aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--phpBB/.htaccess24
-rw-r--r--phpBB/app.php1
-rw-r--r--phpBB/common.php3
-rw-r--r--phpBB/config/services.yml1
-rw-r--r--phpBB/includes/functions.php67
-rw-r--r--phpBB/phpbb/controller/helper.php33
-rw-r--r--phpBB/phpbb/template/twig/lexer.php2
-rw-r--r--tests/controller/helper_url_test.php32
-rw-r--r--tests/functional/extension_controller_test.php10
-rw-r--r--tests/template/template_test.php2
-rw-r--r--tests/template/templates/define.html2
-rwxr-xr-xtravis/setup-webserver.sh2
12 files changed, 122 insertions, 57 deletions
diff --git a/phpBB/.htaccess b/phpBB/.htaccess
index 474f9774c2..6f33916775 100644
--- a/phpBB/.htaccess
+++ b/phpBB/.htaccess
@@ -1,12 +1,30 @@
+<IfModule mod_rewrite.c>
+RewriteEngine on
+
#
# Uncomment the statement below if you want to make use of
# HTTP authentication and it does not already work.
# This could be required if you are for example using PHP via Apache CGI.
#
-#<IfModule mod_rewrite.c>
-#RewriteEngine on
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
-#</IfModule>
+
+#
+# The following 3 lines will rewrite URLs passed through the front controller
+# to not require app.php in the actual URL. In other words, a controller is
+# by default accessed at /app.php/my/controller, but can also be accessed at
+# /my/controller
+#
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule ^(.*)$ app.php [QSA,L]
+
+#
+# If symbolic links are not already being followed,
+# uncomment the line below.
+# http://anothersysadmin.wordpress.com/2008/06/10/mod_rewrite-forbidden-403-with-apache-228/
+#
+#Options +FollowSymLinks
+</IfModule>
<Files "config.php">
Order Allow,Deny
diff --git a/phpBB/app.php b/phpBB/app.php
index d93208d585..f1023ff1b5 100644
--- a/phpBB/app.php
+++ b/phpBB/app.php
@@ -24,7 +24,6 @@ $user->session_begin();
$auth->acl($user->data);
$user->setup('app');
-$symfony_request = phpbb_create_symfony_request($request);
$http_kernel = $phpbb_container->get('http_kernel');
$response = $http_kernel->handle($symfony_request);
$response->send();
diff --git a/phpBB/common.php b/phpBB/common.php
index 6a1f307d64..a7b7db28ac 100644
--- a/phpBB/common.php
+++ b/phpBB/common.php
@@ -109,6 +109,9 @@ $db = $phpbb_container->get('dbal.conn');
// make sure request_var uses this request instance
request_var('', 0, false, false, $request); // "dependency injection" for a function
+// Create a Symfony Request object from our phpbb_request object
+$symfony_request = phpbb_create_symfony_request($request);
+
// Grab global variables, re-cache if necessary
$config = $phpbb_container->get('config');
set_config(null, null, null, $config);
diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml
index d0753322da..2808e81337 100644
--- a/phpBB/config/services.yml
+++ b/phpBB/config/services.yml
@@ -90,6 +90,7 @@ services:
arguments:
- @template
- @user
+ - @request
- %core.root_path%
- %core.php_ext%
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 3db843ffd1..4d2d704a43 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2413,6 +2413,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
global $_SID, $_EXTRA_URL, $phpbb_hook;
global $phpbb_dispatcher;
+ global $symfony_request, $phpbb_root_path;
if ($params === '' || (is_array($params) && empty($params)))
{
@@ -2420,6 +2421,12 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false)
$params = false;
}
+ $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request, $phpbb_root_path) : '';
+ if ($corrected_path)
+ {
+ $url = substr($corrected_path . $url, strlen($phpbb_root_path));
+ }
+
$append_sid_overwrite = false;
/**
@@ -5051,7 +5058,7 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
{
global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
- global $phpbb_dispatcher, $request, $phpbb_container;
+ global $phpbb_dispatcher, $request, $phpbb_container, $symfony_request;
if (defined('HEADER_INC'))
{
@@ -5208,7 +5215,11 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
// Determine board url - we may need it later
$board_url = generate_board_url() . '/';
- $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path;
+ // This path is sent with the base template paths in the assign_vars()
+ // call below. We need to correct it in case we are accessing from a
+ // controller because the web paths will be incorrect otherwise.
+ $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request, $phpbb_root_path) : '';
+ $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;
// Send a proper content-language to the output
$user_lang = $user->lang['USER_LANG'];
@@ -5682,6 +5693,16 @@ function phpbb_convert_30_dbms_to_31($dbms)
*/
function phpbb_create_symfony_request(phpbb_request $request)
{
+ // If we have already gotten it, don't go back through all the trouble of
+ // creating it again; instead, just return it. This allows multiple calls
+ // of this method so we don't have to globalize $symfony_request in other
+ // functions.
+ static $symfony_request;
+ if (null !== $symfony_request)
+ {
+ return $symfony_request;
+ }
+
// This function is meant to sanitize the global input arrays
$sanitizer = function(&$value, $key) {
$type_cast_helper = new phpbb_request_type_cast_helper();
@@ -5701,21 +5722,39 @@ function phpbb_create_symfony_request(phpbb_request $request)
array_walk_recursive($get_parameters, $sanitizer);
array_walk_recursive($post_parameters, $sanitizer);
- // Until we fix the issue with relative paths, we have to fake path info
- // to allow urls like app.php?controller=foo/bar
- $controller = $request->variable('controller', '');
- $path_info = '/' . $controller;
- $request_uri = $server_parameters['REQUEST_URI'];
+ $symfony_request = new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
+ return $symfony_request;
+}
- // Remove the query string from REQUEST_URI
- if ($pos = strpos($request_uri, '?'))
+/**
+* Get a relative root path from the current URL
+*
+* @param Request $symfony_request Symfony Request object
+*/
+function phpbb_get_web_root_path(Request $symfony_request, $phpbb_root_path = '')
+{
+ static $path;
+ if (null !== $path)
+ {
+ return $path;
+ }
+
+ $path_info = $symfony_request->getPathInfo();
+ if ($path_info === '/')
{
- $request_uri = substr($request_uri, 0, $pos);
+ $path = $phpbb_root_path;
+ return $path;
}
- // Add the path info (i.e. controller route) to the REQUEST_URI
- $server_parameters['REQUEST_URI'] = $request_uri . $path_info;
- $server_parameters['SCRIPT_NAME'] = '';
+ $corrections = substr_count($path_info, '/');
+
+ // When URL Rewriting is enabled, app.php is optional. We have to
+ // correct for it not being there
+ if (strpos($symfony_request->getRequestUri(), $symfony_request->getScriptName()) === false)
+ {
+ $corrections -= 1;
+ }
- return new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
+ $path = $phpbb_root_path . str_repeat('../', $corrections);
+ return $path;
}
diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php
index 74410ddfd1..4d240f9380 100644
--- a/phpBB/phpbb/controller/helper.php
+++ b/phpBB/phpbb/controller/helper.php
@@ -36,6 +36,12 @@ class phpbb_controller_helper
protected $user;
/**
+ * Request object
+ * @var phpbb_request
+ */
+ protected $request;
+
+ /**
* phpBB root path
* @var string
*/
@@ -55,10 +61,11 @@ class phpbb_controller_helper
* @param string $phpbb_root_path phpBB root path
* @param string $php_ext PHP extension
*/
- public function __construct(phpbb_template $template, phpbb_user $user, $phpbb_root_path, $php_ext)
+ public function __construct(phpbb_template $template, phpbb_user $user, phpbb_request_interface $request, $phpbb_root_path, $php_ext)
{
$this->template = $template;
$this->user = $user;
+ $this->request = $request;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
}
@@ -102,22 +109,16 @@ class phpbb_controller_helper
$route = substr($route, 0, $route_delim);
}
- if (is_array($params) && !empty($params))
- {
- $params = array_merge(array(
- 'controller' => $route,
- ), $params);
- }
- else if (is_string($params) && $params)
- {
- $params = 'controller=' . $route . (($is_amp) ? '&amp;' : '&') . $params;
- }
- else
- {
- $params = array('controller' => $route);
- }
+ $request_uri = $this->request->variable('REQUEST_URI', '', false, phpbb_request::SERVER);
+ $script_name = $this->request->variable('SCRIPT_NAME', '', false, phpbb_request::SERVER);
+
+ // If the app.php file is being used (no rewrite) keep it in the URL.
+ // Otherwise, don't include it.
+ $route_prefix = $this->phpbb_root_path;
+ $parts = explode('/', $script_name);
+ $route_prefix .= strpos($request_uri, $script_name) === 0 ? array_pop($parts) . '/' : '';
- return append_sid($this->phpbb_root_path . 'app.' . $this->php_ext . $route_params, $params, $is_amp, $session_id);
+ return append_sid($route_prefix . "$route" . $route_params, $params, $is_amp, $session_id);
}
/**
diff --git a/phpBB/phpbb/template/twig/lexer.php b/phpBB/phpbb/template/twig/lexer.php
index a33de70d69..7ab569313c 100644
--- a/phpBB/phpbb/template/twig/lexer.php
+++ b/phpBB/phpbb/template/twig/lexer.php
@@ -130,7 +130,7 @@ class phpbb_template_twig_lexer extends Twig_Lexer
// E.g. 'asdf'"' -> asdf'"
// E.g. "asdf'"" -> asdf'"
// E.g. 'asdf'" -> 'asdf'"
- $matches[2] = preg_replace('#^([\'"])?(.+?)\1$#', '$2', $matches[2]);
+ $matches[2] = preg_replace('#^([\'"])?(.*?)\1$#', '$2', $matches[2]);
// Replace template variables with start/end to parse variables (' ~ TEST ~ '.html)
$matches[2] = preg_replace('#{([a-zA-Z0-9_\.$]+)}#', "'~ \$1 ~'", $matches[2]);
diff --git a/tests/controller/helper_url_test.php b/tests/controller/helper_url_test.php
index fc7d02e9cf..49635332a7 100644
--- a/tests/controller/helper_url_test.php
+++ b/tests/controller/helper_url_test.php
@@ -15,28 +15,28 @@ class phpbb_controller_helper_url_test extends phpbb_test_case
public function helper_url_data()
{
return array(
- array('foo/bar?t=1&amp;f=2', false, true, false, 'app.php?t=1&amp;f=2&amp;controller=foo/bar', 'parameters in url-argument'),
- array('foo/bar', 't=1&amp;f=2', true, false, 'app.php?controller=foo/bar&amp;t=1&amp;f=2', 'parameters in params-argument using amp'),
- array('foo/bar', 't=1&f=2', false, false, 'app.php?controller=foo/bar&t=1&f=2', 'parameters in params-argument using &'),
- array('foo/bar', array('t' => 1, 'f' => 2), true, false, 'app.php?controller=foo/bar&amp;t=1&amp;f=2', 'parameters in params-argument as array'),
+ array('foo/bar?t=1&amp;f=2', false, true, false, 'foo/bar?t=1&amp;f=2', 'parameters in url-argument'),
+ array('foo/bar', 't=1&amp;f=2', true, false, 'foo/bar?t=1&amp;f=2', 'parameters in params-argument using amp'),
+ array('foo/bar', 't=1&f=2', false, false, 'foo/bar?t=1&f=2', 'parameters in params-argument using &'),
+ array('foo/bar', array('t' => 1, 'f' => 2), true, false, 'foo/bar?t=1&amp;f=2', 'parameters in params-argument as array'),
// Custom sid parameter
- array('foo/bar', 't=1&amp;f=2', true, 'custom-sid', 'app.php?controller=foo/bar&amp;t=1&amp;f=2&amp;sid=custom-sid', 'using session_id'),
+ array('foo/bar', 't=1&amp;f=2', true, 'custom-sid', 'foo/bar?t=1&amp;f=2&amp;sid=custom-sid', 'using session_id'),
// Testing anchors
- array('foo/bar?t=1&amp;f=2#anchor', false, true, false, 'app.php?t=1&amp;f=2&amp;controller=foo/bar#anchor', 'anchor in url-argument'),
- array('foo/bar', 't=1&amp;f=2#anchor', true, false, 'app.php?controller=foo/bar&amp;t=1&amp;f=2#anchor', 'anchor in params-argument'),
- array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, false, 'app.php?controller=foo/bar&amp;t=1&amp;f=2#anchor', 'anchor in params-argument (array)'),
+ array('foo/bar?t=1&amp;f=2#anchor', false, true, false, 'foo/bar?t=1&amp;f=2#anchor', 'anchor in url-argument'),
+ array('foo/bar', 't=1&amp;f=2#anchor', true, false, 'foo/bar?t=1&amp;f=2#anchor', 'anchor in params-argument'),
+ array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, false, 'foo/bar?t=1&amp;f=2#anchor', 'anchor in params-argument (array)'),
// Anchors and custom sid
- array('foo/bar?t=1&amp;f=2#anchor', false, true, 'custom-sid', 'app.php?t=1&amp;f=2&amp;controller=foo/bar&amp;sid=custom-sid#anchor', 'anchor in url-argument using session_id'),
- array('foo/bar', 't=1&amp;f=2#anchor', true, 'custom-sid', 'app.php?controller=foo/bar&amp;t=1&amp;f=2&amp;sid=custom-sid#anchor', 'anchor in params-argument using session_id'),
- array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, 'custom-sid', 'app.php?controller=foo/bar&amp;t=1&amp;f=2&amp;sid=custom-sid#anchor', 'anchor in params-argument (array) using session_id'),
+ array('foo/bar?t=1&amp;f=2#anchor', false, true, 'custom-sid', 'foo/bar?t=1&amp;f=2&amp;sid=custom-sid#anchor', 'anchor in url-argument using session_id'),
+ array('foo/bar', 't=1&amp;f=2#anchor', true, 'custom-sid', 'foo/bar?t=1&amp;f=2&amp;sid=custom-sid#anchor', 'anchor in params-argument using session_id'),
+ array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, 'custom-sid', 'foo/bar?t=1&amp;f=2&amp;sid=custom-sid#anchor', 'anchor in params-argument (array) using session_id'),
// Empty parameters should not append the &amp;
- array('foo/bar', false, true, false, 'app.php?controller=foo/bar', 'no params using bool false'),
- array('foo/bar', '', true, false, 'app.php?controller=foo/bar', 'no params using empty string'),
- array('foo/bar', array(), true, false, 'app.php?controller=foo/bar', 'no params using empty array'),
+ array('foo/bar', false, true, false, 'foo/bar', 'no params using bool false'),
+ array('foo/bar', '', true, false, 'foo/bar', 'no params using empty string'),
+ array('foo/bar', array(), true, false, 'foo/bar', 'no params using empty array'),
);
}
@@ -51,7 +51,9 @@ class phpbb_controller_helper_url_test extends phpbb_test_case
$this->user = $this->getMock('phpbb_user');
$this->template = new phpbb_template_twig($phpbb_root_path, $phpEx, $config, $this->user, new phpbb_template_context());
- $helper = new phpbb_controller_helper($this->template, $this->user, '', 'php');
+
+ $request = new phpbb_mock_request($_GET, $_POST, $_COOKIE, $_SERVER, false, $_FILES);
+ $helper = new phpbb_controller_helper($this->template, $this->user, $request, '', 'php');
$this->assertEquals($helper->url($route, $params, $is_amp, $session_id), $expected);
}
}
diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php
index 7d29f0000c..dc6d9c0f65 100644
--- a/tests/functional/extension_controller_test.php
+++ b/tests/functional/extension_controller_test.php
@@ -52,7 +52,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
public function test_foo_bar()
{
$this->phpbb_extension_manager->enable('foo/bar');
- $crawler = self::request('GET', 'app.php?controller=foo/bar', array(), false);
+ $crawler = self::request('GET', 'app.php/foo/bar', array(), false);
self::assert_response_status_code();
$this->assertContains("foo/bar controller handle() method", $crawler->filter('body')->text());
$this->phpbb_extension_manager->purge('foo/bar');
@@ -64,7 +64,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
public function test_controller_with_template()
{
$this->phpbb_extension_manager->enable('foo/bar');
- $crawler = self::request('GET', 'app.php?controller=foo/template');
+ $crawler = self::request('GET', 'app.php/foo/template');
$this->assertContains("I am a variable", $crawler->filter('#content')->text());
$this->phpbb_extension_manager->purge('foo/bar');
}
@@ -76,7 +76,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
public function test_missing_argument()
{
$this->phpbb_extension_manager->enable('foo/bar');
- $crawler = self::request('GET', 'app.php?controller=foo/baz', array(), false);
+ $crawler = self::request('GET', 'app.php/foo/baz', array(), false);
$this->assert_response_html(500);
$this->assertContains('Missing value for argument #1: test in class phpbb_ext_foo_bar_controller:baz', $crawler->filter('body')->text());
$this->phpbb_extension_manager->purge('foo/bar');
@@ -88,7 +88,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
public function test_exception_should_result_in_500_status_code()
{
$this->phpbb_extension_manager->enable('foo/bar');
- $crawler = self::request('GET', 'app.php?controller=foo/exception', array(), false);
+ $crawler = self::request('GET', 'app.php/foo/exception', array(), false);
$this->assert_response_html(500);
$this->assertContains('Exception thrown from foo/exception route', $crawler->filter('body')->text());
$this->phpbb_extension_manager->purge('foo/bar');
@@ -105,7 +105,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
*/
public function test_error_ext_disabled_or_404()
{
- $crawler = self::request('GET', 'app.php?controller=does/not/exist', array(), false);
+ $crawler = self::request('GET', 'app.php/does/not/exist', array(), false);
$this->assert_response_html(404);
$this->assertContains('No route found for "GET /does/not/exist"', $crawler->filter('body')->text());
}
diff --git a/tests/template/template_test.php b/tests/template/template_test.php
index 38eb072df8..f2e3903458 100644
--- a/tests/template/template_test.php
+++ b/tests/template/template_test.php
@@ -158,7 +158,7 @@ class phpbb_template_template_test extends phpbb_template_template_test_case
array(),
array('test_loop' => array(array(), array(), array(), array(), array(), array(), array()), 'test' => array(array()), 'test.deep' => array(array()), 'test.deep.defines' => array(array())),
array(),
- "xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?",
+ "xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?\n[]",
),
array(
'define_advanced.html',
diff --git a/tests/template/templates/define.html b/tests/template/templates/define.html
index 66e874ca63..e6c8ef49c9 100644
--- a/tests/template/templates/define.html
+++ b/tests/template/templates/define.html
@@ -14,3 +14,5 @@ $VALUE == 'abc'
{$VALUE}
<!-- DEFINE $VALUE = 'test!@#$%^&*()_-=+{}[]:;",<.>/?' -->
{$VALUE}
+<!-- DEFINE $VALUE = '' -->
+[{$VALUE}]
diff --git a/travis/setup-webserver.sh b/travis/setup-webserver.sh
index beb04b0fef..95fc4ec1f8 100755
--- a/travis/setup-webserver.sh
+++ b/travis/setup-webserver.sh
@@ -42,7 +42,7 @@ server {
root $PHPBB_ROOT_PATH/;
index index.php index.html;
- location ~ \.php$ {
+ location ~ \.php {
fastcgi_pass unix:$PHP_FPM_SOCK;
include fastcgi_params;
}