diff options
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/avatar/driver/remote.php | 31 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v310/softdelete_p2.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v310/style_update_p2.php | 16 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migrator.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/di/extension/config.php | 2 |
5 files changed, 56 insertions, 5 deletions
diff --git a/phpBB/phpbb/avatar/driver/remote.php b/phpBB/phpbb/avatar/driver/remote.php index 12cbd883f4..22d50c703e 100644 --- a/phpBB/phpbb/avatar/driver/remote.php +++ b/phpBB/phpbb/avatar/driver/remote.php @@ -117,6 +117,37 @@ class remote extends \phpbb\avatar\driver\driver $types = \fileupload::image_types(); $extension = strtolower(\filespec::get_extension($url)); + // Check if this is actually an image + if ($file_stream = @fopen($url, 'r')) + { + // Timeout after 1 second + stream_set_timeout($file_stream, 1); + $meta = stream_get_meta_data($file_stream); + foreach ($meta['wrapper_data'] as $header) + { + $header = preg_split('/ /', $header, 2); + if (strtr(strtolower(trim($header[0], ':')), '_', '-') === 'content-type') + { + if (strpos($header[1], 'image/') !== 0) + { + $error[] = 'AVATAR_URL_INVALID'; + fclose($file_stream); + return false; + } + else + { + fclose($file_stream); + break; + } + } + } + } + else + { + $error[] = 'AVATAR_URL_INVALID'; + return false; + } + if (!empty($image_data) && (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]]))) { if (!isset($types[$image_data[2]])) diff --git a/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php b/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php index 0c32e474f4..38b190c766 100644 --- a/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php +++ b/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php @@ -34,7 +34,10 @@ class softdelete_p2 extends \phpbb\db\migration\migration ), 'drop_keys' => array( $this->table_prefix . 'posts' => array('post_approved'), - $this->table_prefix . 'topics' => array('forum_appr_last'), + $this->table_prefix . 'topics' => array( + 'forum_appr_last', + 'topic_approved', + ), ), ); } @@ -63,6 +66,7 @@ class softdelete_p2 extends \phpbb\db\migration\migration ), $this->table_prefix . 'topics' => array( 'forum_appr_last' => array('forum_id', 'topic_approved', 'topic_last_post_id'), + 'topic_approved' => array('topic_approved'), ), ), ); diff --git a/phpBB/phpbb/db/migration/data/v310/style_update_p2.php b/phpBB/phpbb/db/migration/data/v310/style_update_p2.php index c5b45d9dc9..40d6a4dbbd 100644 --- a/phpBB/phpbb/db/migration/data/v310/style_update_p2.php +++ b/phpBB/phpbb/db/migration/data/v310/style_update_p2.php @@ -24,6 +24,14 @@ class style_update_p2 extends \phpbb\db\migration\migration public function update_schema() { return array( + 'drop_keys' => array( + $this->table_prefix . 'styles' => array( + 'imageset_id', + 'template_id', + 'theme_id', + ), + ), + 'drop_columns' => array( $this->table_prefix . 'styles' => array( 'imageset_id', @@ -53,6 +61,14 @@ class style_update_p2 extends \phpbb\db\migration\migration ), ), + 'add_index' => array( + $this->table_prefix . 'styles' => array( + 'imageset_id' => array('imageset_id'), + 'template_id' => array('template_id'), + 'theme_id' => array('theme_id'), + ), + ), + 'add_tables' => array( $this->table_prefix . 'styles_imageset' => array( 'COLUMNS' => array( diff --git a/phpBB/phpbb/db/migrator.php b/phpBB/phpbb/db/migrator.php index 3b966b7fe3..8186493800 100644 --- a/phpBB/phpbb/db/migrator.php +++ b/phpBB/phpbb/db/migrator.php @@ -375,7 +375,7 @@ class migrator foreach ($steps as $step_identifier => $step) { - $last_result = false; + $last_result = 0; if ($state) { // Continue until we reach the step that matches the last step called @@ -436,7 +436,7 @@ class migrator * @param bool $reverse False to install, True to attempt uninstallation by reversing the call * @return null */ - protected function run_step($step, $last_result = false, $reverse = false) + protected function run_step($step, $last_result = 0, $reverse = false) { $callable_and_parameters = $this->get_callable_from_step($step, $last_result, $reverse); @@ -459,7 +459,7 @@ class migrator * @param bool $reverse False to install, True to attempt uninstallation by reversing the call * @return array Array with parameters for call_user_func_array(), 0 is the callable, 1 is parameters */ - protected function get_callable_from_step(array $step, $last_result = false, $reverse = false) + protected function get_callable_from_step(array $step, $last_result = 0, $reverse = false) { $type = $step[0]; $parameters = $step[1]; diff --git a/phpBB/phpbb/di/extension/config.php b/phpBB/phpbb/di/extension/config.php index 5fcb2d6f10..2603e7b358 100644 --- a/phpBB/phpbb/di/extension/config.php +++ b/phpBB/phpbb/di/extension/config.php @@ -70,7 +70,7 @@ class config extends Extension { if (preg_match('#^[a-z]+$#', $acm_type)) { - return '\\phpbb\cache\driver\\'.$acm_type; + return 'phpbb\\cache\\driver\\' . $acm_type; } return $acm_type; |