diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2016-11-24 22:22:38 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2016-11-24 22:22:38 +0100 |
| commit | 23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a (patch) | |
| tree | 280bb5bc2734b5a0976b7ceefac94bb0899a399a /phpBB/phpbb | |
| parent | 145ba85d981f6bb3b6ebba74bcefb879da62d932 (diff) | |
| download | forums-23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a.tar forums-23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a.tar.gz forums-23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a.tar.bz2 forums-23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a.tar.xz forums-23f5b6debdd24cc1caefd3bb8cd6da96a88abe9a.zip | |
[ticket/14875] Add method for untrimmed input to ajax iohandler
Due to the pre-encoded input and the escaping of the input, the
string has to be decoded twice for the password.
PHPBB3-14875
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php | 16 | ||||
| -rw-r--r-- | phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php | 11 |
2 files changed, 26 insertions, 1 deletions
diff --git a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php index c168d26425..591a19b7c1 100644 --- a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php +++ b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php @@ -121,6 +121,22 @@ class ajax_iohandler extends iohandler_base } /** + * Returns untrimmed input variable + * + * @param string $name Name of the input variable to obtain + * @param mixed $default A default value that is returned if the variable was not set. + * This function will always return a value of the same type as the default. + * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks + * + * @return mixed Value of the untrimmed input variable + */ + public function get_untrimmed_input($name, $default, $multibyte = false) + { + return $this->request->untrimmed_variable($name, $default, $multibyte); + } + + /** * {@inheritdoc} */ public function get_server_variable($name, $default = '') diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php index ce720dbf76..9019cf4332 100644 --- a/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php +++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_database_data.php @@ -79,10 +79,19 @@ class obtain_database_data extends \phpbb\install\task_base implements \phpbb\in $dbhost = $this->io_handler->get_input('dbhost', '', true); $dbport = $this->io_handler->get_input('dbport', ''); $dbuser = $this->io_handler->get_input('dbuser', ''); - $dbpasswd = $this->io_handler->get_input('dbpasswd', '', true); $dbname = $this->io_handler->get_input('dbname', ''); $table_prefix = $this->io_handler->get_input('table_prefix', ''); + // Need to get untrimmed password when using ajax IO handler + if ($this->io_handler instanceof \phpbb\install\helper\iohandler\ajax_iohandler) + { + $dbpasswd = htmlspecialchars_decode(htmlspecialchars_decode($this->io_handler->get_untrimmed_input('dbpasswd', '', true))); + } + else + { + $dbpasswd = $this->io_handler->get_input('dbpasswd', '', true); + } + // Check database data $user_data_vaild = $this->check_database_data($dbms, $dbhost, $dbport, $dbuser, $dbpasswd, $dbname, $table_prefix); |