diff options
| author | kasimi <mail@kasimi.net> | 2019-01-26 22:29:54 +0100 |
|---|---|---|
| committer | kasimi <mail@kasimi.net> | 2019-01-26 22:29:54 +0100 |
| commit | 75007697ae55632200eb7f2c6579026e23fe3d7d (patch) | |
| tree | f396379f789bb8adc869154b5c75aa270aab4dbe /phpBB/includes/mcp | |
| parent | 713c996a0839664570ba24940e6a039ceee654ff (diff) | |
| download | forums-75007697ae55632200eb7f2c6579026e23fe3d7d.tar forums-75007697ae55632200eb7f2c6579026e23fe3d7d.tar.gz forums-75007697ae55632200eb7f2c6579026e23fe3d7d.tar.bz2 forums-75007697ae55632200eb7f2c6579026e23fe3d7d.tar.xz forums-75007697ae55632200eb7f2c6579026e23fe3d7d.zip | |
[ticket/15954] Add safeguards to include() calls
PHPBB3-15954
Diffstat (limited to 'phpBB/includes/mcp')
| -rw-r--r-- | phpBB/includes/mcp/mcp_ban.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_front.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_main.php | 20 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_topic.php | 6 |
4 files changed, 29 insertions, 7 deletions
diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index b878b1af0a..8797f06db8 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -34,7 +34,10 @@ class mcp_ban } // Include the admin banning interface... - include($phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx); + if (!class_exists('acp_ban')) + { + include($phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx); + } $bansubmit = $request->is_set_post('bansubmit'); $unbansubmit = $request->is_set_post('unbansubmit'); diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index aeb716c1f9..918a98734b 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -290,7 +290,10 @@ function mcp_front_view($id, $mode, $action) if ($total) { - include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); + if (!function_exists('get_recipient_strings')) + { + include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); + } $sql_ary = array( 'SELECT' => 'r.report_id, r.report_time, p.msg_id, p.message_subject, p.message_time, p.to_address, p.bcc_address, p.message_attachment, u.username, u.username_clean, u.user_colour, u.user_id, u2.username as author_name, u2.username_clean as author_name_clean, u2.user_colour as author_colour, u2.user_id as author_id', diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index a4e3a74ba7..67ba4de334 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -174,7 +174,10 @@ class mcp_main switch ($mode) { case 'front': - include($phpbb_root_path . 'includes/mcp/mcp_front.' . $phpEx); + if (!function_exists('mcp_front_view')) + { + mcp_front_view($id, $mode, $action); + } $user->add_lang('acp/common'); @@ -185,7 +188,10 @@ class mcp_main break; case 'forum_view': - include($phpbb_root_path . 'includes/mcp/mcp_forum.' . $phpEx); + if (!function_exists('mcp_forum_view')) + { + include($phpbb_root_path . 'includes/mcp/mcp_forum.' . $phpEx); + } $user->add_lang('viewforum'); @@ -208,7 +214,10 @@ class mcp_main break; case 'topic_view': - include($phpbb_root_path . 'includes/mcp/mcp_topic.' . $phpEx); + if (!function_exists('mcp_topic_view')) + { + include($phpbb_root_path . 'includes/mcp/mcp_topic.' . $phpEx); + } mcp_topic_view($id, $mode, $action); @@ -217,7 +226,10 @@ class mcp_main break; case 'post_details': - include($phpbb_root_path . 'includes/mcp/mcp_post.' . $phpEx); + if (!function_exists('mcp_post_details')) + { + include($phpbb_root_path . 'includes/mcp/mcp_post.' . $phpEx); + } mcp_post_details($id, $mode, $action); diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 9c63245982..68a65aafdd 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -93,7 +93,11 @@ function mcp_topic_view($id, $mode, $action) // Restore or pprove posts? if (($action == 'restore' || $action == 'approve') && $auth->acl_get('m_approve', $topic_info['forum_id'])) { - include($phpbb_root_path . 'includes/mcp/mcp_queue.' . $phpEx); + if (!class_exists('mcp_queue')) + { + include($phpbb_root_path . 'includes/mcp/mcp_queue.' . $phpEx); + } + include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); |