diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-07-08 17:53:32 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-07-08 17:53:32 +0200 |
| commit | e3e236da72f9bb8985fcecc25758c98559f76179 (patch) | |
| tree | db19ca49520a40964decf7f02781256c0a8f4e5e /phpBB | |
| parent | 633a5177915682492f90499ebb53fc0d87c15785 (diff) | |
| download | forums-e3e236da72f9bb8985fcecc25758c98559f76179.tar forums-e3e236da72f9bb8985fcecc25758c98559f76179.tar.gz forums-e3e236da72f9bb8985fcecc25758c98559f76179.tar.bz2 forums-e3e236da72f9bb8985fcecc25758c98559f76179.tar.xz forums-e3e236da72f9bb8985fcecc25758c98559f76179.zip | |
[ticket/12834] Correctly match directories in session page
Also clean path before working with it
PHPBB3-12834
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/config/services.yml | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/viewonline_helper.php | 19 |
2 files changed, 20 insertions, 1 deletions
diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index 735a49c99b..0862650011 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -362,3 +362,5 @@ services: viewonline_helper: class: phpbb\viewonline_helper + arguments: + - @filesystem diff --git a/phpBB/phpbb/viewonline_helper.php b/phpBB/phpbb/viewonline_helper.php index 3fc33119a3..b722f9d911 100644 --- a/phpBB/phpbb/viewonline_helper.php +++ b/phpBB/phpbb/viewonline_helper.php @@ -18,6 +18,17 @@ namespace phpbb; */ class viewonline_helper { + /** @var \phpbb\filesystem */ + protected $filesystem; + + /** + * @param \phpbb\filesystem $filesystem + */ + public function __construct(\phpbb\filesystem $filesystem) + { + $this->filesystem = $filesystem; + } + /** * Get user page * @@ -26,7 +37,13 @@ class viewonline_helper */ public function get_user_page($session_page) { - preg_match('#^([./\\]*+[a-z0-9/_-]+)#i', $session_page, $on_page); + $session_page = $this->filesystem->clean_path($session_page); + if (strpos($session_page, './') === 0) + { + $session_page = substr($session_page, 2); + } + + preg_match('#^((\.\./)*([a-z0-9/_-]+))#i', $session_page, $on_page); if (empty($on_page)) { $on_page[1] = ''; |