diff options
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/filesystem.php | 117 | ||||
| -rw-r--r-- | phpBB/phpbb/symfony_request.php | 46 |
2 files changed, 163 insertions, 0 deletions
diff --git a/phpBB/phpbb/filesystem.php b/phpBB/phpbb/filesystem.php index 27cab48fb0..e6c36375af 100644 --- a/phpBB/phpbb/filesystem.php +++ b/phpBB/phpbb/filesystem.php @@ -6,6 +6,7 @@ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ + /** * @ignore */ @@ -20,6 +21,122 @@ if (!defined('IN_PHPBB')) */ class phpbb_filesystem { + /** @var phpbb_symfony_request */ + protected $symfony_request; + + /** @var string */ + protected $phpbb_root_path; + + /** @var string */ + protected $web_root_path; + + /** + * Constructor + * + * @param phpbb_symfony_request $symfony_request + * @param string $phpbb_root_path + */ + public function __construct(phpbb_symfony_request $symfony_request, $phpbb_root_path) + { + $this->symfony_request = $symfony_request; + $this->phpbb_root_path = $phpbb_root_path; + } + + /** + * Get the phpBB root path + * + * @return string + */ + public function get_phpbb_root_path() + { + return $this->phpbb_root_path; + } + + /** + * Update a path to the correct relative root path + * + * This replaces $phpbb_root_path . some_url with + * get_web_root_path() . some_url OR if $phpbb_root_path + * is not at the beginning of $path, just prepends the + * web root path + * + * @param string $path The path to be updated + * @return string + */ + public function update_web_root_path($path) + { + $web_root_path = $this->get_web_root_path($this->symfony_request); + + if (strpos($path, $this->phpbb_root_path) === 0) + { + $path = substr($path, strlen($this->phpbb_root_path)); + } + + return $web_root_path . $path; + } + + /** + * Get a relative root path from the current URL + * + * @return string + */ + public function get_web_root_path() + { + if ($this->symfony_request === null) + { + return $this->phpbb_root_path; + } + + if (null !== $this->web_root_path) + { + return $this->web_root_path; + } + + // Path info (e.g. /foo/bar) + $path_info = $this->clean_path($this->symfony_request->getPathInfo()); + + // Full request URI (e.g. phpBB/app.php/foo/bar) + $request_uri = $this->symfony_request->getRequestUri(); + + // Script name URI (e.g. phpBB/app.php) + $script_name = $this->symfony_request->getScriptName(); + + /* + * If the path info is empty (single /), then we're not using + * a route like app.php/foo/bar + */ + if ($path_info === '/') + { + return $this->web_root_path = $this->phpbb_root_path; + } + + // How many corrections might we need? + $corrections = substr_count($path_info, '/'); + + /* + * If the script name (e.g. phpBB/app.php) exists in the + * requestUri (e.g. phpBB/app.php/foo/template), then we + * are have a non-rewritten URL. + */ + if (strpos($request_uri, $script_name) === 0) + { + /* + * Append ../ to the end of the phpbb_root_path as many times + * as / exists in path_info + */ + return $this->web_root_path = $this->phpbb_root_path . str_repeat('../', $corrections); + } + + /* + * If we're here it means we're at a re-written path, so we must + * correct the relative path for web URLs. We must append ../ + * to the end of the root path as many times as / exists in path_info + * less one time (because the script, e.g. /app.php, doesn't exist in + * the URL) + */ + return $this->web_root_path = $this->phpbb_root_path . str_repeat('../', $corrections - 1); + } + /** * Eliminates useless . and .. components from specified path. * diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php new file mode 100644 index 0000000000..29ab8c000e --- /dev/null +++ b/phpBB/phpbb/symfony_request.php @@ -0,0 +1,46 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2013 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +use Symfony\Component\HttpFoundation\Request; + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +class phpbb_symfony_request extends Request +{ + /** + * Constructor + * + * @param phpbb_request_interface $phpbb_request + */ + public function __construct(phpbb_request_interface $phpbb_request) + { + // This function is meant to sanitize the global input arrays + $sanitizer = function(&$value, $key) { + $type_cast_helper = new phpbb_request_type_cast_helper(); + $type_cast_helper->set_var($value, $value, gettype($value), true); + }; + + $get_parameters = $phpbb_request->get_super_global(phpbb_request_interface::GET); + $post_parameters = $phpbb_request->get_super_global(phpbb_request_interface::POST); + $server_parameters = $phpbb_request->get_super_global(phpbb_request_interface::SERVER); + $files_parameters = $phpbb_request->get_super_global(phpbb_request_interface::FILES); + $cookie_parameters = $phpbb_request->get_super_global(phpbb_request_interface::COOKIE); + + array_walk_recursive($get_parameters, $sanitizer); + array_walk_recursive($post_parameters, $sanitizer); + + parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); + } +} |