diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2008-05-29 12:25:56 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2008-05-29 12:25:56 +0000 |
| commit | 2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04 (patch) | |
| tree | 3b7ea329bf35eab5ddab9b0b5eb790e45e283a5c /phpBB/includes/acm/acm_file.php | |
| parent | 91b4fe1868ca2c4d81111943f781e3cfd0262ef2 (diff) | |
| download | forums-2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04.tar forums-2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04.tar.gz forums-2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04.tar.bz2 forums-2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04.tar.xz forums-2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04.zip | |
ok... i hope i haven't messed too much with the code and everything is still working.
Changes:
- Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed.
- A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added.
git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/acm/acm_file.php')
| -rw-r--r-- | phpBB/includes/acm/acm_file.php | 50 |
1 files changed, 17 insertions, 33 deletions
diff --git a/phpBB/includes/acm/acm_file.php b/phpBB/includes/acm/acm_file.php index f952b372c6..9376549cba 100644 --- a/phpBB/includes/acm/acm_file.php +++ b/phpBB/includes/acm/acm_file.php @@ -34,8 +34,7 @@ class acm */ function __construct() { - global $phpbb_root_path; - $this->cache_dir = $phpbb_root_path . 'cache/'; + $this->cache_dir = PHPBB_ROOT_PATH . 'cache/'; } /** @@ -43,12 +42,10 @@ class acm */ private function load() { - global $phpEx; - // grab the global cache - if (file_exists($this->cache_dir . 'data_global.' . $phpEx)) + if (file_exists($this->cache_dir . 'data_global.' . PHP_EXT)) { - @include($this->cache_dir . 'data_global.' . $phpEx); + @include($this->cache_dir . 'data_global.' . PHP_EXT); return true; } @@ -80,16 +77,14 @@ class acm return; } - global $phpEx; - - if ($fp = @fopen($this->cache_dir . 'data_global.' . $phpEx, 'wb')) + if ($fp = @fopen($this->cache_dir . 'data_global.' . PHP_EXT, 'wb')) { @flock($fp, LOCK_EX); fwrite($fp, "<?php\n\$this->vars = unserialize('" . serialize($this->vars) . "');\n\$this->var_expires = unserialize('" . serialize($this->var_expires) . "');"); @flock($fp, LOCK_UN); fclose($fp); - @chmod($this->cache_dir . 'data_global.' . $phpEx, 0666); + @chmod($this->cache_dir . 'data_global.' . PHP_EXT, 0666); } else { @@ -99,7 +94,7 @@ class acm trigger_error($this->cache_dir . ' is NOT writable.', E_USER_ERROR); } - trigger_error('Not able to open ' . $this->cache_dir . 'data_global.' . $phpEx, E_USER_ERROR); + trigger_error('Not able to open ' . $this->cache_dir . 'data_global.' . PHP_EXT, E_USER_ERROR); } $this->is_modified = false; @@ -110,8 +105,6 @@ class acm */ public function tidy() { - global $phpEx; - $dir = @opendir($this->cache_dir); if (!$dir) @@ -135,7 +128,7 @@ class acm } closedir($dir); - if (file_exists($this->cache_dir . 'data_global.' . $phpEx)) + if (file_exists($this->cache_dir . 'data_global.' . PHP_EXT)) { if (!sizeof($this->vars)) { @@ -161,14 +154,12 @@ class acm { if ($var_name[0] === '_') { - global $phpEx; - if (!$this->_exists($var_name)) { return false; } - @include($this->cache_dir . "data{$var_name}.$phpEx"); + @include($this->cache_dir . "data{$var_name}." . PHP_EXT); return (isset($data)) ? $data : false; } else @@ -184,16 +175,14 @@ class acm { if ($var_name[0] === '_') { - global $phpEx; - - if ($fp = @fopen($this->cache_dir . "data{$var_name}.$phpEx", 'wb')) + if ($fp = @fopen($this->cache_dir . "data{$var_name}." . PHP_EXT, 'wb')) { @flock($fp, LOCK_EX); fwrite($fp, "<?php\n\$expired = (time() > " . (time() + $ttl) . ") ? true : false;\nif (\$expired) { return; }\n\$data = " . (sizeof($var) ? "unserialize('" . serialize($var) . "');" : 'array();')); @flock($fp, LOCK_UN); fclose($fp); - @chmod($this->cache_dir . "data{$var_name}.$phpEx", 0666); + @chmod($this->cache_dir . "data{$var_name}." . PHP_EXT, 0666); } } else @@ -244,8 +233,6 @@ class acm */ public function destroy($var_name, $table = '') { - global $phpEx; - if ($var_name === 'sql' && !empty($table)) { if (!is_array($table)) @@ -306,7 +293,7 @@ class acm if ($var_name[0] === '_') { - $this->remove_file($this->cache_dir . 'data' . $var_name . ".$phpEx", true); + $this->remove_file($this->cache_dir . 'data' . $var_name . '.' . PHP_EXT, true); } else if (isset($this->vars[$var_name])) { @@ -326,8 +313,7 @@ class acm { if ($var_name[0] === '_') { - global $phpEx; - return file_exists($this->cache_dir . 'data' . $var_name . ".$phpEx"); + return file_exists($this->cache_dir . 'data' . $var_name . '.' . PHP_EXT); } else { @@ -350,18 +336,16 @@ class acm */ public function sql_load($query) { - global $phpEx; - // Remove extra spaces and tabs $query = preg_replace('/[\n\r\s\t]+/', ' ', $query); $query_id = sizeof($this->sql_rowset); - if (!file_exists($this->cache_dir . 'sql_' . md5($query) . ".$phpEx")) + if (!file_exists($this->cache_dir . 'sql_' . md5($query) . '.' . PHP_EXT)) { return false; } - @include($this->cache_dir . 'sql_' . md5($query) . ".$phpEx"); + @include($this->cache_dir . 'sql_' . md5($query) . '.' . PHP_EXT); if (!isset($expired)) { @@ -369,7 +353,7 @@ class acm } else if ($expired) { - $this->remove_file($this->cache_dir . 'sql_' . md5($query) . ".$phpEx", true); + $this->remove_file($this->cache_dir . 'sql_' . md5($query) . '.' . PHP_EXT, true); return false; } @@ -382,11 +366,11 @@ class acm */ public function sql_save($query, &$query_result, $ttl) { - global $db, $phpEx; + global $db; // Remove extra spaces and tabs $query = preg_replace('/[\n\r\s\t]+/', ' ', $query); - $filename = $this->cache_dir . 'sql_' . md5($query) . '.' . $phpEx; + $filename = $this->cache_dir . 'sql_' . md5($query) . '.' . PHP_EXT; if ($fp = @fopen($filename, 'wb')) { |