aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb')
-rw-r--r--phpBB/phpbb/avatar/driver/remote.php31
-rw-r--r--phpBB/phpbb/db/migration/data/v310/softdelete_p2.php6
-rw-r--r--phpBB/phpbb/db/migration/data/v310/style_update_p2.php16
-rw-r--r--phpBB/phpbb/db/migrator.php6
-rw-r--r--phpBB/phpbb/di/extension/config.php2
-rw-r--r--phpBB/phpbb/template/twig/lexer.php58
-rw-r--r--phpBB/phpbb/template/twig/tokenparser/defineparser.php7
7 files changed, 112 insertions, 14 deletions
diff --git a/phpBB/phpbb/avatar/driver/remote.php b/phpBB/phpbb/avatar/driver/remote.php
index 12cbd883f4..22d50c703e 100644
--- a/phpBB/phpbb/avatar/driver/remote.php
+++ b/phpBB/phpbb/avatar/driver/remote.php
@@ -117,6 +117,37 @@ class remote extends \phpbb\avatar\driver\driver
$types = \fileupload::image_types();
$extension = strtolower(\filespec::get_extension($url));
+ // Check if this is actually an image
+ if ($file_stream = @fopen($url, 'r'))
+ {
+ // Timeout after 1 second
+ stream_set_timeout($file_stream, 1);
+ $meta = stream_get_meta_data($file_stream);
+ foreach ($meta['wrapper_data'] as $header)
+ {
+ $header = preg_split('/ /', $header, 2);
+ if (strtr(strtolower(trim($header[0], ':')), '_', '-') === 'content-type')
+ {
+ if (strpos($header[1], 'image/') !== 0)
+ {
+ $error[] = 'AVATAR_URL_INVALID';
+ fclose($file_stream);
+ return false;
+ }
+ else
+ {
+ fclose($file_stream);
+ break;
+ }
+ }
+ }
+ }
+ else
+ {
+ $error[] = 'AVATAR_URL_INVALID';
+ return false;
+ }
+
if (!empty($image_data) && (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]])))
{
if (!isset($types[$image_data[2]]))
diff --git a/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php b/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php
index 0c32e474f4..38b190c766 100644
--- a/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php
+++ b/phpBB/phpbb/db/migration/data/v310/softdelete_p2.php
@@ -34,7 +34,10 @@ class softdelete_p2 extends \phpbb\db\migration\migration
),
'drop_keys' => array(
$this->table_prefix . 'posts' => array('post_approved'),
- $this->table_prefix . 'topics' => array('forum_appr_last'),
+ $this->table_prefix . 'topics' => array(
+ 'forum_appr_last',
+ 'topic_approved',
+ ),
),
);
}
@@ -63,6 +66,7 @@ class softdelete_p2 extends \phpbb\db\migration\migration
),
$this->table_prefix . 'topics' => array(
'forum_appr_last' => array('forum_id', 'topic_approved', 'topic_last_post_id'),
+ 'topic_approved' => array('topic_approved'),
),
),
);
diff --git a/phpBB/phpbb/db/migration/data/v310/style_update_p2.php b/phpBB/phpbb/db/migration/data/v310/style_update_p2.php
index c5b45d9dc9..40d6a4dbbd 100644
--- a/phpBB/phpbb/db/migration/data/v310/style_update_p2.php
+++ b/phpBB/phpbb/db/migration/data/v310/style_update_p2.php
@@ -24,6 +24,14 @@ class style_update_p2 extends \phpbb\db\migration\migration
public function update_schema()
{
return array(
+ 'drop_keys' => array(
+ $this->table_prefix . 'styles' => array(
+ 'imageset_id',
+ 'template_id',
+ 'theme_id',
+ ),
+ ),
+
'drop_columns' => array(
$this->table_prefix . 'styles' => array(
'imageset_id',
@@ -53,6 +61,14 @@ class style_update_p2 extends \phpbb\db\migration\migration
),
),
+ 'add_index' => array(
+ $this->table_prefix . 'styles' => array(
+ 'imageset_id' => array('imageset_id'),
+ 'template_id' => array('template_id'),
+ 'theme_id' => array('theme_id'),
+ ),
+ ),
+
'add_tables' => array(
$this->table_prefix . 'styles_imageset' => array(
'COLUMNS' => array(
diff --git a/phpBB/phpbb/db/migrator.php b/phpBB/phpbb/db/migrator.php
index 3b966b7fe3..8186493800 100644
--- a/phpBB/phpbb/db/migrator.php
+++ b/phpBB/phpbb/db/migrator.php
@@ -375,7 +375,7 @@ class migrator
foreach ($steps as $step_identifier => $step)
{
- $last_result = false;
+ $last_result = 0;
if ($state)
{
// Continue until we reach the step that matches the last step called
@@ -436,7 +436,7 @@ class migrator
* @param bool $reverse False to install, True to attempt uninstallation by reversing the call
* @return null
*/
- protected function run_step($step, $last_result = false, $reverse = false)
+ protected function run_step($step, $last_result = 0, $reverse = false)
{
$callable_and_parameters = $this->get_callable_from_step($step, $last_result, $reverse);
@@ -459,7 +459,7 @@ class migrator
* @param bool $reverse False to install, True to attempt uninstallation by reversing the call
* @return array Array with parameters for call_user_func_array(), 0 is the callable, 1 is parameters
*/
- protected function get_callable_from_step(array $step, $last_result = false, $reverse = false)
+ protected function get_callable_from_step(array $step, $last_result = 0, $reverse = false)
{
$type = $step[0];
$parameters = $step[1];
diff --git a/phpBB/phpbb/di/extension/config.php b/phpBB/phpbb/di/extension/config.php
index 5fcb2d6f10..2603e7b358 100644
--- a/phpBB/phpbb/di/extension/config.php
+++ b/phpBB/phpbb/di/extension/config.php
@@ -70,7 +70,7 @@ class config extends Extension
{
if (preg_match('#^[a-z]+$#', $acm_type))
{
- return '\\phpbb\cache\driver\\'.$acm_type;
+ return 'phpbb\\cache\\driver\\' . $acm_type;
}
return $acm_type;
diff --git a/phpBB/phpbb/template/twig/lexer.php b/phpBB/phpbb/template/twig/lexer.php
index be53b3eb5b..f4efc58540 100644
--- a/phpBB/phpbb/template/twig/lexer.php
+++ b/phpBB/phpbb/template/twig/lexer.php
@@ -68,6 +68,12 @@ class lexer extends \Twig_Lexer
);
// Fix tokens that may have inline variables (e.g. <!-- DEFINE $TEST = '{FOO}')
+ $code = $this->strip_surrounding_quotes(array(
+ 'INCLUDE',
+ 'INCLUDEPHP',
+ 'INCLUDEJS',
+ 'INCLUDECSS',
+ ), $code);
$code = $this->fix_inline_variable_tokens(array(
'DEFINE \$[a-zA-Z0-9_]+ =',
'INCLUDE',
@@ -75,6 +81,12 @@ class lexer extends \Twig_Lexer
'INCLUDEJS',
'INCLUDECSS',
), $code);
+ $code = $this->add_surrounding_quotes(array(
+ 'INCLUDE',
+ 'INCLUDEPHP',
+ 'INCLUDEJS',
+ 'INCLUDECSS',
+ ), $code);
// Fix our BEGIN statements
$code = $this->fix_begin_tokens($code);
@@ -108,9 +120,29 @@ class lexer extends \Twig_Lexer
}
/**
+ * Strip surrounding quotes
+ *
+ * First step to fix tokens that may have inline variables
+ * E.g. <!-- INCLUDE '{TEST}.html' to <!-- INCLUDE {TEST}.html
+ *
+ * @param array $tokens array of tokens to search for (imploded to a regular expression)
+ * @param string $code
+ * @return string
+ */
+ protected function strip_surrounding_quotes($tokens, $code)
+ {
+ // Remove matching quotes at the beginning/end if a statement;
+ // E.g. 'asdf'"' -> asdf'"
+ // E.g. "asdf'"" -> asdf'"
+ // E.g. 'asdf'" -> 'asdf'"
+ return preg_replace('#<!-- (' . implode('|', $tokens) . ') (([\'"])?(.*?)\1) -->#', '<!-- $1 $2 -->', $code);
+ }
+
+ /**
* Fix tokens that may have inline variables
*
- * E.g. <!-- INCLUDE {TEST}.html
+ * Second step to fix tokens that may have inline variables
+ * E.g. <!-- INCLUDE '{TEST}.html' to <!-- INCLUDE ' ~ {TEST} ~ '.html
*
* @param array $tokens array of tokens to search for (imploded to a regular expression)
* @param string $code
@@ -120,23 +152,31 @@ class lexer extends \Twig_Lexer
{
$callback = function($matches)
{
- // Remove matching quotes at the beginning/end if a statement;
- // E.g. 'asdf'"' -> asdf'"
- // E.g. "asdf'"" -> asdf'"
- // E.g. 'asdf'" -> 'asdf'"
- $matches[2] = preg_replace('#^([\'"])?(.*?)\1$#', '$2', $matches[2]);
-
// Replace template variables with start/end to parse variables (' ~ TEST ~ '.html)
$matches[2] = preg_replace('#{([a-zA-Z0-9_\.$]+)}#', "'~ \$1 ~'", $matches[2]);
- // Surround the matches in single quotes ('' ~ TEST ~ '.html')
- return "<!-- {$matches[1]} '{$matches[2]}' -->";
+ return "<!-- {$matches[1]} {$matches[2]} -->";
};
return preg_replace_callback('#<!-- (' . implode('|', $tokens) . ') (.+?) -->#', $callback, $code);
}
/**
+ * Add surrounding quotes
+ *
+ * Last step to fix tokens that may have inline variables
+ * E.g. <!-- INCLUDE '{TEST}.html' to <!-- INCLUDE '' ~ {TEST} ~ '.html'
+ *
+ * @param array $tokens array of tokens to search for (imploded to a regular expression)
+ * @param string $code
+ * @return string
+ */
+ protected function add_surrounding_quotes($tokens, $code)
+ {
+ return preg_replace('#<!-- (' . implode('|', $tokens) . ') (.+?) -->#', '<!-- $1 \'$2\' -->', $code);
+ }
+
+ /**
* Fix begin tokens (convert our BEGIN to Twig for)
*
* Not meant to be used outside of this context, public because the anonymous function calls this
diff --git a/phpBB/phpbb/template/twig/tokenparser/defineparser.php b/phpBB/phpbb/template/twig/tokenparser/defineparser.php
index 21add0c17c..8484f2e81a 100644
--- a/phpBB/phpbb/template/twig/tokenparser/defineparser.php
+++ b/phpBB/phpbb/template/twig/tokenparser/defineparser.php
@@ -30,6 +30,13 @@ class defineparser extends \Twig_TokenParser
$stream->next();
$value = $this->parser->getExpressionParser()->parseExpression();
+ if ($value instanceof \Twig_Node_Expression_Name)
+ {
+ // This would happen if someone improperly formed their DEFINE syntax
+ // e.g. <!-- DEFINE $VAR = foo -->
+ throw new \Twig_Error_Syntax('Invalid DEFINE', $token->getLine(), $this->parser->getFilename());
+ }
+
$stream->expect(\Twig_Token::BLOCK_END_TYPE);
} else {
$capture = true;
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-23 05:56:40 +0000