diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2008-06-09 17:10:59 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2008-06-09 17:10:59 +0000 |
| commit | e199f55ba2d3fcac361b2a546ed86061423cb990 (patch) | |
| tree | 72771e6066c481e949d654f384019c3838062e38 /phpBB/includes | |
| parent | d7a217c28cbe4a91cecbb0b0e329402527463ca8 (diff) | |
| download | forums-e199f55ba2d3fcac361b2a546ed86061423cb990.tar forums-e199f55ba2d3fcac361b2a546ed86061423cb990.tar.gz forums-e199f55ba2d3fcac361b2a546ed86061423cb990.tar.bz2 forums-e199f55ba2d3fcac361b2a546ed86061423cb990.tar.xz forums-e199f55ba2d3fcac361b2a546ed86061423cb990.zip | |
#27395
git-svn-id: file:///svn/phpbb/trunk@8637 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/functions.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 3e1b3cf903..bdc081c593 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1722,7 +1722,7 @@ function generate_board_url($without_script_path = false) if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80))) { - // HTTP HOST can carry a port number... + // HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true) if (strpos($server_name, ':') === false) { $url .= ':' . $server_port; diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 05c9aa8de8..a3a3a60061 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -160,6 +160,13 @@ class session $this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; $this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + + // Since HTTP_HOST may carry a port definition, we need to remove it here... + if (strpos($this->host, ':') !== false) + { + $this->host = substr($this->host, 0, strpos($this->host, ':')); + } + $this->page = self::extract_current_page(PHPBB_ROOT_PATH); // if the forwarded for header shall be checked we have to validate its contents @@ -1300,8 +1307,10 @@ class session { return true; } + $host = htmlspecialchars($this->host); $ref = substr($this->referer, strpos($this->referer, '://') + 3); + if (!(stripos($ref , $host) === 0)) { return false; @@ -1310,15 +1319,18 @@ class session { $ref = substr($ref, strlen($host)); $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0) { $ref = substr($ref, strlen(":$server_port")); } + if (!(stripos(rtrim($ref, '/'), rtrim($this->page['root_script_path'], '/')) === 0)) { return false; } } + return true; } |