From a0131b45f56847f7e5c44a6db66cd7359967585f Mon Sep 17 00:00:00 2001 From: David King Date: Wed, 8 Feb 2012 00:08:17 -0500 Subject: [ticket/10586] Extension front controller Handle extension front pages PHPBB3-10586 --- phpBB/includes/extension/controller_interface.php | 31 ++++++++++++++++++ phpBB/includes/extension/manager.php | 22 +++++++++++++ phpBB/index.php | 39 +++++++++++++++++++++++ phpBB/language/en/common.php | 4 +++ 4 files changed, 96 insertions(+) create mode 100644 phpBB/includes/extension/controller_interface.php (limited to 'phpBB') diff --git a/phpBB/includes/extension/controller_interface.php b/phpBB/includes/extension/controller_interface.php new file mode 100644 index 0000000000..bcc8972db4 --- /dev/null +++ b/phpBB/includes/extension/controller_interface.php @@ -0,0 +1,31 @@ +phpbb_root_path . "ext/$name/"); + } + + /** + * Check to see if a given extension is enabled + * + * @param string $name Extension name to check + * @return bool Depending on whether or not the extension is enabled + */ + public function enabled($name) + { + return isset($this->extensions[$name]) && $this->extensions[$name]['ext_active']; + } /** * Instantiates a phpbb_extension_finder. diff --git a/phpBB/index.php b/phpBB/index.php index f1243bb336..a206ed4d37 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -24,6 +24,45 @@ $user->session_begin(); $auth->acl($user->data); $user->setup('viewforum'); +// If given an extension, look for a front controller +if ($ext = $request->variable('ext', '')) +{ + // The class to load + $class = "phpbb_ext_{$ext}_controller"; + + // Make sure the specified extension is enabled + // and that it has a controller class + if (!$phpbb_extension_manager->available($ext)) + { + send_status_line(404, 'Not Found'); + trigger_error($user->lang('EXTENSION_DOES_NOT_EXIST', $ext)); + } + else if (!$phpbb_extension_manager->enabled($ext)) + { + send_status_line(404, 'Not Found'); + trigger_error($user->lang('EXTENSION_DISABLED', $ext)); + } + else if (!file_exists("{$phpbb_root_path}ext/$ext/controller.$phpEx") || !class_exists($class)) + { + send_status_line(404, 'Not Found'); + trigger_error($user->lang('EXTENSION_CONTROLLER_MISSING', $ext)); + } + + // Instantiate the extension controller + $controller = new $class; + + // But let's make sure it's actually a proper controller + if (!($controller instanceof phpbb_extension_controller_interface)) + { + send_status_line(500, 'Internal Server Error'); + trigger_error($user->lang('EXTENSION_CLASS_WRONG_TYPE', $class)); + } + + // Let's get it started... + $controller->handle(); + exit_handler(); +} + display_forums('', $config['load_moderators']); $order_legend = ($config['legend_sort_groupname']) ? 'group_name' : 'group_legend'; diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 7741ff8d1f..94edddc6f5 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -185,7 +185,11 @@ $lang = array_merge($lang, array( 'ERR_WRONG_PATH_TO_PHPBB' => 'The phpBB path specified appears to be invalid.', 'EXPAND_VIEW' => 'Expand view', 'EXTENSION' => 'Extension', + 'EXTENSION_CONTROLLER_MISSING' => 'The extension %s is missing a controller class and cannot be accessed through the front-end.', + 'EXTENSION_CLASS_WRONG_TYPE' => 'The extension controller class %s is not an instance of the phpbb_extension_controller_interface.', + 'EXTENSION_DISABLED' => 'The extension %s is not enabled.', 'EXTENSION_DISABLED_AFTER_POSTING' => 'The extension %s has been deactivated and can no longer be displayed.', + 'EXTENSION_DOES_NOT_EXIST' => 'The extension %s does not exist.', 'FAQ' => 'FAQ', 'FAQ_EXPLAIN' => 'Frequently Asked Questions', -- cgit v1.2.1 From 969c6d42e390fe05960d9dd3b97b230d4e7830a0 Mon Sep 17 00:00:00 2001 From: David King Date: Fri, 17 Feb 2012 14:21:28 -0500 Subject: [ticket/10586] Removed file_exists() check because class_exists() covers that. PHPBB3-10586 --- phpBB/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/index.php b/phpBB/index.php index a206ed4d37..575134f6b1 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -42,7 +42,7 @@ if ($ext = $request->variable('ext', '')) send_status_line(404, 'Not Found'); trigger_error($user->lang('EXTENSION_DISABLED', $ext)); } - else if (!file_exists("{$phpbb_root_path}ext/$ext/controller.$phpEx") || !class_exists($class)) + else if (!class_exists($class)) { send_status_line(404, 'Not Found'); trigger_error($user->lang('EXTENSION_CONTROLLER_MISSING', $ext)); -- cgit v1.2.1 From e45452d1b3d39220ebd9b20390b9cc23ef64d3dd Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 18 Feb 2012 11:24:27 -0500 Subject: [ticket/10586] Sanitize periods from class names, use manager to get path. PHPBB3-10586 --- phpBB/includes/extension/manager.php | 2 +- phpBB/index.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/extension/manager.php b/phpBB/includes/extension/manager.php index b94379141c..6f1c885ea9 100644 --- a/phpBB/includes/extension/manager.php +++ b/phpBB/includes/extension/manager.php @@ -437,7 +437,7 @@ class phpbb_extension_manager */ public function available($name) { - return file_exists($this->phpbb_root_path . "ext/$name/"); + return file_exists($this->get_extension_path($name, true)); } /** diff --git a/phpBB/index.php b/phpBB/index.php index 575134f6b1..e6a472ce31 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -28,7 +28,7 @@ $user->setup('viewforum'); if ($ext = $request->variable('ext', '')) { // The class to load - $class = "phpbb_ext_{$ext}_controller"; + $class = 'phpbb_ext_' . str_replace('/', '_', $name) . '_controller'; // Make sure the specified extension is enabled // and that it has a controller class -- cgit v1.2.1 From e5ce9646567e6b3441c21ab960f8a77f1281c72b Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 18 Feb 2012 11:34:07 -0500 Subject: [ticket/10586] Copy/paste fail fixed PHPBB3-10586 --- phpBB/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/index.php b/phpBB/index.php index e6a472ce31..2500774f67 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -28,7 +28,7 @@ $user->setup('viewforum'); if ($ext = $request->variable('ext', '')) { // The class to load - $class = 'phpbb_ext_' . str_replace('/', '_', $name) . '_controller'; + $class = 'phpbb_ext_' . str_replace('/', '_', $ext) . '_controller'; // Make sure the specified extension is enabled // and that it has a controller class -- cgit v1.2.1 From 56f75dbf93b0476f88c866abcae129fa3b61fc2c Mon Sep 17 00:00:00 2001 From: David King Date: Tue, 27 Mar 2012 19:57:32 -0400 Subject: [ticket/10586] Tidy up comments PHPBB3-10586 --- phpBB/includes/extension/manager.php | 2 +- phpBB/index.php | 8 +------- 2 files changed, 2 insertions(+), 8 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/extension/manager.php b/phpBB/includes/extension/manager.php index 6f1c885ea9..f103983fcd 100644 --- a/phpBB/includes/extension/manager.php +++ b/phpBB/includes/extension/manager.php @@ -432,7 +432,7 @@ class phpbb_extension_manager /** * Check to see if a given extension is available on the filesystem * - * @param string $name Extension name to check + * @param string $name Extension name to check NOTE: Can be user input * @return bool Depending on whether or not the extension is available */ public function available($name) diff --git a/phpBB/index.php b/phpBB/index.php index 2500774f67..d71878a885 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -24,14 +24,11 @@ $user->session_begin(); $auth->acl($user->data); $user->setup('viewforum'); -// If given an extension, look for a front controller +// Handle the display of extension front pages if ($ext = $request->variable('ext', '')) { - // The class to load $class = 'phpbb_ext_' . str_replace('/', '_', $ext) . '_controller'; - // Make sure the specified extension is enabled - // and that it has a controller class if (!$phpbb_extension_manager->available($ext)) { send_status_line(404, 'Not Found'); @@ -48,17 +45,14 @@ if ($ext = $request->variable('ext', '')) trigger_error($user->lang('EXTENSION_CONTROLLER_MISSING', $ext)); } - // Instantiate the extension controller $controller = new $class; - // But let's make sure it's actually a proper controller if (!($controller instanceof phpbb_extension_controller_interface)) { send_status_line(500, 'Internal Server Error'); trigger_error($user->lang('EXTENSION_CLASS_WRONG_TYPE', $class)); } - // Let's get it started... $controller->handle(); exit_handler(); } -- cgit v1.2.1