From 6a082426840164a3c8187559dddf3ab777b958fa Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 19 Nov 2006 21:00:48 +0000 Subject: some tiny fixes. git-svn-id: file:///svn/phpbb/trunk@6614 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_module.php | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_module.php') diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index 89dda74700..556a4adaba 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -213,7 +213,6 @@ class p_master /** * Check module authorisation - * @todo Have a look at the eval statement and replace with other code... */ function module_auth($module_auth) { @@ -227,8 +226,38 @@ class p_master return true; } + // With the code below we make sure only those elements get eval'd we really want to be checked + preg_match_all('/(?: + "[^"\\\\]*(?:\\\\.[^"\\\\]*)*" | + \'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\' | + [(),] | + [^\s(),]+)/x', $module_auth, $match); + + $tokens = $match[0]; + for ($i = 0, $size = sizeof($tokens); $i < $size; $i++) + { + $token = &$tokens[$i]; + + switch ($token) + { + case ')': + case '(': + case '&&': + case '||': + break; + + default: + if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))#', $token)) + { + $token = ''; + } + break; + } + } + $module_auth = implode(' ', $tokens); + $is_auth = false; - eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get("\\1"\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global("\\1")', '(int) $config["\\1"]'), $module_auth) . ');'); + eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');'); return $is_auth; } -- cgit v1.2.1 From 2774981b2ddcf0e6c7076a0371a4b8941199dec8 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 20 Nov 2006 16:40:44 +0000 Subject: fix for bug #5490 - make sure bots are catched by the posting auth too. git-svn-id: file:///svn/phpbb/trunk@6619 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_module.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'phpBB/includes/functions_module.php') diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index 556a4adaba..549c3bf16d 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -244,6 +244,7 @@ class p_master case '(': case '&&': case '||': + case ',': break; default: @@ -254,8 +255,12 @@ class p_master break; } } + $module_auth = implode(' ', $tokens); + // Make sure $id seperation is working fine + $module_auth = str_replace(' , ', ',', $module_auth); + $is_auth = false; eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');'); -- cgit v1.2.1 From ab9ec8064acb25d09d6d0edb93ecbe3b59541010 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 21 Nov 2006 18:15:53 +0000 Subject: - fixing a bunch of bugs - moved the install trigger error to sessions and also disabled it for those having DEBUG_EXTRA enabled. i hope not having introduced too many new bugs. git-svn-id: file:///svn/phpbb/trunk@6628 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_module.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/functions_module.php') diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index 549c3bf16d..cacc991c2a 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -214,10 +214,10 @@ class p_master /** * Check module authorisation */ - function module_auth($module_auth) + function module_auth($module_auth, $forum_id = false) { global $auth, $config; - + $module_auth = trim($module_auth); // Generally allowed to access module if module_auth is empty @@ -261,8 +261,12 @@ class p_master // Make sure $id seperation is working fine $module_auth = str_replace(' , ', ',', $module_auth); + $forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id; + + $test = preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth); + $is_auth = false; - eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');'); + eval('$is_auth = (int) (' . $test . ');'); return $is_auth; } -- cgit v1.2.1 From 6cb0276788994f9bd348e8ef651851760055fc12 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 21 Nov 2006 18:23:43 +0000 Subject: hmm, this was for debugging. :) git-svn-id: file:///svn/phpbb/trunk@6630 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_module.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'phpBB/includes/functions_module.php') diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index cacc991c2a..753e043c16 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -263,10 +263,8 @@ class p_master $forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id; - $test = preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth); - $is_auth = false; - eval('$is_auth = (int) (' . $test . ');'); + eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');'); return $is_auth; } -- cgit v1.2.1