diff options
| -rw-r--r-- | phpBB/includes/functions_display.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_viewmessage.php | 2 | ||||
| -rw-r--r-- | phpBB/memberlist.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/apache.php | 4 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v31x/m_softdelete_global.php | 31 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migrator.php | 10 | ||||
| -rw-r--r-- | phpBB/phpbb/di/extension/config.php | 28 | ||||
| -rw-r--r-- | phpBB/phpbb/message/admin_form.php | 1 | ||||
| -rw-r--r-- | phpBB/phpbb/session.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/symfony_request.php | 10 | ||||
| -rw-r--r-- | phpBB/phpbb/version_helper.php | 2 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 2 | ||||
| -rw-r--r-- | tests/functions/build_url_test.php | 6 | ||||
| -rw-r--r-- | tests/security/extract_current_page_test.php | 28 |
14 files changed, 105 insertions, 31 deletions
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 48c34ecfe6..31cf43e599 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -1608,8 +1608,8 @@ function phpbb_show_profile($data, $user_notes_enabled = false, $warn_user_enabl 'U_EMAIL' => $email, 'U_JABBER' => ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $user_id) : '', - 'USER_JABBER' => $data['user_jabber'], - 'USER_JABBER_IMG' => ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', + 'USER_JABBER' => ($config['jab_enable']) ? $data['user_jabber'] : '', + 'USER_JABBER_IMG' => ($config['jab_enable'] && $data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '', 'L_SEND_EMAIL_USER' => $user->lang('SEND_EMAIL_USER', $username), 'L_CONTACT_USER' => $user->lang('CONTACT_USER', $username), diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index b2dc962f57..888c2e6825 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -197,7 +197,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id); } - if ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) + if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) { $u_jabber = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id); } diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 4f31178ffb..5a5be6f761 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -681,7 +681,7 @@ switch ($mode) 'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '', 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_id}&hash=" . generate_link_hash('switchperm')) : '', - 'U_EDIT_SELF' => ($user_id == $user->data['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_profile&mode=profile_info') : '', + 'U_EDIT_SELF' => ($user_id == $user->data['user_id'] && $auth->acl_get('u_chgprofileinfo')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_profile&mode=profile_info') : '', 'S_USER_NOTES' => ($user_notes_enabled) ? true : false, 'S_WARN_USER' => ($warn_user_enabled) ? true : false, diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 9137a77210..aa5bf64335 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -137,7 +137,7 @@ class apache extends \phpbb\auth\provider\base return array( 'status' => LOGIN_SUCCESS_CREATE_PROFILE, 'error_msg' => false, - 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), + 'user_row' => $this->user_row($php_auth_user, $php_auth_pw), ); } @@ -185,7 +185,7 @@ class apache extends \phpbb\auth\provider\base } // create the user if he does not exist yet - user_add(user_row_apache($php_auth_user, $php_auth_pw)); + user_add($this->user_row($php_auth_user, $php_auth_pw)); $sql = 'SELECT * FROM ' . USERS_TABLE . " diff --git a/phpBB/phpbb/db/migration/data/v31x/m_softdelete_global.php b/phpBB/phpbb/db/migration/data/v31x/m_softdelete_global.php new file mode 100644 index 0000000000..dd7e20e762 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/m_softdelete_global.php @@ -0,0 +1,31 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class m_softdelete_global extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array('\phpbb\db\migration\data\v31x\v311'); + } + + public function update_data() + { + return array( + // Make m_softdelete global. The add method will take care of updating + // it if it already exists. + array('permission.add', array('m_softdelete', true)), + ); + } +} diff --git a/phpBB/phpbb/db/migrator.php b/phpBB/phpbb/db/migrator.php index 621a808a03..d03496eae3 100644 --- a/phpBB/phpbb/db/migrator.php +++ b/phpBB/phpbb/db/migrator.php @@ -59,6 +59,13 @@ class migrator protected $migrations = array(); /** + * Array of migrations that have been determined to be fulfillable + * + * @var array + */ + protected $fulfillable_migrations = array(); + + /** * 'name,' 'class,' and 'state' of the last migration run * * 'effectively_installed' set and set to true if the migration was effectively_installed @@ -653,7 +660,7 @@ class migrator */ public function unfulfillable($name) { - if (isset($this->migration_state[$name])) + if (isset($this->migration_state[$name]) || isset($this->fulfillable_migrations[$name])) { return false; } @@ -674,6 +681,7 @@ class migrator return $unfulfillable; } } + $this->fulfillable_migrations[$name] = true; return false; } diff --git a/phpBB/phpbb/di/extension/config.php b/phpBB/phpbb/di/extension/config.php index 27ebc94bae..7984a783df 100644 --- a/phpBB/phpbb/di/extension/config.php +++ b/phpBB/phpbb/di/extension/config.php @@ -39,16 +39,24 @@ class config extends Extension */ public function load(array $config, ContainerBuilder $container) { - $container->setParameter('core.adm_relative_path', ($this->config_php->get('phpbb_adm_relative_path') ? $this->config_php->get('phpbb_adm_relative_path') : 'adm/')); - $container->setParameter('core.table_prefix', $this->config_php->get('table_prefix')); - $container->setParameter('cache.driver.class', $this->convert_30_acm_type($this->config_php->get('acm_type'))); - $container->setParameter('dbal.driver.class', $this->config_php->convert_30_dbms_to_31($this->config_php->get('dbms'))); - $container->setParameter('dbal.dbhost', $this->config_php->get('dbhost')); - $container->setParameter('dbal.dbuser', $this->config_php->get('dbuser')); - $container->setParameter('dbal.dbpasswd', $this->config_php->get('dbpasswd')); - $container->setParameter('dbal.dbname', $this->config_php->get('dbname')); - $container->setParameter('dbal.dbport', $this->config_php->get('dbport')); - $container->setParameter('dbal.new_link', defined('PHPBB_DB_NEW_LINK') && PHPBB_DB_NEW_LINK); + $parameters = array( + 'core.adm_relative_path' => $this->config_php->get('phpbb_adm_relative_path') ? $this->config_php->get('phpbb_adm_relative_path') : 'adm/', + 'core.table_prefix' => $this->config_php->get('table_prefix'), + 'cache.driver.class' => $this->convert_30_acm_type($this->config_php->get('acm_type')), + 'dbal.driver.class' => $this->config_php->convert_30_dbms_to_31($this->config_php->get('dbms')), + 'dbal.dbhost' => $this->config_php->get('dbhost'), + 'dbal.dbuser' => $this->config_php->get('dbuser'), + 'dbal.dbpasswd' => $this->config_php->get('dbpasswd'), + 'dbal.dbname' => $this->config_php->get('dbname'), + 'dbal.dbport' => $this->config_php->get('dbport'), + 'dbal.new_link' => defined('PHPBB_DB_NEW_LINK') && PHPBB_DB_NEW_LINK, + ); + $parameter_bag = $container->getParameterBag(); + + foreach ($parameters as $parameter => $value) + { + $container->setParameter($parameter, $parameter_bag->escapeValue($value)); + } } /** diff --git a/phpBB/phpbb/message/admin_form.php b/phpBB/phpbb/message/admin_form.php index 93db59880c..96b8d3499e 100644 --- a/phpBB/phpbb/message/admin_form.php +++ b/phpBB/phpbb/message/admin_form.php @@ -178,6 +178,7 @@ class admin_form extends form 'S_CONTACT_ADMIN' => true, 'S_CONTACT_FORM' => $this->config['contact_admin_form_enable'], 'S_IS_REGISTERED' => $this->user->data['is_registered'], + 'S_POST_ACTION' => append_sid($this->phpbb_root_path . 'memberlist.' . $this->phpEx, 'mode=contactadmin'), 'CONTACT_INFO' => $l_admin_info, 'MESSAGE' => $this->body, diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 14b4c63207..a06ff9c594 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -43,7 +43,7 @@ class session // First of all, get the request uri... $script_name = $symfony_request->getScriptName(); - $args = explode('&', $symfony_request->getQueryString()); + $args = explode('&', $symfony_request->getQueryString()); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) @@ -61,8 +61,8 @@ class session // Since some browser do not encode correctly we need to do this with some "special" characters... // " -> %22, ' => %27, < -> %3C, > -> %3E - $find = array('"', "'", '<', '>'); - $replace = array('%22', '%27', '%3C', '%3E'); + $find = array('"', "'", '<', '>', '"', '<', '>'); + $replace = array('%22', '%27', '%3C', '%3E', '%22', '%3C', '%3E'); foreach ($args as $key => $argument) { diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php index ad949a35f2..02d22c480f 100644 --- a/phpBB/phpbb/symfony_request.php +++ b/phpBB/phpbb/symfony_request.php @@ -30,6 +30,12 @@ class symfony_request extends Request $type_cast_helper->set_var($value, $value, gettype($value), true); }; + // This function is meant for additional handling of server variables + $server_sanitizer = function(&$value, $key) use ($sanitizer) { + $sanitizer($value, $key); + $value = str_replace('&', '&', $value); + }; + $get_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::GET); $post_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::POST); $server_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::SERVER); @@ -38,10 +44,12 @@ class symfony_request extends Request array_walk_recursive($get_parameters, $sanitizer); array_walk_recursive($post_parameters, $sanitizer); - array_walk_recursive($server_parameters, $sanitizer); array_walk_recursive($files_parameters, $sanitizer); array_walk_recursive($cookie_parameters, $sanitizer); + // Run special sanitizer for server superglobal + array_walk_recursive($server_parameters, $server_sanitizer); + parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); } } diff --git a/phpBB/phpbb/version_helper.php b/phpBB/phpbb/version_helper.php index 96386f6d04..c3c3602944 100644 --- a/phpBB/phpbb/version_helper.php +++ b/phpBB/phpbb/version_helper.php @@ -271,7 +271,7 @@ class version_helper { foreach ($branches as $branch => $branch_data) { - $info[$stability][$branch]['announcement'] = str_replace('&', '&', $branch_data['announcement']); + $info[$stability][$branch]['announcement'] = (!empty($branch_data['announcement'])) ? str_replace('&', '&', $branch_data['announcement']) : ''; } } diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 7bedcdfb49..30beea337a 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -1247,7 +1247,7 @@ while ($row = $db->sql_fetchrow($result)) 'contact_user' => $user->lang('CONTACT_USER', get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['username'])), 'online' => false, - 'jabber' => ($row['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&action=jabber&u=$poster_id") : '', + 'jabber' => ($config['jab_enable'] && $row['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&action=jabber&u=$poster_id") : '', 'search' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$poster_id&sr=posts") : '', 'author_full' => get_username_string('full', $poster_id, $row['username'], $row['user_colour']), diff --git a/tests/functions/build_url_test.php b/tests/functions/build_url_test.php index 06415a424e..5cfd1300de 100644 --- a/tests/functions/build_url_test.php +++ b/tests/functions/build_url_test.php @@ -69,6 +69,11 @@ class phpbb_build_url_test extends phpbb_test_case array('f', 'style', 't'), 'http://test.phpbb.com/viewtopic.php?', ), + array( + 'posting.php?f=2&mode=delete&p=20%22%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E', + false, + 'phpBB/posting.php?f=2&mode=delete&p=20%22%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E', + ) ); } @@ -80,6 +85,7 @@ class phpbb_build_url_test extends phpbb_test_case global $user, $phpbb_root_path; $user->page['page'] = $page; + $output = build_url($strip_vars); $this->assertEquals($expected, $output); diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php index 58dea68dc8..c127b69b2b 100644 --- a/tests/security/extract_current_page_test.php +++ b/tests/security/extract_current_page_test.php @@ -37,16 +37,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($url)); + ->will($this->returnValue($this->sanitizer($url))); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($query_string)); + ->will($this->returnValue($this->sanitizer($query_string))); $symfony_request->expects($this->any()) ->method('getBasePath') ->will($this->returnValue($server['REQUEST_URI'])); - $symfony_request->expects($this->any()) + $symfony_request->expects($this->sanitizer($this->any())) ->method('getPathInfo') - ->will($this->returnValue('/')); + ->will($this->returnValue($this->sanitizer('/'))); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.'; @@ -65,20 +65,32 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($url)); + ->will($this->returnValue($this->sanitizer($url))); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($query_string)); + ->will($this->returnValue($this->sanitizer($query_string))); $symfony_request->expects($this->any()) ->method('getBasePath') - ->will($this->returnValue($server['REQUEST_URI'])); + ->will($this->returnValue($this->sanitizer($server['REQUEST_URI']))); $symfony_request->expects($this->any()) ->method('getPathInfo') - ->will($this->returnValue('/')); + ->will($this->returnValue($this->sanitizer('/'))); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.'; $this->assertEquals($expected, $result['query_string'], $label); } + + protected function sanitizer($value) + { + // Fix for objects passed in phpunit + if (is_object($value)) + { + return $value; + } + $type_cast_helper = new \phpbb\request\type_cast_helper(); + $type_cast_helper->set_var($value, $value, gettype($value), true); + return str_replace('&', '&', $value); + } } |