mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-07 07:06:30 +02:00
Code Issues Releases Wiki Activity

Core plugin Forum: fixed malformed URL in url.php (line:65) + fixed forgotten "encode"=false parameter in forum_post.php (line:405) URL creation leading to Access denied! error after redirect.

Browse Source
This commit is contained in:
berckoff
2012-02-09 12:13:47 +00:00
parent 3bc59210af
commit 492756820a
2 changed files with 172 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
e107_plugins/forum/forum_post.php
View File

@@ -402,7 +402,7 @@ if (isset($_POST['update_thread']))
$forum->threadUpdate($postInfo['post_thread'], $threadVals); $forum->threadUpdate($postInfo['post_thread'], $threadVals);
$forum->postUpdate($postInfo['post_id'], $postVals); $forum->postUpdate($postInfo['post_id'], $postVals);
$e107cache->clear('newforumposts'); $e107cache->clear('newforumposts');
$url = $e107->url->create('forum/thread/post', array('name'=>$threadVals['thread_name'], 'id' => $postInfo['post_id'], 'thread' => $postInfo['post_thread'])); $url = $e107->url->create('forum/thread/post', array('name'=>$threadVals['thread_name'], 'id' => $postInfo['post_id'], 'thread' => $postInfo['post_thread']), array('encode'=>false));
header('location:'.$url); header('location:'.$url);
exit; exit;
} }

342
e107_plugins/forum/url/url.php
View File

@@ -1,171 +1,171 @@
<?php <?php
/* /*
* Copyright (C) 2008-2011 e107 Inc (e107.org), Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt) * Copyright (C) 2008-2011 e107 Inc (e107.org), Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt)
* $Id$ * $Id$
* *
* Forum Default URL configuration * Forum Default URL configuration
* TODO - SEF URL configuration * TODO - SEF URL configuration
*/ */
class plugin_forum_url extends eUrlConfig class plugin_forum_url extends eUrlConfig
{ {
public function config() public function config()
{ {
return array( return array(
'config' => array( 'config' => array(
'noSingleEntry' => true, // [optional] default false; disallow this module to be shown via single entry point when this config is used 'noSingleEntry' => true, // [optional] default false; disallow this module to be shown via single entry point when this config is used
'legacy' => '{e_PLUGIN}forum/forum.php', // this config won't work in single entry point mod (legacy not used at all), so just set this to default plugin file to notify router it's legacy module 'legacy' => '{e_PLUGIN}forum/forum.php', // this config won't work in single entry point mod (legacy not used at all), so just set this to default plugin file to notify router it's legacy module
'format' => 'get', // get|path - notify core for the current URL format, if set to 'get' rules will be ignored 'format' => 'get', // get|path - notify core for the current URL format, if set to 'get' rules will be ignored
'selfParse' => false, // [optional] default false; use only this->parse() method, no core routine URL parsing 'selfParse' => false, // [optional] default false; use only this->parse() method, no core routine URL parsing
'selfCreate' => true, // [optional] default false; use only this->create() method, no core routine URL creating 'selfCreate' => true, // [optional] default false; use only this->create() method, no core routine URL creating
'defaultRoute' => 'forum/main', // [optional] default empty; route (no leading module) used when module is found with no additional controller/action information e.g. /news/ 'defaultRoute' => 'forum/main', // [optional] default empty; route (no leading module) used when module is found with no additional controller/action information e.g. /news/
'legacyQuery' => '' // default legacy query string template, null to disable, empty - use current QUERY_STRING 'legacyQuery' => '' // default legacy query string template, null to disable, empty - use current QUERY_STRING
), ),
// rule set array // rule set array
'rules' => array() 'rules' => array()
); );
} }
/** /**
* NOTE we have double 'forum' but this is the best way to map new-old forum URLs to the new routing engine * NOTE we have double 'forum' but this is the best way to map new-old forum URLs to the new routing engine
* Additionally, 'forum' controller is descriptive, and leading 'forum' module name could be easiely changed (URL aliases administration page) * Additionally, 'forum' controller is descriptive, and leading 'forum' module name could be easiely changed (URL aliases administration page)
*/ */
public function create($route, $params = array(), $options = array()) public function create($route, $params = array(), $options = array())
{ {
$amp = varset($options['encode']) ? '&amp;' : '&'; $amp = varset($options['encode']) ? '&amp;' : '&';
if(is_string($route)) $route = explode('/', $route, 2); if(is_string($route)) $route = explode('/', $route, 2);
if(!varset($route[0]) || 'index' == $route[0]) $route[0] = 'forum'; if(!varset($route[0]) || 'index' == $route[0]) $route[0] = 'forum';
if(!varset($route[1])) $route[1] = 'main'; if(!varset($route[1])) $route[1] = 'main';
$base = e107::getInstance()->getFolder('plugins').'forum/'; $base = e107::getInstance()->getFolder('plugins').'forum/';
//var_dump($options, $route, $params); //var_dump($options, $route, $params);
if($route[0] == 'forum') if($route[0] == 'forum')
{ {
if(!isset($params['id']) && isset($params['forum_id'])) $params['id'] = $params['forum_id']; if(!isset($params['id']) && isset($params['forum_id'])) $params['id'] = $params['forum_id'];
// if(isset($params['forum_name'])) $params['name'] = $params['forum_name']; - not used in this config // if(isset($params['forum_name'])) $params['name'] = $params['forum_name']; - not used in this config
switch($route[1]) switch($route[1])
{ {
case 'view': case 'view':
$page = (varset($params['page']) ? $amp.'p='.$params['page'] : ''); $page = (varset($params['page']) ? $amp.'p='.$params['page'] : '');
return $base."forum_viewforum.php?id={$params['id']}{$page}"; return $base."forum_viewforum.php?id={$params['id']}{$page}";
break; break;
case 'track': case 'track':
return $base.'forum.php?track'; return $base.'forum.php?track';
break; break;
case 'index': case 'index':
case 'main': case 'main':
return $base.'forum.php'; return $base.'forum.php';
break; break;
case 'post': case 'post':
return $base."forum_post.php?f={$params['type']}}id={$params['id']}"; return $base."forum_post.php?f={$params['type']}{$amp}id={$params['id']}";
break; break;
case 'rules': case 'rules':
return $base.'forum.php?f=rules'; return $base.'forum.php?f=rules';
break; break;
case 'mfar': case 'mfar':
return $base.'forum.php?f=mfar'.$amp.'id='.$params['id']; return $base.'forum.php?f=mfar'.$amp.'id='.$params['id'];
break; break;
} }
} }
elseif($route[0] == 'thread') elseif($route[0] == 'thread')
{ {
if(!isset($params['id']) && isset($params['thread_id'])) $params['id'] = $params['thread_id']; if(!isset($params['id']) && isset($params['thread_id'])) $params['id'] = $params['thread_id'];
// if(isset($params['thread_name'])) $params['name'] = $params['thread_name']; - not used in this config // if(isset($params['thread_name'])) $params['name'] = $params['thread_name']; - not used in this config
switch($route[1]) switch($route[1])
{ {
case 'new': case 'new':
return $base."forum_post.php?f=nt{$amp}id={$params['id']}"; return $base."forum_post.php?f=nt{$amp}id={$params['id']}";
break; break;
case 'reply': case 'reply':
return $base."forum_post.php?f=rp{$amp}id={$params['id']}"; return $base."forum_post.php?f=rp{$amp}id={$params['id']}";
break; break;
case 'view': case 'view':
$page = (varset($params['page']) ? $amp.'p='.$params['page'] : ''); $page = (varset($params['page']) ? $amp.'p='.$params['page'] : '');
return $base."forum_viewtopic.php?id={$params['id']}{$page}"; return $base."forum_viewtopic.php?id={$params['id']}{$page}";
break; break;
case 'last': case 'last':
return $base."forum_viewtopic.php?id={$params['id']}{$amp}last=1"; return $base."forum_viewtopic.php?id={$params['id']}{$amp}last=1";
break; break;
case 'post': case 'post':
return $base."forum_viewtopic.php?f=post{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=post{$amp}id={$params['id']}";
break; break;
case 'report': case 'report':
$page = (isset($params['page']) ? (int)$params['page'] : 0 ); $page = (isset($params['page']) ? (int)$params['page'] : 0 );
return $base."forum_viewtopic.php?f=report{$amp}id={$params['id']}{$amp}post={$params['post']}{$amp}p={$page}"; return $base."forum_viewtopic.php?f=report{$amp}id={$params['id']}{$amp}post={$params['post']}{$amp}p={$page}";
break; break;
case 'edit': case 'edit':
return $base."forum_post.php?f=edit{$amp}id={$params['id']}"; return $base."forum_post.php?f=edit{$amp}id={$params['id']}";
break; break;
case 'move': case 'move':
return $base."forum_conf.php?f=move{$amp}id={$params['id']}"; return $base."forum_conf.php?f=move{$amp}id={$params['id']}";
break; break;
case 'split': case 'split':
return $base."forum_conf.php?f=split{$amp}id={$params['id']}"; return $base."forum_conf.php?f=split{$amp}id={$params['id']}";
break; break;
case 'quote': case 'quote':
return $base."forum_post.php?f=quote{$amp}id={$params['id']}"; return $base."forum_post.php?f=quote{$amp}id={$params['id']}";
break; break;
case 'next': case 'next':
return $base."forum_viewtopic.php?f=next{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=next{$amp}id={$params['id']}";
break; break;
case 'prev': case 'prev':
return $base."forum_viewtopic.php?f=prev{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=prev{$amp}id={$params['id']}";
break; break;
case 'track': case 'track':
return $base."forum_viewtopic.php?f=track{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=track{$amp}id={$params['id']}";
break; break;
case 'untrack': case 'untrack':
return $base."forum_viewtopic.php?f=untrack{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=untrack{$amp}id={$params['id']}";
break; break;
case 'track_toggle': case 'track_toggle':
return $base."forum_viewtopic.php?f=track_toggle{$amp}id={$params['id']}"; return $base."forum_viewtopic.php?f=track_toggle{$amp}id={$params['id']}";
break; break;
} }
} }
return false; return false;
} }
/** /**
* Admin callback * Admin callback
* Language file not loaded as all language data is inside the lan_eurl.php (loaded by default on administration URL page) * Language file not loaded as all language data is inside the lan_eurl.php (loaded by default on administration URL page)
*/ */
public function admin() public function admin()
{ {
// static may be used for performance // static may be used for performance
e107::plugLan('forum', 'lan_forum_url'); e107::plugLan('forum', 'lan_forum_url');
static $admin = array( static $admin = array(
'labels' => array( 'labels' => array(
'name' => FORUM_LAN_URL_NAME, // Module name 'name' => FORUM_LAN_URL_NAME, // Module name
'label' => FORUM_LAN_URL_DEFAULT_LABEL, // Current profile name 'label' => FORUM_LAN_URL_DEFAULT_LABEL, // Current profile name
'description' => FORUM_LAN_URL_DEFAULT_DESCR, // 'description' => FORUM_LAN_URL_DEFAULT_DESCR, //
), ),
'form' => array(), // Under construction - additional configuration options 'form' => array(), // Under construction - additional configuration options
'callbacks' => array(), // Under construction - could be used for e.g. URL generator functionallity 'callbacks' => array(), // Under construction - could be used for e.g. URL generator functionallity
); );
return $admin; return $admin;
} }
} }