Line 264 | Line 264 |
---|
/** * Pick a language, any language ...
|
/** * Pick a language, any language ...
|
| * * @param string $default Language ISO code to be selected by default in the dropdown list * @param array $langdata Language data in format of array(array('lang_iso' => string, lang_local_name => string), ...) * * @return string HTML options for language selection dropdown list.
|
*/
|
*/
|
function language_select($default = '')
| function language_select($default = '', array $langdata = [])
|
{ global $db;
|
{ global $db;
|
| if (empty($langdata)) {
|
$sql = 'SELECT lang_iso, lang_local_name FROM ' . LANG_TABLE . ' ORDER BY lang_english_name'; $result = $db->sql_query($sql);
|
$sql = 'SELECT lang_iso, lang_local_name FROM ' . LANG_TABLE . ' ORDER BY lang_english_name'; $result = $db->sql_query($sql);
|
| $langdata = (array) $db->sql_fetchrowset($result); $db->sql_freeresult($result); }
|
$lang_options = '';
|
$lang_options = '';
|
while ($row = $db->sql_fetchrow($result))
| foreach ($langdata as $row)
|
{ $selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : ''; $lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>'; }
|
{ $selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : ''; $lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>'; }
|
$db->sql_freeresult($result);
| |
return $lang_options; }
/**
|
return $lang_options; }
/**
|
* Pick a template/theme combo,
| * Pick a template/theme combo * * @param string $default Style ID to be selected by default in the dropdown list * @param bool $all Flag indicating if all styles data including inactive ones should be fetched * @param array $styledata Style data in format of array(array('style_id' => int, style_name => string), ...) * * @return string HTML options for style selection dropdown list.
|
*/
|
*/
|
function style_select($default = '', $all = false)
| function style_select($default = '', $all = false, array $styledata = [])
|
{ global $db;
|
{ global $db;
|
| if (empty($styledata)) {
|
$sql_where = (!$all) ? 'WHERE style_active = 1 ' : ''; $sql = 'SELECT style_id, style_name FROM ' . STYLES_TABLE . " $sql_where ORDER BY style_name"; $result = $db->sql_query($sql);
|
$sql_where = (!$all) ? 'WHERE style_active = 1 ' : ''; $sql = 'SELECT style_id, style_name FROM ' . STYLES_TABLE . " $sql_where ORDER BY style_name"; $result = $db->sql_query($sql);
|
| $styledata = (array) $db->sql_fetchrowset($result); $db->sql_freeresult($result); }
|
$style_options = '';
|
$style_options = '';
|
while ($row = $db->sql_fetchrow($result))
| foreach ($styledata as $row)
|
{ $selected = ($row['style_id'] == $default) ? ' selected="selected"' : ''; $style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>'; }
|
{ $selected = ($row['style_id'] == $default) ? ' selected="selected"' : ''; $style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>'; }
|
$db->sql_freeresult($result);
| |
return $style_options; }
| return $style_options; }
|
Line 1075 | Line 1094 |
---|
* @param string $sql_limit Limits the size of unread topics list, 0 for unlimited query * @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start *
|
* @param string $sql_limit Limits the size of unread topics list, 0 for unlimited query * @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start *
|
* @return array[int][int] Topic ids as keys, mark_time of topic as value
| * @return int[] Topic ids as keys, mark_time of topic as value
|
*/ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) {
| */ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) {
|
Line 1464 | Line 1483 |
---|
* @return string The corrected url. * * Examples:
|
* @return string The corrected url. * * Examples:
|
* <code> * append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1&f=2"); * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&f=2'); * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&f=2', false);
| * <code> append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1"); * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1'); * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1', false);
|
* append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2)); * </code> *
| * append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2)); * </code> *
|
Line 1794 | Line 1812 |
---|
// Behave as per HTTP/1.1 spec for others header('Location: ' . $url); exit;
|
// Behave as per HTTP/1.1 spec for others header('Location: ' . $url); exit;
|
| }
/** * Returns the install redirect path for phpBB. * * @param string $phpbb_root_path The root path of the phpBB installation. * @param string $phpEx The file extension of php files, e.g., "php". * @return string The install redirect path. */ function phpbb_get_install_redirect(string $phpbb_root_path, string $phpEx): string { $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); if (!$script_name) { $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); }
// Add trailing dot to prevent dirname() from returning parent directory if $script_name is a directory $script_name = substr($script_name, -1) === '/' ? $script_name . '.' : $script_name;
// $phpbb_root_path accounts for redirects from e.g. /adm $script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/app.' . $phpEx; // Replace any number of consecutive backslashes and/or slashes with a single slash // (could happen on some proxy setups and/or Windows servers) return preg_replace('#[\\\\/]{2,}#', '/', $script_path);
|
}
/**
| }
/**
|
Line 2703 | Line 2746 |
---|
}
// Determine first occurrence, since in values the equal sign is allowed
|
}
// Determine first occurrence, since in values the equal sign is allowed
|
$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));
| $key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))), ENT_COMPAT);
|
$value = trim(substr($line, $delim_pos + 1));
if (in_array($value, array('off', 'false', '0')))
| $value = trim(substr($line, $delim_pos + 1));
if (in_array($value, array('off', 'false', '0')))
|
Line 2720 | Line 2763 |
---|
} else if (($value[0] == "'" && $value[strlen($value) - 1] == "'") || ($value[0] == '"' && $value[strlen($value) - 1] == '"')) {
|
} else if (($value[0] == "'" && $value[strlen($value) - 1] == "'") || ($value[0] == '"' && $value[strlen($value) - 1] == '"')) {
|
$value = htmlspecialchars(substr($value, 1, strlen($value)-2));
| $value = htmlspecialchars(substr($value, 1, strlen($value)-2), ENT_COMPAT);
|
} else {
|
} else {
|
$value = htmlspecialchars($value);
| $value = htmlspecialchars($value, ENT_COMPAT);
|
}
$parsed_items[$key] = $value;
| }
$parsed_items[$key] = $value;
|
Line 2757 | Line 2800 |
---|
foreach ($backtrace as $trace) { // Strip the current directory from path
|
foreach ($backtrace as $trace) { // Strip the current directory from path
|
$trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));
| $trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']), ENT_COMPAT);
|
$trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];
// Only show function arguments for include etc.
| $trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];
// Only show function arguments for include etc.
|
Line 2765 | Line 2808 |
---|
$argument = ''; if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once'))) {
|
$argument = ''; if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once'))) {
|
$argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));
| $argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]), ENT_COMPAT);
|
}
$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
| }
$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
|
Line 2775 | Line 2818 |
---|
$output .= '<b>FILE:</b> ' . $trace['file'] . '<br />'; $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
|
$output .= '<b>FILE:</b> ' . $trace['file'] . '<br />'; $output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
|
$output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);
| $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function'], ENT_COMPAT);
|
$output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />'; } $output .= '</div>';
| $output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />'; } $output .= '</div>';
|
Line 2900 | Line 2943 |
---|
/** * Returns the first block of the specified IPv6 address and as many additional
|
/** * Returns the first block of the specified IPv6 address and as many additional
|
* ones as specified in the length paramater.
| * ones as specified in the length parameter.
|
* If length is zero, then an empty string is returned. * If length is greater than 3 the complete IP will be returned */
| * If length is zero, then an empty string is returned. * If length is greater than 3 the complete IP will be returned */
|
Line 2909 | Line 2952 |
---|
if ($length < 1) { return '';
|
if ($length < 1) { return '';
|
| }
// Handle IPv4 embedded IPv6 addresses if (preg_match('/(?:\d{1,3}\.){3}\d{1,3}$/i', $ip)) { $binary_ip = inet_pton($ip); $ip_v6 = $binary_ip ? inet_ntop($binary_ip) : $ip; $ip = $ip_v6 ?: $ip;
|
}
// extend IPv6 addresses
| }
// extend IPv6 addresses
|
Line 2996 | Line 3047 |
---|
// Check the error reporting level and return if the error level does not match // If DEBUG is defined the default level is E_ALL
|
// Check the error reporting level and return if the error level does not match // If DEBUG is defined the default level is E_ALL
|
if (($errno & ($phpbb_container->getParameter('debug.show_errors') ? E_ALL : error_reporting())) == 0)
| if (($errno & ($phpbb_container != null && $phpbb_container->getParameter('debug.show_errors') ? E_ALL : error_reporting())) == 0)
|
{ return; }
| { return; }
|
Line 3240 | Line 3291 |
---|
{ if ($phpbb_filesystem) {
|
{ if ($phpbb_filesystem) {
|
$root_path = $phpbb_filesystem->realpath(dirname(__FILE__) . '/../');
| $root_path = $phpbb_filesystem->realpath(__DIR__ . '/../');
|
} else { $filesystem = new \phpbb\filesystem\filesystem();
|
} else { $filesystem = new \phpbb\filesystem\filesystem();
|
$root_path = $filesystem->realpath(dirname(__FILE__) . '/../');
| $root_path = $filesystem->realpath(__DIR__ . '/../');
|
} }
| } }
|
Line 3677 | Line 3728 |
---|
{ if ($lazy) {
|
{ if ($lazy) {
|
// Determine board url - we may need it later $board_url = generate_board_url() . '/';
| |
// This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. $phpbb_path_helper = $phpbb_container->get('path_helper');
|
// This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. $phpbb_path_helper = $phpbb_container->get('path_helper');
|
$corrected_path = $phpbb_path_helper->get_web_root_path();
$web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;
| $web_path = $phpbb_path_helper->get_web_root_path();
|
$theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme';
| $theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme';
|
Line 3856 | Line 3903 |
---|
} }
|
} }
|
$forum_id = $request->variable('f', 0); $topic_id = $request->variable('t', 0);
| // Negative forum and topic IDs are not allowed $forum_id = max(0, $request->variable('f', 0)); $topic_id = max(0, $request->variable('t', 0));
|
$s_feed_news = false;
| $s_feed_news = false;
|
Line 3872 | Line 3920 |
---|
$db->sql_freeresult($result); }
|
$db->sql_freeresult($result); }
|
// Determine board url - we may need it later $board_url = generate_board_url() . '/';
| |
// This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. /* @var $phpbb_path_helper \phpbb\path_helper */ $phpbb_path_helper = $phpbb_container->get('path_helper');
|
// This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. /* @var $phpbb_path_helper \phpbb\path_helper */ $phpbb_path_helper = $phpbb_container->get('path_helper');
|
$corrected_path = $phpbb_path_helper->get_web_root_path(); $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;
| $web_path = $phpbb_path_helper->get_web_root_path();
|
// Send a proper content-language to the output $user_lang = $user->lang['USER_LANG'];
| // Send a proper content-language to the output $user_lang = $user->lang['USER_LANG'];
|
Line 3983 | Line 4028 |
---|
'_SID' => $_SID, 'SESSION_ID' => $user->session_id, 'ROOT_PATH' => $web_path,
|
'_SID' => $_SID, 'SESSION_ID' => $user->session_id, 'ROOT_PATH' => $web_path,
|
'BOARD_URL' => $board_url,
| 'BOARD_URL' => generate_board_url() . '/',
|
'L_LOGIN_LOGOUT' => $l_login_logout, 'L_INDEX' => ($config['board_index_text'] !== '') ? $config['board_index_text'] : $user->lang['FORUM_INDEX'],
| 'L_LOGIN_LOGOUT' => $l_login_logout, 'L_INDEX' => ($config['board_index_text'] !== '') ? $config['board_index_text'] : $user->lang['FORUM_INDEX'],
|
Line 4049 | Line 4094 |
---|
'S_ENABLE_FEEDS_TOPICS_ACTIVE' => ($config['feed_topics_active']) ? true : false, 'S_ENABLE_FEEDS_NEWS' => ($s_feed_news) ? true : false,
|
'S_ENABLE_FEEDS_TOPICS_ACTIVE' => ($config['feed_topics_active']) ? true : false, 'S_ENABLE_FEEDS_NEWS' => ($s_feed_news) ? true : false,
|
'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false,
| 'S_LOAD_UNREADS' => (bool) $config['load_unreads_search'] && ($config['load_anon_lastread'] || !empty($user->data['is_registered'])),
|
'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields),
| 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields),
|
Line 4070 | Line 4115 |
---|
'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
|
'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
|
'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery-3.5.1.min.js?assets_version=" . $config['assets_version'],
| 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery-3.7.1.min.js?assets_version=" . $config['assets_version'],
|
'S_ALLOW_CDN' => !empty($config['allow_cdn']), 'S_COOKIE_NOTICE' => !empty($config['cookie_notice']),
| 'S_ALLOW_CDN' => !empty($config['allow_cdn']), 'S_COOKIE_NOTICE' => !empty($config['cookie_notice']),
|
Line 4405 | Line 4450 |
---|
} else {
|
} else {
|
return 'mailto:' . htmlspecialchars($config['board_contact']);
| return 'mailto:' . htmlspecialchars($config['board_contact'], ENT_COMPAT);
|
} }
| } }
|