From 0bf6966c5228d446c4f0d3862619db0f619c7369 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Wed, 13 Jul 2011 19:20:16 +0200 Subject: [feature/request-class] Add server(), header() and is_ajax() to request Extend the request class with helpers for reading server vars (server()) and HTTP request headers (header()). Refactor the existing code base to make use of these helpers, make $_SERVER a deactivated super global. Also introduce an is_ajax() method, which checks the X-Requested-With header for the value 'XMLHttpRequest', which is sent by JavaScript libraries, such as jQuery. PHPBB3-9716 --- phpBB/download/file.php | 2 +- phpBB/includes/acp/acp_database.php | 14 ++--- phpBB/includes/auth/auth_apache.php | 27 +++++----- .../captcha/plugins/phpbb_recaptcha_plugin.php | 3 +- phpBB/includes/functions.php | 32 +++++++----- phpBB/includes/functions_download.php | 39 +++++++------- phpBB/includes/functions_messenger.php | 4 +- phpBB/includes/questionnaire/questionnaire.php | 22 +++----- phpBB/includes/request/interface.php | 33 +++++++++++- phpBB/includes/request/request.php | 61 ++++++++++++++++++++-- phpBB/includes/request/type_cast_helper.php | 29 ++++++---- phpBB/includes/session.php | 30 ++++++----- phpBB/install/database_update.php | 4 +- phpBB/install/index.php | 16 +++--- phpBB/install/install_install.php | 22 ++++---- phpBB/style.php | 2 +- tests/bbcode/url_bbcode_test.php | 4 +- tests/download/http_byte_range_test.php | 12 +++-- tests/mock/request.php | 35 ++++++++++++- tests/request/request_test.php | 15 +++++- tests/request/type_cast_helper_test.php | 10 ++++ tests/security/base.php | 36 +++++++------ tests/security/extract_current_page_test.php | 16 ++++-- 23 files changed, 317 insertions(+), 151 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 735db70dfc..aa49fb8ab5 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -63,7 +63,7 @@ if (isset($_GET['avatar'])) unset($dbpasswd); // worst-case default - $browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0'; + $browser = strtolower($request->header('User-Agent', 'msie 6.0')); $config = new phpbb_config_db($db, $cache->get_driver(), CONFIG_TABLE); set_config(null, null, null, $config); diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 96542986d3..632578ef2d 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -486,6 +486,8 @@ class base_extractor function base_extractor($download = false, $store = false, $format, $filename, $time) { + global $request; + $this->download = $download; $this->store = $store; $this->time = $time; @@ -530,7 +532,7 @@ class base_extractor break; case 'gzip': - if ((isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false) && strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'msie') === false) + if (strpos($request->header('Accept-Encoding'), 'gzip') !== false && strpos(strtolower($request->header('User-Agent')), 'msie') === false) { ob_start('ob_gzhandler'); } @@ -1580,7 +1582,7 @@ class mssql_extractor extends base_extractor } $this->flush($sql_data); } - + function write_data_mssqlnative($table_name) { global $db; @@ -1606,7 +1608,7 @@ class mssql_extractor extends base_extractor $row = new result_mssqlnative($result_fields); $i_num_fields = $row->num_fields(); - + for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = $row->field_type($i); @@ -1619,7 +1621,7 @@ class mssql_extractor extends base_extractor WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1"; $result2 = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result2); - + if (!empty($row2['has_identity'])) { $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n"; @@ -1683,8 +1685,8 @@ class mssql_extractor extends base_extractor $sql_data .= "\nSET IDENTITY_INSERT $table_name OFF\nGO\n"; } $this->flush($sql_data); - } - + } + function write_data_odbc($table_name) { global $db; diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index a148403c6f..ff07936b36 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -28,9 +28,9 @@ if (!defined('IN_PHPBB')) */ function init_apache() { - global $user; + global $user, $request; - if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER']) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== $request->server('PHP_AUTH_USER')) { return $user->lang['APACHE_SETUP_BEFORE_USE']; } @@ -42,7 +42,7 @@ function init_apache() */ function login_apache(&$username, &$password) { - global $db; + global $db, $request; // do not allow empty password if (!$password) @@ -63,7 +63,7 @@ function login_apache(&$username, &$password) ); } - if (!isset($_SERVER['PHP_AUTH_USER'])) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -72,8 +72,8 @@ function login_apache(&$username, &$password) ); } - $php_auth_user = $_SERVER['PHP_AUTH_USER']; - $php_auth_pw = $_SERVER['PHP_AUTH_PW']; + $php_auth_user = $request->server('PHP_AUTH_USER'); + $php_auth_pw = $request->server('PHP_AUTH_PW'); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -136,15 +136,15 @@ function login_apache(&$username, &$password) */ function autologin_apache() { - global $db; + global $db, $request; - if (!isset($_SERVER['PHP_AUTH_USER'])) + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array(); } - $php_auth_user = $_SERVER['PHP_AUTH_USER']; - $php_auth_pw = $_SERVER['PHP_AUTH_PW']; + $php_auth_user = $request->server('PHP_AUTH_USER'); + $php_auth_pw = $request->server('PHP_AUTH_PW'); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -228,11 +228,12 @@ function user_row_apache($username, $password) */ function validate_session_apache(&$user) { + global $request; + // Check if PHP_AUTH_USER is set and handle this case - if (isset($_SERVER['PHP_AUTH_USER'])) + if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { - $php_auth_user = ''; - set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true); + $php_auth_user = $request->server('PHP_AUTH_USER', '', true); return ($php_auth_user === $user['username']) ? true : false; } diff --git a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php index c0db41d5a5..2272b10841 100644 --- a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php +++ b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php @@ -41,7 +41,8 @@ class phpbb_recaptcha extends phpbb_default_captcha // PHP4 Constructor function phpbb_recaptcha() { - $this->recaptcha_server = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? $this->recaptcha_server_secure : $this->recaptcha_server; + global $request; + $this->recaptcha_server = $request->server('HTTPS') == 'on' ? $this->recaptcha_server_secure : $this->recaptcha_server; } function init($type) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ed183b3e76..9ae1885efd 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -781,6 +781,8 @@ function is_absolute($path) */ function phpbb_own_realpath($path) { + global $request; + // Now to perform funky shizzle // Switch to use UNIX slashes @@ -824,11 +826,11 @@ function phpbb_own_realpath($path) $path_prefix = ''; } } - else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME'])) + else if ($request->server('SCRIPT_FILENAME')) { // Warning: If chdir() has been used this will lie! // Warning: This has some problems sometime (CLI can create them easily) - $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path; + $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($request->server('SCRIPT_FILENAME'))) . '/' . $path; $absolute = true; $path_prefix = ''; } @@ -2048,10 +2050,10 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) */ function generate_board_url($without_script_path = false) { - global $config, $user; + global $config, $user, $request; $server_name = $user->host; - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $server_port = $request->server('SERVER_PORT', 0); // Forcing server vars is the only way to specify/override the protocol if ($config['force_server_vars'] || !$server_name) @@ -2067,7 +2069,7 @@ function generate_board_url($without_script_path = false) else { // Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection - $cookie_secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; + $cookie_secure = $request->server('HTTPS') == 'on' ? 1 : 0; $url = (($cookie_secure) ? 'https://' : 'http://') . $server_name; $script_path = $user->page['root_script_path']; @@ -2419,6 +2421,8 @@ function meta_refresh($time, $url, $disable_cd_check = false) */ function send_status_line($code, $message) { + global $request; + if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') { // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though @@ -2426,15 +2430,15 @@ function send_status_line($code, $message) } else { - if (!empty($_SERVER['SERVER_PROTOCOL'])) + if ($request->server('SERVER_PROTOCOL')) { - $version = $_SERVER['SERVER_PROTOCOL']; + $version = $request->server('SERVER_PROTOCOL'); } - else if (!empty($_SERVER['HTTP_VERSION'])) + else if ($request->server('HTTP_VERSION')) { // I cannot remember where I got this from. // This code path may never be reachable in reality. - $version = $_SERVER['HTTP_VERSION']; + $version = $request->server('HTTP_VERSION'); } else { @@ -4144,7 +4148,7 @@ function phpbb_optionset($bit, $set, $data) */ function phpbb_http_login($param) { - global $auth, $user; + global $auth, $user, $request; global $config; $param_defaults = array( @@ -4184,9 +4188,9 @@ function phpbb_http_login($param) $username = null; foreach ($username_keys as $k) { - if (isset($_SERVER[$k])) + if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $username = $_SERVER[$k]; + $username = $request->server($k); break; } } @@ -4194,9 +4198,9 @@ function phpbb_http_login($param) $password = null; foreach ($password_keys as $k) { - if (isset($_SERVER[$k])) + if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $password = $_SERVER[$k]; + $password = $request->server($k); break; } } diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 94bcb36698..8780773dea 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -274,7 +274,9 @@ function send_file_to_browser($attachment, $upload_dir, $category) */ function header_filename($file) { - $user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; + global $request; + + $user_agent = $request->header('User-Agent', '', true); // There be dragons here. // Not many follows the RFC... @@ -292,14 +294,14 @@ function header_filename($file) */ function download_allowed() { - global $config, $user, $db; + global $config, $user, $db, $request; if (!$config['secure_downloads']) { return true; } - $url = (!empty($_SERVER['HTTP_REFERER'])) ? trim($_SERVER['HTTP_REFERER']) : trim(getenv('HTTP_REFERER')); + $url = trim($request->header('Referer')); if (!$url) { @@ -404,8 +406,10 @@ function download_allowed() */ function set_modified_headers($stamp, $browser) { + global $request; + // let's see if we have to send the file at all - $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; + $last_load = $request->header('Modified-Since') ? strtotime(trim($request->header('Modified-Since'))) : false; if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false)) { if ($last_load !== false && $last_load >= $stamp) @@ -473,12 +477,12 @@ function phpbb_http_byte_range($filesize) { $request_array = phpbb_find_range_request(); } - + return (empty($request_array)) ? false : phpbb_parse_range_request($request_array, $filesize); } /** -* Searches for HTTP range request in super globals. +* Searches for HTTP range request in request headers. * * @return mixed false if no request found * array of strings containing the requested ranges otherwise @@ -486,23 +490,16 @@ function phpbb_http_byte_range($filesize) */ function phpbb_find_range_request() { - $globals = array( - array('_SERVER', 'HTTP_RANGE'), - array('_ENV', 'HTTP_RANGE'), - ); + global $request; - foreach ($globals as $array) - { - $global = $array[0]; - $key = $array[1]; + $value = $request->header('Range'); - // Make sure range request starts with "bytes=" - if (isset($GLOBALS[$global][$key]) && strpos($GLOBALS[$global][$key], 'bytes=') === 0) - { - // Strip leading 'bytes=' - // Multiple ranges can be separated by a comma - return explode(',', substr($GLOBALS[$global][$key], 6)); - } + // Make sure range request starts with "bytes=" + if (strpos($value, 'bytes=') === 0) + { + // Strip leading 'bytes=' + // Multiple ranges can be separated by a comma + return explode(',', substr($value, 6)); } return false; diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index f5d102b1da..d97e308302 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -333,7 +333,7 @@ class messenger */ function error($type, $msg) { - global $user, $phpEx, $phpbb_root_path, $config; + global $user, $phpEx, $phpbb_root_path, $config, $request; // Session doesn't exist, create it if (!isset($user->session_id) || $user->session_id === '') @@ -341,7 +341,7 @@ class messenger $user->session_begin(); } - $calling_page = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; + $calling_page = $request->server('PHP_SELF'); $message = ''; switch ($type) diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index b9231547cd..ed61cf82d0 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -148,23 +148,15 @@ class phpbb_questionnaire_system_data_provider */ function get_data() { - // Start discovering the IPV4 server address, if available - $server_address = '0.0.0.0'; - - if (!empty($_SERVER['SERVER_ADDR'])) - { - $server_address = $_SERVER['SERVER_ADDR']; - } + global $request; - // Running on IIS? - if (!empty($_SERVER['LOCAL_ADDR'])) - { - $server_address = $_SERVER['LOCAL_ADDR']; - } + // Start discovering the IPV4 server address, if available + // Try apache, IIS, fall back to 0.0.0.0 + $server_address = $request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')); return array( 'os' => PHP_OS, - 'httpd' => $_SERVER['SERVER_SOFTWARE'], + 'httpd' => $request->server('SERVER_SOFTWARE'), // we don't want the real IP address (for privacy policy reasons) but only // a network address to see whether your installation is running on a private or public network. 'private_ip' => $this->is_private_ip($server_address), @@ -482,7 +474,7 @@ class phpbb_questionnaire_phpbb_data_provider } } - global $db; + global $db, $request; $result['dbms'] = $dbms; $result['acm_type'] = $acm_type; @@ -492,7 +484,7 @@ class phpbb_questionnaire_phpbb_data_provider // Try to get user agent vendor and version $match = array(); - $user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? (string) $_SERVER['HTTP_USER_AGENT'] : ''; + $user_agent = $request->header('User-Agent'); $agents = array('firefox', 'msie', 'opera', 'chrome', 'safari', 'mozilla', 'seamonkey', 'konqueror', 'netscape', 'gecko', 'navigator', 'mosaic', 'lynx', 'amaya', 'omniweb', 'avant', 'camino', 'flock', 'aol'); // We check here 1 by 1 because some strings occur after others (for example Mozilla [...] Firefox/) diff --git a/phpBB/includes/request/interface.php b/phpBB/includes/request/interface.php index 7b5b600100..983a05d6c4 100644 --- a/phpBB/includes/request/interface.php +++ b/phpBB/includes/request/interface.php @@ -29,6 +29,7 @@ interface phpbb_request_interface const GET = 1; const REQUEST = 2; const COOKIE = 3; + const SERVER = 4; /**#@-*/ /** @@ -60,11 +61,34 @@ interface phpbb_request_interface * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global * Specifies which super global should be used + * @param bool $html_encode When true, html encoding will be applied * * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ - public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST); + public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST, $html_encode = true); + + /** + * Shortcut method to retrieve SERVER variables. + * + * @param string|array $var_name See phpbb_request_interface::variable + * @param mixed $default See phpbb_request_interface::variable + * @param bool $html_encode See phpbb_request_interface::variable + * + * @return mixed The server variable value. + */ + public function server($var_name, $default = '', $html_encode = false); + + /** + * Shortcut method to retrieve the value of client HTTP headers. + * + * @param string|array $header_name The name of the header to retrieve. + * @param mixed $default See phpbb_request_interface::variable + * @param bool $html_encode See phpbb_request_interface::variable + * + * @return mixed The header value. + */ + public function header($var_name, $default = '', $html_encode = false); /** * Checks whether a certain variable was sent via POST. @@ -90,6 +114,13 @@ interface phpbb_request_interface */ public function is_set($var, $super_global = phpbb_request_interface::REQUEST); + /** + * Checks whether the current request is an AJAX request (XMLHttpRequest) + * + * @return bool True if the current request is an ajax request + */ + public function is_ajax(); + /** * Returns all variable names for a given super global * diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php index 7d284a9bf7..f60d870773 100644 --- a/phpBB/includes/request/request.php +++ b/phpBB/includes/request/request.php @@ -32,7 +32,8 @@ class phpbb_request implements phpbb_request_interface phpbb_request_interface::POST => '_POST', phpbb_request_interface::GET => '_GET', phpbb_request_interface::REQUEST => '_REQUEST', - phpbb_request_interface::COOKIE => '_COOKIE' + phpbb_request_interface::COOKIE => '_COOKIE', + phpbb_request_interface::SERVER => '_SERVER', ); /** @@ -193,11 +194,12 @@ class phpbb_request implements phpbb_request_interface * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global * Specifies which super global should be used + * @param bool $html_encode When true, html encoding will be applied * * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ - public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST) + public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST, $html_encode = true) { $path = false; @@ -236,11 +238,54 @@ class phpbb_request implements phpbb_request_interface } } - $this->type_cast_helper->recursive_set_var($var, $default, $multibyte); + $this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $html_encode); return $var; } + /** + * Shortcut method to retrieve SERVER variables. + * + * Also fall back to getenv(), some CGI setups may need it (probably not, but + * whatever). + * + * @param string|array $var_name See phpbb_request_interface::variable + * @param mixed $Default See phpbb_request_interface::variable + * @param bool $html_encode See phpbb_request_interface::variable + * + * @return mixed The server variable value. + */ + public function server($var_name, $default = '', $html_encode = false) + { + $multibyte = true; + + if ($this->is_set($var_name, phpbb_request_interface::SERVER)) + { + return $this->variable($var_name, $default, $multibyte, phpbb_request_interface::SERVER); + } + else + { + $var = getenv($var_name); + $this->type_cast_helper->recursive_set_var($var, $default, $multibyte); + return $var; + } + } + + /** + * Shortcut method to retrieve the value of client HTTP headers. + * + * @param string|array $header_name The name of the header to retrieve. + * @param mixed $default See phpbb_request_interface::variable + * @param bool $html_encode See phpbb_request_interface::variable + * + * @return mixed The header value. + */ + public function header($header_name, $default = '', $html_encode = true) + { + $var_name = 'HTTP_'.str_replace('-', '_', strtoupper($header_name)); + return $this->server($var_name, $default, $html_encode); + } + /** * Checks whether a certain variable was sent via POST. * To make sure that a request was sent using POST you should call this function @@ -271,6 +316,16 @@ class phpbb_request implements phpbb_request_interface return isset($this->input[$super_global][$var]); } + /** + * Checks whether the current request is an AJAX request (XMLHttpRequest) + * + * @return bool True if the current request is an ajax request + */ + public function is_ajax() + { + return $this->header('X-Requested-With') == 'XMLHttpRequest'; + } + /** * Returns all variable names for a given super global * diff --git a/phpBB/includes/request/type_cast_helper.php b/phpBB/includes/request/type_cast_helper.php index 29855a9804..f84d71fa1c 100644 --- a/phpBB/includes/request/type_cast_helper.php +++ b/phpBB/includes/request/type_cast_helper.php @@ -88,20 +88,26 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i /** * Set variable $result to a particular type. * - * @param mixed &$result The variable to fill - * @param mixed $var The contents to fill with - * @param mixed $type The variable type. Will be used with {@link settype()} - * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. - * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + * @param mixed &$result The variable to fill + * @param mixed $var The contents to fill with + * @param mixed $type The variable type. Will be used with {@link settype()} + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + * @param bool $html_encode When true, html encoding will be applied */ - public function set_var(&$result, $var, $type, $multibyte = false) + public function set_var(&$result, $var, $type, $multibyte = false, $html_encode = true) { settype($var, $type); $result = $var; if ($type == 'string') { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); + $result = trim(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result)); + + if ($html_encode) + { + $result = htmlspecialchars($result, ENT_COMPAT, 'UTF-8'); + } if ($multibyte) { @@ -140,8 +146,9 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i * @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters. * Default is false, causing all bytes outside the ASCII range (0-127) to * be replaced with question marks. + * @param bool $html_encode When true, html encoding will be applied */ - public function recursive_set_var(&$var, $default, $multibyte) + public function recursive_set_var(&$var, $default, $multibyte, $html_encode = true) { if (is_array($var) !== is_array($default)) { @@ -152,7 +159,7 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i if (!is_array($default)) { $type = gettype($default); - $this->set_var($var, $var, $type, $multibyte); + $this->set_var($var, $var, $type, $multibyte, $html_encode); } else { @@ -173,9 +180,9 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i foreach ($_var as $k => $v) { - $this->set_var($k, $k, $key_type, $multibyte, $multibyte); + $this->set_var($k, $k, $key_type, $multibyte, $multibyte, $html_encode); - $this->recursive_set_var($v, $default_value, $multibyte); + $this->recursive_set_var($v, $default_value, $multibyte, $html_encode); $var[$k] = $v; } } diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index e36f44ddfa..71dc7807f2 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -41,16 +41,18 @@ class session */ static function extract_current_page($root_path) { + global $request; + $page_array = array(); // First of all, get the request uri... - $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); - $args = (!empty($_SERVER['QUERY_STRING'])) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING')); + $script_name = $request->server('PHP_SELF'); + $args = explode('&', $request->server('QUERY_STRING')); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) { - $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + $script_name = $request->server('REQUEST_URI'); $script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name; $page_array['failover'] = 1; } @@ -141,10 +143,10 @@ class session */ function extract_current_hostname() { - global $config; + global $config, $request; // Get hostname - $host = (!empty($_SERVER['HTTP_HOST'])) ? $_SERVER['HTTP_HOST'] : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $host = $request->header('Host', $request->server('SERVER_NAME')); // Should be a string and lowered $host = (string) strtolower($host); @@ -212,9 +214,9 @@ class session $this->time_now = time(); $this->cookie_data = array('u' => 0, 'k' => ''); $this->update_session_page = $update_session_page; - $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; - $this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; - $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? htmlspecialchars((string) $_SERVER['HTTP_X_FORWARDED_FOR']) : ''; + $this->browser = $request->header('User-Agent', '', true); + $this->referer = $request->header('Referer', '', true); + $this->forwarded_for = $request->header('X-Forwarded-For', '', true); $this->host = $this->extract_current_hostname(); $this->page = $this->extract_current_page($phpbb_root_path); @@ -268,7 +270,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? (string) $_SERVER['REMOTE_ADDR'] : ''; + $this->ip = $request->server('REMOTE_ADDR'); $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs @@ -382,7 +384,7 @@ class session $referer_valid = true; // we assume HEAD and TRACE to be foul play and thus only whitelist GET - if (@$config['referer_validation'] && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) !== 'get') + if (@$config['referer_validation'] && $request->server('REQUEST_METHOD') && strtolower($request->server('REQUEST_METHOD')) !== 'get') { $referer_valid = $this->validate_referer($check_referer_path); } @@ -1449,7 +1451,7 @@ class session */ function validate_referer($check_script_path = false) { - global $config; + global $config, $request; // no referer - nothing to validate, user's fault for turning it off (we only check on POST; so meta can't be the reason) if (empty($this->referer) || empty($this->host)) @@ -1467,7 +1469,7 @@ class session else if ($check_script_path && rtrim($this->page['root_script_path'], '/') !== '') { $ref = substr($ref, strlen($host)); - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $server_port = $request->server('SERVER_PORT', 0); if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0) { @@ -1592,9 +1594,9 @@ class user extends session * If re-enabled we need to make sure only those languages installed are checked * Commented out so we do not loose the code. - if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) + if ($request->header('Accept-Language')) { - $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + $accept_lang_ary = explode(',', $request->header('Accept-Language')); foreach ($accept_lang_ary as $accept_lang) { diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 615122da4f..d38802e380 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -144,9 +144,9 @@ $db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, false); unset($dbpasswd); $user->ip = ''; -if (!empty($_SERVER['REMOTE_ADDR'])) +if ($request->server('REMOTE_ADDR')) { - $user->ip = (function_exists('phpbb_ip_normalise')) ? phpbb_ip_normalise($_SERVER['REMOTE_ADDR']) : htmlspecialchars($_SERVER['REMOTE_ADDR']); + $user->ip = (function_exists('phpbb_ip_normalise')) ? phpbb_ip_normalise($request->server('REMOTE_ADDR')) : $request->server('REMOTE_ADDR', '', true); } $sql = "SELECT config_value diff --git a/phpBB/install/index.php b/phpBB/install/index.php index e8a63e857e..9928638fc4 100644 --- a/phpBB/install/index.php +++ b/phpBB/install/index.php @@ -100,9 +100,9 @@ request_var('', 0, false, false, $request); // "dependency injection" for a func // Try and load an appropriate language if required $language = basename(request_var('language', '')); -if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && !$language) +if ($request->header('Accept-Language') && !$language) { - $accept_lang_ary = explode(',', strtolower($_SERVER['HTTP_ACCEPT_LANGUAGE'])); + $accept_lang_ary = explode(',', strtolower($request->header('Accept-Language'))); foreach ($accept_lang_ary as $accept_lang) { // Set correct format ... guess full xx_yy form @@ -428,15 +428,17 @@ class module */ function redirect($page) { + global $request; + // HTTP_HOST is having the correct browser url in most cases... - $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); - $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); - $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; + $server_name = strtolower($request->header('Host', $request->server('SERVER_NAME'))); + $server_port = $request->server('SERVER_PORT', 0); + $secure = ($request->server('HTTPS') == 'on') ? 1 : 0; - $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); + $script_name = $request->server('PHP_SELF'); if (!$script_name) { - $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + $script_name = $request->server('REQUEST_URI'); } // Replace backslashes and doubled slashes (could happen on some proxy setups) diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index e18ed43778..af3d414071 100644 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -999,7 +999,7 @@ class install_install extends module */ function obtain_advanced_settings($mode, $sub) { - global $lang, $template, $phpEx; + global $lang, $template, $phpEx, $request; $this->page_title = $lang['STAGE_ADVANCED']; @@ -1017,7 +1017,7 @@ class install_install extends module $s_hidden_fields .= ''; // HTTP_HOST is having the correct browser url in most cases... - $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $server_name = strtolower($request->header('Host', $request->server('SERVER_NAME'))); // HTTP HOST can carry a port number... if (strpos($server_name, ':') !== false) @@ -1027,16 +1027,16 @@ class install_install extends module $data['email_enable'] = ($data['email_enable'] !== '') ? $data['email_enable'] : true; $data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : $server_name; - $data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT')); - $data['server_protocol'] = ($data['server_protocol'] !== '') ? $data['server_protocol'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://'); - $data['cookie_secure'] = ($data['cookie_secure'] !== '') ? $data['cookie_secure'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? true : false); + $data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : $request->server('SERVER_PORT', 0); + $data['server_protocol'] = ($data['server_protocol'] !== '') ? $data['server_protocol'] : ($request->server('HTTPS') == 'on' ? 'https://' : 'http://'); + $data['cookie_secure'] = ($data['cookie_secure'] !== '') ? $data['cookie_secure'] : ($request->server('HTTPS') == 'on' ? true : false); if ($data['script_path'] === '') { - $name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); + $name = $request->server('PHP_SELF'); if (!$name) { - $name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + $name = $request->server('REQUEST_URI'); } // Replace backslashes and doubled slashes (could happen on some proxy setups) @@ -1101,7 +1101,7 @@ class install_install extends module */ function load_schema($mode, $sub) { - global $db, $lang, $template, $phpbb_root_path, $phpEx; + global $db, $lang, $template, $phpbb_root_path, $phpEx, $request; $this->page_title = $lang['STAGE_CREATE_TABLE']; $s_hidden_fields = ''; @@ -1117,8 +1117,8 @@ class install_install extends module } // HTTP_HOST is having the correct browser url in most cases... - $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); - $referer = (!empty($_SERVER['HTTP_REFERER'])) ? strtolower($_SERVER['HTTP_REFERER']) : getenv('HTTP_REFERER'); + $server_name = strtolower($request->header('Host', $request->server('SERVER_NAME'))); + $referer = strtolower($request->header('Referer')); // HTTP HOST can carry a port number... if (strpos($server_name, ':') !== false) @@ -1235,7 +1235,7 @@ class install_install extends module $current_time = time(); - $user_ip = (!empty($_SERVER['REMOTE_ADDR'])) ? phpbb_ip_normalise($_SERVER['REMOTE_ADDR']) : ''; + $user_ip = $request->server('REMOTE_ADDR') ? phpbb_ip_normalise($request->server('REMOTE_ADDR')) : ''; if ($data['script_path'] !== '/') { diff --git a/phpBB/style.php b/phpBB/style.php index 62be0dde2b..caa45784de 100644 --- a/phpBB/style.php +++ b/phpBB/style.php @@ -152,7 +152,7 @@ if ($id) if ($config['gzip_compress']) { // IE6 is not able to compress the style (do not ask us why!) - $browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? strtolower(htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT'])) : ''; + $browser = strtolower($request->header('User-Agent', '', true)); if ($browser && strpos($browser, 'msie 6.0') === false && @extension_loaded('zlib') && !headers_sent()) { diff --git a/tests/bbcode/url_bbcode_test.php b/tests/bbcode/url_bbcode_test.php index cd85dbd0d9..68c97ede50 100644 --- a/tests/bbcode/url_bbcode_test.php +++ b/tests/bbcode/url_bbcode_test.php @@ -12,6 +12,7 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_content.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/bbcode.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/message_parser.php'; require_once dirname(__FILE__) . '/../mock_user.php'; +require_once dirname(__FILE__) . '/../mock/request.php'; class phpbb_url_bbcode_test extends phpbb_test_case { @@ -51,8 +52,9 @@ class phpbb_url_bbcode_test extends phpbb_test_case */ public function test_url($description, $message, $expected) { - global $user; + global $user, $request; $user = new phpbb_mock_user; + $request = new phpbb_mock_request; $bbcode = new bbcode_firstpass(); $bbcode->message = $message; diff --git a/tests/download/http_byte_range_test.php b/tests/download/http_byte_range_test.php index ba2caee192..36cbcab0b0 100644 --- a/tests/download/http_byte_range_test.php +++ b/tests/download/http_byte_range_test.php @@ -8,23 +8,27 @@ */ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_download.php'; +require_once dirname(__FILE__) . '/../mock/request.php'; class phpbb_download_http_byte_range_test extends phpbb_test_case { public function test_find_range_request() { // Missing 'bytes=' prefix - $_SERVER['HTTP_RANGE'] = 'bztes='; + $GLOBALS['request'] = new phpbb_mock_request(); + $GLOBALS['request']->set_header('Range', 'bztes='); $this->assertEquals(false, phpbb_find_range_request()); - unset($_SERVER['HTTP_RANGE']); + unset($GLOBALS['request']); + $GLOBALS['request'] = new phpbb_mock_request(); $_ENV['HTTP_RANGE'] = 'bztes='; $this->assertEquals(false, phpbb_find_range_request()); unset($_ENV['HTTP_RANGE']); - $_SERVER['HTTP_RANGE'] = 'bytes=0-0,123-125'; + $GLOBALS['request'] = new phpbb_mock_request(); + $GLOBALS['request']->set_header('Range', 'bytes=0-0,123-125'); $this->assertEquals(array('0-0', '123-125'), phpbb_find_range_request()); - unset($_SERVER['HTTP_RANGE']); + unset($GLOBALS['request']); } /** diff --git a/tests/mock/request.php b/tests/mock/request.php index da4015e78b..63f3f820ba 100644 --- a/tests/mock/request.php +++ b/tests/mock/request.php @@ -11,12 +11,13 @@ class phpbb_mock_request implements phpbb_request_interface { protected $data; - public function __construct($get = array(), $post = array(), $cookie = array(), $request = false) + public function __construct($get = array(), $post = array(), $cookie = array(), $server = array(), $request = false) { $this->data[phpbb_request_interface::GET] = $get; $this->data[phpbb_request_interface::POST] = $post; $this->data[phpbb_request_interface::COOKIE] = $cookie; $this->data[phpbb_request_interface::REQUEST] = ($request === false) ? $post + $get : $request; + $this->data[phpbb_request_interface::SERVER] = $server; } public function overwrite($var_name, $value, $super_global = phpbb_request_interface::REQUEST) @@ -24,11 +25,23 @@ class phpbb_mock_request implements phpbb_request_interface $this->data[$super_global][$var_name] = $value; } - public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST) + public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST, $html_encode = true) { return isset($this->data[$super_global][$var_name]) ? $this->data[$super_global][$var_name] : $default; } + public function server($var_name, $default = '', $html_encode = false) + { + $super_global = phpbb_request_interface::SERVER; + return isset($this->data[$super_global][$var_name]) ? $this->data[$super_global][$var_name] : $default; + } + + public function header($header_name, $default = '', $html_encode = false) + { + $var_name = 'HTTP_'.str_replace('-', '_', strtoupper($header_name)); + return $this->server($var_name, $default, $html_encode); + } + public function is_set_post($name) { return $this->is_set($name, phpbb_request_interface::POST); @@ -39,8 +52,26 @@ class phpbb_mock_request implements phpbb_request_interface return isset($this->data[$super_global][$var]); } + public function is_ajax() + { + return false; + } + public function variable_names($super_global = phpbb_request_interface::REQUEST) { return array_keys($this->data[$super_global]); } + + /* custom methods */ + + public function set_header($header_name, $value) + { + $var_name = 'HTTP_'.str_replace('-', '_', strtoupper($header_name)); + $this->data[phpbb_request_interface::SERVER][$var_name] = $value; + } + + public function merge($super_global = phpbb_request_interface::REQUEST, $values) + { + $this->data[$super_global] = array_merge($this->data[$super_global], $values); + } } diff --git a/tests/request/request_test.php b/tests/request/request_test.php index 203c9fd880..9999e88121 100644 --- a/tests/request/request_test.php +++ b/tests/request/request_test.php @@ -23,7 +23,6 @@ class phpbb_request_test extends phpbb_test_case $_GET['unset'] = ''; $this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface'); - $this->request = new phpbb_request($this->type_cast_helper); } @@ -60,6 +59,20 @@ class phpbb_request_test extends phpbb_test_case $this->assertFalse($this->request->is_set_post('unset')); } + public function test_is_ajax_without_ajax() + { + $this->assertFalse($this->request->is_ajax()); + } + + public function test_is_ajax_with_ajax() + { + $this->request->enable_super_globals(); + $_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'; + $this->request = new phpbb_request($this->type_cast_helper); + + $this->assertTrue($this->request->is_ajax()); + } + public function test_variable_names() { $expected = array('test', 'unset'); diff --git a/tests/request/type_cast_helper_test.php b/tests/request/type_cast_helper_test.php index 06cf2e1bf6..0103c51561 100644 --- a/tests/request/type_cast_helper_test.php +++ b/tests/request/type_cast_helper_test.php @@ -48,4 +48,14 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } + + public function test_simple_set_var_without_html_encoding() + { + $data = 'eviL<3'; + $expected = 'eviL<3'; + + $this->type_cast_helper->recursive_set_var($data, '', true, false); + + $this->assertEquals($expected, $data); + } } diff --git a/tests/security/base.php b/tests/security/base.php index db9c884cf4..4b259a2aac 100644 --- a/tests/security/base.php +++ b/tests/security/base.php @@ -7,6 +7,8 @@ * */ +require_once dirname(__FILE__) . '/../mock/request.php'; + abstract class phpbb_security_test_base extends phpbb_test_case { /** @@ -14,20 +16,20 @@ abstract class phpbb_security_test_base extends phpbb_test_case */ protected function setUp() { - global $user, $phpbb_root_path; + global $user, $phpbb_root_path, $request; // Put this into a global function being run by every test to init a proper user session - $_SERVER['HTTP_HOST'] = 'localhost'; - $_SERVER['SERVER_NAME'] = 'localhost'; - $_SERVER['SERVER_ADDR'] = '127.0.0.1'; - $_SERVER['SERVER_PORT'] = 80; - $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; - $_SERVER['QUERY_STRING'] = ''; - $_SERVER['REQUEST_URI'] = '/tests/'; - $_SERVER['SCRIPT_NAME'] = '/tests/index.php'; - $_SERVER['PHP_SELF'] = '/tests/index.php'; - $_SERVER['HTTP_USER_AGENT'] = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14'; - $_SERVER['HTTP_ACCEPT_LANGUAGE'] = 'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3'; + $server['HTTP_HOST'] = 'localhost'; + $server['SERVER_NAME'] = 'localhost'; + $server['SERVER_ADDR'] = '127.0.0.1'; + $server['SERVER_PORT'] = 80; + $server['REMOTE_ADDR'] = '127.0.0.1'; + $server['QUERY_STRING'] = ''; + $server['REQUEST_URI'] = '/tests/'; + $server['SCRIPT_NAME'] = '/tests/index.php'; + $server['PHP_SELF'] = '/tests/index.php'; + $server['HTTP_USER_AGENT'] = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14'; + $server['HTTP_ACCEPT_LANGUAGE'] = 'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3'; /* [HTTP_ACCEPT_ENCODING] => gzip,deflate @@ -36,13 +38,15 @@ abstract class phpbb_security_test_base extends phpbb_test_case [SCRIPT_FILENAME] => /var/www/tests/index.php */ + $request = new phpbb_mock_request(array(), array(), array(), $server); + // Set no user and trick a bit to circumvent errors $user = new user(); $user->lang = true; - $user->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; - $user->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; - $user->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; - $user->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $user->browser = $server['HTTP_USER_AGENT']; + $user->referer = ''; + $user->forwarded_for = ''; + $user->host = $server['HTTP_HOST']; $user->page = session::extract_current_page($phpbb_root_path); } diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php index 71c7a3a397..34c7b52f49 100644 --- a/tests/security/extract_current_page_test.php +++ b/tests/security/extract_current_page_test.php @@ -27,8 +27,12 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base */ public function test_query_string_php_self($url, $query_string, $expected) { - $_SERVER['PHP_SELF'] = $url; - $_SERVER['QUERY_STRING'] = $query_string; + global $request; + + $request->merge(phpbb_request_interface::SERVER, array( + 'PHP_SELF' => $url, + 'QUERY_STRING' => $query_string, + )); $result = session::extract_current_page('./'); @@ -41,8 +45,12 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base */ public function test_query_string_request_uri($url, $query_string, $expected) { - $_SERVER['REQUEST_URI'] = $url . '?' . $query_string; - $_SERVER['QUERY_STRING'] = $query_string; + global $request; + + $request->merge(phpbb_request_interface::SERVER, array( + 'PHP_SELF' => $url, + 'QUERY_STRING' => $query_string, + )); $result = session::extract_current_page('./'); -- cgit v1.2.1