aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/common.php8
-rw-r--r--phpBB/includes/bbcode.php26
-rw-r--r--phpBB/includes/constants.php16
-rw-r--r--phpBB/includes/functions.php6
-rw-r--r--phpBB/includes/functions_display.php2
-rw-r--r--phpBB/includes/message_parser.php26
-rw-r--r--phpBB/language/en/common.php2
-rw-r--r--phpBB/phpbb/auth/provider/oauth/oauth.php8
-rw-r--r--phpBB/phpbb/request/request.php4
-rw-r--r--phpBB/viewforum.php11
-rw-r--r--tests/request/request_test.php106
11 files changed, 176 insertions, 39 deletions
diff --git a/phpBB/common.php b/phpBB/common.php
index 48bd13e80d..31972fe521 100644
--- a/phpBB/common.php
+++ b/phpBB/common.php
@@ -43,7 +43,13 @@ if (!defined('PHPBB_INSTALLED'))
// available as used by the redirect function
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
- $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
+ $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 1 : 0;
+
+ if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+ {
+ $secure = 1;
+ $server_port = 443;
+ }
$script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
if (!$script_name)
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index 5fb8304b9a..e8969e552e 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -219,7 +219,7 @@ class bbcode
{
switch ($bbcode_id)
{
- case 0:
+ case BBCODE_ID_QUOTE:
$this->bbcode_cache[$bbcode_id] = array(
'str' => array(
'[/quote:$uid]' => $this->bbcode_tpl('quote_close', $bbcode_id)
@@ -232,7 +232,7 @@ class bbcode
);
break;
- case 1:
+ case BBCODE_ID_B:
$this->bbcode_cache[$bbcode_id] = array(
'str' => array(
'[b:$uid]' => $this->bbcode_tpl('b_open', $bbcode_id),
@@ -241,7 +241,7 @@ class bbcode
);
break;
- case 2:
+ case BBCODE_ID_I:
$this->bbcode_cache[$bbcode_id] = array(
'str' => array(
'[i:$uid]' => $this->bbcode_tpl('i_open', $bbcode_id),
@@ -250,7 +250,7 @@ class bbcode
);
break;
- case 3:
+ case BBCODE_ID_URL:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'#\[url:$uid\]((.*?))\[/url:$uid\]#s' => $this->bbcode_tpl('url', $bbcode_id),
@@ -259,7 +259,7 @@ class bbcode
);
break;
- case 4:
+ case BBCODE_ID_IMG:
if ($user->optionget('viewimg'))
{
$this->bbcode_cache[$bbcode_id] = array(
@@ -278,7 +278,7 @@ class bbcode
}
break;
- case 5:
+ case BBCODE_ID_SIZE:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'#\[size=([\-\+]?\d+):$uid\](.*?)\[/size:$uid\]#s' => $this->bbcode_tpl('size', $bbcode_id),
@@ -286,7 +286,7 @@ class bbcode
);
break;
- case 6:
+ case BBCODE_ID_COLOR:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+):$uid\](.*?)\[/color:$uid\]!is' => $this->bbcode_tpl('color', $bbcode_id),
@@ -294,7 +294,7 @@ class bbcode
);
break;
- case 7:
+ case BBCODE_ID_U:
$this->bbcode_cache[$bbcode_id] = array(
'str' => array(
'[u:$uid]' => $this->bbcode_tpl('u_open', $bbcode_id),
@@ -303,7 +303,7 @@ class bbcode
);
break;
- case 8:
+ case BBCODE_ID_CODE:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#is' => function ($match) {
@@ -313,7 +313,7 @@ class bbcode
);
break;
- case 9:
+ case BBCODE_ID_LIST:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'#(\[\/?(list|\*):[mou]?:?$uid\])[\n]{1}#' => "\$1",
@@ -333,7 +333,7 @@ class bbcode
);
break;
- case 10:
+ case BBCODE_ID_EMAIL:
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array(
'#\[email:$uid\]((.*?))\[/email:$uid\]#is' => $this->bbcode_tpl('email', $bbcode_id),
@@ -342,7 +342,7 @@ class bbcode
);
break;
- case 11:
+ case BBCODE_ID_FLASH:
if ($user->optionget('viewflash'))
{
$this->bbcode_cache[$bbcode_id] = array(
@@ -361,7 +361,7 @@ class bbcode
}
break;
- case 12:
+ case BBCODE_ID_ATTACH:
$this->bbcode_cache[$bbcode_id] = array(
'str' => array(
'[/attachment:$uid]' => $this->bbcode_tpl('inline_attachment_close', $bbcode_id)
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index 3a186fd892..b3792dd8b9 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -182,6 +182,22 @@ define('BBCODE_UID_LEN', 8);
// Number of core BBCodes
define('NUM_CORE_BBCODES', 12);
+define('NUM_PREDEFINED_BBCODES', 22);
+
+// BBCode IDs
+define('BBCODE_ID_QUOTE', 0);
+define('BBCODE_ID_B', 1);
+define('BBCODE_ID_I', 2);
+define('BBCODE_ID_URL', 3);
+define('BBCODE_ID_IMG', 4);
+define('BBCODE_ID_SIZE', 5);
+define('BBCODE_ID_COLOR', 6);
+define('BBCODE_ID_U', 7);
+define('BBCODE_ID_CODE', 8);
+define('BBCODE_ID_LIST', 9);
+define('BBCODE_ID_EMAIL', 10);
+define('BBCODE_ID_FLASH', 11);
+define('BBCODE_ID_ATTACH', 12);
// BBCode hard limit
define('BBCODE_LIMIT', 1511);
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 10788d0d6a..497403b1e5 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1648,6 +1648,12 @@ function generate_board_url($without_script_path = false)
$server_name = $user->host;
$server_port = $request->server('SERVER_PORT', 0);
+ $forwarded_proto = $request->server('HTTP_X_FORWARDED_PROTO');
+
+ if (!empty($forwarded_proto) && $forwarded_proto === 'https')
+ {
+ $server_port = 443;
+ }
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index afda10ebee..4726676e2d 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -1076,7 +1076,7 @@ function display_custom_bbcodes()
global $db, $template, $user, $phpbb_dispatcher;
// Start counting from 22 for the bbcode ids (every bbcode takes two ids - opening/closing)
- $num_predefined_bbcodes = 22;
+ $num_predefined_bbcodes = NUM_PREDEFINED_BBCODES;
$sql_ary = array(
'SELECT' => 'b.bbcode_id, b.bbcode_tag, b.bbcode_helpline',
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 97e0dd9f0d..258837e4e2 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -141,67 +141,67 @@ class bbcode_firstpass extends bbcode
// To perform custom validation in extension, use $this->validate_bbcode_by_extension()
// method which accepts variable number of parameters
$this->bbcodes = array(
- 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) use($bbcode_class)
+ 'code' => array('bbcode_id' => BBCODE_ID_CODE, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_code($match[1], $match[2]);
}
)),
- 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) use($bbcode_class)
+ 'quote' => array('bbcode_id' => BBCODE_ID_QUOTE, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_quote($match[0]);
}
)),
- 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) use($bbcode_class)
+ 'attachment' => array('bbcode_id' => BBCODE_ID_ATTACH, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_attachment($match[1], $match[2]);
}
)),
- 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) use($bbcode_class)
+ 'b' => array('bbcode_id' => BBCODE_ID_B, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_strong($match[1]);
}
)),
- 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) use($bbcode_class)
+ 'i' => array('bbcode_id' => BBCODE_ID_I, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_italic($match[1]);
}
)),
- 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) use($bbcode_class)
+ 'url' => array('bbcode_id' => BBCODE_ID_URL, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) use($bbcode_class)
{
return $bbcode_class->validate_url($match[2], ($match[3]) ? $match[3] : $match[4]);
}
)),
- 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) use($bbcode_class)
+ 'img' => array('bbcode_id' => BBCODE_ID_IMG, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_img($match[1]);
}
)),
- 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) use($bbcode_class)
+ 'size' => array('bbcode_id' => BBCODE_ID_SIZE, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_size($match[1], $match[2]);
}
)),
- 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) use($bbcode_class)
+ 'color' => array('bbcode_id' => BBCODE_ID_COLOR, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_color($match[1], $match[2]);
}
)),
- 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) use($bbcode_class)
+ 'u' => array('bbcode_id' => BBCODE_ID_U, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_underline($match[1]);
}
)),
- 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) use($bbcode_class)
+ 'list' => array('bbcode_id' => BBCODE_ID_LIST, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_parse_list($match[0]);
}
)),
- 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) use($bbcode_class)
+ 'email' => array('bbcode_id' => BBCODE_ID_EMAIL, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) use($bbcode_class)
{
return $bbcode_class->validate_email($match[1], $match[2]);
}
)),
- 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) use($bbcode_class)
+ 'flash' => array('bbcode_id' => BBCODE_ID_FLASH, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) use($bbcode_class)
{
return $bbcode_class->bbcode_flash($match[1], $match[2], $match[3]);
}
diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php
index 3bd5eea354..f501dc074d 100644
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@@ -677,7 +677,7 @@ $lang = array_merge($lang, array(
'SEARCH_POSTS_BY' => 'Search posts by',
'SEARCH_SELF' => 'Your posts',
'SEARCH_TOPIC' => 'Search this topic…',
- 'SEARCH_UNANSWERED' => 'Unanswered posts',
+ 'SEARCH_UNANSWERED' => 'Unanswered topics',
'SEARCH_UNREAD' => 'Unread posts',
'SEARCH_USER_POSTS' => 'Search user’s posts',
'SECONDS' => 'Seconds',
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php
index bfeac2dd32..dd7736db4e 100644
--- a/phpBB/phpbb/auth/provider/oauth/oauth.php
+++ b/phpBB/phpbb/auth/provider/oauth/oauth.php
@@ -280,7 +280,13 @@ class oauth extends \phpbb\auth\provider\base
}
$uri_factory = new \OAuth\Common\Http\Uri\UriFactory();
- $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(\phpbb\request\request_interface::SERVER));
+ $super_globals = $this->request->get_super_global(\phpbb\request\request_interface::SERVER);
+ if (!empty($super_globals['HTTP_X_FORWARDED_PROTO']) && $super_globals['HTTP_X_FORWARDED_PROTO'] === 'https')
+ {
+ $super_globals['HTTPS'] = 'on';
+ $super_globals['SERVER_PORT'] = 443;
+ }
+ $current_uri = $uri_factory->createFromSuperGlobalArray($super_globals);
$current_uri->setQuery($query);
$this->current_uri = $current_uri;
diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php
index 56ce3999ed..4cac6fbaea 100644
--- a/phpBB/phpbb/request/request.php
+++ b/phpBB/phpbb/request/request.php
@@ -325,7 +325,9 @@ class request implements \phpbb\request\request_interface
*/
public function is_secure()
{
- return $this->server('HTTPS') == 'on';
+ $https = $this->server('HTTPS');
+ $https = $this->server('HTTP_X_FORWARDED_PROTO') === 'https' ? 'on' : $https;
+ return !empty($https) && $https !== 'off';
}
/**
diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php
index a2ab4d56f5..7db5b8759c 100644
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@@ -427,15 +427,16 @@ $sql_array = array(
* @event core.viewforum_get_topic_data
* @var array forum_data Array with forum data
* @var array sql_array The SQL array to get the data of all topics
-* @var array forum_id The forum_id whose topics are being listed
-* @var array topics_count The total number of topics for display
-* @var array sort_days The oldest topic displayable in elapsed days
-* @var array sort_key The sorting by. It is one of the first character of (in low case):
+* @var int forum_id The forum_id whose topics are being listed
+* @var int topics_count The total number of topics for display
+* @var int sort_days The oldest topic displayable in elapsed days
+* @var string sort_key The sorting by. It is one of the first character of (in low case):
* Author, Post time, Replies, Subject, Views
-* @var array sort_dir Either "a" for ascending or "d" for descending
+* @var string sort_dir Either "a" for ascending or "d" for descending
* @since 3.1.0-a1
* @change 3.1.0-RC4 Added forum_data var
* @change 3.1.4-RC1 Added forum_id, topics_count, sort_days, sort_key and sort_dir vars
+* @change 3.1.9-RC1 Fix types of properties
*/
$vars = array(
'forum_data',
diff --git a/tests/request/request_test.php b/tests/request/request_test.php
index 131abe6aac..ebaea1f9ef 100644
--- a/tests/request/request_test.php
+++ b/tests/request/request_test.php
@@ -13,7 +13,10 @@
class phpbb_request_test extends phpbb_test_case
{
+ /** @var \phpbb\request\type_cast_helper_interface */
private $type_cast_helper;
+
+ /** @var \phpbb\request\request */
private $request;
protected function setUp()
@@ -143,15 +146,112 @@ class phpbb_request_test extends phpbb_test_case
$this->assertTrue($this->request->is_ajax());
}
- public function test_is_secure()
+ public function data_is_secure()
+ {
+ return array(
+ array(
+ array(
+ 'HTTPS' => 'on',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => '1',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'yes',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 1,
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'off',
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTPS' => '0',
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTPS' => 0,
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTPS' => '',
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'off',
+ 'HTTP_X_FORWARDED_PROTO' => 'https',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'on',
+ 'HTTP_X_FORWARDED_PROTO' => 'http',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'off',
+ 'HTTP_X_FORWARDED_PROTO' => 'http',
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTP_X_FORWARDED_PROTO' => 'http',
+ ),
+ false,
+ ),
+ array(
+ array(
+ 'HTTP_X_FORWARDED_PROTO' => 'https',
+ ),
+ true,
+ ),
+ array(
+ array(
+ 'HTTPS' => 'on',
+ 'HTTP_X_FORWARDED_PROTO' => 'http',
+ ),
+ true,
+ ),
+ );
+ }
+
+ /**
+ * @dataProvider data_is_secure
+ */
+ public function test_is_secure($server_data, $expected)
{
$this->assertFalse($this->request->is_secure());
$this->request->enable_super_globals();
- $_SERVER['HTTPS'] = 'on';
+ $_SERVER = $server_data;
$this->request = new \phpbb\request\request($this->type_cast_helper);
- $this->assertTrue($this->request->is_secure());
+ $this->assertSame($expected, $this->request->is_secure());
}
public function test_variable_names()
generated by cgit v1.2.1 (git 2.21.0) at 2025-09-03 20:00:50 +0000