diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/config/services.yml | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/path_helper.php | 54 |
2 files changed, 54 insertions, 2 deletions
diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index 72eeae9b15..a7addf510b 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -299,6 +299,8 @@ services: arguments: - @symfony_request - @filesystem + - @request + - @config - %core.root_path% - %core.php_ext% - %core.adm_relative_path% diff --git a/phpBB/phpbb/path_helper.php b/phpBB/phpbb/path_helper.php index b592cc4460..b157c5930a 100644 --- a/phpBB/phpbb/path_helper.php +++ b/phpBB/phpbb/path_helper.php @@ -24,6 +24,12 @@ class path_helper /** @var \phpbb\filesystem */ protected $filesystem; + /** @var \phpbb\request\request */ + protected $request; + + /** @var \phpbb\config\config */ + protected $config; + /** @var string */ protected $phpbb_root_path; @@ -41,13 +47,17 @@ class path_helper * * @param \phpbb\symfony_request $symfony_request * @param \phpbb\filesystem $filesystem + * @param \phpbb\request\request $request + * @param \phpbb\config\config $config * @param string $phpbb_root_path Relative path to phpBB root * @param string $php_ext PHP extension (php) */ - public function __construct(\phpbb\symfony_request $symfony_request, \phpbb\filesystem $filesystem, $phpbb_root_path, $php_ext, $adm_relative_path = null) + public function __construct(\phpbb\symfony_request $symfony_request, \phpbb\filesystem $filesystem, \phpbb\request\request $request, \phpbb\config\config $config, $phpbb_root_path, $php_ext, $adm_relative_path = null) { $this->symfony_request = $symfony_request; $this->filesystem = $filesystem; + $this->request = $request; + $this->config = $config; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; $this->adm_relative_path = $adm_relative_path; @@ -170,7 +180,47 @@ class path_helper return $this->web_root_path = $this->phpbb_root_path; } - // How many corrections might we need? + /* + * Check AJAX request + */ + if ($this->request->is_ajax()) + { + // Check referer + $referer = strtolower($this->request->header('Referer')); + + // Count chars + $chars = strlen($this->config['server_name'] . $this->config['script_path']) - 1; + + /* + * Return string without server name and script path + * e.g. 'http://localhost/phpBB/app.php', where server name is 'localhost' + * and script path is '/phpBB', will be cut to '/app.php' + */ + $ref = substr(strstr($referer, strtolower($this->config['server_name'] . $this->config['script_path'])), $chars); + + // How many slashes does the referer used? + $count_slashes = substr_count($ref, '/'); + + /* + * If the shorten referer has only 1 slash, + * return default path + */ + if ($count_slashes == 1) + { + return $this->web_root_path = $this->phpbb_root_path; + } + /* + * Otherwise we are on routed page so we must correct the relative path + * for web URLs. We must append ../ to the end of the root path + * as many times as / exists in shorten referer less one time + */ + else + { + return $this->web_root_path = $this->phpbb_root_path . str_repeat('../', $count_slashes - 1); + } + } + + // How many corrections might we need? $corrections = substr_count($path_info, '/'); /* |