From c699b88bc58ae07fffb33611a6d7ed950bbb1e15 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sun, 11 Nov 2012 14:35:31 +0100 Subject: [ticket/11192] Add Tebibyte to get_formatted_filesize(). PHPBB3-11192 --- phpBB/includes/functions.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 65d8be32ad..33545ab845 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -301,6 +301,12 @@ function get_formatted_filesize($value, $string_only = true, $allowed_units = fa global $user; $available_units = array( + 'tb' => array( + 'min' => 1099511627776, // pow(2, 40) + 'index' => 4, + 'si_unit' => 'TB', + 'iec_unit' => 'TIB', + ), 'gb' => array( 'min' => 1073741824, // pow(2, 30) 'index' => 3, -- cgit v1.2.1 From 7cbd440e7a69eb836eb9d58800f1c535d41b83ab Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 16 Nov 2012 08:28:35 +0100 Subject: [ticket/11192] Mark negative byte numbers as unsupported. PHPBB3-11192 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 33545ab845..8688ba3f7e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -289,7 +289,7 @@ function phpbb_gmgetdate($time = false) /** * Return formatted string for filesizes * -* @param int $value filesize in bytes +* @param int $value filesize in bytes (non-negative number) * @param bool $string_only true if language string should be returned * @param array $allowed_units only allow these units (data array indexes) * -- cgit v1.2.1 From efd6f1df63c24ed2947bccb863bb92c2346bf697 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 16 Nov 2012 08:29:57 +0100 Subject: [ticket/11192] Update $value parameter description to support other types. PHPBB3-11192 --- phpBB/includes/functions.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 8688ba3f7e..6e661228b7 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -289,7 +289,8 @@ function phpbb_gmgetdate($time = false) /** * Return formatted string for filesizes * -* @param int $value filesize in bytes (non-negative number) +* @param mixed $value filesize in bytes +* (non-negative number; int, float or string) * @param bool $string_only true if language string should be returned * @param array $allowed_units only allow these units (data array indexes) * -- cgit v1.2.1 From 06158693c7b846518abfe9d72491fc7376e457f3 Mon Sep 17 00:00:00 2001 From: David King Date: Fri, 19 Oct 2012 19:54:19 -0400 Subject: [feature/controller] Implement a front controller PHPBB3-10864 --- phpBB/includes/functions.php | 35 ++++++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 3a5b100515..fb05b74cd3 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2335,7 +2335,7 @@ function phpbb_on_page($template, $user, $base_url, $num_items, $per_page, $star function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; - global $phpbb_dispatcher; + global $phpbb_dispatcher, $phpbb_root_path, $config, $symfony_request; if ($params === '' || (is_array($params) && empty($params))) { @@ -2343,6 +2343,20 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } + // Make sure we have a Symfony Request object; tests do not have one + // unless they need it. + if ($symfony_request) + { + // Correct the path when we are accessing it through a controller + // This simply rewrites the value given by $phpbb_root_path to the + // script_path in config. + $path_info = $symfony_request->getPathInfo(); + if (!empty($path_info) && $path_info != '/') + { + $url = $config['script_path'] . '/' . substr($url, strlen($phpbb_root_path)); + } + } + $append_sid_overwrite = false; /** @@ -5039,7 +5053,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // Determine board url - we may need it later $board_url = generate_board_url() . '/'; - $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path; + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $config['script_path'] . '/'; // Send a proper content-language to the output $user_lang = $user->lang['USER_LANG']; @@ -5216,8 +5230,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 /** * Generate page footer +* +* @param bool $run_cron Whether or not to run the cron +* @param bool $display_template Whether or not to display the template +* @param bool $exit_handler Whether or not to run the exit_handler() */ -function page_footer($run_cron = true) +function page_footer($run_cron = true, $display_template = true, $exit_handler = true) { global $db, $config, $template, $user, $auth, $cache, $starttime, $phpbb_root_path, $phpEx; global $request, $phpbb_dispatcher; @@ -5312,10 +5330,17 @@ function page_footer($run_cron = true) } } - $template->display('body'); + if ($display_template) + { + $template->display('body'); + } garbage_collection(); - exit_handler(); + + if ($exit_handler) + { + exit_handler(); + } } /** -- cgit v1.2.1 From d3aa8823b21990634f8b74676ac301739ddfc58b Mon Sep 17 00:00:00 2001 From: David King Date: Wed, 14 Nov 2012 15:42:13 -0500 Subject: [feature/controller] Use a dumped url matcher class to improve performance PHPBB3-10864 --- phpBB/includes/functions.php | 52 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index fb05b74cd3..7cf5611dca 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -7,6 +7,9 @@ * */ +use Symfony\Component\Routing\Matcher\Dumper\PhpMatcherDumper; +use Symfony\Component\Routing\RequestContext; + /** * @ignore */ @@ -5444,3 +5447,52 @@ function phpbb_to_numeric($input) { return ($input > PHP_INT_MAX) ? (float) $input : (int) $input; } + +/** +* Create and/or return the cached phpbb_url_matcher class +* +* If the class already exists, it instantiates it +* +* @param phpbb_extension_finder $finder Extension finder +* @param RequestContext $context Symfony RequestContext object +* @param string $root_path Root path +* @param string $php_ext PHP extension +* @return phpbb_url_matcher +*/ +function phpbb_create_url_matcher(phpbb_extension_finder $finder, RequestContext $context, $root_path, $php_ext) +{ + $matcher = phpbb_load_url_matcher($finder, $context, $root_path, $php_ext); + if ($matcher === false) + { + $provider = new phpbb_controller_provider(); + $dumper = new PhpMatcherDumper($provider->get_paths($finder)->find()); + $cached_url_matcher_dump = $dumper->dump(array( + 'class' => 'phpbb_url_matcher', + )); + + file_put_contents($root_path . 'cache/url_matcher' . $php_ext, $cached_url_matcher_dump); + return phpbb_load_url_matcher($finder, $context, $root_path, $php_ext); + } + + return $matcher; +} + +/** +* Load the cached phpbb_url_matcher class +* +* @param phpbb_extension_finder $finder Extension finder +* @param RequestContext $context Symfony RequestContext object +* @param string $root_path Root path +* @param string $php_ext PHP extension +* @return phpbb_url_matcher|bool False if the file doesn't exist +*/ +function phpbb_load_url_matcher(phpbb_extension_finder $finder, RequestContext $context, $root_path, $php_ext) +{ + if (file_exists($root_path . 'cache/url_matcher' . $php_ext)) + { + include($root_path . 'cache/url_matcher' . $php_ext); + return new phpbb_url_matcher($context); + } + + return false; +} -- cgit v1.2.1 From 196c2d4bc346ab6a31fd0b752c788e37cf39459d Mon Sep 17 00:00:00 2001 From: David King Date: Wed, 14 Nov 2012 15:56:07 -0500 Subject: [feature/controller] Move new functions to their own file PHPBB3-10864 --- phpBB/includes/functions.php | 49 -------------------------------------------- 1 file changed, 49 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 7cf5611dca..88ce142195 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5447,52 +5447,3 @@ function phpbb_to_numeric($input) { return ($input > PHP_INT_MAX) ? (float) $input : (int) $input; } - -/** -* Create and/or return the cached phpbb_url_matcher class -* -* If the class already exists, it instantiates it -* -* @param phpbb_extension_finder $finder Extension finder -* @param RequestContext $context Symfony RequestContext object -* @param string $root_path Root path -* @param string $php_ext PHP extension -* @return phpbb_url_matcher -*/ -function phpbb_create_url_matcher(phpbb_extension_finder $finder, RequestContext $context, $root_path, $php_ext) -{ - $matcher = phpbb_load_url_matcher($finder, $context, $root_path, $php_ext); - if ($matcher === false) - { - $provider = new phpbb_controller_provider(); - $dumper = new PhpMatcherDumper($provider->get_paths($finder)->find()); - $cached_url_matcher_dump = $dumper->dump(array( - 'class' => 'phpbb_url_matcher', - )); - - file_put_contents($root_path . 'cache/url_matcher' . $php_ext, $cached_url_matcher_dump); - return phpbb_load_url_matcher($finder, $context, $root_path, $php_ext); - } - - return $matcher; -} - -/** -* Load the cached phpbb_url_matcher class -* -* @param phpbb_extension_finder $finder Extension finder -* @param RequestContext $context Symfony RequestContext object -* @param string $root_path Root path -* @param string $php_ext PHP extension -* @return phpbb_url_matcher|bool False if the file doesn't exist -*/ -function phpbb_load_url_matcher(phpbb_extension_finder $finder, RequestContext $context, $root_path, $php_ext) -{ - if (file_exists($root_path . 'cache/url_matcher' . $php_ext)) - { - include($root_path . 'cache/url_matcher' . $php_ext); - return new phpbb_url_matcher($context); - } - - return false; -} -- cgit v1.2.1 From 5fad4006e102ddec8afe17a1315971fed3d29376 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 17 Nov 2012 01:15:50 +0100 Subject: [ticket/11212] Do not rely on $request in send_status_line() PHPBB3-11212 --- phpBB/includes/functions.php | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 3a5b100515..dd82c9dc46 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2858,8 +2858,6 @@ function meta_refresh($time, $url, $disable_cd_check = false) */ function send_status_line($code, $message) { - global $request; - if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') { // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though @@ -2867,18 +2865,35 @@ function send_status_line($code, $message) } else { - if ($request->server('SERVER_PROTOCOL')) - { - $version = $request->server('SERVER_PROTOCOL'); - } - else - { - $version = 'HTTP/1.0'; - } + $version = get_http_version(); header("$version $code $message", true, $code); } } +/** +* Returns the HTTP version used in the current request. +* +* Handles the case of being called before `$request` is present, +* In which case it falls back to the $_SERVER superglobal. +* +* @return string HTTP version +*/ +function get_http_version() +{ + global $request; + + if ($request && $request->server('SERVER_PROTOCOL')) + { + return $request->server('SERVER_PROTOCOL'); + } + else if (isset($_SERVER['SERVER_PROTOCOL'])) + { + return $_SERVER['SERVER_PROTOCOL']; + } + + return 'HTTP/1.0'; +} + //Form validation -- cgit v1.2.1 From 9cdef7984f5162fa19ce36852331f79de3561f66 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 17 Nov 2012 01:17:23 +0100 Subject: [ticket/11212] Allow dispatcher to be absent during garbage_collection() PHPBB3-11212 --- phpBB/includes/functions.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index dd82c9dc46..4754d5194f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5348,7 +5348,9 @@ function garbage_collection() * @event core.garbage_collection * @since 3.1-A1 */ - $phpbb_dispatcher->dispatch('core.garbage_collection'); + if (!empty($phpbb_dispatcher)) { + $phpbb_dispatcher->dispatch('core.garbage_collection'); + } // Unload cache, must be done before the DB connection if closed if (!empty($cache)) -- cgit v1.2.1 From b534a7a5790df55ab5f0d8aba8f40080d481bac4 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 17 Nov 2012 01:25:14 +0100 Subject: [ticket/11212] Rename get_http_version to phpbb_request_http_version() PHPBB3-11212 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4754d5194f..495f83e3a6 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2865,7 +2865,7 @@ function send_status_line($code, $message) } else { - $version = get_http_version(); + $version = phpbb_request_http_version(); header("$version $code $message", true, $code); } } @@ -2878,7 +2878,7 @@ function send_status_line($code, $message) * * @return string HTTP version */ -function get_http_version() +function phpbb_request_http_version() { global $request; -- cgit v1.2.1 From 1affc35be9a5ee2cdf2cd2551e708c928fb96d88 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 17 Nov 2012 01:25:38 +0100 Subject: [ticket/11212] Cosmetics PHPBB3-11212 --- phpBB/includes/functions.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 495f83e3a6..dbc040e5fe 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2873,7 +2873,7 @@ function send_status_line($code, $message) /** * Returns the HTTP version used in the current request. * -* Handles the case of being called before `$request` is present, +* Handles the case of being called before $request is present, * In which case it falls back to the $_SERVER superglobal. * * @return string HTTP version @@ -5348,7 +5348,8 @@ function garbage_collection() * @event core.garbage_collection * @since 3.1-A1 */ - if (!empty($phpbb_dispatcher)) { + if (!empty($phpbb_dispatcher)) + { $phpbb_dispatcher->dispatch('core.garbage_collection'); } -- cgit v1.2.1 From b8cf74217aacb90ac066eee4e8812a2c32caa58a Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sat, 17 Nov 2012 01:32:40 +0100 Subject: [ticket/11212] Cosmetic surgery done right PHPBB3-11212 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index dbc040e5fe..ab4c7e1772 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2874,7 +2874,7 @@ function send_status_line($code, $message) * Returns the HTTP version used in the current request. * * Handles the case of being called before $request is present, -* In which case it falls back to the $_SERVER superglobal. +* in which case it falls back to the $_SERVER superglobal. * * @return string HTTP version */ -- cgit v1.2.1 From 8913b2c7c4ffc38d4caf34ca7014b8a07f11d19d Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 17 Nov 2012 17:48:20 -0500 Subject: [feature/controller] Use query string, not path info, for controller access This is hopefully just temporary until we can fix the relative path issue. PHPBB3-10864 --- phpBB/includes/functions.php | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 88ce142195..17fc16ef86 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2346,20 +2346,6 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } - // Make sure we have a Symfony Request object; tests do not have one - // unless they need it. - if ($symfony_request) - { - // Correct the path when we are accessing it through a controller - // This simply rewrites the value given by $phpbb_root_path to the - // script_path in config. - $path_info = $symfony_request->getPathInfo(); - if (!empty($path_info) && $path_info != '/') - { - $url = $config['script_path'] . '/' . substr($url, strlen($phpbb_root_path)); - } - } - $append_sid_overwrite = false; /** @@ -5056,7 +5042,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // Determine board url - we may need it later $board_url = generate_board_url() . '/'; - $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $config['script_path'] . '/'; + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path; // Send a proper content-language to the output $user_lang = $user->lang['USER_LANG']; -- cgit v1.2.1 From 53caf83233c962adbb68dcfb0f8172ebf788b8f7 Mon Sep 17 00:00:00 2001 From: David King Date: Sun, 18 Nov 2012 13:35:04 -0500 Subject: [feature/controller] Remove now-unused code PHPBB3-10864 --- phpBB/includes/functions.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 17fc16ef86..02a9e33f2a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -7,9 +7,6 @@ * */ -use Symfony\Component\Routing\Matcher\Dumper\PhpMatcherDumper; -use Symfony\Component\Routing\RequestContext; - /** * @ignore */ @@ -2338,7 +2335,7 @@ function phpbb_on_page($template, $user, $base_url, $num_items, $per_page, $star function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; - global $phpbb_dispatcher, $phpbb_root_path, $config, $symfony_request; + global $phpbb_dispatcher; if ($params === '' || (is_array($params) && empty($params))) { -- cgit v1.2.1 From 0f4f81b0966e29b5aaae5bf94e46260474ec0cb2 Mon Sep 17 00:00:00 2001 From: David King Date: Sun, 18 Nov 2012 15:52:35 -0500 Subject: [feature/controller] Create Symfony Request in new function PHPBB3-10864 --- phpBB/includes/functions.php | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 02a9e33f2a..820d96c9aa 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -7,6 +7,8 @@ * */ +use Symfony\Component\HttpFoundation\Request; + /** * @ignore */ @@ -5430,3 +5432,40 @@ function phpbb_to_numeric($input) { return ($input > PHP_INT_MAX) ? (float) $input : (int) $input; } + +/** +* Create a Symfony Request object from a given URI and phpbb_request object +* +* @param string $uri Request URI +* @param phpbb_request $request Request object +* @return Request A Symfony Request object +*/ +function phpbb_create_symfony_request($uri, phpbb_request $request) +{ + $request_method = $request->server('REQUEST_METHOD'); + $parameter_names = array(); + $parameter_names['request'] = array_merge( + $request->variable_names(phpbb_request_interface::GET), + // POST overwrites duplicated GET parameters + $request->variable_names(phpbb_request_interface::POST) + ); + $parameter_names['server'] = $request->variable_names(phpbb_request_interface::SERVER); + $parameter_names['files'] = $request->variable_names(phpbb_request_interface::FILES); + $parameter_names['cookie'] = $request->variable_names(phpbb_request_interface::COOKIE); + + $parameters = array( + 'request' => array(), + 'cookie' => array(), + 'files' => array(), + 'server' => array(), + ); + foreach ($parameter_names as $type => $names) + { + foreach ($names as $name) + { + $parameters[$type][$name] = $request->variable($name, ''); + } + } + + return Request::create($uri, $request_method, $parameters['request'], $parameters['cookie'], $parameters['files'], $parameters['server']); +} -- cgit v1.2.1 From e2bf66d0658ae7d7bb253083b73d5769c117746a Mon Sep 17 00:00:00 2001 From: David King Date: Sun, 18 Nov 2012 15:58:47 -0500 Subject: [feature/controller] Add documentation about input being HTML-escaped PHPBB3-10864 --- phpBB/includes/functions.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 820d96c9aa..cdc05ca649 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5436,6 +5436,9 @@ function phpbb_to_numeric($input) /** * Create a Symfony Request object from a given URI and phpbb_request object * +* Note that everything passed into the Request object has already been HTML +* escaped by the phpbb_request object. +* * @param string $uri Request URI * @param phpbb_request $request Request object * @return Request A Symfony Request object -- cgit v1.2.1 From 30043502814cd42d824dc1d6bcb25bebc60adbed Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 19 Nov 2012 11:47:42 -0500 Subject: [feature/controller] Correctly create Symfony object from globals PHPBB3-10864 --- phpBB/includes/functions.php | 70 ++++++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 32 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index cdc05ca649..ee147969f9 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5434,41 +5434,47 @@ function phpbb_to_numeric($input) } /** -* Create a Symfony Request object from a given URI and phpbb_request object +* Create a Symfony Request object from phpbb_request object * -* Note that everything passed into the Request object has already been HTML -* escaped by the phpbb_request object. -* -* @param string $uri Request URI * @param phpbb_request $request Request object * @return Request A Symfony Request object */ -function phpbb_create_symfony_request($uri, phpbb_request $request) +function phpbb_create_symfony_request(phpbb_request $request) { - $request_method = $request->server('REQUEST_METHOD'); - $parameter_names = array(); - $parameter_names['request'] = array_merge( - $request->variable_names(phpbb_request_interface::GET), - // POST overwrites duplicated GET parameters - $request->variable_names(phpbb_request_interface::POST) - ); - $parameter_names['server'] = $request->variable_names(phpbb_request_interface::SERVER); - $parameter_names['files'] = $request->variable_names(phpbb_request_interface::FILES); - $parameter_names['cookie'] = $request->variable_names(phpbb_request_interface::COOKIE); - - $parameters = array( - 'request' => array(), - 'cookie' => array(), - 'files' => array(), - 'server' => array(), - ); - foreach ($parameter_names as $type => $names) - { - foreach ($names as $name) - { - $parameters[$type][$name] = $request->variable($name, ''); - } - } - - return Request::create($uri, $request_method, $parameters['request'], $parameters['cookie'], $parameters['files'], $parameters['server']); + // This function is meant to sanitize the global input arrays + $sanitizer = function(&$value, $key) { + $type_cast_helper = new phpbb_request_type_cast_helper(); + $type_cast_helper->set_var($value, $value, gettype($value), true); + }; + + // We need to re-enable the super globals so we can access them here + $request->enable_super_globals(); + $get_parameters = $_GET; + $post_parameters = $_POST; + $server_parameters = $_SERVER; + $files_parameters = $_FILES; + $cookie_parameters = $_COOKIE; + // And now disable them again for security + $request->disable_super_globals(); + + array_walk_recursive($get_parameters, $sanitizer); + array_walk_recursive($post_parameters, $sanitizer); + + // Until we fix the issue with relative paths, we have to fake path info + // to allow urls like app.php?controller=foo/bar + $controller = $request->variable('controller', ''); + $path_info = '/' . $controller; + $request_uri = $server_parameters['REQUEST_URI']; + + // Remove the query string from REQUEST_URI + if ($pos = strpos($request_uri, '?')) + { + $request_uri = substr($request_uri, 0, $pos); + } + + // Add the path info (i.e. controller route) to the REQUEST_URI + $server_parameters['REQUEST_URI'] = $request_uri . $path_info; + $server_parameters['SCRIPT_NAME'] = ''; + + return new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); } -- cgit v1.2.1 From 9c0a03f1d56d069a5ca5092de8e0f3e4e6ee9c1d Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 12:05:52 -0500 Subject: [ticket/11095] Python quoteattr port. PHPBB3-11095 --- phpBB/includes/functions.php | 47 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index d7088ac129..5d8a92b63b 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -4893,6 +4893,53 @@ function phpbb_http_login($param) trigger_error('NOT_AUTHORISED'); } +/** +* Escapes and quotes a string for use as an HTML/XML attribute value. +* +* This is a port of Python xml.sax.saxutils quoteattr. +* +* The function will attempt to choose a quote character in such a way as to +* avoid escaping quotes in the string. If this is not possible the string will +* be wrapped in double quotes and double quotes will be escaped. +* +* @param string $data The string to be escaped +* @param array $entities Associative array of additional entities to be escaped +* @return string Escaped and quoted string +*/ +function phpbb_quoteattr($data, $entities = null) +{ + $data = str_replace('&', '&', $data); + $data = str_replace('>', '>', $data); + $data = str_replace('<', '<', $data); + + $data = str_replace("\n", ' ', $data); + $data = str_replace("\r", ' ', $data); + $data = str_replace("\t", ' ', $data); + + if (!empty($entities)) + { + $data = str_replace(array_keys($entities), array_values($entities), $data); + } + + if (strpos($data, '"') !== false) + { + if (strpos($data, "'") !== false) + { + $data = '"' . str_replace('"', '"', $data) . '"'; + } + else + { + $data = "'" . $data . "'"; + } + } + else + { + $data = '"' . $data . '"'; + } + + return $data; +} + /** * Generate page header */ -- cgit v1.2.1 From 2a39df1a53ae4d9798bcba9ceee610190702cc4b Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 13:36:00 -0500 Subject: [ticket/11095] Forward GET parameters into hidden fields for jumpbox. PHPBB3-11095 --- phpBB/includes/functions.php | 42 ++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 40 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 5d8a92b63b..ee5a1afd30 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -4940,13 +4940,47 @@ function phpbb_quoteattr($data, $entities = null) return $data; } +function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) +{ + $names = $request->variable_names(phpbb_request_interface::GET); + $hidden = ''; + foreach ($names as $name) + { + // Sessions are dealt with elsewhere, omit sid always + if ($name == 'sid') + { + continue; + } + + // Omit any additional parameters requested + if (!empty($exclude) && in_array($name, $exclude)) + { + continue; + } + + $escaped_name = phpbb_quoteattr($name); + + // Note: we might retrieve the variable from POST or cookies + // here. To avoid exposing cookies, skip variables that are + // overwritten somewhere other than GET entirely. + $value = $request->variable($name, '', true); + $get_value = $request->variable($name, '', true, phpbb_request_interface::GET); + if ($value === $get_value) + { + $escaped_value = phpbb_quoteattr($value); + $hidden .= ""; + } + } + return $hidden; +} + /** * Generate page header */ function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum') { global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; - global $phpbb_dispatcher; + global $phpbb_dispatcher, $request; if (defined('HEADER_INC')) { @@ -5135,6 +5169,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $timezone_name = $user->lang['timezones'][$timezone_name]; } + $hidden_fields_for_jumpbox = phpbb_build_hidden_fields_for_query_params($request, array('f')); + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -5149,6 +5185,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'RECORD_USERS' => $l_online_record, 'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text, 'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread, + 'HIDDEN_FIELDS_FOR_JUMPBOX' => $hidden_fields_for_jumpbox, 'S_USER_NEW_PRIVMSG' => $user->data['user_new_privmsg'], 'S_USER_UNREAD_PRIVMSG' => $user->data['user_unread_privmsg'], @@ -5507,7 +5544,8 @@ function phpbb_to_numeric($input) function phpbb_create_symfony_request(phpbb_request $request) { // This function is meant to sanitize the global input arrays - $sanitizer = function(&$value, $key) { + $sanitizer = function(&$value, $key) + { $type_cast_helper = new phpbb_request_type_cast_helper(); $type_cast_helper->set_var($value, $value, gettype($value), true); }; -- cgit v1.2.1 From 3e907265d5782c535d43e503c32390cfde8dc4a8 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 14:41:48 -0500 Subject: [ticket/11095] Docs and tests for phpbb_build_hidden_fields_for_query_params. PHPBB3-11095 --- phpBB/includes/functions.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ee5a1afd30..9c92adb0ec 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -4940,6 +4940,20 @@ function phpbb_quoteattr($data, $entities = null) return $data; } +/** +* Converts query string (GET) parameters in request into hidden fields. +* +* Useful for forwarding GET parameters when submitting forms with GET method. +* +* It is possible to omit some of the GET parameters, which is useful if +* they are specified in the form being submitted. +* +* sid is always omitted. +* +* @param phpbb_request $request Request object +* @param array $exclude A list of variable names that should not be forwarded +* @return string HTML with hidden fields +*/ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) { $names = $request->variable_names(phpbb_request_interface::GET); -- cgit v1.2.1 From 11ca272692ed1b46d4ff208705cb30636c98704f Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 14:42:56 -0500 Subject: [ticket/11095] Restore brace on previous line. PHPBB3-11095 --- phpBB/includes/functions.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 9c92adb0ec..8df40b26f6 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5558,8 +5558,7 @@ function phpbb_to_numeric($input) function phpbb_create_symfony_request(phpbb_request $request) { // This function is meant to sanitize the global input arrays - $sanitizer = function(&$value, $key) - { + $sanitizer = function(&$value, $key) { $type_cast_helper = new phpbb_request_type_cast_helper(); $type_cast_helper->set_var($value, $value, gettype($value), true); }; -- cgit v1.2.1 From 65253a3023a78b1068be63b91b77618e3fb2d5fd Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Thu, 29 Nov 2012 15:35:21 -0500 Subject: [ticket/11227] @return void -> @return null in develop-olympus. PHPBB3-11227 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions.php') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 6e661228b7..571c863839 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2745,7 +2745,7 @@ function meta_refresh($time, $url, $disable_cd_check = false) * * @param int $code HTTP status code * @param string $message Message for the status code -* @return void +* @return null */ function send_status_line($code, $message) { @@ -4332,7 +4332,7 @@ function phpbb_optionset($bit, $set, $data) * * @param array $param Parameter array, see $param_defaults array. * -* @return void +* @return null */ function phpbb_http_login($param) { -- cgit v1.2.1