Merge pull request #4899 from rubencm/ticket/15286

[ticket/15286] Use storage in attachments

.gitignore

@@ -17,7 +17,12 @@
 /phpBB/styles/*
 !/phpBB/styles/prosilver
 !/phpBB/styles/all
+node_modules
 /phpBB/vendor
+/phpBB/vendor-ext/*
+!/phpBB/vendor-ext/.git-keep
+/phpBB/composer-ext.json
+/phpBB/composer-ext.lock
 /tests/phpbb_unit_tests.sqlite*
 /tests/test_config*.php
 /tests/tmp/*

.postcss-sorting.json

@@ -0,0 +1,243 @@
+{
+	"order": [
+		"custom-properties",
+		"dollar-variables",
+		{
+			"type": "at-rule",
+			"name": "include"
+		},
+		"declarations",
+		"rules",
+		{
+			"type": "at-rule",
+			"name": "media"
+		}
+	],
+	"properties-order": [
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"font",
+				"font-family",
+				"font-size",
+				"font-weight",
+				"font-style",
+				"font-variant",
+				"font-size-adjust",
+				"font-stretch",
+				"font-effect",
+				"font-emphasize",
+				"font-emphasize-position",
+				"font-emphasize-style",
+				"font-smooth",
+				"font-smoothing",
+				"line-height",
+				"text-align",
+				"text-align-last",
+				"vertical-align",
+				"white-space",
+				"text-decoration",
+				"text-emphasis",
+				"text-emphasis-color",
+				"text-emphasis-style",
+				"text-emphasis-position",
+				"text-indent",
+				"text-justify",
+				"letter-spacing",
+				"word-spacing",
+				"writing-mode",
+				"text-outline",
+				"text-transform",
+				"text-size-adjust",
+				"text-wrap",
+				"text-overflow",
+				"text-overflow-ellipsis",
+				"text-overflow-mode",
+				"word-wrap",
+				"word-break",
+				"tab-size",
+				"hyphens"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"background",
+				"background-color",
+				"background-image",
+				"background-repeat",
+				"background-attachment",
+				"background-position",
+				"background-position-x",
+				"background-position-y",
+				"background-clip",
+				"background-origin",
+				"background-size",
+				"interpolation-mode",
+				"filter",
+				"border",
+				"border-width",
+				"border-style",
+				"border-color",
+				"border-top",
+				"border-top-width",
+				"border-top-style",
+				"border-top-color",
+				"border-right",
+				"border-right-width",
+				"border-right-style",
+				"border-right-color",
+				"border-bottom",
+				"border-bottom-width",
+				"border-bottom-style",
+				"border-bottom-color",
+				"border-left",
+				"border-left-width",
+				"border-left-style",
+				"border-left-color",
+				"border-radius",
+				"border-top-left-radius",
+				"border-top-right-radius",
+				"border-bottom-right-radius",
+				"border-bottom-left-radius",
+				"border-image",
+				"border-image-source",
+				"border-image-slice",
+				"border-image-width",
+				"border-image-outset",
+				"border-image-repeat",
+				"outline",
+				"outline-width",
+				"outline-style",
+				"outline-color",
+				"outline-offset",
+				"tap-highlight-color"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"box-decoration-break",
+				"box-shadow",
+				"text-shadow"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"color",
+				"opacity"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"position",
+				"z-index",
+				"top",
+				"right",
+				"bottom",
+				"left"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"display",
+				"visibility",
+				"float",
+				"clear",
+				"overflow",
+				"overflow-x",
+				"overflow-y",
+				"overflow-scrolling",
+				"clip",
+				"zoom",
+				"flex",
+				"flex-direction",
+				"flex-order",
+				"flex-pack",
+				"flex-align",
+				"flex-basis",
+				"flex-grow",
+				"flex-shrink",
+				"flex-wrap",
+				"justify-content",
+				"align-items",
+				"align-self"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"box-sizing",
+				"width",
+				"min-width",
+				"max-width",
+				"height",
+				"min-height",
+				"max-height",
+				"margin",
+				"margin-top",
+				"margin-right",
+				"margin-bottom",
+				"margin-left",
+				"padding",
+				"padding-top",
+				"padding-right",
+				"padding-bottom",
+				"padding-left"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"table-layout",
+				"empty-cells",
+				"caption-side",
+				"border-spacing",
+				"border-collapse",
+				"list-style",
+				"list-style-position",
+				"list-style-type",
+				"list-style-image"
+			]
+		},
+		{
+			"emptyLineBefore": false,
+			"properties": [
+				"content",
+				"quotes",
+				"counter-reset",
+				"counter-increment",
+				"resize",
+				"cursor",
+				"touch-callout",
+				"touch-action",
+				"user-select",
+				"nav-index",
+				"nav-up",
+				"nav-right",
+				"nav-down",
+				"nav-left",
+				"transition",
+				"transition-delay",
+				"transition-timing-function",
+				"transition-duration",
+				"transition-property",
+				"transform",
+				"transform-origin",
+				"animation",
+				"animation-name",
+				"animation-duration",
+				"animation-play-state",
+				"animation-timing-function",
+				"animation-delay",
+				"animation-iteration-count",
+				"animation-direction",
+				"pointer-events"
+			]
+		}
+	],
+	"unspecified-properties-position": "bottomAlphabetical"
+}

.stylelintrc

@@ -0,0 +1,391 @@
+{
+	"plugins": [
+		"stylelint-order"
+	],
+	"ignoreFiles": [
+		"./phpBB/styles/prosilver/theme/normalize.css",
+	],
+	"rules": {
+		"at-rule-name-case": "lower",
+		"at-rule-name-newline-after": "always-multi-line",
+		"at-rule-name-space-after": "always-single-line",
+		"at-rule-no-vendor-prefix": true,
+		"at-rule-semicolon-newline-after": "always",
+
+		"block-closing-brace-newline-after": [
+			"always", {
+				"ignoreAtRules": ["if", "else"]
+			}
+		],
+		"block-closing-brace-newline-before": "always-multi-line",
+		"block-closing-brace-space-before": "always-single-line",
+
+		"block-no-empty": true,
+
+		"block-opening-brace-newline-after": "always-multi-line",
+		"block-opening-brace-space-after": "always-single-line",
+		"block-opening-brace-space-before": "always",
+
+		"color-hex-case": "lower",
+		"color-hex-length": "long",
+		"color-named": "never",
+		"color-no-invalid-hex": true,
+
+		"comment-empty-line-before": [
+			"always", {
+				"except": ["first-nested"],
+				"ignore": ["stylelint-commands"]
+			}
+		],
+		"comment-whitespace-inside": "always",
+
+		"declaration-bang-space-after": "never",
+		"declaration-bang-space-before": "always",
+
+		"declaration-block-no-shorthand-property-overrides": true,
+		"declaration-block-semicolon-newline-after": "always-multi-line",
+		"declaration-block-semicolon-newline-before": "never-multi-line",
+		"declaration-block-semicolon-space-after": "always-single-line",
+		"declaration-block-semicolon-space-before": "never",
+		"declaration-block-trailing-semicolon": "always",
+		"declaration-block-single-line-max-declarations": 1,
+		"declaration-block-no-duplicate-properties": [
+			true, {
+				"ignore": ["consecutive-duplicates-with-different-values"]
+			}
+		],
+
+		"declaration-colon-newline-after": "always-multi-line",
+		"declaration-colon-space-after": "always-single-line",
+		"declaration-colon-space-before": "never",
+
+		"declaration-empty-line-before": "never",
+
+		"declaration-property-unit-blacklist": {
+			"line-height": ["rem", "em", "%"]
+		},
+		"declaration-property-unit-whitelist": {
+			"height": ["px", "%", "vh"],
+			"width": ["px", "%", "vw"],
+			"font-size": ["px", "rem", "%"],
+			"margin-left": ["px", "rem", "%"],
+			"margin-right": ["px", "rem", "%"],
+			"margin-top": ["px", "rem", "%"],
+			"margin-bottom": ["px", "rem", "%"],
+			"padding-left": ["px", "rem"],
+			"padding-right": ["px", "rem"],
+			"padding-top": ["px", "rem"],
+			"padding-bottom": ["px", "rem"],
+			"letter-spacing": ["em"],
+			"word-spacing": ["em"]
+		},
+
+		"font-family-name-quotes": "always-where-recommended",
+		"function-calc-no-unspaced-operator": true,
+
+		"function-comma-newline-after": "never-multi-line",
+		"function-comma-newline-before": "never-multi-line",
+		"function-comma-space-after": "always-single-line",
+		"function-comma-space-before": "never-single-line",
+
+		"function-linear-gradient-no-nonstandard-direction": true,
+		"function-max-empty-lines": 5,
+
+		"function-name-case": "lower",
+		"function-parentheses-newline-inside": "always-multi-line",
+		"function-parentheses-space-inside": "never-single-line",
+		"function-url-quotes": "always",
+		"function-whitespace-after": "always",
+
+		"indentation": "tab",
+
+		"length-zero-no-unit": true,
+
+		"max-empty-lines": 10,
+		"max-line-length": 180,
+		"max-nesting-depth": 4,
+
+		"media-feature-colon-space-after": "always",
+		"media-feature-colon-space-before": "never",
+		"media-feature-name-case": "lower",
+		"media-feature-parentheses-space-inside": "never",
+		"media-feature-range-operator-space-after": "always",
+		"media-feature-range-operator-space-before": "always",
+		"media-query-list-comma-newline-after": "always-multi-line",
+		"media-query-list-comma-newline-before": "never-multi-line",
+		"media-query-list-comma-space-after": "always-single-line",
+		"media-query-list-comma-space-before": "never",
+
+		"no-duplicate-selectors": true,
+		"no-empty-source": true,
+		"no-eol-whitespace": true,
+		"no-extra-semicolons": true,
+		"no-missing-end-of-source-newline": true,
+		"no-unknown-animations": true,
+
+		"number-leading-zero": "always",
+		"number-max-precision": 10,
+		"number-no-trailing-zeros": true,
+
+		"property-case": "lower",
+		"property-no-unknown": true,
+
+		"rule-empty-line-before": ["always-multi-line", {
+			"ignore": ["after-comment"],
+			"except": ["first-nested"]
+		}],
+
+		"selector-attribute-brackets-space-inside": "never",
+		"selector-attribute-operator-space-after": "never",
+		"selector-attribute-operator-space-before": "never",
+		"selector-attribute-quotes": "always",
+
+		"selector-combinator-space-after": "always",
+		"selector-combinator-space-before": "always",
+
+		"selector-list-comma-newline-after": "always",
+		"selector-list-comma-space-before": "never",
+
+		"selector-max-empty-lines": 5,
+		"selector-max-compound-selectors": 5,
+
+		"selector-pseudo-class-case": "lower",
+		"selector-pseudo-class-no-unknown": true,
+		"selector-pseudo-class-parentheses-space-inside": "never",
+
+		"selector-pseudo-element-case": "lower",
+		"selector-pseudo-element-colon-notation": "single",
+		"selector-pseudo-element-no-unknown": true,
+
+		"selector-type-case": "lower",
+		"selector-type-no-unknown": true,
+
+		"selector-descendant-combinator-no-non-space": true,
+		"selector-max-id": 0,
+		"selector-no-qualifying-type": [
+			true, {
+				"ignore": ["attribute"]
+			}
+		],
+
+		"shorthand-property-no-redundant-values": true,
+
+		"string-no-newline": true,
+		"string-quotes": "double",
+
+		"unit-case": "lower",
+		"unit-no-unknown": true,
+
+		"value-list-comma-newline-after": "always-multi-line",
+		"value-list-comma-newline-before": "never-multi-line",
+		"value-list-comma-space-after": "always-single-line",
+		"value-list-comma-space-before": "never",
+		"order/declaration-block-order": [
+			"custom-properties",
+			"dollar-variables",
+			{
+				"type": "at-rule",
+				"name": "include"
+			},
+			"declarations",
+			"rules",
+			{
+				"type": "at-rule",
+				"name": "media"
+			}
+		],
+		"order/declaration-block-properties-specified-order": [
+			[
+				"font",
+				"font-family",
+				"font-size",
+				"font-weight",
+				"font-style",
+				"font-variant",
+				"font-size-adjust",
+				"font-stretch",
+				"font-effect",
+				"font-emphasize",
+				"font-emphasize-position",
+				"font-emphasize-style",
+				"font-smooth",
+				"font-smoothing",
+				"line-height",
+				"text-align",
+				"text-align-last",
+				"vertical-align",
+				"white-space",
+				"text-decoration",
+				"text-emphasis",
+				"text-emphasis-color",
+				"text-emphasis-style",
+				"text-emphasis-position",
+				"text-indent",
+				"text-justify",
+				"letter-spacing",
+				"word-spacing",
+				"writing-mode",
+				"text-outline",
+				"text-transform",
+				"text-size-adjust",
+				"text-wrap",
+				"text-overflow",
+				"text-overflow-ellipsis",
+				"text-overflow-mode",
+				"word-wrap",
+				"word-break",
+				"tab-size",
+				"hyphens",
+
+				"background",
+				"background-color",
+				"background-image",
+				"background-repeat",
+				"background-attachment",
+				"background-position",
+				"background-position-x",
+				"background-position-y",
+				"background-clip",
+				"background-origin",
+				"background-size",
+				"interpolation-mode",
+				"filter",
+
+				"border",
+				"border-width",
+				"border-style",
+				"border-color",
+				"border-top",
+				"border-top-width",
+				"border-top-style",
+				"border-top-color",
+				"border-right",
+				"border-right-width",
+				"border-right-style",
+				"border-right-color",
+				"border-bottom",
+				"border-bottom-width",
+				"border-bottom-style",
+				"border-bottom-color",
+				"border-left",
+				"border-left-width",
+				"border-left-style",
+				"border-left-color",
+				"border-radius",
+				"border-top-left-radius",
+				"border-top-right-radius",
+				"border-bottom-right-radius",
+				"border-bottom-left-radius",
+				"border-image",
+				"border-image-source",
+				"border-image-slice",
+				"border-image-width",
+				"border-image-outset",
+				"border-image-repeat",
+				"outline",
+				"outline-width",
+				"outline-style",
+				"outline-color",
+				"outline-offset",
+				"tap-highlight-color",
+
+				"box-decoration-break",
+				"box-shadow",
+				"text-shadow",
+
+				"color",
+				"opacity",
+
+				"position",
+				"z-index",
+				"top",
+				"right",
+				"bottom",
+				"left",
+
+				"display",
+				"visibility",
+				"float",
+				"clear",
+				"overflow",
+				"overflow-x",
+				"overflow-y",
+				"overflow-scrolling",
+				"clip",
+				"zoom",
+				"flex",
+				"flex-direction",
+				"flex-order",
+				"flex-pack",
+				"flex-align",
+				"flex-basis",
+				"flex-grow",
+				"flex-shrink",
+				"flex-wrap",
+				"justify-content",
+				"align-items",
+				"align-self",
+
+				"box-sizing",
+				"width",
+				"min-width",
+				"max-width",
+				"height",
+				"min-height",
+				"max-height",
+				"margin",
+				"margin-top",
+				"margin-right",
+				"margin-bottom",
+				"margin-left",
+				"padding",
+				"padding-top",
+				"padding-right",
+				"padding-bottom",
+				"padding-left",
+
+				"table-layout",
+				"empty-cells",
+				"caption-side",
+				"border-spacing",
+				"border-collapse",
+				"list-style",
+				"list-style-position",
+				"list-style-type",
+				"list-style-image",
+
+				"content",
+				"quotes",
+				"counter-reset",
+				"counter-increment",
+				"resize",
+				"cursor",
+				"touch-callout",
+				"touch-action",
+				"user-select",
+				"nav-index",
+				"nav-up",
+				"nav-right",
+				"nav-down",
+				"nav-left",
+				"transition",
+				"transition-delay",
+				"transition-timing-function",
+				"transition-duration",
+				"transition-property",
+				"transform",
+				"transform-origin",
+				"animation",
+				"animation-name",
+				"animation-duration",
+				"animation-play-state",
+				"animation-timing-function",
+				"animation-delay",
+				"animation-iteration-count",
+				"animation-direction",
+				"pointer-events"
+			],
+			{ unspecified: "bottomAlphabetical" }
+		]
+	}
+}

.travis.yml

@@ -4,24 +4,20 @@ dist: precise
 
 matrix:
   include:
-    - php: 5.4
-      env: DB=none;NOTESTS=1
-    - php: 5.4
-      env: DB=mysqli # MyISAM
-    - php: 5.4
-      env: DB=mysql
-    - php: 5.4
-      env: DB=mariadb
-    - php: 5.4
-      env: DB=postgres
-    - php: 5.4
-      env: DB=sqlite3
-    - php: 5.4
-      env: DB=mysqli;SLOWTESTS=1
-    - php: 5.5
-      env: DB=mysqli
     - php: 5.6
-      env: DB=mysqli
+      env: DB=none;NOTESTS=1
+    - php: 5.6
+      env: DB=mariadb
+    - php: 5.6
+      env: DB=postgres
+    - php: 5.6
+      env: DB=sqlite3
+    - php: 5.6
+      env: DB=mysqli;SLOWTESTS=1
+    - php: 5.6
+      env: DB=mysqli # MyISAM
+    - php: 5.6
+      env: DB=mysql
     - php: 7.0
       env: DB=mysqli
     - php: 7.1
@@ -34,6 +30,11 @@ matrix:
     - php: nightly
   fast_finish: true
 
+addons:
+  apt:
+    sources:
+      - node
+
 services:
   - redis-server
 
@@ -49,6 +50,7 @@ script:
   - travis/check-sami-parse-errors.sh $DB $TRAVIS_PHP_VERSION $NOTESTS
   - travis/check-image-icc-profiles.sh $DB $TRAVIS_PHP_VERSION $NOTESTS
   - travis/check-executable-files.sh $DB $TRAVIS_PHP_VERSION $NOTESTS ./
+  - travis/check-stylesheet.sh $NOTESTS
   - sh -c "if [ '$SLOWTESTS' != '1' -a '$DB' = 'mysqli' ]; then phpBB/vendor/bin/phpunit tests/lint_test.php; fi"
   - sh -c "if [ '$NOTESTS' != '1' -a '$SLOWTESTS' != '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml --verbose --stop-on-error; fi"
   - sh -c "if [ '$SLOWTESTS' = '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml --group slow; fi"

build/build.xml

@@ -2,7 +2,7 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.2.4-dev" />
+	<property name="newversion" value="3.3.0-a1-dev" />
 	<property name="prevversion" value="3.2.2" />
 	<property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.1" />
 	<!-- no configuration should be needed beyond this point -->
@@ -95,6 +95,7 @@
 				--ignore=${project.basedir}/phpBB/install/database_update.php
 				--ignore=${project.basedir}/phpBB/phpbb/*
 				--ignore=${project.basedir}/phpBB/vendor/*
+				--ignore=${project.basedir}/phpBB/vendor-ext/*
 				phpBB"
 			dir="." returnProperty="retval-php-legacy" passthru="true" />
 		<exec command="phpBB/vendor/bin/phpcs

gulpfile.js

@@ -0,0 +1,71 @@
+'use strict';
+
+const del = require('del');
+const gulp = require('gulp');
+const autoprefixer = require('gulp-autoprefixer');
+const sass = require('gulp-sass');
+const rename = require('gulp-rename');
+const sourcemaps = require('gulp-sourcemaps');
+const cssnano = require('gulp-cssnano');
+const postcss = require('gulp-postcss');
+const stylefmt = require('gulp-stylefmt');
+const sorting = require('postcss-sorting');
+const atimport = require('postcss-import');
+const torem = require('postcss-pxtorem');
+const sortOrder = require('./.postcss-sorting.json');
+const pkg = require('./package.json');
+
+// Config
+const build = {
+	css: './phpBB/styles/prosilver/theme/',
+};
+
+const AUTOPREFIXER_BROWSERS = [
+	'> 1%',
+	'last 2 versions'
+];
+
+gulp.task('css', () => {
+	const css = gulp
+	.src(build.css + '*.css')
+	.pipe(autoprefixer(AUTOPREFIXER_BROWSERS))
+	.pipe(
+		postcss([
+			sorting(sortOrder)
+		])
+	)
+	.pipe(stylefmt())
+	.pipe(gulp.dest(build.css));
+
+	return css;
+});
+
+gulp.task('clean', () => {
+	del(['dist']);
+});
+
+gulp.task('minify', () => {
+	const css = gulp
+	.src(build.css + '/bidi.css')
+	.pipe(sourcemaps.init())
+	.pipe(
+		postcss([
+			atimport()
+		])
+	)
+	.pipe(cssnano())
+	.pipe(rename({
+		suffix: '.min',
+		extname: '.css'
+	}))
+	.pipe(sourcemaps.write('./'))
+	.pipe(gulp.dest(build.css));
+
+	return css;
+});
+
+gulp.task('watch', () => {
+	gulp.watch('phpBB/styles/prosilver/theme/*.css', ['css']);
+});
+
+gulp.task('default', ['css', 'watch']);

package.json

@@ -0,0 +1,52 @@
+{
+  "name": "phpbb",
+  "version": "3.3.0-dev",
+  "description": "phpBB Forum Software application",
+  "main": " ",
+  "directories": {
+    "doc": "docs"
+  },
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/phpbb/phpbb.git"
+  },
+  "browserslist": [
+    "> 1%",
+    "last 2 versions"
+  ],
+  "keywords": [
+    "phpBB",
+    "phpbb",
+    "forum",
+    "php",
+    "software",
+    "community"
+  ],
+  "author": "",
+  "license": "GPL-2.0",
+  "bugs": {
+    "url": "https://tracker.phpbb.com"
+  },
+  "homepage": "https://www.phpbb.com",
+  "devDependencies": {
+    "stylelint": "8.0.0",
+    "stylelint-order": "0.3.0"
+  },
+  "dependencies": {
+    "del": "^3.0.0",
+    "gulp": "^3.9.1",
+    "gulp-autoprefixer": "^4.0.0",
+    "gulp-cssnano": "^2.1.2",
+    "gulp-postcss": "^7.0.0",
+    "gulp-rename": "^1.2.2",
+    "gulp-sass": "^3.1.0",
+    "gulp-sourcemaps": "^2.6.1",
+    "gulp-stylefmt": "^1.1.0",
+    "postcss-import": "^11.0.0",
+    "postcss-pxtorem": "^4.0.1",
+    "postcss-sorting": "^3.0.2"
+  }
+}

phpBB/adm/style/acp_ext_catalog.html

@@ -0,0 +1,130 @@
+{% include('overall_header.html') %}
+
+<a id="maincontent"></a>
+
+<h1>{{ lang( 'EXTENSIONS_CATALOG') }}</h1>
+
+<p>{{ lang( 'EXTENSIONS_CATALOG_EXPLAIN') }}</p>
+
+<fieldset class="quick quick-left">
+	<span class="small"><a href="https://www.phpbb.com/go/customise/extensions/{{ PHPBB_MAJOR }}" target="_blank">{{ lang('BROWSE_EXTENSIONS_DATABASE') }}</a> &bull; <a href="javascript:phpbb.toggleDisplay('catalog_settings');">{{ lang('SETTINGS') }}</a></span>
+</fieldset>
+
+{% if pagination is defined %}
+	<div class="pagination top-pagination">
+		{% include('pagination.html') %}
+	</div>
+{% endif %}
+
+<form id="catalog_settings" method="post" action="{{ U_ACTION }}" style="display:none">
+	<fieldset style="clear: both;">
+		<legend>{{ lang('EXTENSIONS_CATALOG_SETTINGS') }}</legend>
+		<dl>
+			<dt><label for="enable_on_install">{{ lang('ENABLE_ON_INSTALL') }}{{ lang('COLON') }}</label></dt>
+			<dd>
+				<label><input type="radio" id="enable_on_install" name="enable_on_install" class="radio" value="1"{% if settings.enable_on_install %} checked="checked" {% endif %} /> {{ lang('YES') }}</label>
+				<label><input type="radio" name="enable_on_install" class="radio" value="0"{% if not settings.enable_on_install %} checked="checked" {% endif %} /> {{ lang('NO') }}</label>
+			</dd>
+		</dl>
+		<dl>
+			<dt><label for="purge_on_remove">{{ lang('PURGE_ON_REMOVE') }}{{ lang('COLON') }}</label></dt>
+			<dd>
+				<label><input type="radio" id="purge_on_remove" name="purge_on_remove" class="radio" value="1"{% if settings.purge_on_remove %} checked="checked" {% endif %} /> {{ lang('YES') }}</label>
+				<label><input type="radio" name="purge_on_remove" class="radio" value="0"{% if not settings.purge_on_remove %} checked="checked" {% endif %} /> {{ lang('NO') }}</label>
+			</dd>
+		</dl>
+		<dl>
+			<dt>
+				<label for="repositories">{{ lang('COMPOSER_REPOSITORIES') }}{{ lang('COLON') }}</label><br />
+				<span class="explain">
+					{{ lang('COMPOSER_REPOSITORIES_EXPLAIN') }}
+				</span>
+			</dt>
+			<dd>
+				<textarea id="repositories" name="repositories" rows="5" cols="30">{{ settings.repositories|join('\n') }}</textarea>
+			</dd>
+		</dl>
+		<dl>
+			<dt>
+				<label for="enable_packagist">{{ lang('ENABLE_PACKAGIST') }}{{ lang('COLON') }}</label><br />
+				<span class="explain">
+					<strong class="error">{{ lang('WARNING') }}{{ lang('COLON') }}</strong> {{ lang('ENABLE_PACKAGIST_EXPLAIN') }}
+				</span>
+			</dt>
+			<dd>
+				<label><input type="radio" id="enable_packagist" name="enable_packagist" class="radio" value="1"{% if settings.enable_packagist %} checked="checked" {% endif %} /> {{ lang('YES') }}</label>
+				<label><input type="radio" name="enable_packagist" class="radio" value="0"{% if not settings.enable_packagist %} checked="checked" {% endif %} /> {{ lang('NO') }}</label>
+			</dd>
+		</dl>
+		<dl>
+			<dt>
+				<label for="minimum_stability">{{ lang('COMPOSER_MINIMUM_STABILITY') }}{{ lang('COLON') }}</label><br />
+				<span class="explain">
+					<strong class="error">{{ lang('WARNING') }}{{ lang('COLON') }}</strong> {{ lang('COMPOSER_MINIMUM_STABILITY_EXPLAIN') }}
+				</span>
+			</dt>
+			<dd>
+				<select id="minimum_stability" name="minimum_stability">
+					{% for stability in settings.stabilities %}
+						<option value="{{ stability }}"{% if stability === settings.minimum_stability %} selected='selected'{% endif %}>{{ lang('STABILITY_' ~ stability|upper) }}</option>
+					{% endfor %}
+				</select>
+			</dd>
+		</dl>
+
+		<p class="submit-buttons">
+			<input class="button1" type="submit" name="update" value="{{ lang('SUBMIT') }}" />&nbsp;
+			<input class="button2" type="reset" name="reset" value="{{ lang('RESET') }}" />
+			<input type="hidden" name="action" value="set_catalog_settings" />
+			{{ S_FORM_TOKEN }}
+		</p>
+	</fieldset>
+</form>
+
+{% if extensions is empty %}
+<tr>
+	<td colspan="4"><div class="errorbox notice">{{ lang('NO_EXTENSION_AVAILABLE') }}</div></td>
+</tr>
+{% else %}
+<table class="table1">
+	<col class="row1" ><col class="row1" ><col class="row1" ><col class="row2" >
+<thead>
+	<tr>
+		<th style="width: 25%;">{{ lang("EXTENSION_NAME") }}</th>
+		<th style="text-align: center; width: 10%;">{{ lang("VERSION") }}</th>
+		<th>{{ lang("DESCRIPTION") }}</th>
+		<th style="text-align: center; width: 15%;">{{ lang("EXTENSION_ACTIONS") }}</th>
+	</tr>
+</thead>
+<tbody>
+{% for extension in extensions %}
+	<tr>
+		<td>
+			<strong>{{ extension.display_name }}</strong><br />
+			{{ extension.name }}
+		</td>
+		<td style="text-align: center">{{ extension.version }}</td>
+		<td>{{ extension.description }} &bull; <a href="{{ extension.url }}">{{ lang('HOMEPAGE') }}</a></td>
+		<td style="text-align: center">
+			{% if extension.name in managed_extensions %}
+				<span style="color: #228822;">{{ lang('INSTALLED') }}</span>
+			{% elseif extension.name in installed_extensions -%}
+				<span style="color: #BC2A4D;">{{ lang('INSTALLED_MANUALLY') }}</span>
+				(<a href="{{ U_ACTION }}&amp;action=manage&amp;extension={{ extension.composer_name|url_encode }}">{{ lang('MANAGE') }}</a>)
+			{% elseif not enabled -%}
+				<a href="{{ U_ACTION }}&amp;action=install&amp;extension={{ extension.composer_name|url_encode }}">{{ lang('INSTALL') }}</a>
+			{%- endif -%}
+		</td>
+	</tr>
+{% endfor %}
+</tbody>
+</table>
+{% endif %}
+
+{% if pagination is defined %}
+	<div class="pagination bottom-pagination">
+		{% include('pagination.html') %}
+	</div>
+{% endif %}
+
+{% include('overall_footer.html') %}

phpBB/adm/style/acp_ext_list.html

@@ -7,7 +7,7 @@
 	<p>{L_EXTENSIONS_EXPLAIN}</p>
 
 	<fieldset class="quick">
-		<span class="small"><a href="https://www.phpbb.com/go/customise/extensions/3.2" target="_blank">{L_BROWSE_EXTENSIONS_DATABASE}</a> &bull; <a href="{U_VERSIONCHECK_FORCE}">{L_VERSIONCHECK_FORCE_UPDATE_ALL}</a> &bull; <a href="javascript:phpbb.toggleDisplay('version_check_settings');">{L_SETTINGS}</a></span>
+		<span class="small"><a href="{U_VERSIONCHECK_FORCE}">{L_VERSIONCHECK_FORCE_UPDATE_ALL}</a> &bull; <a href="javascript:phpbb.toggleDisplay('version_check_settings');">{L_SETTINGS}</a></span>
 	</fieldset>
 
 	<form id="version_check_settings" method="post" action="{U_ACTION}" style="display:none">
@@ -60,7 +60,7 @@
 			<td style="text-align: center;"><a href="{enabled.U_DETAILS}">{L_DETAILS}</a></td>
 			<td style="text-align: center;">
 				<!-- BEGIN actions -->
-					<a href="{enabled.actions.U_ACTION}"<!-- IF enabled.actions.L_ACTION_EXPLAIN --> title="{enabled.actions.L_ACTION_EXPLAIN}"<!-- ENDIF -->>{enabled.actions.L_ACTION}</a>
+					<a href="{enabled.actions.U_ACTION}"<!-- IF enabled.actions.L_ACTION_EXPLAIN --> title="{enabled.actions.L_ACTION_EXPLAIN}"<!-- ENDIF --><!-- IF enabled.actions.COLOR -->  style="color: {enabled.actions.COLOR};"<!-- ENDIF -->>{enabled.actions.L_ACTION}</a>
 					<!-- IF not enabled.actions.S_LAST_ROW -->&nbsp;|&nbsp;<!-- ENDIF -->
 				<!-- END actions -->
 			</td>
@@ -88,7 +88,7 @@
 			</td>
 			<td style="text-align: center;">
 				<!-- BEGIN actions -->
-					<a href="{disabled.actions.U_ACTION}"<!-- IF disabled.actions.L_ACTION_EXPLAIN --> title="{disabled.actions.L_ACTION_EXPLAIN}"<!-- ENDIF -->>{disabled.actions.L_ACTION}</a>
+					<a href="{disabled.actions.U_ACTION}"<!-- IF disabled.actions.L_ACTION_EXPLAIN --> title="{disabled.actions.L_ACTION_EXPLAIN}"<!-- ENDIF --><!-- IF disabled.actions.COLOR -->  style="color: {disabled.actions.COLOR};"<!-- ENDIF -->>{disabled.actions.L_ACTION}</a>
 					<!-- IF not disabled.actions.S_LAST_ROW -->&nbsp;|&nbsp;<!-- ENDIF -->
 				<!-- END actions -->
 			</td>

phpBB/adm/style/acp_storage.html

@@ -0,0 +1,76 @@
+{% include 'overall_header.html' %}
+
+<a id="maincontent"></a>
+
+<h1>{{ lang('STORAGE_TITLE') }}</h1>
+
+<p>{{ lang('STORAGE_TITLE_EXPLAIN') }}</p>
+
+<form id="acp_storage" method="post" action="{{ U_ACTION }}">
+
+	{% for storage in STORAGES %}
+		<fieldset>
+			<legend>{{ lang('STORAGE_' ~ storage.get_name | upper ~ '_TITLE') }}</legend>
+			<dl>
+				<dt><label for="{{ storage.get_name }}">{{ lang('STORAGE_SELECT') }}{{ lang('COLON') }}</label><br /><span>{{ lang('STORAGE_SELECT_DESC') }}</span></dt>
+				<dd>
+					<select id="{{ storage.get_name }}" name="{{ storage.get_name }}[provider]" data-togglable-settings="true">
+						{% for provider in PROVIDERS if provider.is_available %}
+							<option value="{{ get_class(provider) }}"{{ attribute(config, 'storage\\' ~ storage.get_name ~ '\\provider') ==  get_class(provider) ? ' selected' : '' }} data-toggle-setting="#{{ storage.get_name }}_{{ provider.get_name }}_settings">
+								{{ lang('STORAGE_ADAPTER_' ~ provider.get_name | upper ~ '_NAME') }}
+							</option>
+						{% endfor %}
+					</select>
+				</dd>
+			</dl>
+		</fieldset>
+
+		{% for provider in PROVIDERS if provider.is_available %}
+			<fieldset id="{{ storage.get_name }}_{{ provider.get_name }}_settings">
+				<legend>{{ lang('STORAGE_' ~ storage.get_name | upper ~ '_TITLE') }} - {{ lang('STORAGE_ADAPTER_' ~ provider.get_name | upper ~ '_NAME') }}</legend>
+				{% for name, options in provider.get_options %}
+					{% set title = 'STORAGE_ADAPTER_' ~ provider.get_name | upper ~ '_OPTION_' ~ name | upper %}
+					{% set description = 'STORAGE_ADAPTER_' ~ provider.get_name | upper ~ '_OPTION_' ~ name | upper ~ '_EXPLAIN' %}
+					{% set input_id = storage.get_name ~ '_' ~ provider.get_name ~ '_' ~ name %}
+					{% set input_type = options['type'] %}
+					{% set input_name = storage.get_name ~ '[' ~ name ~ ']' %}
+					{% set input_value = attribute(config, 'storage\\' ~ storage.get_name ~ '\\config\\' ~ name) %}
+					<dl>
+						<dt>
+							<label for="{{ input_id }}}">{{ lang(title) }}{{ lang('COLON') }}</label>
+							{% if lang_defined(description) %}
+								<br /><span>{{ lang(description) }}</span>
+							{% endif %}
+						</dt>
+						<dd>
+							{% if input_type in ['text', 'password', 'email'] %}
+								<input id="{{ input_id }}" type="{{ input_type }}" name="{{ input_name }}" value="{{ input_value }}" maxlength="{{ options['maxlength'] ?: 255 }}" />
+							{% elseif input_type == 'textarea' %}
+								<textarea id="{{ input_id }}" name="{{ input_name }}">{{ input_value }}</textarea>
+							{% elseif input_type == 'radio' %}
+								{% for option_name, option_value in options['options'] %}
+									<input type="radio" name="{{ input_name }}" value="{{ option_value }}" class="radio"{% if loop.first %} id="{{ input_id }}"{% endif %}{{ (option_value == input_value) ? ' checked="checked"' }}> {{ lang(option_name) }}
+								{% endfor %}
+							{% elseif input_type == 'select' %}
+								<select name="{{ input_name }}" id="{{ input_id }}">
+									{% for option_name, option_value in options['options'] %}
+										<option value="{{ option_value }}"{{ (option_value == input_value) ? ' selected' }}>{{ lang(option_name) }}</option>
+									{% endfor %}
+								</select>
+							{% endif %}
+						</dd>
+					</dl>
+				{% endfor %}
+			</fieldset>
+		{% endfor %}
+	{% endfor %}
+
+	<fieldset class="submit-buttons">
+		<legend>{{ lang('SUBMIT') }}</legend>
+		<input class="button1" type="submit" id="submit" name="submit" value="{{ lang('SUBMIT') }}" />&nbsp;
+		<input class="button2" type="reset" id="reset" name="reset" value="{{ lang('RESET') }}" />
+		{{ S_FORM_TOKEN }}
+	</fieldset>
+</form>
+
+{% include 'overall_footer.html' %}

phpBB/adm/style/detailed_message_body.html

@@ -0,0 +1,14 @@
+<!-- INCLUDE overall_header.html -->
+
+<div {% if S_USER_NOTICE %}class="successbox"{% else %}class="errorbox"{% endif %}>
+	<h3>{{ MESSAGE_TITLE }}</h3>
+	<p>{{ MESSAGE_TEXT }}</p>
+</div>
+
+<div>
+	<fieldset class="console-output">
+		<pre>{{ MESSAGE_DETAIL }}</pre>
+	</fieldset>
+</div>
+
+<!-- INCLUDE overall_footer.html -->

phpBB/adm/style/overall_footer.html

@@ -20,7 +20,14 @@
 		<div id="darkenwrapper" data-ajax-error-title="{L_AJAX_ERROR_TITLE}" data-ajax-error-text="{L_AJAX_ERROR_TEXT}" data-ajax-error-text-abort="{L_AJAX_ERROR_TEXT_ABORT}" data-ajax-error-text-timeout="{L_AJAX_ERROR_TEXT_TIMEOUT}" data-ajax-error-text-parsererror="{L_AJAX_ERROR_TEXT_PARSERERROR}">
 			<div id="darken">&nbsp;</div>
 		</div>
-		<div id="loading_indicator"></div>
+		<div id="loading_indicator" class="loading_indicator">
+			<div class="loader">
+				<svg class="spinner" width="48px" height="48px" viewBox="0 0 66 66" xmlns="http://www.w3.org/2000/svg" aria-labelledby="loader-title" role="img">
+					<title id="loader-title">{L_LOADING}</title>
+					<circle class="spinner-path" fill="none" stroke-width="6" stroke-linecap="round" cx="33" cy="33" r="30"></circle>
+				</svg>
+			</div>
+		</div>
 
 		<div id="phpbb_alert" class="phpbb_alert" data-l-err="{L_ERROR}" data-l-timeout-processing-req="{L_TIMEOUT_PROCESSING_REQ}">
 			<a href="#" class="alert_close"></a>

phpBB/assets/javascript/core.js

@@ -27,11 +27,7 @@ phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
  */
 phpbb.loadingIndicator = function() {
 	if (!$loadingIndicator) {
-		$loadingIndicator = $('<div />', {
-			'id': 'loading_indicator',
-			'class': 'loading_indicator'
-		});
-		$loadingIndicator.appendTo('#page-footer');
+		$loadingIndicator = $('#loading_indicator');
 	}
 
 	if (!$loadingIndicator.is(':visible')) {

phpBB/bin/phpbbcli.php

@@ -71,6 +71,11 @@ require($phpbb_root_path . 'includes/compatibility_globals.' . $phpEx);
 
 register_compatibility_globals();
 
+if (@is_file($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php'))
+{
+	require_once($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php');
+}
+
 /** @var \phpbb\language\language $language */
 $language = $phpbb_container->get('language');
 $language->set_default_language($phpbb_container->get('config')['default_lang']);

phpBB/common.php

@@ -65,8 +65,7 @@ if (!defined('PHPBB_INSTALLED'))
 
 	// Eliminate . and .. from the path
 	require($phpbb_root_path . 'phpbb/filesystem.' . $phpEx);
-	$phpbb_filesystem = new phpbb\filesystem\filesystem();
-	$script_path = $phpbb_filesystem->clean_path($script_path);
+	$script_path = \phpbb\filesystem\helper::clean_path($script_path);
 
 	$url = (($secure) ? 'https://' : 'http://') . $server_name;
 
@@ -136,6 +135,11 @@ require($phpbb_root_path . 'includes/compatibility_globals.' . $phpEx);
 
 register_compatibility_globals();
 
+if (@is_file($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php'))
+{
+	require_once($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php');
+}
+
 // Add own hook handler
 require($phpbb_root_path . 'includes/hooks/index.' . $phpEx);
 $phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display')));

phpBB/composer.json

@@ -25,51 +25,52 @@
 		"phpbb/phpbb-core": "self.version"
 	},
 	"require": {
-		"php": ">=5.4",
+		"php": ">=5.6",
 		"bantu/ini-get-wrapper": "1.0.*",
+		"composer/composer": "^1.6",
+		"composer/installers": "^1.4",
 		"google/recaptcha": "~1.1",
-		"guzzlehttp/guzzle": "~5.3",
+		"guzzlehttp/guzzle": "~6.3",
 		"lusitanian/oauth": "^0.8.1",
 		"marc1706/fast-image-size": "^1.1",
 		"paragonie/random_compat": "^1.4",
 		"patchwork/utf8": "^1.1",
 		"s9e/text-formatter": "~0.13.0",
-		"symfony/config": "^2.8",
-		"symfony/console": "^2.8",
-		"symfony/debug": "^2.8",
-		"symfony/dependency-injection": "^2.8",
-		"symfony/event-dispatcher": "^2.8",
-		"symfony/filesystem": "^2.8",
-		"symfony/finder": "^2.8",
-		"symfony/http-foundation": "^2.8",
-		"symfony/http-kernel": "^2.8",
-		"symfony/proxy-manager-bridge": "^2.8",
-		"symfony/routing": "^2.8",
-		"symfony/twig-bridge": "^2.8",
-		"symfony/yaml": "^2.8",
+		"symfony/config": "~3.1",
+		"symfony/console": "~3.1",
+		"symfony/debug": "~3.1",
+		"symfony/dependency-injection": "~3.1",
+		"symfony/event-dispatcher": "~3.1",
+		"symfony/filesystem": "~3.1",
+		"symfony/finder": "~3.1",
+		"symfony/http-foundation": "~3.1",
+		"symfony/http-kernel": "~3.1",
+		"symfony/proxy-manager-bridge": "~3.1",
+		"symfony/routing": "~3.1",
+		"symfony/twig-bridge": "~3.1",
+		"symfony/yaml": "~3.1",
 		"twig/twig": "^1.0"
 	},
 	"require-dev": {
-		"fabpot/goutte": "~2.0",
+		"fabpot/goutte": "~3.1",
 		"facebook/webdriver": "~1.1",
-		"laravel/homestead": "~2.2",
+		"laravel/homestead": "~4.0",
 		"phing/phing": "2.4.*",
-		"phpunit/dbunit": "1.3.*",
-		"phpunit/phpunit": "^4.1",
-		"sami/sami": "1.*",
+		"phpunit/dbunit": "~2.0",
+		"phpunit/phpunit": "^5.7",
 		"squizlabs/php_codesniffer": "2.*",
-		"symfony/browser-kit": "^2.8",
-		"symfony/css-selector": "^2.8",
-		"symfony/dom-crawler": "^2.8"
+		"symfony/browser-kit": "~3.1",
+		"symfony/css-selector": "~3.1",
+		"symfony/dom-crawler": "~3.1"
 	},
 	"extra": {
 		"branch-alias": {
-			"dev-master": "3.2.x-dev"
+			"dev-master": "3.3.x-dev"
 		}
 	},
 	"config": {
 		"platform": {
-			"php": "5.4.7"
+			"php": "5.6"
 		}
 	}
 }

phpBB/config/default/container/parameters.yml

@@ -14,6 +14,7 @@ parameters:
 
     # List of default password driver types
     passwords.algorithms:
+        - passwords.driver.argon2i
         - passwords.driver.bcrypt_2y
         - passwords.driver.bcrypt
         - passwords.driver.salted_md5

phpBB/config/default/container/services.yml

@@ -8,6 +8,7 @@ imports:
     - { resource: services_cron.yml }
     - { resource: services_db.yml }
     - { resource: services_event.yml }
+    - { resource: services_extensions.yml }
     - { resource: services_feed.yml }
     - { resource: services_files.yml }
     - { resource: services_filesystem.yml }
@@ -24,6 +25,7 @@ imports:
     - { resource: services_profilefield.yml }
     - { resource: services_report.yml }
     - { resource: services_routing.yml }
+    - { resource: services_storage.yml }
     - { resource: services_text_formatter.yml }
     - { resource: services_text_reparser.yml }
     - { resource: services_twig.yml }
@@ -98,25 +100,12 @@ services:
             - '%core.root_path%'
             - '@template'
 
-    ext.manager:
-        class: phpbb\extension\manager
-        arguments:
-            - '@service_container'
-            - '@dbal.conn'
-            - '@config'
-            - '@filesystem'
-            - '%tables.ext%'
-            - '%core.root_path%'
-            - '%core.php_ext%'
-            - '@cache'
-
     file_downloader:
         class: phpbb\file_downloader
 
     file_locator:
         class: phpbb\routing\file_locator
         arguments:
-            - '@filesystem'
             - '%core.root_path%'
 
     group_helper:
@@ -140,7 +129,6 @@ services:
         class: phpbb\path_helper
         arguments:
             - '@symfony_request'
-            - '@filesystem'
             - '@request'
             - '%core.root_path%'
             - '%core.php_ext%'

phpBB/config/default/container/services_attachment.yml

@@ -6,9 +6,8 @@ services:
             - '@config'
             - '@dbal.conn'
             - '@dispatcher'
-            - '@filesystem'
             - '@attachment.resync'
-            - '%core.root_path%'
+            - '@storage.attachment'
 
     attachment.manager:
         class: phpbb\attachment\manager
@@ -36,5 +35,5 @@ services:
             - '@mimetype.guesser'
             - '@dispatcher'
             - '@plupload'
+            - '@storage.attachment'
             - '@user'
-            - '%core.root_path%'

phpBB/config/default/container/services_avatar.yml

@@ -61,11 +61,11 @@ services:
             - '@config'
             - '%core.root_path%'
             - '%core.php_ext%'
-            - '@filesystem'
+            - '@storage.avatar'
             - '@path_helper'
             - '@dispatcher'
             - '@files.factory'
-            - '@cache.driver'
+            - '@php_ini'
         calls:
             - [set_name, [avatar.driver.upload]]
         tags:

phpBB/config/default/container/services_console.yml

@@ -140,6 +140,33 @@ services:
         tags:
             - { name: console.command }
 
+    console.command.extension.install:
+        class: phpbb\console\command\extension\install
+        arguments:
+            - '@user'
+            - '@ext.composer.manager'
+            - '@language'
+        tags:
+            - { name: console.command }
+
+    console.command.extension.list_available:
+        class: phpbb\console\command\extension\list_available
+        arguments:
+            - '@user'
+            - '@ext.composer.manager'
+            - '@language'
+        tags:
+            - { name: console.command }
+
+    console.command.extension.manage:
+        class: phpbb\console\command\extension\manage
+        arguments:
+            - '@user'
+            - '@ext.composer.manager'
+            - '@language'
+        tags:
+            - { name: console.command }
+
     console.command.extension.purge:
         class: phpbb\console\command\extension\purge
         arguments:
@@ -149,6 +176,15 @@ services:
         tags:
             - { name: console.command }
 
+    console.command.extension.remove:
+        class: phpbb\console\command\extension\remove
+        arguments:
+            - '@user'
+            - '@ext.composer.manager'
+            - '@language'
+        tags:
+            - { name: console.command }
+
     console.command.extension.show:
         class: phpbb\console\command\extension\show
         arguments:
@@ -158,6 +194,15 @@ services:
         tags:
             - { name: console.command }
 
+    console.command.extension.update:
+        class: phpbb\console\command\extension\update
+        arguments:
+            - '@user'
+            - '@ext.composer.manager'
+            - '@language'
+        tags:
+            - { name: console.command }
+
     console.command.fixup.recalculate_email_hash:
         class: phpbb\console\command\fixup\recalculate_email_hash
         arguments:

phpBB/config/default/container/services_content.yml

@@ -68,5 +68,3 @@ services:
 
     viewonline_helper:
         class: phpbb\viewonline_helper
-        arguments:
-            - '@filesystem'

phpBB/config/default/container/services_cron.yml

@@ -3,6 +3,7 @@ services:
         class: phpbb\cron\manager
         arguments:
             - '@cron.task_collection'
+            - '@routing.helper'
             - '%core.root_path%'
             - '%core.php_ext%'
 
@@ -13,6 +14,18 @@ services:
             - '@config'
             - '@dbal.conn'
 
+    cron.controller:
+        class: phpbb\cron\controller\cron
+
+    cron.event_listener:
+        class: phpbb\cron\event\cron_runner_listener
+        arguments:
+            - '@cron.lock_db'
+            - '@cron.manager'
+            - '@request'
+        tags:
+            - { name: kernel.event_subscriber }
+
 # ----- Cron tasks -----
     cron.task_collection:
         class: phpbb\di\service_collection

phpBB/config/default/container/services_extensions.yml

@@ -0,0 +1,47 @@
+services:
+    ext.manager:
+        class: phpbb\extension\manager
+        arguments:
+            - '@service_container'
+            - '@dbal.conn'
+            - '@config'
+            - '%tables.ext%'
+            - '%core.root_path%'
+            - '%core.php_ext%'
+            - '@cache'
+
+    ext.composer.installer:
+        class: phpbb\composer\installer
+        arguments:
+            - '%core.root_path%'
+            - '@filesystem'
+            - '@request'
+            - '@config'
+
+    ext.composer.manager:
+        class: phpbb\composer\extension_manager
+        arguments:
+            - '@ext.composer.installer'
+            - '@cache.driver'
+            - '@ext.manager'
+            - '@filesystem'
+            - phpbb-extension
+            - EXTENSIONS_
+            - '%core.root_path%'
+            - '@config'
+
+    style.composer.manager:
+        class: phpbb\composer\manager
+        arguments:
+            - '@ext.composer.installer'
+            - '@cache.driver'
+            - phpbb-style
+            - STYLES_
+
+    lang.composer.manager:
+        class: phpbb\composer\manager
+        arguments:
+            - '@ext.composer.installer'
+            - '@cache.driver'
+            - phpbb-language
+            - LANGUAGES_

phpBB/config/default/container/services_files.yml

@@ -16,6 +16,16 @@ services:
             - '@mimetype.guesser'
             - '@plupload'
 
+    files.filespec_storage:
+        class: phpbb\files\filespec_storage
+        shared: false
+        arguments:
+            - '@language'
+            - '@php_ini'
+            - '@upload_imagesize'
+            - '@mimetype.guesser'
+            - '@plupload'
+
     files.upload:
         class: phpbb\files\upload
         shared: false
@@ -36,6 +46,16 @@ services:
             - '@plupload'
             - '@request'
 
+    files.types.form_storage:
+        class: phpbb\files\types\form_storage
+        shared: false
+        arguments:
+            - '@files.factory'
+            - '@language'
+            - '@php_ini'
+            - '@plupload'
+            - '@request'
+
     files.types.local:
         class: phpbb\files\types\local
         shared: false
@@ -55,3 +75,14 @@ services:
             - '@php_ini'
             - '@request'
             - '%core.root_path%'
+
+    files.types.remote_storage:
+        class: phpbb\files\types\remote_storage
+        shared: false
+        arguments:
+            - '@config'
+            - '@files.factory'
+            - '@language'
+            - '@php_ini'
+            - '@request'
+            - '%core.root_path%'

phpBB/config/default/container/services_password.yml

@@ -1,4 +1,7 @@
 parameters:
+    passwords.driver.argon2_memory_cost: 1024
+    passwords.driver.argon2_threads: 2
+    passwords.driver.argon2_time_cost: 2
     passwords.driver.bcrypt_cost: 10
 
 services:
@@ -27,6 +30,17 @@ services:
         tags:
             - { name: service_collection, tag: passwords.driver }
 
+    passwords.driver.argon2i:
+        class: phpbb\passwords\driver\argon2i
+        arguments:
+            - '@config'
+            - '@passwords.driver_helper'
+            - '%passwords.driver.argon2_memory_cost%'
+            - '%passwords.driver.argon2_threads%'
+            - '%passwords.driver.argon2_time_cost%'
+        tags:
+            - { name: passwords.driver }
+
     passwords.driver.bcrypt:
         class: phpbb\passwords\driver\bcrypt
         arguments:

phpBB/config/default/container/services_routing.yml

@@ -12,8 +12,6 @@ services:
         class: Symfony\Component\HttpKernel\EventListener\RouterListener
         arguments:
             - '@router'
-            - null
-            - null
             - '@request_stack'
         tags:
             - { name: kernel.event_subscriber }
@@ -25,7 +23,6 @@ services:
             - '@router'
             - '@symfony_request'
             - '@request'
-            - '@filesystem'
             - '%core.root_path%'
             - '%core.php_ext%'
 

phpBB/config/default/container/services_storage.yml

@@ -0,0 +1,67 @@
+services:
+
+# Storages
+    storage.attachment:
+        class: phpbb\storage\storage
+        arguments:
+            - '@storage.adapter.factory'
+            - 'attachment'
+        tags:
+            - { name: storage }
+
+    storage.avatar:
+        class: phpbb\storage\storage
+        arguments:
+            - '@storage.adapter.factory'
+            - 'avatar'
+        tags:
+            - { name: storage }
+
+# Factory
+    storage.adapter.factory:
+        class: phpbb\storage\adapter_factory
+        arguments:
+            - '@config'
+            - '@storage.adapter_collection'
+            - '@storage.provider_collection'
+
+# Collections
+    storage.storage_collection:
+        class: phpbb\di\service_collection
+        arguments:
+            - '@service_container'
+        tags:
+            - { name: service_collection, tag: storage }
+
+    storage.adapter_collection:
+        class: phpbb\di\service_collection
+        arguments:
+            - '@service_container'
+        tags:
+            - { name: service_collection, tag: storage.adapter, class_name_aware: true }
+
+    storage.provider_collection:
+        class: phpbb\di\service_collection
+        arguments:
+            - '@service_container'
+        tags:
+            - { name: service_collection, tag: storage.provider, class_name_aware: true }
+
+# Adapters
+    storage.adapter.local:
+        class: phpbb\storage\adapter\local
+        shared: false
+        arguments:
+            - '@filesystem'
+            - '@upload_imagesize'
+            - '@mimetype.guesser'
+            - '%core.root_path%'
+        tags:
+            - { name: storage.adapter }
+
+# Providers
+    storage.provider.local:
+        class: phpbb\storage\provider\local
+        arguments:
+        tags:
+            - { name: storage.provider }

phpBB/config/default/container/services_twig.yml

@@ -15,6 +15,7 @@ services:
             - []
         calls:
             - [setLexer, ['@template.twig.lexer']]
+            - [addGlobal, ['config', '@config']]
 
     template.twig.lexer:
         class: phpbb\template\twig\lexer
@@ -24,8 +25,6 @@ services:
 
     template.twig.loader:
         class: phpbb\template\twig\loader
-        arguments:
-            - '@filesystem'
 
     template.twig.extensions.collection:
         class: phpbb\di\service_collection

phpBB/config/default/routing/cron.yml

@@ -0,0 +1,3 @@
+phpbb_cron_run:
+    path: /{cron_type}
+    defaults: { _controller: cron.controller:handle }

phpBB/config/default/routing/routing.yml

@@ -8,6 +8,10 @@
 # instantiate the 'foo_service' service and call the 'method' method.
 #
 
+phpbb_cron_routing:
+    resource: cron.yml
+    prefix: /cron
+
 phpbb_feed_routing:
     resource: feed.yml
     prefix: /feed

phpBB/config/development/config.yml

@@ -11,3 +11,7 @@ core:
         debug: true
         auto_reload: true
         enable_debug_extension: true
+
+    extensions:
+        composer_debug: true
+        composer_verbose: true

phpBB/config/installer/container/services.yml

@@ -31,7 +31,6 @@ services:
     file_locator:
         class: phpbb\routing\file_locator
         arguments:
-            - '@filesystem'
             - '%core.root_path%'
 
     kernel_exception_subscriber:
@@ -50,7 +49,6 @@ services:
         class: phpbb\path_helper
         arguments:
             - '@symfony_request'
-            - '@filesystem'
             - '@request'
             - '%core.root_path%'
             - '%core.php_ext%'

phpBB/cron.php

@@ -11,10 +11,11 @@
 *
 */
 
+use Symfony\Component\HttpFoundation\RedirectResponse;
+
 /**
 */
 define('IN_PHPBB', true);
-define('IN_CRON', true);
 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 include($phpbb_root_path . 'common.' . $phpEx);
@@ -23,62 +24,14 @@ include($phpbb_root_path . 'common.' . $phpEx);
 $user->session_begin(false);
 $auth->acl($user->data);
 
-function output_image()
-{
-	// Output transparent gif
-	header('Cache-Control: no-cache');
-	header('Content-type: image/gif');
-	header('Content-length: 43');
-
-	echo base64_decode('R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==');
-
-	// Flush here to prevent browser from showing the page as loading while
-	// running cron.
-	flush();
-}
-
-// Thanks to various fatal errors and lack of try/finally, it is quite easy to leave
-// the cron lock locked, especially when working on cron-related code.
-//
-// Attempt to alleviate the problem by doing setup outside of the lock as much as possible.
-
 $cron_type = $request->variable('cron_type', '');
 
-// Comment this line out for debugging so the page does not return an image.
-output_image();
+$get_params_array = $request->get_super_global(\phpbb\request\request_interface::GET);
 
-/* @var $cron_lock \phpbb\lock\db */
-$cron_lock = $phpbb_container->get('cron.lock_db');
-if ($cron_lock->acquire())
-{
-	/* @var $cron \phpbb\cron\manager */
-	$cron = $phpbb_container->get('cron.manager');
-
-	$task = $cron->find_task($cron_type);
-	if ($task)
-	{
-		/**
-		 * This event enables you to catch the task before it runs
-		 *
-		 * @event core.cron_run_before
-		 * @var	\phpbb\cron\task\wrapper	task	Current Cron task
-		 * @since 3.1.8-RC1
-		 */
-		$vars = array(
-			'task',
-		);
-		extract($phpbb_dispatcher->trigger_event('core.cron_run_before', compact($vars)));
-
-		if ($task->is_parametrized())
-		{
-			$task->parse_parameters($request);
-		}
-		if ($task->is_ready())
-		{
-			$task->run();
-		}
-	}
-	$cron_lock->release();
-}
-
-garbage_collection();
+/** @var \phpbb\controller\helper $controller_helper */
+$controller_helper = $phpbb_container->get('controller.helper');
+$response = new RedirectResponse(
+	$controller_helper->route('phpbb_cron_run', $get_params_array),
+	301
+);
+$response->send();

phpBB/develop/adjust_avatars.php

@@ -19,7 +19,7 @@ $auth->acl($user->data);
 $user->setup();
 
 $echos = 0;
- 
+
 if (!isset($config['avatar_salt']))
 {
 	$cache->purge();
@@ -30,6 +30,11 @@ if (!isset($config['avatar_salt']))
 	die('database not up to date');
 }
 
+if (!isset($config['storage\\avatar\\config\\path']) || $config['storage\\avatar\\config\\path'] !== 'phpbb\\storage\\provider\\local')
+{
+	die('use local provider');
+}
+
 // let's start with the users using a group_avatar.
 $sql = 'SELECT group_id, group_avatar
 	FROM ' . GROUPS_TABLE . '
@@ -46,16 +51,16 @@ while ($row = $db->sql_fetchrow($result))
 {
 	$new_avatar_name = adjust_avatar($row['group_avatar'], 'g' . $row['group_id']);
 	$group_avatars[] = $new_avatar_name;
-	
+
 	// failure is probably due to the avatar name already being adjusted
 	if ($new_avatar_name !== false)
 	{
 		$sql = 'UPDATE ' . USERS_TABLE . "
 			SET user_avatar = '" . $db->sql_escape($new_avatar_name) . "'
-			WHERE user_avatar = '" . $db->sql_escape($row['group_avatar']) . "' 
+			WHERE user_avatar = '" . $db->sql_escape($row['group_avatar']) . "'
 			AND user_avatar_type = " . AVATAR_UPLOAD;
 		$db->sql_query($sql);
-		
+
 		$sql = 'UPDATE ' . GROUPS_TABLE . "
 			SET group_avatar = '" . $db->sql_escape($new_avatar_name) . "'
 			WHERE group_id = {$row['group_id']}";
@@ -80,8 +85,8 @@ while ($row = $db->sql_fetchrow($result))
 $db->sql_freeresult($result);
 
 $sql = 'SELECT user_id, username, user_avatar, user_avatar_type
-	FROM ' . USERS_TABLE . ' 
-	WHERE user_avatar_type = ' . AVATAR_UPLOAD . ' 
+	FROM ' . USERS_TABLE . '
+	WHERE user_avatar_type = ' . AVATAR_UPLOAD . '
 	AND ' . $db->sql_in_set('user_avatar', $group_avatars, true, true);
 $result = $db->sql_query($sql);
 
@@ -108,7 +113,7 @@ while ($row = $db->sql_fetchrow($result))
 		$db->sql_query($sql);
 		echo '<br /> Failed updating user ' . $row['user_id'] . "\n";
 	}
-	
+
 	if ($echos > 200)
 	{
 		echo '<br />' . "\n";
@@ -131,8 +136,8 @@ $db->sql_close();
 function adjust_avatar($old_name, $midfix)
 {
 	global $config, $phpbb_root_path;
-	
-	$avatar_path = $phpbb_root_path . $config['avatar_path'];
+
+	$avatar_path = $phpbb_root_path . $config['storage\\avatar\\config\\path'];
 	$extension = strtolower(substr(strrchr($old_name, '.'), 1));
 	$new_name = $config['avatar_salt'] . '_' . $midfix . '.' . $extension;
 

phpBB/develop/create_schema_files.php

@@ -44,7 +44,7 @@ require($phpbb_root_path . 'phpbb/class_loader.' . $phpEx);
 $phpbb_class_loader = new \phpbb\class_loader('phpbb\\', "{$phpbb_root_path}phpbb/", $phpEx);
 $phpbb_class_loader->register();
 
-$finder = new \phpbb\finder(new \phpbb\filesystem\filesystem(), $phpbb_root_path);
+$finder = new \phpbb\finder($phpbb_root_path);
 $classes = $finder->core_path('phpbb/')
 	->directory('/db/migration/data')
 	->get_classes();

phpBB/develop/mysql_upgrader.php

@@ -62,7 +62,7 @@ echo "USE $dbname;$newline$newline";
 
 @set_time_limit(0);
 
-$finder = new \phpbb\finder(new \phpbb\filesystem\filesystem(), $phpbb_root_path);
+$finder = new \phpbb\finder($phpbb_root_path);
 $classes = $finder->core_path('phpbb/')
 	->directory('/db/migration/data')
 	->get_classes();

phpBB/docs/CREDITS.txt

@@ -83,10 +83,10 @@ prosilver by subBlue Design, Tom Beddard, (c) 2004 phpBB Limited
 
 phpBB contains code from the following applications:
 
-LGPL licenced:
+LGPL licensed:
 Smarty (c) 2001, 2002 by ispi of Lincoln, Inc, http://smarty.php.net/
 
-GPL licenced:
+GPL licensed:
 phpMyAdmin (c) 2001, 2003 phpMyAdmin Devel team, http://www.phpmyadmin.net/
 Jabber Class (c) 2006 Flyspray.org, http://www.flyspray.org/
 Chora (c) 2000-2006, The Horde Project. http://horde.org/chora/
@@ -100,6 +100,6 @@ Pear (c) 2001-2004 PHP Group, http://pear.php.net
 
 Text_Diff-0.2.1 http://pear.php.net/package/Text_Diff
 
-MIT licenced:
+MIT licensed:
 Symfony2 (c) 2004-2011 Fabien Potencier, https://symfony.com/
 Cookie Consent (c) 2015 Silktide Ltd, https://cookieconsent.insites.com

phpBB/docs/README.html

@@ -4,7 +4,7 @@
 <meta charset="utf-8">
 <meta http-equiv="X-UA-Compatible" content="IE=edge">
 <meta name="keywords" content="" />
-<meta name="description" content="phpBB 3.2.x Readme" />
+<meta name="description" content="phpBB 3.3.x Readme" />
 <title>phpBB &bull; Readme</title>
 
 <link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
@@ -21,7 +21,7 @@
 
 			<div id="doc-description">
 				<a href="../index.php" id="logo"><img src="assets/images/site_logo.gif" alt="" /></a>
-				<h1>phpBB 3.2.x Readme</h1>
+				<h1>phpBB 3.3.x Readme</h1>
 				<p style="display: none;"><a href="#start_here">Skip</a></p>
 			</div>
 
@@ -323,7 +323,7 @@
 
 		<div class="content">
 
-	<p>phpBB 3.2.x takes advantage of new features added in PHP 5.4. We recommend that you upgrade to the latest stable release of PHP to run phpBB. The minimum version required is PHP 5.4.7 and the maximum supported version is the latest stable version of PHP.</p>
+	<p>phpBB 3.2.x takes advantage of new features added in PHP 5.5.9. We recommend that you upgrade to the latest stable release of PHP to run phpBB. The minimum version required is PHP 5.5.9 and the maximum supported version is the latest stable version of PHP.</p>
 
 	<p>Please remember that running any application on a development (unstable, e.g. a beta release) version of PHP can lead to strange/unexpected results which may appear to be bugs in the application. Therefore, we recommend you upgrade to the newest stable version of PHP before running phpBB. If you are running a development version of PHP please check any bugs you find on a system running a stable release before submitting.</p>
 

phpBB/docs/coding-guidelines.html

@@ -264,7 +264,6 @@ PHPBB_QA                   (Set board to QA-Mode, which means the updater also c
 	<li>{T_SUPER_TEMPLATE_PATH} - styles/xxx/template</li>
 	<li>{T_IMAGES_PATH} - images/</li>
 	<li>{T_SMILIES_PATH} - $config['smilies_path']/</li>
-	<li>{T_AVATAR_PATH} - $config['avatar_path']/</li>
 	<li>{T_AVATAR_GALLERY_PATH} - $config['avatar_gallery_path']/</li>
 	<li>{T_ICONS_PATH} - $config['icons_path']/</li>
 	<li>{T_RANKS_PATH} - $config['ranks_path']/</li>
@@ -1211,7 +1210,7 @@ parent = prosilver</pre>
 &lt;td class=&quot;gensmall&quot;&gt;TEST&lt;/td&gt;
 </pre></div>
 
-<p>Try to match text class types with existing useage, e.g. don't use the nav class where viewtopic uses gensmall for example.</p>
+<p>Try to match text class types with existing usage, e.g. don't use the nav class where viewtopic uses gensmall for example.</p>
 
 <p>Row colours/classes are now defined by the template, use an <code>IF S_ROW_COUNT</code> switch, see viewtopic or viewforum for an example.</p>
 
@@ -1223,7 +1222,7 @@ parent = prosilver</pre>
 
 <p>The separate catXXXX and thXXX classes are gone. When defining a header cell just use <code>&lt;th&gt;</code> rather than <code>&lt;th class="thHead"&gt;</code> etc. Similarly for cat, don't use <code>&lt;td class="catLeft"&gt;</code> use <code>&lt;td class="cat"&gt;</code> etc.</p>
 
-<p>Try to retain consistency of basic layout and class useage, i.e. _EXPLAIN text should generally be placed below the title it explains, e.g. <code>{L_POST_USERNAME}&lt;br /&gt;&lt;span class="gensmall"&gt;{L_POST_USERNAME_EXPLAIN}&lt;/span&gt;</code> is the typical way of handling this ... there may be exceptions and this isn't a hard and fast rule.</p>
+<p>Try to retain consistency of basic layout and class usage, i.e. _EXPLAIN text should generally be placed below the title it explains, e.g. <code>{L_POST_USERNAME}&lt;br /&gt;&lt;span class="gensmall"&gt;{L_POST_USERNAME_EXPLAIN}&lt;/span&gt;</code> is the typical way of handling this ... there may be exceptions and this isn't a hard and fast rule.</p>
 
 <p>Try to keep template conditional and other statements tabbed in line with the block to which they refer.</p>
 
@@ -1767,7 +1766,7 @@ This may span multiple lines.
 <p>The <a href="http://en.wikipedia.org/wiki/Universal_Character_Set">Universal Character Set (UCS)</a> described in ISO/IEC 10646 consists of a large amount of characters. Each of them has a unique name and a code point which is an integer number. <a href="http://en.wikipedia.org/wiki/Unicode">Unicode</a> - which is an industry standard - complements the Universal Character Set with further information about the characters' properties and alternative character encodings. More information on Unicode can be found on the <a href="http://www.unicode.org/">Unicode Consortium's website</a>. One of the Unicode encodings is the <a href="http://en.wikipedia.org/wiki/UTF-8">8-bit Unicode Transformation Format (UTF-8)</a>. It encodes characters with up to four bytes aiming for maximum compatibility with the <a href="http://en.wikipedia.org/wiki/ASCII">American Standard Code for Information Interchange</a> which is a 7-bit encoding of a relatively small subset of the UCS.</p>
 
 <h4>phpBB's use of Unicode</h4>
-<p>Unfortunately PHP does not faciliate the use of Unicode prior to version 6. Most functions simply treat strings as sequences of bytes assuming that each character takes up exactly one byte. This behaviour still allows for storing UTF-8 encoded text in PHP strings but many operations on strings have unexpected results. To circumvent this problem we have created some alternative functions to PHP's native string operations which use code points instead of bytes. These functions can be found in <code>/includes/utf/utf_tools.php</code>. They are also covered in the <a href="http://area51.phpbb.com/docs/code/">phpBB3 Sourcecode Documentation</a>. A lot of native PHP functions still work with UTF-8 as long as you stick to certain restrictions. For example <code>explode</code> still works as long as the first and the last character of the delimiter string are ASCII characters.</p>
+<p>Unfortunately PHP does not facilitate the use of Unicode prior to version 6. Most functions simply treat strings as sequences of bytes assuming that each character takes up exactly one byte. This behaviour still allows for storing UTF-8 encoded text in PHP strings but many operations on strings have unexpected results. To circumvent this problem we have created some alternative functions to PHP's native string operations which use code points instead of bytes. These functions can be found in <code>/includes/utf/utf_tools.php</code>. They are also covered in the <a href="http://area51.phpbb.com/docs/code/">phpBB3 Sourcecode Documentation</a>. A lot of native PHP functions still work with UTF-8 as long as you stick to certain restrictions. For example <code>explode</code> still works as long as the first and the last character of the delimiter string are ASCII characters.</p>
 
 <p>phpBB only uses the ASCII and the UTF-8 character encodings. Still all Strings are UTF-8 encoded because ASCII is a subset of UTF-8. The only exceptions to this rule are code sections which deal with external systems which use other encodings and character sets. Such external data should be converted to UTF-8 using the <code>utf8_recode()</code> function supplied with phpBB. It supports a variety of other character sets and encodings, a full list can be found below.</p>
 
@@ -1848,7 +1847,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 	<p>The <abbr title="Internet Engineering Task Force">IETF</abbr> recently published <a href="http://tools.ietf.org/html/rfc4646">RFC 4646</a> for tags used to identify languages, which in combination with <a href="http://tools.ietf.org/html/rfc4647">RFC 4647</a> obseletes the older <a href="http://tools.ietf.org/html/rfc3066">RFC 3006</a> and older-still <a href="http://tools.ietf.org/html/rfc1766">RFC 1766</a>. <a href="http://tools.ietf.org/html/rfc4646">RFC 4646</a> uses <a href="http://www.loc.gov/standards/iso639-2/php/English_list.php">ISO 639-1/ISO 639-2</a>, <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a>, <a href="http://www.unicode.org/iso15924/iso15924-codes.html">ISO 15924</a> and <a href="http://unstats.un.org/unsd/methods/m49/m49.htm">UN M.49</a> to define a language tag. Each complete tag is composed of subtags which are not case sensitive and can also be empty.</p>
 
-	<p>Ordering of the subtags in the case that they are all non-empty is: <code>language</code>-<code>script</code>-<code>region</code>-<code>variant</code>-<code>extension</code>-<code>privateuse</code>. Should any subtag be empty, its corresponding hyphen would also be ommited. Thus, the language tag for English will be <code>en</code> <strong>and not</strong> <code>en-----</code>.</p>
+	<p>Ordering of the subtags in the case that they are all non-empty is: <code>language</code>-<code>script</code>-<code>region</code>-<code>variant</code>-<code>extension</code>-<code>privateuse</code>. Should any subtag be empty, its corresponding hyphen would also be omitted. Thus, the language tag for English will be <code>en</code> <strong>and not</strong> <code>en-----</code>.</p>
 
 	<p>Most language tags consist of a two- or three-letter language subtag (from <a href="http://www.loc.gov/standards/iso639-2/php/English_list.php">ISO 639-1/ISO 639-2</a>). Sometimes, this is followed by a two-letter or three-digit region subtag (from <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a> or <a href="http://unstats.un.org/unsd/methods/m49/m49.htm">UN M.49</a>). Some examples are:</p>
 
@@ -1902,7 +1901,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 	<p>The ultimate aim of a language tag is to convey the needed <strong>useful distingushing information</strong>, whilst keeping it as <strong>short as possible</strong>. So for example, use <code>en</code>, <code>fr</code> and <code>ja</code> as opposed to <code>en-GB</code>, <code>fr-FR</code> and <code>ja-JP</code>, since we know English, French and Japanese are the native language of Great Britain, France and Japan respectively.</p>
 
-	<p>Next is the <a href="http://www.unicode.org/iso15924/iso15924-codes.html">ISO 15924</a> language script code and when one should or shouldn't use it. For example, whilst <code>en-Latn</code> is syntaxically correct for describing English written with Latin script, real world English writing is <strong>more-or-less exclusively in the Latin script</strong>. For such languages like English that are written in a single script, the <a href="http://www.iana.org/assignments/language-subtag-registry"><abbr title="Internet Assigned Numbers Authority">IANA</abbr> Language Subtag Registry</a> has a "Suppress-Script" field meaning the script code <strong>should be ommitted</strong> unless a specific language tag requires a specific script code. Some languages are <strong>written in more than one script</strong> and in such cases, the script code <strong>is encouraged</strong> since an end-user may be able to read their language in one script, but not the other. Some examples are:</p>
+	<p>Next is the <a href="http://www.unicode.org/iso15924/iso15924-codes.html">ISO 15924</a> language script code and when one should or shouldn't use it. For example, whilst <code>en-Latn</code> is syntaxically correct for describing English written with Latin script, real world English writing is <strong>more-or-less exclusively in the Latin script</strong>. For such languages like English that are written in a single script, the <a href="http://www.iana.org/assignments/language-subtag-registry"><abbr title="Internet Assigned Numbers Authority">IANA</abbr> Language Subtag Registry</a> has a "Suppress-Script" field meaning the script code <strong>should be omitted</strong> unless a specific language tag requires a specific script code. Some languages are <strong>written in more than one script</strong> and in such cases, the script code <strong>is encouraged</strong> since an end-user may be able to read their language in one script, but not the other. Some examples are:</p>
 
 	<table>
 	<caption>Examples of using a language subtag in combination with a script subtag</caption>
@@ -1967,7 +1966,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 	</tbody>
 	</table>
 
-	<p>Usage of the three-digit <a href="http://unstats.un.org/unsd/methods/m49/m49.htm">UN M.49</a> code over the two-letter <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a> code should hapen if a macro-geographical entity is required and/or the <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a> is ambiguous.</p>
+	<p>Usage of the three-digit <a href="http://unstats.un.org/unsd/methods/m49/m49.htm">UN M.49</a> code over the two-letter <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a> code should happen if a macro-geographical entity is required and/or the <a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html">ISO 3166-1 alpha-2</a> is ambiguous.</p>
 
 	<p>Examples of English using marco-geographical regions:</p>
 

phpBB/docs/events.md

@@ -164,13 +164,13 @@ acp_group_options_before
 ===
 * Location: adm/style/acp_groups.html
 * Since: 3.1.0-b4
-* Purpose: Add addtional options to group settings (before GROUP_FOUNDER_MANAGE)
+* Purpose: Add additional options to group settings (before GROUP_FOUNDER_MANAGE)
 
 acp_group_options_after
 ===
 * Location: adm/style/acp_groups.html
 * Since: 3.1.0-b4
-* Purpose: Add addtional options to group settings (after GROUP_RECEIVE_PM)
+* Purpose: Add additional options to group settings (after GROUP_RECEIVE_PM)
 
 acp_groups_find_username_append
 ===

phpBB/docs/lighttpd.sample.conf

@@ -3,17 +3,8 @@
 # from your system's lighttpd.conf.
 # Tested with lighttpd 1.4.35
 
-# If you want to use the X-Sendfile feature,
-# uncomment the 'allow-x-send-file' for the fastcgi
-# server below and add the following to your config.php
-#
-#  define('PHPBB_ENABLE_X_SENDFILE', true);
-#
-# See http://blog.lighttpd.net/articles/2006/07/02/x-sendfile
-# for the details on X-Sendfile.
-
 # Load moules
-server.modules += ( 
+server.modules += (
 	"mod_access",
 	"mod_fastcgi",
 	"mod_rewrite",
@@ -32,11 +23,11 @@ $HTTP["host"] == "www.myforums.com" {
 	server.name				= "www.myforums.com"
 	server.document-root	= "/path/to/phpbb"
 	server.dir-listing		= "disable"
-	
+
 	index-file.names		= ( "index.php", "index.htm", "index.html" )
 	accesslog.filename		= "/var/log/lighttpd/access-www.myforums.com.log"
-	
-	# Deny access to internal phpbb files.	
+
+	# Deny access to internal phpbb files.
 	$HTTP["url"] =~ "^/(config\.php|common\.php|cache|files|images/avatars/upload|includes|phpbb|store|vendor)" {
 		url.access-deny = ( "" )
 	}
@@ -45,12 +36,12 @@ $HTTP["host"] == "www.myforums.com" {
 	$HTTP["url"] =~ "/\.svn|/\.git" {
 		url.access-deny = ( "" )
 	}
-	
+
 	# Deny access to apache configuration files.
 	$HTTP["url"] =~ "/\.htaccess|/\.htpasswd|/\.htgroups" {
 		url.access-deny = ( "" )
 	}
-	
+
 	# The following 3 lines will rewrite URLs passed through the front controller
 	# to not require app.php in the actual URL. In other words, a controller is
 	# by default accessed at /app.php/my/controller, but can also be accessed at
@@ -58,14 +49,14 @@ $HTTP["host"] == "www.myforums.com" {
 	url.rewrite-if-not-file = (
 	   "^/(.*)$" => "/app.php/$1"
 	)
-	
-	fastcgi.server = ( ".php" => 
+
+	fastcgi.server = ( ".php" =>
 		((
 			"bin-path" => "/usr/bin/php-cgi",
 			"socket" => "/tmp/php.socket",
 			"max-procs" => 4,
 			"idle-timeout" => 30,
-			"bin-environment" => ( 
+			"bin-environment" => (
 				"PHP_FCGI_CHILDREN" => "10",
 				"PHP_FCGI_MAX_REQUESTS" => "10000"
 			),

phpBB/docs/nginx.sample.conf

@@ -3,14 +3,6 @@
 # from your system's nginx.conf.
 # Tested with nginx 0.8.35.
 
-# If you want to use the X-Accel-Redirect feature,
-# add the following to your config.php.
-#
-#  define('PHPBB_ENABLE_X_ACCEL_REDIRECT', true);
-#
-# See http://wiki.nginx.org/XSendfile for the details
-# on X-Accel-Redirect.
-
 http {
     # Compression - requires gzip and gzip static modules.
     gzip on;

phpBB/download/file.php

@@ -99,6 +99,11 @@ if (isset($_GET['avatar']))
 	/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
 	$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
 
+	if (@is_file($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php'))
+	{
+		require_once($phpbb_root_path . $config['exts_composer_vendor_dir'] . '/autoload.php');
+	}
+
 	$filename = $request->variable('avatar', '');
 	$avatar_group = false;
 	$exit = false;
@@ -249,7 +254,6 @@ else
 		}
 	}
 
-	$download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
 	$display_cat = $extensions[$attachment['extension']]['display_cat'];
 
 	if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg'))
@@ -262,6 +266,8 @@ else
 		$display_cat = ATTACHMENT_CATEGORY_NONE;
 	}
 
+	$redirect = '';
+
 	/**
 	* Event to modify data before sending file to browser
 	*
@@ -269,21 +275,22 @@ else
 	* @var	int		attach_id			The attachment ID
 	* @var	array	attachment			Array with attachment data
 	* @var	int		display_cat			Attachment category
-	* @var	int		download_mode		File extension specific download mode
 	* @var	array	extensions			Array with file extensions data
 	* @var	string	mode				Download mode
 	* @var	bool	thumbnail			Flag indicating if the file is a thumbnail
+	* @var	string	redirect			Do a redirection instead of reading the file
 	* @since 3.1.6-RC1
 	* @changed 3.1.7-RC1	Fixing wrong name of a variable (replacing "extension" by "extensions")
+	* @changed 3.3.0-a1		Add redirect variable
 	*/
 	$vars = array(
 		'attach_id',
 		'attachment',
 		'display_cat',
-		'download_mode',
 		'extensions',
 		'mode',
 		'thumbnail',
+		'redirect',
 	);
 	extract($phpbb_dispatcher->trigger_event('core.download_file_send_to_browser_before', compact($vars)));
 
@@ -304,23 +311,15 @@ else
 	}
 	else
 	{
-		// Determine the 'presenting'-method
-		if ($download_mode == PHYSICAL_LINK)
+		if (!empty($redirect))
 		{
-			// This presenting method should no longer be used
-			if (!@is_dir($phpbb_root_path . $config['upload_path']))
-			{
-				send_status_line(500, 'Internal Server Error');
-				trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
-			}
-
-			redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
-			file_gc();
+			redirect($redirect, false, true);
 		}
 		else
 		{
-			send_file_to_browser($attachment, $config['upload_path'], $display_cat);
-			file_gc();
+			send_file_to_browser($attachment, $display_cat);
 		}
+
+		file_gc();
 	}
 }

phpBB/includes/acp/acp_attachments.php

@@ -147,7 +147,6 @@ class acp_attachments
 
 						'allow_attachments'		=> array('lang' => 'ALLOW_ATTACHMENTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'allow_pm_attach'		=> array('lang' => 'ALLOW_PM_ATTACHMENTS',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
-						'upload_path'			=> array('lang' => 'UPLOAD_DIR',			'validate' => 'wpath',	'type' => 'text:25:100', 'explain' => true),
 						'display_order'			=> array('lang' => 'DISPLAY_ORDER',			'validate' => 'bool',	'type' => 'custom', 'method' => 'display_order', 'explain' => true),
 						'attachment_quota'		=> array('lang' => 'ATTACH_QUOTA',			'validate' => 'string',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
 						'max_filesize'			=> array('lang' => 'ATTACH_MAX_FILESIZE',	'validate' => 'string',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
@@ -223,9 +222,6 @@ class acp_attachments
 				{
 					$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_ATTACH');
 
-					// Check Settings
-					$this->test_upload($error, $this->new_config['upload_path'], false);
-
 					if (!count($error))
 					{
 						trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
@@ -590,11 +586,6 @@ class acp_attachments
 							'allow_in_pm'	=> ($allow_in_pm) ? 1 : 0,
 						);
 
-						if ($action == 'add')
-						{
-							$group_ary['download_mode'] = INLINE_LINK;
-						}
-
 						$sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET ';
 						$sql .= $db->sql_build_array((($action == 'add') ? 'INSERT' : 'UPDATE'), $group_ary);
 						$sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : '';
@@ -1536,50 +1527,6 @@ class acp_attachments
 		return $imagick;
 	}
 
-	/**
-	* Test Settings
-	*/
-	function test_upload(&$error, $upload_dir, $create_directory = false)
-	{
-		global $user, $phpbb_root_path;
-
-		// Does the target directory exist, is it a directory and writable.
-		if ($create_directory)
-		{
-			if (!file_exists($phpbb_root_path . $upload_dir))
-			{
-				@mkdir($phpbb_root_path . $upload_dir, 0777);
-
-				try
-				{
-					$this->filesystem->phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE);
-				}
-				catch (\phpbb\filesystem\exception\filesystem_exception $e)
-				{
-					// Do nothing
-				}
-			}
-		}
-
-		if (!file_exists($phpbb_root_path . $upload_dir))
-		{
-			$error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir);
-			return;
-		}
-
-		if (!is_dir($phpbb_root_path . $upload_dir))
-		{
-			$error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir);
-			return;
-		}
-
-		if (!$this->filesystem->is_writable($phpbb_root_path . $upload_dir))
-		{
-			$error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir);
-			return;
-		}
-	}
-
 	/**
 	* Perform operations on sites for external linking
 	*/

phpBB/includes/acp/acp_extensions.php

@@ -24,23 +24,35 @@ if (!defined('IN_PHPBB'))
 
 class acp_extensions
 {
-	var $u_action;
-	var $tpl_name;
-	var $page_title;
+	public $u_action;
 
+	private $db;
+
+	/** @var  phpbb\config\config */
 	private $config;
+
+	/** @var \phpbb\template\twig\twig */
 	private $template;
 	private $user;
 	private $log;
+
+	/** @var \phpbb\request\request */
 	private $request;
 	private $phpbb_dispatcher;
-	private $ext_manager;
 
-	function main()
+	/** @var \phpbb\extension\manager */
+	private $ext_manager;
+	private $u_catalog_action;
+
+	/** @var string */
+	private $phpbb_root_path;
+
+	function main($id, $mode)
 	{
 		// Start the page
-		global $config, $user, $template, $request, $phpbb_extension_manager, $phpbb_root_path, $phpbb_log, $phpbb_dispatcher;
+		global $config, $user, $template, $request, $phpbb_extension_manager, $db, $phpbb_log, $phpbb_dispatcher, $phpbb_root_path;
 
+		$this->db       = $db;
 		$this->config = $config;
 		$this->template = $template;
 		$this->user = $user;
@@ -48,8 +60,24 @@ class acp_extensions
 		$this->log = $phpbb_log;
 		$this->phpbb_dispatcher = $phpbb_dispatcher;
 		$this->ext_manager = $phpbb_extension_manager;
+		$this->phpbb_root_path = $phpbb_root_path;
 
-		$this->user->add_lang(array('install', 'acp/extensions', 'migrator'));
+		$this->user->add_lang(['install', 'acp/extensions', 'migrator']);
+
+		switch ($mode)
+		{
+			case 'catalog':
+				$this->catalog_mode($id, $mode);
+			break;
+			default:
+				$this->main_mode($id, $mode);
+			break;
+		}
+	}
+
+	public function main_mode($id, $mode)
+	{
+		global $phpbb_extension_manager, $phpbb_container, $phpbb_admin_path, $phpEx;
 
 		$this->page_title = 'ACP_EXTENSIONS';
 
@@ -110,6 +138,8 @@ class acp_extensions
 			}
 		}
 
+		$this->u_catalog_action = append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=catalog");
+
 		// What are we doing?
 		switch ($action)
 		{
@@ -133,7 +163,7 @@ class acp_extensions
 					$this->config->set('extension_force_unstable', false);
 					trigger_error($this->user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
 				}
-				break;
+			break;
 
 			case 'list':
 			default:
@@ -143,15 +173,27 @@ class acp_extensions
 					trigger_error($this->user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
 				}
 
-				$this->list_enabled_exts();
-				$this->list_disabled_exts();
-				$this->list_available_exts();
+				/** @var \phpbb\composer\manager $composer_manager */
+				$composer_manager = $phpbb_container->get('ext.composer.manager');
+
+				$managed_packages = [];
+				if ($composer_manager->check_requirements())
+				{
+					$managed_packages = $composer_manager->get_managed_packages();
+				}
+
+				$this->list_enabled_exts($phpbb_extension_manager, $managed_packages);
+				$this->list_disabled_exts($phpbb_extension_manager, $managed_packages);
+				$this->list_available_exts($phpbb_extension_manager, $managed_packages);
 
 				$this->template->assign_vars(array(
 					'U_VERSIONCHECK_FORCE' 	=> $this->u_action . '&action=list&versioncheck_force=1',
 					'FORCE_UNSTABLE'		=> $this->config['extension_force_unstable'],
 					'U_ACTION' 				=> $this->u_action,
+					'MANAGED_EXTENSIONS'	=> $managed_packages,
+					'U_CATALOG_ACTION' 		=> $this->u_catalog_action,
 				));
+				$this->request->disable_super_globals();
 
 				$this->tpl_name = 'acp_ext_list';
 			break;
@@ -223,7 +265,7 @@ class acp_extensions
 							'name' 		=> 'adm',
 							'ext_path' 	=> 'adm/style/',
 						),
-					), array($phpbb_root_path . 'adm/style'));
+					), array($this->phpbb_root_path . 'adm/style'));
 
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_EXT_ENABLE', time(), array($ext_name));
 				}
@@ -391,11 +433,340 @@ class acp_extensions
 	}
 
 	/**
-	* Lists all the enabled extensions and dumps to the template
-	*
-	* @return null
-	*/
-	public function list_enabled_exts()
+	 * Handles the catalog mode of the extensions list
+	 *
+	 * @param string $id
+	 * @param string $mode
+	 */
+	public function catalog_mode($id, $mode)
+	{
+		global $phpbb_container;
+
+		$action = $this->request->variable('action', 'list');
+
+		/** @var \phpbb\language\language $language */
+		$language = $phpbb_container->get('language');
+
+		/** @var \phpbb\composer\manager $composer_manager */
+		$composer_manager = $phpbb_container->get('ext.composer.manager');
+
+		/** @var \phpbb\extension\manager $extensions_manager */
+		$extensions_manager = $phpbb_container->get('ext.manager');
+
+		if (!$composer_manager->check_requirements())
+		{
+			$this->page_title = 'ACP_EXTENSIONS_CATALOG';
+			$this->tpl_name = 'message_body';
+
+			$this->template->assign_vars([
+				'MESSAGE_TITLE'	=> $language->lang('EXTENSIONS_CATALOG_NOT_AVAILABLE'),
+				'MESSAGE_TEXT'	=> $language->lang('EXTENSIONS_COMPOSER_NOT_WRITABLE'),
+			]);
+
+			return;
+		}
+
+		switch ($action)
+		{
+			case 'install':
+				$this->page_title = 'ACP_EXTENSIONS_INSTALL';
+
+				$extension = $this->request->variable('extension', '');
+
+				if (empty($extension))
+				{
+					redirect($this->u_action);
+				}
+
+				$formatter = new \phpbb\composer\io\html_output_formatter([
+					'warning' => new \Symfony\Component\Console\Formatter\OutputFormatterStyle('black', 'yellow')
+				]);
+
+				$composer_io = new \phpbb\composer\io\web_io($language, '', $phpbb_container->getParameter('extensions.composer.output'), $formatter);
+
+				try
+				{
+					$composer_manager->install((array) $extension, $composer_io);
+				}
+				catch (\phpbb\exception\runtime_exception $e)
+				{
+					$this->display_composer_exception($language, $e, $composer_io);
+					return;
+				}
+				$this->tpl_name = 'detailed_message_body';
+
+				$this->template->assign_vars(array(
+						'MESSAGE_TITLE'			=> $language->lang('ACP_EXTENSIONS_INSTALL'),
+						'MESSAGE_TEXT'			=> $language->lang('EXTENSIONS_INSTALLED') . adm_back_link($this->u_action),
+						'MESSAGE_DETAIL'		=> $composer_io->getOutput(),
+						'MESSAGE_DETAIL_LEGEND'	=> $language->lang('COMPOSER_OUTPUT'),
+						'S_USER_NOTICE'			=> true,
+					)
+				);
+
+			break;
+			case 'remove':
+				$this->page_title = 'ACP_EXTENSIONS_REMOVE';
+
+				$extension = $this->request->variable('extension', '');
+
+				if (empty($extension))
+				{
+					redirect($this->u_action);
+				}
+
+				$formatter = new \phpbb\composer\io\html_output_formatter([
+					'warning' => new \Symfony\Component\Console\Formatter\OutputFormatterStyle('black', 'yellow')
+				]);
+
+				$composer_io = new \phpbb\composer\io\web_io($language, '', $phpbb_container->getParameter('extensions.composer.output'), $formatter);
+
+				try
+				{
+					$composer_manager->remove((array) $extension, $composer_io);
+				}
+				catch (\phpbb\exception\runtime_exception $e)
+				{
+					$this->display_composer_exception($language, $e, $composer_io);
+					return;
+				}
+				$this->tpl_name = 'detailed_message_body';
+
+				$this->template->assign_vars(array(
+						'MESSAGE_TITLE'			=> $language->lang('ACP_EXTENSIONS_REMOVE'),
+						'MESSAGE_TEXT'			=> $language->lang('EXTENSIONS_REMOVED') . adm_back_link($this->u_action),
+						'MESSAGE_DETAIL'		=> $composer_io->getOutput(),
+						'MESSAGE_DETAIL_LEGEND'	=> $language->lang('COMPOSER_OUTPUT'),
+						'S_USER_NOTICE'			=> true,
+					)
+				);
+
+			break;
+			case 'update':
+				$this->page_title = 'ACP_EXTENSIONS_UPDATE';
+
+				$extension = $this->request->variable('extension', '');
+
+				if (empty($extension))
+				{
+					redirect($this->u_action);
+				}
+
+				$formatter = new \phpbb\composer\io\html_output_formatter([
+					'warning' => new \Symfony\Component\Console\Formatter\OutputFormatterStyle('black', 'yellow')
+				]);
+
+				$composer_io = new \phpbb\composer\io\web_io($language, '', $phpbb_container->getParameter('extensions.composer.output'), $formatter);
+
+				try
+				{
+					$composer_manager->update((array) $extension, $composer_io);
+				}
+				catch (\phpbb\exception\runtime_exception $e)
+				{
+					$this->display_composer_exception($language, $e, $composer_io);
+					return;
+				}
+				$this->tpl_name = 'detailed_message_body';
+
+				$this->template->assign_vars(array(
+						'MESSAGE_TITLE'			=> $language->lang('ACP_EXTENSIONS_UPDATE'),
+						'MESSAGE_TEXT'			=> $language->lang('EXTENSIONS_UPDATED') . adm_back_link($this->u_action),
+						'MESSAGE_DETAIL'		=> $composer_io->getOutput(),
+						'MESSAGE_DETAIL_LEGEND'	=> $language->lang('COMPOSER_OUTPUT'),
+						'S_USER_NOTICE'			=> true,
+					)
+				);
+
+			break;
+			case 'manage':
+				$this->page_title = 'ACP_EXTENSIONS_MANAGE';
+
+				$extension = $this->request->variable('extension', '');
+
+				if (empty($extension))
+				{
+					redirect($this->u_action);
+				}
+
+				$formatter = new \phpbb\composer\io\html_output_formatter([
+					'warning' => new \Symfony\Component\Console\Formatter\OutputFormatterStyle('black', 'yellow')
+				]);
+
+				$composer_io = new \phpbb\composer\io\web_io($language, '', $phpbb_container->getParameter('extensions.composer.output'), $formatter);
+
+				try
+				{
+					$composer_manager->start_managing($extension, $composer_io);
+				}
+				catch (\phpbb\exception\runtime_exception $e)
+				{
+					$this->display_composer_exception($language, $e, $composer_io);
+					return;
+				}
+				$this->tpl_name = 'detailed_message_body';
+
+				$this->template->assign_vars(array(
+						'MESSAGE_TITLE'			=> $language->lang('ACP_EXTENSIONS_MANAGE'),
+						'MESSAGE_TEXT'			=> $language->lang('EXTENSION_MANAGED_SUCCESS', $extension) . adm_back_link($this->u_action),
+						'MESSAGE_DETAIL'		=> $composer_io->getOutput(),
+						'MESSAGE_DETAIL_LEGEND'	=> $language->lang('COMPOSER_OUTPUT'),
+						'S_USER_NOTICE'			=> true,
+					)
+				);
+
+			break;
+			case 'list':
+			default:
+				if (!$this->config['exts_composer_packagist'] && $this->request->is_set('enable_packagist') && confirm_box(true))
+				{
+					$this->config->set('exts_composer_packagist', true);
+					$composer_manager->reset_cache();
+
+					trigger_error($language->lang('CONFIG_UPDATED') . adm_back_link($this->u_action));
+				}
+
+				$submit = $this->request->is_set('update');
+				if ($submit)
+				{
+					if (!check_form_key('catalog_settings'))
+					{
+						trigger_error($language->lang('FORM_INVALID') . adm_back_link($this->u_action), E_USER_WARNING);
+					}
+
+					$enable_packagist = $this->request->variable('enable_packagist', false);
+					$enable_on_install = $this->request->variable('enable_on_install', false);
+					$purge_on_remove = $this->request->variable('purge_on_remove', false);
+					$minimum_stability = $this->request->variable('minimum_stability', 'stable');
+					$repositories = array_unique(
+						array_filter(
+							array_map(
+								'trim',
+								explode("\n", $this->request->variable('repositories', ''))
+							)
+						)
+					);
+
+					$previous_minimum_stability = $this->config['exts_composer_minimum_stability'];
+					$previous_repositories = $this->config['exts_composer_repositories'];
+					$previous_enable_packagist = $this->config['exts_composer_packagist'];
+
+					$this->config->set('exts_composer_enable_on_install', $enable_on_install);
+					$this->config->set('exts_composer_purge_on_remove', $purge_on_remove);
+					$this->config->set('exts_composer_minimum_stability', $minimum_stability);
+					$this->config->set('exts_composer_repositories', json_encode($repositories, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
+
+					if ($minimum_stability != $previous_minimum_stability
+						|| $repositories != $previous_repositories
+						|| $enable_packagist != $previous_enable_packagist)
+					{
+						$composer_manager->reset_cache();
+					}
+
+					if (!$this->config['exts_composer_packagist'] && $enable_packagist)
+					{
+						$s_hidden_fields = build_hidden_fields(array(
+							'enable_packagist'	=> $enable_packagist
+						));
+
+						confirm_box(false, $language->lang('ENABLE_PACKAGIST_CONFIRM'), $s_hidden_fields);
+					}
+					else
+					{
+						$this->config->set('exts_composer_packagist', $enable_packagist);
+						trigger_error($language->lang('CONFIG_UPDATED') . adm_back_link($this->u_action));
+					}
+				}
+
+				/** @var \phpbb\composer\extension_manager $manager */
+				$manager = $phpbb_container->get('ext.composer.manager');
+
+				/** @var \phpbb\pagination $pagination */
+				$pagination = $phpbb_container->get('pagination');
+
+				$start = $this->request->variable('start', 0);
+				$base_url = $this->u_action;
+
+				$available_extensions = $manager->get_available_packages();
+				$managed_packages = $manager->get_managed_packages();
+
+				$extensions = array_slice($available_extensions, $start, 20);
+
+				$pagination->generate_template_pagination($base_url, 'pagination', 'start', count($available_extensions), 20, $start);
+
+				$this->page_title = 'ACP_EXTENSIONS_CATALOG';
+				$this->tpl_name = 'acp_ext_catalog';
+
+				$this->template->assign_vars([
+					'extensions'			=> $extensions,
+					'managed_extensions'	=> array_keys($managed_packages),
+					'installed_extensions'	=> array_keys($extensions_manager->all_available()),
+					'U_ACTION'				=> $this->u_action,
+					'settings' => [
+						'enable_packagist'	=> $this->config['exts_composer_packagist'],
+						'enable_on_install'	=> $this->config['exts_composer_enable_on_install'],
+						'purge_on_remove'	=> $this->config['exts_composer_purge_on_remove'],
+						'minimum_stability'	=> $this->config['exts_composer_minimum_stability'],
+						'stabilities'		=> array_keys(\Composer\Package\BasePackage::$stabilities),
+						'repositories'		=> json_decode($this->config['exts_composer_repositories'], true),
+					],
+				]);
+
+				add_form_key('catalog_settings');
+
+			break;
+		}
+	}
+
+	/**
+	 * Display an exception raised by the composer manager
+	 *
+	 * @param \phpbb\language\language           $language
+	 * @param \phpbb\exception\runtime_exception $e
+	 * @param \phpbb\composer\io\web_io          $composer_io
+	 */
+	private function display_composer_exception(\phpbb\language\language $language, \phpbb\exception\runtime_exception $e, \phpbb\composer\io\web_io $composer_io)
+	{
+		$this->tpl_name = 'detailed_message_body';
+
+		if ($e->getPrevious())
+		{
+			$message_title = $language->lang_array($e->getMessage(), $e->get_parameters());
+
+			if ($e->getPrevious() instanceof \phpbb\exception\exception_interface)
+			{
+				$message_text  = $language->lang_array($e->getPrevious()->getMessage(), $e->getPrevious()->get_parameters()) . adm_back_link($this->u_action);
+			}
+			else
+			{
+				$message_text = $e->getPrevious()->getMessage() . adm_back_link($this->u_action);
+			}
+		}
+		else
+		{
+			$message_title = $language->lang('INFORMATION');
+			$message_text  = $language->lang_array($e->getMessage(), $e->get_parameters()) . adm_back_link($this->u_action);
+		}
+
+		$this->template->assign_vars(array(
+				'MESSAGE_TITLE'			=> $message_title,
+				'MESSAGE_TEXT'			=> $message_text,
+				'MESSAGE_DETAIL'		=> $composer_io->getOutput(),
+				'MESSAGE_DETAIL_LEGEND'	=> $language->lang('COMPOSER_OUTPUT'),
+				'S_USER_ERROR'			=> true,
+			)
+		);
+	}
+
+	/**
+	 * Lists all the enabled extensions and dumps to the template
+	 *
+	 * @param \phpbb\extension\manager  $phpbb_extension_manager     An instance of the extension manager
+	 * @param array                     $managed_packages            List of managed packages
+	 *
+	 * @return null
+	 */
+	public function list_enabled_exts(\phpbb\extension\manager $phpbb_extension_manager, array $managed_packages)
 	{
 		$enabled_extension_meta_data = array();
 
@@ -409,6 +780,7 @@ class acp_extensions
 				$enabled_extension_meta_data[$name] = array(
 					'META_DISPLAY_NAME' => $md_manager->get_metadata('display-name'),
 					'META_VERSION' => $meta['version'],
+					'META_NAME' => $md_manager->get_metadata('name'),
 				);
 
 				if (isset($meta['extra']['version-check']))
@@ -458,15 +830,29 @@ class acp_extensions
 			$this->output_actions('enabled', array(
 				'DISABLE'		=> $this->u_action . '&action=disable_pre&ext_name=' . urlencode($name),
 			));
+
+			if (isset($managed_packages[$block_vars['META_NAME']]))
+			{
+				$this->output_actions('enabled', [
+					'UPDATE' => $this->u_catalog_action . '&action=update&extension=' . urlencode($block_vars['META_NAME']),
+					'REMOVE' => [
+						'url' => $this->u_catalog_action . '&action=remove&extension=' . urlencode($block_vars['META_NAME']),
+						'color' => '#BC2A4D;',
+					]
+				]);
+			}
 		}
 	}
 
 	/**
-	* Lists all the disabled extensions and dumps to the template
-	*
-	* @return null
-	*/
-	public function list_disabled_exts()
+	 * Lists all the disabled extensions and dumps to the template
+	 *
+	 * @param \phpbb\extension\manager  $phpbb_extension_manager     An instance of the extension manager
+	 * @param array                     $managed_packages            List of managed packages
+	 *
+	 * @return null
+	 */
+	public function list_disabled_exts(\phpbb\extension\manager $phpbb_extension_manager, array $managed_packages)
 	{
 		$disabled_extension_meta_data = array();
 
@@ -480,6 +866,7 @@ class acp_extensions
 				$disabled_extension_meta_data[$name] = array(
 					'META_DISPLAY_NAME' => $md_manager->get_metadata('display-name'),
 					'META_VERSION' => $meta['version'],
+					'META_NAME' => $md_manager->get_metadata('name'),
 				);
 
 				if (isset($meta['extra']['version-check']))
@@ -527,15 +914,29 @@ class acp_extensions
 				'ENABLE'		=> $this->u_action . '&action=enable_pre&ext_name=' . urlencode($name),
 				'DELETE_DATA'	=> $this->u_action . '&action=delete_data_pre&ext_name=' . urlencode($name),
 			));
+
+			if (isset($managed_packages[$block_vars['META_NAME']]))
+			{
+				$this->output_actions('disabled', [
+					'UPDATE' => $this->u_catalog_action . '&action=update&extension=' . urlencode($block_vars['META_NAME']),
+					'REMOVE' => [
+						'url' => $this->u_catalog_action . '&action=remove&extension=' . urlencode($block_vars['META_NAME']),
+						'color' => '#BC2A4D;',
+					]
+				]);
+			}
 		}
 	}
 
 	/**
-	* Lists all the available extensions and dumps to the template
-	*
-	* @return null
-	*/
-	public function list_available_exts()
+	 * Lists all the available extensions and dumps to the template
+	 *
+	 * @param \phpbb\extension\manager  $phpbb_extension_manager     An instance of the extension manager
+	 * @param array                     $managed_packages            List of managed packages
+	 *
+	 * @return null
+	 */
+	public function list_available_exts(\phpbb\extension\manager $phpbb_extension_manager, array $managed_packages)
 	{
 		$uninstalled = array_diff_key($this->ext_manager->all_available(), $this->ext_manager->all_configured());
 
@@ -551,6 +952,7 @@ class acp_extensions
 				$available_extension_meta_data[$name] = array(
 					'META_DISPLAY_NAME' => $md_manager->get_metadata('display-name'),
 					'META_VERSION' => $meta['version'],
+					'META_NAME' => $md_manager->get_metadata('name'),
 				);
 
 				if (isset($meta['extra']['version-check']))
@@ -604,13 +1006,26 @@ class acp_extensions
 	*/
 	private function output_actions($block, $actions)
 	{
-		foreach ($actions as $lang => $url)
+		foreach ($actions as $lang => $options)
 		{
-			$this->template->assign_block_vars($block . '.actions', array(
+			$url = $options;
+			if (is_array($options))
+			{
+				$url = $options['url'];
+			}
+
+			$vars = array(
 				'L_ACTION'			=> $this->user->lang('EXTENSION_' . $lang),
 				'L_ACTION_EXPLAIN'	=> (isset($this->user->lang['EXTENSION_' . $lang . '_EXPLAIN'])) ? $this->user->lang('EXTENSION_' . $lang . '_EXPLAIN') : '',
 				'U_ACTION'			=> $url,
-			));
+			);
+
+			if (isset($options['color']))
+			{
+				$vars['COLOR'] = $options['color'];
+			}
+
+			$this->template->assign_block_vars($block . '.actions', $vars);
 		}
 	}
 

phpBB/includes/acp/acp_main.php

@@ -502,26 +502,8 @@ class acp_main
 
 		$upload_dir_size = get_formatted_filesize($config['upload_dir_size']);
 
-		$avatar_dir_size = 0;
-
-		if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']))
-		{
-			while (($file = readdir($avatar_dir)) !== false)
-			{
-				if ($file[0] != '.' && $file != 'CVS' && strpos($file, 'index.') === false)
-				{
-					$avatar_dir_size += filesize($phpbb_root_path . $config['avatar_path'] . '/' . $file);
-				}
-			}
-			closedir($avatar_dir);
-
-			$avatar_dir_size = get_formatted_filesize($avatar_dir_size);
-		}
-		else
-		{
-			// Couldn't open Avatar dir.
-			$avatar_dir_size = $user->lang['NOT_AVAILABLE'];
-		}
+		// Couldn't open Avatar dir.
+		$avatar_dir_size = $user->lang['NOT_AVAILABLE'];
 
 		if ($posts_per_day > $total_posts)
 		{

phpBB/includes/acp/acp_storage.php

@@ -0,0 +1,318 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+class acp_storage
+{
+	/** @var \phpbb\config $config */
+	protected $config;
+
+	/** @var \phpbb\language\language $lang */
+	protected $lang;
+
+	/** @var \phpbb\request\request */
+	protected $request;
+
+	/** @var \phpbb\template\template */
+	protected $template;
+
+	/** @var \phpbb\user */
+	protected $user;
+
+	/** @var \phpbb\di\service_collection */
+	protected $provider_collection;
+
+	/** @var \phpbb\di\service_collection */
+	protected $storage_collection;
+
+	/** @var string */
+	public $page_title;
+
+	/** @var string */
+	public $tpl_name;
+
+	/** @var string */
+	public $u_action;
+
+	/**
+	 *  @param string $id
+	 * @param string $mode
+	 */
+	public function main($id, $mode)
+	{
+		global $phpbb_container, $phpbb_dispatcher;
+
+		$this->config = $phpbb_container->get('config');
+		$this->lang = $phpbb_container->get('language');
+		$this->request = $phpbb_container->get('request');
+		$this->template = $phpbb_container->get('template');
+		$this->user = $phpbb_container->get('user');
+		$this->provider_collection = $phpbb_container->get('storage.provider_collection');
+		$this->storage_collection = $phpbb_container->get('storage.storage_collection');
+
+		// Add necesary language files
+		$this->lang->add_lang(['acp/storage']);
+
+		/**
+		 * Add language strings
+		 *
+		 * @event core.acp_storage_load
+		 * @since 3.3.0-a1
+		 */
+		$phpbb_dispatcher->dispatch('core.acp_storage_load');
+
+		$this->overview($id, $mode);
+	}
+
+	/**
+	 * @param string $id
+	 * @param string $mode
+	 */
+	public function overview($id, $mode)
+	{
+		$form_key = 'acp_storage';
+		add_form_key($form_key);
+
+		// Template from adm/style
+		$this->tpl_name = 'acp_storage';
+
+		// Set page title
+		$this->page_title = 'STORAGE_TITLE';
+
+		if ($this->request->is_set_post('submit'))
+		{
+			$modified_storages = [];
+			$messages = [];
+
+			if (!check_form_key($form_key))
+			{
+				$messages[] = $this->lang->lang('FORM_INVALID');
+			}
+
+			foreach ($this->storage_collection as $storage)
+			{
+				$storage_name = $storage->get_name();
+
+				$options = $this->get_provider_options($this->get_current_provider($storage_name));
+
+				$modified = false;
+
+				// Check if provider have been modified
+				if ($this->get_new_provider($storage_name) != $this->get_current_provider($storage_name))
+				{
+					$modified = true;
+				}
+
+				// Check if options have been modified
+				if (!$modified)
+				{
+					foreach (array_keys($options) as $definition)
+					{
+						if ($this->get_new_definition($storage_name, $definition) != $this->get_current_definition($storage_name, $definition))
+						{
+							$modified = true;
+							break;
+						}
+					}
+				}
+
+				// If the storage have been modified, validate options
+				if ($modified)
+				{
+					$modified_storages[] = $storage_name;
+					$this->validate_data($storage_name, $messages);
+				}
+			}
+
+			if (!empty($modified_storages))
+			{
+				if (empty($messages))
+				{
+					foreach ($modified_storages as $storage_name)
+					{
+						$this->update_storage_config($storage_name);
+					}
+
+					trigger_error($this->lang->lang('STORAGE_UPDATE_SUCCESSFUL') . adm_back_link($this->u_action), E_USER_NOTICE);
+				}
+				else
+				{
+					trigger_error(implode('<br />', $messages) . adm_back_link($this->u_action), E_USER_WARNING);
+				}
+			}
+
+			// If there is no errors
+			trigger_error($this->lang->lang('STORAGE_NO_CHANGES') . adm_back_link($this->u_action), E_USER_WARNING);
+		}
+
+		$this->template->assign_vars(array(
+			'STORAGES' => $this->storage_collection,
+			'PROVIDERS' => $this->provider_collection,
+		));
+	}
+
+	/**
+	 * Get the current provider from config
+	 *
+	 * @param string $key Storage name
+	 * @return string The current provider
+	 */
+	protected function get_current_provider($storage_name)
+	{
+		return $this->config['storage\\' . $storage_name . '\\provider'];
+	}
+
+	/**
+	 * Get the new provider from the request
+	 *
+	 * @param string $key Storage name
+	 * @return string The new provider
+	 */
+	protected function get_new_provider($storage_name)
+	{
+		return $this->request->variable([$storage_name, 'provider'], '');
+	}
+
+	/**
+	 * Get adapter definitions from a provider
+	 *
+	 * @param string $provider Provider class
+	 * @return array Adapter definitions
+	 */
+	protected function get_provider_options($provider)
+	{
+		return $this->provider_collection->get_by_class($provider)->get_options();
+	}
+
+	/**
+	 * Get the current value of the definition of a storage from config
+	 *
+	 * @param string $storage_name Storage name
+	 * @param string $definition Definition
+	 * @return string Definition value
+	 */
+	protected function get_current_definition($storage_name, $definition)
+	{
+		return $this->config['storage\\' . $storage_name . '\\config\\' . $definition];
+	}
+
+	/**
+	 * Get the new value of the definition of a storage from the request
+	 *
+	 * @param string $storage_name Storage name
+	 * @param string $definition Definition
+	 * @return string Definition value
+	 */
+	protected function get_new_definition($storage_name, $definition)
+	{
+		return $this->request->variable([$storage_name, $definition], '');
+	}
+
+	/**
+	 * Validates data
+	 *
+	 * @param string $storage_name Storage name
+	 * @param array $messages Reference to messages array
+	 */
+	protected function validate_data($storage_name, &$messages)
+	{
+		$storage_title = $this->lang->lang('STORAGE_' . strtoupper($storage_name) . '_TITLE');
+
+		// Check if provider exists
+		try
+		{
+			$new_provider = $this->provider_collection->get_by_class($this->get_new_provider($storage_name));
+		}
+		catch (\Exception $e)
+		{
+			$messages[] = $this->lang->lang('STORAGE_PROVIDER_NOT_EXISTS', $storage_title);
+			return;
+		}
+
+		// Check if provider is available
+		if (!$new_provider->is_available())
+		{
+			$messages[] = $this->lang->lang('STORAGE_PROVIDER_NOT_AVAILABLE', $storage_title);
+			return;
+		}
+
+		// Check options
+		$new_options = $this->get_provider_options($this->get_new_provider($storage_name));
+
+		foreach ($new_options as $definition_key => $definition_value)
+		{
+			$provider = $this->provider_collection->get_by_class($this->get_new_provider($storage_name));
+			$definition_title = $this->lang->lang('STORAGE_ADAPTER_' . strtoupper($provider->get_name()) . '_OPTION_' . strtoupper($definition_key));
+
+			$value = $this->get_new_definition($storage_name, $definition_key);
+
+			switch ($definition_value['type'])
+			{
+				case 'email':
+					if (!filter_var($value, FILTER_VALIDATE_EMAIL))
+					{
+						$messages[] = $this->lang->lang('STORAGE_FORM_TYPE_EMAIL_INCORRECT_FORMAT', $definition_title, $storage_title);
+					}
+				case 'text':
+				case 'password':
+					$maxlength = isset($definition_value['maxlength']) ? $definition_value['maxlength'] : 255;
+					if (strlen($value) > $maxlength)
+					{
+						$messages[] = $this->lang->lang('STORAGE_FORM_TYPE_TEXT_TOO_LONG', $definition_title, $storage_title);
+					}
+					break;
+				case 'radio':
+				case 'select':
+					if (!in_array($value, array_values($definition_value['options'])))
+					{
+						$messages[] = $this->lang->lang('STORAGE_FORM_TYPE_SELECT_NOT_AVAILABLE', $definition_title, $storage_title);
+					}
+					break;
+			}
+		}
+	}
+
+	/**
+	 * Updates an storage with the info provided in the form
+	 *
+	 * @param string $storage_name Storage name
+	 */
+	protected function update_storage_config($storage_name)
+	{
+		$current_options = $this->get_provider_options($this->get_current_provider($storage_name));
+
+		// Remove old storage config
+		foreach (array_keys($current_options) as $definition)
+		{
+			$this->config->delete('storage\\' . $storage_name . '\\config\\' . $definition);
+		}
+
+		// Update provider
+		$this->config->set('storage\\' . $storage_name . '\\provider', $this->get_new_provider($storage_name));
+
+		// Set new storage config
+		$new_options = $this->get_provider_options($this->get_new_provider($storage_name));
+
+		foreach (array_keys($new_options) as $definition)
+		{
+			$this->config->set('storage\\' . $storage_name . '\\config\\' . $definition, $this->get_new_definition($storage_name, $definition));
+		}
+	}
+}

phpBB/includes/acp/info/acp_extensions.php

@@ -20,6 +20,7 @@ class acp_extensions_info
 			'title'		=> 'ACP_EXTENSION_MANAGEMENT',
 			'modes'		=> array(
 				'main'		=> array('title' => 'ACP_EXTENSIONS', 'auth' => 'acl_a_extensions', 'cat' => array('ACP_EXTENSION_MANAGEMENT')),
+				'catalog'	=> array('title' => 'ACP_EXTENSIONS_CATALOG', 'auth' => 'acl_a_extensions', 'cat' => array('ACP_EXTENSION_MANAGEMENT')),
 			),
 		);
 	}

phpBB/includes/acp/info/acp_storage.php

@@ -0,0 +1,34 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+class acp_storage_info
+{
+	function module()
+	{
+		return array(
+			'filename'	=> 'acp_storage',
+			'title'		=> 'ACP_STORAGE_SETTINGS',
+			'modes'		=> array(
+				'settings'	=> array('title' => 'ACP_STORAGE_SETTINGS', 'auth' => 'acl_a_storage', 'cat' => array('ACP_SERVER_CONFIGURATION')),
+			),
+		);
+	}
+
+	function install()
+	{
+	}
+
+	function uninstall()
+	{
+	}
+}

phpBB/includes/bbcode.php

@@ -156,9 +156,7 @@ class bbcode
 					$phpbb_container->get('path_helper'),
 					$phpbb_container->getParameter('core.cache_dir'),
 					$phpbb_container->get('ext.manager'),
-					new \phpbb\template\twig\loader(
-						$phpbb_filesystem
-					)
+					new \phpbb\template\twig\loader()
 				),
 				$phpbb_container->getParameter('core.cache_dir'),
 				$phpbb_container->get('user'),

phpBB/includes/compatibility_globals.php

@@ -18,6 +18,13 @@ if (!defined('IN_PHPBB'))
 	exit;
 }
 
+//
+// Deprecated globals
+//
+define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files - @deprecated 3.2
+
 /**
  * Sets compatibility globals in the global scope
  *

phpBB/includes/constants.php

@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-@define('PHPBB_VERSION', '3.2.4-dev');
+@define('PHPBB_VERSION', '3.3.0-a1-dev');
 
 // QA-related
 // define('PHPBB_QA', 1);
@@ -157,11 +157,6 @@ define('FULL_FOLDER_NONE', -3);
 define('FULL_FOLDER_DELETE', -2);
 define('FULL_FOLDER_HOLD', -1);
 
-// Download Modes - Attachments
-define('INLINE_LINK', 1);
-// This mode is only used internally to allow modders extending the attachment functionality
-define('PHYSICAL_LINK', 2);
-
 // Confirm types
 define('CONFIRM_REG', 1);
 define('CONFIRM_LOGIN', 2);
@@ -171,11 +166,8 @@ define('CONFIRM_REPORT', 4);
 // Categories - Attachments
 define('ATTACHMENT_CATEGORY_NONE', 0);
 define('ATTACHMENT_CATEGORY_IMAGE', 1); // Inline Images
-define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming - @deprecated 3.2
-define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming - @deprecated 3.2
 define('ATTACHMENT_CATEGORY_THUMB', 4); // Not used within the database, only while displaying posts
 define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files
-define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files - @deprecated 3.2
 
 // BBCode UID length
 define('BBCODE_UID_LEN', 8);

phpBB/includes/functions.php

@@ -51,18 +51,6 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path)
 	}
 }
 
-/**
-* Casts a variable to the given type.
-*
-* @deprecated
-*/
-function set_var(&$result, $var, $type, $multibyte = false)
-{
-	// no need for dependency injection here, if you have the object, call the method yourself!
-	$type_cast_helper = new \phpbb\request\type_cast_helper();
-	$type_cast_helper->set_var($result, $var, $type, $multibyte);
-}
-
 /**
 * Generates an alphanumeric random string of given length
 *
@@ -3497,15 +3485,7 @@ function phpbb_filter_root_path($errfile)
 
 	if (empty($root_path))
 	{
-		if ($phpbb_filesystem)
-		{
-			$root_path = $phpbb_filesystem->realpath(dirname(__FILE__) . '/../');
-		}
-		else
-		{
-			$filesystem = new \phpbb\filesystem\filesystem();
-			$root_path = $filesystem->realpath(dirname(__FILE__) . '/../');
-		}
+		$root_path = \phpbb\filesystem\helper::realpath(dirname(__FILE__) . '/../');
 	}
 
 	return str_replace(array($root_path, '\\'), array('[ROOT]', '/'), $errfile);
@@ -4342,6 +4322,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 	$controller_helper = $phpbb_container->get('controller.helper');
 	$notification_mark_hash = generate_link_hash('mark_all_notifications_read');
 
+	$phpbb_version_parts = explode('.', PHPBB_VERSION, 3);
+	$phpbb_major = $phpbb_version_parts[0] . '.' . $phpbb_version_parts[1];
+
 	// The following assigns all _common_ variables that may be used at any point in a template.
 	$template->assign_vars(array(
 		'SITENAME'						=> $config['sitename'],
@@ -4375,6 +4358,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 		'SESSION_ID'		=> $user->session_id,
 		'ROOT_PATH'			=> $web_path,
 		'BOARD_URL'			=> $board_url,
+		'PHPBB_VERSION'		=> PHPBB_VERSION,
+		'PHPBB_MAJOR'		=> $phpbb_major,
 
 		'L_LOGIN_LOGOUT'	=> $l_login_logout,
 		'L_INDEX'			=> ($config['board_index_text'] !== '') ? $config['board_index_text'] : $user->lang['FORUM_INDEX'],
@@ -4450,11 +4435,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 		'T_SUPER_TEMPLATE_PATH'	=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/template',
 		'T_IMAGES_PATH'			=> "{$web_path}images/",
 		'T_SMILIES_PATH'		=> "{$web_path}{$config['smilies_path']}/",
-		'T_AVATAR_PATH'			=> "{$web_path}{$config['avatar_path']}/",
 		'T_AVATAR_GALLERY_PATH'	=> "{$web_path}{$config['avatar_gallery_path']}/",
 		'T_ICONS_PATH'			=> "{$web_path}{$config['icons_path']}/",
 		'T_RANKS_PATH'			=> "{$web_path}{$config['ranks_path']}/",
-		'T_UPLOAD_PATH'			=> "{$web_path}{$config['upload_path']}/",
 		'T_STYLESHEET_LINK'		=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/stylesheet.css?assets_version=' . $config['assets_version'],
 		'T_STYLESHEET_LANG_LINK'=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/' . $user->lang_name . '/stylesheet.css?assets_version=' . $config['assets_version'],
 		'T_FONT_AWESOME_LINK'	=> !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
@@ -4468,11 +4451,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 		'T_SUPER_TEMPLATE_NAME'	=> rawurlencode((isset($user->style['style_parent_tree']) && $user->style['style_parent_tree']) ? $user->style['style_parent_tree'] : $user->style['style_path']),
 		'T_IMAGES'				=> 'images',
 		'T_SMILIES'				=> $config['smilies_path'],
-		'T_AVATAR'				=> $config['avatar_path'],
 		'T_AVATAR_GALLERY'		=> $config['avatar_gallery_path'],
 		'T_ICONS'				=> $config['icons_path'],
 		'T_RANKS'				=> $config['ranks_path'],
-		'T_UPLOAD'				=> $config['upload_path'],
 
 		'SITE_LOGO_IMG'			=> $user->img('site_logo'),
 	));

phpBB/includes/functions_acp.php

@@ -66,6 +66,9 @@ function adm_page_header($page_title)
 		}
 	}
 
+	$phpbb_version_parts = explode('.', PHPBB_VERSION, 3);
+	$phpbb_major = $phpbb_version_parts[0] . '.' . $phpbb_version_parts[1];
+
 	$template->assign_vars(array(
 		'PAGE_TITLE'			=> $page_title,
 		'USERNAME'				=> $user->data['username'],
@@ -75,6 +78,8 @@ function adm_page_header($page_title)
 		'SESSION_ID'			=> $user->session_id,
 		'ROOT_PATH'				=> $phpbb_root_path,
 		'ADMIN_ROOT_PATH'		=> $phpbb_admin_path,
+		'PHPBB_VERSION'			=> PHPBB_VERSION,
+		'PHPBB_MAJOR'			=> $phpbb_major,
 
 		'U_LOGOUT'				=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout'),
 		'U_ADM_LOGOUT'			=> append_sid("{$phpbb_admin_path}index.$phpEx", 'action=admlogout'),
@@ -83,11 +88,9 @@ function adm_page_header($page_title)
 
 		'T_IMAGES_PATH'			=> "{$phpbb_root_path}images/",
 		'T_SMILIES_PATH'		=> "{$phpbb_root_path}{$config['smilies_path']}/",
-		'T_AVATAR_PATH'			=> "{$phpbb_root_path}{$config['avatar_path']}/",
 		'T_AVATAR_GALLERY_PATH'	=> "{$phpbb_root_path}{$config['avatar_gallery_path']}/",
 		'T_ICONS_PATH'			=> "{$phpbb_root_path}{$config['icons_path']}/",
 		'T_RANKS_PATH'			=> "{$phpbb_root_path}{$config['ranks_path']}/",
-		'T_UPLOAD_PATH'			=> "{$phpbb_root_path}{$config['upload_path']}/",
 		'T_FONT_AWESOME_LINK'	=> !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$phpbb_root_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
 
 		'T_ASSETS_VERSION'		=> $config['assets_version'],

phpBB/includes/functions_admin.php

@@ -1160,28 +1160,6 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
 	return count($post_ids);
 }
 
-/**
-* Delete Attachments
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*
-* @param string $mode can be: post|message|topic|attach|user
-* @param mixed $ids can be: post_ids, message_ids, topic_ids, attach_ids, user_ids
-* @param bool $resync set this to false if you are deleting posts or topics
-*/
-function delete_attachments($mode, $ids, $resync = true)
-{
-	global $phpbb_container;
-
-	/** @var \phpbb\attachment\manager $attachment_manager */
-	$attachment_manager = $phpbb_container->get('attachment.manager');
-	$num_deleted = $attachment_manager->delete($mode, $ids, $resync);
-
-	unset($attachment_manager);
-
-	return $num_deleted;
-}
-
 /**
 * Deletes shadow topics pointing to a specified forum.
 *
@@ -1293,23 +1271,6 @@ function update_posted_info(&$topic_ids)
 	$db->sql_multi_insert(TOPICS_POSTED_TABLE, $sql_ary);
 }
 
-/**
-* Delete attached file
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*/
-function phpbb_unlink($filename, $mode = 'file', $entry_removed = false)
-{
-	global $phpbb_container;
-
-	/** @var \phpbb\attachment\manager $attachment_manager */
-	$attachment_manager = $phpbb_container->get('attachment.manager');
-	$unlink = $attachment_manager->unlink($filename, $mode, $entry_removed);
-	unset($attachment_manager);
-
-	return $unlink;
-}
-
 /**
 * All-encompasing sync function
 *

phpBB/includes/functions_compatibility.php

@@ -22,7 +22,7 @@ if (!defined('IN_PHPBB'))
 /**
 * Get user avatar
 *
-* @deprecated 3.1.0-a1 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a1 (To be removed: 4.0.0)
 *
 * @param string $avatar Users assigned avatar name
 * @param int $avatar_type Type of avatar
@@ -50,7 +50,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $
 /**
 * Hash the password
 *
-* @deprecated 3.1.0-a2 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a2 (To be removed: 4.0.0)
 *
 * @param string $password Password to be hashed
 *
@@ -68,7 +68,7 @@ function phpbb_hash($password)
 /**
 * Check for correct password
 *
-* @deprecated 3.1.0-a2 (To be removed: 3.3.0)
+* @deprecated 3.1.0-a2 (To be removed: 4.0.0)
 *
 * @param string $password The password in plain text
 * @param string $hash The stored password hash
@@ -87,45 +87,16 @@ function phpbb_check_hash($password, $hash)
 /**
 * Eliminates useless . and .. components from specified path.
 *
-* Deprecated, use filesystem class instead
+* Deprecated, use storage helper class instead
 *
 * @param string $path Path to clean
 * @return string Cleaned path
 *
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
 */
 function phpbb_clean_path($path)
 {
-	global $phpbb_path_helper, $phpbb_container;
-
-	if (!$phpbb_path_helper && $phpbb_container)
-	{
-		/* @var $phpbb_path_helper \phpbb\path_helper */
-		$phpbb_path_helper = $phpbb_container->get('path_helper');
-	}
-	else if (!$phpbb_path_helper)
-	{
-		global $phpbb_root_path, $phpEx;
-
-		// The container is not yet loaded, use a new instance
-		if (!class_exists('\phpbb\path_helper'))
-		{
-			require($phpbb_root_path . 'phpbb/path_helper.' . $phpEx);
-		}
-
-		$request = new phpbb\request\request();
-		$phpbb_path_helper = new phpbb\path_helper(
-			new phpbb\symfony_request(
-				$request
-			),
-			new phpbb\filesystem\filesystem(),
-			$request,
-			$phpbb_root_path,
-			$phpEx
-		);
-	}
-
-	return $phpbb_path_helper->clean_path($path);
+	return \phpbb\filesystem\helper::clean_path($path);
 }
 
 /**
@@ -136,7 +107,7 @@ function phpbb_clean_path($path)
 *
 * @return		string		Returns the options for timezone selector only
 *
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
 */
 function tz_select($default = '', $truncate = false)
 {
@@ -150,7 +121,7 @@ function tz_select($default = '', $truncate = false)
 * via admin_permissions. Changes of usernames and group names
 * must be carried through for the moderators table.
 *
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
 * @return null
 */
 function cache_moderators()
@@ -162,7 +133,7 @@ function cache_moderators()
 /**
 * Removes moderators and administrators from foe lists.
 *
-* @deprecated 3.1.0 (To be removed: 3.3.0)
+* @deprecated 3.1.0 (To be removed: 4.0.0)
 * @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore
 * @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore
 * @return null
@@ -182,7 +153,7 @@ function update_foes($group_id = false, $user_id = false)
 * @param string &$rank_img the rank image as full img tag is stored here after execution
 * @param string &$rank_img_src the rank image source is stored here after execution
 *
-* @deprecated 3.1.0-RC5 (To be removed: 3.3.0)
+* @deprecated 3.1.0-RC5 (To be removed: 4.0.0)
 *
 * Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false
 */
@@ -232,7 +203,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
  *
  * @return	int|bool		Returns the log_id, if the entry was added to the database, false otherwise.
  *
- * @deprecated	3.1.0 (To be removed: 3.3.0)
+ * @deprecated	3.1.0 (To be removed: 4.0.0)
  */
 function add_log()
 {
@@ -280,7 +251,7 @@ function add_log()
  *
  * @return null
  *
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
  */
 function set_config($config_name, $config_value, $is_dynamic = false, \phpbb\config\config $set_config = null)
 {
@@ -310,7 +281,7 @@ function set_config($config_name, $config_value, $is_dynamic = false, \phpbb\con
  *
  * @return null
  *
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
  */
 function set_config_count($config_name, $increment, $is_dynamic = false, \phpbb\config\config $set_config = null)
 {
@@ -331,7 +302,7 @@ function set_config_count($config_name, $increment, $is_dynamic = false, \phpbb\
  * See {@link \phpbb\request\request_interface::variable \phpbb\request\request_interface::variable} for
  * documentation of this function's use.
  *
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
  * @param	mixed			$var_name	The form variable's name from which data shall be retrieved.
  * 										If the value is an array this may be an array of indizes which will give
  * 										direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
@@ -389,7 +360,7 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false, $
 /**
  * Get tables of a database
  *
- * @deprecated 3.1.0 (To be removed: 3.3.0)
+ * @deprecated 3.1.0 (To be removed: 4.0.0)
  */
 function get_tables(&$db)
 {
@@ -463,25 +434,21 @@ function phpbb_is_writable($file)
  * @param string $path Path to check absoluteness of
  * @return boolean
  *
- * @deprecated 3.2.0-dev	use \phpbb\filesystem\filesystem::is_absolute_path() instead
+ * @deprecated 3.2.0-dev	use \phpbb\filesystem\helper::is_absolute_path() instead
  */
 function phpbb_is_absolute($path)
 {
-	global $phpbb_filesystem;
-
-	return $phpbb_filesystem->is_absolute_path($path);
+	return \phpbb\filesystem\helper::is_absolute_path($path);
 }
 
 /**
  * A wrapper for realpath
  *
- * @deprecated 3.2.0-dev	use \phpbb\filesystem\filesystem::realpath() instead
+ * @deprecated 3.2.0-dev	use \phpbb\filesystem\helper::realpath() instead
  */
 function phpbb_realpath($path)
 {
-	global $phpbb_filesystem;
-
-	return $phpbb_filesystem->realpath($path);
+	return \phpbb\filesystem\helper::realpath($path);
 }
 
 /**
@@ -492,7 +459,7 @@ function phpbb_realpath($path)
  * @param $number	int|float	The number we want to get the plural case for. Float numbers are floored.
  * @return	int		The plural-case we need to use for the number plural-rule combination
  *
- * @deprecated 3.2.0-dev (To be removed: 3.3.0)
+ * @deprecated 3.2.0-dev (To be removed: 4.0.0)
  */
 function phpbb_get_plural_form($rule, $number)
 {
@@ -511,3 +478,93 @@ function phpbb_pcre_utf8_support()
 {
 	return true;
 }
+
+/**
+ * Casts a variable to the given type.
+ *
+ * @deprecated 3.1 (To be removed 4.0.0)
+ */
+function set_var(&$result, $var, $type, $multibyte = false)
+{
+	// no need for dependency injection here, if you have the object, call the method yourself!
+	$type_cast_helper = new \phpbb\request\type_cast_helper();
+	$type_cast_helper->set_var($result, $var, $type, $multibyte);
+}
+
+/**
+ * Delete Attachments
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ *
+ * @param string $mode can be: post|message|topic|attach|user
+ * @param mixed $ids can be: post_ids, message_ids, topic_ids, attach_ids, user_ids
+ * @param bool $resync set this to false if you are deleting posts or topics
+ */
+function delete_attachments($mode, $ids, $resync = true)
+{
+	global $phpbb_container;
+
+	/** @var \phpbb\attachment\manager $attachment_manager */
+	$attachment_manager = $phpbb_container->get('attachment.manager');
+	$num_deleted = $attachment_manager->delete($mode, $ids, $resync);
+
+	unset($attachment_manager);
+
+	return $num_deleted;
+}
+
+/**
+ * Delete attached file
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ */
+function phpbb_unlink($filename, $mode = 'file', $entry_removed = false)
+{
+	global $phpbb_container;
+
+	/** @var \phpbb\attachment\manager $attachment_manager */
+	$attachment_manager = $phpbb_container->get('attachment.manager');
+	$unlink = $attachment_manager->unlink($filename, $mode, $entry_removed);
+	unset($attachment_manager);
+
+	return $unlink;
+}
+
+/**
+ * Display reasons
+ *
+ * @deprecated 3.2.0-dev (To be removed: 4.0.0)
+ */
+function display_reasons($reason_id = 0)
+{
+	global $phpbb_container;
+
+	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
+}
+
+/**
+ * Upload Attachment - filedata is generated here
+ * Uses upload class
+ *
+ * @deprecated 3.2.0-a1 (To be removed: 4.0.0)
+ *
+ * @param string			$form_name		The form name of the file upload input
+ * @param int			$forum_id		The id of the forum
+ * @param bool			$local			Whether the file is local or not
+ * @param string			$local_storage	The path to the local file
+ * @param bool			$is_message		Whether it is a PM or not
+ * @param array			$local_filedata	A filespec object created for the local file
+ *
+ * @return array File data array
+ */
+function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false)
+{
+	global $phpbb_container;
+
+	/** @var \phpbb\attachment\manager $attachment_manager */
+	$attachment_manager = $phpbb_container->get('attachment.manager');
+	$file = $attachment_manager->upload($form_name, $forum_id, $local, $local_storage, $is_message, $local_filedata);
+	unset($attachment_manager);
+
+	return $file;
+}

phpBB/includes/functions_content.php

@@ -1086,6 +1086,9 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 
 	global $template, $cache, $user, $phpbb_dispatcher;
 	global $extensions, $config, $phpbb_root_path, $phpEx;
+	global $phpbb_container;
+
+	$attachment_storage = $phpbb_container->get('storage.attachment');
 
 	//
 	$compiled_attachments = array();
@@ -1163,7 +1166,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 
 		// Some basics...
 		$attachment['extension'] = strtolower(trim($attachment['extension']));
-		$filename = $phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($attachment['physical_filename']);
+		$filename = utf8_basename($attachment['physical_filename']);
 
 		$upload_icon = '';
 
@@ -1219,17 +1222,16 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 					{
 						if ($config['img_link_width'] || $config['img_link_height'])
 						{
-							$dimension = @getimagesize($filename);
+							try
+							{
+								$file_info = $storage_attachment->file_info($filename);
 
-							// If the dimensions could not be determined or the image being 0x0 we display it as a link for safety purposes
-							if ($dimension === false || empty($dimension[0]) || empty($dimension[1]))
+								$display_cat = ($file_info->image_width <= $config['img_link_width'] && $file_info->image_height <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
+							}
+							catch (\Exception $e)
 							{
 								$display_cat = ATTACHMENT_CATEGORY_NONE;
 							}
-							else
-							{
-								$display_cat = ($dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
-							}
 						}
 					}
 					else
@@ -1283,7 +1285,18 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 
 				// Macromedia Flash Files
 				case ATTACHMENT_CATEGORY_FLASH:
-					list($width, $height) = @getimagesize($filename);
+					try
+					{
+						$file_info = $storage_attachment->file_info($filename);
+
+						$width = $file_info->image_width;
+						$height = $file_info->image_height;
+					}
+					catch (\Exception $e)
+					{
+						$width = 0;
+						$height = 0;
+					}
 
 					$block_array += array(
 						'S_FLASH_FILE'	=> true,

phpBB/includes/functions_convert.php

@@ -496,7 +496,7 @@ function import_attachment_files($category_name = '')
 
 	$sql = 'SELECT config_value AS upload_path
 		FROM ' . CONFIG_TABLE . "
-		WHERE config_name = 'upload_path'";
+		WHERE config_name = 'storage\\attachment\\config\\path'";
 	$result = $db->sql_query($sql);
 	$config['upload_path'] = $db->sql_fetchfield('upload_path');
 	$db->sql_freeresult($result);

phpBB/includes/functions_display.php

@@ -1148,18 +1148,6 @@ function display_custom_bbcodes()
 	$phpbb_dispatcher->dispatch('core.display_custom_bbcodes');
 }
 
-/**
-* Display reasons
-*
-* @deprecated 3.2.0-dev
-*/
-function display_reasons($reason_id = 0)
-{
-	global $phpbb_container;
-
-	$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
-}
-
 /**
 * Display user activity (action forum/topic)
 */

phpBB/includes/functions_download.php

@@ -25,30 +25,27 @@ if (!defined('IN_PHPBB'))
 */
 function send_avatar_to_browser($file, $browser)
 {
-	global $config, $phpbb_root_path;
+	global $config, $phpbb_container;
+
+	$storage = $phpbb_container->get('storage.avatar');
 
 	$prefix = $config['avatar_salt'] . '_';
-	$image_dir = $config['avatar_path'];
+	$file_path = $prefix . $file;
 
-	// Adjust image_dir path (no trailing slash)
-	if (substr($image_dir, -1, 1) == '/' || substr($image_dir, -1, 1) == '\\')
+	if ($storage->exists($file_path) && !headers_sent())
 	{
-		$image_dir = substr($image_dir, 0, -1) . '/';
-	}
-	$image_dir = str_replace(array('../', '..\\', './', '.\\'), '', $image_dir);
+		$file_info = $storage->file_info($file_path);
 
-	if ($image_dir && ($image_dir[0] == '/' || $image_dir[0] == '\\'))
-	{
-		$image_dir = '';
-	}
-	$file_path = $phpbb_root_path . $image_dir . '/' . $prefix . $file;
-
-	if ((@file_exists($file_path) && @is_readable($file_path)) && !headers_sent())
-	{
 		header('Cache-Control: public');
 
-		$image_data = @getimagesize($file_path);
-		header('Content-Type: ' . image_type_to_mime_type($image_data[2]));
+		try
+		{
+			header('Content-Type: ' . $file_info->mimetype);
+		}
+		catch (\phpbb\storage\exception\exception $e)
+		{
+			// Just don't send this header
+		}
 
 		if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7))
 		{
@@ -69,24 +66,26 @@ function send_avatar_to_browser($file, $browser)
 			header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
 		}
 
-		$size = @filesize($file_path);
-		if ($size)
+		try
 		{
-			header("Content-Length: $size");
+			header('Content-Length: ' . $file_info->size);
+		}
+		catch (\phpbb\storage\exception\exception $e)
+		{
+			// Just don't send this header
 		}
 
-		if (@readfile($file_path) == false)
+		try
 		{
-			$fp = @fopen($file_path, 'rb');
-
-			if ($fp !== false)
-			{
-				while (!feof($fp))
-				{
-					echo fread($fp, 8192);
-				}
-				fclose($fp);
-			}
+			$fp = $storage->read_stream($file_path);
+			$output = fopen('php://output', 'w+b');
+			stream_copy_to_stream($fp, $output);
+			fclose($fp);
+			fclose($output);
+		}
+		catch (\Exception $e)
+		{
+			// Send nothing
 		}
 
 		flush();
@@ -122,13 +121,15 @@ function wrap_img_in_html($src, $title)
 /**
 * Send file to browser
 */
-function send_file_to_browser($attachment, $upload_dir, $category)
+function send_file_to_browser($attachment, $category)
 {
-	global $user, $db, $phpbb_dispatcher, $phpbb_root_path, $request;
+	global $user, $db, $phpbb_dispatcher, $request, $phpbb_container;
 
-	$filename = $phpbb_root_path . $upload_dir . '/' . $attachment['physical_filename'];
+	$storage = $phpbb_container->get('storage.attachment');
 
-	if (!@file_exists($filename))
+	$filename = $attachment['physical_filename'];
+
+	if (!$storage->exists($filename))
 	{
 		send_status_line(404, 'Not Found');
 		trigger_error('ERROR_NO_ATTACHMENT');
@@ -147,14 +148,21 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	}
 
 	// Now send the File Contents to the Browser
-	$size = @filesize($filename);
+	try
+	{
+		$file_info = $storage->file_info($filename);
+		$size = $file_info->size;
+	}
+	catch (\Exception $e)
+	{
+		$size = 0;
+	}
 
 	/**
 	* Event to alter attachment before it is sent to browser.
 	*
 	* @event core.send_file_to_browser_before
 	* @var	array	attachment	Attachment data
-	* @var	string	upload_dir	Relative path of upload directory
 	* @var	int		category	Attachment category
 	* @var	string	filename	Path to file, including filename
 	* @var	int		size		File size
@@ -162,7 +170,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	*/
 	$vars = array(
 		'attachment',
-		'upload_dir',
 		'category',
 		'filename',
 		'size',
@@ -172,15 +179,8 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	// To correctly display further errors we need to make sure we are using the correct headers for both (unsetting content-length may not work)
 
 	// Check if headers already sent or not able to get the file contents.
-	if (headers_sent() || !@file_exists($filename) || !@is_readable($filename))
+	if (headers_sent())
 	{
-		// PHP track_errors setting On?
-		if (!empty($php_errormsg))
-		{
-			send_status_line(500, 'Internal Server Error');
-			trigger_error($user->lang['UNABLE_TO_DELIVER_FILE'] . '<br />' . sprintf($user->lang['TRACKED_PHP_ERROR'], $php_errormsg));
-		}
-
 		send_status_line(500, 'Internal Server Error');
 		trigger_error('UNABLE_TO_DELIVER_FILE');
 	}
@@ -236,24 +236,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	if (!set_modified_headers($attachment['filetime'], $user->browser))
 	{
-		// We make sure those have to be enabled manually by defining a constant
-		// because of the potential disclosure of full attachment path
-		// in case support for features is absent in the webserver software.
-		if (defined('PHPBB_ENABLE_X_ACCEL_REDIRECT') && PHPBB_ENABLE_X_ACCEL_REDIRECT)
-		{
-			// X-Accel-Redirect - http://wiki.nginx.org/XSendfile
-			header('X-Accel-Redirect: ' . $user->page['root_script_path'] . $upload_dir . '/' . $attachment['physical_filename']);
-			exit;
-		}
-		else if (defined('PHPBB_ENABLE_X_SENDFILE') && PHPBB_ENABLE_X_SENDFILE && !phpbb_http_byte_range($size))
-		{
-			// X-Sendfile - http://blog.lighttpd.net/articles/2006/07/02/x-sendfile
-			// Lighttpd's X-Sendfile does not support range requests as of 1.4.26
-			// and always requires an absolute path.
-			header('X-Sendfile: ' . dirname(__FILE__) . "/../$upload_dir/{$attachment['physical_filename']}");
-			exit;
-		}
-
 		if ($size)
 		{
 			header("Content-Length: $size");
@@ -262,7 +244,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		// Try to deliver in chunks
 		@set_time_limit(0);
 
-		$fp = @fopen($filename, 'rb');
+		$fp = $storage->read_stream($filename);
 
 		if ($fp !== false)
 		{
@@ -292,10 +274,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 			}
 			fclose($fp);
 		}
-		else
-		{
-			@readfile($filename);
-		}
 
 		flush();
 	}

phpBB/includes/functions_messenger.php

@@ -700,9 +700,7 @@ class messenger
 			$phpbb_container->get('path_helper'),
 			$phpbb_container->getParameter('core.template.cache_path'),
 			$phpbb_container->get('ext.manager'),
-			new \phpbb\template\twig\loader(
-				$phpbb_container->get('filesystem')
-			),
+			new \phpbb\template\twig\loader(),
 			$phpbb_dispatcher,
 			array()
 		);

phpBB/includes/functions_module.php

@@ -933,6 +933,14 @@ class p_master
 					'U_TITLE'		=> $u_title
 				);
 
+				if (isset($this->module_cache['parents'][$item_ary['id']]) || $item_ary['id'] == $this->p_id)
+				{
+					$template->assign_block_vars('navlinks', array(
+						'FORUM_NAME'	=> $item_ary['lang'],
+						'U_VIEW_FORUM'	=> $u_title,
+					));
+				}
+
 				$template->assign_block_vars($use_tabular_offset, array_merge($tpl_ary, array_change_key_case($item_ary, CASE_UPPER)));
 			}
 

phpBB/includes/functions_posting.php

@@ -395,34 +395,6 @@ function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL)
 //
 // Attachment related functions
 //
-
-/**
-* Upload Attachment - filedata is generated here
-* Uses upload class
-*
-* @deprecated 3.2.0-a1 (To be removed: 3.4.0)
-*
-* @param string			$form_name		The form name of the file upload input
-* @param int			$forum_id		The id of the forum
-* @param bool			$local			Whether the file is local or not
-* @param string			$local_storage	The path to the local file
-* @param bool			$is_message		Whether it is a PM or not
-* @param array			$local_filedata	A filespec object created for the local file
-*
-* @return array File data array
-*/
-function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false)
-{
-	global $phpbb_container;
-
-	/** @var \phpbb\attachment\manager $attachment_manager */
-	$attachment_manager = $phpbb_container->get('attachment.manager');
-	$file = $attachment_manager->upload($form_name, $forum_id, $local, $local_storage, $is_message, $local_filedata);
-	unset($attachment_manager);
-
-	return $file;
-}
-
 /**
 * Calculate the needed size for Thumbnail
 */
@@ -1470,6 +1442,8 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 {
 	global $db, $auth, $user, $config, $phpEx, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $phpbb_log, $request;
 
+	$attachment_storage = $phpbb_container->get('storage.attachment');
+
 	$poll = $poll_ary;
 	$data = $data_ary;
 	/**
@@ -2058,7 +2032,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 			else
 			{
 				// insert attachment into db
-				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
+				if (!$attachment_storage->exists(utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
 				{
 					continue;
 				}

phpBB/includes/functions_privmsgs.php

@@ -1614,6 +1614,8 @@ function submit_pm($mode, $subject, &$data_ary, $put_in_outbox = true)
 {
 	global $db, $auth, $config, $user, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $request;
 
+	$attachment_storage = $phpbb_container->get('storage.attachment');
+
 	// We do not handle erasing pms here
 	if ($mode == 'delete')
 	{
@@ -1881,7 +1883,7 @@ function submit_pm($mode, $subject, &$data_ary, $put_in_outbox = true)
 			else
 			{
 				// insert attachment into db
-				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
+				if (!$attachment_storage->exists(utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
 				{
 					continue;
 				}

phpBB/includes/functions_user.php

@@ -2179,7 +2179,9 @@ function phpbb_style_is_active($style_id)
 */
 function avatar_delete($mode, $row, $clean_db = false)
 {
-	global $phpbb_root_path, $config;
+	global $config, $phpbb_container;
+
+	$storage = $phpbb_container->get('storage.avatar');
 
 	// Check if the users avatar is actually *not* a group avatar
 	if ($mode == 'user')
@@ -2196,11 +2198,16 @@ function avatar_delete($mode, $row, $clean_db = false)
 	}
 	$filename = get_avatar_filename($row[$mode . '_avatar']);
 
-	if (file_exists($phpbb_root_path . $config['avatar_path'] . '/' . $filename))
+	try
 	{
-		@unlink($phpbb_root_path . $config['avatar_path'] . '/' . $filename);
+		$storage->delete($filename);
+
 		return true;
 	}
+	catch (\phpbb\storage\exception\exception $e)
+	{
+		// Fail is covered by return statement below
+	}
 
 	return false;
 }
@@ -2520,7 +2527,9 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow
 */
 function group_correct_avatar($group_id, $old_entry)
 {
-	global $config, $db, $phpbb_root_path;
+	global $config, $db, $phpbb_container;
+
+	$storage = $phpbb_container->get('storage.avatar');
 
 	$group_id		= (int) $group_id;
 	$ext 			= substr(strrchr($old_entry, '.'), 1);
@@ -2528,14 +2537,19 @@ function group_correct_avatar($group_id, $old_entry)
 	$new_filename 	= $config['avatar_salt'] . "_g$group_id.$ext";
 	$new_entry 		= 'g' . $group_id . '_' . substr(time(), -5) . ".$ext";
 
-	$avatar_path = $phpbb_root_path . $config['avatar_path'];
-	if (@rename($avatar_path . '/'. $old_filename, $avatar_path . '/' . $new_filename))
+	try
 	{
+		$this->storage->rename($old_filename, $new_filename);
+
 		$sql = 'UPDATE ' . GROUPS_TABLE . '
 			SET group_avatar = \'' . $db->sql_escape($new_entry) . "'
 			WHERE group_id = $group_id";
 		$db->sql_query($sql);
 	}
+	catch (\phpbb\storage\exception\exception $e)
+	{
+		// If rename fail, dont execute the query
+	}
 }
 
 

phpBB/includes/ucp/ucp_groups.php

@@ -434,8 +434,8 @@ class ucp_groups
 						'GROUP_DESC_DISP'		=> generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
 						'GROUP_TYPE'			=> $group_row['group_type'],
 
-						'AVATAR'				=> (empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar),
-						'AVATAR_IMAGE'			=> (empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar),
+						'AVATAR'				=> (empty($avatar) ? '<img class="avatar" src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar),
+						'AVATAR_IMAGE'			=> (empty($avatar) ? '<img class="avatar" src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar),
 						'AVATAR_WIDTH'			=> (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '',
 						'AVATAR_HEIGHT'			=> (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '',
 					));

phpBB/install/convert/convertor.php

@@ -281,7 +281,7 @@ class convertor
 				$bad_folders = array();
 
 				$local_paths = array(
-					'avatar_path'			=> path($config['avatar_path']),
+					'avatar_path'			=> path($config['storage\\avatar\\config\\path']),
 					'avatar_gallery_path'	=> path($config['avatar_gallery_path']),
 					'icons_path'			=> path($config['icons_path']),
 					'ranks_path'			=> path($config['ranks_path']),

phpBB/install/convertors/convert_phpbb20.php

@@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms);
 $convertor_data = array(
 	'forum_name'	=> 'phpBB 2.0.x',
 	'version'		=> '1.0.3',
-	'phpbb_version'	=> '3.2.3',
+	'phpbb_version'	=> '3.3.0-a1-dev',
 	'author'		=> '<a href="https://www.phpbb.com/">phpBB Limited</a>',
 	'dbms'			=> $dbms,
 	'dbhost'		=> $dbhost,
@@ -439,7 +439,6 @@ if (!$get_info)
 				array('group_name',				'extension_groups.group_name',			array('function1' => 'phpbb_set_encoding', 'function2' => 'utf8_htmlspecialchars')),
 				array('cat_id',					'extension_groups.cat_id',				'phpbb_attachment_category'),
 				array('allow_group',			'extension_groups.allow_group',			''),
-				array('download_mode',			1,										''),
 				array('upload_icon',			'',										''),
 				array('max_filesize',			'extension_groups.max_filesize',		''),
 				array('allowed_forums',			'extension_groups.forum_permissions',	'phpbb_attachment_forum_perms'),

phpBB/install/phpbbcli.php

@@ -23,7 +23,7 @@ if (php_sapi_name() !== 'cli')
 define('IN_PHPBB', true);
 define('IN_INSTALL', true);
 define('PHPBB_ENVIRONMENT', 'production');
-define('PHPBB_VERSION', '3.2.3-RC1');
+define('PHPBB_VERSION', '3.3.0-a1-dev');
 $phpbb_root_path = __DIR__ . '/../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 

phpBB/install/schemas/schema_data.sql

@@ -55,7 +55,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_height'
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_min_height', '20');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_min_width', '20');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_path', 'images/avatars/upload');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_salt', 'phpbb_avatar');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_contact', 'contact@yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_contact_name', '');
@@ -278,11 +277,20 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('teampage_forums',
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page', '25');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.2.4-dev');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.3.0-a1-dev');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_repositories', '[]');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_packagist', '1');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_json_file', 'composer-ext.json');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_vendor_dir', 'vendor-ext/');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_enable_on_install', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('exts_composer_purge_on_remove', '1');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('storage\attachment\provider', 'phpbb\storage\provider\local');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('storage\attachment\config\path', 'files');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('storage\avatar\provider', 'phpbb\storage\provider\local');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('storage\avatar\config\path', 'images/avatars/upload');
 
 INSERT INTO phpbb_config (config_name, config_value, is_dynamic) VALUES ('cache_last_gc', '0', 1);
 INSERT INTO phpbb_config (config_name, config_value, is_dynamic) VALUES ('cron_lock', '0', 1);
@@ -402,6 +410,7 @@ INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_reasons', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_roles', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_search', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_server', 1);
+INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_storage', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_styles', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_switchperm', 1);
 INSERT INTO phpbb_acl_options (auth_option, is_global) VALUES ('a_uauth', 1);
@@ -721,12 +730,12 @@ INSERT INTO phpbb_reports_reasons (reason_title, reason_description, reason_orde
 INSERT INTO phpbb_reports_reasons (reason_title, reason_description, reason_order) VALUES ('other', '{L_REPORT_OTHER}', 4);
 
 # -- extension_groups
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('IMAGES', 1, 1, 1, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('ARCHIVES', 0, 1, 1, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('PLAIN_TEXT', 0, 0, 1, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('DOCUMENTS', 0, 0, 1, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('FLASH_FILES', 5, 0, 1, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('DOWNLOADABLE_FILES', 0, 0, 1, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('IMAGES', 1, 1, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('ARCHIVES', 0, 1, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('PLAIN_TEXT', 0, 0, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('DOCUMENTS', 0, 0, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('FLASH_FILES', 5, 0, '', 0, '');
+INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('DOWNLOADABLE_FILES', 0, 0, '', 0, '');
 
 # -- extensions
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (1, 'gif');

phpBB/install/startup.php

@@ -120,6 +120,7 @@ $phpbb_adm_relative_path = (isset($phpbb_adm_relative_path)) ? $phpbb_adm_relati
 $phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : $phpbb_root_path . $phpbb_adm_relative_path;
 
 // Include files
+phpbb_require_updated('includes/compatibility_globals.' . $phpEx, $phpbb_root_path);
 phpbb_require_updated('includes/functions.' . $phpEx, $phpbb_root_path);
 phpbb_require_updated('includes/functions_content.' . $phpEx, $phpbb_root_path);
 phpbb_include_updated('includes/functions_compatibility.' . $phpEx, $phpbb_root_path);

phpBB/language/en/acp/common.php

@@ -88,6 +88,11 @@ $lang = array_merge($lang, array(
 	'ACP_EXTENSION_GROUPS'		=> 'Manage attachment extension groups',
 	'ACP_EXTENSION_MANAGEMENT'	=> 'Extension management',
 	'ACP_EXTENSIONS'			=> 'Manage extensions',
+	'ACP_EXTENSIONS_CATALOG'	=> 'Extensions catalog',
+	'ACP_EXTENSIONS_INSTALL'	=> 'Install extensions',
+	'ACP_EXTENSIONS_REMOVE'		=> 'Remove extensions',
+	'ACP_EXTENSIONS_UPDATE'		=> 'Update extensions',
+	'ACP_EXTENSIONS_MANAGE'		=> 'Manage extension automatically',
 
 	'ACP_FORUM_BASED_PERMISSIONS'	=> 'Forum based permissions',
 	'ACP_FORUM_LOGS'				=> 'Forum logs',
@@ -173,6 +178,9 @@ $lang = array_merge($lang, array(
 	'ACP_SERVER_SETTINGS'		=> 'Server settings',
 	'ACP_SIGNATURE_SETTINGS'	=> 'Signature settings',
 	'ACP_SMILIES'				=> 'Smilies',
+
+	'ACP_STORAGE_SETTINGS'		=> 'Storage settings',
+
 	'ACP_STYLE_MANAGEMENT'		=> 'Style management',
 	'ACP_STYLES'				=> 'Styles',
 	'ACP_STYLES_CACHE'			=> 'Purge Cache',
@@ -240,6 +248,17 @@ $lang = array_merge($lang, array(
 	'EXCEPTION' => 'Exception',
 
 	'COLOUR_SWATCH'			=> 'Web-safe colour swatch',
+
+	'COMPOSER_UNSUPPORTED_OPERATION'	=> 'Operation unsupported for the package type “%s”.',
+	'COMPOSER_UPDATING_DEPENDENCIES'	=> 'Updating packages',
+	'COMPOSER_LOADING_REPOSITORIES'		=> 'Loading remote repositories with package information',
+	'COMPOSER_ERROR_CONFLICT'			=> 'Your requirements could not be resolved to an installable set of packages.',
+	'COMPOSER_REPOSITORY_UNAVAILABLE'	=> 'An error occurred while fetching the repository %s.',
+	'COMPOSER_INSTALLING_PACKAGE'		=> '  - Installing %1$s (%2$s)',
+	'COMPOSER_DELETING'					=> '  - Deleting %s',
+	'COMPOSER_UPDATE_NOTHING'			=> 'Nothing to update',
+	'COMPOSER_OUTPUT'					=> 'Composer output',
+
 	'CONFIG_UPDATED'		=> 'Configuration updated successfully.',
 	'CRON_LOCK_ERROR'		=> 'Could not obtain cron lock.',
 	'CRON_NO_SUCH_TASK'		=> 'Could not find cron task “%s”.',
@@ -372,7 +391,7 @@ $lang = array_merge($lang, array(
 	'DATABASE_SERVER_INFO'	=> 'Database server',
 	'DATABASE_SIZE'			=> 'Database size',
 
-	// Enviroment configuration checks, mbstring related
+	// Environment configuration checks, mbstring related
 	'ERROR_MBSTRING_FUNC_OVERLOAD'					=> 'Function overloading is improperly configured',
 	'ERROR_MBSTRING_FUNC_OVERLOAD_EXPLAIN'			=> '<var>mbstring.func_overload</var> must be set to either 0 or 4. You can check the current value on the <samp>PHP information</samp> page.',
 	'ERROR_MBSTRING_ENCODING_TRANSLATION'			=> 'Transparent character encoding is improperly configured',

phpBB/language/en/acp/extensions.php

@@ -35,6 +35,22 @@ if (empty($lang) || !is_array($lang))
 // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
 
 $lang = array_merge($lang, array(
+
+	'EXTENSION_ALREADY_INSTALLED'				=> 'The “%s” extension has already been installed.',
+	'EXTENSION_ALREADY_INSTALLED_MANUALLY'		=> 'The “%s” extension has already been installed manually.',
+	'EXTENSION_ALREADY_MANAGED'					=> 'The “%s” extension is already managed.',
+	'EXTENSION_CANNOT_MANAGE_FILESYSTEM_ERROR'	=> 'The “%s” extension cannot be managed because the existing files could not be removed from the filesystem.',
+	'EXTENSION_CANNOT_MANAGE_INSTALL_ERROR'		=> 'The “%s” extension could not be installed. The prior installation of this extension has been restored.',
+	'EXTENSION_MANAGED_WITH_CLEAN_ERROR'		=> 'The “%1$s” extension has been installed but an error occurred and the old files could not be removed. You might want to delete the “%2$s” files manually.',
+	'EXTENSION_MANAGED_WITH_ENABLE_ERROR'		=> 'The “%s” extension has been installed but an error occurred while enabling it.',
+	'EXTENSION_NOT_INSTALLED'					=> 'The “%s” extension is not installed.',
+
+	'ENABLING_EXTENSIONS'	=> 'Enabling extensions',
+	'DISABLING_EXTENSIONS'	=> 'Disabling extensions',
+
+	'EXTENSIONS_CATALOG'			=> 'Extensions Catalog',
+	'EXTENSIONS_CATALOG_EXPLAIN'	=> 'Here you can browse all of the extensions available for your phpBB board. Extensions can easily be installed or removed with just a click. Adjust the settings to allow instant enabling and purging of extensions.',
+
 	'EXTENSION'					=> 'Extension',
 	'EXTENSIONS'				=> 'Extensions',
 	'EXTENSIONS_ADMIN'			=> 'Extensions Manager',
@@ -43,7 +59,6 @@ $lang = array_merge($lang, array(
 	'EXTENSION_NOT_AVAILABLE'	=> 'The selected extension is not available for this board, please verify your phpBB and PHP versions are allowed (see the details page).',
 	'EXTENSION_DIR_INVALID'		=> 'The selected extension has an invalid directory structure and cannot be enabled.',
 	'EXTENSION_NOT_ENABLEABLE'	=> 'The selected extension cannot be enabled, please verify the extension’s requirements.',
-	'EXTENSION_NOT_INSTALLED'	=> 'The extension %s is not available. Please check that you have installed it correctly.',
 
 	'DETAILS'				=> 'Details',
 
@@ -53,6 +68,8 @@ $lang = array_merge($lang, array(
 	'EXTENSION_DELETE_DATA'	=> 'Delete data',
 	'EXTENSION_DISABLE'		=> 'Disable',
 	'EXTENSION_ENABLE'		=> 'Enable',
+	'EXTENSION_UPDATE'		=> 'Update',
+	'EXTENSION_REMOVE'		=> 'Remove',
 
 	'EXTENSION_DELETE_DATA_EXPLAIN'	=> 'Deleting an extension’s data removes all of its data and settings. The extension files are retained so it can be enabled again.',
 	'EXTENSION_DISABLE_EXPLAIN'		=> 'Disabling an extension retains its files, data and settings but removes any functionality added by the extension.',
@@ -94,6 +111,9 @@ $lang = array_merge($lang, array(
 	'EXTENSION_ENABLE_CONFIRM'		=> 'Are you sure that you wish to enable the “%s” extension?',
 	'EXTENSION_FORCE_UNSTABLE_CONFIRM'	=> 'Are you sure that you wish to force the use of unstable version?',
 
+	'INSTALLED'				=> 'Installed',
+	'INSTALLED_MANUALLY'	=> 'Installed manually',
+
 	'RETURN_TO_EXTENSION_LIST'	=> 'Return to the extension list',
 
 	'EXT_DETAILS'			=> 'Extension Details',
@@ -130,4 +150,32 @@ $lang = array_merge($lang, array(
 
 	'META_FIELD_NOT_SET'	=> 'Required meta field %s has not been set.',
 	'META_FIELD_INVALID'	=> 'Meta field %s is invalid.',
+
+	'EXTENSIONS_CATALOG_SETTINGS'	=> 'Extensions catalog settings',
+	'ENABLE_ON_INSTALL'				=> 'Enable extensions while installing',
+	'PURGE_ON_REMOVE'				=> 'Purge extensions while removing',
+	'ENABLE_PACKAGIST'				=> 'Search packagist',
+	'ENABLE_PACKAGIST_EXPLAIN'		=> 'Search packagist for phpBB extensions. Beware that packagist may contain extensions not validated by the phpBB Extension Customisations Team.',
+	'ENABLE_PACKAGIST_CONFIRM'		=> 'Are you sure you want to search packagist?',
+	'COMPOSER_REPOSITORIES'			=> 'Repositories',
+	'COMPOSER_REPOSITORIES_EXPLAIN'	=> 'Add URLs to Composer repositories of phpBB extensions to search here, one per line (must be the base url of the packages.json file).',
+	'NO_EXTENSION_AVAILABLE'		=> 'There are no extension available for your board',
+
+	'EXTENSION_MANAGED_SUCCESS'		=> 'The extension %s is now being managed automatically.',
+	'EXTENSIONS_INSTALLED'			=> 'Extensions successfully installed.',
+	'EXTENSIONS_REMOVED'			=> 'Extensions successfully removed.',
+	'EXTENSIONS_UPDATED'			=> 'Extensions successfully updated.',
+
+	'EXTENSIONS_CATALOG_NOT_AVAILABLE'	=> 'The extensions catalog is not available',
+	'EXTENSIONS_COMPOSER_NOT_WRITABLE'	=> 'In order to use the catalog, the following files and directories must be writable: ext/ vendor-ext/ composer-ext.json and composer-ext.lock',
+
+	'STABILITY_STABLE'	=> 'stable',
+	'STABILITY_RC'		=> 'RC',
+	'STABILITY_BETA'	=> 'beta',
+	'STABILITY_ALPHA'	=> 'alpha',
+	'STABILITY_DEV'		=> 'dev',
+
+	'COMPOSER_MINIMUM_STABILITY'			=> 'Minimum stability',
+	'COMPOSER_MINIMUM_STABILITY_EXPLAIN'	=> 'Always use <samp>stable</samp> versions on a live forum. Non-stable versions may still be in development and could cause unexpected problems with your forum and should only be used for development purposes in local or staging environments.',
+
 ));

phpBB/language/en/acp/permissions_phpbb.php

@@ -200,6 +200,7 @@ $lang = array_merge($lang, array(
 	'ACL_A_ROLES'		=> 'Can manage roles',
 	'ACL_A_SWITCHPERM'	=> 'Can use others permissions',
 
+	'ACL_A_STORAGE'		=> 'Can manage storages',
 	'ACL_A_STYLES'		=> 'Can manage styles',
 	'ACL_A_EXTENSIONS'	=> 'Can manage extensions',
 	'ACL_A_VIEWLOGS'	=> 'Can view logs',

phpBB/language/en/acp/storage.php

@@ -0,0 +1,64 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* DO NOT CHANGE
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+if (empty($lang) || !is_array($lang))
+{
+	$lang = array();
+}
+
+// DEVELOPERS PLEASE NOTE
+//
+// All language files should use UTF-8 as their encoding and the files must not contain a BOM.
+//
+// Placeholders can now contain order information, e.g. instead of
+// 'Page %s of %s' you can (and should) write 'Page %1$s of %2$s', this allows
+// translators to re-order the output of data while ensuring it remains correct
+//
+// You do not need this where single placeholders are used, e.g. 'Message %d' is fine
+// equally where a string contains only two placeholders which are used to wrap text
+// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
+
+$lang = array_merge($lang, array(
+
+	// Template
+	'STORAGE_TITLE'					=> 'Storage Settings',
+	'STORAGE_TITLE_EXPLAIN'			=> 'Change storage providers for the file storage types of phpBB. Choose local or remote providers to store files added to or created by phpBB.',
+	'STORAGE_SELECT'				=> 'Select storage',
+	'STORAGE_SELECT_DESC'			=> 'Select a storage from the list.',
+
+	// Storage names
+	'STORAGE_ATTACHMENT_TITLE'		=> 'Attachments storage',
+	'STORAGE_AVATAR_TITLE'			=> 'Avatars storage',
+	'STORAGE_BACKUP_TITLE'			=> 'Backup storage',
+
+	// Local adapter
+	'STORAGE_ADAPTER_LOCAL_NAME'			=> 'Local',
+	'STORAGE_ADAPTER_LOCAL_OPTION_PATH'		=> 'Path',
+
+	// Form validation
+	'STORAGE_UPDATE_SUCCESSFUL' 				=>	'All storage types were successfully updated.',
+	'STORAGE_NO_CHANGES'						=>	'No changes have been applied.',
+	'STORAGE_PROVIDER_NOT_EXISTS'				=>	'Provider selected for %s doesn’t exist.',
+	'STORAGE_PROVIDER_NOT_AVAILABLE'			=>	'Provider selected for %s is not available.',
+	'STORAGE_FORM_TYPE_EMAIL_INCORRECT_FORMAT'	=>	'Incorrect email for %s of %s.',
+	'STORAGE_FORM_TYPE_TEXT_TOO_LONG'			=>	'Text is too long for %s of %s.',
+	'STORAGE_FORM_TYPE_SELECT_NOT_AVAILABLE'	=>	'Selected value is not available for %s of %s.',
+));

phpBB/language/en/cli.php

@@ -164,6 +164,18 @@ $lang = array_merge($lang, array(
 		1	=> 'Re-cleaning complete. %d username was cleaned.',
 		2	=> 'Re-cleaning complete. %d usernames were cleaned.',
 	],
+
+	'CLI_DESCRIPTION_EXTENSION_MANAGE'					=> 'Manages an extension',
+	'CLI_DESCRIPTION_EXTENSION_MANAGE_ARGUMENT'			=> 'Extension to manage',
+	'CLI_DESCRIPTION_EXTENSION_INSTALL'					=> 'Install the specified extension(s).',
+	'CLI_DESCRIPTION_EXTENSION_INSTALL_OPTION_ENABLE'	=> 'Enable extension(s) after installation',
+	'CLI_DESCRIPTION_EXTENSION_INSTALL_ARGUMENT'		=> 'Extension(s) to install, e.g.: vendor/package',
+	'CLI_DESCRIPTION_EXTENSION_LIST_AVAILABLE'			=> 'List extensions available for installation.',
+	'CLI_DESCRIPTION_EXTENSION_REMOVE'					=> 'Remove the specified extension(s).',
+	'CLI_DESCRIPTION_EXTENSION_REMOVE_OPTION_PURGE'		=> 'Purge extension(s) when removing them',
+	'CLI_DESCRIPTION_EXTENSION_REMOVE_ARGUMENT'			=> 'Extension(s) to remove, e.g.: vendor/package',
+	'CLI_DESCRIPTION_EXTENSION_UPDATE'					=> 'Update the specified extension(s).',
+	'CLI_DESCRIPTION_EXTENSION_UPDATE_ARGUMENT'			=> 'Extension(s) to update, e.g.: vendor/package',
 ));
 
 // Additional help for commands.

phpBB/language/en/common.php

@@ -157,6 +157,7 @@ $lang = array_merge($lang, array(
 	'BYTES_SHORT'			=> 'B',
 
 	'CANCEL'				=> 'Cancel',
+	'CANNOT_RENAME_FILE'	=> 'Cannot rename %s',
 	'CHANGE'				=> 'Change',
 	'CHANGE_FONT_SIZE'		=> 'Change font size',
 	'CHANGING_PREFERENCES'	=> 'Changing board preferences',
@@ -372,7 +373,7 @@ $lang = array_merge($lang, array(
 	'LDAP_SEARCH_FAILED'				=> 'An error occurred while searching the LDAP directory.',
 	'LEGEND'							=> 'Legend',
 	'LIVE_SEARCHES_NOT_ALLOWED'			=> 'Live searches are not allowed.',
-	'LOADING'							=> 'Loading',
+	'LOADING'							=> 'Loading...',
 	'LOCATION'							=> 'Location',
 	'LOCK_POST'							=> 'Lock post',
 	'LOCK_POST_EXPLAIN'					=> 'Prevent editing',
@@ -484,7 +485,7 @@ $lang = array_merge($lang, array(
 	'NOTIFICATION_TOPIC_IN_QUEUE'		=> '<strong>Topic approval</strong> request by %1$s:',
 	'NOTIFICATION_TYPE_NOT_EXIST'		=> 'The notification type "%s" is missing from the file system.',
 	'NOTIFICATION_ADMIN_ACTIVATE_USER'	=> '<strong>Activation required</strong> for deactivated or newly registered user: “%1$s”',
-	// Used in conjuction with NOTIFICATION_BOOKMARK and NOTIFICATION_POST.
+	// Used in conjunction with NOTIFICATION_BOOKMARK and NOTIFICATION_POST.
 	'NOTIFICATION_MANY_OTHERS'			=> 'others',
 	'NOTIFICATION_X_OTHERS'				=> array(
 		2	=> '%d others',
@@ -731,6 +732,19 @@ $lang = array_merge($lang, array(
 	'SUBJECT'					=> 'Subject',
 	'SUBMIT'					=> 'Submit',
 
+	'STORAGE_ADAPTER_NOT_AVAILABLE'	=> 'Selected storage is not available.',
+	'STORAGE_FILE_EXISTS'			=> 'File already exists.',
+	'STORAGE_FILE_NO_EXIST'			=> 'File does not exist.',
+	'STORAGE_CANNOT_WRITE_FILE'		=> 'Can not write to file.',
+	'STORAGE_CANNOT_READ_FILE'		=> 'Can not read file.',
+	'STORAGE_CANNOT_DELETE'			=> 'Can not delete file or folder.',
+	'STORAGE_CANNOT_RENAME'			=> 'Can not rename file or folder.',
+	'STORAGE_CANNOT_COPY'			=> 'Can not copy file or folder.',
+	'STORAGE_CANNOT_COPY_RESOURCE'	=> 'Can not copy resource.',
+	'STORAGE_CANNOT_CREATE_DIR'		=> 'Can not create directory.',
+	'STORAGE_CANNOT_OPEN_FILE'		=> 'Can not open file.',
+	'STORAGE_CANNOT_CREATE_FILE'	=> 'Can not create file.',
+
 	'TB'				=> 'TB',
 	'TERMS_USE'			=> 'Terms of use',
 	'TEST_CONNECTION'	=> 'Test connection',

phpBB/language/en/install.php

@@ -220,7 +220,7 @@ $lang = array_merge($lang, array(
 	'UPDATE_INCOMPLETE_MORE'		=> 'Please read the information below in order to fix this error.',
 	'UPDATE_INCOMPLETE_EXPLAIN'		=> '<h1>Incomplete update</h1>
 
-		<p>We noticed that the last update of your phpBB installation hasn’t been completed. Visit the <a href="%1$s" title="%1$s">database updater</a>, ensure <em>Update database only</em> is selected and click on <strong>Submit</strong>. Don\'t forget to delete the "install"-directory after you have updated the database sucessfully.</p>',
+		<p>We noticed that the last update of your phpBB installation hasn’t been completed. Visit the <a href="%1$s" title="%1$s">database updater</a>, ensure <em>Update database only</em> is selected and click on <strong>Submit</strong>. Don\'t forget to delete the "install"-directory after you have updated the database successfully.</p>',
 
 	//
 	// Server data
@@ -565,7 +565,7 @@ $lang = array_merge($lang, array(
 
 	// Finish conversion
 	'CONVERT_COMPLETE'			=> 'Conversion completed',
-	'CONVERT_COMPLETE_EXPLAIN'	=> 'You have now successfully converted your board to phpBB 3.2. You can now login and <a href="../">access your board</a>. Please ensure that the settings were transferred correctly before enabling your board by deleting the install directory. Remember that help on using phpBB is available online via the <a href="https://www.phpbb.com/support/docs/en/3.2/ug/">Documentation</a> and the <a href="https://www.phpbb.com/community/viewforum.php?f=466">support forums</a>.',
+	'CONVERT_COMPLETE_EXPLAIN'	=> 'You have now successfully converted your board to phpBB 3.3. You can now login and <a href="../">access your board</a>. Please ensure that the settings were transferred correctly before enabling your board by deleting the install directory. Remember that help on using phpBB is available online via the <a href="https://www.phpbb.com/support/docs/en/3.3/ug/">Documentation</a> and the <a href="https://www.phpbb.com/community/viewforum.php?f=466">support forums</a>.',
 
 	'CONV_ERROR_ATTACH_FTP_DIR'			=> 'FTP upload for attachments is enabled at the old board. Please disable the FTP upload option and make sure a valid upload directory is specified, then copy all attachment files to this new web accessible directory. Once you have done this, restart the convertor.',
 	'CONV_ERROR_CONFIG_EMPTY'			=> 'There is no configuration information available for the conversion.',

phpBB/mcp.php

@@ -308,6 +308,11 @@ $vars = array(
 );
 extract($phpbb_dispatcher->trigger_event('core.modify_mcp_modules_display_option', compact($vars)));
 
+$template->assign_block_vars('navlinks', array(
+	'FORUM_NAME'	=> $user->lang('MCP'),
+	'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}mcp.$phpEx"),
+));
+
 // Load and execute the relevant module
 $module->load_active();
 

phpBB/memberlist.php

@@ -364,6 +364,11 @@ switch ($mode)
 			}
 		}
 
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $page_title,
+			'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=team"),
+		));
+
 		$template->assign_vars(array(
 			'PM_IMG'		=> $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']))
 		);
@@ -461,6 +466,11 @@ switch ($mode)
 			break;
 		}
 
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $page_title,
+			'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&action=$action&u=$user_id"),
+		));
+
 		// Send vars to the template
 		$template->assign_vars(array(
 			'IM_CONTACT'	=> $row[$sql_field],
@@ -788,6 +798,15 @@ switch ($mode)
 		$page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']);
 		$template_html = 'memberlist_view.html';
 
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $user->lang('MEMBERLIST'),
+			'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx"),
+		));
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $member['username'],
+			'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=viewprofile&u=$user_id"),
+		));
+
 	break;
 
 	case 'contactadmin':
@@ -837,6 +856,41 @@ switch ($mode)
 		$template_html = $form->get_template_file();
 		$form->render($template);
 
+		if ($user_id)
+		{
+			$navlink_name = $user->lang('SEND_EMAIL');
+			$navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id");
+		}
+		else if ($topic_id)
+		{
+			$sql = 'SELECT f.parent_id, f.forum_parents, f.left_id, f.right_id, f.forum_type, f.forum_name, f.forum_id, f.forum_desc, f.forum_desc_uid, f.forum_desc_bitfield, f.forum_desc_options, f.forum_options, t.topic_title
+					FROM ' . FORUMS_TABLE . ' as f,
+						' . TOPICS_TABLE . ' as t
+					WHERE t.forum_id = f.forum_id';
+			$result = $db->sql_query($sql);
+			$topic_data = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			generate_forum_nav($topic_data);
+			$template->assign_block_vars('navlinks', array(
+				'FORUM_NAME'	=> $topic_data['topic_title'],
+				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id"),
+			));
+
+			$navlink_name = $user->lang('EMAIL_TOPIC');
+			$navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&t=$topic_id");
+		}
+		else if ($mode === 'contactadmin')
+		{
+			$navlink_name = $user->lang('CONTACT_ADMIN');
+			$navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contactadmin");
+		}
+
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $navlink_name,
+			'U_VIEW_FORUM'	=> $navlink_url,
+		));
+
 	break;
 
 	case 'livesearch':
@@ -874,6 +928,11 @@ switch ($mode)
 		$page_title = $user->lang['MEMBERLIST'];
 		$template_html = 'memberlist_body.html';
 
+		$template->assign_block_vars('navlinks', array(
+			'FORUM_NAME'	=> $page_title,
+			'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx"),
+		));
+
 		/* @var $pagination \phpbb\pagination */
 		$pagination = $phpbb_container->get('pagination');
 
@@ -1179,6 +1238,11 @@ switch ($mode)
 				unset($module);
 			}
 
+			$template->assign_block_vars('navlinks', array(
+				'FORUM_NAME'	=> $group_helper->get_name($group_row['group_name']),
+				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=group&g=$group_id"),
+			));
+
 			$template->assign_vars(array(
 				'GROUP_DESC'	=> generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
 				'GROUP_NAME'	=> $group_helper->get_name($group_row['group_name']),

phpBB/phpbb/attachment/delete.php

@@ -16,7 +16,7 @@ namespace phpbb\attachment;
 use \phpbb\config\config;
 use \phpbb\db\driver\driver_interface;
 use \phpbb\event\dispatcher;
-use \phpbb\filesystem\filesystem;
+use \phpbb\storage\storage;
 
 /**
  * Attachment delete class
@@ -32,14 +32,11 @@ class delete
 	/** @var dispatcher */
 	protected $dispatcher;
 
-	/** @var filesystem  */
-	protected $filesystem;
-
 	/** @var resync */
 	protected $resync;
 
-	/** @var string phpBB root path */
-	protected $phpbb_root_path;
+	/** @var storage */
+	protected $storage;
 
 	/** @var array Attachement IDs */
 	protected $ids;
@@ -71,18 +68,16 @@ class delete
 	 * @param config $config
 	 * @param driver_interface $db
 	 * @param dispatcher $dispatcher
-	 * @param filesystem $filesystem
 	 * @param resync $resync
-	 * @param string $phpbb_root_path
+	 * @param storage $storage
 	 */
-	public function __construct(config $config, driver_interface $db, dispatcher $dispatcher, filesystem $filesystem, resync $resync, $phpbb_root_path)
+	public function __construct(config $config, driver_interface $db, dispatcher $dispatcher, resync $resync, storage $storage)
 	{
 		$this->config = $config;
 		$this->db = $db;
 		$this->dispatcher = $dispatcher;
-		$this->filesystem = $filesystem;
 		$this->resync = $resync;
-		$this->phpbb_root_path = $phpbb_root_path;
+		$this->storage = $storage;
 	}
 
 	/**
@@ -161,8 +156,8 @@ class delete
 			return 0;
 		}
 
-		// Delete attachments from filesystem
-		$this->remove_from_filesystem();
+		// Delete attachments from storage
+		$this->remove_from_storage();
 
 		// If we do not resync, we do not need to adjust any message, post, topic or user entries
 		if (!$resync)
@@ -327,9 +322,9 @@ class delete
 	}
 
 	/**
-	 * Delete attachments from filesystem
+	 * Delete attachments from storage
 	 */
-	protected function remove_from_filesystem()
+	protected function remove_from_storage()
 	{
 		$space_removed = $files_removed = 0;
 
@@ -388,7 +383,7 @@ class delete
 	}
 
 	/**
-	 * Delete attachment from filesystem
+	 * Delete attachment from storage
 	 *
 	 * @param string $filename Filename of attachment
 	 * @param string $mode Delete mode
@@ -412,17 +407,16 @@ class delete
 		}
 
 		$filename = ($mode == 'thumbnail') ? 'thumb_' . utf8_basename($filename) : utf8_basename($filename);
-		$filepath = $this->phpbb_root_path . $this->config['upload_path'] . '/' . $filename;
 
 		try
 		{
-			if ($this->filesystem->exists($filepath))
+			if ($this->storage->exists($filename))
 			{
-				$this->filesystem->remove($this->phpbb_root_path . $this->config['upload_path'] . '/' . $filename);
+				$this->storage->delete($filename);
 				return true;
 			}
 		}
-		catch (\phpbb\filesystem\exception\filesystem_exception $exception)
+		catch (\phpbb\storage\exception\exception $exception)
 		{
 			// Fail is covered by return statement below
 		}

phpBB/phpbb/attachment/upload.php

@@ -20,6 +20,7 @@ use \phpbb\event\dispatcher;
 use \phpbb\language\language;
 use \phpbb\mimetype\guesser;
 use \phpbb\plupload\plupload;
+use \phpbb\storage\storage;
 use \phpbb\user;
 
 /**
@@ -51,6 +52,9 @@ class upload
 	/** @var plupload Plupload */
 	protected $plupload;
 
+	/** @var storage */
+	protected $storage;
+
 	/** @var user */
 	protected $user;
 
@@ -77,9 +81,8 @@ class upload
 	 * @param dispatcher $phpbb_dispatcher
 	 * @param plupload $plupload
 	 * @param user $user
-	 * @param $phpbb_root_path
 	 */
-	public function __construct(auth $auth, service $cache, config $config, \phpbb\files\upload $files_upload, language $language, guesser $mimetype_guesser, dispatcher $phpbb_dispatcher, plupload $plupload, user $user, $phpbb_root_path)
+	public function __construct(auth $auth, service $cache, config $config, \phpbb\files\upload $files_upload, language $language, guesser $mimetype_guesser, dispatcher $phpbb_dispatcher, plupload $plupload, storage $storage, user $user)
 	{
 		$this->auth = $auth;
 		$this->cache = $cache;
@@ -89,8 +92,8 @@ class upload
 		$this->mimetype_guesser = $mimetype_guesser;
 		$this->phpbb_dispatcher = $phpbb_dispatcher;
 		$this->plupload = $plupload;
+		$this->storage = $storage;
 		$this->user = $user;
-		$this->phpbb_root_path = $phpbb_root_path;
 	}
 
 	/**
@@ -118,7 +121,7 @@ class upload
 			return $this->file_data;
 		}
 
-		$this->file = ($local) ? $this->files_upload->handle_upload('files.types.local', $local_storage, $local_filedata) : $this->files_upload->handle_upload('files.types.form', $form_name);
+		$this->file = ($local) ? $this->files_upload->handle_upload('files.types.local_storage', $local_storage, $local_filedata) : $this->files_upload->handle_upload('files.types.form_storage', $form_name);
 
 		if ($this->file->init_error())
 		{
@@ -152,10 +155,6 @@ class upload
 
 		$this->file->clean_filename('unique', $this->user->data['user_id'] . '_');
 
-		// Are we uploading an image *and* this image being within the image category?
-		// Only then perform additional image checks.
-		$this->file->move_file($this->config['upload_path'], false, !$is_image);
-
 		// Do we have to create a thumbnail?
 		$this->file_data['thumbnail'] = ($is_image && $this->config['img_create_thumbnail']) ? 1 : 0;
 
@@ -164,7 +163,7 @@ class upload
 
 		if (count($this->file->error))
 		{
-			$this->file->remove();
+			$this->file->remove($this->storage);
 			$this->file_data['error'] = array_merge($this->file_data['error'], $this->file->error);
 			$this->file_data['post_attach'] = false;
 
@@ -200,6 +199,27 @@ class upload
 		// Create Thumbnail
 		$this->create_thumbnail();
 
+		// Are we uploading an image *and* this image being within the image category?
+		// Only then perform additional image checks.
+		$this->file->move_file($this->storage, false, !$is_image);
+
+		if (count($this->file->error))
+		{
+			$this->file->remove($this->storage);
+
+			// Remove thumbnail if exists
+			$thumbnail_file = 'thumb_' . $this->file->get('realname');
+			if ($this->storage->exists($thumbnail_file))
+			{
+				$this->storage->delete($thumbnail_file);
+			}
+
+			$this->file_data['error'] = array_merge($this->file_data['error'], $this->file->error);
+			$this->file_data['post_attach'] = false;
+
+			return $this->file_data;
+		}
+
 		return $this->file_data;
 	}
 
@@ -212,10 +232,18 @@ class upload
 	{
 		if ($this->file_data['thumbnail'])
 		{
-			$source = $this->file->get('destination_file');
-			$destination = $this->file->get('destination_path') . '/thumb_' . $this->file->get('realname');
+			$source = $this->file->get('filename');
+			$destination_name = 'thumb_' . $this->file->get('realname');
+			$destination = sys_get_temp_dir() . '/' . $destination_name;
 
-			if (!create_thumbnail($source, $destination, $this->file->get('mimetype')))
+			if (create_thumbnail($source, $destination, $this->file->get('mimetype')))
+			{
+				// Move the thumbnail from temp folder to the storage
+				$fp = fopen($destination, 'rb');
+				$this->storage->write_stream($destination_name, $fp);
+				fclose($fp);
+			}
+			else
 			{
 				$this->file_data['thumbnail'] = 0;
 			}
@@ -253,7 +281,7 @@ class upload
 		// Make sure the image category only holds valid images...
 		if ($is_image && !$this->file->is_image())
 		{
-			$this->file->remove();
+			$this->file->remove($this->storage);
 
 			if ($this->plupload && $this->plupload->is_active())
 			{
@@ -280,7 +308,7 @@ class upload
 				$this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED');
 				$this->file_data['post_attach'] = false;
 
-				$this->file->remove();
+				$this->file->remove($this->storage);
 
 				return false;
 			}
@@ -296,26 +324,6 @@ class upload
 	 */
 	protected function check_disk_space()
 	{
-		if ($free_space = @disk_free_space($this->phpbb_root_path . $this->config['upload_path']))
-		{
-			if ($free_space <= $this->file->get('filesize'))
-			{
-				if ($this->auth->acl_get('a_'))
-				{
-					$this->file_data['error'][] = $this->language->lang('ATTACH_DISK_FULL');
-				}
-				else
-				{
-					$this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED');
-				}
-				$this->file_data['post_attach'] = false;
-
-				$this->file->remove();
-
-				return false;
-			}
-		}
-
 		return true;
 	}
 

phpBB/phpbb/auth/provider/oauth/oauth.php

@@ -274,7 +274,7 @@ class oauth extends \phpbb\auth\provider\base
 			$storage->set_user_id($row['user_id']);
 
 			/**
-			* Event is triggered after user is successfuly logged in via OAuth.
+			* Event is triggered after user is successfully logged in via OAuth.
 			*
 			* @event core.auth_oauth_login_after
 			* @var    array    row    User row

phpBB/phpbb/avatar/driver/gravatar.php

@@ -40,7 +40,7 @@ class gravatar extends \phpbb\avatar\driver\driver
 	*/
 	public function get_custom_html($user, $row, $alt = '')
 	{
-		return '<img src="' . $this->get_gravatar_url($row) . '" ' .
+		return '<img class="gravatar" src="' . $this->get_gravatar_url($row) . '" ' .
 			($row['avatar_width'] ? ('width="' . $row['avatar_width'] . '" ') : '') .
 			($row['avatar_height'] ? ('height="' . $row['avatar_height'] . '" ') : '') .
 			'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />';

phpBB/phpbb/avatar/driver/upload.php

@@ -13,15 +13,18 @@
 
 namespace phpbb\avatar\driver;
 
+use bantu\IniGetWrapper\IniGetWrapper;
+use \phpbb\storage\exception\exception as storage_exception;
+
 /**
 * Handles avatars uploaded to the board
 */
 class upload extends \phpbb\avatar\driver\driver
 {
 	/**
-	 * @var \phpbb\filesystem\filesystem_interface
+	 * @var \phpbb\storage\storage
 	 */
-	protected $filesystem;
+	protected $storage;
 
 	/**
 	* @var \phpbb\event\dispatcher_interface
@@ -33,28 +36,33 @@ class upload extends \phpbb\avatar\driver\driver
 	 */
 	protected $files_factory;
 
+	/**
+	 * @var IniGetWrapper
+	 */
+	protected $php_ini;
+
 	/**
 	* Construct a driver object
 	*
 	* @param \phpbb\config\config $config phpBB configuration
 	* @param string $phpbb_root_path Path to the phpBB root
 	* @param string $php_ext PHP file extension
-	* @param \phpbb\filesystem\filesystem_interface $filesystem phpBB filesystem helper
+	* @param \phpbb\storage\storage phpBB avatar storage
 	* @param \phpbb\path_helper $path_helper phpBB path helper
 	* @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object
 	* @param \phpbb\files\factory $files_factory File classes factory
-	* @param \phpbb\cache\driver\driver_interface $cache Cache driver
+	* @param IniGetWrapper		$php_ini	ini_get() wrapper
 	*/
-	public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\filesystem\filesystem_interface $filesystem, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, \phpbb\cache\driver\driver_interface $cache = null)
+	public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\storage\storage $storage, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, IniGetWrapper $php_ini)
 	{
 		$this->config = $config;
 		$this->phpbb_root_path = $phpbb_root_path;
 		$this->php_ext = $php_ext;
-		$this->filesystem = $filesystem;
+		$this->storage = $storage;
 		$this->path_helper = $path_helper;
 		$this->dispatcher = $dispatcher;
 		$this->files_factory = $files_factory;
-		$this->cache = $cache;
+		$this->php_ini = $php_ini;
 	}
 
 	/**
@@ -116,7 +124,7 @@ class upload extends \phpbb\avatar\driver\driver
 
 		if (!empty($upload_file['name']))
 		{
-			$file = $upload->handle_upload('files.types.form', 'avatar_upload_file');
+			$file = $upload->handle_upload('files.types.form_storage', 'avatar_upload_file');
 		}
 		else if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url))
 		{
@@ -156,7 +164,7 @@ class upload extends \phpbb\avatar\driver\driver
 				return false;
 			}
 
-			$file = $upload->handle_upload('files.types.remote', $url);
+			$file = $upload->handle_upload('files.types.remote_storage', $url);
 		}
 		else
 		{
@@ -169,26 +177,11 @@ class upload extends \phpbb\avatar\driver\driver
 		// If there was an error during upload, then abort operation
 		if (count($file->error))
 		{
-			$file->remove();
+			$file->remove($this->storage);
 			$error = $file->error;
 			return false;
 		}
 
-		// Calculate new destination
-		$destination = $this->config['avatar_path'];
-
-		// Adjust destination path (no trailing slash)
-		if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\')
-		{
-			$destination = substr($destination, 0, -1);
-		}
-
-		$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
-		if ($destination && ($destination[0] == '/' || $destination[0] == "\\"))
-		{
-			$destination = '';
-		}
-
 		$filedata = array(
 			'filename'			=> $file->get('filename'),
 			'filesize'			=> $file->get('filesize'),
@@ -204,7 +197,6 @@ class upload extends \phpbb\avatar\driver\driver
 		* @event core.avatar_driver_upload_move_file_before
 		* @var	array	filedata			Array containing uploaded file data
 		* @var	\phpbb\files\filespec file	Instance of filespec class
-		* @var	string	destination			Destination directory where the file is going to be moved
 		* @var	string	prefix				Prefix for the avatar filename
 		* @var	array	row					Array with avatar row data
 		* @var	array	error				Array of errors, if filled in by this event file will not be moved
@@ -215,7 +207,6 @@ class upload extends \phpbb\avatar\driver\driver
 		$vars = array(
 			'filedata',
 			'file',
-			'destination',
 			'prefix',
 			'row',
 			'error',
@@ -227,14 +218,14 @@ class upload extends \phpbb\avatar\driver\driver
 		if (!count($error))
 		{
 			// Move file and overwrite any existing image
-			$file->move_file($destination, true);
+			$file->move_file($this->storage, true);
 		}
 
 		// If there was an error during move, then clean up leftovers
 		$error = array_merge($error, $file->error);
 		if (count($error))
 		{
-			$file->remove();
+			$file->remove($this->storage);
 			return false;
 		}
 
@@ -260,7 +251,6 @@ class upload extends \phpbb\avatar\driver\driver
 		return array(
 			'allow_avatar_remote_upload'=> array('lang' => 'ALLOW_REMOTE_UPLOAD', 'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 			'avatar_filesize'		=> array('lang' => 'MAX_FILESIZE',			'validate' => 'int:0',	'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
-			'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 		);
 	}
 
@@ -271,37 +261,35 @@ class upload extends \phpbb\avatar\driver\driver
 	{
 
 		$error = array();
-		$destination = $this->config['avatar_path'];
 		$prefix = $this->config['avatar_salt'] . '_';
 		$ext = substr(strrchr($row['avatar'], '.'), 1);
-		$filename = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $ext;
+		$filename = $prefix . $row['id'] . '.' . $ext;
 
 		/**
 		* Before deleting an existing avatar
 		*
 		* @event core.avatar_driver_upload_delete_before
-		* @var	string	destination			Destination directory where the file is going to be deleted
 		* @var	string	prefix				Prefix for the avatar filename
 		* @var	array	row					Array with avatar row data
 		* @var	array	error				Array of errors, if filled in by this event file will not be deleted
 		* @since 3.1.6-RC1
+		* @changed 3.3.0-a1					Remove destination
 		*/
 		$vars = array(
-			'destination',
 			'prefix',
 			'row',
 			'error',
 		);
 		extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars)));
 
-		if (!count($error) && $this->filesystem->exists($filename))
+		if (!count($error) && $this->storage->exists($filename))
 		{
 			try
 			{
-				$this->filesystem->remove($filename);
+				$this->storage->delete($filename);
 				return true;
 			}
-			catch (\phpbb\filesystem\exception\filesystem_exception $e)
+			catch (storage_exception $e)
 			{
 				// Fail is covered by return statement below
 			}
@@ -319,12 +307,12 @@ class upload extends \phpbb\avatar\driver\driver
 	}
 
 	/**
-	* Check if user is able to upload an avatar
+	* Check if user is able to upload an avatar to a temporary folder
 	*
 	* @return bool True if user can upload, false if not
 	*/
 	protected function can_upload()
 	{
-		return ($this->filesystem->exists($this->phpbb_root_path . $this->config['avatar_path']) && $this->filesystem->is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on'));
+		return $this->php_ini->getBool('file_uploads');
 	}
 }

phpBB/phpbb/cache/service.php

@@ -214,7 +214,6 @@ class service
 
 				$extensions[$extension] = array(
 					'display_cat'	=> (int) $row['cat_id'],
-					'download_mode'	=> (int) $row['download_mode'],
 					'upload_icon'	=> trim($row['upload_icon']),
 					'max_filesize'	=> (int) $row['max_filesize'],
 					'allow_group'	=> $row['allow_group'],

phpBB/phpbb/class_loader.php

@@ -64,7 +64,7 @@ class class_loader
 
 	/**
 	* Provide the class loader with a cache to store paths. If set to null, the
-	* the class loader will resolve paths by checking for the existance of every
+	* the class loader will resolve paths by checking for the existence of every
 	* directory in the class name every time.
 	*
 	* @param \phpbb\cache\driver\driver_interface $cache An implementation of the phpBB cache interface.

phpBB/phpbb/composer/exception/managed_with_clean_error_exception_exception.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer\exception;
+
+/**
+ * Packaged managed with success but error occurred when cleaning the filesystem
+ */
+class managed_with_clean_error_exception extends managed_with_error_exception
+{
+	/**
+	 * Constructor
+	 *
+	 * @param string		$prefix		The language string prefix
+	 * @param string		$message	The Exception message to throw (must be a language variable).
+	 * @param array			$parameters	The parameters to use with the language var.
+	 * @param \Exception	$previous	The previous runtime_exception used for the runtime_exception chaining.
+	 * @param integer		$code		The Exception code.
+	 */
+	public function __construct($prefix, $message = '', array $parameters = [], \Exception $previous = null, $code = 0)
+	{
+		parent::__construct($prefix . $message, $parameters, $previous, $code);
+	}
+
+}

phpBB/phpbb/composer/exception/managed_with_enable_error_exception.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer\exception;
+
+/**
+ * Packaged managed with success but error occurred when re-enabling the extension
+ */
+class managed_with_enable_error_exception extends managed_with_error_exception
+{
+	/**
+	 * Constructor
+	 *
+	 * @param string		$prefix		The language string prefix
+	 * @param string		$message	The Exception message to throw (must be a language variable).
+	 * @param array			$parameters	The parameters to use with the language var.
+	 * @param \Exception	$previous	The previous runtime_exception used for the runtime_exception chaining.
+	 * @param integer		$code		The Exception code.
+	 */
+	public function __construct($prefix, $message = '', array $parameters = [], \Exception $previous = null, $code = 0)
+	{
+		parent::__construct($prefix . $message, $parameters, $previous, $code);
+	}
+
+}

phpBB/phpbb/composer/exception/managed_with_error_exception.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer\exception;
+
+/**
+ * Packaged managed with success but errored at some point
+ */
+class managed_with_error_exception extends runtime_exception
+{
+	/**
+	 * Constructor
+	 *
+	 * @param string		$prefix		The language string prefix
+	 * @param string		$message	The Exception message to throw (must be a language variable).
+	 * @param array			$parameters	The parameters to use with the language var.
+	 * @param \Exception	$previous	The previous runtime_exception used for the runtime_exception chaining.
+	 * @param integer		$code		The Exception code.
+	 */
+	public function __construct($prefix, $message = '', array $parameters = [], \Exception $previous = null, $code = 0)
+	{
+		parent::__construct($prefix . $message, $parameters, $previous, $code);
+	}
+
+}

phpBB/phpbb/composer/exception/runtime_exception.php

@@ -0,0 +1,37 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer\exception;
+
+use phpbb\exception\runtime_exception as base;
+
+/**
+ * Base class for exceptions thrown when managing packages through composer
+ */
+class runtime_exception extends base
+{
+	/**
+	 * Constructor
+	 *
+	 * @param string		$prefix		The language string prefix
+	 * @param string		$message	The Exception message to throw (must be a language variable).
+	 * @param array			$parameters	The parameters to use with the language var.
+	 * @param \Exception	$previous	The previous runtime_exception used for the runtime_exception chaining.
+	 * @param integer		$code		The Exception code.
+	 */
+	public function __construct($prefix, $message = '', array $parameters = [], \Exception $previous = null, $code = 0)
+	{
+		parent::__construct($prefix . $message, $parameters, $previous, $code);
+	}
+
+}

phpBB/phpbb/composer/extension_manager.php

@@ -0,0 +1,316 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer;
+
+use Composer\IO\IOInterface;
+use phpbb\cache\driver\driver_interface;
+use phpbb\composer\exception\managed_with_clean_error_exception;
+use phpbb\composer\exception\managed_with_enable_error_exception;
+use phpbb\composer\exception\runtime_exception;
+use phpbb\config\config;
+use phpbb\extension\manager as ext_manager;
+use phpbb\filesystem\exception\filesystem_exception;
+use phpbb\filesystem\filesystem;
+
+/**
+ * Class to safely manage extensions through composer.
+ */
+class extension_manager extends manager
+{
+	/**
+	 * @var \phpbb\extension\manager
+	 */
+	protected $extension_manager;
+
+	/**
+	 * @var \phpbb\filesystem\filesystem
+	 */
+	protected $filesystem;
+
+	/**
+	 * @var array
+	 */
+	private $enabled_extensions;
+
+	/**
+	 * @var bool Enables extensions when installing them?
+	 */
+	private $enable_on_install = false;
+
+	/**
+	 * @var bool Purges extensions data when removing them?
+	 */
+	private $purge_on_remove = true;
+
+	/**
+	 * @param installer			$installer			Installer object
+	 * @param driver_interface	$cache				Cache object
+	 * @param ext_manager		$extension_manager	phpBB extension manager
+	 * @param filesystem		$filesystem			Filesystem object
+	 * @param string			$package_type		Composer type of managed packages
+	 * @param string			$exception_prefix	Exception prefix to use
+	 * @param string			$root_path			phpBB root path
+	 * @param config			$config				Config object
+	 */
+	public function __construct(installer $installer, driver_interface $cache, ext_manager $extension_manager, filesystem $filesystem, $package_type, $exception_prefix, $root_path, config $config = null)
+	{
+		$this->extension_manager = $extension_manager;
+		$this->filesystem = $filesystem;
+		$this->root_path = $root_path;
+
+		if ($config)
+		{
+			$this->enable_on_install = (bool) $config['exts_composer_enable_on_install'];
+			$this->purge_on_remove   = (bool) $config['exts_composer_purge_on_remove'];
+		}
+
+		parent::__construct($installer, $cache, $package_type, $exception_prefix);
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function pre_install(array $packages, IOInterface $io = null)
+	{
+		$installed_manually = array_intersect(array_keys($this->extension_manager->all_available()), array_keys($packages));
+		if (count($installed_manually) !== 0)
+		{
+			throw new runtime_exception($this->exception_prefix, 'ALREADY_INSTALLED_MANUALLY', [implode('|', array_keys($installed_manually))]);
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function post_install(array $packages, IOInterface $io = null)
+	{
+		if ($this->enable_on_install)
+		{
+			$io->writeError([['ENABLING_EXTENSIONS', [], 1]], true);
+			foreach ($packages as $package => $version)
+			{
+				try
+				{
+					$this->extension_manager->enable($package);
+				}
+				catch (\phpbb\exception\runtime_exception $e)
+				{
+					$io->writeError([[$e->getMessage(), $e->get_parameters(), 4]], true);
+				}
+				catch (\Exception $e)
+				{
+					$io->writeError([[$e->getMessage(), [], 4]], true);
+				}
+			}
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function pre_update(array $packages, IOInterface $io = null)
+	{
+		$io->writeError([['DISABLING_EXTENSIONS', [], 1]], true);
+		$this->enabled_extensions = [];
+		foreach ($packages as $package => $version)
+		{
+			try
+			{
+				if ($this->extension_manager->is_enabled($package))
+				{
+					$this->enabled_extensions[] = $package;
+					$this->extension_manager->disable($package);
+				}
+			}
+			catch (\phpbb\exception\runtime_exception $e)
+			{
+				$io->writeError([[$e->getMessage(), $e->get_parameters(), 4]], true);
+			}
+			catch (\Exception $e)
+			{
+				$io->writeError([[$e->getMessage(), [], 4]], true);
+			}
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function post_update(array $packages, IOInterface $io = null)
+	{
+		$io->writeError([['ENABLING_EXTENSIONS', [], 1]], true);
+		foreach ($this->enabled_extensions as $package)
+		{
+			try
+			{
+				$this->extension_manager->enable($package);
+			}
+			catch (\phpbb\exception\runtime_exception $e)
+			{
+				$io->writeError([[$e->getMessage(), $e->get_parameters(), 4]], true);
+			}
+			catch (\Exception $e)
+			{
+				$io->writeError([[$e->getMessage(), [], 4]], true);
+			}
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function remove(array $packages, IOInterface $io = null)
+	{
+		$packages = $this->normalize_version($packages);
+
+		$not_installed = array_diff(array_keys($packages), array_keys($this->extension_manager->all_available()));
+		if (count($not_installed) !== 0)
+		{
+			throw new runtime_exception($this->exception_prefix, 'NOT_INSTALLED', [implode('|', array_keys($not_installed))]);
+		}
+
+		parent::remove($packages, $io);
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function pre_remove(array $packages, IOInterface $io = null)
+	{
+		if ($this->purge_on_remove)
+		{
+			$io->writeError([['DISABLING_EXTENSIONS', [], 1]], true);
+		}
+
+		foreach ($packages as $package => $version)
+		{
+			try
+			{
+				if ($this->extension_manager->is_enabled($package))
+				{
+					if ($this->purge_on_remove)
+					{
+						$this->extension_manager->purge($package);
+					}
+					else
+					{
+						$this->extension_manager->disable($package);
+					}
+				}
+			}
+			catch (\phpbb\exception\runtime_exception $e)
+			{
+				$io->writeError([[$e->getMessage(), $e->get_parameters(), 4]], true);
+			}
+			catch (\Exception $e)
+			{
+				$io->writeError([[$e->getMessage(), [], 4]], true);
+			}
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function start_managing($package, $io)
+	{
+		if (!$this->extension_manager->is_available($package))
+		{
+			throw new runtime_exception($this->exception_prefix, 'NOT_INSTALLED', [$package]);
+		}
+
+		if ($this->is_managed($package))
+		{
+			throw new runtime_exception($this->exception_prefix, 'ALREADY_MANAGED', [$package]);
+		}
+
+		$enabled = false;
+		if ($this->extension_manager->is_enabled($package))
+		{
+			$enabled = true;
+			$io->writeError([['DISABLING_EXTENSIONS', [], 1]], true);
+			$this->extension_manager->disable($package);
+		}
+
+		$ext_path = $this->extension_manager->get_extension_path($package, true);
+		$backup_path = rtrim($ext_path, '/') . '__backup__';
+
+		try
+		{
+			$this->filesystem->rename($ext_path, $backup_path);
+		}
+		catch (filesystem_exception $e)
+		{
+			throw new runtime_exception($this->exception_prefix, 'CANNOT_MANAGE_FILESYSTEM_ERROR', [$package], $e);
+		}
+
+		try
+		{
+			$this->install((array) $package, $io);
+			$this->filesystem->remove($backup_path);
+		}
+		catch (runtime_exception $e)
+		{
+			$this->filesystem->rename($backup_path, $ext_path);
+			throw new runtime_exception($this->exception_prefix, 'CANNOT_MANAGE_INSTALL_ERROR', [$package], $e);
+		}
+		catch (filesystem_exception $e)
+		{
+			throw new managed_with_clean_error_exception($this->exception_prefix, 'MANAGED_WITH_CLEAN_ERROR', [$package, $backup_path], $e);
+		}
+
+		if ($enabled)
+		{
+			try
+			{
+				$io->writeError([['ENABLING_EXTENSIONS', [], 1]], true);
+				$this->extension_manager->enable($package);
+			}
+			catch (\Exception $e)
+			{
+				throw new managed_with_enable_error_exception($this->exception_prefix, 'MANAGED_WITH_ENABLE_ERROR', [$package], $e);
+			}
+		}
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	public function check_requirements()
+	{
+		return parent::check_requirements() && $this->filesystem->is_writable($this->root_path . 'ext/');
+	}
+
+	/**
+	 * Enable the extensions when installing
+	 *
+	 * Warning: Only the explicitly required extensions will be enabled
+	 *
+	 * @param bool $enable
+	 */
+	public function set_enable_on_install($enable)
+	{
+		$this->enable_on_install = $enable;
+	}
+
+	/**
+	 * Purge the extension when disabling it
+	 *
+	 * @param bool $purge
+	 */
+	public function set_purge_on_remove($purge)
+	{
+		$this->purge_on_remove = $purge;
+	}
+}

phpBB/phpbb/composer/installer.php

@@ -0,0 +1,711 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer;
+
+use Composer\Composer;
+use Composer\Factory;
+use Composer\IO\IOInterface;
+use Composer\IO\NullIO;
+use Composer\Json\JsonFile;
+use Composer\Package\BasePackage;
+use Composer\Package\CompletePackage;
+use Composer\Repository\ComposerRepository;
+use Composer\Semver\Constraint\ConstraintInterface;
+use Composer\Util\RemoteFilesystem;
+use phpbb\composer\io\null_io;
+use phpbb\config\config;
+use phpbb\exception\runtime_exception;
+use phpbb\filesystem\filesystem;
+use phpbb\request\request;
+use Seld\JsonLint\ParsingException;
+use phpbb\filesystem\helper as filesystem_helper;
+
+/**
+ * Class to install packages through composer while freezing core dependencies.
+ */
+class installer
+{
+	const PHPBB_TYPES = 'phpbb-extension,phpbb-style,phpbb-language';
+
+	/**
+	 * @var array Repositories to look packages from
+	 */
+	protected $repositories = [];
+
+	/**
+	 * @var bool Indicates whether packagist usage is allowed or not
+	 */
+	protected $packagist = false;
+
+	/**
+	 * @var string Composer filename used to manage the packages
+	 */
+	protected $composer_filename = 'composer-ext.json';
+
+	/**
+	 * @var string Directory where to install packages vendors
+	 */
+	protected $packages_vendor_dir = 'vendor-ext/';
+
+	/**
+	 * @var string Minimum stability
+	 */
+	protected $minimum_stability = 'stable';
+
+	/**
+	 * @var string phpBB root path
+	 */
+	protected $root_path;
+
+	/**
+	 * @var string Stores the original working directory in case it has been changed through move_to_root()
+	 */
+	private $original_cwd;
+
+	/**
+	 * @var array Stores the content of the ext json file before generate_ext_json_file() overrides it
+	 */
+	private $ext_json_file_backup;
+
+	/**
+	 * @var request phpBB request object
+	 */
+	private $request;
+
+	/**
+	 * @param string		$root_path	phpBB root path
+	 * @param filesystem	$filesystem	Filesystem object
+	 * @param request		$request	phpBB request object
+	 * @param config		$config		Config object
+	 */
+	public function __construct($root_path, filesystem $filesystem, request $request, config $config = null)
+	{
+		if ($config)
+		{
+			$repositories = json_decode($config['exts_composer_repositories'], true);
+
+			if (is_array($repositories) && !empty($repositories))
+			{
+				$this->repositories = (array) $repositories;
+			}
+
+			$this->packagist			= (bool) $config['exts_composer_packagist'];
+			$this->composer_filename	= $config['exts_composer_json_file'];
+			$this->packages_vendor_dir	= $config['exts_composer_vendor_dir'];
+			$this->minimum_stability	= $config['exts_composer_minimum_stability'];
+		}
+
+		$this->root_path = $root_path;
+		$this->request = $request;
+
+		putenv('COMPOSER_HOME=' . filesystem_helper::realpath($root_path) . '/store/composer');
+	}
+
+	/**
+	 * Update the current installed set of packages
+	 *
+	 * @param array $packages Packages to install.
+	 *        Each entry may be a name or an array associating a version constraint to a name
+	 * @param array $whitelist White-listed packages (packages that can be installed/updated/removed)
+	 * @param IOInterface $io IO object used for the output
+	 *
+	 * @throws runtime_exception
+	 */
+	public function install(array $packages, $whitelist, IOInterface $io = null)
+	{
+		$this->wrap(function() use ($packages, $whitelist, $io) {
+			$this->do_install($packages, $whitelist, $io);
+		});
+	}
+
+	/**
+	 * Update the current installed set of packages
+	 *
+	 * /!\ Doesn't change the current working directory
+	 *
+	 * @param array $packages Packages to install.
+	 *        Each entry may be a name or an array associating a version constraint to a name
+	 * @param array $whitelist White-listed packages (packages that can be installed/updated/removed)
+	 * @param IOInterface $io IO object used for the output
+	 *
+	 * @throws runtime_exception
+	 */
+	protected function do_install(array $packages, $whitelist, IOInterface $io = null)
+	{
+		if (!$io)
+		{
+			$io = new null_io();
+		}
+
+		$this->generate_ext_json_file($packages);
+
+		$composer = Factory::create($io, $this->get_composer_ext_json_filename(), false);
+		$install = \Composer\Installer::create($io, $composer);
+
+		$composer->getDownloadManager()->setOutputProgress(false);
+
+		$install
+			->setVerbose(true)
+			->setPreferSource(false)
+			->setPreferDist(true)
+			->setDevMode(false)
+			->setUpdate(true)
+			->setUpdateWhitelist($whitelist)
+			->setWhitelistDependencies(false)
+			->setIgnorePlatformRequirements(false)
+			->setOptimizeAutoloader(true)
+			->setDumpAutoloader(true)
+			->setPreferStable(true)
+			->setRunScripts(false)
+			->setDryRun(false);
+
+		try
+		{
+			$result = $install->run();
+		}
+		catch (\Exception $e)
+		{
+			$this->restore_ext_json_file();
+
+			throw new runtime_exception('COMPOSER_CANNOT_INSTALL', [], $e);
+		}
+
+		if ($result !== 0)
+		{
+			$this->restore_ext_json_file();
+
+			throw new runtime_exception($io->get_composer_error(), []);
+		}
+	}
+
+	/**
+	 * Returns the list of currently installed packages
+	 *
+	 * @param string|array $types Returns only the packages with the given type(s)
+	 *
+	 * @return array The installed packages associated to their version.
+	 *
+	 * @throws runtime_exception
+	 */
+	public function get_installed_packages($types)
+	{
+		return $this->wrap(function() use ($types) {
+			return $this->do_get_installed_packages($types);
+		});
+	}
+
+	/**
+	 * Returns the list of currently installed packages
+	 *
+	 * /!\ Doesn't change the current working directory
+	 *
+	 * @param string|array $types Returns only the packages with the given type(s)
+	 *
+	 * @return array The installed packages associated to their version.
+	 */
+	protected function do_get_installed_packages($types)
+	{
+		$types = (array) $types;
+
+		try
+		{
+			$io = new NullIO();
+			$composer = Factory::create($io, $this->get_composer_ext_json_filename(), false);
+
+			$installed = [];
+
+			/** @var \Composer\Package\Link[] $required_links */
+			$required_links = $composer->getPackage()->getRequires();
+			$installed_packages = $composer->getRepositoryManager()->getLocalRepository()->getCanonicalPackages();
+
+			foreach ($installed_packages as $package)
+			{
+				if (in_array($package->getType(), $types, true))
+				{
+					$version = array_key_exists($package->getName(), $required_links) ?
+						$required_links[$package->getName()]->getPrettyConstraint() : '*';
+					$installed[$package->getName()] = $version;
+				}
+			}
+
+			return $installed;
+		}
+		catch (\Exception $e)
+		{
+			return [];
+		}
+	}
+
+	/**
+	 * Gets the list of the available packages of the configured type in the configured repositories
+	 *
+	 * /!\ Doesn't change the current working directory
+	 *
+	 * @param string $type Returns only the packages with the given type
+	 *
+	 * @return array The name of the available packages, associated to their definition. Ordered by name.
+	 *
+	 * @throws runtime_exception
+	 */
+	public function get_available_packages($type)
+	{
+		return $this->wrap(function() use ($type) {
+			return $this->do_get_available_packages($type);
+		});
+	}
+
+	/**
+	 * Gets the list of the available packages of the configured type in the configured repositories
+	 *
+	 * @param string $type Returns only the packages with the given type
+	 *
+	 * @return array The name of the available packages, associated to their definition. Ordered by name.
+	 */
+	protected function do_get_available_packages($type)
+	{
+		try
+		{
+			$this->generate_ext_json_file($this->do_get_installed_packages(explode(',', self::PHPBB_TYPES)));
+
+			$io = new NullIO();
+			$composer = Factory::create($io, $this->get_composer_ext_json_filename(), false);
+
+			/** @var ConstraintInterface $core_constraint */
+			$core_constraint = $composer->getPackage()->getRequires()['phpbb/phpbb']->getConstraint();
+			$core_stability = $composer->getPackage()->getMinimumStability();
+
+			$available = [];
+
+			$compatible_packages = [];
+			$repositories = $composer->getRepositoryManager()->getRepositories();
+
+			/** @var \Composer\Repository\RepositoryInterface $repository */
+			foreach ($repositories as $repository)
+			{
+				try
+				{
+					if ($repository instanceof ComposerRepository && $repository->hasProviders())
+					{
+						// Special case for packagist which exposes an api to retrieve all packages of a given type.
+						// For the others composer repositories with providers we can't do anything. It would be too slow.
+
+						$r        = new \ReflectionObject($repository);
+						$repo_url = $r->getProperty('url');
+						$repo_url->setAccessible(true);
+
+						if ($repo_url->getValue($repository) === 'http://packagist.org')
+						{
+							$url      = 'https://packagist.org/packages/list.json?type=' . $type;
+							$rfs      = new RemoteFilesystem($io);
+							$hostname = parse_url($url, PHP_URL_HOST) ?: $url;
+							$json     = $rfs->getContents($hostname, $url, false);
+
+							/** @var \Composer\Package\PackageInterface $package */
+							foreach (JsonFile::parseJson($json, $url)['packageNames'] as $package)
+							{
+								$versions            = $repository->findPackages($package);
+								$compatible_packages = $this->get_compatible_versions($compatible_packages, $core_constraint, $core_stability, $package, $versions);
+							}
+						}
+					}
+					else
+					{
+						// Pre-filter repo packages by their type
+						$packages = [];
+						/** @var \Composer\Package\PackageInterface $package */
+						foreach ($repository->getPackages() as $package)
+						{
+							if ($package->getType() === $type)
+							{
+								$packages[$package->getName()][] = $package;
+							}
+						}
+
+						// Filter the compatibles versions
+						foreach ($packages as $package => $versions)
+						{
+							$compatible_packages = $this->get_compatible_versions($compatible_packages, $core_constraint, $core_stability, $package, $versions);
+						}
+					}
+				}
+				catch (\Exception $e)
+				{
+					// If a repo fails, just skip it.
+					continue;
+				}
+			}
+
+			foreach ($compatible_packages as $name => $versions)
+			{
+				// Determine the highest version of the package
+				/** @var CompletePackage $highest_version */
+				$highest_version = null;
+
+				/** @var CompletePackage $version */
+				foreach ($versions as $version)
+				{
+					if (!$highest_version || version_compare($version->getVersion(), $highest_version->getVersion(), '>'))
+					{
+						$highest_version = $version;
+					}
+				}
+
+				// Generates the entry
+				$available[$name] = [];
+				$available[$name]['name'] = $highest_version->getPrettyName();
+				$available[$name]['display_name'] = $highest_version->getExtra()['display-name'];
+				$available[$name]['composer_name'] = $highest_version->getName();
+				$available[$name]['version'] = $highest_version->getPrettyVersion();
+
+				if ($version instanceof CompletePackage)
+				{
+					$available[$name]['description'] = $highest_version->getDescription();
+					$available[$name]['url'] = $highest_version->getHomepage();
+					$available[$name]['authors'] = $highest_version->getAuthors();
+				}
+				else
+				{
+					$available[$name]['description'] = '';
+					$available[$name]['url'] = '';
+					$available[$name]['authors'] = [];
+				}
+			}
+
+			usort($available, function($a, $b)
+			{
+				return strcasecmp($a['display_name'], $b['display_name']);
+			});
+
+			return $available;
+		}
+		catch (\Exception $e)
+		{
+			return [];
+		}
+	}
+
+	/**
+	 * Checks the requirements of the manager and returns true if it can be used.
+	 *
+	 * @return bool
+	 */
+	public function check_requirements()
+	{
+		$filesystem = new \phpbb\filesystem\filesystem();
+
+		return $filesystem->is_writable([
+			$this->root_path . $this->composer_filename,
+			$this->root_path . $this->packages_vendor_dir,
+			$this->root_path . substr($this->composer_filename, 0, -5) . '.lock',
+		]);
+	}
+
+	/**
+	 * Updates $compatible_packages with the versions of $versions compatibles with the $core_constraint
+	 *
+	 * @param array						$compatible_packages	List of compatibles versions
+	 * @param ConstraintInterface	$core_constraint		Constraint against the phpBB version
+	 * @param string $core_stability Core stability
+	 * @param string					$package_name			Considered package
+	 * @param array						$versions				List of available versions
+	 *
+	 * @return array
+	 */
+	private function get_compatible_versions(array $compatible_packages, ConstraintInterface $core_constraint, $core_stability, $package_name, array $versions)
+	{
+		$core_stability_value = BasePackage::$stabilities[$core_stability];
+
+		/** @var \Composer\Package\PackageInterface $version */
+		foreach ($versions as $version)
+		{
+			try
+			{
+				if (BasePackage::$stabilities[$version->getStability()] > $core_stability_value)
+				{
+					continue;
+				}
+
+				if (array_key_exists('phpbb/phpbb', $version->getRequires()))
+				{
+					/** @var ConstraintInterface $package_constraint */
+					$package_constraint = $version->getRequires()['phpbb/phpbb']->getConstraint();
+
+					if (!$package_constraint->matches($core_constraint))
+					{
+						continue;
+					}
+				}
+
+				$compatible_packages[$package_name][] = $version;
+			}
+			catch (\Exception $e)
+			{
+				// Do nothing (to log when a true debug logger is available)
+			}
+		}
+
+		return $compatible_packages;
+	}
+
+	/**
+	 * Generates and write the json file used to install the set of packages
+	 *
+	 * @param array $packages Packages to update.
+	 *        Each entry may be a name or an array associating a version constraint to a name
+	 */
+	protected function generate_ext_json_file(array $packages)
+	{
+		$io = new NullIO();
+
+		$composer = Factory::create($io, null, false);
+
+		$core_packages = $this->get_core_packages($composer);
+		$ext_json_data = [
+			'require' => array_merge(
+				['php' => $this->get_core_php_requirement($composer)],
+				$core_packages,
+				$this->get_extra_dependencies(),
+				$packages),
+			'replace' => $core_packages,
+			'repositories' => $this->get_composer_repositories(),
+			'config' => [
+				'vendor-dir'=> $this->packages_vendor_dir,
+			],
+			'minimum-stability' => $this->minimum_stability,
+		];
+
+		$this->ext_json_file_backup = null;
+		$json_file = new JsonFile($this->get_composer_ext_json_filename());
+
+		try
+		{
+			$ext_json_file_backup = $json_file->read();
+		}
+		catch (ParsingException $e)
+		{
+			$ext_json_file_backup = '{}';
+
+			$lockFile = new JsonFile(substr($this->get_composer_ext_json_filename(), 0, -5) . '.lock');
+			$lockFile->write([]);
+		}
+
+		$json_file->write($ext_json_data);
+		$this->ext_json_file_backup = $ext_json_file_backup;
+	}
+
+	/**
+	 * Restore the json file overridden by generate_ext_json_file()
+	 */
+	protected function restore_ext_json_file()
+	{
+		if ($this->ext_json_file_backup)
+		{
+			try
+			{
+				$json_file = new JsonFile($this->get_composer_ext_json_filename());
+				$json_file->write($this->ext_json_file_backup);
+			}
+			catch (\Exception $e)
+			{
+			}
+
+			$this->ext_json_file_backup = null;
+		}
+	}
+
+	/**
+	 * Get the core installed packages
+	 *
+	 * @param Composer $composer Composer object to load the dependencies
+	 * @return array The core packages with their version
+	 */
+	protected function get_core_packages(Composer $composer)
+	{
+		$core_deps = [];
+		$packages = $composer->getRepositoryManager()->getLocalRepository()->getCanonicalPackages();
+
+		foreach ($packages as $package)
+		{
+			$core_deps[$package->getName()] = $package->getPrettyVersion();
+		}
+
+		$core_deps['phpbb/phpbb'] = PHPBB_VERSION;
+
+		return $core_deps;
+	}
+
+	/**
+	 * Get the PHP version required by the core
+	 *
+	 * @param Composer $composer Composer object to load the dependencies
+	 * @return string The PHP version required by the core
+	 */
+	protected function get_core_php_requirement(Composer $composer)
+	{
+		return $composer->getLocker()->getLockData()['platform']['php'];
+	}
+
+	/**
+	 * Generate the repositories entry of the packages json file
+	 *
+	 * @return array repositories entry
+	 */
+	protected function get_composer_repositories()
+	{
+		$repositories = [];
+
+		if (!$this->packagist)
+		{
+			$repositories[]['packagist'] = false;
+		}
+
+		foreach ($this->repositories as $repository)
+		{
+			if (preg_match('#^' . get_preg_expression('url') . '$#iu', $repository))
+			{
+				$repositories[] = [
+					'type' => 'composer',
+					'url' => $repository,
+				];
+			}
+		}
+
+		return $repositories;
+	}
+
+	/**
+	 * Get the name of the json file used for the packages.
+	 *
+	 * @return string The json filename
+	 */
+	protected function get_composer_ext_json_filename()
+	{
+		return $this->composer_filename;
+	}
+
+	/**
+	 * Get extra dependencies required to install the packages
+	 *
+	 * @return array Array of composer dependencies
+	 */
+	protected function get_extra_dependencies()
+	{
+		return [];
+	}
+
+	/**
+	 * Sets the customs repositories
+	 *
+	 * @param array $repositories An array of composer repositories to use
+	 */
+	public function set_repositories(array $repositories)
+	{
+		$this->repositories = $repositories;
+	}
+
+	/**
+	 * Allow or disallow packagist
+	 *
+	 * @param boolean $packagist
+	 */
+	public function set_packagist($packagist)
+	{
+		$this->packagist = $packagist;
+	}
+
+	/**
+	 * Sets the name of the managed packages' json file
+	 *
+	 * @param string $composer_filename
+	 */
+	public function set_composer_filename($composer_filename)
+	{
+		$this->composer_filename = $composer_filename;
+	}
+
+	/**
+	 * Sets the location of the managed packages' vendors
+	 *
+	 * @param string $packages_vendor_dir
+	 */
+	public function set_packages_vendor_dir($packages_vendor_dir)
+	{
+		$this->packages_vendor_dir = $packages_vendor_dir;
+	}
+
+	/**
+	 * Sets the phpBB root path
+	 *
+	 * @param string $root_path
+	 */
+	public function set_root_path($root_path)
+	{
+		$this->root_path = $root_path;
+	}
+
+	/**
+	 * Change the current directory to phpBB root
+	 */
+	protected function move_to_root()
+	{
+		if ($this->original_cwd === null)
+		{
+			$this->original_cwd = getcwd();
+			chdir($this->root_path);
+		}
+	}
+
+	/**
+	 * Restore the current working directory if move_to_root() have been called
+	 */
+	protected function restore_cwd()
+	{
+		if ($this->original_cwd)
+		{
+			chdir($this->original_cwd);
+			$this->original_cwd = null;
+		}
+	}
+
+	/**
+	 * Wraps a callable in order to adjust the context needed by composer
+	 *
+	 * @param callable $callable
+	 *
+	 * @return mixed
+	 */
+	protected function wrap(callable $callable)
+	{
+		// The composer installers works with a path relative to the current directory
+		$this->move_to_root();
+
+		// The composer installers uses some super globals
+		$super_globals = $this->request->super_globals_disabled();
+		$this->request->enable_super_globals();
+
+		try
+		{
+			return $callable();
+		}
+		finally
+		{
+			$this->restore_cwd();
+
+			if ($super_globals)
+			{
+				$this->request->disable_super_globals();
+			}
+		}
+	}
+}

phpBB/phpbb/composer/io/console_io.php

@@ -0,0 +1,40 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+namespace phpbb\composer\io;
+
+use Composer\IO\ConsoleIO;
+use phpbb\language\language;
+use Symfony\Component\Console\Helper\HelperSet;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class console_io extends ConsoleIO implements io_interface
+{
+	use translate_composer_trait;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param InputInterface	$input		The input instance
+	 * @param OutputInterface	$output		The output instance
+	 * @param HelperSet			$helperSet	The helperSet instance
+	 * @param language			$language	Language object
+	 */
+	public function __construct(InputInterface $input, OutputInterface $output, HelperSet $helperSet, language $language)
+	{
+		$this->language = $language;
+
+		parent::__construct($input, $output, $helperSet);
+	}
+}