aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/auth/auth_apache.php12
-rw-r--r--phpBB/includes/functions.php7
-rw-r--r--phpBB/includes/functions_download.php2
-rw-r--r--phpBB/includes/functions_messenger.php2
-rw-r--r--phpBB/includes/questionnaire/questionnaire.php4
-rw-r--r--phpBB/includes/session.php16
6 files changed, 22 insertions, 21 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php
index ff07936b36..9089703035 100644
--- a/phpBB/includes/auth/auth_apache.php
+++ b/phpBB/includes/auth/auth_apache.php
@@ -30,7 +30,7 @@ function init_apache()
{
global $user, $request;
- if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== $request->server('PHP_AUTH_USER'))
+ if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER')))
{
return $user->lang['APACHE_SETUP_BEFORE_USE'];
}
@@ -72,8 +72,8 @@ function login_apache(&$username, &$password)
);
}
- $php_auth_user = $request->server('PHP_AUTH_USER');
- $php_auth_pw = $request->server('PHP_AUTH_PW');
+ $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER'));
+ $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW'));
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
@@ -143,8 +143,8 @@ function autologin_apache()
return array();
}
- $php_auth_user = $request->server('PHP_AUTH_USER');
- $php_auth_pw = $request->server('PHP_AUTH_PW');
+ $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER'));
+ $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW'));
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
@@ -233,7 +233,7 @@ function validate_session_apache(&$user)
// Check if PHP_AUTH_USER is set and handle this case
if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER))
{
- $php_auth_user = $request->server('PHP_AUTH_USER', '', true);
+ $php_auth_user = $request->server('PHP_AUTH_USER');
return ($php_auth_user === $user['username']) ? true : false;
}
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index ea96801129..b0c89bdceb 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -879,7 +879,8 @@ function phpbb_own_realpath($path)
{
// Warning: If chdir() has been used this will lie!
// Warning: This has some problems sometime (CLI can create them easily)
- $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($request->server('SCRIPT_FILENAME'))) . '/' . $path;
+ $filename = htmlspecialchars_decode($request->server('SCRIPT_FILENAME'));
+ $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($filename)) . '/' . $path;
$absolute = true;
$path_prefix = '';
}
@@ -4242,7 +4243,7 @@ function phpbb_http_login($param)
{
if ($request->is_set($k, phpbb_request_interface::SERVER))
{
- $username = $request->server($k);
+ $username = htmlspecialchars_decode($request->server($k));
break;
}
}
@@ -4252,7 +4253,7 @@ function phpbb_http_login($param)
{
if ($request->is_set($k, phpbb_request_interface::SERVER))
{
- $password = $request->server($k);
+ $password = htmlspecialchars_decode($request->server($k));
break;
}
}
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index bcb360cac7..b4664d74cb 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -301,7 +301,7 @@ function download_allowed()
return true;
}
- $url = trim($request->header('Referer'));
+ $url = htmlspecialchars_decode($request->header('Referer'));
if (!$url)
{
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index a9241884bb..1866733545 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -342,7 +342,7 @@ class messenger
$user->session_begin();
}
- $calling_page = $request->server('PHP_SELF');
+ $calling_page = htmlspecialchars_decode($request->server('PHP_SELF'));
$message = '';
switch ($type)
diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php
index ed61cf82d0..fa12d570df 100644
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@@ -152,11 +152,11 @@ class phpbb_questionnaire_system_data_provider
// Start discovering the IPV4 server address, if available
// Try apache, IIS, fall back to 0.0.0.0
- $server_address = $request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0'));
+ $server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')));
return array(
'os' => PHP_OS,
- 'httpd' => $request->server('SERVER_SOFTWARE'),
+ 'httpd' => htmlspecialchars_decode($request->server('SERVER_SOFTWARE')),
// we don't want the real IP address (for privacy policy reasons) but only
// a network address to see whether your installation is running on a private or public network.
'private_ip' => $this->is_private_ip($server_address),
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 9faf9eee60..84ad98d31f 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -46,13 +46,13 @@ class session
$page_array = array();
// First of all, get the request uri...
- $script_name = $request->server('PHP_SELF');
- $args = explode('&', $request->server('QUERY_STRING'));
+ $script_name = htmlspecialchars_decode($request->server('PHP_SELF'));
+ $args = explode('&', htmlspecialchars_decode($request->server('QUERY_STRING')));
// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
if (!$script_name)
{
- $script_name = $request->server('REQUEST_URI');
+ $script_name = htmlspecialchars_decode($request->server('REQUEST_URI'));
$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
$page_array['failover'] = 1;
}
@@ -146,7 +146,7 @@ class session
global $config, $request;
// Get hostname
- $host = $request->header('Host', $request->server('SERVER_NAME'));
+ $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')));
// Should be a string and lowered
$host = (string) strtolower($host);
@@ -214,9 +214,9 @@ class session
$this->time_now = time();
$this->cookie_data = array('u' => 0, 'k' => '');
$this->update_session_page = $update_session_page;
- $this->browser = $request->header('User-Agent', '', true);
- $this->referer = $request->header('Referer', '', true);
- $this->forwarded_for = $request->header('X-Forwarded-For', '', true);
+ $this->browser = $request->header('User-Agent');
+ $this->referer = $request->header('Referer');
+ $this->forwarded_for = $request->header('X-Forwarded-For');
$this->host = $this->extract_current_hostname();
$this->page = $this->extract_current_page($phpbb_root_path);
@@ -270,7 +270,7 @@ class session
// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.
- $this->ip = $request->server('REMOTE_ADDR');
+ $this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));
$this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip));
// split the list of IPs
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-15 20:34:15 +0000