diff options
| author | Nils Adermann <naderman@naderman.de> | 2015-01-21 01:05:13 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2015-01-21 01:05:13 +0100 |
| commit | eaeb88133f1f028fa06f0ebe5639668436fd469e (patch) | |
| tree | 3d69a230cfc20414a88c154fc97d0031c224ca71 /phpBB | |
| parent | d17904884ea27905d85c8cdc395821ade7079fa2 (diff) | |
| parent | e34b92882a51dc89da88464b8c751a9d93a03124 (diff) | |
| download | forums-eaeb88133f1f028fa06f0ebe5639668436fd469e.tar forums-eaeb88133f1f028fa06f0ebe5639668436fd469e.tar.gz forums-eaeb88133f1f028fa06f0ebe5639668436fd469e.tar.bz2 forums-eaeb88133f1f028fa06f0ebe5639668436fd469e.tar.xz forums-eaeb88133f1f028fa06f0ebe5639668436fd469e.zip | |
Merge pull request #3316 from bantu/ticket/13531
[ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO).
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/startup.php | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php index 2f3b1c5324..92639fc5bd 100644 --- a/phpBB/includes/startup.php +++ b/phpBB/includes/startup.php @@ -95,6 +95,54 @@ function deregister_globals() unset($input); } +/** + * Check if requested page uses a trailing path + * + * @param string $phpEx PHP extension + * + * @return bool True if trailing path is used, false if not + */ +function phpbb_has_trailing_path($phpEx) +{ + // Check if path_info is being used + if (!empty($_SERVER['PATH_INFO']) || !empty($_SERVER['ORIG_PATH_INFO'])) + { + return true; + } + + // Match any trailing path appended to a php script in the REQUEST_URI. + // It is assumed that only actual PHP scripts use names like foo.php. Due + // to this, any phpBB board inside a directory that has the php extension + // appended to its name will stop working, i.e. if the board is at + // example.com/phpBB/test.php/ or example.com/test.php/ + if (preg_match('#^[^?]+\.' . preg_quote($phpEx, '#') . '/#', $_SERVER['REQUEST_URI'])) + { + return true; + } + + return false; +} + +// Check if trailing path is used +if (phpbb_has_trailing_path($phpEx)) +{ + if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') + { + $prefix = 'Status:'; + } + else if (!empty($_SERVER['SERVER_PROTOCOL'])) + { + $prefix = $_SERVER['SERVER_PROTOCOL']; + } + else + { + $prefix = 'HTTP/1.0'; + } + header("$prefix 404 Not Found", true, 404); + echo 'Trailing paths and PATH_INFO is not supported by phpBB 3.0'; + exit; +} + // Register globals and magic quotes have been dropped in PHP 5.4 if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) { |