aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb')
-rw-r--r--phpBB/phpbb/db/migration/data/v310/rc6.php31
-rw-r--r--phpBB/phpbb/event/php_exporter.php14
-rw-r--r--phpBB/phpbb/passwords/driver/bcrypt.php2
-rw-r--r--phpBB/phpbb/passwords/driver/bcrypt_wcf2.php2
-rw-r--r--phpBB/phpbb/passwords/driver/helper.php20
-rw-r--r--phpBB/phpbb/passwords/driver/md5_mybb.php2
-rw-r--r--phpBB/phpbb/passwords/driver/md5_phpbb2.php9
-rw-r--r--phpBB/phpbb/passwords/driver/md5_vb.php2
-rw-r--r--phpBB/phpbb/passwords/driver/salted_md5.php2
-rw-r--r--phpBB/phpbb/passwords/driver/sha1.php2
-rw-r--r--phpBB/phpbb/passwords/driver/sha1_smf.php2
-rw-r--r--phpBB/phpbb/passwords/driver/sha1_wcf1.php2
-rw-r--r--phpBB/phpbb/passwords/driver/sha_xf1.php4
-rw-r--r--phpBB/phpbb/search/fulltext_sphinx.php5
-rw-r--r--phpBB/phpbb/session.php55
15 files changed, 107 insertions, 47 deletions
diff --git a/phpBB/phpbb/db/migration/data/v310/rc6.php b/phpBB/phpbb/db/migration/data/v310/rc6.php
new file mode 100644
index 0000000000..b84f2edcc9
--- /dev/null
+++ b/phpBB/phpbb/db/migration/data/v310/rc6.php
@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v310;
+
+class rc6 extends \phpbb\db\migration\migration
+{
+ static public function depends_on()
+ {
+ return array(
+ '\phpbb\db\migration\data\v310\rc5',
+ );
+ }
+
+ public function update_data()
+ {
+ return array(
+ array('config.update', array('version', '3.1.0-RC6')),
+ );
+ }
+}
diff --git a/phpBB/phpbb/event/php_exporter.php b/phpBB/phpbb/event/php_exporter.php
index badbbb48fd..35144eeeec 100644
--- a/phpBB/phpbb/event/php_exporter.php
+++ b/phpBB/phpbb/event/php_exporter.php
@@ -253,7 +253,7 @@ class php_exporter
public function get_event_name($event_line, $is_dispatch)
{
$event_text_line = $this->file_lines[$event_line];
- $event_text_line = ltrim($event_text_line, "\t");
+ $event_text_line = ltrim($event_text_line, "\t ");
if ($is_dispatch)
{
@@ -389,7 +389,7 @@ class php_exporter
$found_comment_end = false;
while (ltrim($this->file_lines[$this->current_event_line - $current_doc_line], "\t") !== '/**')
{
- if (ltrim($this->file_lines[$this->current_event_line - $current_doc_line], "\t") === '*/')
+ if (ltrim($this->file_lines[$this->current_event_line - $current_doc_line], "\t ") === '*/')
{
$found_comment_end = true;
}
@@ -471,7 +471,7 @@ class php_exporter
{
$find_tag_line = 0;
$found_comment_end = false;
- while (strpos(ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t"), '* @' . $find_tag . ' ') !== 0)
+ while (strpos(ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t "), '* @' . $find_tag . ' ') !== 0)
{
if ($found_comment_end && ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t") === '/**')
{
@@ -482,7 +482,7 @@ class php_exporter
foreach ($disallowed_tags as $disallowed_tag)
{
- if ($found_comment_end && strpos(ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t"), '* @' . $disallowed_tag) === 0)
+ if ($found_comment_end && strpos(ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t "), '* @' . $disallowed_tag) === 0)
{
// Found @var after the @since
throw new \LogicException("Found '@{$disallowed_tag}' information after '@{$find_tag}' for event "
@@ -490,7 +490,7 @@ class php_exporter
}
}
- if (ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t") === '*/')
+ if (ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t ") === '*/')
{
$found_comment_end = true;
}
@@ -550,7 +550,7 @@ class php_exporter
public function validate_since($line)
{
$match = array();
- preg_match('#^\* @since (\d+\.\d+\.\d+(?:-(?:a|b|RC|pl)\d+)?)$#', ltrim($line, "\t"), $match);
+ preg_match('#^\* @since (\d+\.\d+\.\d+(?:-(?:a|b|RC|pl)\d+)?)$#', ltrim($line, "\t "), $match);
if (!isset($match[1]))
{
throw new \LogicException("Invalid '@since' information for event "
@@ -570,7 +570,7 @@ class php_exporter
*/
public function validate_event($event_name, $line)
{
- $event = substr(ltrim($line, "\t"), strlen('* @event '));
+ $event = substr(ltrim($line, "\t "), strlen('* @event '));
if ($event !== trim($event))
{
diff --git a/phpBB/phpbb/passwords/driver/bcrypt.php b/phpBB/phpbb/passwords/driver/bcrypt.php
index 23add37a56..eab1c3d569 100644
--- a/phpBB/phpbb/passwords/driver/bcrypt.php
+++ b/phpBB/phpbb/passwords/driver/bcrypt.php
@@ -68,7 +68,7 @@ class bcrypt extends base
return false;
}
- if ($hash == $this->hash($password, $salt))
+ if ($this->helper->string_compare($hash, $this->hash($password, $salt)))
{
return true;
}
diff --git a/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php
index 2d6f897a7b..0eee98d7b7 100644
--- a/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php
+++ b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php
@@ -78,7 +78,7 @@ class bcrypt_wcf2 extends base
return false;
}
// Works for standard WCF 2.x, i.e. WBB4 and similar
- return $hash === $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt);
+ return $this->helper->string_compare($hash, $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt));
}
}
}
diff --git a/phpBB/phpbb/passwords/driver/helper.php b/phpBB/phpbb/passwords/driver/helper.php
index 2b3ebce53a..caa65080ac 100644
--- a/phpBB/phpbb/passwords/driver/helper.php
+++ b/phpBB/phpbb/passwords/driver/helper.php
@@ -142,4 +142,24 @@ class helper
}
return $random;
}
+
+ /**
+ * Compare two strings byte by byte
+ *
+ * @param string $string_a The first string
+ * @param string $string_b The second string
+ *
+ * @return bool True if strings are the same, false if not
+ */
+ public function string_compare($string_a, $string_b)
+ {
+ $difference = strlen($string_a) != strlen($string_b);
+
+ for ($i = 0; $i < strlen($string_a) && $i < strlen($string_b); $i++)
+ {
+ $difference |= $string_a[$i] != $string_b[$i];
+ }
+
+ return $difference === 0;
+ }
}
diff --git a/phpBB/phpbb/passwords/driver/md5_mybb.php b/phpBB/phpbb/passwords/driver/md5_mybb.php
index 61ea8dafd8..f631ceae78 100644
--- a/phpBB/phpbb/passwords/driver/md5_mybb.php
+++ b/phpBB/phpbb/passwords/driver/md5_mybb.php
@@ -54,7 +54,7 @@ class md5_mybb extends base
else
{
// Works for myBB 1.1.x, 1.2.x, 1.4.x, 1.6.x
- return $hash === md5(md5($user_row['user_passwd_salt']) . md5($password));
+ return $this->helper->string_compare($hash, md5(md5($user_row['user_passwd_salt']) . md5($password)));
}
}
}
diff --git a/phpBB/phpbb/passwords/driver/md5_phpbb2.php b/phpBB/phpbb/passwords/driver/md5_phpbb2.php
index 86a4b62ea5..bd8cc51e5a 100644
--- a/phpBB/phpbb/passwords/driver/md5_phpbb2.php
+++ b/phpBB/phpbb/passwords/driver/md5_phpbb2.php
@@ -23,6 +23,9 @@ class md5_phpbb2 extends base
/** @var \phpbb\passwords\driver\salted_md5 */
protected $salted_md5;
+ /** @var \phpbb\passwords\driver\helper */
+ protected $helper;
+
/** @var string phpBB root path */
protected $phpbb_root_path;
@@ -34,13 +37,15 @@ class md5_phpbb2 extends base
*
* @param \phpbb\request\request $request phpBB request object
* @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver
+ * @param \phpbb\passwords\driver\helper $helper Driver helper
* @param string $phpbb_root_path phpBB root path
* @param string $php_ext PHP file extension
*/
- public function __construct($request, \phpbb\passwords\driver\salted_md5 $salted_md5, $phpbb_root_path, $php_ext)
+ public function __construct($request, salted_md5 $salted_md5, helper $helper, $phpbb_root_path, $php_ext)
{
$this->request = $request;
$this->salted_md5 = $salted_md5;
+ $this->helper = $helper;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
}
@@ -105,7 +110,7 @@ class md5_phpbb2 extends base
include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext);
}
- if (md5($password_old_format) === $hash || md5(\utf8_to_cp1252($password_old_format)) === $hash
+ if ($this->helper->string_compare(md5($password_old_format), $hash) || $this->helper->string_compare(md5(\utf8_to_cp1252($password_old_format)), $hash)
|| $this->salted_md5->check(md5($password_old_format), $hash) === true
|| $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true)
{
diff --git a/phpBB/phpbb/passwords/driver/md5_vb.php b/phpBB/phpbb/passwords/driver/md5_vb.php
index c83c32a596..280b7114c7 100644
--- a/phpBB/phpbb/passwords/driver/md5_vb.php
+++ b/phpBB/phpbb/passwords/driver/md5_vb.php
@@ -54,7 +54,7 @@ class md5_vb extends base
else
{
// Works for vB 3.8.x, 4.x.x, 5.0.x
- return $hash === md5(md5($password) . $user_row['user_passwd_salt']);
+ return $this->helper->string_compare($hash, md5(md5($password) . $user_row['user_passwd_salt']));
}
}
}
diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php
index 97a2b9154b..81ac010785 100644
--- a/phpBB/phpbb/passwords/driver/salted_md5.php
+++ b/phpBB/phpbb/passwords/driver/salted_md5.php
@@ -107,7 +107,7 @@ class salted_md5 extends base
return md5($password) === $hash;
}
- return $hash === $this->hash($password, $hash);
+ return $this->helper->string_compare($hash, $this->hash($password, $hash));
}
/**
diff --git a/phpBB/phpbb/passwords/driver/sha1.php b/phpBB/phpbb/passwords/driver/sha1.php
index 0852fd32fc..1abead42cd 100644
--- a/phpBB/phpbb/passwords/driver/sha1.php
+++ b/phpBB/phpbb/passwords/driver/sha1.php
@@ -47,6 +47,6 @@ class sha1 extends base
*/
public function check($password, $hash, $user_row = array())
{
- return (strlen($hash) == 40) ? $hash === sha1($password) : false;
+ return (strlen($hash) == 40) ? $this->helper->string_compare($hash, sha1($password)) : false;
}
}
diff --git a/phpBB/phpbb/passwords/driver/sha1_smf.php b/phpBB/phpbb/passwords/driver/sha1_smf.php
index ec64bd6afb..b30d87265e 100644
--- a/phpBB/phpbb/passwords/driver/sha1_smf.php
+++ b/phpBB/phpbb/passwords/driver/sha1_smf.php
@@ -46,6 +46,6 @@ class sha1_smf extends base
*/
public function check($password, $hash, $user_row = array())
{
- return (strlen($hash) == 40) ? $hash === $this->hash($password, $user_row) : false;
+ return (strlen($hash) == 40) ? $this->helper->string_compare($hash, $this->hash($password, $user_row)) : false;
}
}
diff --git a/phpBB/phpbb/passwords/driver/sha1_wcf1.php b/phpBB/phpbb/passwords/driver/sha1_wcf1.php
index 919fa2bb71..68006486c4 100644
--- a/phpBB/phpbb/passwords/driver/sha1_wcf1.php
+++ b/phpBB/phpbb/passwords/driver/sha1_wcf1.php
@@ -54,7 +54,7 @@ class sha1_wcf1 extends base
else
{
// Works for standard WCF 1.x, i.e. WBB3 and similar
- return $hash === sha1($user_row['user_passwd_salt'] . sha1($user_row['user_passwd_salt'] . sha1($password)));
+ return $this->helper->string_compare($hash, sha1($user_row['user_passwd_salt'] . sha1($user_row['user_passwd_salt'] . sha1($password))));
}
}
}
diff --git a/phpBB/phpbb/passwords/driver/sha_xf1.php b/phpBB/phpbb/passwords/driver/sha_xf1.php
index 7a1ea1450a..9d8f01796e 100644
--- a/phpBB/phpbb/passwords/driver/sha_xf1.php
+++ b/phpBB/phpbb/passwords/driver/sha_xf1.php
@@ -54,8 +54,8 @@ class sha_xf1 extends base
else
{
// Works for xenforo 1.0, 1.1
- if ($hash === sha1(sha1($password) . $user_row['user_passwd_salt'])
- || $hash === hash('sha256', hash('sha256', $password) . $user_row['user_passwd_salt']))
+ if ($this->helper->string_compare($hash, sha1(sha1($password) . $user_row['user_passwd_salt']))
+ || $this->helper->string_compare($hash, hash('sha256', hash('sha256', $password) . $user_row['user_passwd_salt'])))
{
return true;
}
diff --git a/phpBB/phpbb/search/fulltext_sphinx.php b/phpBB/phpbb/search/fulltext_sphinx.php
index 79d68d2ae1..eb53ca6d40 100644
--- a/phpBB/phpbb/search/fulltext_sphinx.php
+++ b/phpBB/phpbb/search/fulltext_sphinx.php
@@ -256,8 +256,8 @@ class fulltext_sphinx
array('type', $this->dbtype . ' # mysql or pgsql'),
// This config value sql_host needs to be changed incase sphinx and sql are on different servers
array('sql_host', $dbhost . ' # SQL server host sphinx connects to'),
- array('sql_user', $dbuser),
- array('sql_pass', $dbpasswd),
+ array('sql_user', '[dbuser]'),
+ array('sql_pass', '[dbpassword]'),
array('sql_db', $dbname),
array('sql_port', $dbport . ' # optional, default is 3306 for mysql and 5432 for pgsql'),
array('sql_query_pre', 'SET NAMES \'utf8\''),
@@ -715,6 +715,7 @@ class fulltext_sphinx
),
'ON' => 'p1.topic_id = p2.topic_id',
)),
+ 'WHERE' => 'p2.post_id = ' . ((int) $post_id),
);
$sql = $this->db->sql_build_query('SELECT', $sql_array);
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index da8b848fa5..cf8ea1877e 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -577,32 +577,7 @@ class session
}
}
- $provider_collection = $phpbb_container->get('auth.provider_collection');
- $provider = $provider_collection->get_provider();
- $this->data = $provider->autologin();
-
- if (sizeof($this->data))
- {
- $this->cookie_data['k'] = '';
- $this->cookie_data['u'] = $this->data['user_id'];
- }
-
- // If we're presented with an autologin key we'll join against it.
- // Else if we've been passed a user_id we'll grab data based on that
- if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
- {
- $sql = 'SELECT u.*
- FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
- WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
- AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
- AND k.user_id = u.user_id
- AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
- $result = $db->sql_query($sql);
- $this->data = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- $bot = false;
- }
- else if ($user_id !== false && !sizeof($this->data))
+ if ($user_id !== false && !sizeof($this->data))
{
$this->cookie_data['k'] = '';
$this->cookie_data['u'] = $user_id;
@@ -616,6 +591,34 @@ class session
$db->sql_freeresult($result);
$bot = false;
}
+ else if (!$bot)
+ {
+ $provider_collection = $phpbb_container->get('auth.provider_collection');
+ $provider = $provider_collection->get_provider();
+ $this->data = $provider->autologin();
+
+ if (sizeof($this->data))
+ {
+ $this->cookie_data['k'] = '';
+ $this->cookie_data['u'] = $this->data['user_id'];
+ }
+
+ // If we're presented with an autologin key we'll join against it.
+ // Else if we've been passed a user_id we'll grab data based on that
+ if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
+ {
+ $sql = 'SELECT u.*
+ FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
+ WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
+ AND k.user_id = u.user_id
+ AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
+ $result = $db->sql_query($sql);
+ $this->data = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
+ $bot = false;
+ }
+ }
// Bot user, if they have a SID in the Request URI we need to get rid of it
// otherwise they'll index this page with the SID, duplicate content oh my!
generated by cgit v1.2.1 (git 2.21.0) at 2025-09-01 19:35:16 +0000