile = function(row, attachId) {
 	// If there's no attach id, then the file hasn't been uploaded. Simply delete the row.
 	if (typeof attachId === 'undefined') {
-		var file = uploader.getFile(row.attr('id'));
-		uploader.removeFile(file);
+		var file = phpbb.plupload.uploader.getFile(row.attr('id'));
+		phpbb.plupload.uploader.removeFile(file);
 
 		row.slideUp(100, function() {
 			row.remove();
@@ -259,7 +256,7 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 
 		// trigger_error() was called which likely means a permission error was encountered.
 		if (typeof response.title !== 'undefined') {
-			uploader.trigger('Error', {message: response.message});
+			phpbb.plupload.uploader.trigger('Error', { message: response.message });
 			// We will have to assume that the deletion failed. So leave the file status as uploaded.
 			row.find('.file-status').toggleClass('file-uploaded');
 
@@ -270,21 +267,21 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 		phpbb.plupload.handleMaxFilesReached();
 
 		if (row.attr('id')) {
-			var file = uploader.getFile(row.attr('id'));
-			uploader.removeFile(file);
+			var file = phpbb.plupload.uploader.getFile(row.attr('id'));
+			phpbb.plupload.uploader.removeFile(file);
 		}
 		row.slideUp(100, function() {
 			row.remove();
 			// Hide the file list if it's empty now.
 			phpbb.plupload.hideEmptyList();
 		});
-		uploader.trigger('FilesRemoved');
+		phpbb.plupload.uploader.trigger('FilesRemoved');
 	};
 
 	$.ajax(phpbb.plupload.config.url, {
 		type: 'POST',
 		data: $.extend(fields, phpbb.plupload.getSerializedData()),
-		headers: {'X-PHPBB-USING-PLUPLOAD': '1', 'X-Requested-With': 'XMLHttpRequest'}
+		headers: { 'X-PHPBB-USING-PLUPLOAD': '1', 'X-Requested-With': 'XMLHttpRequest' }
 	})
 	.always(always)
 	.done(done);
@@ -292,25 +289,21 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 
 /**
  * Check the attachment list and hide its container if it's empty.
- *
- * @return undefined
  */
 phpbb.plupload.hideEmptyList = function() {
 	if (!$('#file-list').children().length) {
 		$('#file-list-container').slideUp(100);
 	}
-}
+};
 
 /**
- * Update the indices used in inline attachment bbcodes. This ensures that the bbcodes
- * correspond to the correct file after a file is added or removed. This should be called 
- * before the phpbb.plupload,data and phpbb.plupload.ids arrays are updated, otherwise it will
- * not work correctly.
+ * Update the indices used in inline attachment bbcodes. This ensures that the
+ * bbcodes correspond to the correct file after a file is added or removed.
+ * This should be called before the phpbb.plupload,data and phpbb.plupload.ids
+ * arrays are updated, otherwise it will not work correctly.
  *
- * @param string action	The action that occurred -- either "addition" or "removal"
- * @param int index		The index of the attachment from phpbb.plupload.ids that was affected.
- *
- * @return undefined
+ * @param {string} action	The action that occurred -- either "addition" or "removal"
+ * @param {int} index		The index of the attachment from phpbb.plupload.ids that was affected.
  */
 phpbb.plupload.updateBbcode = function(action, index) {
 	var	textarea = $('#message', phpbb.plupload.form),
@@ -322,64 +315,59 @@ phpbb.plupload.updateBbcode = function(action, index) {
 		return;
 	}
 
-	// Private function used to replace the bbcode.
-	var updateBbcode = function(match, fileName) {
-		// Remove the bbcode if the file was removed.
-		if (removal && index === i) {
-			return '';
-		}
-		var newIndex = i + ((removal) ? -1 : 1);
-		return '[attachment=' + newIndex +']' + fileName + '[/attachment]';
-	};
+	function runUpdate(i) {
+		var regex = new RegExp('\\[attachment=' + i + '\\](.*?)\\[\\/attachment\\]', 'g');
+		text = text.replace(regex, function updateBbcode(_, fileName) {
+			// Remove the bbcode if the file was removed.
+			if (removal && index === i) {
+				return '';
+			}
+			var newIndex = i + ((removal) ? -1 : 1);
+			return '[attachment=' + newIndex + ']' + fileName + '[/attachment]';
+		});
+	}
 
-	// Private function used to generate search regexp
-	var searchRegexp = function(index) {
-		return new RegExp('\\[attachment=' + index + '\\](.*?)\\[\\/attachment\\]', 'g');
-	}
-	// The update order of the indices is based on the action taken to ensure that we don't corrupt
-	// the bbcode index by updating it several times as we move through the loop.
-	// Removal loop starts at the removed index and moves to the end of the array.
-	// Addition loop starts at the end of the array and moves to the added index at 0.
-	var searchLoop = function() {
-		if (typeof i === 'undefined') {
-			i = (removal) ? index : phpbb.plupload.ids.length - 1;
-		}
-		return (removal) ? (i < phpbb.plupload.ids.length): (i >= index);
-	}
+	// Loop forwards when removing and backwards when adding ensures we don't
+	// corrupt the bbcode index.
 	var i;
-
-	while (searchLoop()) {
-		text = text.replace(searchRegexp(i), updateBbcode);
-		(removal) ? i++ : i--;
+	if (removal) {
+		for (i = index; i < phpbb.plupload.ids.length; i++) {
+			runUpdate(i);
+		}
+	} else {
+		for (i = phpbb.plupload.ids.length - 1; i >= index; i--) {
+			runUpdate(i);
+		}
 	}
+
 	textarea.val(text);
 };
 
 /**
  * Get Plupload file objects based on their upload status.
  *
- * @param int status Plupload status - plupload.DONE, plupload.FAILED, plupload.QUEUED,
- * plupload.STARTED, plupload.STOPPED
+ * @param {int} status Plupload status - plupload.DONE, plupload.FAILED,
+ * plupload.QUEUED, plupload.STARTED, plupload.STOPPED
  *
- * @return Returns an array of the Plupload file objects matching the status.
+ * @returns {Array} The Plupload file objects matching the status.
  */
 phpbb.plupload.getFilesByStatus = function(status) {
 	var files = [];
 
-	$.each(uploader.files, function(i, file) {
+	$.each(phpbb.plupload.uploader.files, function(i, file) {
 		if (file.status === status) {
 			files.push(file);
 		}
 	});
 	return files;
-}
+};
 
 /**
  * Check whether the user has reached the maximun number of files that he's allowed
  * to upload. If so, disables the uploader and marks the queued files as failed. Otherwise
  * makes sure that the uploader is enabled.
  *
- * @return bool Returns true if the limit has been reached. False if otherwise.
+ * @returns {bool} True if the limit has been reached. False if otherwise.
  */
 phpbb.plupload.handleMaxFilesReached = function() {
 	// If there is no limit, the user is an admin or moderator.
@@ -392,41 +380,36 @@ phpbb.plupload.handleMaxFilesReached = function() {
 		phpbb.plupload.markQueuedFailed(phpbb.plupload.lang.TOO_MANY_ATTACHMENTS);
 		// Disable the uploader.
 		phpbb.plupload.disableUploader();
-		uploader.trigger('Error', {message: phpbb.plupload.lang.TOO_MANY_ATTACHMENTS});
+		phpbb.plupload.uploader.trigger('Error', { message: phpbb.plupload.lang.TOO_MANY_ATTACHMENTS });
 
 		return true;
-	} else if(phpbb.plupload.maxFiles > phpbb.plupload.ids.length) {
+	} else if (phpbb.plupload.maxFiles > phpbb.plupload.ids.length) {
 		// Enable the uploader if the user is under the limit
 		phpbb.plupload.enableUploader();
 	}
 	return false;
-}
+};
 
 /**
  * Disable the uploader
- *
- * @return undefined
  */
 phpbb.plupload.disableUploader = function() {
 	$('#add_files').addClass('disabled');
-	uploader.disableBrowse();
-}
+	phpbb.plupload.uploader.disableBrowse();
+};
 
 /**
  * Enable the uploader
- *
- * @return undefined
  */
 phpbb.plupload.enableUploader = function() {
 	$('#add_files').removeClass('disabled');
-	uploader.disableBrowse(false);
-}
+	phpbb.plupload.uploader.disableBrowse(false);
+};
 
 /**
  * Mark all queued files as failed.
  *
- * @param string error Error message to present to the user.
- * @return undefined
+ * @param {string} error Error message to present to the user.
  */
 phpbb.plupload.markQueuedFailed = function(error) {
 	var files = phpbb.plupload.getFilesByStatus(plupload.QUEUED);
@@ -435,48 +418,49 @@ phpbb.plupload.markQueuedFailed = function(error) {
 		$('#' + file.id).find('.file-progress').hide();
 		phpbb.plupload.fileError(file, error);
 	});
-}
+};
 
 /**
  * Marks a file as failed and sets the error message for it.
  *
- * @param object file	Plupload file object that failed.
- * @param string error	Error message to present to the user.
- * @return undefined
+ * @param {object} file		Plupload file object that failed.
+ * @param {string} error	Error message to present to the user.
  */
 phpbb.plupload.fileError = function(file, error) {
 	file.status = plupload.FAILED;
 	file.error = error;
-	$('#' + file.id).find('.file-status').addClass('file-error').attr({'data-error-title': phpbb.plupload.lang.ERROR, 'data-error-message': error});
-}
-
-
+	$('#' + file.id).find('.file-status')
+		.addClass('file-error')
+		.attr({
+			'data-error-title': phpbb.plupload.lang.ERROR,
+			'data-error-message': error
+		});
+};
 
 
 /**
  * Set up the Plupload object and get some basic data.
  */
-var	uploader = new plupload.Uploader(phpbb.plupload.config);
+phpbb.plupload.uploader = new plupload.Uploader(phpbb.plupload.config);
 phpbb.plupload.initialize();
 
-
-
+var $fileList = $('#file-list');
 
 /**
  * Insert inline attachment bbcode.
  */
- $('#file-list').on('click', '.file-inline-bbcode', function(e) {
+$fileList.on('click', '.file-inline-bbcode', function(e) {
 	var attachId = $(this).parents('.attach-row').attr('data-attach-id'),
 		index = phpbb.plupload.getIndex(attachId);
 
-	attach_inline(index, phpbb.plupload.data[index].real_filename);	
+	attachInline(index, phpbb.plupload.data[index].real_filename);
 	e.preventDefault();
 });
 
 /**
  * Delete a file.
  */
-$('#file-list').on('click', '.file-delete', function(e) {
+$fileList.on('click', '.file-delete', function(e) {
 	var row = $(this).parents('.attach-row'),
 		attachId = row.attr('data-attach-id');
 
@@ -487,7 +471,7 @@ $('#file-list').on('click', '.file-delete', function(e) {
 /**
  * Display the error message for a particular file when the error icon is clicked.
  */
-$('#file-list').on('click', '.file-error', function(e) {
+$fileList.on('click', '.file-error', function(e) {
 	phpbb.alert($(this).attr('data-error-title'), $(this).attr('data-error-message'));
 	e.preventDefault();
 });
@@ -495,7 +479,7 @@ $('#file-list').on('click', '.file-error', function(e) {
 /**
  * Fires when an error occurs.
  */
-uploader.bind('Error', function(up, error) {
+phpbb.plupload.uploader.bind('Error', function(up, error) {
 	error.file.name = plupload.xmlEncode(error.file.name);
 
 	// The error message that Plupload provides for these is vague, so we'll be more specific.
@@ -512,18 +496,15 @@ uploader.bind('Error', function(up, error) {
  * send the real filename along with the chunk. This is necessary because
  * for some reason the filename is set to 'blob' whenever a file is chunked
  *
- * @param object up		The plupload.Uploader object
- * @param object file	The plupload.File object that is about to be
- * 	uploaded
- *
- * @return undefined
+ * @param {object} up	The plupload.Uploader object
+ * @param {object} file	The plupload.File object that is about to be uploaded
  */
-uploader.bind('BeforeUpload', function(up, file) {
+phpbb.plupload.uploader.bind('BeforeUpload', function(up, file) {
 	if (phpbb.plupload.handleMaxFilesReached()) {
 		return;
 	}
 
-	phpbb.plupload.updateMultipartParams({'real_filename': file.name});
+	phpbb.plupload.updateMultipartParams({ real_filename: file.name });
 });
 
 /**
@@ -531,14 +512,12 @@ uploader.bind('BeforeUpload', function(up, file) {
  * response from the server and checks for an error. If an error occurs it
  * is reported to the user and the upload of this particular file is halted
  *
- * @param object up			The plupload.Uploader object
- * @param object file		The plupload.File object whose chunk has just
+ * @param {object} up		The plupload.Uploader object
+ * @param {object} file		The plupload.File object whose chunk has just
  * 	been uploaded
- * @param object response	The response object from the server
- *
- * @return undefined
+ * @param {object} response	The response object from the server
  */
-uploader.bind('ChunkUploaded', function(up, file, response) {
+phpbb.plupload.uploader.bind('ChunkUploaded', function(up, file, response) {
 	if (response.chunk >= response.chunks - 1) {
 		return;
 	}
@@ -559,7 +538,7 @@ uploader.bind('ChunkUploaded', function(up, file, response) {
 
 	// If trigger_error() was called, then a permission error likely occurred.
 	if (typeof json.title !== 'undefined') {
-		json.error = {message: json.message};
+		json.error = { message: json.message };
 	}
 
 	if (json.error) {
@@ -576,10 +555,8 @@ uploader.bind('ChunkUploaded', function(up, file, response) {
 
 /**
  * Fires when files are added to the queue.
- *
- * @return undefined
  */
-uploader.bind('FilesAdded', function(up, files) {
+phpbb.plupload.uploader.bind('FilesAdded', function(up, files) {
 	// Prevent unnecessary requests to the server if the user already uploaded
 	// the maximum number of files allowed.
 	if (phpbb.plupload.handleMaxFilesReached()) {
@@ -587,13 +564,14 @@ uploader.bind('FilesAdded', function(up, files) {
 	}
 
 	// Switch the active tab if the style supports it
-	if (typeof activateSubPanel == 'function') {
-		activateSubPanel('attach-panel');
+	if (typeof activateSubPanel === 'function') {
+		activateSubPanel('attach-panel'); // jshint ignore: line
 	}
 
 	// Show the file list if there aren't any files currently.
-	if (!$('#file-list-container').is(':visible')) {
-		$('#file-list-container').show(100);
+	var $fileListContainer = $('#file-list-container');
+	if (!$fileListContainer.is(':visible')) {
+		$fileListContainer.show(100);
 	}
 
 	$.each(files, function(i, file) {
@@ -601,7 +579,7 @@ uploader.bind('FilesAdded', function(up, files) {
 	});
 
 	up.bind('UploadProgress', function(up, file) {
-		$('#' + file.id + " .file-progress-bar").css('width', file.percent + '%');
+		$('.file-progress-bar', '#' + file.id).css('width', file.percent + '%');
 		$('#file-total-progress-bar').css('width', up.total.percent + '%');
 	});
 
@@ -619,14 +597,12 @@ uploader.bind('FilesAdded', function(up, files) {
  * appends it to the next file upload so that the server can maintain state
  * with regards to the attachments in a given post
  *
- * @param object up			The plupload.Uploader object
- * @param object file		The plupload.File object that has just been
+ * @param {object} up		The plupload.Uploader object
+ * @param {object} file		The plupload.File object that has just been
  * 	uploaded
- * @param string response	The response string from the server
- *
- * @return undefined
+ * @param {string} response	The response string from the server
  */
-uploader.bind('FileUploaded', function(up, file, response) {
+phpbb.plupload.uploader.bind('FileUploaded', function(up, file, response) {
 	var json = {},
 		row = $('#' + file.id),
 		error;
@@ -635,7 +611,7 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	row.find('.file-progress').hide();
 
 	try {
-		json = $.parseJSON(response.response);
+		json = JSON.parse(response.response);
 	} catch (e) {
 		error = 'Error parsing server response.';
 	}
@@ -643,7 +619,7 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	// If trigger_error() was called, then a permission error likely occurred.
 	if (typeof json.title !== 'undefined') {
 		error = json.message;
-		up.trigger('Error', {message: error});
+		up.trigger('Error', { message: error });
 
 		// The rest of the queue will fail.
 		phpbb.plupload.markQueuedFailed(error);
@@ -654,25 +630,19 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	if (typeof error !== 'undefined') {
 		phpbb.plupload.fileError(file, error);
 	} else if (file.status === plupload.DONE) {
-		file.attachment_data = json['data'][0];
+		file.attachment_data = json.data[0];
 
 		row.attr('data-attach-id', file.attachment_data.attach_id);
 		row.find('.file-inline-bbcode').show();
 		row.find('.file-status').addClass('file-uploaded');
-		phpbb.plupload.update(json['data'], 'addition', 0, [json['download_url']]);
+		phpbb.plupload.update(json.data, 'addition', 0, [json.download_url]);
 	}
 });
 
 /**
- * Fires when the entire queue of files have been uploaded. 
- *
- * @param object up		The plupload.Uploader object
- * @param array files	An array of plupload.File objects that have just
- * 	been uploaded as part of a queue
- *
- * @return undefined
+ * Fires when the entire queue of files have been uploaded.
  */
-uploader.bind('UploadComplete', function(up, files) {
+phpbb.plupload.uploader.bind('UploadComplete', function() {
 	// Hide the progress bar
 	setTimeout(function() {
 		$('#file-total-progress-bar').fadeOut(500, function() {

phpBB/composer.json

@@ -38,11 +38,11 @@
 	},
 	"require-dev": {
 		"fabpot/goutte": "1.0.*",
+		"phing/phing": "2.4.*",
 		"phpunit/dbunit": "1.3.*",
 		"phpunit/phpunit": "4.1.*",
-		"phing/phing": "2.4.*",
 		"sami/sami": "1.*",
-		"squizlabs/php_codesniffer": "1.*",
+		"squizlabs/php_codesniffer": "2.*",
 		"symfony/browser-kit": "2.3.*",
 		"symfony/css-selector": "2.3.*",
 		"symfony/debug": "2.3.*",

phpBB/composer.lock

@@ -1,9 +1,10 @@
 {
     "_readme": [
         "This file locks the dependencies of your project to a known state",
-        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file"
+        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
+        "This file is @generated automatically"
     ],
-    "hash": "d93446768ea0665b7c55c01890153a67",
+    "hash": "17b51553237b78392baf2ec78bfdfbc0",
     "packages": [
         {
             "name": "lusitanian/oauth",
@@ -652,12 +653,12 @@
             "version": "v1.13.2",
             "source": {
                 "type": "git",
-                "url": "https://github.com/fabpot/Twig.git",
+                "url": "https://github.com/twigphp/Twig.git",
                 "reference": "6d6a1009427d1f398c9d40904147bf9f723d5755"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/fabpot/Twig/zipball/6d6a1009427d1f398c9d40904147bf9f723d5755",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/6d6a1009427d1f398c9d40904147bf9f723d5755",
                 "reference": "6d6a1009427d1f398c9d40904147bf9f723d5755",
                 "shasum": ""
             },
@@ -682,14 +683,11 @@
             "authors": [
                 {
                     "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com",
-                    "homepage": "http://fabien.potencier.org",
-                    "role": "Lead Developer"
+                    "email": "fabien@symfony.com"
                 },
                 {
                     "name": "Armin Ronacher",
-                    "email": "armin.ronacher@active-4.com",
-                    "role": "Project Founder"
+                    "email": "armin.ronacher@active-4.com"
                 }
             ],
             "description": "Twig, the flexible, fast, and secure template language for PHP",
@@ -703,21 +701,21 @@
     "packages-dev": [
         {
             "name": "fabpot/goutte",
-            "version": "v1.0.3",
+            "version": "v1.0.7",
             "source": {
                 "type": "git",
-                "url": "https://github.com/fabpot/Goutte.git",
-                "reference": "75c9f23c4122caf4ea3e87a42a00b471366e707f"
+                "url": "https://github.com/FriendsOfPHP/Goutte.git",
+                "reference": "794b196e76bdd37b5155cdecbad311f0a3b07625"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/fabpot/Goutte/zipball/75c9f23c4122caf4ea3e87a42a00b471366e707f",
-                "reference": "75c9f23c4122caf4ea3e87a42a00b471366e707f",
+                "url": "https://api.github.com/repos/FriendsOfPHP/Goutte/zipball/794b196e76bdd37b5155cdecbad311f0a3b07625",
+                "reference": "794b196e76bdd37b5155cdecbad311f0a3b07625",
                 "shasum": ""
             },
             "require": {
                 "ext-curl": "*",
-                "guzzle/http": ">=3.0.5,<3.8-dev",
+                "guzzle/http": "~3.1",
                 "php": ">=5.3.0",
                 "symfony/browser-kit": "~2.1",
                 "symfony/css-selector": "~2.1",
@@ -726,8 +724,8 @@
                 "symfony/process": "~2.1"
             },
             "require-dev": {
-                "guzzle/plugin-history": ">=3.0.5,<3.8-dev",
-                "guzzle/plugin-mock": ">=3.0.5,<3.8-dev"
+                "guzzle/plugin-history": "~3.1",
+                "guzzle/plugin-mock": "~3.1"
             },
             "type": "application",
             "extra": {
@@ -747,9 +745,7 @@
             "authors": [
                 {
                     "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com",
-                    "homepage": "http://fabien.potencier.org",
-                    "role": "Lead Developer"
+                    "email": "fabien@symfony.com"
                 }
             ],
             "description": "A simple PHP Web Scraper",
@@ -757,7 +753,7 @@
             "keywords": [
                 "scraper"
             ],
-            "time": "2013-08-16 06:03:22"
+            "time": "2014-10-09 15:52:51"
         },
         {
             "name": "guzzle/common",
@@ -1592,16 +1588,16 @@
         },
         {
             "name": "sami/sami",
-            "version": "v1.3",
+            "version": "v1.4",
             "source": {
                 "type": "git",
-                "url": "https://github.com/fabpot/Sami.git",
-                "reference": "76f2ed80b3420f7e2f6dcd5b7218b5a5781f4110"
+                "url": "https://github.com/FriendsOfPHP/Sami.git",
+                "reference": "70f29c781f7bef30181c814b9471b2ceac694454"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/fabpot/Sami/zipball/76f2ed80b3420f7e2f6dcd5b7218b5a5781f4110",
-                "reference": "76f2ed80b3420f7e2f6dcd5b7218b5a5781f4110",
+                "url": "https://api.github.com/repos/FriendsOfPHP/Sami/zipball/70f29c781f7bef30181c814b9471b2ceac694454",
+                "reference": "70f29c781f7bef30181c814b9471b2ceac694454",
                 "shasum": ""
             },
             "require": {
@@ -1622,7 +1618,7 @@
             "type": "application",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "1.3-dev"
+                    "dev-master": "1.4-dev"
                 }
             },
             "autoload": {
@@ -1637,9 +1633,7 @@
             "authors": [
                 {
                     "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com",
-                    "homepage": "http://fabien.potencier.org",
-                    "role": "Lead Developer"
+                    "email": "fabien@symfony.com"
                 }
             ],
             "description": "Sami, an API documentation generator",
@@ -1647,7 +1641,7 @@
             "keywords": [
                 "phpdoc"
             ],
-            "time": "2013-11-30 17:16:25"
+            "time": "2014-06-25 11:24:03"
         },
         {
             "name": "sebastian/comparator",
@@ -1918,41 +1912,45 @@
         },
         {
             "name": "squizlabs/php_codesniffer",
-            "version": "1.5.2",
+            "version": "2.3.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
-                "reference": "a76a39b317ce8106abe6264daa505e24e1731860"
+                "reference": "e96d8579fbed0c95ecf2a0501ec4f307a4aa6404"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/a76a39b317ce8106abe6264daa505e24e1731860",
-                "reference": "a76a39b317ce8106abe6264daa505e24e1731860",
+                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/e96d8579fbed0c95ecf2a0501ec4f307a4aa6404",
+                "reference": "e96d8579fbed0c95ecf2a0501ec4f307a4aa6404",
                 "shasum": ""
             },
             "require": {
                 "ext-tokenizer": "*",
+                "ext-xmlwriter": "*",
                 "php": ">=5.1.2"
             },
-            "suggest": {
-                "phpunit/php-timer": "dev-master"
-            },
             "bin": [
-                "scripts/phpcs"
+                "scripts/phpcs",
+                "scripts/phpcbf"
             ],
             "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
             "autoload": {
                 "classmap": [
                     "CodeSniffer.php",
                     "CodeSniffer/CLI.php",
                     "CodeSniffer/Exception.php",
                     "CodeSniffer/File.php",
+                    "CodeSniffer/Fixer.php",
                     "CodeSniffer/Report.php",
                     "CodeSniffer/Reporting.php",
                     "CodeSniffer/Sniff.php",
                     "CodeSniffer/Tokens.php",
                     "CodeSniffer/Reports/",
-                    "CodeSniffer/CommentParser/",
                     "CodeSniffer/Tokenizers/",
                     "CodeSniffer/DocGenerators/",
                     "CodeSniffer/Standards/AbstractPatternSniff.php",
@@ -1978,13 +1976,13 @@
                     "role": "lead"
                 }
             ],
-            "description": "PHP_CodeSniffer tokenises PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
+            "description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
             "homepage": "http://www.squizlabs.com/php-codesniffer",
             "keywords": [
                 "phpcs",
                 "standards"
             ],
-            "time": "2014-02-04 23:49:58"
+            "time": "2015-04-28 23:28:20"
         },
         {
             "name": "symfony/browser-kit",
@@ -2240,17 +2238,13 @@
             "time": "2014-10-01 05:38:33"
         }
     ],
-    "aliases": [
-
-    ],
+    "aliases": [],
     "minimum-stability": "stable",
-    "stability-flags": [
-
-    ],
+    "stability-flags": [],
+    "prefer-stable": false,
+    "prefer-lowest": false,
     "platform": {
         "php": ">=5.3.3"
     },
-    "platform-dev": [
-
-    ]
+    "platform-dev": []
 }

phpBB/config/content.yml

@@ -4,6 +4,7 @@ services:
         arguments:
             - @auth
             - @config
+            - @dispatcher
             - @dbal.conn
             - @user
             - %core.root_path%

phpBB/config/db.yml

@@ -18,6 +18,7 @@ services:
     migrator:
         class: phpbb\db\migrator
         arguments:
+            - @service_container
             - @config
             - @dbal.conn
             - @dbal.tools

phpBB/config/notification.yml

@@ -7,6 +7,7 @@ services:
             - @service_container
             - @user_loader
             - @config
+            - @dispatcher
             - @dbal.conn
             - @cache
             - @user

phpBB/config/routing.yml

@@ -1,7 +1,7 @@
 # Structure:
 #
 # foo_controller:
-#     pattern: /foo
+#     path: /foo
 #     defaults: { _controller: foo_sevice:method }
 #
 # The above will be accessed via app.php?controller=foo and it will

phpBB/config/services.yml

@@ -75,6 +75,7 @@ services:
             - @controller.provider
             - @ext.manager
             - @symfony_request
+            - @request
             - @filesystem
             - %core.root_path%
             - %core.php_ext%
@@ -108,6 +109,9 @@ services:
     filesystem:
         class: phpbb\filesystem
 
+    file_downloader:
+        class: phpbb\file_downloader
+
     http_kernel:
         class: Symfony\Component\HttpKernel\HttpKernel
         arguments:
@@ -155,6 +159,8 @@ services:
             - null
             - %core.disable_super_globals%
 
+    # WARNING: The Symfony request does not escape the input and should be used very carefully
+    #           prefer the phpbb request (service @request) as possible
     symfony_request:
         class: phpbb\symfony_request
         arguments:
@@ -178,4 +184,5 @@ services:
         arguments:
             - @cache
             - @config
+            - @file_downloader
             - @user

phpBB/develop/add_permissions.php

@@ -198,9 +198,9 @@ $prefixes = array('f_', 'a_', 'm_', 'u_');
 foreach ($prefixes as $prefix)
 {
 	$var = $prefix . 'permissions';
-	if (sizeof($$var))
+	if (sizeof(${$var}))
 	{
-		foreach ($$var as $auth_option => $l_ary)
+		foreach (${$var} as $auth_option => $l_ary)
 		{
 			$sql_ary = array(
 				'auth_option'	=> $auth_option,

phpBB/develop/create_schema_files.php

@@ -51,7 +51,6 @@ $classes = $finder->core_path('phpbb/')
 $db = new \phpbb\db\driver\sqlite();
 $schema_generator = new \phpbb\db\migration\schema_generator($classes, new \phpbb\config\config(array()), $db, new \phpbb\db\tools($db, true), $phpbb_root_path, $phpEx, $table_prefix);
 $schema_data = $schema_generator->get_schema();
-$dbms_type_map = phpbb\db\tools::get_dbms_type_map();
 
 $fp = fopen($schema_path . 'schema.json', 'wb');
 fwrite($fp, json_encode($schema_data, JSON_PRETTY_PRINT));

phpBB/develop/export_events_for_wiki.php

@@ -18,15 +18,19 @@ if (php_sapi_name() != 'cli')
 
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 $phpbb_root_path = __DIR__ . '/../';
+define('IN_PHPBB', true);
 
 function usage()
 {
-	echo "Usage: export_events_for_wiki.php COMMAND [EXTENSION]\n";
+	echo "Usage: export_events_for_wiki.php COMMAND [VERSION] [EXTENSION]\n";
 	echo "\n";
 	echo "COMMAND:\n";
 	echo "    all:\n";
 	echo "        Generate the complete wikipage for https://wiki.phpbb.com/Event_List\n";
 	echo "\n";
+	echo "    diff:\n";
+	echo "        Generate the Event Diff for the release highlights\n";
+	echo "\n";
 	echo "    php:\n";
 	echo "        Generate the PHP event section of Event_List\n";
 	echo "\n";
@@ -36,6 +40,9 @@ function usage()
 	echo "    styles:\n";
 	echo "        Generate the Styles Template event section of Event_List\n";
 	echo "\n";
+	echo "VERSION (diff only):\n";
+	echo "    Filter events (minimum version)\n";
+	echo "\n";
 	echo "EXTENSION (Optional):\n";
 	echo "    If not given, only core events will be exported.\n";
 	echo "    Otherwise only events from the extension will be exported.\n";
@@ -55,20 +62,32 @@ validate_argument_count($argc, 1);
 
 $action = $argv[1];
 $extension = isset($argv[2]) ? $argv[2] : null;
+$min_version = null;
 require __DIR__ . '/../phpbb/event/php_exporter.' . $phpEx;
 require __DIR__ . '/../phpbb/event/md_exporter.' . $phpEx;
+require __DIR__ . '/../includes/functions.' . $phpEx;
 require __DIR__ . '/../phpbb/event/recursive_event_filter_iterator.' . $phpEx;
 require __DIR__ . '/../phpbb/recursive_dot_prefix_filter_iterator.' . $phpEx;
 
 switch ($action)
 {
+
+	case 'diff':
+		echo '== Event changes ==' . "\n";
+		$min_version = $extension;
+		$extension = isset($argv[3]) ? $argv[3] : null;
+
 	case 'all':
-		echo '__FORCETOC__' . "\n";
+		if ($action === 'all')
+		{
+			echo '__FORCETOC__' . "\n";
+		}
+
 
 	case 'php':
-		$exporter = new \phpbb\event\php_exporter($phpbb_root_path, $extension);
+		$exporter = new \phpbb\event\php_exporter($phpbb_root_path, $extension, $min_version);
 		$exporter->crawl_phpbb_directory_php();
-		echo $exporter->export_events_for_wiki();
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'php')
 		{
@@ -78,9 +97,16 @@ switch ($action)
 		// no break;
 
 	case 'styles':
-		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension);
-		$exporter->crawl_phpbb_directory_styles('docs/events.md');
-		echo $exporter->export_events_for_wiki();
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
+		if ($min_version && $action === 'diff')
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'styles');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_styles('docs/events.md');
+		}
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'styles')
 		{
@@ -90,9 +116,16 @@ switch ($action)
 		// no break;
 
 	case 'adm':
-		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension);
-		$exporter->crawl_phpbb_directory_adm('docs/events.md');
-		echo $exporter->export_events_for_wiki();
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
+		if ($min_version && $action === 'diff')
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'adm');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_adm('docs/events.md');
+		}
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'all')
 		{

phpBB/develop/mysql_upgrader.php

@@ -62,10 +62,14 @@ echo "USE $dbname;$newline$newline";
 
 @set_time_limit(0);
 
-require($phpbb_root_path . 'includes/db/schema_data.' . $phpEx);
-require($phpbb_root_path . 'phpbb/db/tools.' . $phpEx);
+$finder = new \phpbb\finder(new \phpbb\filesystem(), $phpbb_root_path);
+$classes = $finder->core_path('phpbb/')
+	->directory('/db/migration/data')
+	->get_classes();
 
-$dbms_type_map = phpbb\db\tools::get_dbms_type_map();
+$schema_generator = new \phpbb\db\migration\schema_generator($classes, $config, $db, new \phpbb\db\tools($db, true), $phpbb_root_path, $phpEx, $table_prefix);
+$schema_data = $schema_generator->get_schema();
+$dbms_type_map = \phpbb\db\tools::get_dbms_type_map();
 
 foreach ($schema_data as $table_name => $table_data)
 {

phpBB/develop/regex_idn.php

@@ -0,0 +1,151 @@
+<?php
+//
+// Security message:
+//
+// This script is potentially dangerous.
+// Remove or comment the next line (die(".... ) to enable this script.
+// Do NOT FORGET to either remove this script or disable it after you have used it.
+//
+die("Please read the first lines of this script for instructions on how to enable it");
+
+// IP regular expressions
+
+$dec_octet = '(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])';
+$h16 = '[\dA-F]{1,4}';
+$ipv4 = "(?:$dec_octet\.){3}$dec_octet";
+$ls32 = "(?:$h16:$h16|$ipv4)";
+
+$ipv6_construct = array(
+	array(false,	'',		'{6}',	$ls32),
+	array(false,	'::',	'{0,5}', "(?:$h16(?::$h16)?|$ipv4)"),
+	array('',		':',	'{4}',	$ls32),
+	array('{1,2}',	':',	'{3}',	$ls32),
+	array('{1,3}',	':',	'{2}',	$ls32),
+	array('{1,4}',	':',	'',		$ls32),
+	array('{1,5}',	':',	false,	$ls32),
+	array('{1,6}',	':',	false,	$h16),
+	array('{1,7}',	':',	false,	''),
+	array(false, '::', false, '')
+);
+
+$ipv6 = '(?:';
+foreach ($ipv6_construct as $ip_type)
+{
+	$ipv6 .= '(?:';
+	if ($ip_type[0] !== false)
+	{
+		$ipv6 .= "(?:$h16:)" . $ip_type[0];
+	}
+	$ipv6 .= $ip_type[1];
+	if ($ip_type[2] !== false)
+	{
+		$ipv6 .= "(?:$h16:)" . $ip_type[2];
+	}
+	$ipv6 .= $ip_type[3] . ')|';
+}
+$ipv6 = substr($ipv6, 0, -1) . ')';
+
+echo 'IPv4: ' . $ipv4 . "<br /><br />\n\nIPv6: " . $ipv6 . "<br /><br />\n\n";
+
+// URL regular expressions
+
+/* IDN2008 characters derivation
+** http://unicode.org/faq/idn.html#33	- IDN FAQ: derivation of valid characters in terms of Unicode properties
+** http://unicode.org/reports/tr46/		- Unicode Technical Standard #46. Unicode IDNA Compatibility Processing
+** http://www.unicode.org/Public/UNIDATA/DerivedNormalizationProps.txt	- Unicode Character Database
+*/
+/*
+** Remove Control Characters and Whitespace (as in IDNA2003)
+*/
+$no_cc = '\p{C}\p{Z}';
+/*
+** Remove Symbols, Punctuation, non-decimal Numbers, and Enclosing Marks
+*/
+$no_symbol = '\p{S}\p{P}\p{Nl}\p{No}\p{Me}';
+/*
+** Remove characters used for archaic Hangul (Korean) - \p{HST=L} and \p{HST=V}
+** as per http://unicode.org/Public/UNIDATA/HangulSyllableType.txt
+*/
+$no_hangul = '\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}';
+/*
+** Remove three blocks of technical or archaic symbols.
+*/
+$no_cdm = '\x{20D0}-\x{20FF}';						// \p{block=Combining_Diacritical_Marks_For_Symbols}
+$no_musical = '\x{1D100}-\x{1D1FF}';					// \p{block=Musical_Symbols}
+$no_ancient_greek_musical = '\x{1D200}-\x{1D24F}';	// \p{block=Ancient_Greek_Musical_Notation}	
+/* Remove certain exceptions:
+** U+0640 ARABIC TATWEEL
+** U+07FA NKO LAJANYALAN
+** U+302E HANGUL SINGLE DOT TONE MARK
+** U+302F HANGUL DOUBLE DOT TONE MARK
+** U+3031 VERTICAL KANA REPEAT MARK
+** U+3032 VERTICAL KANA REPEAT WITH VOICED SOUND MARK
+** ..
+** U+3035 VERTICAL KANA REPEAT MARK LOWER HALF
+** U+303B VERTICAL IDEOGRAPHIC ITERATION MARK
+*/
+$no_certain_exceptions = '\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}';
+/* Add certain exceptions:
+** U+00B7 MIDDLE DOT
+** U+0375 GREEK LOWER NUMERAL SIGN
+** U+05F3 HEBREW PUNCTUATION GERESH
+** U+05F4 HEBREW PUNCTUATION GERSHAYIM
+** U+30FB KATAKANA MIDDLE DOT
+** U+002D HYPHEN-MINUS
+** U+06FD ARABIC SIGN SINDHI AMPERSAND
+** U+06FE ARABIC SIGN SINDHI POSTPOSITION MEN
+** U+0F0B TIBETAN MARK INTERSYLLABIC TSHEG
+** U+3007 IDEOGRAPHIC NUMBER ZERO
+*/
+$add_certain_exceptions = '\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}';
+/* Add special exceptions (Deviations):
+** U+00DF LATIN SMALL LETTER SHARP S
+** U+03C2 GREEK SMALL LETTER FINAL SIGMA
+** U+200C ZERO WIDTH NON-JOINER
+** U+200D ZERO WIDTH JOINER
+*/
+$add_deviations = '\x{00DF}\x{03C2}\x{200C}\x{200D}';
+
+// Concatenate remove/add regexes respectively
+$remove_chars = "$no_cc$no_symbol$no_hangul$no_cdm$no_musical$no_ancient_greek_musical$no_certain_exceptions";
+$add_chars = "$add_certain_exceptions$add_deviations";
+
+// Initialize inline mode
+$inline = false;
+
+do
+{
+	$inline = !$inline;
+
+	$pct_encoded = "%[\dA-F]{2}";
+	$unreserved = "$add_chars\pL0-9\-._~";
+	$sub_delims = ($inline) ? '!$&\'(*+,;=' : '!$&\'()*+,;=';
+	$scheme = ($inline) ? '[a-z][a-z\d+]*': '[a-z][a-z\d+\-.]*' ; // avoid automatic parsing of "word" in "last word.http://..."
+	$pchar = "(?:[^$remove_chars]*[$unreserved$sub_delims:@|]+|$pct_encoded)"; // rfc: no "|"
+
+	$reg_name = "(?:[^$remove_chars]*[$unreserved$sub_delims:@|]+|$pct_encoded)+"; // rfc: * instead of + and no "|" and no "@" and no ":" (included instead of userinfo)
+	//$userinfo = "(?:(?:[$unreserved$sub_delims:]+|$pct_encoded))*";
+	$ipv4_simple = '[0-9.]+';
+	$ipv6_simple = '\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\]';
+	$host = "(?:$reg_name|$ipv4_simple|$ipv6_simple)";
+	$port = '\d*';
+	//$authority = "(?:$userinfo@)?$host(?::$port)?";
+	$authority = "$host(?::$port)?";
+	$segment = "$pchar*";
+	$path_abempty = "(?:/$segment)*";
+	$hier_part = "/{2}$authority$path_abempty";
+	$query = "(?:[^$remove_chars]*[$unreserved$sub_delims:@/?|]+|$pct_encoded)*"; // pchar | "/" | "?", rfc: no "|"
+	$fragment = $query;
+
+	$url =  "$scheme:$hier_part(?:\?$query)?(?:\#$fragment)?";
+	echo (($inline) ? 'URL inline: ' : 'URL: ') . $url . "<br /><br />\n\n";
+
+	// no scheme, shortened authority, but host has to start with www.
+	$www_url =  "www\.$reg_name(?::$port)?$path_abempty(?:\?$query)?(?:\#$fragment)?";
+	echo (($inline) ? 'www.URL_inline: ' : 'www.URL: ') . $www_url . "<br /><br />\n\n";
+
+	// no schema and no authority
+	$relative_url = "$segment$path_abempty(?:\?$query)?(?:\#$fragment)?";
+	echo (($inline) ? 'relative URL inline: ' : 'relative URL: ') . $relative_url . "<br /><br />\n\n";
+}
+while ($inline);

phpBB/develop/search_fill.php

@@ -40,7 +40,7 @@ if (!class_exists($search_type))
 }
 
 $error = false;
-$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 if ($error)
 {

phpBB/docs/CREDITS.txt

@@ -24,9 +24,10 @@ phpBB Lead Developer:    naderman (Nils Adermann)
 
 phpBB Developers:        bantu (Andreas Fischer)
                          dhruv.goel92 (Dhruv Goel)
+                         Elsensee (Oliver Schramm)
                          marc1706 (Marc Alexander)
                          nickvergessen (Joas Schilling)
-                         nicofuma (Tristan Darricau)
+                         Nicofuma (Tristan Darricau)
                          prototech (Cesar Gallegos)
 
 For a list of phpBB Team members, please see:

phpBB/docs/FAQ.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x frequently asked questions" />
 <title>phpBB &bull; FAQ</title>
 
-<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
@@ -16,16 +16,16 @@
 	<a id="top" name="top" accesskey="t"></a>
 	<div id="page-header">
 		<div class="headerbar">
-			<div class="inner"><span class="corners-top"><span></span></span>
+			<div class="inner">
 
 			<div id="doc-description">
-				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
 				<h1>phpBB 3.1.x FAQ</h1>
 				<p>phpBB 3.1.x frequently asked questions</p>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
-			<span class="corners-bottom"><span></span></span></div>
+			</div>
 		</div>
 	</div>
 
@@ -35,12 +35,17 @@
 
 <!-- BEGIN DOCUMENT -->
 
-	<p>This is a very basic Frequently Asked Questions (FAQ) page which attempts to answer some of the more commonly asked questions. It is by no means exhaustive and should be used in combination with the 'built-in' User FAQ within phpBB, the community forums and our IRC channel (see <a href="README.html">README</a> for details).</p>
+	<p class="paragraph main-description">
+		This is a very basic Frequently Asked Questions (FAQ) page which attempts to answer some of the
+		more commonly asked questions. It is by no means exhaustive and should be used in combination with
+		the 'built-in' User FAQ within phpBB3, the community forums and our IRC channel
+		(see <a href="README.html">README</a> for details).
+	</p>
 
 	<h1>FAQ</h1>
 
 	<div class="paragraph menu">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -66,7 +71,7 @@
 
 		</div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -74,7 +79,7 @@
 	<a name="install"></a><h2>I am finding phpBB too difficult to install. Will you do it for me?</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -88,7 +93,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -99,7 +104,7 @@ A board is dealing in warez/porn/etc., you need to prevent them doing this!<br /
 I want to sue you because i think you host an illegal board!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -111,7 +116,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -119,7 +124,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="viewonline"></a><h2>According to viewonline a user is doing/reading something they should not be able to!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -131,7 +136,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -139,7 +144,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="mail"></a><h2>I keep getting Mail sending errors when I (or my users) post/send PM's/etc.!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -151,7 +156,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -159,7 +164,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="mail_language"></a><h2>My users are complaining that emails are not in their selected language!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -171,7 +176,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -179,7 +184,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="aol_browser"></a><h2>My AOL based users keep getting logged out!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -193,7 +198,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -201,7 +206,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="avatars"></a><h2>I am unable to upload avatars from my computer, regardless of the settings.</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -213,7 +218,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -221,7 +226,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="gallery_avatars"></a><h2>I just cannot get gallery avatars to appear!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -231,7 +236,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -239,17 +244,17 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="permissions"></a><h2>How do I use/set permissions?</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
-<p>Please read the paragraph about permissions in our extensive <a href="https://www.phpbb.com/support/documentation/3.0/">online documentation</a>.</p>
+<p>Please read the paragraph about permissions in our extensive <a href="https://www.phpbb.com/support/docs/en/3.1/ug/">online documentation</a>.</p>
 
 		</div>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -257,7 +262,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="login_issues"></a><h2>I (or my users) cannot stay logged in to the forum!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -269,7 +274,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -277,7 +282,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="logout_issues"></a><h2>My users are complaining about being logged out too quickly!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -287,7 +292,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -295,11 +300,11 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="not_answered"></a><h2>My question isn't answered here!</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
-<p>Please read our <a href="https://www.phpbb.com/support/documentation/3.0/">extensive user documentation</a> first, it may just explain what you want to know.</p>
+<p>Please read our <a href="https://www.phpbb.com/support/docs/en/3.1/ug/">extensive user documentation</a> first, it may just explain what you want to know.</p>
 
 <p>Feel free to search our community forum for the information you require. <strong>PLEASE DO NOT</strong> post your question without having first used search, chances are someone has already asked and answered your question. You can find our board here:</p>
 
@@ -309,7 +314,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -317,7 +322,7 @@ I want to sue you because i think you host an illegal board!</h2>
 <a name="disclaimer"></a><h2>Copyright and disclaimer</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -327,7 +332,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 <!-- END DOCUMENT -->

phpBB/docs/INSTALL.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x Installation, updating and conversion informations" />
 <title>phpBB &bull; Install</title>
 
-<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
@@ -16,16 +16,16 @@
 	<a id="top" name="top" accesskey="t"></a>
 	<div id="page-header">
 		<div class="headerbar">
-			<div class="inner"><span class="corners-top"><span></span></span>
+			<div class="inner">
 
 			<div id="doc-description">
-				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
 				<h1>phpBB 3.1.x Install</h1>
 				<p>phpBB 3.1.x Installation, updating and conversion informations</p>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
-			<span class="corners-bottom"><span></span></span></div>
+			</div>
 		</div>
 	</div>
 
@@ -35,16 +35,22 @@
 
 <!-- BEGIN DOCUMENT -->
 
-<p><strong>Please read this document completely before proceeding with installation, updating or converting.</strong></p>
+<div class="paragraph">
+	<p><strong>Please read this document completely before proceeding with installation, updating or converting.</strong></p>
 
-<p>This document will walk you through the basics on installing, updating and converting the forum software.</p>
-
-<p>A basic overview of running phpBB can be found in the accompanying <a href="README.html">README</a> file. Please ensure you read that document in addition to this! For more detailed information on using, installing, updating and converting phpBB you should read <a href="https://www.phpbb.com/support/documentation/3.0/">the documentation</a> available online.</p>
+	<p>This document will walk you through the basics on installing, updating and converting the forum software.</p>
 
+	<p>
+		A basic overview of running phpBB can be found in the accompanying <a href="README.html">README</a> file.
+		Please ensure you read that document in addition to this! For more detailed information on using, installing,
+		updating and converting phpBB you should read <a href="https://www.phpbb.com/support/docs/en/3.1/ug/">the documentation</a>
+		available online.
+	</p>
+</div>
 <h1>Install</h1>
 
 	<div class="paragraph menu">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -82,7 +88,7 @@
 
 		</div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -90,7 +96,7 @@
 	<a name="quickinstall"></a><h2>1. Quick install</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -114,7 +120,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -122,7 +128,7 @@
 	<a name="require"></a><h2>2. Requirements</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -165,7 +171,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -173,7 +179,7 @@
 	<a name="install"></a><h2>3. New installation</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -245,7 +251,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -253,7 +259,7 @@
 	<a name="update"></a><h2>4. Updating from stable releases of phpBB 3.1.x</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -297,13 +303,13 @@
 
 	<p>This update method is the recommended method for updating. This package detects changed files automatically and merges in changes if needed.</p>
 
-	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.10</strong>, you need the <code>phpBB-3.0.10_to_3.0.11.zip/tar.bz2</code> file.</p>
+	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.13</strong>, you need the <code>phpBB-3.0.13_to_3.0.14.zip/tar.bz2</code> file.</p>
 
 	<p>To perform the update, either follow the instructions from the <strong>Administration Control Panel-&gt;System</strong> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 
 	<ul>
 		<li>Go to the <a href="https://www.phpbb.com/downloads/">downloads page</a> and download the latest update package listed there, matching your current version.</li>
-		<li>Upload the uncompressed archive contents to your phpBB installation - only the install folder is required. Upload the whole install folder, retaining the file structure.</li>
+		<li>Upload the uncompressed archive contents to your phpBB installation - only the <code>install/</code> and <code>vendor/</code> folders are required. Upload these folders in their entirety, retaining the file structure.</li>
 		<li>After the install folder is present, phpBB will go offline automatically.</li>
 		<li>Point your browser to the install directory, for example <code>http://www.example.com/phpBB3/install/</code></li>
 		<li>Choose the "Update" Tab and follow the instructions</li>
@@ -321,7 +327,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -347,7 +353,7 @@
 					<li>The <code>store/</code> directory</li>
 				</ul></li>
 
-				<li>Upload the contents of the 3.1.x Full Package into your forum's directory.</li>
+				<li>Upload the contents of the 3.1.x Full Package into your forum's directory. Make sure the root level .htaccess file is included in the upload.</li>
 				<li>Browse to install/database_update.php</li>
 				<li>Delete the <code>install/</code> directory</li>
 			</ol>
@@ -363,7 +369,7 @@
 	<a name="convert"></a><h2>6. Conversion from phpBB 2.0.x to phpBB 3.1.x</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -418,7 +424,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -426,7 +432,7 @@
 	<a name="postinstall"></a><h2>7. Important (security related) post-Install tasks for all installation methods</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -456,15 +462,15 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
 
 <a name="anti_spam"></a><h2>8. Anti-Spam Measures</h2>
-		
+
 		<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 	<p>Like any online site that allows user input, your board could be subject to unwanted posts; often referred to as <a href="http://en.wikipedia.org/wiki/Forum_spam">forum spam</a>. The vast majority of these attacks will be from automated computer programs known as <a href="http://en.wikipedia.org/wiki/Spambot">spambots</a>. The attacks, generally, are not personal as the spammers are just trying to find accessible targets. phpBB has a number of anti-spam measures built in, including a range of CAPTCHAs. However, administrators are strongly urged to read and follow the advice for <a href="https://www.phpbb.com/support/spam/">Preventing Spam in phpBB</a> as soon as possible after completing the installation of your board.</p>
@@ -472,7 +478,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -480,7 +486,7 @@
 <a name="disclaimer"></a><h2>9. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -490,7 +496,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 <!-- END DOCUMENT -->

phpBB/docs/README.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x Readme" />
 <title>phpBB &bull; Readme</title>
 
-<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
@@ -16,15 +16,15 @@
 	<a id="top" name="top" accesskey="t"></a>
 	<div id="page-header">
 		<div class="headerbar">
-			<div class="inner"><span class="corners-top"><span></span></span>
+			<div class="inner">
 
 			<div id="doc-description">
-				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
 				<h1>phpBB 3.1.x Readme</h1>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
-			<span class="corners-bottom"><span></span></span></div>
+			</div>
 		</div>
 	</div>
 
@@ -34,12 +34,16 @@
 
 <!-- BEGIN DOCUMENT -->
 
-	<p>Thank you for downloading phpBB. This README will guide you through the basics of installation and operation of phpBB. Please ensure you read this and the accompanying documentation fully <strong>before</strong> proceeding with the installation.</p>
+	<p class="paragraph main-description">
+		Thank you for downloading phpBB. This README will guide you through the basics of installation
+		and operation of phpBB. Please ensure you read this and the accompanying documentation fully
+		<strong>before</strong> proceeding with the installation.
+	</p>
 
 	<h1>Readme</h1>
 
 	<div class="paragraph menu">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -73,7 +77,7 @@
 
 		</div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -81,7 +85,7 @@
 	<a name="install"></a><h2>1. Installing phpBB</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 	<p>Installation, update and conversion instructions can be found in the <a href="INSTALL.html">INSTALL</a> document in this directory. If you are intending on converting from a phpBB 2.0.x or 3.0.x installation we highly recommend that you backup any existing data before proceeding!</p>
@@ -110,7 +114,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -118,7 +122,7 @@
 	<a name="run"></a><h2>2. Running phpBB</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -134,7 +138,7 @@
 
 	<p>Installation of these packages is straightforward: simply download the required language pack, uncompress (unzip) it and via FTP transfer the included <code>language</code> and <code>styles</code> folders to the root of your board installation. The language can then be installed via the Administration Control Panel of your board: <code>Customise tab -&gt; Language management -&gt; Language packs</code>. A more detailed description of the process is in the Knowledge Base article, <a href="https://www.phpbb.com/kb/article/how-to-install-a-language-pack/">How to Install a Language Pack</a>.</p>
 
-	<p>If your language is not available, please visit our <a href="https://www.phpbb.com/community/viewforum.php?f=66">[3.0.x] Translations</a> forum where you will find topics on translations in progress. Should you wish to volunteer to translate a language not currently available or assist in maintaining an existing language pack, you can <a href="https://www.phpbb.com/languages/apply.php">Apply to become a translator</a>.</p>
+	<p>If your language is not available, please visit our <a href="https://www.phpbb.com/community/viewforum.php?f=491">[3.1.x] Translations</a> forum where you will find topics on translations in progress. Should you wish to volunteer to translate a language not currently available or assist in maintaining an existing language pack, you can <a href="https://www.phpbb.com/languages/apply.php">Apply to become a translator</a>.</p>
 
 	<a name="styles"></a><h3>2.ii. Styles</h3>
 
@@ -150,7 +154,7 @@
 
 	<a name="extensions"></a><h3>2.iii. Extensions</h3>
 
-	<p>We are proud to have a thriving extensions community. These third party extensions to the standard phpBB software, extend its capabilities still further. You can browse through many of the extensions in the <a href="https://www.phpbb.com/customise/db/extensions-27/">Extensions</a> section of our <a href="https://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
+	<p>We are proud to have a thriving extensions community. These third party extensions to the standard phpBB software, extend its capabilities still further. You can browse through many of the extensions in the <a href="https://www.phpbb.com/customise/db/extensions-36">Extensions</a> section of our <a href="https://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
 
 	<p>For more information about extensions, please see: <a href="https://www.phpbb.com/extensions">https://www.phpbb.com/extensions</a></p>
 
@@ -162,7 +166,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -170,7 +174,7 @@
 <a name="help"></a><h2>3. Getting help with phpBB</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -180,7 +184,7 @@
 
 	<p>Comprehensive documentation is now available on the phpBB website:</p>
 
-	<p><a href="https://www.phpbb.com/support/documentation/3.0/">https://www.phpbb.com/support/documentation/3.0/</a></p>
+	<p><a href="https://www.phpbb.com/support/docs/en/3.1/ug/">https://www.phpbb.com/support/docs/en/3.1/ug/</a></p>
 
 	<p>This covers everything from installation to setting permissions and managing users.</p>
 
@@ -208,7 +212,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -216,7 +220,7 @@
 <a name="status"></a><h2>4. Status of this version</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -232,7 +236,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -240,7 +244,7 @@
 <a name="bugs"></a><h2>5. Reporting Bugs</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -283,7 +287,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -291,7 +295,7 @@
 <a name="curbugs"></a><h2>6. Overview of current bug list</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -307,7 +311,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -315,7 +319,7 @@
 <a name="php"></a><h2>7. PHP compatibility issues</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -333,7 +337,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -341,7 +345,7 @@
 <a name="disclaimer"></a><h2>8. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -351,7 +355,7 @@
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 <!-- END DOCUMENT -->

phpBB/docs/assets/css/stylesheet.css

@@ -11,13 +11,21 @@ body {
 	font-family: Verdana, Helvetica, Arial, sans-serif;
 	color: #828282;
 	background-color: #FFFFFF;
-	font-size: 12px;
+	font-size: 10px;
 	margin: 0;
 	padding: 12px 0;
 }
 
 img { border-width: 0; }
 
+ul, ol {
+	font-size: 1.1em;
+}
+
+ul ul, ol ol {
+	font-size: inherit;
+}
+
 p {
 	line-height: 1.3em;
 	font-size: 1.1em;
@@ -70,7 +78,7 @@ h3 {
 	border-bottom: 1px solid #CCCCCC;
 	margin-bottom: 3px;
 	padding-bottom: 2px;
-	font-size: 1.05em;
+	font-size: 1.1em;
 	color: #115098;
 	margin-top: 20px;
 }
@@ -80,7 +88,7 @@ h4 {
 	font-weight: bold;
 	margin-bottom: 3px;
 	padding-bottom: 2px;
-	font-size: 1.05em;
+	font-size: 1.1em;
 	color: #115098;
 	margin-top: 20px;
 }
@@ -104,6 +112,7 @@ code {
 	border-width: 1px; 
 	border-style: solid; 
 	background-color: #FAFAFA; 
+	padding: 0 4px;
 }
 
 #wrap {
@@ -145,44 +154,16 @@ a#logo:hover {
 
 .headerbar {
 	background: #ebebeb none repeat-x 0 0;
+	border-radius: 7px;
 	color: #FFFFFF;
 	margin-bottom: 4px;
-	padding: 0 5px;
-}
-
-span.corners-top, span.corners-bottom, span.corners-top span, span.corners-bottom span {
-	font-size: 1px;
-	line-height: 1px;
-	display: block;
-	height: 5px;
-	background-repeat: no-repeat;
-}
-
-span.corners-top {
-	background-image: none;
-	background-position: 0 0;
-	margin: 0 -5px;
-}
-
-span.corners-top span {
-	background-image: none;
-	background-position: 100% 0;
-}
-
-span.corners-bottom {
-	background-image: none;
-	background-position: 0 100%;
-	margin: 0 -5px;
-	clear: both;
-}
-
-span.corners-bottom span {
-	background-image: none;
-	background-position: 100% 100%;
+	padding: 5px;
 }
 
 .paragraph {
-	padding: 0 10px;
+	border-radius: 7px;
+	font-size: 1.1em;
+	padding: 5px 10px;
 	margin-bottom: 4px;
 	background-repeat: no-repeat;
 	background-position: 100% 0;
@@ -197,6 +178,10 @@ span.corners-bottom span {
 	color: #000000;
 }
 
+.main-description {
+	font-size: 1.15em;
+}
+
 .content {
 	color: #333333;
 }
@@ -222,7 +207,7 @@ hr {
 
 .headerbar {
 	background-color: #12A3EB;
-	background-image: url("bg_header.gif");
+	background-image: url("../images/bg_header.gif");
 	color: #FFFFFF;
 }
 
@@ -231,23 +216,6 @@ hr {
 	color: #28313F;
 }
 
-
-span.corners-top {
-	background-image: url("corners_left.png");
-}
-
-span.corners-top span {
-	background-image: url("corners_right.png");
-}
-
-span.corners-bottom {
-	background-image: url("corners_left.png");
-}
-
-span.corners-bottom span {
-	background-image: url("corners_right.png");
-}
-
 .error {
 	color: #BC2A4D;
 }
@@ -257,10 +225,6 @@ a:visited	{ color: #105289; }
 a:hover	{ color: #D31141; }
 a:active	{ color: #368AD2; }
 
-.paragraph span.corners-top, .paragraph span.corners-bottom {
-	margin: 0 -10px;
-}
-
 .content {
 	padding: 0;
 	line-height: 1.48em;
@@ -288,13 +252,17 @@ a:active	{ color: #368AD2; }
 }
 
 * html hr { margin: 0; }
-* html span.corners-top, * html span.corners-bottom { background-image: url("corners_left.gif"); }
-* html span.corners-top span, * html span.corners-bottom span { background-image: url("corners_right.gif"); }
 
-.back2top {
-	clear: both;
+.top {
+	background: url("../images/icon_back_top.gif") no-repeat top left;
+	text-decoration: none;
+	width: 11px;
 	height: 11px;
-	text-align: right;
+	display: block;
+	float: right;
+	overflow: hidden;
+	letter-spacing: 1000px;
+	text-indent: 11px;
 }
 
 .content ol, .content ul {
@@ -350,3 +318,9 @@ a:active	{ color: #368AD2; }
 	clear: both;
 	margin-right: 1em;
 }
+
+.inner:after {
+	clear: both;
+	content: '';
+	display: block;
+}

phpBB/docs/auth_api.html

@@ -6,7 +6,7 @@
 <meta name="description" content="This is an explanation of how to use the phpBB auth/acl API" />
 <title>phpBB3 &bull; Auth API</title>
 
-<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
@@ -16,16 +16,16 @@
 	<a id="top" name="top" accesskey="t"></a>
 	<div id="page-header">
 		<div class="headerbar">
-			<div class="inner"><span class="corners-top"><span></span></span>
+			<div class="inner">
 
 			<div id="doc-description">
-				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
 				<h1>Auth API</h1>
 				<p>This is an explanation of how to use the phpBB auth/acl API</p>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
-			<span class="corners-bottom"><span></span></span></div>
+			</div>
 		</div>
 	</div>
 
@@ -35,12 +35,12 @@
 
 <!-- BEGIN DOCUMENT -->
 
-	<p>This is an explanation of how to use the phpBB auth/acl API.</p>
+	<p class="paragraph main-description">This is an explanation of how to use the phpBB auth/acl API.</p>
 
 	<h1>Auth API</h1>
 
 	<div class="paragraph menu">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -65,7 +65,7 @@
 
 		</div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -73,7 +73,7 @@
 <a name="intro"></a><h2>1. Introduction</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -86,8 +86,8 @@
 	<p>To use any methods contained with the <code>auth</code> class it first needs to be instantiated. This is best achieved early in the execution of the script in the following manner:</p>
 
 	<div class="codebox"><pre>
-$auth = new phpbb\auth\auth();
-	</pre></div>
+$auth = new phpbb\auth\auth();</pre>
+	</div>
 
 	<p>Once an instance of the class has been created you are free to call the various methods it contains. Please note that should you wish to use the <code>auth_admin</code> methods you will need to instantiate this separately but in the same way.</p>
 
@@ -95,7 +95,7 @@ $auth = new phpbb\auth\auth();
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -103,7 +103,7 @@ $auth = new phpbb\auth\auth();
 <a name="methods"></a><h2>2. Methods</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -114,8 +114,8 @@ $auth = new phpbb\auth\auth();
 	<p>The <code>acl</code> method is the initialisation routine for all the acl functions. If you intend calling any acl method you must first call this. The method takes as its one and only required parameter an associative array containing user information as stored in the database. This array must contain at least the following information; user_id, user_permissions and user_type. It is called in the following way:</p>
 
 	<div class="codebox"><pre>
-$auth-&gt;acl(<code>userdata</code>);
-	</pre></div>
+$auth-&gt;acl(<code>userdata</code>);</pre>
+	</div>
 
 	<p>Where userdata is the array containing the aforementioned data.</p>
 
@@ -124,8 +124,8 @@ $auth-&gt;acl(<code>userdata</code>);
 	<p>This method is the primary way of determining what a user can and cannot do for a given option globally or in a given forum. The method should be called in the following way:</p>
 
 	<div class="codebox"><pre>
-$result = $auth-&gt;acl_get(<code>option</code>[, <code>forum</code>]);
-	</pre></div>
+$result = $auth-&gt;acl_get(<code>option</code>[, <code>forum</code>]);</pre>
+	</div>
 
 	<p>Where option is a string representing the required option, e.g. 'f_list', 'm_edit', 'a_adduser', etc. By adding a ! in front of the option, e.g. '!f_list' the result of this method will be negated. The optional forum term is the integer forum_id.</p>
 
@@ -142,8 +142,8 @@ $result = $auth-&gt;acl_get(<code>option</code>[, <code>forum</code>]);
 	<p>The method should be called thus:</p>
 
 	<div class="codebox"><pre>
-$result = $auth-&gt;acl_gets(<code>option1</code>[, <code>option2</code>, ..., <code>optionN</code>, <code>forum</code>]);
-	</pre></div>
+$result = $auth-&gt;acl_gets(<code>option1</code>[, <code>option2</code>, ..., <code>optionN</code>, <code>forum</code>]);</pre>
+	</div>
 
 	<p>As with the <code>acl_get</code> method the options are strings representing the required permissions to check. The forum again is an integer representing a given forum_id.</p>
 
@@ -154,16 +154,16 @@ $result = $auth-&gt;acl_gets(<code>option1</code>[, <code>option2</code>, ..., <
 	<p>This method is used to find out in which forums a user is allowed to carry out an operation or to find out in which forums he is not allowed to carry out an operation. The method should be called in the following way:</p>
 
 	<div class="codebox"><pre>
-$result = $auth-&gt;acl_getf(<code>option</code>[, <code>clean</code>]);
-	</pre></div>
+$result = $auth-&gt;acl_getf(<code>option</code>[, <code>clean</code>]);</pre>
+	</div>
 
 	<p>Just like in the <code>acl_get</code> method the option is a string specifying the permission which has to be checked (negation using ! is allowed). The second parameter is a boolean. If it is set to false this method returns all forums with either zero or a positive integer. If it is set to true only those forums with a positive integer as the result will be returned.</p>
 
 	<p>The method returns an associative array of the form:</p>
 
 	<div class="codebox"><pre>
-array(<em>forum_id1</em> =&gt; array(<em>option</em> =&gt; <em>integer</em>), <em>forum_id2</em> =&gt; ...)
-	</pre></div>
+array(<em>forum_id1</em> =&gt; array(<em>option</em> =&gt; <em>integer</em>), <em>forum_id2</em> =&gt; ...)</pre>
+	</div>
 
 	<p>Where option is the option passed to the method and integer is either zero or a positive integer and the same <code>acl_get(option, forum_id)</code> would return.</p>
 
@@ -172,8 +172,8 @@ array(<em>forum_id1</em> =&gt; array(<em>option</em> =&gt; <em>integer</em>), <e
 	<p>This method is used to find out whether a user has a permission in at least one forum or globally. This method is similar to checking whether <code>acl_getf(option, true)</code> returned one or more forums but it's faster. It should be called in the following way:</p>
 
 	<div class="codebox"><pre>
-$result = $auth-&gt;acl_getf_global(<code>option</code>)
-	</pre></div>
+$result = $auth-&gt;acl_getf_global(<code>option</code>)</pre>
+	</div>
 
 	<p>As with the previous methods option is a string specifying the permission which has to be checked.</p>
 
@@ -230,7 +230,7 @@ $result = $auth-&gt;acl_get_list($user_id, $permissions, $forum_id);
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -238,7 +238,7 @@ $result = $auth-&gt;acl_get_list($user_id, $permissions, $forum_id);
 <a name="admin_related"></a><h2>3. Admin related functions</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -247,8 +247,8 @@ $result = $auth-&gt;acl_get_list($user_id, $permissions, $forum_id);
 	<p>To use any methods this class contains it first needs to be instantiated separately from <code>auth</code>. This is achieved in the same way as <code>auth</code>:</p>
 
 	<div class="codebox"><pre>
-$auth_admin = new auth_admin();
-	</pre></div>
+$auth_admin = new auth_admin();</pre>
+	</div>
 
 	<p>This instance gives you access to both the methods of this specific class and that of <code>auth</code>.</p>
 
@@ -256,7 +256,7 @@ $auth_admin = new auth_admin();
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -264,7 +264,7 @@ $auth_admin = new auth_admin();
 <a name="disclaimer"></a><h2>4. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -274,7 +274,7 @@ $auth_admin = new auth_admin();
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 <!-- END DOCUMENT -->

phpBB/docs/coding-guidelines.html

@@ -6,7 +6,7 @@
 <meta name="description" content="Ascraeus coding guidelines document" />
 <title>phpBB3 &bull; Coding Guidelines</title>
 
-<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
@@ -16,16 +16,16 @@
 	<a id="top" name="top" accesskey="t"></a>
 	<div id="page-header">
 		<div class="headerbar">
-			<div class="inner"><span class="corners-top"><span></span></span>
+			<div class="inner">
 
 			<div id="doc-description">
-				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
 				<h1>Coding Guidelines</h1>
 				<p>Ascraeus coding guidelines document</p>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
-			<span class="corners-bottom"><span></span></span></div>
+			</div>
 		</div>
 	</div>
 
@@ -35,12 +35,14 @@
 
 <!-- BEGIN DOCUMENT -->
 
-<p>These are the phpBB Coding Guidelines for Ascraeus, all attempts should be made to follow them as closely as possible.</p>
+<p class="paragraph main-description">
+	These are the phpBB Coding Guidelines for Ascraeus, all attempts should be made to follow them as closely as possible.
+</p>
 
 <h1>Coding Guidelines</h1>
 
 	<div class="paragraph menu">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -89,7 +91,7 @@
 
 		</div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -97,7 +99,7 @@
 <a name="defaults"></a><h2>1. Defaults</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -109,8 +111,8 @@
 
 	<div class="codebox"><pre>
 {TAB}$mode{TAB}{TAB}= $request->variable('mode', '');
-{TAB}$search_id{TAB}= $request->variable('search_id', '');
-	</pre></div>
+{TAB}$search_id{TAB}= $request->variable('search_id', '');</pre>
+	</div>
 
 	<p>If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.</p>
 
@@ -133,8 +135,8 @@
 * For full copyright and license information, please see
 * the docs/CREDITS.txt file.
 *
-*/
-	</pre></div>
+*/</pre>
+	</div>
 
 	<p>Please see the <a href="#locations">File Locations section</a> for the correct package name.</p>
 
@@ -157,8 +159,8 @@
 
 /**
 */
-{CODE}
-	</pre></div>
+{CODE}</pre>
+	</div>
 
 	<h4>Files containing only functions:</h4>
 
@@ -185,8 +187,8 @@ Small code snipped, mostly one or two defines or an if statement
 /**
 * {DOCUMENTATION}
 */
-class ...
-	</pre></div>
+class ...</pre>
+	</div>
 
 	<a name="locations"></a><h3>1.iii. File Locations</h3>
 
@@ -274,7 +276,7 @@ PHPBB_QA                   (Set board to QA-Mode, which means the updater also c
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -282,7 +284,7 @@ PHPBB_QA                   (Set board to QA-Mode, which means the updater also c
 <a name="code"></a><h2>2. Code Layout/Guidelines</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -317,8 +319,8 @@ for ($i = 0; $i &lt; $outer_size; $i++)
    {
       foo($i, $j);
    }
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<h4>Function Names:</h4>
 	<p>Functions should also be named descriptively. We're not programming in C here, we don't want to write functions called things like "stristr()". Again, all lower-case names with words separated by a single underscore character in PHP, and camel caps in JavaScript. Function names should be prefixed with "phpbb_" and preferably have a verb in them somewhere. Good function names are <code>phpbb_print_login_status()</code>, <code>phpbb_get_user_data()</code>, etc. Constructor functions in JavaScript should begin with a capital letter.</p>
@@ -344,14 +346,14 @@ phpbb/
   dir/
     class_name.php
       subdir/
-        class_name.php
-	</pre></div>
+        class_name.php</pre>
+	</div>
 
 	<div class="codebox"><pre>
 \phpbb\class_name            - phpbb/class_name.php
 \phpbb\dir\class_name        - phpbb/dir/class_name.php
-\phpbb\dir\subdir\class_name - phpbb/dir/subdir/class_name.php
-	</pre></div>
+\phpbb\dir\subdir\class_name - phpbb/dir/subdir/class_name.php</pre>
+	</div>
 
 
 	<h4>Summary:</h4>
@@ -377,8 +379,8 @@ while (condition)
 	do_stuff();
 
 for ($i = 0; $i &lt; size; $i++)
-	do_stuff($i);
-	</pre></div>
+	do_stuff($i);</pre>
+	</div>
 
 	<p class="good">// These are all right. </p>
 	<div class="codebox"><pre>
@@ -395,8 +397,8 @@ while (condition)
 for ($i = 0; $i &lt; size; $i++)
 {
 	do_stuff();
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<h4>Where to put the braces:</h4>
 	<p>In PHP code, braces always go on their own line. The closing brace should also always be at the same column as the corresponding opening brace, examples:</p>
@@ -427,8 +429,8 @@ while (condition)
 function do_stuff()
 {
 	...
-}
-	</pre></div>
+}</pre>
+	</div>
 	
 	<p>In JavaScript code, braces always go on the same line:</p>
 
@@ -451,8 +453,8 @@ while (condition) {
 
 function do_stuff() {
 	...
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<h4>Use spaces between tokens:</h4>
 	<p>This is another simple, easy step that helps keep code readable without much effort. Whenever you write an assignment, expression, etc.. Always leave <em>one</em> space between the tokens. Basically, write code as if it was English. Put spaces between variable names and operators. Don't put spaces just after an opening bracket or before a closing bracket. Don't put spaces just before a comma or a semicolon. This is best shown with a few examples, examples:</p>
@@ -476,26 +478,26 @@ for($i=0; $i&lt;$size; $i++) ...
 for ($i = 0; $i &lt; $size; $i++) ...
 
 $i=($j &lt; $size)?0:1;
-$i = ($j &lt; $size) ? 0 : 1;
-	</pre></div>
+$i = ($j &lt; $size) ? 0 : 1;</pre>
+	</div>
 
 	<h4>Operator precedence:</h4>
 	<p>Do you know the exact precedence of all the operators in PHP? Neither do I. Don't guess. Always make it obvious by using brackets to force the precedence of an equation so you know what it does. Remember to not over-use this, as it may harden the readability. Basically, do not enclose single expressions. Examples:</p>
 
 	<p class="bad">// what's the result? who knows. </p>
-	<div class="codebox"><pre>
-$bool = ($i &lt; 7 &amp;&amp; $j &gt; 8 || $k == 4);
-	</pre></div>
+	<div class="codebox">
+		<pre>$bool = ($i &lt; 7 &amp;&amp; $j &gt; 8 || $k == 4);</pre>
+	</div>
 
 	<p class="bad">// now you can be certain what I'm doing here.</p>
-	<div class="codebox"><pre>
-$bool = (($i &lt; 7) &amp;&amp; (($j &lt; 8) || ($k == 4)));
-	</pre></div>
+	<div class="codebox">
+		<pre>$bool = (($i &lt; 7) &amp;&amp; (($j &lt; 8) || ($k == 4)));</pre>
+	</div>
 
 	<p class="good">// But this one is even better, because it is easier on the eye but the intention is preserved</p>
-	<div class="codebox"><pre>
-$bool = ($i &lt; 7 &amp;&amp; ($j &lt; 8 || $k == 4));
-	</pre></div>
+	<div class="codebox">
+		<pre>$bool = ($i &lt; 7 &amp;&amp; ($j &lt; 8 || $k == 4));</pre>
+	</div>
 
 	<h4>Quoting strings:</h4>
 	<p>There are two different ways to quote strings in PHP - either with single quotes or with double quotes. The main difference is that the parser does variable interpolation in double-quoted strings, but not in single quoted strings. Because of this, you should <em>always</em> use single quotes <em>unless</em> you specifically need variable interpolation to be done on that string. This way, we can save the parser the trouble of parsing a bunch of strings where no interpolation needs to be done.</p>
@@ -505,25 +507,25 @@ $bool = ($i &lt; 7 &amp;&amp; ($j &lt; 8 || $k == 4));
 	<div class="codebox"><pre>
 $str = "This is a really long string with no variables for the parser to find.";
 
-do_stuff("$str");
-	</pre></div>
+do_stuff("$str");</pre>
+	</div>
 
 	<p class="good">// right</p>
 	<div class="codebox"><pre>
 $str = 'This is a really long string with no variables for the parser to find.';
 
-do_stuff($str);
-	</pre></div>
+do_stuff($str);</pre>
+	</div>
 
 	<p class="bad">// Sometimes single quotes are just not right</p>
 	<div class="codebox"><pre>
-$post_url = $phpbb_root_path . 'posting.' . $phpEx . '?mode=' . $mode . '&amp;amp;start=' . $start;
-	</pre></div>
+$post_url = $phpbb_root_path . 'posting.' . $phpEx . '?mode=' . $mode . '&amp;amp;start=' . $start;</pre>
+	</div>
 
 	<p class="good">// Double quotes are sometimes needed to not overcrowd the line with concatenations.</p>
 	<div class="codebox"><pre>
-$post_url = "{$phpbb_root_path}posting.$phpEx?mode=$mode&amp;amp;start=$start";
-	</pre></div>
+$post_url = "{$phpbb_root_path}posting.$phpEx?mode=$mode&amp;amp;start=$start";</pre>
+	</div>
 
 	<p>In SQL statements mixing single and double quotes is partly allowed (following the guidelines listed here about SQL formatting), else one should try to only use one method - mostly single quotes.</p>
 
@@ -535,40 +537,40 @@ $post_url = "{$phpbb_root_path}posting.$phpEx?mode=$mode&amp;amp;start=$start";
 $foo = array(
 	'bar' => 42,
 	'boo' => 23
-);
-	</pre></div>
+);</pre>
+	</div>
 
 	<p class="good">// right </p>
 	<div class="codebox"><pre>
 $foo = array(
 	'bar' => 42,
 	'boo' => 23,
-);
-	</pre></div>
+);</pre>
+	</div>
 
 
 	<h4>Associative array keys:</h4>
 	<p>In PHP, it's legal to use a literal string as a key to an associative array without quoting that string. We don't want to do this -- the string should always be quoted to avoid confusion. Note that this is only when we're using a literal, not when we're using a variable, examples:</p>
 
 	<p class="bad">// wrong</p>
-	<div class="codebox"><pre>
-$foo = $assoc_array[blah];
-	</pre></div>
+	<div class="codebox">
+		<pre>$foo = $assoc_array[blah];</pre>
+	</div>
 
 	<p class="good">// right </p>
-	<div class="codebox"><pre>
-$foo = $assoc_array['blah'];
-	</pre></div>
+	<div class="codebox">
+		<pre>$foo = $assoc_array['blah'];</pre>
+	</div>
 
 	<p class="bad">// wrong</p>
-	<div class="codebox"><pre>
-$foo = $assoc_array["$var"];
-	</pre></div>
+	<div class="codebox">
+		<pre>$foo = $assoc_array["$var"];</pre>
+	</div>
 
 	<p class="good">// right </p>
-	<div class="codebox"><pre>
-$foo = $assoc_array[$var];
-	</pre></div>
+	<div class="codebox">
+		<pre>$foo = $assoc_array[$var];</pre>
+	</div>
 
 	<h4>Comments:</h4>
 	<p>Each complex function should be preceded by a comment that tells a programmer everything they need to know to use that function. The meaning of every parameter, the expected input, and the output are required as a minimal comment. The function's behaviour in error conditions (and what those error conditions are) should also be present - but mostly included within the comment about the output.<br /><br />Especially important to document are any assumptions the code makes, or preconditions for its proper operation. Any one of the developers should be able to look at any part of the application and figure out what's going on in a reasonable amount of time.<br /><br />Avoid using <code>/* */</code> comment blocks for one-line comments, <code>//</code> should be used for one/two-liners.</p>
@@ -582,8 +584,8 @@ $foo = $assoc_array[$var];
 	<p class="bad">// wrong </p>
 	<div class="codebox"><pre>
 $array[++$i] = $j;
-$array[$i++] = $k;
-	</pre></div>
+$array[$i++] = $k;</pre>
+	</div>
 
 	<p class="good">// right </p>
 	<div class="codebox"><pre>
@@ -591,39 +593,38 @@ $i++;
 $array[$i] = $j;
 
 $array[$i] = $k;
-$i++;
-	</pre></div>
+$i++;</pre>
+	</div>
 
 	<h4>Inline conditionals:</h4>
 	<p>Inline conditionals should only be used to do very simple things. Preferably, they will only be used to do assignments, and not for function calls or anything complex at all. They can be harmful to readability if used incorrectly, so don't fall in love with saving typing by using them, examples:</p>
 
 	<p class="bad">// Bad place to use them</p>
 	<div class="codebox"><pre>
-($i &lt; $size &amp;&amp; $j &gt; $size) ? do_stuff($foo) : do_stuff($bar);
-	</pre></div>
+($i &lt; $size &amp;&amp; $j &gt; $size) ? do_stuff($foo) : do_stuff($bar);</pre>
+	</div>
 
 	<p class="good">// OK place to use them </p>
 	<div class="codebox"><pre>
-$min = ($i &lt; $j) ? $i : $j;
-	</pre></div>
+$min = ($i &lt; $j) ? $i : $j;</pre>
+	</div>
 
 	<h4>Don't use uninitialized variables.</h4>
 	<p>For phpBB3, we intend to use a higher level of run-time error reporting. This will mean that the use of an uninitialized variable will be reported as a warning. These warnings can be avoided by using the built-in isset() function to check whether a variable has been set - but preferably the variable is always existing. For checking if an array has a key set this can come in handy though, examples:</p>
 
 	<p class="bad">// Wrong </p>
-	<div class="codebox"><pre>
-if ($forum) ...
-	</pre></div>
+	<div class="codebox">
+		<pre>if ($forum) ...</pre>
+	</div>
 
 	<p class="good">// Right </p>
-	<div class="codebox"><pre>
-if (isset($forum)) ...
-	</pre></div>
+	<div class="codebox">
+		<pre>if (isset($forum)) ...</pre></div>
 
 	<p class="good">// Also possible</p>
-	<div class="codebox"><pre>
-if (isset($forum) &amp;&amp; $forum == 5)
-	</pre></div>
+	<div class="codebox">
+		<pre>if (isset($forum) &amp;&amp; $forum == 5)</pre>
+	</div>
 
 	<p>The <code>empty()</code> function is useful if you want to check if a variable is not set or being empty (an empty string, 0 as an integer or string, NULL, false, an empty array or a variable declared, but without a value in a class). Therefore empty should be used in favor of <code>isset($array) &amp;&amp; sizeof($array) &gt; 0</code> - this can be written in a shorter way as <code>!empty($array)</code>.</p>
 
@@ -640,8 +641,8 @@ switch ($mode)
 	case 'mode2':
 		// I am doing something completely different here
 		break;
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<p class="good">// Good </p>
 	<div class="codebox"><pre>
@@ -658,8 +659,8 @@ switch ($mode)
 	default:
 		// Always assume that a case was not caught
 	break;
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<p class="good">// Also good, if you have more code between the case and the break </p>
 	<div class="codebox"><pre>
@@ -682,8 +683,8 @@ switch ($mode)
 		// Always assume that a case was not caught
 
 	break;
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<p>Even if the break for the default case is not needed, it is sometimes better to include it just for readability and completeness.</p>
 
@@ -710,8 +711,8 @@ switch ($mode)
 		// Always assume that a case was not caught
 
 	break;
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<h4>Class Members</h4>
 	<p>Use the explicit visibility qualifiers <code>public</code>, <code>private</code> and <code>protected</code> for all properties instead of <code>var</code>.
@@ -721,14 +722,14 @@ switch ($mode)
 	<p class="bad">//Wrong </p>
 	<div class="codebox"><pre>
 var $x;
-private static function f()
-	</pre></div>
+private static function f()</pre>
+	</div>
 
 	<p class="good">// Right </p>
 	<div class="codebox"><pre>
 public $x;
-static private function f()
-	</pre></div>
+static private function f()</pre>
+	</div>
 
 	<h4>Constants</h4>
 	<p>Prefer class constants over global constants created with <code>define()</code>.</p>
@@ -748,8 +749,8 @@ $sql = 'SELECT *
 &lt;-one tab-&gt;WHERE a = 1
 &lt;-two tabs-&gt;AND (b = 2
 &lt;-three tabs-&gt;OR b = 3)
-&lt;-one tab-&gt;ORDER BY b';
-	</pre></div>
+&lt;-one tab-&gt;ORDER BY b';</pre>
+	</div>
 
 	<p>Here the example with the tabs applied:</p>
 
@@ -759,8 +760,8 @@ $sql = 'SELECT *
 	WHERE a = 1
 		AND (b = 2
 			OR b = 3)
-	ORDER BY b';
-	</pre></div>
+	ORDER BY b';</pre>
+	</div>
 
 	<h4>SQL Quotes: </h4>
 	<p>Use double quotes where applicable. (The variables in these examples are typecasted to integers beforehand.) Examples: </p>
@@ -769,16 +770,16 @@ $sql = 'SELECT *
 	<div class="codebox"><pre>
 "UPDATE " . SOME_TABLE . " SET something = something_else WHERE a = $b";
 
-'UPDATE ' . SOME_TABLE . ' SET something = ' . $user_id . ' WHERE a = ' . $something;
-	</pre></div>
+'UPDATE ' . SOME_TABLE . ' SET something = ' . $user_id . ' WHERE a = ' . $something;</pre>
+	</div>
 
 	<p class="good">// These are right. </p>
 
 	<div class="codebox"><pre>
 'UPDATE ' . SOME_TABLE . " SET something = something_else WHERE a = $b";
 
-'UPDATE ' . SOME_TABLE . " SET something = $user_id WHERE a = $something";
-	</pre></div>
+'UPDATE ' . SOME_TABLE . " SET something = $user_id WHERE a = $something";</pre>
+	</div>
 
 	<p>In other words use single quotes where no variable substitution is required or where the variable involved shouldn't appear within double quotes. Otherwise use double quotes.</p>
 
@@ -789,15 +790,15 @@ $sql = 'SELECT *
 	<div class="codebox"><pre>
 $sql = 'SELECT *
 	FROM ' . SOME_TABLE . '
-	WHERE a != 2';
-	</pre></div>
+	WHERE a != 2';</pre>
+	</div>
 
 	<p class="good">// This is right. </p>
 	<div class="codebox"><pre>
 $sql = 'SELECT *
 	FROM ' . SOME_TABLE . '
-	WHERE a &lt;&gt; 2';
-	</pre></div>
+	WHERE a &lt;&gt; 2';</pre>
+	</div>
 
 	<h4>Common DBAL methods: </h4>
 
@@ -808,8 +809,8 @@ $sql = 'SELECT *
 	<div class="codebox"><pre>
 $sql = 'SELECT *
 	FROM ' . SOME_TABLE . "
-	WHERE username = '" . $db-&gt;sql_escape($username) . "'";
-	</pre></div>
+	WHERE username = '" . $db-&gt;sql_escape($username) . "'";</pre>
+	</div>
 
 	<h4>sql_query_limit():</h4>
 
@@ -830,8 +831,8 @@ $sql_ary = array(
 	'moredata'		=&gt; $another_int,
 );
 
-$db-&gt;sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db-&gt;sql_build_array('INSERT', $sql_ary));
-	</pre></div>
+$db-&gt;sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db-&gt;sql_build_array('INSERT', $sql_ary));</pre>
+	</div>
 
 	<p>To complete the example, this is how an update statement would look like:</p>
 
@@ -845,8 +846,8 @@ $sql_ary = array(
 $sql = 'UPDATE ' . SOME_TABLE . '
 	SET ' . $db-&gt;sql_build_array('UPDATE', $sql_ary) . '
 	WHERE user_id = ' . (int) $user_id;
-$db-&gt;sql_query($sql);
-	</pre></div>
+$db-&gt;sql_query($sql);</pre>
+	</div>
 
 	<p>The <code>$db-&gt;sql_build_array()</code> function supports the following modes: <code>INSERT</code> (example above), <code>INSERT_SELECT</code> (building query for <code>INSERT INTO table (...) SELECT value, column ...</code> statements), <code>UPDATE</code> (example above) and <code>SELECT</code> (for building WHERE statement [AND logic]).</p>
 
@@ -869,8 +870,8 @@ $sql_ary[] = array(
 	'moredata'		=&gt; $another_int_2,
 );
 
-$db->sql_multi_insert(SOME_TABLE, $sql_ary);
-	</pre></div>
+$db->sql_multi_insert(SOME_TABLE, $sql_ary);</pre>
+	</div>
 
 	<h4>sql_in_set():</h4>
 
@@ -880,22 +881,22 @@ $db->sql_multi_insert(SOME_TABLE, $sql_ary);
 $sql = 'SELECT *
 	FROM ' . FORUMS_TABLE . '
 	WHERE ' . $db-&gt;sql_in_set('forum_id', $forum_ids);
-$db-&gt;sql_query($sql);
-	</pre></div>
+$db-&gt;sql_query($sql);</pre>
+	</div>
 
 	<p>Based on the number of values in $forum_ids, the query can look differently.</p>
 
 	<p class="good">// SQL Statement if $forum_ids = array(1, 2, 3);</p>
 
 	<div class="codebox"><pre>
-SELECT FROM phpbb_forums WHERE forum_id IN (1, 2, 3)
-	</pre></div>
+SELECT FROM phpbb_forums WHERE forum_id IN (1, 2, 3)</pre>
+	</div>
 
 	<p class="good">// SQL Statement if $forum_ids = array(1) or $forum_ids = 1</p>
 
 	<div class="codebox"><pre>
-SELECT FROM phpbb_forums WHERE forum_id = 1
-	</pre></div>
+SELECT FROM phpbb_forums WHERE forum_id = 1</pre>
+	</div>
 
 	<p>Of course the same is possible for doing a negative match against a number of values:</p>
 
@@ -903,22 +904,22 @@ SELECT FROM phpbb_forums WHERE forum_id = 1
 $sql = 'SELECT *
 	FROM ' . FORUMS_TABLE . '
 	WHERE ' . $db-&gt;sql_in_set('forum_id', $forum_ids, <strong>true</strong>);
-$db-&gt;sql_query($sql);
-	</pre></div>
+$db-&gt;sql_query($sql);</pre>
+	</div>
 
 	<p>Based on the number of values in $forum_ids, the query can look differently here too.</p>
 
 	<p class="good">// SQL Statement if $forum_ids = array(1, 2, 3);</p>
 
 	<div class="codebox"><pre>
-SELECT FROM phpbb_forums WHERE forum_id <strong>NOT</strong> IN (1, 2, 3)
-	</pre></div>
+SELECT FROM phpbb_forums WHERE forum_id <strong>NOT</strong> IN (1, 2, 3)</pre>
+	</div>
 
 	<p class="good">// SQL Statement if $forum_ids = array(1) or $forum_ids = 1</p>
 
 	<div class="codebox"><pre>
-SELECT FROM phpbb_forums WHERE forum_id <strong>&lt;&gt;</strong> 1
-	</pre></div>
+SELECT FROM phpbb_forums WHERE forum_id <strong>&lt;&gt;</strong> 1</pre>
+	</div>
 
 	<p>If the given array is empty, an error will be produced.</p>
 
@@ -948,8 +949,8 @@ $sql_array = array(
 	'ORDER_BY'	=&gt; 'left_id',
 );
 
-$sql = $db-&gt;sql_build_query('SELECT', $sql_array);
-	</pre></div>
+$sql = $db-&gt;sql_build_query('SELECT', $sql_array);</pre>
+	</div>
 
 	<p>The possible first parameter for sql_build_query() is SELECT or SELECT_DISTINCT. As you can see, the logic is pretty self-explaining. For the LEFT_JOIN key, just add another array if you want to join on to tables for example. The added benefit of using this construct is that you are able to easily build the query statement based on conditions - for example the above LEFT_JOIN is only necessary if server side topic tracking is enabled; a slight adjustement would be:</p>
 
@@ -984,8 +985,8 @@ else
 	// Here we read the cookie data
 }
 
-$sql = $db-&gt;sql_build_query('SELECT', $sql_array);
-	</pre></div>
+$sql = $db-&gt;sql_build_query('SELECT', $sql_array);</pre>
+	</div>
 
 	<a name="optimizing"></a><h3>2.iv. Optimizations</h3>
 
@@ -997,16 +998,16 @@ $sql = $db-&gt;sql_build_query('SELECT', $sql_array);
 for ($i = 0; $i &lt; sizeof($post_data); $i++)
 {
 	do_something();
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<p class="good">// You are able to assign the (not changing) result within the loop itself</p>
 	<div class="codebox"><pre>
 for ($i = 0, $size = sizeof($post_data); $i &lt; $size; $i++)
 {
 	do_something();
-}
-	</pre></div>
+}</pre>
+	</div>
 
 	<h4>Use of in_array(): </h4>
 	<p>Try to avoid using in_array() on huge arrays, and try to not place them into loops if the array to check consist of more than 20 entries. in_array() can be very time consuming and uses a lot of cpu processing time. For little checks it is not noticeable, but if checked against a huge array within a loop those checks alone can take several seconds. If you need this functionality, try using isset() on the arrays keys instead, actually shifting the values into keys and vice versa. A call to <code>isset($array[$var])</code> is a lot faster than <code>in_array($var, array_keys($array))</code> for example.</p>
@@ -1028,29 +1029,29 @@ for ($i = 0, $size = sizeof($post_data); $i &lt; $size; $i++)
 	<p class="bad">// Old method, do not use it</p>
 	<div class="codebox"><pre>
 $start = (isset($HTTP_GET_VARS['start'])) ? intval($HTTP_GET_VARS['start']) : intval($HTTP_POST_VARS['start']);
-$submit = (isset($HTTP_POST_VARS['submit'])) ? true : false;
-	</pre></div>
+$submit = (isset($HTTP_POST_VARS['submit'])) ? true : false;</pre>
+	</div>
 
 	<p class="good">// Use request var and define a default variable (use the correct type)</p>
 	<div class="codebox"><pre>
 $start = $request->variable('start', 0);
-$submit = $request->is_set_post('submit');
-	</pre></div>
+$submit = $request->is_set_post('submit');</pre>
+	</div>
 
 	<p class="bad">// $start is an int, the following use of $request->variable() therefore is not allowed</p>
 	<div class="codebox"><pre>
-$start = $request->variable('start', '0');
-	</pre></div>
+$start = $request->variable('start', '0');</pre>
+	</div>
 
 	<p class="good">// Getting an array, keys are integers, value defaults to 0</p>
 	<div class="codebox"><pre>
-$mark_array = $request->variable('mark', array(0));
-	</pre></div>
+$mark_array = $request->variable('mark', array(0));</pre>
+	</div>
 
 	<p class="good">// Getting an array, keys are strings, value defaults to 0</p>
 	<div class="codebox"><pre>
-$action_ary = $request->variable('action', array('' =&gt; 0));
-	</pre></div>
+$action_ary = $request->variable('action', array('' =&gt; 0));</pre>
+	</div>
 
 	<h4>Login checks/redirection: </h4>
 	<p>To show a forum login box use <code>login_forum_box($forum_data)</code>, else use the <code>login_box()</code> function.</p>
@@ -1073,8 +1074,8 @@ $action_ary = $request->variable('action', array('' =&gt; 0));
 		{
 			trigger_error('FORM_INVALID');
 		}
-	}
-	</pre></div>
+	}</pre>
+	</div>
 
 	<p>The string passed to <code>add_form_key()</code> needs to match the string passed to <code>check_form_key()</code>. Another requirement for this to work correctly is that all forms include the <code>{S_FORM_TOKEN}</code> template variable.</p>
 
@@ -1085,8 +1086,8 @@ $action_ary = $request->variable('action', array('' =&gt; 0));
 	<div class="codebox"><pre>
 $user-&gt;session_begin();
 $auth-&gt;acl($user-&gt;data);
-$user-&gt;setup();
-	</pre></div>
+$user-&gt;setup();</pre>
+	</div>
 
 	<p>The <code>$user-&gt;setup()</code> call can be used to pass on additional language definition and a custom style (used in viewforum).</p>
 
@@ -1094,16 +1095,16 @@ $user-&gt;setup();
 	<p>All messages/errors should be outputted by calling <code>trigger_error()</code> using the appropriate message type and language string. Example:</p>
 
 	<div class="codebox"><pre>
-trigger_error('NO_FORUM');
-	</pre></div>
+trigger_error('NO_FORUM');</pre>
+	</div>
 
 	<div class="codebox"><pre>
-trigger_error($user-&gt;lang['NO_FORUM']);
-	</pre></div>
+trigger_error($user-&gt;lang['NO_FORUM']);</pre>
+	</div>
 
 	<div class="codebox"><pre>
-trigger_error('NO_MODE', E_USER_ERROR);
-	</pre></div>
+trigger_error('NO_MODE', E_USER_ERROR);</pre>
+	</div>
 
 	<h4>Url formatting</h4>
 
@@ -1112,8 +1113,8 @@ trigger_error('NO_MODE', E_USER_ERROR);
 	<p>The <code>append_sid()</code> function from 2.0.x is available too, though it does not handle url alterations automatically. Please have a look at the code documentation if you want to get more details on how to use append_sid(). A sample call to append_sid() can look like this:</p>
 
 	<div class="codebox"><pre>
-append_sid(&quot;{$phpbb_root_path}memberlist.$phpEx&quot;, 'mode=group&amp;amp;g=' . $row['group_id'])
-	</pre></div>
+append_sid(&quot;{$phpbb_root_path}memberlist.$phpEx&quot;, 'mode=group&amp;amp;g=' . $row['group_id'])</pre>
+	</div>
 
 	<h4>General function usage: </h4>
 
@@ -1169,14 +1170,14 @@ append_sid(&quot;{$phpbb_root_path}memberlist.$phpEx&quot;, 'mode=group&amp;amp;
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
 
 <a name="styling"></a><h2>3. Styling</h2>
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 	<a name="cfgfiles"></a><h3>3.i. Style Config Files</h3>
@@ -1193,8 +1194,8 @@ phpbb_version = 3.1.0
 
 # Parent style
 # Set value to empty or to this style's name if this style does not have a parent style
-parent = prosilver
-	</pre></div>
+parent = prosilver</pre>
+	</div>
 	<a name="genstyling"></a><h3>3.2. General Styling Rules</h3>
 <p>Templates should be produced in a consistent manner. Where appropriate they should be based off an existing copy, e.g. index, viewforum or viewtopic (the combination of which implement a range of conditional and variable forms). Please also note that the indentation and coding guidelines also apply to templates where possible.</p>
 
@@ -1252,14 +1253,14 @@ parent = prosilver
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
 
 <a name="templating"></a><h2>4. Templating</h2>
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 	<a name="templates"></a><h3>4.i. General Templating</h3>
@@ -1748,7 +1749,7 @@ This may span multiple lines.
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -1758,7 +1759,7 @@ This may span multiple lines.
 <a name="charsets"></a><h2>5. Character Sets and Encodings</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -1821,7 +1822,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -1829,7 +1830,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 <a name="translation"></a><h2>6. Translation (<abbr title="Internationalisation">i18n</abbr>/<abbr title="Localisation">L10n</abbr>) Guidelines</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -2356,8 +2357,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 'PAGE_OF'	=&gt;	'Page %s of %s',
 		/* Just grabbing the replacements as they
 		come and hope they are in the right order */
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>&hellip; a clearer way to show explicit replacement ordering is to do:</p>
 
@@ -2366,8 +2367,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 'PAGE_OF'	=&gt;	'Page %1$s of %2$s',
 		/* Explicit ordering of the replacements,
 		even if they are the same order as English */
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>Why bother at all? Because some languages, the string transliterated back to English might read something like:</p>
 
@@ -2376,8 +2377,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 'PAGE_OF'	=&gt;	'Total of %2$s pages, currently on page %1$s',
 		/* Explicit ordering of the replacements,
 		reversed compared to English as the total comes first */
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<a name="usingplurals"></a><h3>6.iv. Using plurals</h3>
 
@@ -2395,8 +2396,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	<div class="codebox"><pre>
 	...
 	$user->lang('NUMBER_OF_ELEPHANTS', $number_of_elephants);
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>And the English translation would be:</p>
 
@@ -2407,8 +2408,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 		1	=> 'You have 1 elephant', // Singular
 		2	=> 'You have %d elephants', // Plural
 	),
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>While the Bosnian translation can have more cases:</p>
 
@@ -2420,16 +2421,16 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 		2	=> 'You have %d slona', // Used for 5, 6,
 		3	=> ...
 	),
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p><strong>NOTE:</strong> It is okay to use plurals for an unknown number compared to a single item, when the number is not known and displayed:</p>
 	<div class="codebox"><pre>
 	...
 	'MODERATOR'	=> 'Moderator',  // Your board has 1 moderator
 	'MODERATORS'	=> 'Moderators', // Your board has multiple moderators
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<a name="writingstyle"></a><h3>6.v. Writing Style</h3>
 
@@ -2443,8 +2444,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	...
 'CONV_ERROR_NO_AVATAR_PATH'
 	=&gt;	'Note to developer: you must specify $convertor['avatar_path'] to use %s.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Good - Literal straight quotes should be escaped with a backslash, ie: \</p>
 
@@ -2452,8 +2453,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	...
 'CONV_ERROR_NO_AVATAR_PATH'
 	=&gt;	'Note to developer: you must specify $convertor[\'avatar_path\'] to use %s.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>However, because phpBB3 now uses UTF-8 as its sole encoding, we can actually use this to our advantage and not have to remember to escape a straight quote when we don't have to:</p>
 
@@ -2462,24 +2463,24 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	<div class="codebox"><pre>
 	...
 'USE_PERMISSIONS'	=&gt;	'Test out user's permissions',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Okay - However, non-programmers wouldn't type "user\'s" automatically</p>
 
 	<div class="codebox"><pre>
 	...
 'USE_PERMISSIONS'	=&gt;	'Test out user\'s permissions',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Best - Use the Unicode Right-Single-Quotation-Mark character</p>
 
 	<div class="codebox"><pre>
 	...
 'USE_PERMISSIONS'	=&gt;	'Test out user&rsquo;s permissions',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>The <code>&quot;</code> (straight double quote), <code>&lt;</code> (less-than sign) and <code>&gt;</code> (greater-than sign) characters can all be used as displayed glyphs or as part of HTML markup, for example:</p>
 
@@ -2489,8 +2490,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	...
 'FOO_BAR'	=&gt;	'PHP version &lt; 5.3.3.&lt;br /&gt;
 	Visit &quot;Downloads&quot; at &lt;a href=&quot;http://www.php.net/&quot;&gt;www.php.net&lt;/a&gt;.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Okay - No more invalid HTML, but &quot;&amp;quot;&quot; is rather clumsy</p>
 
@@ -2498,8 +2499,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	...
 'FOO_BAR'	=&gt;	'PHP version &amp;lt; 5.3.3.&lt;br /&gt;
 	Visit &amp;quot;Downloads&amp;quot; at &lt;a href=&quot;http://www.php.net/&quot;&gt;www.php.net&lt;/a&gt;.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Best - No more invalid HTML, and usage of correct typographical quotation marks</p>
 
@@ -2507,8 +2508,8 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	...
 'FOO_BAR'	=&gt;	'PHP version &amp;lt; 5.3.3.&lt;br /&gt;
 	Visit &ldquo;Downloads&rdquo; at &lt;a href=&quot;http://www.php.net/&quot;&gt;www.php.net&lt;/a&gt;.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>Lastly, the <code>&amp;</code> (ampersand) must always be entitised regardless of where it is used:</p>
 
@@ -2517,16 +2518,16 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	<div class="codebox"><pre>
 	...
 'FOO_BAR'	=&gt;	'&lt;a href=&quot;http://somedomain.tld/?foo=1&amp;bar=2&quot;&gt;Foo &amp; Bar&lt;/a&gt;.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p class="good">// Good - Valid HTML, amperands are correctly entitised in all cases</p>
 
 	<div class="codebox"><pre>
 	...
 'FOO_BAR'	=&gt;	'&lt;a href=&quot;http://somedomain.tld/?foo=1&amp;amp;bar=2&quot;&gt;Foo &amp;amp; Bar&lt;/a&gt;.',
-	...
-	</pre></div>
+	...</pre>
+	</div>
 
 	<p>As for how these charcters are entered depends very much on choice of Operating System, current language locale/keyboard configuration and native abilities of the text editor used to edit phpBB language files. Please see <a href="http://en.wikipedia.org/wiki/Unicode#Input_methods">http://en.wikipedia.org/wiki/Unicode#Input_methods</a> for more information.</p>
 
@@ -2538,7 +2539,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 	<hr />
@@ -2546,7 +2547,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 <a name="disclaimer"></a><h2>7. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
-		<div class="inner"><span class="corners-top"><span></span></span>
+		<div class="inner">
 
 		<div class="content">
 
@@ -2556,7 +2557,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-		<span class="corners-bottom"><span></span></span></div>
+		</div>
 	</div>
 
 <!-- END DOCUMENT -->

phpBB/docs/events.md

@@ -16,11 +16,59 @@ acp_bbcodes_edit_fieldsets_after
 * Since: 3.1.0-a3
 * Purpose: Add settings to BBCode add/edit form
 
+acp_email_options_after
+===
+* Location: adm/style/acp_email.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to mass email form
+
+acp_forums_main_settings_append
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums at end of main settings section
+
+acp_forums_main_settings_prepend
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums before main settings section
+
 acp_forums_normal_settings_append
 ===
 * Location: adm/style/acp_forums.html
 * Since: 3.1.0-a1
-* Purpose: Add settings to forums
+* Purpose: Add settings to forums at end of normal settings section
+
+acp_forums_normal_settings_prepend
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums before normal settings section
+
+acp_forums_prune_settings_append
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums at end of prune settings section
+
+acp_forums_prune_settings_prepend
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums before prune settings section
+
+acp_forums_rules_settings_append
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums at end of rules settings section
+
+acp_forums_rules_settings_prepend
+===
+* Location: adm/style/acp_forums.html
+* Since: 3.1.2-RC1
+* Purpose: Add settings to forums before rules settings section
 
 acp_group_options_before
 ===
@@ -111,7 +159,7 @@ acp_ranks_list_column_before
 * Locations:
     + adm/style/acp_ranks.html
 * Since: 3.1.0-RC3
-* Purpose: Add content after the last column (but before the action column) 
+* Purpose: Add content after the last column (but before the action column)
 in the ranks list in the ACP
 
 acp_ranks_list_header_after
@@ -126,9 +174,30 @@ acp_ranks_list_header_before
 * Locations:
     + adm/style/acp_ranks.html
 * Since: 3.1.0-RC3
-* Purpose: Add content after the last header-column (but before the action column) 
+* Purpose: Add content after the last header-column (but before the action column)
 in the ranks list in the ACP
 
+acp_users_profile_before
+===
+* Locations:
+    + adm/style/acp_users_profile.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the profile details when editing a user in the ACP
+
+acp_users_profile_after
+===
+* Locations:
+    + adm/style/acp_users_profile.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the profile details but before the custom profile fields when editing a user in the ACP
+
+acp_users_profile_custom_after
+===
+* Locations:
+    + adm/style/acp_users_profile.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the the custom profile fields when editing a user in the ACP
+
 acp_simple_footer_after
 ===
 * Location: adm/style/simple_footer.html
@@ -224,6 +293,20 @@ forumlist_body_category_header_before
 * Since: 3.1.0-a4
 * Purpose: Add content before the header of the category on the forum list.
 
+forumlist_body_category_header_row_append
+===
+* Locations:
+    + styles/prosilver/template/forumlist_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content after the header row of the category on the forum list.
+
+forumlist_body_category_header_row_prepend
+===
+* Locations:
+    + styles/prosilver/template/forumlist_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content before the header row of the category on the forum list.
+
 forumlist_body_forum_row_after
 ===
 * Locations:
@@ -336,6 +419,14 @@ index_body_block_stats_prepend
 * Since: 3.1.0-b3
 * Purpose: Prepend content to the statistics list on the Board index
 
+index_body_forumlist_body_after
+===
+* Locations:
+    + styles/prosilver/template/index_body.html
+    + styles/subsilver2/template/index_body.html
+* Since: 3.1.1
+* Purpose: Add content after the forum list body on the index page
+
 index_body_markforums_after
 ===
 * Locations:
@@ -400,6 +491,54 @@ mcp_ban_unban_before
 * Since: 3.1.0-RC3
 * Purpose: Add additional fields to the unban form in MCP
 
+mcp_front_latest_logs_after
+===
+* Locations:
+    + styles/prosilver/template/mcp_front.html
+    + styles/subsilver2/template/mcp_front.html
+* Since: 3.1.3-RC1
+* Purpose: Add content after latest logs list
+
+mcp_front_latest_logs_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_front.html
+    + styles/subsilver2/template/mcp_front.html
+* Since: 3.1.3-RC1
+* Purpose: Add content before latest logs list
+
+mcp_front_latest_reported_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_front.html
+    + styles/subsilver2/template/mcp_front.html
+* Since: 3.1.3-RC1
+* Purpose: Add content before latest reported posts list
+
+mcp_front_latest_reported_pms_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_front.html
+    + styles/subsilver2/template/mcp_front.html
+* Since: 3.1.3-RC1
+* Purpose: Add content before latest reported private messages list
+
+mcp_front_latest_unapproved_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_front.html
+    + styles/subsilver2/template/mcp_front.html
+* Since: 3.1.3-RC1
+* Purpose: Add content before latest unapproved posts list
+
+mcp_post_additional_options
+===
+* Locations:
+    + styles/prosilver/template/mcp_post.html
+    + styles/subsilver2/template/mcp_post.html
+* Since: 3.1.5-RC1
+* Purpose: Add content within the list of post moderation actions
+
 memberlist_body_username_append
 ===
 * Locations:
@@ -418,6 +557,30 @@ memberlist_body_username_prepend
 * Purpose: Add information before every username in the memberlist. Works in
 all display modes (leader, group and normal memberlist).
 
+memberlist_search_fields_after
+===
+* Locations:
+    + styles/prosilver/template/memberlist_search.html
+    + styles/subsilver2/template/memberlist_search.html
+* Since: 3.1.2-RC1
+* Purpose: Add information after the search fields column.
+
+memberlist_search_fields_before
+===
+* Locations:
+    + styles/prosilver/template/memberlist_search.html
+    + styles/subsilver2/template/memberlist_search.html
+* Since: 3.1.2-RC1
+* Purpose: Add information before the search fields column.
+
+memberlist_search_sorting_options_before
+===
+* Locations:
+    + styles/prosilver/template/memberlist_search.html
+    + styles/subsilver2/template/memberlist_search.html
+* Since: 3.1.2-RC1
+* Purpose: Add information before the search sorting options field.
+
 memberlist_view_contact_after
 ===
 * Locations:
@@ -555,6 +718,14 @@ overall_footer_after
 * Since: 3.1.0-a1
 * Purpose: Add content at the end of the file, directly prior to the `</body>` tag
 
+overall_footer_body_after
+===
+* Locations:
+    + styles/prosilver/template/overall_footer.html
+    + styles/subsilver2/template/overall_footer.html
+* Since: 3.1.3-RC1
+* Purpose: Add content before the `</body>` tag but after the $SCRIPTS var, i.e. after the js scripts have been loaded
+
 overall_footer_breadcrumb_append
 ===
 * Locations:
@@ -691,6 +862,14 @@ overall_header_head_append
 * Since: 3.1.0-a1
 * Purpose: Add asset calls directly before the `</head>` tag
 
+overall_header_navbar_before
+===
+* Locations:
+    + styles/prosilver/template/overall_header.html
+    + styles/subsilver2/template/overall_header.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the navigation bar
+
 overall_header_navigation_append
 ===
 * Locations:
@@ -731,6 +910,13 @@ overall_header_page_body_before
 * Since: 3.1.0-b3
 * Purpose: Add content after the page-header, but before the page-body
 
+overall_header_searchbox_before
+===
+* Locations:
+    + styles/prosilver/template/overall_header.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the search box in the header
+
 overall_header_stylesheets_after
 ===
 * Locations:
@@ -740,6 +926,14 @@ overall_header_stylesheets_after
 * Purpose: Add asset calls after stylesheets within the `</head>` tag.
 Note that INCLUDECSS will not work with this event.
 
+posting_editor_bbcode_status_after
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after bbcode status
+
 posting_editor_buttons_after
 ===
 * Locations:
@@ -756,6 +950,14 @@ posting_editor_buttons_before
 * Since: 3.1.0-a3
 * Purpose: Add content before the BBCode posting buttons
 
+posting_editor_buttons_custom_tags_before
+===
+* Locations:
+    + styles/prosilver/template/posting_buttons.html
+    + styles/subsilver2/template/posting_buttons.html
+* Since: 3.1.2-RC1
+* Purpose: Add content inside the BBCode posting buttons and before the customs BBCode
+
 posting_editor_message_after
 ===
 * Locations:
@@ -780,6 +982,22 @@ posting_editor_options_prepend
 * Since: 3.1.0-a1
 * Purpose: Add posting options on the posting screen
 
+posting_editor_smilies_after
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after smilies
+
+posting_editor_smilies_before
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the smilies
+
 posting_editor_subject_after
 ===
 * Locations:
@@ -812,6 +1030,28 @@ posting_pm_header_find_username_before
 * Since: 3.1.0-RC4
 * Purpose: Add content before the find username link on composing pm
 
+posting_pm_layout_include_pm_header_after
+===
+* Locations:
+    + styles/prosilver/template/posting_pm_layout.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the include of posting_pm_header.html
+
+posting_pm_layout_include_pm_header_before
+===
+* Locations:
+    + styles/prosilver/template/posting_pm_layout.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the include of posting_pm_header.html
+
+posting_poll_body_options_after
+===
+* Locations:
+    + styles/prosilver/template/posting_poll_body.html
+    + styles/subsilver2/template/posting_poll_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the poll options on creating a poll
+
 quickreply_editor_panel_after
 ===
 * Locations:
@@ -844,6 +1084,30 @@ quickreply_editor_message_before
 * Since: 3.1.0-a4
 * Purpose: Add content before the quick reply textbox
 
+search_body_form_before
+===
+* Locations:
+    + styles/prosilver/template/search_body.html
+    + styles/subsilver2/template/search_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content before the search form
+
+search_results_header_after
+===
+* Locations:
+    + styles/prosilver/template/search_results.html
+    + styles/subsilver2/template/search_results.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the header of the search results
+
+search_results_header_before
+===
+* Locations:
+    + styles/prosilver/template/search_results.html
+    + styles/subsilver2/template/search_results.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the header of the search results.
+
 search_results_post_after
 ===
 * Locations:
@@ -874,6 +1138,14 @@ search_results_postprofile_before
 * Since: 3.1.0-b3
 * Purpose: Add content directly before the post author in search results (posts view mode)
 
+search_results_searchbox_after
+===
+* Locations:
+    + styles/prosilver/template/search_results.html
+    + styles/subsilver2/template/search_results.html
+* Since: 3.1.4-RC1
+* Purpose: Add content right after the searchbox of the search results.
+
 search_results_topic_after
 ===
 * Locations:
@@ -1011,7 +1283,7 @@ ucp_pm_viewmessage_post_buttons_after
     + styles/prosilver/template/ucp_pm_viewmessage.html
     + styles/subsilver2/template/ucp_pm_viewmessage.html
 * Since: 3.1.0-RC3
-* Purpose: Add post button to private messages (next to edit, quote etc), at 
+* Purpose: Add post button to private messages (next to edit, quote etc), at
 the end of the list.
 
 ucp_pm_viewmessage_post_buttons_before
@@ -1020,7 +1292,7 @@ ucp_pm_viewmessage_post_buttons_before
     + styles/prosilver/template/ucp_pm_viewmessage.html
     + styles/subsilver2/template/ucp_pm_viewmessage.html
 * Since: 3.1.0-RC3
-* Purpose: Add post button to private messages (next to edit, quote etc), at 
+* Purpose: Add post button to private messages (next to edit, quote etc), at
 the start of the list.
 
 ucp_pm_viewmessage_print_head_append
@@ -1099,6 +1371,38 @@ ucp_prefs_view_select_menu_append
 * Purpose: Add options to the bottom of the drop-down lists block of the Edit
 Display Options screen
 
+ucp_profile_profile_info_before
+===
+* Locations:
+    + styles/prosilver/template/ucp_profile_profile_info.html
+    + styles/subsilver2/template/ucp_profile_profile_info.html
+* Since: 3.1.4-RC1
+* Purpose: Add options in profile page fieldset - before jabber field.
+
+ucp_profile_profile_info_after
+===
+* Locations:
+    + styles/prosilver/template/ucp_profile_profile_info.html
+    + styles/subsilver2/template/ucp_profile_profile_info.html
+* Since: 3.1.4-RC1
+* Purpose: Add options in profile page fieldset - after custom profile fields.
+
+ucp_profile_register_details_before
+===
+* Locations:
+    + styles/prosilver/template/ucp_profile_reg_details.html
+    + styles/subsilver2/template/ucp_profile_reg_details.html
+* Since: 3.1.4-RC1
+* Purpose: Add options in profile page fieldset - before first field.
+
+ucp_profile_register_details_after
+===
+* Locations:
+    + styles/prosilver/template/ucp_profile_reg_details.html
+    + styles/subsilver2/template/ucp_profile_reg_details.html
+* Since: 3.1.4-RC1
+* Purpose: Add options in profile page fieldset - after confirm password field.
+
 ucp_register_credentials_before
 ===
 * Locations:
@@ -1235,6 +1539,22 @@ viewforum_forum_name_prepend
 * Since: 3.1.0-b3
 * Purpose: Add content directly before the forum name link on the View forum screen
 
+viewforum_forum_title_after
+===
+* Locations:
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/viewforum_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content directly after the forum title on the View forum screen
+
+viewforum_forum_title_before
+===
+* Locations:
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/viewforum_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content directly before the forum title on the View forum screen
+
 viewtopic_print_head_append
 ===
 * Locations:
@@ -1243,6 +1563,14 @@ viewtopic_print_head_append
 * Since: 3.1.0-a1
 * Purpose: Add asset calls directly before the `</head>` tag of the Print Topic screen
 
+viewtopic_body_pagination_top_after
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+    + styles/subsilver2/template/viewtopic_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the pagination at top
+
 viewtopic_body_avatar_after
 ===
 * Locations:
@@ -1319,6 +1647,22 @@ viewtopic_body_poll_question_prepend
 * Since: 3.1.0-b3
 * Purpose: Add content directly before the poll question on the View topic screen
 
+viewtopic_body_post_author_after
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+    + styles/subsilver2/template/viewtopic_body.html
+* Since: 3.1.3-RC1
+* Purpose: Add content directly after the post author on the view topic screen
+
+viewtopic_body_post_author_before
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+    + styles/subsilver2/template/viewtopic_body.html
+* Since: 3.1.3-RC1
+* Purpose: Add content directly before the post author on the view topic screen
+
 viewtopic_body_post_buttons_after
 ===
 * Locations:
@@ -1337,6 +1681,22 @@ viewtopic_body_post_buttons_before
 * Purpose: Add post button to posts (next to edit, quote etc), at the start of
 the list.
 
+viewtopic_body_post_buttons_list_after
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add post button custom list to posts (next to edit, quote etc),
+after the original list.
+
+viewtopic_body_post_buttons_list_before
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add post button custom list to posts (next to edit, quote etc),
+before the original list.
+
 viewtopic_body_postrow_custom_fields_after
 ===
 * Locations:
@@ -1379,6 +1739,22 @@ viewtopic_body_postrow_post_content_footer
 * Since: 3.1.0-RC4
 * Purpose: Add data at the end of the posts.
 
+viewtopic_body_postrow_post_details_after
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+    + styles/subsilver2/template/viewtopic_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the post details
+
+viewtopic_body_postrow_post_details_before
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+    + styles/subsilver2/template/viewtopic_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the post details
+
 viewtopic_body_postrow_post_notices_after
 ===
 * Locations:

phpBB/faq.php

@@ -35,8 +35,30 @@ switch ($mode)
 	break;
 
 	default:
-		$l_title = $user->lang['FAQ_EXPLAIN'];
-		$user->add_lang('faq', false, true);
+		$page_title = $user->lang['FAQ_EXPLAIN'];
+		$ext_name = $lang_file = '';
+
+		/**
+		 * You can use this event display a custom help page
+		 *
+		 * @event core.faq_mode_validation
+		 * @var	string	page_title		Title of the page
+		 * @var	string	mode			FAQ that is going to be displayed
+		 * @var	string	lang_file		Language file containing the help data
+		 * @var	string	ext_name		Vendor and extension name where the help
+		 *								language file can be loaded from
+		 * @since 3.1.4-RC1
+		 */
+		$vars = array(
+			'page_title',
+			'mode',
+			'lang_file',
+			'ext_name',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.faq_mode_validation', compact($vars)));
+
+		$l_title = $page_title;
+		$user->add_lang(($lang_file) ? $lang_file : 'faq', false, true, $ext_name);
 	break;
 }
 

phpBB/includes/acp/acp_attachments.php

@@ -153,7 +153,7 @@ class acp_attachments
 						'img_create_thumbnail'		=> array('lang' => 'CREATE_THUMBNAIL',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'img_max_thumb_width'		=> array('lang' => 'MAX_THUMB_WIDTH',		'validate' => 'int:0:999999999999999',	'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_min_thumb_filesize'	=> array('lang' => 'MIN_THUMB_FILESIZE',	'validate' => 'int:0:999999999999999',	'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
-						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'string',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
+						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'absolute_path',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
 						'img_max'					=> array('lang' => 'MAX_IMAGE_SIZE',		'validate' => 'int:0:9999',	'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_link'					=> array('lang' => 'IMAGE_LINK_SIZE',		'validate' => 'int:0:9999',	'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 					)

phpBB/includes/acp/acp_bbcodes.php

@@ -409,7 +409,9 @@ class acp_bbcodes
 	{
 		$bbcode_match = trim($bbcode_match);
 		$bbcode_tpl = trim($bbcode_tpl);
-		$utf8 = strpos($bbcode_match, 'INTTEXT') !== false;
+
+		// Allow unicode characters for URL|LOCAL_URL|RELATIVE_URL|INTTEXT tokens
+		$utf8 = preg_match('/(URL|LOCAL_URL|RELATIVE_URL|INTTEXT)/', $bbcode_match);
 
 		$utf8_pcre_properties = phpbb_pcre_utf8_support();
 

phpBB/includes/acp/acp_board.php

@@ -500,7 +500,7 @@ class acp_board
 		}
 
 		// We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
-		foreach ($display_vars['vars'] as $config_name => $null)
+		foreach ($display_vars['vars'] as $config_name => $data)
 		{
 			if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
 			{
@@ -514,7 +514,8 @@ class acp_board
 
 			if ($config_name == 'guest_style')
 			{
-				if (isset($cfg_array[$config_name])) {
+				if (isset($cfg_array[$config_name]))
+				{
 					$this->guest_style_set($cfg_array[$config_name]);
 				}
 				continue;
@@ -531,6 +532,13 @@ class acp_board
 
 			if ($submit)
 			{
+				if (strpos($data['type'], 'password') === 0 && $config_value === '********')
+				{
+					// Do not update password fields if the content is ********,
+					// because that is the password replacement we use to not
+					// send the password to the output
+					continue;
+				}
 				set_config($config_name, $config_value);
 
 				if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable']))
@@ -559,6 +567,7 @@ class acp_board
 			$old_auth_config = array();
 			foreach ($auth_providers as $provider)
 			{
+				/** @var \phpbb\auth\provider\provider_interface $provider */
 				if ($fields = $provider->acp())
 				{
 					// Check if we need to create config fields for this plugin and save config when submit was pressed
@@ -574,6 +583,14 @@ class acp_board
 							continue;
 						}
 
+						if (substr($field, -9) === '_password' && $cfg_array[$field] === '********')
+						{
+							// Do not update password fields if the content is ********,
+							// because that is the password replacement we use to not
+							// send the password to the output
+							continue;
+						}
+
 						$old_auth_config[$field] = $this->new_config[$field];
 						$config_value = $cfg_array[$field];
 						$this->new_config[$field] = $config_value;
@@ -615,7 +632,15 @@ class acp_board
 		{
 			add_log('admin', 'LOG_CONFIG_' . strtoupper($mode));
 
-			trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
+			$message = $user->lang('CONFIG_UPDATED');
+			$message_type = E_USER_NOTICE;
+			if (!$config['email_enable'] && in_array($mode, array('email', 'registration')) &&
+				in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN)))
+			{
+				$message .= '<br /><br />' . $user->lang('ACC_ACTIVATION_WARNING');
+				$message_type = E_USER_WARNING;
+			}
+			trigger_error($message . adm_back_link($this->u_action), $message_type);
 		}
 
 		$this->tpl_name = 'acp_board';
@@ -792,20 +817,19 @@ class acp_board
 		global $user, $config;
 
 		$act_ary = array(
-			'ACC_DISABLE' => USER_ACTIVATION_DISABLE,
-			'ACC_NONE' => USER_ACTIVATION_NONE,
+			'ACC_DISABLE'	=> array(true, USER_ACTIVATION_DISABLE),
+			'ACC_NONE'		=> array(true, USER_ACTIVATION_NONE),
+			'ACC_USER'		=> array($config['email_enable'], USER_ACTIVATION_SELF),
+			'ACC_ADMIN'		=> array($config['email_enable'], USER_ACTIVATION_ADMIN),
 		);
-		if ($config['email_enable'])
-		{
-			$act_ary['ACC_USER'] = USER_ACTIVATION_SELF;
-			$act_ary['ACC_ADMIN'] = USER_ACTIVATION_ADMIN;
-		}
-		$act_options = '';
 
-		foreach ($act_ary as $key => $value)
+		$act_options = '';
+		foreach ($act_ary as $key => $data)
 		{
+			list($available, $value) = $data;
 			$selected = ($selected_value == $value) ? ' selected="selected"' : '';
-			$act_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$key] . '</option>';
+			$class = (!$available) ? ' class="disabled-option"' : '';
+			$act_options .= '<option value="' . $value . '"' . $selected . $class . '>' . $user->lang($key) . '</option>';
 		}
 
 		return $act_options;

phpBB/includes/acp/acp_database.php

@@ -1173,6 +1173,7 @@ class postgres_extractor extends base_extractor
 				$this->flush($sql_data . ";\n");
 			}
 		}
+		$db->sql_freeresult($result);
 
 		$sql_data = '-- Table: ' . $table_name . "\n";
 		$sql_data .= "DROP TABLE $table_name;\n";

phpBB/includes/acp/acp_email.php

@@ -26,7 +26,7 @@ class acp_email
 	function main($id, $mode)
 	{
 		global $config, $db, $user, $auth, $template, $cache;
-		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
+		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $phpbb_dispatcher;
 
 		$user->add_lang('acp/email');
 		$this->tpl_name = 'acp_email';
@@ -40,6 +40,7 @@ class acp_email
 		$error = array();
 
 		$usernames	= request_var('usernames', '', true);
+		$usernames	= (!empty($usernames)) ? explode("\n", $usernames) : array();
 		$group_id	= request_var('g', 0);
 		$subject	= utf8_normalize_nfc(request_var('subject', '', true));
 		$message	= utf8_normalize_nfc(request_var('message', '', true));
@@ -69,14 +70,18 @@ class acp_email
 
 			if (!sizeof($error))
 			{
-				if ($usernames)
+				if (!empty($usernames))
 				{
 					// If giving usernames the admin is able to email inactive users too...
-					$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang
-						FROM ' . USERS_TABLE . '
-						WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . '
-							AND user_allow_massemail = 1
-						ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@'))
+					$sql_ary = array(
+						'SELECT'	=> 'username, user_email, user_jabber, user_notify_type, user_lang',
+						'FROM'		=> array(
+							USERS_TABLE		=> '',
+						),
+						'WHERE'		=> $db->sql_in_set('username_clean', array_map('utf8_clean_string', $usernames)) . '
+							AND user_allow_massemail = 1',
+						'ORDER_BY'	=> 'user_lang, user_notify_type',
+					);
 				}
 				else
 				{
@@ -123,8 +128,18 @@ class acp_email
 							),
 						);
 					}
-					$sql = $db->sql_build_query('SELECT', $sql_ary);
 				}
+				/**
+				* Modify sql query to change the list of users the email is sent to
+				*
+				* @event core.acp_email_modify_sql
+				* @var	array	sql_ary		Array which is used to build the sql query
+				* @since 3.1.2-RC1
+				*/
+				$vars = array('sql_ary');
+				extract($phpbb_dispatcher->trigger_event('core.acp_email_modify_sql', compact($vars)));
+
+				$sql = $db->sql_build_query('SELECT', $sql_ary);
 				$result = $db->sql_query($sql);
 				$row = $db->sql_fetchrow($result);
 
@@ -180,6 +195,39 @@ class acp_email
 
 				$errored = false;
 
+				$email_template = 'admin_send_email';
+				$template_data = array(
+					'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx),
+					'MESSAGE'		=> htmlspecialchars_decode($message),
+				);
+				$generate_log_entry = true;
+
+				/**
+				* Modify email template data before the emails are sent
+				*
+				* @event core.acp_email_send_before
+				* @var	string	email_template		The template to be used for sending the email
+				* @var	string	subject				The subject of the email
+				* @var	array	template_data		Array with template data assigned to email template
+				* @var	bool	generate_log_entry	If false, no log entry will be created
+				* @var	array	usernames			Usernames which will be displayed in log entry, if it will be created
+				* @var	int		group_id			The group this email will be sent to
+				* @var	bool	use_queue			If true, email queue will be used for sending
+				* @var	int		priority			Priority of sent emails
+				* @since 3.1.3-RC1
+				*/
+				$vars = array(
+					'email_template',
+					'subject',
+					'template_data',
+					'generate_log_entry',
+					'usernames',
+					'group_id',
+					'use_queue',
+					'priority',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.acp_email_send_before', compact($vars)));
+
 				for ($i = 0, $size = sizeof($email_list); $i < $size; $i++)
 				{
 					$used_lang = $email_list[$i][0]['lang'];
@@ -193,17 +241,14 @@ class acp_email
 						$messenger->im($email_row['jabber'], $email_row['name']);
 					}
 
-					$messenger->template('admin_send_email', $used_lang);
+					$messenger->template($email_template, $used_lang);
 
 					$messenger->anti_abuse_headers($config, $user);
 
 					$messenger->subject(htmlspecialchars_decode($subject));
 					$messenger->set_mail_priority($priority);
 
-					$messenger->assign_vars(array(
-						'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx),
-						'MESSAGE'		=> htmlspecialchars_decode($message))
-					);
+					$messenger->assign_vars($template_data);
 
 					if (!($messenger->send($used_method)))
 					{
@@ -214,24 +259,26 @@ class acp_email
 
 				$messenger->save_queue();
 
-				if ($usernames)
+				if ($generate_log_entry)
 				{
-					$usernames = explode("\n", $usernames);
-					add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames)));
-				}
-				else
-				{
-					if ($group_id)
+					if (!empty($usernames))
 					{
-						$group_name = get_group_name($group_id);
+						add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames)));
 					}
 					else
 					{
-						// Not great but the logging routine doesn't cope well with localising on the fly
-						$group_name = $user->lang['ALL_USERS'];
-					}
+						if ($group_id)
+						{
+							$group_name = get_group_name($group_id);
+						}
+						else
+						{
+							// Not great but the logging routine doesn't cope well with localising on the fly
+							$group_name = $user->lang['ALL_USERS'];
+						}
 
-					add_log('admin', 'LOG_MASS_EMAIL', $group_name);
+						add_log('admin', 'LOG_MASS_EMAIL', $group_name);
+					}
 				}
 
 				if (!$errored)
@@ -267,17 +314,31 @@ class acp_email
 		$s_priority_options .= '<option value="' . MAIL_NORMAL_PRIORITY . '" selected="selected">' . $user->lang['MAIL_NORMAL_PRIORITY'] . '</option>';
 		$s_priority_options .= '<option value="' . MAIL_HIGH_PRIORITY . '">' . $user->lang['MAIL_HIGH_PRIORITY'] . '</option>';
 
-		$template->assign_vars(array(
+		$template_data = array(
 			'S_WARNING'				=> (sizeof($error)) ? true : false,
 			'WARNING_MSG'			=> (sizeof($error)) ? implode('<br />', $error) : '',
 			'U_ACTION'				=> $this->u_action,
 			'S_GROUP_OPTIONS'		=> $select_list,
-			'USERNAMES'				=> $usernames,
+			'USERNAMES'				=> implode("\n", $usernames),
 			'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=acp_email&amp;field=usernames'),
 			'SUBJECT'				=> $subject,
 			'MESSAGE'				=> $message,
-			'S_PRIORITY_OPTIONS'	=> $s_priority_options)
+			'S_PRIORITY_OPTIONS'	=> $s_priority_options,
 		);
 
+		/**
+		* Modify custom email template data before we display the form
+		*
+		* @event core.acp_email_display
+		* @var	array	template_data		Array with template data assigned to email template
+		* @var	array	exclude				Array with groups which are excluded from group selection
+		* @var	array	usernames			Usernames which will be displayed in form
+		*
+		* @since 3.1.4-RC1
+		*/
+		$vars = array('template_data', 'exclude', 'usernames');
+		extract($phpbb_dispatcher->trigger_event('core.acp_email_display', compact($vars)));
+
+		$template->assign_vars($template_data);
 	}
 }

phpBB/includes/acp/acp_extensions.php

@@ -174,11 +174,6 @@ class acp_extensions
 					trigger_error($user->lang['EXTENSION_NOT_ENABLEABLE'] . adm_back_link($this->u_action), E_USER_WARNING);
 				}
 
-				if ($phpbb_extension_manager->is_enabled($ext_name))
-				{
-					redirect($this->u_action);
-				}
-
 				try
 				{
 					while ($phpbb_extension_manager->enable_step($ext_name))
@@ -537,7 +532,7 @@ class acp_extensions
 
 		$version_check = $meta['extra']['version-check'];
 
-		$version_helper = new \phpbb\version_helper($this->cache, $this->config, $this->user);
+		$version_helper = new \phpbb\version_helper($this->cache, $this->config, new \phpbb\file_downloader(), $this->user);
 		$version_helper->set_current_version($meta['version']);
 		$version_helper->set_file_location($version_check['host'], $version_check['directory'], $version_check['filename']);
 		$version_helper->force_stability($this->config['extension_force_unstable'] ? 'unstable' : null);

phpBB/includes/acp/acp_jabber.php

@@ -107,7 +107,10 @@ class acp_jabber
 			set_config('jab_host', $jab_host);
 			set_config('jab_port', $jab_port);
 			set_config('jab_username', $jab_username);
-			set_config('jab_password', $jab_password);
+			if ($jab_password !== '********')
+			{
+				set_config('jab_password', $jab_password);
+			}
 			set_config('jab_package_size', $jab_package_size);
 			set_config('jab_use_ssl', $jab_use_ssl);
 
@@ -122,7 +125,7 @@ class acp_jabber
 			'JAB_HOST'				=> $jab_host,
 			'JAB_PORT'				=> ($jab_port) ? $jab_port : '',
 			'JAB_USERNAME'			=> $jab_username,
-			'JAB_PASSWORD'			=> $jab_password,
+			'JAB_PASSWORD'			=> $jab_password !== '' ? '********' : '',
 			'JAB_PACKAGE_SIZE'		=> $jab_package_size,
 			'JAB_USE_SSL'			=> $jab_use_ssl,
 			'S_CAN_USE_SSL'			=> jabber::can_use_ssl(),

phpBB/includes/acp/acp_main.php

@@ -632,7 +632,7 @@ class acp_main
 		{
 			$error = false;
 			$search_type = $config['search_type'];
-			$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+			$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 			if (!$search->index_created())
 			{

phpBB/includes/acp/acp_profile.php

@@ -460,7 +460,7 @@ class acp_profile
 
 					if (!$cp->vars[$key] && $action == 'edit')
 					{
-						$cp->vars[$key] = $$key;
+						$cp->vars[$key] = ${$key};
 					}
 
 					$field_data = $cp->vars;

phpBB/includes/acp/acp_prune.php

@@ -397,7 +397,7 @@ class acp_prune
 			$joined_after = request_var('joined_after', '');
 			$active = request_var('active', '');
 
-			$count = request_var('count', 0);
+			$count = ($request->variable('count', '') === '') ? false : $request->variable('count', 0);
 
 			$active = ($active) ? explode('-', $active) : array();
 			$joined_before = ($joined_before) ? explode('-', $joined_before) : array();
@@ -439,7 +439,7 @@ class acp_prune
 			$where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : '';
 			$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : '';
 			$where_sql .= $joined_sql;
-			$where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
+			$where_sql .= ($count !== false) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
 
 			// First handle pruning of users who never logged in, last active date is 0000-00-00
 			if (sizeof($active) && (int) $active[0] == 0 && (int) $active[1] == 0 && (int) $active[2] == 0)
@@ -506,9 +506,9 @@ class acp_prune
 				WHERE ug.group_id = ' . (int) $group_id . '
 					AND ug.user_id <> ' . ANONYMOUS . '
 					AND u.user_type <> ' . USER_FOUNDER . '
-					AND ug.user_pending = 0 ' .
-					((!empty($user_ids)) ? 'AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . '
-					AND u.user_id = ug.user_id';
+					AND ug.user_pending = 0
+					AND u.user_id = ug.user_id
+					' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '');
 			$result = $db->sql_query($sql);
 
 			// we're performing an intersection operation, so all the relevant users
@@ -532,10 +532,10 @@ class acp_prune
 			$sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts
 				FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
 				WHERE u.user_id <> ' . ANONYMOUS . '
-					AND u.user_type <> ' . USER_FOUNDER .
-					((!empty($user_ids)) ? 'AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . '
+					AND u.user_type <> ' . USER_FOUNDER . '
 					AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . '
 					AND u.user_id = p.poster_id
+					' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . '
 				GROUP BY p.poster_id
 				HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue;
 			$result = $db->sql_query($sql);

phpBB/includes/acp/acp_search.php

@@ -449,7 +449,6 @@ class acp_search
 
 		$search = null;
 		$error = false;
-		$search_options = '';
 		foreach ($search_types as $type)
 		{
 			if ($this->init_search($type, $search, $error) || !method_exists($search, 'index_created'))
@@ -599,7 +598,7 @@ class acp_search
 	*/
 	function init_search($type, &$search, &$error)
 	{
-		global $phpbb_root_path, $phpEx, $user, $auth, $config, $db;
+		global $phpbb_root_path, $phpEx, $user, $auth, $config, $db, $phpbb_dispatcher;
 
 		if (!class_exists($type) || !method_exists($type, 'keyword_search'))
 		{
@@ -608,7 +607,7 @@ class acp_search
 		}
 
 		$error = false;
-		$search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		return $error;
 	}

phpBB/includes/acp/acp_styles.php

@@ -29,14 +29,31 @@ class acp_styles
 	protected $styles_path;
 	protected $styles_path_absolute = 'styles';
 	protected $default_style = 0;
+	protected $styles_list_cols = 0;
+	protected $reserved_style_names = array('adm', 'admin', 'all');
 
+	/** @var \phpbb\db\driver\driver_interface */
 	protected $db;
+
+	/** @var \phpbb\user */
 	protected $user;
+
+	/** @var \phpbb\template\template */
 	protected $template;
+
+	/** @var \phpbb\request\request_interface */
 	protected $request;
+
+	/** @var \phpbb\cache\driver\driver_interface */
 	protected $cache;
+
+	/** @var \phpbb\auth\auth */
 	protected $auth;
+
+	/** @var string */
 	protected $phpbb_root_path;
+
+	/** @var string */
 	protected $php_ext;
 
 	public function main($id, $mode)
@@ -164,6 +181,12 @@ class acp_styles
 		$last_installed = false;
 		foreach ($dirs as $dir)
 		{
+			if (in_array($dir, $this->reserved_style_names))
+			{
+				$messages[] = $this->user->lang('STYLE_NAME_RESERVED', htmlspecialchars($dir));
+				continue;
+			}
+
 			$found = false;
 			foreach ($styles as &$style)
 			{
@@ -809,7 +832,7 @@ class acp_styles
 	* Update styles tree
 	*
 	* @param array $styles Styles list, passed as reference
-	* @param array $style Current style, false if root
+	* @param array|false $style Current style, false if root
 	* @return bool True if something was updated, false if not
 	*/
 	protected function update_styles_tree(&$styles, $style = false)
@@ -1091,7 +1114,7 @@ class acp_styles
 	/**
 	* Install style
 	*
-	* @param $style style data
+	* @param array $style style data
 	* @return int Style id
 	*/
 	protected function install_style($style)

phpBB/includes/acp/acp_users.php

@@ -173,6 +173,21 @@ class acp_users
 				$delete_type	= request_var('delete_type', '');
 				$ip				= request_var('ip', 'ip');
 
+				/**
+				 * Run code at beginning of ACP users overview
+				 *
+				 * @event core.acp_users_overview_before
+				 * @var	array   user_row    Current user data
+				 * @var	string  mode        Active module
+				 * @var	string  action      Module that should be run
+				 * @var	bool    submit      Do we display the form only
+				 *                          or did the user press submit
+				 * @var	array   error       Array holding error messages
+				 * @since 3.1.3-RC1
+				 */
+				$vars = array('user_row', 'mode', 'action', 'submit', 'error');
+				extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_before', compact($vars)));
+
 				if ($submit)
 				{
 					if ($delete)
@@ -1362,6 +1377,19 @@ class acp_users
 				$data['bday_year']		= request_var('bday_year', $data['bday_year']);
 				$data['user_birthday']	= sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
 
+				/**
+				* Modify user data on editing profile in ACP
+				*
+				* @event core.acp_users_modify_profile
+				* @var	array	data		Array with user profile data
+				* @var	bool	submit		Flag indicating if submit button has been pressed
+				* @var	int		user_id		The user id
+				* @var	array	user_row	Array with the full user data
+				* @since 3.1.4-RC1
+				*/
+				$vars = array('data', 'submit', 'user_id', 'user_row');
+				extract($phpbb_dispatcher->trigger_event('core.acp_users_modify_profile', compact($vars)));
+
 				if ($submit)
 				{
 					$error = validate_data($data, array(
@@ -1386,6 +1414,18 @@ class acp_users
 						$error[] = 'FORM_INVALID';
 					}
 
+					/**
+					* Validate profile data in ACP before submitting to the database
+					*
+					* @event core.acp_users_profile_validate
+					* @var	bool	submit		Flag indicating if submit button has been pressed
+					* @var	array	data		Array with user profile data
+					* @var	array	error		Array with the form errors
+					* @since 3.1.4-RC1
+					*/
+					$vars = array('submit', 'data', 'error');
+					extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_validate', compact($vars)));
+
 					if (!sizeof($error))
 					{
 						$sql_ary = array(
@@ -1393,6 +1433,20 @@ class acp_users
 							'user_birthday'	=> $data['user_birthday'],
 						);
 
+						/**
+						* Modify profile data in ACP before submitting to the database
+						*
+						* @event core.acp_users_profile_modify_sql_ary
+						* @var	array	cp_data		Array with the user custom profile fields data
+						* @var	array	data		Array with user profile data
+						* @var	int		user_id		The user id
+						* @var	array	user_row	Array with the full user data
+						* @var	array	sql_ary		Array with sql data
+						* @since 3.1.4-RC1
+						*/
+						$vars = array('cp_data', 'data', 'user_id', 'user_row', 'sql_ary');
+						extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_modify_sql_ary', compact($vars)));
+
 						$sql = 'UPDATE ' . USERS_TABLE . '
 							SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 							WHERE user_id = $user_id";

phpBB/includes/bbcode.php

@@ -129,7 +129,7 @@ class bbcode
 	*/
 	function bbcode_cache_init()
 	{
-		global $phpbb_root_path, $phpEx, $config, $user, $phpbb_extension_manager, $phpbb_path_helper;
+		global $phpbb_root_path, $phpEx, $config, $user, $phpbb_dispatcher, $phpbb_extension_manager, $phpbb_path_helper;
 
 		if (empty($this->template_filename))
 		{
@@ -182,6 +182,8 @@ class bbcode
 			$db->sql_freeresult($result);
 		}
 
+		// To perform custom second pass in extension, use $this->bbcode_second_pass_by_extension()
+		// method which accepts variable number of parameters
 		foreach ($bbcode_ids as $bbcode_id)
 		{
 			switch ($bbcode_id)
@@ -388,6 +390,26 @@ class bbcode
 				break;
 			}
 		}
+
+		$bbcode_cache = $this->bbcode_cache;
+		$bbcode_bitfield = $this->bbcode_bitfield;
+		$bbcode_uid = $this->bbcode_uid;
+
+		/**
+		* Use this event to modify the bbcode_cache
+		*
+		* @event core.bbcode_cache_init_end
+		* @var	array	bbcode_cache		The array of cached search and replace patterns of bbcodes
+		* @var	string	bbcode_bitfield		The bbcode bitfield
+		* @var	string	bbcode_uid			The bbcode uid
+		* @since 3.1.3-RC1
+		*/
+		$vars = array('bbcode_cache', 'bbcode_bitfield', 'bbcode_uid');
+		extract($phpbb_dispatcher->trigger_event('core.bbcode_cache_init_end', compact($vars)));
+
+		$this->bbcode_cache = $bbcode_cache;
+		$this->bbcode_bitfield = $bbcode_bitfield;
+		$this->bbcode_uid = $bbcode_uid;
 	}
 
 	/**
@@ -593,4 +615,36 @@ class bbcode
 
 		return $code;
 	}
+
+	/**
+	* Function to perform custom bbcode second pass by extensions
+	* can be used to assign bbcode pattern replacement
+	* Example: '#\[list=([^\[]+):$uid\]#e'	=> "\$this->bbcode_second_pass_by_extension('\$1')"
+	*
+	* Accepts variable number of parameters
+	*
+	* @return mixed Second pass result
+	*/
+	function bbcode_second_pass_by_extension()
+	{
+		global $phpbb_dispatcher;
+
+		$return = false;
+		$params_array = func_get_args();
+
+		/**
+		* Event to perform bbcode second pass with
+		* the custom validating methods provided by extensions
+		*
+		* @event core.bbcode_second_pass_by_extension
+		* @var array	params_array	Array with the function parameters
+		* @var mixed	return			Second pass result to return
+		*
+		* @since 3.1.5-RC1
+		*/
+		$vars = array('params_array', 'return');
+		extract($phpbb_dispatcher->trigger_event('core.bbcode_second_pass_by_extension', compact($vars)));
+
+		return $return;
+	}
 }

phpBB/includes/constants.php

@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.1.0');
+define('PHPBB_VERSION', '3.1.5-RC1');
 
 // QA-related
 // define('PHPBB_QA', 1);

phpBB/includes/functions.php

@@ -1150,10 +1150,43 @@ function phpbb_timezone_select($template, $user, $default = '', $truncate = fals
 function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
 {
 	global $db, $user, $config;
-	global $request, $phpbb_container;
+	global $request, $phpbb_container, $phpbb_dispatcher;
 
 	$post_time = ($post_time === 0 || $post_time > time()) ? time() : (int) $post_time;
 
+	$should_markread = true;
+
+	/**
+	 * This event is used for performing actions directly before marking forums,
+	 * topics or posts as read.
+	 *
+	 * It is also possible to prevent the marking. For that, the $should_markread parameter
+	 * should be set to FALSE.
+	 *
+	 * @event core.markread_before
+	 * @var	string	mode				Variable containing marking mode value
+	 * @var	mixed	forum_id			Variable containing forum id, or false
+	 * @var	mixed	topic_id			Variable containing topic id, or false
+	 * @var	int		post_time			Variable containing post time
+	 * @var	int		user_id				Variable containing the user id
+	 * @var	bool	should_markread		Flag indicating if the markread should be done or not.
+	 * @since 3.1.4-RC1
+	 */
+	$vars = array(
+		'mode',
+		'forum_id',
+		'topic_id',
+		'post_time',
+		'user_id',
+		'should_markread',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.markread_before', compact($vars)));
+
+	if (!$should_markread)
+	{
+		return;
+	}
+
 	if ($mode == 'all')
 	{
 		if ($forum_id === false || !sizeof($forum_id))
@@ -1648,6 +1681,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis
 function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)
 {
 	global $config, $db, $user;
+	global $phpbb_dispatcher;
 
 	$user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id;
 
@@ -1691,6 +1725,24 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s
 				$sql_sort",
 		);
 
+		/**
+		 * Change SQL query for fetching unread topics data
+		 *
+		 * @event core.get_unread_topics_modify_sql
+		 * @var array     sql_array    Fully assembled SQL query with keys SELECT, FROM, LEFT_JOIN, WHERE
+		 * @var int       last_mark    User's last_mark time
+		 * @var string    sql_extra    Extra WHERE SQL statement
+		 * @var string    sql_sort     ORDER BY SQL sorting statement
+		 * @since 3.1.4-RC1
+		 */
+		$vars = array(
+			'sql_array',
+			'last_mark',
+			'sql_extra',
+			'sql_sort',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.get_unread_topics_modify_sql', compact($vars)));
+
 		$sql = $db->sql_build_query('SELECT', $sql_array);
 		$result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
 
@@ -2257,7 +2309,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
 		if (!$disable_cd_check && $url_parts['host'] !== $user->host)
 		{
-			$url = generate_board_url();
+			trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
 		}
 	}
 	else if ($url[0] == '/')
@@ -2295,7 +2347,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 	// Clean URL and check if we go outside the forum directory
 	$url = $phpbb_path_helper->clean_url($url);
 
-	if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false)
+	if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
 	{
 		trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
 	}
@@ -2337,7 +2389,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 	}
 
 	// Redirect via an HTML form for PITA webservers
-	if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
+	if (@preg_match('#WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
 	{
 		header('Refresh: 0; URL=' . $url);
 
@@ -2396,26 +2448,7 @@ function build_url($strip_vars = false)
 {
 	global $config, $user, $phpbb_path_helper;
 
-	$php_ext = $phpbb_path_helper->get_php_ext();
-	$page = $user->page['page'];
-
-	// We need to be cautious here.
-	// On some situations, the redirect path is an absolute URL, sometimes a relative path
-	// For a relative path, let's prefix it with $phpbb_root_path to point to the correct location,
-	// else we use the URL directly.
-	$url_parts = parse_url($page);
-
-	// URL
-	if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host']))
-	{
-		// Remove 'app.php/' from the page, when rewrite is enabled
-		if ($config['enable_mod_rewrite'] && strpos($page, 'app.' . $php_ext . '/') === 0)
-		{
-			$page = substr($page, strlen('app.' . $php_ext . '/'));
-		}
-
-		$page = $phpbb_path_helper->get_phpbb_root_path() . $page;
-	}
+	$page = $phpbb_path_helper->get_valid_page($user->page['page'], $config['enable_mod_rewrite']);
 
 	// Append SID
 	$redirect = append_sid($page, false, false);
@@ -2511,13 +2544,19 @@ function phpbb_request_http_version()
 {
 	global $request;
 
+	$version = '';
 	if ($request && $request->server('SERVER_PROTOCOL'))
 	{
-		return $request->server('SERVER_PROTOCOL');
+		$version = $request->server('SERVER_PROTOCOL');
 	}
 	else if (isset($_SERVER['SERVER_PROTOCOL']))
 	{
-		return $_SERVER['SERVER_PROTOCOL'];
+		$version = $_SERVER['SERVER_PROTOCOL'];
+	}
+
+	if (!empty($version) && is_string($version) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $version))
+	{
+		return $version;
 	}
 
 	return 'HTTP/1.0';
@@ -2657,7 +2696,7 @@ function check_form_key($form_name, $timespan = false)
 function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '')
 {
 	global $user, $template, $db, $request;
-	global $phpEx, $phpbb_root_path, $request;
+	global $config, $phpbb_path_helper;
 
 	if (isset($_POST['cancel']))
 	{
@@ -2719,8 +2758,8 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
 	}
 
 	// re-add sid / transform & to & for user->page (user->page is always using &)
-	$use_page = ($u_action) ? $phpbb_root_path . $u_action : $phpbb_root_path . str_replace('&', '&', $user->page['page']);
-	$u_action = reapply_sid($use_page);
+	$use_page = ($u_action) ? $u_action : str_replace('&', '&', $user->page['page']);
+	$u_action = reapply_sid($phpbb_path_helper->get_valid_page($use_page, $config['enable_mod_rewrite']));
 	$u_action .= ((strpos($u_action, '?') === false) ? '?' : '&') . 'confirm_key=' . $confirm_key;
 
 	$template->assign_vars(array(
@@ -2887,19 +2926,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		// Special cases... determine
 		switch ($result['status'])
 		{
-			case LOGIN_ERROR_ATTEMPTS:
-
-				$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
-				$captcha->init(CONFIRM_LOGIN);
-				// $captcha->reset();
-
-				$template->assign_vars(array(
-					'CAPTCHA_TEMPLATE'			=> $captcha->get_template(),
-				));
-
-				$err = $user->lang[$result['error_msg']];
-			break;
-
 			case LOGIN_ERROR_PASSWORD_CONVERT:
 				$err = sprintf(
 					$user->lang[$result['error_msg']],
@@ -2910,6 +2936,17 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 				);
 			break;
 
+			case LOGIN_ERROR_ATTEMPTS:
+
+				$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
+				$captcha->init(CONFIRM_LOGIN);
+				// $captcha->reset();
+
+				$template->assign_vars(array(
+					'CAPTCHA_TEMPLATE'			=> $captcha->get_template(),
+				));
+			// no break;
+
 			// Username, password, etc...
 			default:
 				$err = $user->lang[$result['error_msg']];
@@ -2922,6 +2959,19 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 
 			break;
 		}
+
+		/**
+		 * This event allows an extension to process when a user fails a login attempt
+		 *
+		 * @event core.login_box_failed
+		 * @var array   result      Login result data
+		 * @var string  username    User name used to login
+		 * @var string  password    Password used to login
+		 * @var string  err         Error message
+		 * @since 3.1.3-RC1
+		 */
+		$vars = array('result', 'username', 'password', 'err');
+		extract($phpbb_dispatcher->trigger_event('core.login_box_failed', compact($vars)));
 	}
 
 	// Assign credential for username/password pair
@@ -3301,7 +3351,7 @@ function get_preg_expression($mode)
 		case 'email':
 			// Regex written by James Watts and Francisco Jose Martin Moreno
 			// http://fightingforalostcause.net/misc/2006/compare-email-regex.php
-			return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';
+			return '((?:[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+)@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,63})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)';
 		break;
 
 		case 'bbcode_htm':
@@ -3327,23 +3377,33 @@ function get_preg_expression($mode)
 		break;
 
 		case 'url':
+			// generated with regex_idn.php file in the develop folder
+			return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+		break;
+
 		case 'url_inline':
-			$inline = ($mode == 'url') ? ')' : '';
-			$scheme = ($mode == 'url') ? '[a-z\d+\-.]' : '[a-z\d+]'; // avoid automatic parsing of "word" in "last word.http://..."
-			// generated with regex generation file in the develop folder
-			return "[a-z]$scheme*:/{2}(?:(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+			// generated with regex_idn.php file in the develop folder
+			return "[a-z][a-z\d+]*:/{2}(?:(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
 		case 'www_url':
+			// generated with regex_idn.php file in the develop folder
+			return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+		break;
+
 		case 'www_url_inline':
-			$inline = ($mode == 'www_url') ? ')' : '';
-			return "www\.(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+			// generated with regex_idn.php file in the develop folder
+			return "www\.(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
 		case 'relative_url':
+			// generated with regex_idn.php file in the develop folder
+			return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+		break;
+
 		case 'relative_url_inline':
-			$inline = ($mode == 'relative_url') ? ')' : '';
-			return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
+			// generated with regex_idn.php file in the develop folder
+			return "(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[^\p{C}\p{Z}\p{S}\p{P}\p{Nl}\p{No}\p{Me}\x{1100}-\x{115F}\x{A960}-\x{A97C}\x{1160}-\x{11A7}\x{D7B0}-\x{D7C6}\x{20D0}-\x{20FF}\x{1D100}-\x{1D1FF}\x{1D200}-\x{1D24F}\x{0640}\x{07FA}\x{302E}\x{302F}\x{3031}-\x{3035}\x{303B}]*[\x{00B7}\x{0375}\x{05F3}\x{05F4}\x{30FB}\x{002D}\x{06FD}\x{06FE}\x{0F0B}\x{3007}\x{00DF}\x{03C2}\x{200C}\x{200D}\pL0-9\-._~!$&'(*+,;=:@/?|]+|%[\dA-F]{2})*)?";
 		break;
 
 		case 'table_prefix':
@@ -4191,9 +4251,10 @@ function obtain_users_online($item_id = 0, $item = 'forum')
 */
 function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum')
 {
-	global $config, $db, $user, $auth;
+	global $config, $db, $user, $auth, $phpbb_dispatcher;
 
-	$user_online_link = $online_userlist = '';
+	$guests_online = $hidden_online = $l_online_users = $online_userlist = $visible_online = '';
+	$user_online_link = $rowset = array();
 	// Need caps version of $item for language-strings
 	$item_caps = strtoupper($item);
 
@@ -4203,9 +4264,28 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
 				FROM ' . USERS_TABLE . '
 				WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . '
 				ORDER BY username_clean ASC';
-		$result = $db->sql_query($sql);
 
-		while ($row = $db->sql_fetchrow($result))
+		/**
+		* Modify SQL query to obtain online users data
+		*
+		* @event core.obtain_users_online_string_sql
+		* @var	array	online_users	Array with online users data
+		*								from obtain_users_online()
+		* @var	int		item_id			Restrict online users to item id
+		* @var	string	item			Restrict online users to a certain
+		*								session item, e.g. forum for
+		*								session_forum_id
+		* @var	string	sql				SQL query to obtain users online data
+		* @since 3.1.4-RC1
+		*/
+		$vars = array('online_users', 'item_id', 'item', 'sql');
+		extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars)));
+
+		$result = $db->sql_query($sql);
+		$rowset = $db->sql_fetchrowset($result);
+		$db->sql_freeresult($result);
+
+		foreach ($rowset as $row)
 		{
 			// User is logged in and therefore not a guest
 			if ($row['user_id'] != ANONYMOUS)
@@ -4217,13 +4297,12 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
 
 				if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline'))
 				{
-					$user_online_link = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
-					$online_userlist .= ($online_userlist != '') ? ', ' . $user_online_link : $user_online_link;
+					$user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
 				}
 			}
 		}
-		$db->sql_freeresult($result);
 	}
+	$online_userlist = implode(', ', $user_online_link);
 
 	if (!$online_userlist)
 	{
@@ -4256,6 +4335,33 @@ function obtain_users_online_string($online_users, $item_id = 0, $item = 'forum'
 		$l_online_users = $user->lang('ONLINE_USERS_TOTAL', (int) $online_users['total_online'], $visible_online, $hidden_online);
 	}
 
+	/**
+	* Modify online userlist data
+	*
+	* @event core.obtain_users_online_string_modify
+	* @var	array	online_users		Array with online users data
+	*									from obtain_users_online()
+	* @var	int		item_id				Restrict online users to item id
+	* @var	string	item				Restrict online users to a certain
+	*									session item, e.g. forum for
+	*									session_forum_id
+	* @var	array	rowset				Array with online users data
+	* @var	array	user_online_link	Array with online users items (usernames)
+	* @var	string	online_userlist		String containing users online list
+	* @var	string	l_online_users		String with total online users count info
+	* @since 3.1.4-RC1
+	*/
+	$vars = array(
+		'online_users',
+		'item_id',
+		'item',
+		'rowset',
+		'user_online_link',
+		'online_userlist',
+		'l_online_users',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_modify', compact($vars)));
+
 	return array(
 		'online_userlist'	=> $online_userlist,
 		'l_online_users'	=> $l_online_users,

phpBB/includes/functions_acp.php

@@ -245,8 +245,13 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars)
 
 	switch ($tpl_type[0])
 	{
-		case 'text':
 		case 'password':
+			if ($new[$config_key] !== '')
+			{
+				// replace passwords with asterixes
+				$new[$config_key] = '********';
+			}
+		case 'text':
 		case 'url':
 		case 'email':
 		case 'color':
@@ -550,6 +555,9 @@ function validate_config_vars($config_vars, &$cfg_array, &$error)
 
 				$cfg_array[$config_name] = trim($destination);
 
+			// Absolute file path
+			case 'absolute_path':
+			case 'absolute_path_writable':
 			// Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir...
 			case 'path':
 			case 'wpath':
@@ -568,20 +576,22 @@ function validate_config_vars($config_vars, &$cfg_array, &$error)
 					break;
 				}
 
-				if (!file_exists($phpbb_root_path . $cfg_array[$config_name]))
+				$path = in_array($config_definition['validate'], array('wpath', 'path', 'rpath', 'rwpath')) ? $phpbb_root_path . $cfg_array[$config_name] : $cfg_array[$config_name];
+
+				if (!file_exists($path))
 				{
 					$error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]);
 				}
 
-				if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_dir($phpbb_root_path . $cfg_array[$config_name]))
+				if (file_exists($path) && !is_dir($path))
 				{
 					$error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]);
 				}
 
 				// Check if the path is writable
-				if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath')
+				if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath' || $config_definition['validate'] === 'absolute_path_writable')
 				{
-					if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !phpbb_is_writable($phpbb_root_path . $cfg_array[$config_name]))
+					if (file_exists($path) && !phpbb_is_writable($path))
 					{
 						$error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]);
 					}

phpBB/includes/functions_admin.php

@@ -500,7 +500,7 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png')
 */
 function move_topics($topic_ids, $forum_id, $auto_sync = true)
 {
-	global $db;
+	global $db, $phpbb_dispatcher;
 
 	if (empty($topic_ids))
 	{
@@ -534,6 +534,27 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true)
 	}
 
 	$table_ary = array(TOPICS_TABLE, POSTS_TABLE, LOG_TABLE, DRAFTS_TABLE, TOPICS_TRACK_TABLE);
+
+	/**
+	 * Perform additional actions before topics move
+	 *
+	 * @event core.move_topics_before_query
+	 * @var	array	table_ary	Array of tables from which forum_id will be updated for all rows that hold the moved topics
+	 * @var	array	topic_ids	Array of the moved topic ids
+	 * @var	string	forum_id	The forum id from where the topics are moved
+	 * @var	array	forum_ids	Array of the forums where the topics are moving (includes also forum_id)
+	 * @var bool	auto_sync	Whether or not to perform auto sync
+	 * @since 3.1.5-RC1
+	 */
+	$vars = array(
+			'table_ary',
+			'topic_ids',
+			'forum_id',
+			'forum_ids',
+			'auto_sync',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.move_topics_before_query', compact($vars)));
+
 	foreach ($table_ary as $table)
 	{
 		$sql = "UPDATE $table
@@ -618,7 +639,7 @@ function move_posts($post_ids, $topic_id, $auto_sync = true)
 */
 function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_sync = true, $call_delete_posts = true)
 {
-	global $db, $config, $phpbb_container;
+	global $db, $config, $phpbb_container, $phpbb_dispatcher;
 
 	$approved_topics = 0;
 	$forum_ids = $topic_ids = array();
@@ -672,6 +693,20 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s
 
 	$table_ary = array(BOOKMARKS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, POLL_VOTES_TABLE, POLL_OPTIONS_TABLE, TOPICS_WATCH_TABLE, TOPICS_TABLE);
 
+	/**
+	 * Perform additional actions before topic(s) deletion
+	 *
+	 * @event core.delete_topics_before_query
+	 * @var	array	table_ary	Array of tables from which all rows will be deleted that hold a topic_id occuring in topic_ids
+	 * @var	array	topic_ids	Array of topic ids to delete
+	 * @since 3.1.4-RC1
+	 */
+	$vars = array(
+			'table_ary',
+			'topic_ids',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.delete_topics_before_query', compact($vars)));
+
 	foreach ($table_ary as $table)
 	{
 		$sql = "DELETE FROM $table
@@ -680,6 +715,18 @@ function delete_topics($where_type, $where_ids, $auto_sync = true, $post_count_s
 	}
 	unset($table_ary);
 
+	/**
+	 * Perform additional actions after topic(s) deletion
+	 *
+	 * @event core.delete_topics_after_query
+	 * @var	array	topic_ids	Array of topic ids that were deleted
+	 * @since 3.1.4-RC1
+	 */
+	$vars = array(
+			'topic_ids',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.delete_topics_after_query', compact($vars)));
+
 	$moved_topic_ids = array();
 
 	// update the other forums
@@ -894,7 +941,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
 	}
 
 	$error = false;
-	$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+	$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 	if ($error)
 	{
@@ -2311,7 +2358,7 @@ function sync($mode, $where_type = '', $where_ids = '', $resync_parents = false,
 */
 function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync = true)
 {
-	global $db;
+	global $db, $phpbb_dispatcher;
 
 	if (!is_array($forum_id))
 	{
@@ -2351,6 +2398,21 @@ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync
 		$sql_and .= ' AND topic_status = ' . ITEM_MOVED . " AND topic_last_post_time < $prune_date";
 	}
 
+	/**
+	* Use this event to modify the SQL that selects topics to be pruned
+	*
+	* @event core.prune_sql
+	* @var string	forum_id		The forum id
+	* @var string	prune_mode		The prune mode
+	* @var string	prune_date		The prune date
+	* @var int		prune_flags		The prune flags
+	* @var bool		auto_sync		Whether or not to perform auto sync
+	* @var string	sql_and			SQL text appended to where clause
+	* @since 3.1.3-RC1
+	*/
+	$vars = array('forum_id', 'prune_mode', 'prune_date', 'prune_flags', 'auto_sync', 'sql_and');
+	extract($phpbb_dispatcher->trigger_event('core.prune_sql', compact($vars)));
+
 	$sql = 'SELECT topic_id
 		FROM ' . TOPICS_TABLE . '
 		WHERE ' . $db->sql_in_set('forum_id', $forum_id) . "
@@ -2512,6 +2574,7 @@ function phpbb_cache_moderators($db, $cache, $auth)
 			{
 				$usernames_ary[$row['user_id']] = $row['username'];
 			}
+			$db->sql_freeresult($result);
 
 			foreach ($hold_ary as $user_id => $forum_id_ary)
 			{
@@ -2806,6 +2869,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li
 
 		$users[] = $row;
 	}
+	$db->sql_freeresult($result);
 
 	return $offset;
 }
@@ -2980,68 +3044,21 @@ function get_database_size()
 
 /**
 * Retrieve contents from remotely stored file
+*
+* @deprecated	3.1.2	Use file_downloader instead
 */
 function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6)
 {
-	global $user;
+	global $phpbb_container;
 
-	if ($fsock = @fsockopen($host, $port, $errno, $errstr, $timeout))
-	{
-		@fputs($fsock, "GET $directory/$filename HTTP/1.0\r\n");
-		@fputs($fsock, "HOST: $host\r\n");
-		@fputs($fsock, "Connection: close\r\n\r\n");
+	// Get file downloader and assign $errstr and $errno
+	$file_downloader = $phpbb_container->get('file_downloader');
 
-		$timer_stop = time() + $timeout;
-		stream_set_timeout($fsock, $timeout);
+	$file_data = $file_downloader->get($host, $directory, $filename, $port, $timeout);
+	$errstr = $file_downloader->get_error_string();
+	$errno = $file_downloader->get_error_number();
 
-		$file_info = '';
-		$get_info = false;
-
-		while (!@feof($fsock))
-		{
-			if ($get_info)
-			{
-				$file_info .= @fread($fsock, 1024);
-			}
-			else
-			{
-				$line = @fgets($fsock, 1024);
-				if ($line == "\r\n")
-				{
-					$get_info = true;
-				}
-				else if (stripos($line, '404 not found') !== false)
-				{
-					$errstr = $user->lang('FILE_NOT_FOUND', $filename);
-					return false;
-				}
-			}
-
-			$stream_meta_data = stream_get_meta_data($fsock);
-
-			if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
-			{
-				$errstr = $user->lang['FSOCK_TIMEOUT'];
-				return false;
-			}
-		}
-		@fclose($fsock);
-	}
-	else
-	{
-		if ($errstr)
-		{
-			$errstr = utf8_convert_message($errstr);
-			return false;
-		}
-		else
-		{
-			$errstr = $user->lang['FSOCK_DISABLED'];
-			return false;
-		}
-	}
-
-	return $file_info;
+	return $file_data;
 }
 
 /*

phpBB/includes/functions_content.php

@@ -78,7 +78,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key,
 	foreach ($sorts as $name => $sort_ary)
 	{
 		$key = $sort_ary['key'];
-		$selected = $$sort_ary['key'];
+		$selected = ${$sort_ary['key']};
 
 		// Check if the key is selectable. If not, we reset to the default or first key found.
 		// This ensures the values are always valid. We also set $sort_dir/sort_key/etc. to the
@@ -87,12 +87,12 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key,
 		{
 			if ($sort_ary['default'] !== false)
 			{
-				$selected = $$key = $sort_ary['default'];
+				$selected = ${$key} = $sort_ary['default'];
 			}
 			else
 			{
 				@reset($sort_ary['options']);
-				$selected = $$key = key($sort_ary['options']);
+				$selected = ${$key} = key($sort_ary['options']);
 			}
 		}
 
@@ -712,7 +712,7 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
 		break;
 	}
 
-	$short_url = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url;
+	$short_url = (utf8_strlen($url) > 55) ? utf8_substr($url, 0, 39) . ' ... ' . utf8_substr($url, -10) : $url;
 
 	switch ($type)
 	{
@@ -788,28 +788,28 @@ function make_clickable($text, $server_url = false, $class = 'postlink')
 
 		// relative urls for this board
 		$magic_url_match_args[$server_url][] = array(
-			'#(^|[\n\t (>.])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#i',
+			'#(^|[\n\t (>.])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#iu',
 			MAGIC_URL_LOCAL,
 			$local_class,
 		);
 
 		// matches a xxxx://aaaaa.bbb.cccc. ...
 		$magic_url_match_args[$server_url][] = array(
-			'#(^|[\n\t (>.])(' . get_preg_expression('url_inline') . ')#i',
+			'#(^|[\n\t (>.])(' . get_preg_expression('url_inline') . ')#iu',
 			MAGIC_URL_FULL,
 			$class,
 		);
 
 		// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
 		$magic_url_match_args[$server_url][] = array(
-			'#(^|[\n\t (>])(' . get_preg_expression('www_url_inline') . ')#i',
+			'#(^|[\n\t (>])(' . get_preg_expression('www_url_inline') . ')#iu',
 			MAGIC_URL_WWW,
 			$class,
 		);
 
 		// matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode.
 		$magic_url_match_args[$server_url][] = array(
-			'/(^|[\n\t (>])(' . get_preg_expression('email') . ')/i',
+			'/(^|[\n\t (>])(' . get_preg_expression('email') . ')/iu',
 			MAGIC_URL_EMAIL,
 			'',
 		);

phpBB/includes/functions_convert.php

@@ -2148,6 +2148,7 @@ function fix_empty_primary_groups()
 	}
 
 	$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . ' WHERE group_id = ' . get_group_id('global_moderators');
+	$result = $db->sql_query($sql);
 
 	$user_ids = array();
 	while ($row = $db->sql_fetchrow($result))

phpBB/includes/functions_display.php

@@ -150,7 +150,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 	$sql = $db->sql_build_query('SELECT', $sql_ary);
 	$result = $db->sql_query($sql);
 
-	$forum_tracking_info = array();
+	$forum_tracking_info = $valid_categories = array();
 	$branch_root_id = $root_data['forum_id'];
 
 	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
@@ -250,6 +250,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			}
 		}
 
+		// Fill list of categories with forums
+		if (isset($forum_rows[$row['parent_id']]))
+		{
+			$valid_categories[$row['parent_id']] = true;
+		}
+
 		//
 		if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id)
 		{
@@ -267,6 +273,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 				$branch_root_id = $forum_id;
 			}
 			$forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id'];
+			$forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password'];
 			$forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time'];
 		}
 		else if ($row['forum_type'] != FORUM_CAT)
@@ -308,6 +315,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 				$forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name'];
 				$forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour'];
 				$forum_rows[$parent_id]['forum_id_last_post'] = $forum_id;
+				$forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password'];
 			}
 		}
 
@@ -375,6 +383,28 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		get_moderators($forum_moderators, $forum_ids_moderator);
 	}
 
+	/**
+	* Event to perform additional actions before the forum list is being generated
+	*
+	* @event core.display_forums_before
+	* @var	array	active_forum_ary	Array with forum data to display active topics
+	* @var	bool	display_moderators	Flag indicating if we display forum moderators
+	* @var	array	forum_moderators	Array with forum moderators list
+	* @var	array	forum_rows			Data array of all forums we display
+	* @var	bool	return_moderators	Flag indicating if moderators list should be returned
+	* @var	array	root_data			Array with the root forum data
+	* @since 3.1.4-RC1
+	*/
+	$vars = array(
+		'active_forum_ary',
+		'display_moderators',
+		'forum_moderators',
+		'forum_rows',
+		'return_moderators',
+		'root_data',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.display_forums_before', compact($vars)));
+
 	// Used to tell whatever we have to create a dummy category or not.
 	$last_catless = true;
 	foreach ($forum_rows as $row)
@@ -382,6 +412,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		// Category
 		if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT)
 		{
+			// Do not display categories without any forums to display
+			if (!isset($valid_categories[$row['forum_id']]))
+			{
+				continue;
+			}
+
 			$cat_row = array(
 				'S_IS_CAT'				=> true,
 				'FORUM_ID'				=> $row['forum_id'],
@@ -500,8 +536,15 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		// Create last post link information, if appropriate
 		if ($row['forum_last_post_id'])
 		{
-			$last_post_subject = $row['forum_last_post_subject'];
-			$last_post_subject_truncated = truncate_string(censor_text($last_post_subject), 30, 255, false, $user->lang['ELLIPSIS']);
+			if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post']))
+			{
+				$last_post_subject = censor_text($row['forum_last_post_subject']);
+				$last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']);
+			}
+			else
+			{
+				$last_post_subject = $last_post_subject_truncated = '';
+			}
 			$last_post_time = $user->format_date($row['forum_last_post_time']);
 			$last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id'];
 		}
@@ -561,7 +604,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			'S_LOCKED_FORUM'	=> ($row['forum_status'] == ITEM_LOCKED) ? true : false,
 			'S_LIST_SUBFORUMS'	=> ($row['display_subforum_list']) ? true : false,
 			'S_SUBFORUMS'		=> (sizeof($subforums_list)) ? true : false,
-			'S_DISPLAY_SUBJECT'	=>	($last_post_subject && $config['display_last_subject'] && !$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? true : false,
+			'S_DISPLAY_SUBJECT'	=>	($last_post_subject !== '' && $config['display_last_subject']) ? true : false,
 			'S_FEED_ENABLED'	=> ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false,
 
 			'FORUM_ID'				=> $row['forum_id'],
@@ -574,8 +617,8 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			'FORUM_FOLDER_IMG_ALT'	=> isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '',
 			'FORUM_IMAGE'			=> ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '',
 			'FORUM_IMAGE_SRC'		=> ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '',
-			'LAST_POST_SUBJECT'		=> (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? censor_text($last_post_subject) : "",
-			'LAST_POST_SUBJECT_TRUNCATED'	=> (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? $last_post_subject_truncated : "",
+			'LAST_POST_SUBJECT'		=> $last_post_subject,
+			'LAST_POST_SUBJECT_TRUNCATED'	=> $last_post_subject_truncated,
 			'LAST_POST_TIME'		=> $last_post_time,
 			'LAST_POSTER'			=> get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']),
 			'LAST_POSTER_COLOUR'	=> get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']),
@@ -710,13 +753,15 @@ function generate_forum_rules(&$forum_data)
 function generate_forum_nav(&$forum_data)
 {
 	global $db, $user, $template, $auth, $config;
-	global $phpEx, $phpbb_root_path;
+	global $phpEx, $phpbb_root_path, $phpbb_dispatcher;
 
 	if (!$auth->acl_get('f_list', $forum_data['forum_id']))
 	{
 		return;
 	}
 
+	$navlinks = $navlinks_parents = $forum_template_data = array();
+
 	// Get forum parents
 	$forum_parents = get_forum_parents($forum_data);
 
@@ -735,35 +780,59 @@ function generate_forum_nav(&$forum_data)
 				continue;
 			}
 
-			$template->assign_block_vars('navlinks', array(
+			$navlinks_parents[] = array(
 				'S_IS_CAT'		=> ($parent_type == FORUM_CAT) ? true : false,
 				'S_IS_LINK'		=> ($parent_type == FORUM_LINK) ? true : false,
 				'S_IS_POST'		=> ($parent_type == FORUM_POST) ? true : false,
 				'FORUM_NAME'	=> $parent_name,
 				'FORUM_ID'		=> $parent_forum_id,
 				'MICRODATA'		=> $microdata_attr . '="' . $parent_forum_id . '"',
-				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id))
+				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id),
 			);
 		}
 	}
 
-	$template->assign_block_vars('navlinks', array(
+	$navlinks = array(
 		'S_IS_CAT'		=> ($forum_data['forum_type'] == FORUM_CAT) ? true : false,
 		'S_IS_LINK'		=> ($forum_data['forum_type'] == FORUM_LINK) ? true : false,
 		'S_IS_POST'		=> ($forum_data['forum_type'] == FORUM_POST) ? true : false,
 		'FORUM_NAME'	=> $forum_data['forum_name'],
 		'FORUM_ID'		=> $forum_data['forum_id'],
 		'MICRODATA'		=> $microdata_attr . '="' . $forum_data['forum_id'] . '"',
-		'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id']))
+		'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id']),
 	);
 
-	$template->assign_vars(array(
+	$forum_template_data = array(
 		'FORUM_ID' 		=> $forum_data['forum_id'],
 		'FORUM_NAME'	=> $forum_data['forum_name'],
 		'FORUM_DESC'	=> generate_text_for_display($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options']),
 
 		'S_ENABLE_FEEDS_FORUM'	=> ($config['feed_forum'] && $forum_data['forum_type'] == FORUM_POST && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $forum_data['forum_options'])) ? true : false,
-	));
+	);
+
+	/**
+	* Event to modify the navlinks text
+	*
+	* @event core.generate_forum_nav
+	* @var	array	forum_data				Array with the forum data
+	* @var	array	forum_template_data		Array with generic forum template data
+	* @var	string	microdata_attr			The microdata attribute
+	* @var	array	navlinks_parents		Array with the forum parents navlinks data
+	* @var	array	navlinks				Array with the forum navlinks data
+	* @since 3.1.5-RC1
+	*/
+	$vars = array(
+		'forum_data',
+		'forum_template_data',
+		'microdata_attr',
+		'navlinks_parents',
+		'navlinks',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.generate_forum_nav', compact($vars)));
+
+	$template->assign_block_vars_array('navlinks', $navlinks_parents);
+	$template->assign_block_vars('navlinks', $navlinks);
+	$template->assign_vars($forum_template_data);
 
 	return;
 }
@@ -1608,8 +1677,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl
 		'U_EMAIL'		=> $email,
 		'U_JABBER'		=> ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=jabber&amp;u=' . $user_id) : '',
 
-		'USER_JABBER'		=> $data['user_jabber'],
-		'USER_JABBER_IMG'	=> ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '',
+		'USER_JABBER'		=> ($config['jab_enable']) ? $data['user_jabber'] : '',
+		'USER_JABBER_IMG'	=> ($config['jab_enable'] && $data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '',
 
 		'L_SEND_EMAIL_USER' => $user->lang('SEND_EMAIL_USER', $username),
 		'L_CONTACT_USER'	=> $user->lang('CONTACT_USER', $username),

phpBB/includes/functions_download.php

@@ -210,11 +210,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		}
 	}
 
-	if ($size)
-	{
-		header("Content-Length: $size");
-	}
-
 	// Close the db connection before sending the file etc.
 	file_gc(false);
 
@@ -238,6 +233,11 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 			exit;
 		}
 
+		if ($size)
+		{
+			header("Content-Length: $size");
+		}
+
 		// Try to deliver in chunks
 		@set_time_limit(0);
 

phpBB/includes/functions_mcp.php

@@ -368,7 +368,7 @@ function phpbb_get_pm_data($pm_ids)
 */
 function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql, &$sort_order_sql, &$total, $forum_id = 0, $topic_id = 0, $where_sql = 'WHERE')
 {
-	global $db, $user, $auth, $template;
+	global $db, $user, $auth, $template, $phpbb_dispatcher;
 
 	$sort_days = request_var('st', 0);
 	$min_time = ($sort_days) ? time() - ($sort_days * 86400) : 0;
@@ -553,6 +553,56 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by
 			break;
 	}
 
+	// Default total to -1 to allow editing by the event
+	$total = -1;
+
+	/**
+	* This event allows you to control the SQL query used to get the total number
+	* of reports the user can access.
+	*
+	* This total is used for the pagination and for displaying the total number
+	* of reports to the user
+	*
+	*
+	* @event core.mcp_sorting_query_before
+	* @var	string	sql					The current SQL search string
+	* @var	string	mode				An id related to the module(s) the user is viewing
+	* @var	string	type				Which kind of information is this being used for displaying. Posts, topics, etc...
+	* @var	int		forum_id			The forum id of the posts the user is trying to access, if not 0
+	* @var	int		topic_id			The topic id of the posts the user is trying to access, if not 0
+	* @var	int		sort_days			The max age of the oldest report to be shown, in days
+	* @var	string	sort_key			The way the user has decided to sort the data.
+	*									The valid values must be in the keys of the sort_by_* variables
+	* @var	string	sort_dir			Either 'd' for "DESC" or 'a' for 'ASC' in the SQL query
+	* @var	int		limit_days			The possible max ages of the oldest report for the user to choose, in days.
+	* @var	array	sort_by_sql			SQL text (values) for the possible names of the ways of sorting data (keys).
+	* @var	array	sort_by_text		Language text (values) for the possible names of the ways of sorting data (keys).
+	* @var	int		min_time			Integer with the minimum post time that the user is searching for
+	* @var	int		limit_time_sql		Time limiting options used in the SQL query.
+	* @var	int		total				The total number of reports that exist. Only set if you want to override the result
+	* @var	string	where_sql			Extra information included in the WHERE clause. It must end with "WHERE" or "AND" or "OR".
+	*									Set to "WHERE" and set total above -1 to override the total value
+	* @since 3.1.4-RC1
+	*/
+	$vars = array(
+		'sql',
+		'mode',
+		'type',
+		'forum_id',
+		'topic_id',
+		'sort_days',
+		'sort_key',
+		'sort_dir',
+		'limit_days',
+		'sort_by_sql',
+		'sort_by_text',
+		'min_time',
+		'limit_time_sql',
+		'total',
+		'where_sql',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.mcp_sorting_query_before', compact($vars)));
+
 	if (!isset($sort_by_sql[$sort_key]))
 	{
 		$sort_key = $default_key;
@@ -584,7 +634,7 @@ function phpbb_mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by
 		$total = (int) $db->sql_fetchfield('total');
 		$db->sql_freeresult($result);
 	}
-	else
+	else if ($total < -1)
 	{
 		$total = -1;
 	}

phpBB/includes/functions_messenger.php

@@ -510,7 +510,7 @@ class messenger
 
 			foreach ($address_ary as $which_ary)
 			{
-				$$type .= (($$type != '') ? ', ' : '') . (($which_ary['name'] != '') ? mail_encode($which_ary['name'], $encode_eol) . ' <' . $which_ary['email'] . '>' : $which_ary['email']);
+				${$type} .= ((${$type} != '') ? ', ' : '') . (($which_ary['name'] != '') ? mail_encode($which_ary['name'], $encode_eol) . ' <' . $which_ary['email'] . '>' : $which_ary['email']);
 			}
 		}
 

phpBB/includes/functions_module.php

@@ -976,7 +976,7 @@ class p_master
 	*
 	* @param string $class module class (acp/mcp/ucp)
 	* @param string $name module name (class name of the module, or its basename
-    *                     phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra)
+	*                     phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra)
 	* @param string $mode mode, as passed through to the module
 	*
 	*/
@@ -1086,7 +1086,7 @@ class p_master
 			->core_path('language/' . $user->lang_name . '/mods/')
 			->find();
 
-		$lang_files = array_unique(array_merge($user_lang_files, $english_lang_files, $default_lang_files));
+		$lang_files = array_merge($english_lang_files, $default_lang_files, $user_lang_files);
 		foreach ($lang_files as $lang_file => $ext_name)
 		{
 			$user->add_lang_ext($ext_name, $lang_file);

phpBB/includes/functions_posting.php

@@ -1036,8 +1036,8 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0, $pm_action = '', $ms
 */
 function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true)
 {
-	global $user, $auth, $db, $template, $bbcode, $cache;
-	global $config, $phpbb_root_path, $phpEx, $phpbb_container;
+	global $user, $auth, $db, $template, $cache;
+	global $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
 
 	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
 	$sql_sort = ($mode == 'post_review') ? 'ASC' : 'DESC';
@@ -1094,13 +1094,11 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 	$sql = $db->sql_build_query('SELECT', $sql_ary);
 	$result = $db->sql_query($sql);
 
-	$bbcode_bitfield = '';
 	$rowset = array();
 	$has_attachments = false;
 	while ($row = $db->sql_fetchrow($result))
 	{
 		$rowset[$row['post_id']] = $row;
-		$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
 
 		if ($row['post_attachment'])
 		{
@@ -1109,13 +1107,6 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 	}
 	$db->sql_freeresult($result);
 
-	// Instantiate BBCode class
-	if (!isset($bbcode) && $bbcode_bitfield !== '')
-	{
-		include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
-		$bbcode = new bbcode(base64_encode($bbcode_bitfield));
-	}
-
 	// Grab extensions
 	$extensions = $attachments = array();
 	if ($has_attachments && $auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
@@ -1176,7 +1167,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 		$post_anchor = ($mode == 'post_review') ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id'];
 		$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "f=$forum_id&t=$topic_id&p={$row['post_id']}&view=show#p{$row['post_id']}");
 
-		$template->assign_block_vars($mode . '_row', array(
+		$post_row = array(
 			'POST_AUTHOR_FULL'		=> get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
 			'POST_AUTHOR_COLOUR'	=> get_username_string('colour', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
 			'POST_AUTHOR'			=> get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
@@ -1195,9 +1186,37 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 			'POST_ID'			=> $row['post_id'],
 			'U_MINI_POST'		=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . '#p' . $row['post_id'],
 			'U_MCP_DETAILS'		=> ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=post_details&f=' . $forum_id . '&p=' . $row['post_id'], true, $user->session_id) : '',
-			'POSTER_QUOTE'		=> ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '')
+			'POSTER_QUOTE'		=> ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '',
 		);
 
+		$current_row_number = $i;
+
+		/**
+		* Event to modify the template data block for topic reviews
+		*
+		* @event core.topic_review_modify_row
+		* @var	string	mode				The review mode
+		* @var	int		topic_id			The topic that is being reviewed
+		* @var	int		forum_id			The topic's forum
+		* @var	int		cur_post_id			Post offset id
+		* @var	int		current_row_number	Number of the current row being iterated
+		* @var	array	post_row			Template block array of the current post
+		* @var	array	row					Array with original post and user data
+		* @since 3.1.4-RC1
+		*/
+		$vars = array(
+			'mode',
+			'topic_id',
+			'forum_id',
+			'cur_post_id',
+			'current_row_number',
+			'post_row',
+			'row',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_row', compact($vars)));
+
+		$template->assign_block_vars($mode . '_row', $post_row);
+
 		// Display not already displayed Attachments for this post, we already parsed them. ;)
 		if (!empty($attachments[$row['post_id']]))
 		{
@@ -1825,6 +1844,30 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		break;
 	}
 
+	/**
+	* Modify sql query data for post submitting
+	*
+	* @event core.submit_post_modify_sql_data
+	* @var	array	data				Array with the data for the post
+	* @var	array	poll				Array with the poll data for the post
+	* @var	string	post_mode			Variable containing posting mode value
+	* @var	bool	sql_data			Array with the data for the posting SQL query
+	* @var	string	subject				Variable containing post subject value
+	* @var	int		topic_type			Variable containing topic type value
+	* @var	string	username			Variable containing post author name
+	* @since 3.1.3-RC1
+	*/
+	$vars = array(
+		'data',
+		'poll',
+		'post_mode',
+		'sql_data',
+		'subject',
+		'topic_type',
+		'username',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.submit_post_modify_sql_data', compact($vars)));
+
 	// Submit new topic
 	if ($post_mode == 'post')
 	{
@@ -2166,7 +2209,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		}
 
 		$error = false;
-		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		if ($error)
 		{

phpBB/includes/functions_privmsgs.php

@@ -1415,9 +1415,9 @@ function rebuild_header($check_ary)
 		$_types = array('u', 'g');
 		foreach ($_types as $type)
 		{
-			if (sizeof($$type))
+			if (sizeof(${$type}))
 			{
-				foreach ($$type as $id)
+				foreach (${$type} as $id)
 				{
 					$address[$type][$id] = $check_type;
 				}
@@ -1957,7 +1957,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
 */
 function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode = false)
 {
-	global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth, $bbcode;
+	global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth;
 
 	// Select all receipts and the author from the pm we currently view, to only display their pm-history
 	$sql = 'SELECT author_id, user_id
@@ -2009,7 +2009,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode
 	$title = $row['message_subject'];
 
 	$rowset = array();
-	$bbcode_bitfield = '';
 	$folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm') . '&folder=';
 
 	do
@@ -2025,7 +2024,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode
 		else
 		{
 			$rowset[$row['msg_id']] = $row;
-			$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
 		}
 	}
 	while ($row = $db->sql_fetchrow($result));
@@ -2036,16 +2034,6 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode
 		return false;
 	}
 
-	// Instantiate BBCode class
-	if ((empty($bbcode) || $bbcode === false) && $bbcode_bitfield !== '')
-	{
-		if (!class_exists('bbcode'))
-		{
-			include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
-		}
-		$bbcode = new bbcode(base64_encode($bbcode_bitfield));
-	}
-
 	$title = censor_text($title);
 
 	$url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm');

phpBB/includes/functions_upload.php

@@ -213,6 +213,8 @@ class filespec
 	*/
 	static public function get_extension($filename)
 	{
+		$filename = utf8_basename($filename);
+
 		if (strpos($filename, '.') === false)
 		{
 			return '';

phpBB/includes/functions_user.php

@@ -44,13 +44,13 @@ function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false)
 
 	$which_ary = ($user_id_ary) ? 'user_id_ary' : 'username_ary';
 
-	if ($$which_ary && !is_array($$which_ary))
+	if (${$which_ary} && !is_array(${$which_ary}))
 	{
-		$$which_ary = array($$which_ary);
+		${$which_ary} = array(${$which_ary});
 	}
 
-	$sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', $$which_ary) : array_map('utf8_clean_string', $$which_ary);
-	unset($$which_ary);
+	$sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', ${$which_ary}) : array_map('utf8_clean_string', ${$which_ary});
+	unset(${$which_ary});
 
 	$user_id_ary = $username_ary = array();
 
@@ -398,7 +398,7 @@ function user_add($user_row, $cp_data = false, $notifications_data = null)
  */
 function user_delete($mode, $user_ids, $retain_username = true)
 {
-	global $cache, $config, $db, $user, $phpbb_dispatcher;
+	global $cache, $config, $db, $user, $phpbb_dispatcher, $phpbb_container;
 	global $phpbb_root_path, $phpEx;
 
 	$db->sql_transaction('begin');
@@ -500,6 +500,9 @@ function user_delete($mode, $user_ids, $retain_username = true)
 
 	$num_users_delta = 0;
 
+	// Get auth provider collection in case accounts might need to be unlinked
+	$provider_collection = $phpbb_container->get('auth.provider_collection');
+
 	// Some things need to be done in the loop (if the query changes based
 	// on which user is currently being deleted)
 	$added_guest_posts = 0;
@@ -510,6 +513,38 @@ function user_delete($mode, $user_ids, $retain_username = true)
 			avatar_delete('user', $user_row);
 		}
 
+		// Unlink accounts
+		foreach ($provider_collection as $provider_name => $auth_provider)
+		{
+			$provider_data = $auth_provider->get_auth_link_data($user_id);
+
+			if ($provider_data !== null)
+			{
+				$link_data = array(
+					'user_id' => $user_id,
+					'link_method' => 'user_delete',
+				);
+
+				// BLOCK_VARS might contain hidden fields necessary for unlinking accounts
+				if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS']))
+				{
+					foreach ($provider_data['BLOCK_VARS'] as $provider_service)
+					{
+						if (!array_key_exists('HIDDEN_FIELDS', $provider_service))
+						{
+							$provider_service['HIDDEN_FIELDS'] = array();
+						}
+
+						$auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS']));
+					}
+				}
+				else
+				{
+					$auth_provider->unlink_account($link_data);
+				}
+			}
+		}
+
 		// Decrement number of users if this user is active
 		if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE)
 		{
@@ -672,6 +707,9 @@ function user_delete($mode, $user_ids, $retain_username = true)
 	}
 	phpbb_delete_users_pms($user_ids);
 
+	$phpbb_notifications = $phpbb_container->get('notification_manager');
+	$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_ids);
+
 	$db->sql_transaction('commit');
 
 	/**
@@ -703,7 +741,7 @@ function user_delete($mode, $user_ids, $retain_username = true)
 */
 function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
 {
-	global $config, $db, $user, $auth;
+	global $config, $db, $user, $auth, $phpbb_dispatcher;
 
 	$deactivated = $activated = 0;
 	$sql_statements = array();
@@ -756,6 +794,21 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
 	}
 	$db->sql_freeresult($result);
 
+	/**
+	* Check or modify activated/deactivated users data before submitting it to the database
+	*
+	* @event core.user_active_flip_before
+	* @var	string	mode			User type changing mode, can be: flip|activate|deactivate
+	* @var	int		reason			Reason for changing user type, can be: INACTIVE_REGISTER|INACTIVE_PROFILE|INACTIVE_MANUAL|INACTIVE_REMIND
+	* @var	int		activated		The number of users to be activated
+	* @var	int		deactivated		The number of users to be deactivated
+	* @var	array	user_id_ary		Array with user ids to change user type
+	* @var	array	sql_statements	Array with users data to submit to the database, keys: user ids, values: arrays with user data
+	* @since 3.1.4-RC1
+	*/
+	$vars = array('mode', 'reason', 'activated', 'deactivated', 'user_id_ary', 'sql_statements');
+	extract($phpbb_dispatcher->trigger_event('core.user_active_flip_before', compact($vars)));
+
 	if (sizeof($sql_statements))
 	{
 		foreach ($sql_statements as $user_id => $sql_ary)
@@ -769,6 +822,21 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
 		$auth->acl_clear_prefetch(array_keys($sql_statements));
 	}
 
+	/**
+	* Perform additional actions after the users have been activated/deactivated
+	*
+	* @event core.user_active_flip_after
+	* @var	string	mode			User type changing mode, can be: flip|activate|deactivate
+	* @var	int		reason			Reason for changing user type, can be: INACTIVE_REGISTER|INACTIVE_PROFILE|INACTIVE_MANUAL|INACTIVE_REMIND
+	* @var	int		activated		The number of users to be activated
+	* @var	int		deactivated		The number of users to be deactivated
+	* @var	array	user_id_ary		Array with user ids to change user type
+	* @var	array	sql_statements	Array with users data to submit to the database, keys: user ids, values: arrays with user data
+	* @since 3.1.4-RC1
+	*/
+	$vars = array('mode', 'reason', 'activated', 'deactivated', 'user_id_ary', 'sql_statements');
+	extract($phpbb_dispatcher->trigger_event('core.user_active_flip_after', compact($vars)));
+
 	if ($deactivated)
 	{
 		set_config_count('num_users', $deactivated * (-1), true);

phpBB/includes/mcp/mcp_forum.php

@@ -165,6 +165,22 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
 			AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.') . "
 			$limit_time_sql
 		ORDER BY t.topic_type DESC, $sort_order_sql";
+
+	/**
+	* Modify SQL query before MCP forum view topic list is queried
+	*
+	* @event core.mcp_view_forum_modify_sql
+	* @var	string	sql			SQL query for forum view topic list
+	* @var	int	forum_id	ID of the forum
+	* @var	string  limit_time_sql		SQL query part for limit time
+	* @var	string  sort_order_sql		SQL query part for sort order
+	* @var	int topics_per_page			Number of topics per page
+	* @var	int start			Start value
+	* @since 3.1.2-RC1
+	*/
+	$vars = array('sql', 'forum_id', 'limit_time_sql', 'sort_order_sql', 'topics_per_page', 'start');
+	extract($phpbb_dispatcher->trigger_event('core.mcp_view_forum_modify_sql', compact($vars)));
+
 	$result = $db->sql_query_limit($sql, $topics_per_page, $start);
 
 	$topic_list = $topic_tracking_info = array();

phpBB/includes/mcp/mcp_front.php

@@ -41,10 +41,27 @@ function mcp_front_view($id, $mode, $action)
 
 		if (!empty($forum_list))
 		{
-			$sql = 'SELECT COUNT(post_id) AS total
-				FROM ' . POSTS_TABLE . '
-				WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
-					AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
+			$sql_ary = array(
+				'SELECT' => 'COUNT(post_id) AS total',
+				'FROM' => array(
+						POSTS_TABLE => 'p',
+					),
+				'WHERE' => $db->sql_in_set('p.forum_id', $forum_list) . '
+					AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE))
+			);
+
+			/**
+			* Allow altering the query to get the number of unapproved posts
+			*
+			* @event core.mcp_front_queue_unapproved_total_before
+			* @var	int		sql_ary						Query to get the total number of unapproved posts
+			* @var	array	forum_list					List of forums to look for unapproved posts
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('sql_ary', 'forum_list');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_front_queue_unapproved_total_before', compact($vars)));
+
+			$sql = $db->sql_build_query('SELECT', $sql_ary);
 			$result = $db->sql_query($sql);
 			$total = (int) $db->sql_fetchfield('total');
 			$db->sql_freeresult($result);
@@ -157,6 +174,18 @@ function mcp_front_view($id, $mode, $action)
 					AND r.pm_id = 0
 					AND r.report_closed = 0
 					AND ' . $db->sql_in_set('p.forum_id', $forum_list);
+
+			/**
+			* Alter sql query to count the number of reported posts
+			*
+			* @event core.mcp_front_reports_count_query_before
+			* @var	int		sql				The query string used to get the number of reports that exist
+			* @var	array	forum_list		List of forums that contain the posts
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('sql', 'forum_list');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_front_reports_count_query_before', compact($vars)));
+
 			$result = $db->sql_query($sql);
 			$total = (int) $db->sql_fetchfield('total');
 			$db->sql_freeresult($result);
@@ -234,6 +263,7 @@ function mcp_front_view($id, $mode, $action)
 						'ATTACH_ICON_IMG'	=> ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']) && $row['post_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '',
 					));
 				}
+				$db->sql_freeresult($result);
 			}
 
 			$template->assign_vars(array(
@@ -290,6 +320,7 @@ function mcp_front_view($id, $mode, $action)
 				$pm_by_id[(int) $row['msg_id']] = $row;
 				$pm_list[] = (int) $row['msg_id'];
 			}
+			$db->sql_freeresult($result);
 
 			$address_list = get_recipient_strings($pm_by_id);
 

phpBB/includes/mcp/mcp_logs.php

@@ -137,7 +137,7 @@ class mcp_logs
 
 					if ($mode == 'topic_logs')
 					{
-						$conditions['topic_logs'] = $topic_id;
+						$conditions['topic_id'] = $topic_id;
 					}
 
 					$phpbb_log->delete('mod', $conditions);

phpBB/includes/mcp/mcp_main.php

@@ -226,6 +226,31 @@ class mcp_main
 			break;
 
 			default:
+				if ($quickmod)
+				{
+					switch ($action)
+					{
+						case 'lock':
+						case 'unlock':
+						case 'make_announce':
+						case 'make_sticky':
+						case 'make_global':
+						case 'make_normal':
+						case 'make_onindex':
+						case 'move':
+						case 'fork':
+						case 'delete_topic':
+							trigger_error('TOPIC_NOT_EXIST');
+						break;
+
+						case 'lock_post':
+						case 'unlock_post':
+						case 'delete_post':
+							trigger_error('POST_NOT_EXIST');
+						break;
+					}
+				}
+
 				trigger_error('NO_MODE', E_USER_ERROR);
 			break;
 		}
@@ -813,8 +838,17 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 
 		$user->add_lang('posting');
 
+		// If there are only shadow topics, we neither need a reason nor softdelete
+		$sql = 'SELECT topic_id
+			FROM ' . TOPICS_TABLE . '
+			WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . '
+				AND topic_moved_id = 0';
+		$result = $db->sql_query_limit($sql, 1);
+		$only_shadow = !$db->sql_fetchfield('topic_id');
+		$db->sql_freeresult($result);
+
 		$only_softdeleted = false;
-		if ($auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id))
+		if (!$only_shadow && $auth->acl_get('m_delete', $forum_id) && $auth->acl_get('m_softdelete', $forum_id))
 		{
 			// If there are only soft deleted topics, we display a message why the option is not available
 			$sql = 'SELECT topic_id
@@ -827,6 +861,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 		}
 
 		$template->assign_vars(array(
+			'S_SHADOW_TOPICS'		=> $only_shadow,
 			'S_SOFTDELETED'			=> $only_softdeleted,
 			'S_TOPIC_MODE'			=> true,
 			'S_ALLOWED_DELETE'		=> $auth->acl_get('m_delete', $forum_id),
@@ -839,7 +874,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 			$l_confirm .= '_PERMANENTLY';
 			$s_hidden_fields['delete_permanent'] = '1';
 		}
-		else if (!$auth->acl_get('m_softdelete', $forum_id))
+		else if ($only_shadow || !$auth->acl_get('m_softdelete', $forum_id))
 		{
 			$s_hidden_fields['delete_permanent'] = '1';
 		}
@@ -1109,7 +1144,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '',
 function mcp_fork_topic($topic_ids)
 {
 	global $auth, $user, $db, $template, $config;
-	global $phpEx, $phpbb_root_path;
+	global $phpEx, $phpbb_root_path, $phpbb_dispatcher;
 
 	if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_')))
 	{
@@ -1187,7 +1222,7 @@ function mcp_fork_topic($topic_ids)
 				}
 
 				$error = false;
-				$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+				$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 				$search_mode = 'post';
 
 				if ($error)
@@ -1266,6 +1301,7 @@ function mcp_fork_topic($topic_ids)
 
 					$db->sql_query('INSERT INTO ' . POLL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
 				}
+				$db->sql_freeresult($result);
 			}
 
 			$sql = 'SELECT *

phpBB/includes/mcp/mcp_post.php

@@ -26,6 +26,7 @@ function mcp_post_details($id, $mode, $action)
 {
 	global $phpEx, $phpbb_root_path, $config;
 	global $template, $db, $user, $auth, $cache;
+	global $phpbb_dispatcher;
 
 	$user->add_lang('posting');
 
@@ -106,6 +107,21 @@ function mcp_post_details($id, $mode, $action)
 			}
 
 		break;
+
+		default:
+
+			/**
+			* This event allows you to handle custom post moderation options
+			*
+			* @event core.mcp_post_additional_options
+			* @var	string	action		Post moderation action name
+			* @var	array	post_info	Information on the affected post
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('action', 'post_info');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_post_additional_options', compact($vars)));
+
+		break;
 	}
 
 	// Set some vars
@@ -197,7 +213,7 @@ function mcp_post_details($id, $mode, $action)
 		$l_deleted_by = '';
 	}
 
-	$template->assign_vars(array(
+	$mcp_post_template_data = array(
 		'U_MCP_ACTION'			=> "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters
 		'U_POST_ACTION'			=> "$url&i=$id&mode=post_details", // Use this for action parameters
 		'U_APPROVE_ACTION'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"),
@@ -249,7 +265,32 @@ function mcp_post_details($id, $mode, $action)
 
 		'U_LOOKUP_IP'			=> ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '',
 		'U_WHOIS'				=> ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '',
-	));
+	);
+
+	$s_additional_opts = false;
+
+	/**
+	* Event to add/modify MCP post template data
+	*
+	* @event core.mcp_post_template_data
+	* @var	array	post_info					Array with the post information
+	* @var	array	mcp_post_template_data		Array with the MCP post template data
+	* @var	array	attachments					Array with the post attachments, if any
+	* @var	bool	s_additional_opts			Must be set to true in extension if additional options are presented in MCP post panel
+	* @since 3.1.5-RC1
+	*/
+	$vars = array(
+		'post_info',
+		'mcp_post_template_data',
+		'attachments',
+		's_additional_opts',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.mcp_post_template_data', compact($vars)));
+
+	$template->assign_vars($mcp_post_template_data);
+	$template->assign_var('S_MCP_POST_ADDITIONAL_OPTS', $s_additional_opts);
+
+	unset($mcp_post_template_data);
 
 	// Get User Notes
 	$log_data = array();
@@ -497,7 +538,7 @@ function change_poster(&$post_info, $userdata)
 	{
 		// We do some additional checks in the module to ensure it can actually be utilised
 		$error = false;
-		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		if (!$error && method_exists($search, 'destroy_cache'))
 		{

phpBB/includes/mcp/mcp_queue.php

@@ -616,7 +616,7 @@ class mcp_queue
 	*/
 	static public function approve_posts($action, $post_id_list, $id, $mode)
 	{
-		global $db, $template, $user, $config, $request, $phpbb_container;
+		global $db, $template, $user, $config, $request, $phpbb_container, $phpbb_dispatcher;
 		global $phpEx, $phpbb_root_path;
 
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
@@ -764,6 +764,30 @@ class mcp_queue
 				$success_msg = (sizeof($post_info) == 1) ? 'POST_' . strtoupper($action) . 'D_SUCCESS' : 'POSTS_' . strtoupper($action) . 'D_SUCCESS';
 			}
 
+			/**
+			 * Perform additional actions during post(s) approval
+			 *
+			 * @event core.approve_posts_after
+			 * @var	string	action				Variable containing the action we perform on the posts ('approve' or 'restore')
+			 * @var	array	post_info			Array containing info for all posts being approved
+			 * @var	array	topic_info			Array containing info for all parent topics of the posts
+			 * @var	int		num_topics			Variable containing number of topics
+			 * @var bool	notify_poster		Variable telling if the post should be notified or not
+			 * @var	string	success_msg			Variable containing the language key for the success message
+			 * @var string	redirect			Variable containing the redirect url
+			 * @since 3.1.4-RC1
+			 */
+			$vars = array(
+				'action',
+				'post_info',
+				'topic_info',
+				'num_topics',
+				'notify_poster',
+				'success_msg',
+				'redirect',
+			);
+			extract($phpbb_dispatcher->trigger_event('core.approve_posts_after', compact($vars)));
+
 			meta_refresh(3, $redirect);
 			$message = $user->lang[$success_msg];
 
@@ -840,7 +864,7 @@ class mcp_queue
 	static public function approve_topics($action, $topic_id_list, $id, $mode)
 	{
 		global $db, $template, $user, $config;
-		global $phpEx, $phpbb_root_path, $request, $phpbb_container;
+		global $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_dispatcher;
 
 		if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
 		{
@@ -945,6 +969,28 @@ class mcp_queue
 				}
 			}
 
+			/**
+			 * Perform additional actions during topics(s) approval
+			 *
+			 * @event core.approve_topics_after
+			 * @var	string	action				Variable containing the action we perform on the posts ('approve' or 'restore')
+			 * @var	mixed	topic_info			Array containing info for all topics being approved
+			 * @var	array	first_post_ids		Array containing ids of all first posts
+			 * @var bool	notify_poster		Variable telling if the poster should be notified or not
+			 * @var	string	success_msg			Variable containing the language key for the success message
+			 * @var string	redirect			Variable containing the redirect url
+			 * @since 3.1.4-RC1
+			 */
+			$vars = array(
+				'action',
+				'topic_info',
+				'first_post_ids',
+				'notify_poster',
+				'success_msg',
+				'redirect',
+			);
+			extract($phpbb_dispatcher->trigger_event('core.approve_topics_after', compact($vars)));
+
 			meta_refresh(3, $redirect);
 			$message = $user->lang[$success_msg];
 
@@ -1008,7 +1054,7 @@ class mcp_queue
 	*/
 	static public function disapprove_posts($post_id_list, $id, $mode)
 	{
-		global $db, $template, $user, $config, $phpbb_container;
+		global $db, $template, $user, $config, $phpbb_container, $phpbb_dispatcher;
 		global $phpEx, $phpbb_root_path, $request;
 
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
@@ -1239,8 +1285,6 @@ class mcp_queue
 				}
 			}
 
-			unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
-
 			if ($num_disapproved_topics)
 			{
 				$success_msg = ($num_disapproved_topics == 1) ? 'TOPIC' : 'TOPICS';
@@ -1275,6 +1319,44 @@ class mcp_queue
 				}
 			}
 
+			/**
+			 * Perform additional actions during post(s) disapproval
+			 *
+			 * @event core.disapprove_posts_after
+			 * @var	array	post_info					Array containing info for all posts being disapproved
+			 * @var	array	topic_information			Array containing information for the topics
+			 * @var	array	topic_posts_unapproved		Array containing list of topic ids and the count of disapproved posts in them
+			 * @var	array	post_disapprove_list		Array containing list of posts and their topic id
+			 * @var	int		num_disapproved_topics		Variable containing the number of disapproved topics
+			 * @var	int		num_disapproved_posts		Variable containing the number of disapproved posts
+			 * @var array	lang_reasons				Array containing the language keys for reasons
+			 * @var	string	disapprove_reason			Variable containing the language key for the success message
+			 * @var	string	disapprove_reason_lang		Variable containing the language key for the success message
+			 * @var bool	is_disapproving				Variable telling if anything is going to be disapproved
+			 * @var bool	notify_poster				Variable telling if the post should be notified or not
+			 * @var	string	success_msg					Variable containing the language key for the success message
+			 * @var string	redirect					Variable containing the redirect url
+			 * @since 3.1.4-RC1
+			 */
+			$vars = array(
+				'post_info',
+				'topic_information',
+				'topic_posts_unapproved',
+				'post_disapprove_list',
+				'num_disapproved_topics',
+				'num_disapproved_posts',
+				'lang_reasons',
+				'disapprove_reason',
+				'disapprove_reason_lang',
+				'is_disapproving',
+				'notify_poster',
+				'success_msg',
+				'redirect',
+			);
+			extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
+
+			unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
+
 			meta_refresh(3, $redirect);
 			$message = $user->lang[$success_msg];
 

phpBB/includes/mcp/mcp_reports.php

@@ -73,18 +73,66 @@ class mcp_reports
 
 				// closed reports are accessed by report id
 				$report_id = request_var('r', 0);
+				$sql_ary = array(
+					'SELECT'	=> 'r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour',
 
-				$sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
-					FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
-					WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
+					'FROM'		=> array(
+						REPORTS_TABLE			=> 'r',
+						REPORTS_REASONS_TABLE	=> 'rr',
+						USERS_TABLE				=> 'u',
+					),
+
+					'WHERE'		=> (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
 						AND rr.reason_id = r.reason_id
 						AND r.user_id = u.user_id
-						AND r.pm_id = 0
-					ORDER BY report_closed ASC';
+						AND r.pm_id = 0',
+
+					'ORDER_BY'	=> 'report_closed ASC',
+				);
+
+				/**
+				* Allow changing the query to obtain the user-submitted report.
+				*
+				* @event core.mcp_reports_report_details_query_before
+				* @var	array	sql_ary			The array in the format of the query builder with the query
+				* @var	mixed	forum_id		The forum_id, the number in the f GET parameter
+				* @var	int		post_id			The post_id of the report being viewed (if 0, it is meaningless)
+				* @var	int		report_id		The report_id of the report being viewed
+				* @since 3.1.5-RC1
+				*/
+				$vars = array(
+					'sql_ary',
+					'forum_id',
+					'post_id',
+					'report_id',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_before', compact($vars)));
+
+				$sql = $db->sql_build_query('SELECT', $sql_ary);
 				$result = $db->sql_query_limit($sql, 1);
 				$report = $db->sql_fetchrow($result);
 				$db->sql_freeresult($result);
 
+				/**
+				* Allow changing the data obtained from the user-submitted report.
+				*
+				* @event core.mcp_reports_report_details_query_after
+				* @var	array	sql_ary		The array in the format of the query builder with the query that had been executted
+				* @var	mixed	forum_id	The forum_id, the number in the f GET parameter
+				* @var	int		post_id		The post_id of the report being viewed (if 0, it is meaningless)
+				* @var	int		report_id	The report_id of the report being viewed
+				* @var	int		report		The query's resulting row.
+				* @since 3.1.5-RC1
+				*/
+				$vars = array(
+					'sql_ary',
+					'forum_id',
+					'post_id',
+					'report_id',
+					'report',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_after', compact($vars)));
+
 				if (!$report)
 				{
 					trigger_error('NO_REPORT');
@@ -489,6 +537,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		$post_id_list[] = $row[$id_column];
 	}
+	$db->sql_freeresult($result);
 	$post_id_list = array_unique($post_id_list);
 
 	if ($pm)

phpBB/includes/mcp/mcp_topic.php

@@ -25,7 +25,7 @@ if (!defined('IN_PHPBB'))
 function mcp_topic_view($id, $mode, $action)
 {
 	global $phpEx, $phpbb_root_path, $config;
-	global $template, $db, $user, $auth, $cache, $phpbb_container;
+	global $template, $db, $user, $auth, $cache, $phpbb_container, $phpbb_dispatcher;
 
 	$url = append_sid("{$phpbb_root_path}mcp.$phpEx?" . phpbb_extra_url());
 
@@ -147,21 +147,13 @@ function mcp_topic_view($id, $mode, $action)
 	$result = $db->sql_query_limit($sql, $posts_per_page, $start);
 
 	$rowset = $post_id_list = array();
-	$bbcode_bitfield = '';
 	while ($row = $db->sql_fetchrow($result))
 	{
 		$rowset[] = $row;
 		$post_id_list[] = $row['post_id'];
-		$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
 	}
 	$db->sql_freeresult($result);
 
-	if ($bbcode_bitfield !== '')
-	{
-		include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
-		$bbcode = new bbcode(base64_encode($bbcode_bitfield));
-	}
-
 	$topic_tracking_info = array();
 
 	// Get topic tracking info
@@ -228,7 +220,7 @@ function mcp_topic_view($id, $mode, $action)
 
 		$post_unread = (isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id]) ? true : false;
 
-		$template->assign_block_vars('postrow', array(
+		$post_row = array(
 			'POST_AUTHOR_FULL'		=> get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 			'POST_AUTHOR_COLOUR'	=> get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 			'POST_AUTHOR'			=> get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
@@ -250,9 +242,43 @@ function mcp_topic_view($id, $mode, $action)
 
 			'U_POST_DETAILS'	=> "$url&i=$id&p={$row['post_id']}&mode=post_details" . (($forum_id) ? "&f=$forum_id" : ''),
 			'U_MCP_APPROVE'		=> ($auth->acl_get('m_approve', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '',
-			'U_MCP_REPORT'		=> ($auth->acl_get('m_report', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '')
+			'U_MCP_REPORT'		=> ($auth->acl_get('m_report', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']) : '',
 		);
 
+		$current_row_number = $i;
+
+		/**
+		* Event to modify the template data block for topic reviews in the MCP
+		*
+		* @event core.mcp_topic_review_modify_row
+		* @var	int		id					ID of the tab we are displaying
+		* @var	string	mode				Mode of the MCP page we are displaying
+		* @var	int		topic_id			The topic ID we are currently reviewing
+		* @var	int		forum_id			The forum ID we are currently in
+		* @var	int		start				Start item of this page
+		* @var	int		current_row_number	Number of the post on this page
+		* @var	array	post_row			Template block array of the current post
+		* @var	array	row					Array with original post and user data
+		* @var	array	topic_info			Array with topic data
+		* @var	int		total				Total posts count
+		* @since 3.1.4-RC1
+		*/
+		$vars = array(
+			'id',
+			'mode',
+			'topic_id',
+			'forum_id',
+			'start',
+			'current_row_number',
+			'post_row',
+			'row',
+			'topic_info',
+			'total',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.mcp_topic_review_modify_row', compact($vars)));
+
+		$template->assign_block_vars('postrow', $post_row);
+
 		// Display not already displayed Attachments for this post, we already parsed them. ;)
 		if (!empty($attachments[$row['post_id']]))
 		{

phpBB/includes/message_parser.php

@@ -21,6 +21,19 @@ if (!defined('IN_PHPBB'))
 
 if (!class_exists('bbcode'))
 {
+	// The following lines are for extensions which include message_parser.php
+	// while $phpbb_root_path and $phpEx are out of the script scope
+	// which may lead to the 'Undefined variable' and 'failed to open stream' errors
+	if (!isset($phpbb_root_path))
+	{
+		global $phpbb_root_path;
+	}
+
+	if (!isset($phpEx))
+	{
+		global $phpEx;
+	}
+
 	include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
 }
 
@@ -115,6 +128,9 @@ class bbcode_firstpass extends bbcode
 		// [quote] in second position.
 		// To parse multiline URL we enable dotall option setting only for URL text
 		// but not for link itself, thus [url][/url] is not affected.
+		//
+		// To perform custom validation in extension, use $this->validate_bbcode_by_extension()
+		// method which accepts variable number of parameters
 		$this->bbcodes = array(
 			'code'			=> array('bbcode_id' => 8,	'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")),
 			'quote'			=> array('bbcode_id' => 0,	'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")),
@@ -313,7 +329,7 @@ class bbcode_firstpass extends bbcode
 		$in = str_replace(' ', '%20', $in);
 
 		// Checking urls
-		if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
+		if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))
 		{
 			return '[img]' . $in . '[/img]';
 		}
@@ -381,8 +397,8 @@ class bbcode_firstpass extends bbcode
 		$in = str_replace(' ', '%20', $in);
 
 		// Make sure $in is a URL.
-		if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) &&
-			!preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
+		if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) &&
+			!preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))
 		{
 			return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
 		}
@@ -973,9 +989,9 @@ class bbcode_firstpass extends bbcode
 		$url = str_replace(' ', '%20', $url);
 
 		// Checking urls
-		if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) ||
-			preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) ||
-			preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url))
+		if (preg_match('#^' . get_preg_expression('url') . '$#iu', $url) ||
+			preg_match('#^' . get_preg_expression('www_url') . '$#iu', $url) ||
+			preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#iu', $url))
 		{
 			$valid = true;
 		}
@@ -1103,7 +1119,7 @@ class parse_message extends bbcode_firstpass
 	*/
 	function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post')
 	{
-		global $config, $db, $user;
+		global $config, $db, $user, $phpbb_dispatcher;
 
 		$this->mode = $mode;
 
@@ -1158,6 +1174,58 @@ class parse_message extends bbcode_firstpass
 			}
 		}
 
+		/**
+		* This event can be used for additional message checks/cleanup before parsing
+		*
+		* @event core.message_parser_check_message
+		* @var bool		allow_bbcode			Do we allow BBCodes
+		* @var bool		allow_magic_url			Do we allow magic urls
+		* @var bool		allow_smilies			Do we allow smilies
+		* @var bool		allow_img_bbcode		Do we allow image BBCode
+		* @var bool		allow_flash_bbcode		Do we allow flash BBCode
+		* @var bool		allow_quote_bbcode		Do we allow quote BBCode
+		* @var bool		allow_url_bbcode		Do we allow url BBCode
+		* @var bool		update_this_message		Do we alter the parsed message
+		* @var string	mode					Posting mode
+		* @var string	message					The message text to parse
+		* @var string	bbcode_bitfield			The bbcode_bitfield before parsing
+		* @var string	bbcode_uid				The bbcode_uid before parsing
+		* @var bool		return					Do we return after the event is triggered if $warn_msg is not empty
+		* @var array	warn_msg				Array of the warning messages
+		* @since 3.1.2-RC1
+		* @change 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid
+		*/
+		$message = $this->message;
+		$warn_msg = $this->warn_msg;
+		$return = false;
+		$bbcode_bitfield = $this->bbcode_bitfield;
+		$bbcode_uid = $this->bbcode_uid;
+		$vars = array(
+			'allow_bbcode',
+			'allow_magic_url',
+			'allow_smilies',
+			'allow_img_bbcode',
+			'allow_flash_bbcode',
+			'allow_quote_bbcode',
+			'allow_url_bbcode',
+			'update_this_message',
+			'mode',
+			'message',
+			'bbcode_bitfield',
+			'bbcode_uid',
+			'return',
+			'warn_msg',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars)));
+		$this->message = $message;
+		$this->warn_msg = $warn_msg;
+		$this->bbcode_bitfield = $bbcode_bitfield;
+		$this->bbcode_uid = $bbcode_uid;
+		if ($return && !empty($this->warn_msg))
+		{
+			return (!$update_this_message) ? $return_message : $this->warn_msg;
+		}
+
 		// Prepare BBcode (just prepares some tags for better parsing)
 		if ($allow_bbcode && strpos($this->message, '[') !== false)
 		{
@@ -1810,4 +1878,36 @@ class parse_message extends bbcode_firstpass
 	{
 		$this->mimetype_guesser = $mimetype_guesser;
 	}
+
+	/**
+	* Function to perform custom bbcode validation by extensions
+	* can be used in bbcode_init() to assign regexp replacement
+	* Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')")
+	*
+	* Accepts variable number of parameters
+	*
+	* @return mixed Validation result
+	*/
+	public function validate_bbcode_by_extension()
+	{
+		global $phpbb_dispatcher;
+
+		$return = false;
+		$params_array = func_get_args();
+
+		/**
+		* Event to validate bbcode with the custom validating methods
+		* provided by extensions
+		*
+		* @event core.validate_bbcode_by_extension
+		* @var array	params_array	Array with the function parameters
+		* @var mixed	return			Validation result to return
+		*
+		* @since 3.1.5-RC1
+		*/
+		$vars = array('params_array', 'return');
+		extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars)));
+
+		return $return;
+	}
 }

phpBB/includes/startup.php

@@ -69,31 +69,13 @@ function deregister_globals()
 	{
 		if (isset($not_unset[$varname]))
 		{
-			// Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely)
-			if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
+			// Hacking attempt. No point in continuing.
+			if (isset($_COOKIE[$varname]))
 			{
-				exit;
-			}
-			else
-			{
-				$cookie = &$_COOKIE;
-				while (isset($cookie['GLOBALS']))
-				{
-					if (!is_array($cookie['GLOBALS']))
-					{
-						break;
-					}
-
-					foreach ($cookie['GLOBALS'] as $registered_var => $value)
-					{
-						if (!isset($not_unset[$registered_var]))
-						{
-							unset($GLOBALS[$registered_var]);
-						}
-					}
-					$cookie = &$cookie['GLOBALS'];
-				}
+				echo "Clear your cookies. ";
 			}
+			echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals.";
+			exit;
 		}
 
 		unset($GLOBALS[$varname]);

phpBB/includes/ucp/ucp_auth_link.php

@@ -34,11 +34,12 @@ class ucp_auth_link
 	*/
 	public function main($id, $mode)
 	{
-		global $config, $request, $template, $phpbb_container, $user;
+		global $request, $template, $phpbb_container, $user;
 
 		$error = array();
 
-		$auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']);
+		$provider_collection = $phpbb_container->get('auth.provider_collection');
+		$auth_provider = $provider_collection->get_provider();
 
 		// confirm that the auth provider supports this page
 		$provider_data = $auth_provider->get_auth_link_data();

phpBB/includes/ucp/ucp_login_link.php

@@ -39,7 +39,7 @@ class ucp_login_link
 	*/
 	function main($id, $mode)
 	{
-		global $config, $phpbb_container, $request, $template, $user;
+		global $phpbb_container, $request, $template, $user;
 		global $phpbb_root_path, $phpEx;
 
 		// Initialize necessary variables
@@ -57,8 +57,8 @@ class ucp_login_link
 		}
 
 		// Use the auth_provider requested even if different from configured
-		$auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']);
-		$auth_provider = $phpbb_container->get($auth_provider);
+		$provider_collection = $phpbb_container->get('auth.provider_collection');
+		$auth_provider = $provider_collection->get_provider($request->variable('auth_provider', ''));
 
 		// Set the link_method to login_link
 		$data['link_method'] = 'login_link';
@@ -75,7 +75,7 @@ class ucp_login_link
 		{
 			if ($request->is_set_post('login'))
 			{
-				$login_username = $request->variable('login_username', '', false, \phpbb\request\request_interface::POST);
+				$login_username = $request->variable('login_username', '', true, \phpbb\request\request_interface::POST);
 				$login_password = $request->untrimmed_variable('login_password', '', true, \phpbb\request\request_interface::POST);
 
 				$login_result = $auth_provider->login($login_username, $login_password);