diff options
Diffstat (limited to 'phpBB/phpbb')
-rw-r--r-- | phpBB/phpbb/config_php_file.php | 175 | ||||
-rw-r--r-- | phpBB/phpbb/controller/helper.php | 17 | ||||
-rw-r--r-- | phpBB/phpbb/db/driver/postgres.php | 8 | ||||
-rw-r--r-- | phpBB/phpbb/db/driver/sqlite3.php | 7 | ||||
-rw-r--r-- | phpBB/phpbb/db/migration/profilefield_base_migration.php | 87 | ||||
-rw-r--r-- | phpBB/phpbb/db/migration/tool/config_text.php | 125 | ||||
-rw-r--r-- | phpBB/phpbb/di/container_builder.php | 402 | ||||
-rw-r--r-- | phpBB/phpbb/di/extension/config.php | 27 | ||||
-rw-r--r-- | phpBB/phpbb/path_helper.php | 103 | ||||
-rw-r--r-- | phpBB/phpbb/viewonline_helper.php | 19 |
10 files changed, 944 insertions, 26 deletions
diff --git a/phpBB/phpbb/config_php_file.php b/phpBB/phpbb/config_php_file.php new file mode 100644 index 0000000000..1a562e470d --- /dev/null +++ b/phpBB/phpbb/config_php_file.php @@ -0,0 +1,175 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb; + +class config_php_file +{ + /** @var string phpBB Root Path */ + protected $phpbb_root_path; + + /** @var string php file extension */ + protected $php_ext; + + /** + * Indicates whether the php config file has been loaded. + * + * @var bool + */ + protected $config_loaded = false; + + /** + * The content of the php config file + * + * @var array + */ + protected $config_data = array(); + + /** + * The path to the config file. (Default: $phpbb_root_path . 'config.' . $php_ext) + * + * @var string + */ + protected $config_file; + + private $defined_vars; + + /** + * Constructor + * + * @param string $phpbb_root_path phpBB Root Path + * @param string $php_ext php file extension + */ + function __construct($phpbb_root_path, $php_ext) + { + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; + $this->config_file = $this->phpbb_root_path . 'config.' . $this->php_ext; + } + + /** + * Set the path to the config file. + * + * @param string $config_file + */ + public function set_config_file($config_file) + { + $this->config_file = $config_file; + $this->config_loaded = false; + } + + /** + * Returns an associative array containing the variables defined by the config file. + * + * @return bool|array Return the content of the config file or false if the file does not exists. + */ + public function get_all() + { + if (!$this->load_config_file()) + { + return false; + } + + return $this->config_data; + } + + /** + * Return the value of a variable defined into the config.php file and false if the variable does not exist. + * + * @param string $variable The name of the variable + * @return mixed + */ + public function get($variable) + { + if (!$this->load_config_file()) + { + return false; + } + + return isset($this->config_data[$variable]) ? $this->config_data[$variable] : false; + } + + /** + * Load the config file and store the information. + * + * @return bool True if the file was correctly loaded, false otherwise. + */ + protected function load_config_file() + { + if (!$this->config_loaded) + { + if (file_exists($this->config_file)) + { + $this->defined_vars = get_defined_vars(); + + require($this->config_file); + $this->config_data = array_diff_key(get_defined_vars(), $this->defined_vars); + + $this->config_loaded = true; + } + else + { + return false; + } + } + + return true; + } + + /** + * Convert either 3.0 dbms or 3.1 db driver class name to 3.1 db driver class name. + * + * If $dbms is a valid 3.1 db driver class name, returns it unchanged. + * Otherwise prepends phpbb\db\driver\ to the dbms to convert a 3.0 dbms + * to 3.1 db driver class name. + * + * @param string $dbms dbms parameter + * @return string driver class + * @throws \RuntimeException + */ + public function convert_30_dbms_to_31($dbms) + { + // Note: this check is done first because mysqli extension + // supplies a mysqli class, and class_exists($dbms) would return + // true for mysqli class. + // However, per the docblock any valid 3.1 driver name should be + // recognized by this function, and have priority over 3.0 dbms. + if (strpos($dbms, 'phpbb\db\driver') === false && class_exists('phpbb\db\driver\\' . $dbms)) + { + return 'phpbb\db\driver\\' . $dbms; + } + + if (class_exists($dbms)) + { + // Additionally we could check that $dbms extends phpbb\db\driver\driver. + // http://php.net/manual/en/class.reflectionclass.php + // Beware of possible performance issues: + // http://stackoverflow.com/questions/294582/php-5-reflection-api-performance + // We could check for interface implementation in all paths or + // only when we do not prepend phpbb\db\driver\. + + /* + $reflection = new \ReflectionClass($dbms); + + if ($reflection->isSubclassOf('phpbb\db\driver\driver')) + { + return $dbms; + } + */ + + return $dbms; + } + + throw new \RuntimeException("You have specified an invalid dbms driver: $dbms"); + } +} diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php index 930bc42a98..e330fb5b6d 100644 --- a/phpBB/phpbb/controller/helper.php +++ b/phpBB/phpbb/controller/helper.php @@ -40,6 +40,9 @@ class helper */ protected $config; + /* @var \phpbb\symfony_request */ + protected $symfony_request; + /** * phpBB root path * @var string @@ -60,14 +63,16 @@ class helper * @param \phpbb\config\config $config Config object * @param \phpbb\controller\provider $provider Path provider * @param \phpbb\extension\manager $manager Extension manager object + * @param \phpbb\symfony_request $symfony_request Symfony Request object * @param string $phpbb_root_path phpBB root path * @param string $php_ext PHP extension */ - public function __construct(\phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\controller\provider $provider, \phpbb\extension\manager $manager, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\controller\provider $provider, \phpbb\extension\manager $manager, \phpbb\symfony_request $symfony_request, $phpbb_root_path, $php_ext) { $this->template = $template; $this->user = $user; $this->config = $config; + $this->symfony_request = $symfony_request; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; $provider->find_routing_files($manager->get_finder()); @@ -151,4 +156,14 @@ class helper return $this->render('message_body.html', $this->user->lang('INFORMATION'), $code); } + + /** + * Return the current url + * + * @return string + */ + public function get_current_url() + { + return generate_board_url(true) . $this->symfony_request->getRequestUri(); + } } diff --git a/phpBB/phpbb/db/driver/postgres.php b/phpBB/phpbb/db/driver/postgres.php index a67cd9f7c2..83e9fa51f6 100644 --- a/phpBB/phpbb/db/driver/postgres.php +++ b/phpBB/phpbb/db/driver/postgres.php @@ -15,10 +15,11 @@ namespace phpbb\db\driver; /** * PostgreSQL Database Abstraction Layer -* Minimum Requirement is Version 7.3+ +* Minimum Requirement is Version 8.3+ */ class postgres extends \phpbb\db\driver\driver { + var $multi_insert = true; var $last_query_text = ''; var $connect_error = ''; @@ -101,11 +102,6 @@ class postgres extends \phpbb\db\driver\driver if ($this->db_connect_id) { - if (version_compare($this->sql_server_info(true), '8.2', '>=')) - { - $this->multi_insert = true; - } - if ($schema !== '') { @pg_query($this->db_connect_id, 'SET search_path TO ' . $schema); diff --git a/phpBB/phpbb/db/driver/sqlite3.php b/phpBB/phpbb/db/driver/sqlite3.php index 6511c755a0..0922229e0a 100644 --- a/phpBB/phpbb/db/driver/sqlite3.php +++ b/phpBB/phpbb/db/driver/sqlite3.php @@ -50,9 +50,10 @@ class sqlite3 extends \phpbb\db\driver\driver $this->dbo = new \SQLite3($this->server, SQLITE3_OPEN_READWRITE | SQLITE3_OPEN_CREATE); $this->db_connect_id = true; } - catch (Exception $e) + catch (\Exception $e) { - return array('message' => $e->getMessage()); + $this->connect_error = $e->getMessage(); + return array('message' => $this->connect_error); } return true; @@ -280,7 +281,7 @@ class sqlite3 extends \phpbb\db\driver\driver */ protected function _sql_error() { - if (class_exists('SQLite3', false)) + if (class_exists('SQLite3', false) && isset($this->dbo)) { $error = array( 'message' => $this->dbo->lastErrorMsg(), diff --git a/phpBB/phpbb/db/migration/profilefield_base_migration.php b/phpBB/phpbb/db/migration/profilefield_base_migration.php index d416a9b228..e66e5fd080 100644 --- a/phpBB/phpbb/db/migration/profilefield_base_migration.php +++ b/phpBB/phpbb/db/migration/profilefield_base_migration.php @@ -21,6 +21,23 @@ abstract class profilefield_base_migration extends \phpbb\db\migration\migration protected $profilefield_data; + /** + * Language data should be in array -> each language_data in separate key + * array( + * array( + * 'option_id' => value, + * 'field_type' => value, + * 'lang_value' => value, + * ), + * array( + * 'option_id' => value, + * 'field_type' => value, + * 'lang_value' => value, + * ), + * ) + */ + protected $profilefield_language_data; + protected $user_column_name; public function effectively_installed() @@ -58,6 +75,13 @@ abstract class profilefield_base_migration extends \phpbb\db\migration\migration ); } + public function revert_data() + { + return array( + array('custom', array(array($this, 'delete_custom_profile_field_data'))), + ); + } + public function create_custom_field() { $sql = 'SELECT MAX(field_order) as max_field_order @@ -96,6 +120,69 @@ abstract class profilefield_base_migration extends \phpbb\db\migration\migration } /** + * Create Custom profile fields languguage entries + */ + public function create_language_entries() + { + $field_id = $this->get_custom_profile_field_id(); + + $insert_buffer = new \phpbb\db\sql_insert_buffer($this->db, PROFILE_FIELDS_LANG_TABLE); + + $sql = 'SELECT lang_id + FROM ' . LANG_TABLE; + $result = $this->db->sql_query($sql); + while ($lang_id = (int) $this->db->sql_fetchfield('lang_id')) + { + foreach ($this->profilefield_language_data as $language_data) + { + $insert_buffer->insert(array_merge(array( + 'field_id' => $field_id, + 'lang_id' => $lang_id, + ), $language_data)); + } + } + $this->db->sql_freeresult($result); + + $insert_buffer->flush(); + } + + /** + * Clean database when reverting the migration + */ + public function delete_custom_profile_field_data() + { + $field_id = $this->get_custom_profile_field_id(); + + $sql = 'DELETE FROM ' . PROFILE_FIELDS_TABLE . ' + WHERE field_id = ' . $field_id; + $this->db->sql_query($sql); + + $sql = 'DELETE FROM ' . PROFILE_LANG_TABLE . ' + WHERE field_id = ' . $field_id; + $this->db->sql_query($sql); + + $sql = 'DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . ' + WHERE field_id = ' . $field_id; + $this->db->sql_query($sql); + } + + /** + * Get custom profile field id + * @return int custom profile filed id + */ + public function get_custom_profile_field_id() + { + $sql = 'SELECT field_id + FROM ' . PROFILE_FIELDS_TABLE . " + WHERE field_name = '" . $this->profilefield_name . "'"; + $result = $this->db->sql_query($sql); + $field_id = (int) $this->db->sql_fetchfield('field_id'); + $this->db->sql_freeresult($result); + + return $field_id; + } + + /** * @param int $start Start of staggering step * @return mixed int start of the next step, null if the end was reached */ diff --git a/phpBB/phpbb/db/migration/tool/config_text.php b/phpBB/phpbb/db/migration/tool/config_text.php new file mode 100644 index 0000000000..bf8ac55023 --- /dev/null +++ b/phpBB/phpbb/db/migration/tool/config_text.php @@ -0,0 +1,125 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\tool; + +/** +* Migration config_text tool +*/ +class config_text implements \phpbb\db\migration\tool\tool_interface +{ + /** @var \phpbb\config\db_text */ + protected $config_text; + + /** + * Constructor + * + * @param \phpbb\config\db_text $config_text + */ + public function __construct(\phpbb\config\db_text $config_text) + { + $this->config_text = $config_text; + } + + /** + * {@inheritdoc} + */ + public function get_name() + { + return 'config_text'; + } + + /** + * Add a config_text setting. + * + * @param string $config_name The name of the config_text setting + * you would like to add + * @param mixed $config_value The value of the config_text setting + * @return null + */ + public function add($config_name, $config_value) + { + if (!is_null($this->config_text->get($config_name))) + { + return; + } + + $this->config_text->set($config_name, $config_value); + } + + /** + * Update an existing config_text setting. + * + * @param string $config_name The name of the config_text setting you would + * like to update + * @param mixed $config_value The value of the config_text setting + * @return null + * @throws \phpbb\db\migration\exception + */ + public function update($config_name, $config_value) + { + if (is_null($this->config_text->get($config_name))) + { + throw new \phpbb\db\migration\exception('CONFIG_NOT_EXIST', $config_name); + } + + $this->config_text->set($config_name, $config_value); + } + + /** + * Remove an existing config_text setting. + * + * @param string $config_name The name of the config_text setting you would + * like to remove + * @return null + */ + public function remove($config_name) + { + if (is_null($this->config_text->get($config_name))) + { + return; + } + + $this->config_text->delete($config_name); + } + + /** + * {@inheritdoc} + */ + public function reverse() + { + $arguments = func_get_args(); + $original_call = array_shift($arguments); + + $call = false; + switch ($original_call) + { + case 'add': + $call = 'remove'; + break; + + case 'remove': + $call = 'add'; + if (sizeof($arguments) == 1) + { + $arguments[] = ''; + } + break; + } + + if ($call) + { + return call_user_func_array(array(&$this, $call), $arguments); + } + } +} diff --git a/phpBB/phpbb/di/container_builder.php b/phpBB/phpbb/di/container_builder.php new file mode 100644 index 0000000000..ab10073013 --- /dev/null +++ b/phpBB/phpbb/di/container_builder.php @@ -0,0 +1,402 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\di; + +use Symfony\Component\DependencyInjection\ContainerBuilder; +use Symfony\Component\DependencyInjection\Dumper\PhpDumper; + +class container_builder +{ + /** @var string phpBB Root Path */ + protected $phpbb_root_path; + + /** @var string php file extension */ + protected $php_ext; + + /** + * The container under construction + * + * @var ContainerBuilder + */ + protected $container; + + /** + * @var \phpbb\db\driver\driver_interface + */ + protected $dbal_connection = null; + + /** + * @var array the installed extensions + */ + protected $installed_exts = null; + + /** + * Indicates whether the php config file should be injected into the container (default to true). + * + * @var bool + */ + protected $inject_config = true; + + /** + * Indicates whether extensions should be used (default to true). + * + * @var bool + */ + protected $use_extensions = true; + + /** + * Defines a custom path to find the configuration of the container (default to $this->phpbb_root_path . 'config') + * + * @var string + */ + protected $config_path = null; + + /** + * Indicates whether the phpBB compile pass should be used (default to true). + * + * @var bool + */ + protected $use_custom_pass = true; + + /** + * Indicates whether the kernel compile pass should be used (default to true). + * + * @var bool + */ + protected $use_kernel_pass = true; + + /** + * Indicates whether the container should be dumped to the filesystem (default to true). + * + * If DEBUG_CONTAINER is set this option is ignored and a new container is build. + * + * @var bool + */ + protected $dump_container = true; + + /** + * Indicates if the container should be compiled automatically (default to true). + * + * @var bool + */ + protected $compile_container = true; + + /** + * Custom parameters to inject into the container. + * + * Default to true: + * array( + * 'core.root_path', $this->phpbb_root_path, + * 'core.php_ext', $this->php_ext, + * ); + * + * @var array + */ + protected $custom_parameters = null; + + /** + * @var \phpbb\config_php_file + */ + protected $config_php_file; + + /** + * Constructor + * + * @param \phpbb\config_php_file $config_php_file + * @param string $phpbb_root_path Path to the phpbb includes directory. + * @param string $php_ext php file extension + */ + function __construct(\phpbb\config_php_file $config_php_file, $phpbb_root_path, $php_ext) + { + $this->config_php_file = $config_php_file; + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; + } + + /** + * Build and return a new Container respecting the current configuration + * + * @return \phpbb_cache_container|ContainerBuilder + */ + public function get_container() + { + $container_filename = $this->get_container_filename(); + if (!defined('DEBUG_CONTAINER') && $this->dump_container && file_exists($container_filename)) + { + require($container_filename); + $this->container = new \phpbb_cache_container(); + } + else + { + if ($this->config_path === null) + { + $this->config_path = $this->phpbb_root_path . 'config'; + } + $container_extensions = array(new \phpbb\di\extension\core($this->config_path)); + + if ($this->use_extensions) + { + $installed_exts = $this->get_installed_extensions(); + $container_extensions[] = new \phpbb\di\extension\ext($installed_exts); + } + + if ($this->inject_config) + { + $container_extensions[] = new \phpbb\di\extension\config($this->config_php_file); + } + + $this->container = $this->create_container($container_extensions); + + if ($this->use_custom_pass) + { + $this->container->addCompilerPass(new \phpbb\di\pass\collection_pass()); + + if ($this->use_kernel_pass) + { + $this->container->addCompilerPass(new \phpbb\di\pass\kernel_pass()); + } + } + + $this->inject_custom_parameters(); + + if ($this->compile_container) + { + $this->container->compile(); + } + + if ($this->dump_container && !defined('DEBUG')) + { + $this->dump_container($container_filename); + } + } + + $this->container->set('config.php', $this->config_php_file); + + if ($this->compile_container) + { + $this->inject_dbal(); + } + + return $this->container; + } + + /** + * Set if the extensions should be used. + * + * @param bool $use_extensions + */ + public function set_use_extensions($use_extensions) + { + $this->use_extensions = $use_extensions; + } + + /** + * Set if the phpBB compile pass have to be used. + * + * @param bool $use_custom_pass + */ + public function set_use_custom_pass($use_custom_pass) + { + $this->use_custom_pass = $use_custom_pass; + } + + /** + * Set if the kernel compile pass have to be used. + * + * @param bool $use_kernel_pass + */ + public function set_use_kernel_pass($use_kernel_pass) + { + $this->use_kernel_pass = $use_kernel_pass; + } + + /** + * Set if the php config file should be injecting into the container. + * + * @param bool $inject_config + */ + public function set_inject_config($inject_config) + { + $this->inject_config = $inject_config; + } + + /** + * Set if a dump container should be used. + * + * If DEBUG_CONTAINER is set this option is ignored and a new container is build. + * + * @var bool $dump_container + */ + public function set_dump_container($dump_container) + { + $this->dump_container = $dump_container; + } + + /** + * Set if the container should be compiled automatically (default to true). + * + * @var bool $dump_container + */ + public function set_compile_container($compile_container) + { + $this->compile_container = $compile_container; + } + + /** + * Set a custom path to find the configuration of the container + * + * @param string $config_path + */ + public function set_config_path($config_path) + { + $this->config_path = $config_path; + } + + /** + * Set custom parameters to inject into the container. + * + * @param array $custom_parameters + */ + public function set_custom_parameters($custom_parameters) + { + $this->custom_parameters = $custom_parameters; + } + + /** + * Dump the container to the disk. + * + * @param string $container_filename The name of the file. + */ + protected function dump_container($container_filename) + { + $dumper = new PhpDumper($this->container); + $cached_container_dump = $dumper->dump(array( + 'class' => 'phpbb_cache_container', + 'base_class' => 'Symfony\\Component\\DependencyInjection\\ContainerBuilder', + )); + + file_put_contents($container_filename, $cached_container_dump); + } + + /** + * Inject the connection into the container if one was opened. + */ + protected function inject_dbal() + { + if ($this->dbal_connection !== null) + { + $this->container->get('dbal.conn')->set_driver($this->dbal_connection); + } + } + + /** + * Get DB connection. + * + * @return \phpbb\db\driver\driver_interface + */ + protected function get_dbal_connection() + { + if ($this->dbal_connection === null) + { + $dbal_driver_class = $this->config_php_file->convert_30_dbms_to_31($this->config_php_file->get('dbms')); + $this->dbal_connection = new $dbal_driver_class(); + $this->dbal_connection->sql_connect( + $this->config_php_file->get('dbhost'), + $this->config_php_file->get('dbuser'), + $this->config_php_file->get('dbpasswd'), + $this->config_php_file->get('dbname'), + $this->config_php_file->get('dbport'), + defined('PHPBB_DB_NEW_LINK') && PHPBB_DB_NEW_LINK + ); + } + + return $this->dbal_connection; + } + + /** + * Get enabled extensions. + * + * @return array enabled extensions + */ + protected function get_installed_extensions() + { + $db = $this->get_dbal_connection(); + $extension_table = $this->config_php_file->get('table_prefix') . 'ext'; + + $sql = 'SELECT * + FROM ' . $extension_table . ' + WHERE ext_active = 1'; + + $result = $db->sql_query($sql); + $rows = $db->sql_fetchrowset($result); + $db->sql_freeresult($result); + + $exts = array(); + foreach ($rows as $row) + { + $exts[$row['ext_name']] = $this->phpbb_root_path . 'ext/' . $row['ext_name'] . '/'; + } + + return $exts; + } + + /** + * Create the ContainerBuilder object + * + * @param array $extensions Array of Container extension objects + * @return ContainerBuilder object + */ + protected function create_container(array $extensions) + { + $container = new ContainerBuilder(); + + foreach ($extensions as $extension) + { + $container->registerExtension($extension); + $container->loadFromExtension($extension->getAlias()); + } + + return $container; + } + + /** + * Inject the customs parameters into the container + */ + protected function inject_custom_parameters() + { + if ($this->custom_parameters === null) + { + $this->custom_parameters = array( + 'core.root_path' => $this->phpbb_root_path, + 'core.php_ext' => $this->php_ext, + ); + } + + foreach ($this->custom_parameters as $key => $value) + { + $this->container->setParameter($key, $value); + } + } + + /** + * Get the filename under which the dumped container will be stored. + * + * @return string Path for dumped container + */ + protected function get_container_filename() + { + $filename = str_replace(array('/', '.'), array('slash', 'dot'), $this->phpbb_root_path); + return $this->phpbb_root_path . 'cache/container_' . $filename . '.' . $this->php_ext; + } +} diff --git a/phpBB/phpbb/di/extension/config.php b/phpBB/phpbb/di/extension/config.php index a7d7284f85..27ebc94bae 100644 --- a/phpBB/phpbb/di/extension/config.php +++ b/phpBB/phpbb/di/extension/config.php @@ -21,9 +21,12 @@ use Symfony\Component\HttpKernel\DependencyInjection\Extension; */ class config extends Extension { - public function __construct($config_file) + /** @var array */ + protected $config_php; + + public function __construct(\phpbb\config_php_file $config_php) { - $this->config_file = $config_file; + $this->config_php = $config_php; } /** @@ -36,17 +39,15 @@ class config extends Extension */ public function load(array $config, ContainerBuilder $container) { - require($this->config_file); - - $container->setParameter('core.adm_relative_path', (isset($phpbb_adm_relative_path) ? $phpbb_adm_relative_path : 'adm/')); - $container->setParameter('core.table_prefix', $table_prefix); - $container->setParameter('cache.driver.class', $this->convert_30_acm_type($acm_type)); - $container->setParameter('dbal.driver.class', phpbb_convert_30_dbms_to_31($dbms)); - $container->setParameter('dbal.dbhost', $dbhost); - $container->setParameter('dbal.dbuser', $dbuser); - $container->setParameter('dbal.dbpasswd', $dbpasswd); - $container->setParameter('dbal.dbname', $dbname); - $container->setParameter('dbal.dbport', $dbport); + $container->setParameter('core.adm_relative_path', ($this->config_php->get('phpbb_adm_relative_path') ? $this->config_php->get('phpbb_adm_relative_path') : 'adm/')); + $container->setParameter('core.table_prefix', $this->config_php->get('table_prefix')); + $container->setParameter('cache.driver.class', $this->convert_30_acm_type($this->config_php->get('acm_type'))); + $container->setParameter('dbal.driver.class', $this->config_php->convert_30_dbms_to_31($this->config_php->get('dbms'))); + $container->setParameter('dbal.dbhost', $this->config_php->get('dbhost')); + $container->setParameter('dbal.dbuser', $this->config_php->get('dbuser')); + $container->setParameter('dbal.dbpasswd', $this->config_php->get('dbpasswd')); + $container->setParameter('dbal.dbname', $this->config_php->get('dbname')); + $container->setParameter('dbal.dbport', $this->config_php->get('dbport')); $container->setParameter('dbal.new_link', defined('PHPBB_DB_NEW_LINK') && PHPBB_DB_NEW_LINK); } diff --git a/phpBB/phpbb/path_helper.php b/phpBB/phpbb/path_helper.php index b592cc4460..a8592eac6c 100644 --- a/phpBB/phpbb/path_helper.php +++ b/phpBB/phpbb/path_helper.php @@ -24,6 +24,9 @@ class path_helper /** @var \phpbb\filesystem */ protected $filesystem; + /** @var \phpbb\request\request_interface */ + protected $request; + /** @var string */ protected $phpbb_root_path; @@ -41,13 +44,16 @@ class path_helper * * @param \phpbb\symfony_request $symfony_request * @param \phpbb\filesystem $filesystem + * @param \phpbb\request\request_interface $request * @param string $phpbb_root_path Relative path to phpBB root * @param string $php_ext PHP extension (php) + * @param mixed $adm_relative_path Relative path admin path to adm/ root */ - public function __construct(\phpbb\symfony_request $symfony_request, \phpbb\filesystem $filesystem, $phpbb_root_path, $php_ext, $adm_relative_path = null) + public function __construct(\phpbb\symfony_request $symfony_request, \phpbb\filesystem $filesystem, \phpbb\request\request_interface $request, $phpbb_root_path, $php_ext, $adm_relative_path = null) { $this->symfony_request = $symfony_request; $this->filesystem = $filesystem; + $this->request = $request; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; $this->adm_relative_path = $adm_relative_path; @@ -98,7 +104,13 @@ class path_helper { $path = substr($path, strlen($this->phpbb_root_path)); - return $this->filesystem->clean_path($this->get_web_root_path() . $path); + $web_root_path = $this->get_web_root_path(); + if (substr($web_root_path, -8) === 'app.php/' && substr($path, 0, 7) === 'app.php') + { + $path = substr($path, 8); + } + + return $this->filesystem->clean_path($web_root_path . $path); } return $path; @@ -170,6 +182,34 @@ class path_helper return $this->web_root_path = $this->phpbb_root_path; } + /* + * Check AJAX request: + * If the current request is a AJAX we need to fix the paths. + * We need to get the root path based on the Referer, so we can use + * the generated URLs in the template of the Referer. If we do not + * generate the relative path based on the Referer, but based on the + * currently requested URL, the generated URLs will not point to the + * intended locations: + * Referer desired URL desired relative root path + * memberlist.php faq.php ./ + * memberlist.php app.php/foo/bar ./ + * app.php/foo memberlist.php ../ + * app.php/foo app.php/fox ../ + * app.php/foo/bar memberlist.php ../../ + * ../page.php memberlist.php ./phpBB/ + * ../sub/page.php memberlist.php ./../phpBB/ + * + * The referer must be specified as a parameter in the query. + */ + if ($this->request->is_ajax() && $this->symfony_request->get('_referer')) + { + $referer_web_root_path = $this->get_web_root_path_from_ajax_referer( + $this->symfony_request->get('_referer'), + $this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath() + ); + return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path; + } + // How many corrections might we need? $corrections = substr_count($path_info, '/'); @@ -191,6 +231,65 @@ class path_helper } /** + * Get the web root path of the referer form an ajax request + * + * @param string $absolute_referer_url + * @param string $absolute_board_url + * @return string + */ + public function get_web_root_path_from_ajax_referer($absolute_referer_url, $absolute_board_url) + { + // If the board URL is in the beginning of the referer, this means + // we the referer is in the board URL or a subdirectory of it. + // So we just need to count the / (slashes) in the left over part of + // the referer and prepend ../ the the current root_path, to get the + // web root path of the referer. + if (strpos($absolute_referer_url, $absolute_board_url) === 0) + { + $relative_referer_path = substr($absolute_referer_url, strlen($absolute_board_url)); + $has_params = strpos($relative_referer_path, '?'); + if ($has_params !== false) + { + $relative_referer_path = substr($relative_referer_path, 0, $has_params); + } + $corrections = substr_count($relative_referer_path, '/'); + return $this->phpbb_root_path . str_repeat('../', $corrections - 1); + } + + // If not, it's a bit more complicated. We go to the parent directory + // of the referer until we find the remaining referer in the board URL. + // Foreach directory we need to add a ../ to the fixed root_path. + // When we finally found it, we need to remove the remaining referer + // from the board URL, to get the boards root path. + // If the then append these two strings, we get our fixed web root path. + $fixed_root_path = ''; + $referer_dir = $absolute_referer_url; + $has_params = strpos($referer_dir, '?'); + if ($has_params !== false) + { + $referer_dir = substr($referer_dir, 0, $has_params); + } + + // If we do not find a slash at the end of the referer, we come + // from a file. So the first dirname() does not need a traversal + // path correction. + if (substr($referer_dir, -1) !== '/') + { + $referer_dir = dirname($referer_dir); + } + + while (strpos($absolute_board_url, $referer_dir) !== 0) + { + $fixed_root_path .= '../'; + $referer_dir = dirname($referer_dir); + } + + $fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1); + // Add trailing slash + return $this->phpbb_root_path . $fixed_root_path . '/'; + } + + /** * Eliminates useless . and .. components from specified URL * * @param string $url URL to clean diff --git a/phpBB/phpbb/viewonline_helper.php b/phpBB/phpbb/viewonline_helper.php index 3fc33119a3..b722f9d911 100644 --- a/phpBB/phpbb/viewonline_helper.php +++ b/phpBB/phpbb/viewonline_helper.php @@ -18,6 +18,17 @@ namespace phpbb; */ class viewonline_helper { + /** @var \phpbb\filesystem */ + protected $filesystem; + + /** + * @param \phpbb\filesystem $filesystem + */ + public function __construct(\phpbb\filesystem $filesystem) + { + $this->filesystem = $filesystem; + } + /** * Get user page * @@ -26,7 +37,13 @@ class viewonline_helper */ public function get_user_page($session_page) { - preg_match('#^([./\\]*+[a-z0-9/_-]+)#i', $session_page, $on_page); + $session_page = $this->filesystem->clean_path($session_page); + if (strpos($session_page, './') === 0) + { + $session_page = substr($session_page, 2); + } + + preg_match('#^((\.\./)*([a-z0-9/_-]+))#i', $session_page, $on_page); if (empty($on_page)) { $on_page[1] = ''; |