Merge PR #993 branch 'bantu/ticket/8713' into develop

* bantu/ticket/8713: [ticket/8713] Update untrimmed_variable() doc block. [ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users. [ticket/8713] Trim password in auth_db to keep compatibility. [ticket/8713] Call htmlspecialchars_decode() on transfer (e.g. ftp) passwords. [ticket/8713] Rename untrimed_variable() to untrimmed_variable(). [ticket/8713] DRY: variable() and untrimed_variable() into a protected method. [ticket/8713] Fix type_cast_helper.php doc blocks: Add punctuation etc. [ticket/8713] Always trim array keys. [ticket/8713] Add simple (non-nested) test case for untrimmed set_var(). [ticket/8713] Use \t in double quotes instead of tabs. [ticket/8713] Use correct parameter for nested data. [ticket/8713] Adjust test method name to other recursive_set_var() tests. [ticket/8713] Do not trim login inputs
author: Oleg Pudeyev <oleg@bsdpower.com> 2012-10-10 00:03:13 -0400
committer: Oleg Pudeyev <oleg@bsdpower.com> 2012-10-10 00:03:13 -0400
commit: cc5923ea43f84d584fc4d69ba5302b439e00c828 (patch)
tree: 6201d5ebb611a08c7b77e9c60fadd1060df243b7 /phpBB/includes/acp
parent: 74e41e79d1a82389da7ea000550ff1100da2059d (diff)
parent: 238fab3bb908013fb0d7c95278b0a2a3b7fa5bae (diff)
download: forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar
forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.gz
forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.bz2
forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.xz
forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.zip
2 files changed, 27 insertions, 6 deletions
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php
index 2b19f93c75..2be1ccfc41 100644
--- a/phpBB/includes/acp/acp_language.php
+++ b/phpBB/includes/acp/acp_language.php
@@ -100,11 +100,25 @@ class acp_language
 			switch ($method)
 			{
 				case 'ftp':
-					$transfer = new ftp(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
+					$transfer = new ftp(
+						request_var('host', ''),
+						request_var('username', ''),
+						htmlspecialchars_decode($request->untrimmed_variable('password', '')),
+						request_var('root_path', ''),
+						request_var('port', ''),
+						request_var('timeout', '')
+					);
 				break;
 
 				case 'ftp_fsock':
-					$transfer = new ftp_fsock(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
+					$transfer = new ftp_fsock(
+						request_var('host', ''),
+						request_var('username', ''),
+						htmlspecialchars_decode($request->untrimmed_variable('password', '')),
+						request_var('root_path', ''),
+						request_var('port', ''),
+						request_var('timeout', '')
+					);
 				break;
 
 				default:
@@ -404,7 +418,14 @@ class acp_language
 						trigger_error($user->lang['INVALID_UPLOAD_METHOD'], E_USER_ERROR);
 					}
 
-					$transfer = new $method(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
+					$transfer = new $method(
+						request_var('host', ''),
+						request_var('username', ''),
+						htmlspecialchars_decode($request->untrimmed_variable('password', '')),
+						request_var('root_path', ''),
+						request_var('port', ''),
+						request_var('timeout', '')
+					);
 
 					if (($result = $transfer->open_session()) !== true)
 					{
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index b54257b04a..985a12d9ce 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -32,7 +32,7 @@ class acp_users
 	{
 		global $config, $db, $user, $auth, $template, $cache;
 		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
-		global $phpbb_dispatcher;
+		global $phpbb_dispatcher, $request;
 
 		$user->add_lang(array('posting', 'ucp', 'acp/users'));
 		$this->tpl_name = 'acp_users';
@@ -770,8 +770,8 @@ class acp_users
 						'username'			=> utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
 						'user_founder'		=> request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
 						'email'				=> strtolower(request_var('user_email', $user_row['user_email'])),
-						'new_password'		=> request_var('new_password', '', true),
-						'password_confirm'	=> request_var('password_confirm', '', true),
+						'new_password'		=> $request->variable('new_password', '', true),
+						'password_confirm'	=> $request->variable('password_confirm', '', true),
 					);
 
 					// Validation data - we do not check the password complexity setting here
author	Oleg Pudeyev <oleg@bsdpower.com>	2012-10-10 00:03:13 -0400
committer	Oleg Pudeyev <oleg@bsdpower.com>	2012-10-10 00:03:13 -0400
commit	cc5923ea43f84d584fc4d69ba5302b439e00c828 (patch)
tree	6201d5ebb611a08c7b77e9c60fadd1060df243b7 /phpBB/includes/acp
parent	74e41e79d1a82389da7ea000550ff1100da2059d (diff)
parent	238fab3bb908013fb0d7c95278b0a2a3b7fa5bae (diff)
download	forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.gz forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.bz2 forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.xz forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.zip