phpBB

Code Changes

File: includes/functions.php

  Unmodified   Added   Modified   Removed
Line 1257Line 1257
		if (!is_array($forum_id))
{
$forum_id = array($forum_id);

		if (!is_array($forum_id))
{
$forum_id = array($forum_id);

 
		}
else
{
$forum_id = array_unique($forum_id);

		}

$phpbb_notifications = $phpbb_container->get('notification_manager');

		}

$phpbb_notifications = $phpbb_container->get('notification_manager');

Line 2229Line 2233
	global $config, $user, $request;

$server_name = $user->host;

	global $config, $user, $request;

$server_name = $user->host;

	$server_port = $request->server('SERVER_PORT', 0);

 

// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)


// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)

Line 2244Line 2247
	}
else
{

	}
else
{

 
		$server_port = $request->server('SERVER_PORT', 0);
$forwarded_proto = $request->server('HTTP_X_FORWARDED_PROTO');

if (!empty($forwarded_proto) && $forwarded_proto === 'https')
{
$server_port = 443;
}

		// Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
$cookie_secure = $request->is_secure() ? 1 : 0;
$url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;

		// Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
$cookie_secure = $request->is_secure() ? 1 : 0;
$url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;

Line 2389Line 2399
	}

// Redirect via an HTML form for PITA webservers

	}

// Redirect via an HTML form for PITA webservers

	if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))

	if (@preg_match('#WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))

	{
header('Refresh: 0; URL=' . $url);


	{
header('Refresh: 0; URL=' . $url);


Line 2397Line 2407
		echo '<html dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '">';
echo '<head>';
echo '<meta charset="utf-8">';

		echo '<html dir="' . $user->lang['DIRECTION'] . '" lang="' . $user->lang['USER_LANG'] . '">';
echo '<head>';
echo '<meta charset="utf-8">';

 
		echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';

		echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&amp;', $url) . '" />';
echo '<title>' . $user->lang['REDIRECT'] . '</title>';
echo '</head>';

		echo '<meta http-equiv="refresh" content="0; url=' . str_replace('&', '&amp;', $url) . '" />';
echo '<title>' . $user->lang['REDIRECT'] . '</title>';
echo '</head>';

Line 2598Line 2609
/**
* Add a secret token to the form (requires the S_FORM_TOKEN template variable)
* @param string $form_name The name of the form; has to match the name used in check_form_key, otherwise no restrictions apply

/**
* Add a secret token to the form (requires the S_FORM_TOKEN template variable)
* @param string $form_name The name of the form; has to match the name used in check_form_key, otherwise no restrictions apply

 
* @param string  $template_variable_suffix A string that is appended to the name of the template variable to which the form elements are assigned

*/

*/

function add_form_key($form_name)

function add_form_key($form_name, $template_variable_suffix = '')

{
global $config, $template, $user, $phpbb_dispatcher;


{
global $config, $template, $user, $phpbb_dispatcher;


Line 2616Line 2628
	* Perform additional actions on creation of the form token
*
* @event core.add_form_key

	* Perform additional actions on creation of the form token
*
* @event core.add_form_key

	* @var	string	form_name			The form name
* @var int now Current time timestamp
* @var string s_fields Generated hidden fields
* @var string token Form token
* @var string token_sid User session ID


	* @var	string	form_name					The form name
* @var int now Current time timestamp
* @var string s_fields Generated hidden fields
* @var string token Form token
* @var string token_sid User session ID
* @var string template_variable_suffix The string that is appended to template variable name

	*
* @since 3.1.0-RC3

	*
* @since 3.1.0-RC3

 
	* @changed 3.1.11-RC1 Added template_variable_suffix

	*/
$vars = array(
'form_name',

	*/
$vars = array(
'form_name',

Line 2630Line 2644
		's_fields',
'token',
'token_sid',

		's_fields',
'token',
'token_sid',

 
		'template_variable_suffix',

	);
extract($phpbb_dispatcher->trigger_event('core.add_form_key', compact($vars)));


	);
extract($phpbb_dispatcher->trigger_event('core.add_form_key', compact($vars)));


	$template->assign_vars(array(
'S_FORM_TOKEN' => $s_fields,
));

	$template->assign_var('S_FORM_TOKEN' . $template_variable_suffix, $s_fields);



}

/**

}

/**

Line 2763Line 2776
	$u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;

$template->assign_vars(array(

	$u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;

$template->assign_vars(array(

		'MESSAGE_TITLE'		=> (!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang[$title],

		'MESSAGE_TITLE'		=> (!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang($title, 1),

		'MESSAGE_TEXT'		=> (!isset($user->lang[$title . '_CONFIRM'])) ? $title : $user->lang[$title . '_CONFIRM'],

'YES_VALUE' => $user->lang['YES'],

		'MESSAGE_TEXT'		=> (!isset($user->lang[$title . '_CONFIRM'])) ? $title : $user->lang[$title . '_CONFIRM'],

'YES_VALUE' => $user->lang['YES'],

Line 2816Line 2829
	{
$user->setup();
}

	{
$user->setup();
}

 

/**
* This event allows an extension to modify the login process
*
* @event core.login_box_before
* @var string redirect Redirect string
* @var string l_explain Explain language string
* @var string l_success Success language string
* @var bool admin Is admin?
* @var bool s_display Display full login form?
* @var string err Error string
* @since 3.1.9-RC1
*/
$vars = array('redirect', 'l_explain', 'l_success', 'admin', 's_display', 'err');
extract($phpbb_dispatcher->trigger_event('core.login_box_before', compact($vars)));


// Print out error if user tries to authenticate as an administrator without having the privileges...
if ($admin && !$auth->acl_get('a_'))


// Print out error if user tries to authenticate as an administrator without having the privileges...
if ($admin && !$auth->acl_get('a_'))

Line 2829Line 2857
		trigger_error('NO_AUTH_ADMIN');
}


		trigger_error('NO_AUTH_ADMIN');
}


	if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external'))

	if (empty($err) && ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external')))

	{
// Get credential
if ($admin)

	{
// Get credential
if ($admin)

Line 2898Line 2926
			*
* @event core.login_box_redirect
* @var string redirect Redirect string

			*
* @event core.login_box_redirect
* @var string redirect Redirect string

			* @var	boolean	admin		Is admin?
* @var bool return If true, do not redirect but return the sanitized URL.

			* @var	bool	admin		Is admin?


			* @since 3.1.0-RC5

			* @since 3.1.0-RC5

 
			* @changed 3.1.9-RC1 Removed undefined return variable

			*/

			*/

			$vars = array('redirect', 'admin', 'return');

			$vars = array('redirect', 'admin');

			extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars)));

// append/replace SID (may change during the session for AOL users)

			extract($phpbb_dispatcher->trigger_event('core.login_box_redirect', compact($vars)));

// append/replace SID (may change during the session for AOL users)

Line 3413Line 3441
		// Matches the predecing dot
case 'path_remove_dot_trailing_slash':
return '#^(?:(\.)?)+(?:(.+)?)+(?:([\\/\\\])$)#';

		// Matches the predecing dot
case 'path_remove_dot_trailing_slash':
return '#^(?:(\.)?)+(?:(.+)?)+(?:([\\/\\\])$)#';

 
		break;

case 'semantic_version':
// Regular expression to match semantic versions by http://rgxdb.com/
return '/(?<=^[Vv]|^)(?:(?<major>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<minor>(?:0|[1-9](?:(?:0|[1-9])+)*))[.](?<patch>(?:0|[1-9](?:(?:0|[1-9])+)*))(?:-(?<prerelease>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:0|[1-9](?:(?:0|[1-9])+)*)))*))?(?:[+](?<build>(?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+))(?:[.](?:(?:(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?|(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)(?:[A-Za-z]|-)(?:(?:(?:0|[1-9])|(?:[A-Za-z]|-))+)?)|(?:(?:0|[1-9])+)))*))?)$/';

		break;
}


		break;
}


Line 3978Line 4011
			echo '<html dir="ltr">';
echo '<head>';
echo '<meta charset="utf-8">';

			echo '<html dir="ltr">';
echo '<head>';
echo '<meta charset="utf-8">';

 
			echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';

			echo '<title>' . $msg_title . '</title>';
echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';

			echo '<title>' . $msg_title . '</title>';
echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';

Line 4260Line 4294

if (sizeof($online_users['online_users']))
{


if (sizeof($online_users['online_users']))
{

		$sql = 'SELECT username, username_clean, user_id, user_type, user_allow_viewonline, user_colour
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $online_users['online_users']) . '
ORDER BY username_clean ASC';





		$sql_ary = array(
'SELECT' => 'u.username, u.username_clean, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour',
'FROM' => array(
USERS_TABLE => 'u',
),
'WHERE' => $db->sql_in_set('u.user_id', $online_users['online_users']),
'ORDER_BY' => 'u.username_clean ASC',
);


/**
* Modify SQL query to obtain online users data


/**
* Modify SQL query to obtain online users data

Line 4275Line 4313
		* @var	string	item			Restrict online users to a certain
* session item, e.g. forum for
* session_forum_id

		* @var	string	item			Restrict online users to a certain
* session item, e.g. forum for
* session_forum_id

		* @var	string	sql				SQL query to obtain users online data

		* @var	array	sql_ary			SQL query array to obtain users online data

		* @since 3.1.4-RC1

		* @since 3.1.4-RC1

 
		* @changed 3.1.7-RC1			Change sql query into array and adjust var accordingly. Allows extension authors the ability to adjust the sql_ary.

		*/

		*/

		$vars = array('online_users', 'item_id', 'item', 'sql');

		$vars = array('online_users', 'item_id', 'item', 'sql_ary');

		extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars)));


		extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_sql', compact($vars)));


		$result = $db->sql_query($sql);

		$result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));

		$rowset = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);


		$rowset = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);


Line 4295Line 4334
					$row['username'] = '<em>' . $row['username'] . '</em>';
}


					$row['username'] = '<em>' . $row['username'] . '</em>';
}


				if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline'))

				if (!isset($online_users['hidden_users'][$row['user_id']]) || $auth->acl_get('u_viewonline') || $row['user_id'] === $user->data['user_id'])

				{
$user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
}
}
}
}

				{
$user_online_link[$row['user_id']] = get_username_string(($row['user_type'] <> USER_IGNORE) ? 'full' : 'no_profile', $row['user_id'], $row['username'], $row['user_colour']);
}
}
}
}

 

/**
* Modify online userlist data
*
* @event core.obtain_users_online_string_before_modify
* @var array online_users Array with online users data
* from obtain_users_online()
* @var int item_id Restrict online users to item id
* @var string item Restrict online users to a certain
* session item, e.g. forum for
* session_forum_id
* @var array rowset Array with online users data
* @var array user_online_link Array with online users items (usernames)
* @since 3.1.10-RC1
*/
$vars = array(
'online_users',
'item_id',
'item',
'rowset',
'user_online_link',
);
extract($phpbb_dispatcher->trigger_event('core.obtain_users_online_string_before_modify', compact($vars)));


	$online_userlist = implode(', ', $user_online_link);

if (!$online_userlist)

	$online_userlist = implode(', ', $user_online_link);

if (!$online_userlist)

Line 4779Line 4842
* @param array $user_row Row from the users table
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

* @param array $user_row Row from the users table
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

 
* @param bool $lazy If true, will be lazy loaded (requires JS)

*
* @return string Avatar html
*/

*
* @return string Avatar html
*/

function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false)

function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false)

{
$row = \phpbb\avatar\manager::clean_row($user_row, 'user');

{
$row = \phpbb\avatar\manager::clean_row($user_row, 'user');

	return phpbb_get_avatar($row, $alt, $ignore_config);

	return phpbb_get_avatar($row, $alt, $ignore_config, $lazy);

}

/**

}

/**

Line 4794Line 4858
* @param array $group_row Row from the groups table
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

* @param array $group_row Row from the groups table
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

 
* @param bool $lazy If true, will be lazy loaded (requires JS)

*
* @return string Avatar html
*/

*
* @return string Avatar html
*/

function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false)

function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false, $lazy = false)

{
$row = \phpbb\avatar\manager::clean_row($user_row, 'group');

{
$row = \phpbb\avatar\manager::clean_row($user_row, 'group');

	return phpbb_get_avatar($row, $alt, $ignore_config);

	return phpbb_get_avatar($row, $alt, $ignore_config, $lazy);

}

/**

}

/**

Line 4809Line 4874
* @param array $row Row cleaned by \phpbb\avatar\manager::clean_row
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

* @param array $row Row cleaned by \phpbb\avatar\manager::clean_row
* @param string $alt Optional language string for alt tag within image, can be a language key or text
* @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP

 
* @param bool $lazy If true, will be lazy loaded (requires JS)

*
* @return string Avatar html
*/

*
* @return string Avatar html
*/

function phpbb_get_avatar($row, $alt, $ignore_config = false)

function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false)

{
global $user, $config, $cache, $phpbb_root_path, $phpEx;
global $request;

{
global $user, $config, $cache, $phpbb_root_path, $phpEx;
global $request;

	global $phpbb_container;

	global $phpbb_container, $phpbb_dispatcher;


if (!$config['allow_avatar'] && !$ignore_config)
{


if (!$config['allow_avatar'] && !$ignore_config)
{

Line 4830Line 4896
	);

$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');

	);

$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');

	$driver = $phpbb_avatar_manager->get_driver($row['avatar_type'], $ignore_config);

	$driver = $phpbb_avatar_manager->get_driver($row['avatar_type'], !$ignore_config);

	$html = '';

if ($driver)

	$html = '';

if ($driver)

Line 4841Line 4907
			return $html;
}


			return $html;
}


		$avatar_data = $driver->get_data($row, $ignore_config);

		$avatar_data = $driver->get_data($row);

	}
else
{

	}
else
{

Line 4850Line 4916

if (!empty($avatar_data['src']))
{


if (!empty($avatar_data['src']))
{

		$html = '<img src="' . $avatar_data['src'] . '" ' .






















		if ($lazy)
{
// Determine board url - we may need it later
$board_url = generate_board_url() . '/';
// This path is sent with the base template paths in the assign_vars()
// call below. We need to correct it in case we are accessing from a
// controller because the web paths will be incorrect otherwise.
$phpbb_path_helper = $phpbb_container->get('path_helper');
$corrected_path = $phpbb_path_helper->get_web_root_path();

$web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;

$theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme';

$src = 'src="' . $theme . '/images/no_avatar.gif" data-src="' . $avatar_data['src'] . '"';
}
else
{
$src = 'src="' . $avatar_data['src'] . '"';
}

$html = '<img class="avatar" ' . $src . ' ' .

			($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') .
($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') .
'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />';
}

			($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') .
($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') .
'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />';
}

 

/**
* Event to modify HTML <img> tag of avatar
*
* @event core.get_avatar_after
* @var array row Row cleaned by \phpbb\avatar\manager::clean_row
* @var string alt Optional language string for alt tag within image, can be a language key or text
* @var bool ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP
* @var array avatar_data The HTML attributes for avatar <img> tag
* @var string html The HTML <img> tag of generated avatar
* @since 3.1.6-RC1
*/
$vars = array('row', 'alt', 'ignore_config', 'avatar_data', 'html');
extract($phpbb_dispatcher->trigger_event('core.get_avatar_after', compact($vars)));


return $html;
}


return $html;
}

Line 4862Line 4963
/**
* Generate page header
*/

/**
* Generate page header
*/

function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum')

function page_header($page_title = '', $display_online_list = false, $item_id = 0, $item = 'forum', $send_headers = true)

{
global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
global $phpbb_dispatcher, $request, $phpbb_container, $phpbb_admin_path;

{
global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
global $phpbb_dispatcher, $request, $phpbb_container, $phpbb_admin_path;

Line 4921Line 5022
			ob_start('ob_gzhandler');
}
}

			ob_start('ob_gzhandler');
}
}

 

$user->update_session_infos();


// Generate logged in/logged out status
if ($user->data['user_id'] != ANONYMOUS)


// Generate logged in/logged out status
if ($user->data['user_id'] != ANONYMOUS)

Line 5200Line 5303
		'SITE_LOGO_IMG'			=> $user->img('site_logo'),
));


		'SITE_LOGO_IMG'			=> $user->img('site_logo'),
));


 
	$http_headers = array();

if ($send_headers)
{

	// An array of http headers that phpbb will set. The following event may override these.

	// An array of http headers that phpbb will set. The following event may override these.

	$http_headers = array(

		$http_headers += array(

		// application/xhtml+xml not used because of IE
'Content-type' => 'text/html; charset=UTF-8',
'Cache-Control' => 'private, no-cache="set-cookie"',

		// application/xhtml+xml not used because of IE
'Content-type' => 'text/html; charset=UTF-8',
'Cache-Control' => 'private, no-cache="set-cookie"',

Line 5211Line 5318
	{
// Let reverse proxies know we detected a bot.
$http_headers['X-PHPBB-IS-BOT'] = 'yes';

	{
// Let reverse proxies know we detected a bot.
$http_headers['X-PHPBB-IS-BOT'] = 'yes';

 
		}

	}

/**

	}

/**