diff options
| -rw-r--r-- | phpBB/common.php | 37 | ||||
| -rw-r--r-- | phpBB/install/install.php | 3 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 7 |
3 files changed, 42 insertions, 5 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index 6822d8f72a..c5ef578231 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -27,13 +27,44 @@ error_reporting(E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitia //error_reporting(E_ALL); set_magic_quotes_runtime(0); +// Protect against GLOBALS tricks +if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) +{ + exit; +} + +// Protect against _SESSION tricks +if (isset($_SESSION) && !is_array($_SESSION)) +{ + exit; +} + // Be paranoid with passed vars -if (@ini_get('register_globals')) +if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { - foreach ($_REQUEST as $var_name => $void) + $not_unset = array('_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_SESSION', '_ENV', '_FILES', 'phpEx', 'phpbb_root_path'); + + // Not only will array_merge give a warning if a parameter + // is not an array, it will actually fail. So we check if + // _SESSION has been initialised. + if (!isset($_SESSION) || !is_array($_SESSION)) { - unset(${$var_name}); + $_SESSION = array(); } + + // Merge all into one extremely huge array; unset + // this later + $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_SESSION, $_ENV, $_FILES); + + foreach ($input as $varname => $void) + { + if (!in_array($varname, $not_unset)) + { + unset(${$varname}); + } + } + + unset($input); } if (defined('IN_CRON')) diff --git a/phpBB/install/install.php b/phpBB/install/install.php index 2ce5e418d7..de019791e6 100644 --- a/phpBB/install/install.php +++ b/phpBB/install/install.php @@ -363,9 +363,8 @@ if ($stage == 0) <tr> <td>• <b><?php echo $lang['PHP_REGISTER_GLOBALS']; ?>: </b></td> <td><?php - if (@ini_get('register_globals') || strtolower(@ini_get('register_globals')) == 'on') + if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { - $passed['db'] = false; echo '<b style="color:red">' . $lang['NO'] . '</b>'; } else diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 843b4c2c02..bd4a2a96b3 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -210,6 +210,7 @@ if (!($topic_data = $db->sql_fetchrow($result))) trigger_error('NO_TOPIC'); } +$old_forum_id = $forum_id; $forum_id = (int) $topic_data['forum_id']; $topic_id = (int) $topic_data['topic_id']; @@ -1363,6 +1364,12 @@ if (isset($user->data['session_page']) && !preg_match("#&t=$topic_id#", $user->d if (isset($topic_tracking_info[$topic_id]) && $topic_data['topic_last_post_time'] > $topic_tracking_info[$topic_id]) { markread('topic', $forum_id, $topic_id, $max_post_time); + + // The topic has two different forum_id numbers, we have to update the other forum + if ($old_forum_id !== $forum_id) + { + markread('topic', $old_forum_id, $topic_id, $max_post_time); + } } // Change encoding if appropriate |