1 files changed, 55 insertions, 14 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 49f2e469bc..7bd12d358d 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2413,6 +2413,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false)
 {
 	global $_SID, $_EXTRA_URL, $phpbb_hook;
 	global $phpbb_dispatcher;
+	global $symfony_request;
 
 	if ($params === '' || (is_array($params) && empty($params)))
 	{
@@ -2420,6 +2421,12 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false)
 		$params = false;
 	}
 
+	$corrected_root = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : '';
+	if ($corrected_root)
+	{
+		$url = $corrected_root . substr($url, strlen($phpbb_root_path));
+	}
+
 	$append_sid_overwrite = false;
 
 	/**
@@ -5051,7 +5058,7 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
 function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
 {
 	global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
-	global $phpbb_dispatcher, $request, $phpbb_container;
+	global $phpbb_dispatcher, $request, $phpbb_container, $symfony_request;
 
 	if (defined('HEADER_INC'))
 	{
@@ -5208,7 +5215,11 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
 
 	// Determine board url - we may need it later
 	$board_url = generate_board_url() . '/';
-	$web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path;
+	// This path is sent with the base template paths in the assign_vars()
+	// call below. We need to correct it in case we are accessing from a
+	// controller because the web paths will be incorrect otherwise.
+	$corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : '';
+	$web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;
 
 	// Send a proper content-language to the output
 	$user_lang = $user->lang['USER_LANG'];
@@ -5684,6 +5695,16 @@ function phpbb_convert_30_dbms_to_31($dbms)
 */
 function phpbb_create_symfony_request(phpbb_request $request)
 {
+	// If we have already gotten it, don't go back through all the trouble of
+	// creating it again; instead, just return it. This allows multiple calls
+	// of this method so we don't have to globalize $symfony_request in other
+	// functions.
+	static $symfony_request;
+	if (null !== $symfony_request)
+	{
+		return $symfony_request;
+	}
+
 	// This function is meant to sanitize the global input arrays
 	$sanitizer = function(&$value, $key) {
 		$type_cast_helper = new phpbb_request_type_cast_helper();
@@ -5703,21 +5724,41 @@ function phpbb_create_symfony_request(phpbb_request $request)
 	array_walk_recursive($get_parameters, $sanitizer);
 	array_walk_recursive($post_parameters, $sanitizer);
 
-	// Until we fix the issue with relative paths, we have to fake path info
-	// to allow urls like app.php?controller=foo/bar
-	$controller = $request->variable('controller', '');
-	$path_info = '/' . $controller;
-	$request_uri = $server_parameters['REQUEST_URI'];
+	$symfony_request = new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
+	return $symfony_request;
+}
+
+/**
+* Get a relative root path from the current URL
+*
+* @param Request $symfony_request Symfony Request object
+*/
+function phpbb_get_web_root_path(Request $symfony_request)
+{
+	static $path;
+	if (null !== $path)
+	{
+		return $path;
+	}
+
+	$path_info = $symfony_request->getPathInfo();
+
+	// When no path is given (i.e. REQUEST_URI = "./app.php") path info from
+	// the Symfony Request object is "/". However, that is the same as when
+	// the REQUEST_URI is "./app.php/". So we want to correct the path when
+	// we have a trailing slash in the REQUEST_URI, but not when we don't.
+	$request_uri = $symfony_request->server->get('REQUEST_URI');
+	$trailing_slash = substr($request_uri, -1) === '/';
 
-	// Remove the query string from REQUEST_URI
-	if ($pos = strpos($request_uri, '?'))
+	// If pathinfo is / and we do not have a trailing slash in the REQUEST_URI
+	if (!$trailing_slash && '/' === $path_info)
 	{
-		$request_uri = substr($request_uri, 0, $pos);
+		$path = '';
+		return $path;
 	}
 
-	// Add the path info (i.e. controller route) to the REQUEST_URI
-	$server_parameters['REQUEST_URI'] = $request_uri . $path_info;
-	$server_parameters['SCRIPT_NAME'] = '';
+	$corrections = substr_count($path_info, '/');
+	$path = str_repeat('../', $corrections);
 
-	return new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
+	return $path;
 }