diff options
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 391 |
1 files changed, 39 insertions, 352 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index c9f589c174..9759eabb5a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -52,18 +52,6 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path) } /** -* Casts a variable to the given type. -* -* @deprecated -*/ -function set_var(&$result, $var, $type, $multibyte = false) -{ - // no need for dependency injection here, if you have the object, call the method yourself! - $type_cast_helper = new \phpbb\request\type_cast_helper(); - $type_cast_helper->set_var($result, $var, $type, $multibyte); -} - -/** * Generates an alphanumeric random string of given length * * @param int $num_chars Length of random string, defaults to 8. @@ -276,18 +264,6 @@ function still_on_time($extra_time = 15) } /** -* Hashes an email address to a big integer -* -* @param string $email Email address -* -* @return string Unsigned Big Integer -*/ -function phpbb_email_hash($email) -{ - return sprintf('%u', crc32(strtolower($email))) . strlen($email); -} - -/** * Wrapper for version_compare() that allows using uppercase A and B * for alpha and beta releases. * @@ -2288,6 +2264,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $err = ''; $form_name = 'login'; + $username = $autologin = false; // Make sure user->setup() has been called if (!$user->is_setup()) @@ -2528,11 +2505,14 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields = build_hidden_fields($s_hidden_fields); + /** @var \phpbb\controller\helper $controller_helper */ + $controller_helper = $phpbb_container->get('controller.helper'); + $login_box_template_data = array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, - 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '', + 'U_SEND_PASSWORD' => ($config['email_enable']) ? $controller_helper->route('phpbb_ucp_forgot_password_controller') : '', 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), 'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'), @@ -2860,10 +2840,13 @@ function get_preg_expression($mode) // Whoa these look impressive! // The code to generate the following two regular expressions which match valid IPv4/IPv6 addresses // can be found in the develop directory + + // @deprecated case 'ipv4': return '#^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$#'; break; + // @deprecated case 'ipv6': return '#^(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))$#i'; break; @@ -2989,331 +2972,26 @@ function short_ipv6($ip, $length) * @return mixed false if specified address is not valid, * string otherwise */ -function phpbb_ip_normalise($address) +function phpbb_ip_normalise(string $address) { - $address = trim($address); + $ip_normalised = false; - if (empty($address) || !is_string($address)) + if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { - return false; + $ip_normalised = $address; } - - if (preg_match(get_preg_expression('ipv4'), $address)) + else if (filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - return $address; - } - - return phpbb_inet_ntop(phpbb_inet_pton($address)); -} + $ip_normalised = inet_ntop(inet_pton($address)); -/** -* Wrapper for inet_ntop() -* -* Converts a packed internet address to a human readable representation -* inet_ntop() is supported by PHP since 5.1.0, since 5.3.0 also on Windows. -* -* @param string $in_addr A 32bit IPv4, or 128bit IPv6 address. -* -* @return mixed false on failure, -* string otherwise -*/ -function phpbb_inet_ntop($in_addr) -{ - $in_addr = bin2hex($in_addr); - - switch (strlen($in_addr)) - { - case 8: - return implode('.', array_map('hexdec', str_split($in_addr, 2))); - - case 32: - if (substr($in_addr, 0, 24) === '00000000000000000000ffff') - { - return phpbb_inet_ntop(pack('H*', substr($in_addr, 24))); - } - - $parts = str_split($in_addr, 4); - $parts = preg_replace('/^0+(?!$)/', '', $parts); - $ret = implode(':', $parts); - - $matches = array(); - preg_match_all('/(?<=:|^)(?::?0){2,}/', $ret, $matches, PREG_OFFSET_CAPTURE); - $matches = $matches[0]; - - if (empty($matches)) - { - return $ret; - } - - $longest_match = ''; - $longest_match_offset = 0; - foreach ($matches as $match) - { - if (strlen($match[0]) > strlen($longest_match)) - { - $longest_match = $match[0]; - $longest_match_offset = $match[1]; - } - } - - $ret = substr_replace($ret, '', $longest_match_offset, strlen($longest_match)); - - if ($longest_match_offset == strlen($ret)) - { - $ret .= ':'; - } - - if ($longest_match_offset == 0) - { - $ret = ':' . $ret; - } - - return $ret; - - default: - return false; - } -} - -/** -* Wrapper for inet_pton() -* -* Converts a human readable IP address to its packed in_addr representation -* inet_pton() is supported by PHP since 5.1.0, since 5.3.0 also on Windows. -* -* @param string $address A human readable IPv4 or IPv6 address. -* -* @return mixed false if address is invalid, -* in_addr representation of the given address otherwise (string) -*/ -function phpbb_inet_pton($address) -{ - $ret = ''; - if (preg_match(get_preg_expression('ipv4'), $address)) - { - foreach (explode('.', $address) as $part) - { - $ret .= ($part <= 0xF ? '0' : '') . dechex($part); - } - - return pack('H*', $ret); - } - - if (preg_match(get_preg_expression('ipv6'), $address)) - { - $parts = explode(':', $address); - $missing_parts = 8 - count($parts) + 1; - - if (substr($address, 0, 2) === '::') - { - ++$missing_parts; - } - - if (substr($address, -2) === '::') - { - ++$missing_parts; - } - - $embedded_ipv4 = false; - $last_part = end($parts); - - if (preg_match(get_preg_expression('ipv4'), $last_part)) + // If is ipv4 + if (stripos($ip_normalised, '::ffff:') === 0) { - $parts[count($parts) - 1] = ''; - $last_part = phpbb_inet_pton($last_part); - $embedded_ipv4 = true; - --$missing_parts; + $ip_normalised = substr($ip_normalised, 7); } - - foreach ($parts as $i => $part) - { - if (strlen($part)) - { - $ret .= str_pad($part, 4, '0', STR_PAD_LEFT); - } - else if ($i && $i < count($parts) - 1) - { - $ret .= str_repeat('0000', $missing_parts); - } - } - - $ret = pack('H*', $ret); - - if ($embedded_ipv4) - { - $ret .= $last_part; - } - - return $ret; } - return false; -} - -/** -* Wrapper for php's checkdnsrr function. -* -* @param string $host Fully-Qualified Domain Name -* @param string $type Resource record type to lookup -* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME -* Other types may work or may not work -* -* @return mixed true if entry found, -* false if entry not found, -* null if this function is not supported by this environment -* -* Since null can also be returned, you probably want to compare the result -* with === true or === false, -*/ -function phpbb_checkdnsrr($host, $type = 'MX') -{ - // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain) - if (substr($host, -1) == '.') - { - $host_fqdn = $host; - $host = substr($host, 0, -1); - } - else - { - $host_fqdn = $host . '.'; - } - // $host has format some.host.example.com - // $host_fqdn has format some.host.example.com. - - // If we're looking for an A record we can use gethostbyname() - if ($type == 'A' && function_exists('gethostbyname')) - { - return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true; - } - - if (function_exists('checkdnsrr')) - { - return checkdnsrr($host_fqdn, $type); - } - - if (function_exists('dns_get_record')) - { - // dns_get_record() expects an integer as second parameter - // We have to convert the string $type to the corresponding integer constant. - $type_constant = 'DNS_' . $type; - $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY; - - // dns_get_record() might throw E_WARNING and return false for records that do not exist - $resultset = @dns_get_record($host_fqdn, $type_param); - - if (empty($resultset) || !is_array($resultset)) - { - return false; - } - else if ($type_param == DNS_ANY) - { - // $resultset is a non-empty array - return true; - } - - foreach ($resultset as $result) - { - if ( - isset($result['host']) && $result['host'] == $host && - isset($result['type']) && $result['type'] == $type - ) - { - return true; - } - } - - return false; - } - - // If we're on Windows we can still try to call nslookup via exec() as a last resort - if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec')) - { - @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output); - - // If output is empty, the nslookup failed - if (empty($output)) - { - return NULL; - } - - foreach ($output as $line) - { - $line = trim($line); - - if (empty($line)) - { - continue; - } - - // Squash tabs and multiple whitespaces to a single whitespace. - $line = preg_replace('/\s+/', ' ', $line); - - switch ($type) - { - case 'MX': - if (stripos($line, "$host MX") === 0) - { - return true; - } - break; - - case 'NS': - if (stripos($line, "$host nameserver") === 0) - { - return true; - } - break; - - case 'TXT': - if (stripos($line, "$host text") === 0) - { - return true; - } - break; - - case 'CNAME': - if (stripos($line, "$host canonical name") === 0) - { - return true; - } - break; - - default: - case 'AAAA': - // AAAA records returned by nslookup on Windows XP/2003 have this format. - // Later Windows versions use the A record format below for AAAA records. - if (stripos($line, "$host AAAA IPv6 address") === 0) - { - return true; - } - // No break - - case 'A': - if (!empty($host_matches)) - { - // Second line - if (stripos($line, "Address: ") === 0) - { - return true; - } - else - { - $host_matches = false; - } - } - else if (stripos($line, "Name: $host") === 0) - { - // First line - $host_matches = true; - } - break; - } - } - - return false; - } - - return NULL; + return $ip_normalised; } // Handler, header and footer @@ -3325,6 +3003,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) { global $cache, $db, $auth, $template, $config, $user, $request; global $phpbb_root_path, $msg_title, $msg_long_text, $phpbb_log; + global $phpbb_container; // Do not display notices if we suppress them via @ if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) @@ -3345,7 +3024,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) // Check the error reporting level and return if the error level does not match // If DEBUG is defined the default level is E_ALL - if (($errno & ((defined('DEBUG')) ? E_ALL : error_reporting())) == 0) + if (($errno & ($phpbb_container->getParameter('debug.show_errors') ? E_ALL : error_reporting())) == 0) { return; } @@ -3403,7 +3082,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace; } - if (defined('IN_INSTALL') || defined('DEBUG') || isset($auth) && $auth->acl_get('a_')) + if (defined('IN_INSTALL') || ($phpbb_container != null && $phpbb_container->getParameter('debug.show_errors')) || isset($auth) && $auth->acl_get('a_')) { $msg_text = $log_text; @@ -4291,7 +3970,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id = } else { - $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'); + $redirect = $request->variable('redirect', rawurlencode($user->page['page'])); + $u_login_logout = append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login&redirect=' . $redirect); $l_login_logout = $user->lang['LOGIN']; } @@ -4439,7 +4119,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = /** * Workaround for missing template variable in pre phpBB 3.2.6 styles. - * @deprecated 3.2.7 (To be removed: 3.3.0-a1) + * @deprecated 3.2.7 (To be removed: 4.0.0-a1) */ $form_token_login = $template->retrieve_var('S_FORM_TOKEN_LOGIN'); if (!empty($form_token_login)) @@ -4566,7 +4246,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'T_STYLESHEET_LINK' => "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/stylesheet.css?assets_version=' . $config['assets_version'], 'T_STYLESHEET_LANG_LINK'=> "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme/' . $user->lang_name . '/stylesheet.css?assets_version=' . $config['assets_version'], 'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$web_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'], - 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery.min.js?assets_version=" . $config['assets_version'], + 'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$web_path}assets/javascript/jquery-3.4.1.min.js?assets_version=" . $config['assets_version'], 'S_ALLOW_CDN' => !empty($config['allow_cdn']), 'S_COOKIE_NOTICE' => !empty($config['cookie_notice']), @@ -4638,7 +4318,9 @@ function page_header($page_title = '', $display_online_list = false, $item_id = */ function phpbb_check_and_display_sql_report(\phpbb\request\request_interface $request, \phpbb\auth\auth $auth, \phpbb\db\driver\driver_interface $db) { - if ($request->variable('explain', false) && $auth->acl_get('a_') && defined('DEBUG')) + global $phpbb_container; + + if ($phpbb_container->getParameter('debug.sql_explain') && $request->variable('explain', false) && $auth->acl_get('a_')) { $db->sql_report('display'); } @@ -4656,19 +4338,22 @@ function phpbb_check_and_display_sql_report(\phpbb\request\request_interface $re */ function phpbb_generate_debug_output(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\auth\auth $auth, \phpbb\user $user, \phpbb\event\dispatcher_interface $phpbb_dispatcher) { + global $phpbb_container; + $debug_info = array(); // Output page creation time - if (defined('PHPBB_DISPLAY_LOAD_TIME')) + if ($phpbb_container->getParameter('debug.load_time')) { if (isset($GLOBALS['starttime'])) { $totaltime = microtime(true) - $GLOBALS['starttime']; $debug_info[] = sprintf('<span title="SQL time: %.3fs / PHP time: %.3fs">Time: %.3fs</span>', $db->get_sql_time(), ($totaltime - $db->get_sql_time()), $totaltime); } + } - $debug_info[] = sprintf('<span title="Cached: %d">Queries: %d</span>', $db->sql_num_queries(true), $db->sql_num_queries()); - + if ($phpbb_container->getParameter('debug.memory')) + { $memory_usage = memory_get_peak_usage(); if ($memory_usage) { @@ -4676,16 +4361,18 @@ function phpbb_generate_debug_output(\phpbb\db\driver\driver_interface $db, \php $debug_info[] = 'Peak Memory Usage: ' . $memory_usage; } - } - if (defined('DEBUG')) - { $debug_info[] = 'GZIP: ' . (($config['gzip_compress'] && @extension_loaded('zlib')) ? 'On' : 'Off'); if ($user->load) { $debug_info[] = 'Load: ' . $user->load; } + } + + if ($phpbb_container->getParameter('debug.sql_explain')) + { + $debug_info[] = sprintf('<span title="Cached: %d">Queries: %d</span>', $db->sql_num_queries(true), $db->sql_num_queries()); if ($auth->acl_get('a_')) { |