From 6cc7da0c9c0fc8515aad780fba5de5b3860e5d56 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Mon, 3 Nov 2014 16:07:32 +0100
Subject: [ticket/13280] Properly format the current page and add sanitizer to
 tests

PHPBB3-13280
---
 phpBB/phpbb/session.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'phpBB/phpbb')

diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index 14b4c63207..a06ff9c594 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -43,7 +43,7 @@ class session
 
 		// First of all, get the request uri...
 		$script_name = $symfony_request->getScriptName();
-		$args = explode('&', $symfony_request->getQueryString());
+		$args = explode('&amp;', $symfony_request->getQueryString());
 
 		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
 		if (!$script_name)
@@ -61,8 +61,8 @@ class session
 
 		// Since some browser do not encode correctly we need to do this with some "special" characters...
 		// " -> %22, ' => %27, < -> %3C, > -> %3E
-		$find = array('"', "'", '<', '>');
-		$replace = array('%22', '%27', '%3C', '%3E');
+		$find = array('"', "'", '<', '>', '&quot;', '&lt;', '&gt;');
+		$replace = array('%22', '%27', '%3C', '%3E', '%22', '%3C', '%3E');
 
 		foreach ($args as $key => $argument)
 		{
-- 
cgit v1.2.1


From 13b59af1ffd0af652ba0ce3bc3f2594fc448fdb5 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Mon, 3 Nov 2014 17:14:18 +0100
Subject: [ticket/13280] Add additional sanitizer for ampersands in server
 superglobal

PHPBB3-13280
---
 phpBB/phpbb/symfony_request.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'phpBB/phpbb')

diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php
index ad949a35f2..4d357a5c56 100644
--- a/phpBB/phpbb/symfony_request.php
+++ b/phpBB/phpbb/symfony_request.php
@@ -30,6 +30,11 @@ class symfony_request extends Request
 			$type_cast_helper->set_var($value, $value, gettype($value), true);
 		};
 
+		// This function is meant for additional handling of server variables
+		$server_sanitizer = function(&$value, $key) {
+			$value = str_replace('&amp;', '&', $value);
+		};
+
 		$get_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::GET);
 		$post_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::POST);
 		$server_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::SERVER);
@@ -41,6 +46,7 @@ class symfony_request extends Request
 		array_walk_recursive($server_parameters, $sanitizer);
 		array_walk_recursive($files_parameters, $sanitizer);
 		array_walk_recursive($cookie_parameters, $sanitizer);
+		array_walk_recursive($server_parameters, $server_sanitizer);
 
 		parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
 	}
-- 
cgit v1.2.1


From 3986470b3c77240310f51bb101cccf180b9e4c1e Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Tue, 4 Nov 2014 16:14:11 +0100
Subject: [ticket/13280] Seperate server sanitizer call and add comment

PHPBB3-13280
---
 phpBB/phpbb/symfony_request.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'phpBB/phpbb')

diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php
index 4d357a5c56..23e5e6e29f 100644
--- a/phpBB/phpbb/symfony_request.php
+++ b/phpBB/phpbb/symfony_request.php
@@ -46,6 +46,8 @@ class symfony_request extends Request
 		array_walk_recursive($server_parameters, $sanitizer);
 		array_walk_recursive($files_parameters, $sanitizer);
 		array_walk_recursive($cookie_parameters, $sanitizer);
+
+		// Run additional sanitizer for server superglobal
 		array_walk_recursive($server_parameters, $server_sanitizer);
 
 		parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
-- 
cgit v1.2.1


From 32881dbe31a945b6d2449a3f7e1bf7c5e73cd0a6 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Tue, 4 Nov 2014 16:54:45 +0100
Subject: [ticket/13280] Only run sanitizer for server superglobal and modify
 tests

PHPBB3-13280
---
 phpBB/phpbb/symfony_request.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'phpBB/phpbb')

diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php
index 23e5e6e29f..02d22c480f 100644
--- a/phpBB/phpbb/symfony_request.php
+++ b/phpBB/phpbb/symfony_request.php
@@ -31,7 +31,8 @@ class symfony_request extends Request
 		};
 
 		// This function is meant for additional handling of server variables
-		$server_sanitizer = function(&$value, $key) {
+		$server_sanitizer = function(&$value, $key) use ($sanitizer) {
+			$sanitizer($value, $key);
 			$value = str_replace('&amp;', '&', $value);
 		};
 
@@ -43,11 +44,10 @@ class symfony_request extends Request
 
 		array_walk_recursive($get_parameters, $sanitizer);
 		array_walk_recursive($post_parameters, $sanitizer);
-		array_walk_recursive($server_parameters, $sanitizer);
 		array_walk_recursive($files_parameters, $sanitizer);
 		array_walk_recursive($cookie_parameters, $sanitizer);
 
-		// Run additional sanitizer for server superglobal
+		// Run special sanitizer for server superglobal
 		array_walk_recursive($server_parameters, $server_sanitizer);
 
 		parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
-- 
cgit v1.2.1