mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-24 16:31:48 +02:00
Code Issues Releases Wiki Activity

Issue #1287 - PHP7 and SSL fixes.

Browse Source
This commit is contained in:
Cameron
2016-02-14 19:00:12 -08:00
parent 303195d81e
commit 4e8412b16c
12 changed files with 73 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
class2.php
View File

@@ -547,7 +547,7 @@ define('e_COOKIE', $pref['cookie_name']);
// if the option to force users to use a particular url for the site is enabled, redirect users there as needed
// Now matches RFC 2616 (sec 3.2): case insensitive, https/:443 and http/:80 are equivalent.
// And, this is robust against hack attacks. Malignant users can put **anything** in HTTP_HOST!
if($pref['redirectsiteurl'] && $pref['siteurl']) {
if(!empty($pref['redirectsiteurl']) && !empty($pref['siteurl'])) {
if(isset($pref['multilanguage_subdomain']) && $pref['multilanguage_subdomain'])
{
@@ -556,11 +556,17 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
$self = e_REQUEST_URL;
//if(e_QUERY){ $self .= '?'.e_QUERY; }
$location = str_replace('://www.', '://', $self);
header("Location: {$location}", true, 301); // send 301 header, not 302
if(defined('e_DEBUG') && e_DEBUG === true)
{
echo "Redirecting to location: ".$location;
}
e107::getRedirect()->go($location,true,301);
// header("Location: {$location}", true, 301); // send 301 header, not 302
exit();
}
}
else
elseif(deftrue('e_DOMAIN'))
{
// Find domain and port from user and from pref
list($urlbase,$urlport) = explode(':',$_SERVER['HTTP_HOST'].':');
@@ -588,8 +594,20 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
$aeSELF[2] = $aPrefURL[2]; // Swap in correct domain and possibly port
$location = implode('/',$aeSELF).($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : '');
header("Location: {$location}", true, 301); // send 301 header, not 302
exit();
//
// header("Location: {$location}", true, 301); // send 301 header, not 302
if(defined('e_DEBUG') && e_DEBUG === true)
{
echo "DEBUG INFO: site-redirect preference enabled.<br />Redirecting to: <a hre='".$location."'>".$location."</a>";;
echo "<br />e_DOMAIN: ".e_DOMAIN;
echo "<br />e_SUBDOMAIN: ".e_SUBDOMAIN;
}
else
{
e107::getRedirect()->go($location,true,301);
}
exit();
}
}
}

14
e107_core/url/page/url.php
View File

@@ -33,7 +33,7 @@ class core_page_url extends eUrlConfig
/**
*
*/
public function create($route, $params = array())
public function create($route, $params = array(), $options = array())
{
if(!$params) return 'page.php';
@@ -62,9 +62,9 @@ class core_page_url extends eUrlConfig
case 'chapter':
$url .= "ch=".intval($params['id']);
break;
case 'view':
default:
default:
## aliases as retrieved from the DB, map vars to proper values
if(isset($params['page_title']) && !empty($params['page_title']))
{
@@ -85,10 +85,10 @@ class core_page_url extends eUrlConfig
$page = '--FROM--';
}
$url .= "id=".intval($params['id']).($page ? '.'.$page : '');
break;
$url .= "id=".intval($params['id']).($page ? '.'.$page : '');
break;
}

6
e107_handlers/cron_class.php
View File

@@ -322,11 +322,11 @@ class _system_cron
return;
/*
require(e_BASE."e107_config.php");
$sql = e107::getDb();
$dbtable = $mySQLdefaultdb; // TODO - retrieve this in a better way. (without including e107_config)
$dbtable = $mySQLdefaultdb; //
$backupFile = e_BACKUP.SITENAME."_".date("Y-m-d-H-i-s").".sql";
$result = mysql_list_tables($dbtable);
@@ -374,7 +374,7 @@ class _system_cron
}
*/
}

14
e107_handlers/e107_class.php
View File

@@ -2984,8 +2984,9 @@ class e107
$searchPath[3] = e_PLUGIN.$unitName.'/languages/'.e_LANGUAGE.'.php'; // menu language file.
break;
case 'admin' :
$adminLan = vartrue(self::getPref('adminlanguage'), e_LANGUAGE);
$aLangPref = self::getPref('adminlanguage');
$adminLan = vartrue($aLangPref, e_LANGUAGE);
$searchPath[1] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'_admin_'.$unitName.'.php';
$searchPath[2] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'/'.'admin_'.$unitName.'.php';
@@ -3650,8 +3651,9 @@ class e107
}
define('e_REQUEST_URL', str_replace(array("'", '"'), array('%27', '%22'), $requestUrl)); // full request url string (including domain)
$requestSelf = array_shift(explode('?', e_REQUEST_URL));
$tmp = explode('?', e_REQUEST_URL);
$requestSelf = array_shift($tmp);
if(substr($requestSelf,-4) !== '.php' && substr($requestSelf,-1) !== '/')
{
@@ -3659,9 +3661,11 @@ class e107
}
// the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF
define('e_REQUEST_SELF', $requestSelf); // full URL without the QUERY string
define('e_REQUEST_URI', str_replace(array("'", '"'), array('%27', '%22'), $requestUri)); // absolute http path + query string
define('e_REQUEST_HTTP', array_shift(explode('?', e_REQUEST_URI))); // SELF URL without the QUERY string and leading domain part
$tmp2 = explode('?', e_REQUEST_URI);
define('e_REQUEST_HTTP', array_shift($tmp2)); // SELF URL without the QUERY string and leading domain part
if(!deftrue('e_SINGLE_ENTRY'))
{

2
e107_handlers/iphandler_class.php
View File

@@ -397,7 +397,7 @@ class eIPHandler
{
$line .= '?'.$search; // Add on the ban reason - may be useful in the page
}
header('location: '.$line);
e107::redirect($line);
exit();
}
// Otherwise just display any message and die

20
e107_handlers/model_class.php
View File

@@ -1488,13 +1488,13 @@ class e_model extends e_object
$qry = str_replace('{ID}', $id, $this->getParam('db_query'));
if($qry)
{
$res = $sql->db_Select_gen($qry, $this->getParam('db_debug') ? true : false);
$res = $sql->gen($qry, $this->getParam('db_debug') ? true : false);
}
else
{
if(!is_numeric($id)) $id = "'{$id}'";
$res = $sql->db_Select(
$res = $sql->select(
$this->getModelTable(),
$this->getParam('db_fields', '*'),
$this->getFieldIdName().'='.$id.' '.trim($this->getParam('db_where', '')),
@@ -1506,7 +1506,7 @@ class e_model extends e_object
if($res)
{
$this->setData($sql->db_Fetch());
$this->setData($sql->fetch());
}
if($sql->getLastErrorNumber())
@@ -1624,7 +1624,7 @@ class e_model extends e_object
* Awaiting for child class implementation
* @see e_model_admin
*/
public function delete()
public function delete($ids, $destroy = true, $session_messages = false)
{
}
@@ -1651,7 +1651,7 @@ class e_model extends e_object
* Awaiting for child class implementation
* @see e_model_admin
*/
protected function dbUpdate()
protected function dbUpdate($force = false, $session_messages = false)
{
}
@@ -2510,7 +2510,7 @@ class e_front_model extends e_model
* @param boolean $force
* @return e_front_model
*/
public function load($id, $force = false)
public function load($id=null, $force = false)
{
parent::load($id, $force);
@@ -3121,12 +3121,12 @@ class e_tree_model extends e_front_model
return $this;
}
public function isCacheEnabled()
public function isCacheEnabled($checkId = true)
{
return (null !== $this->getCacheString());
}
public function getCacheString()
public function getCacheString($replace = false)
{
return $this->_cache_string;
}
@@ -3424,11 +3424,11 @@ class e_tree_model extends e_front_model
return (string) e107::getArrayStorage()->WriteArray($this->toArray($total), $AddSlashes);
}
public function update()
public function update($from_post = true, $force = false, $session_messages = false)
{
}
public function delete()
public function delete($ids, $destroy = true, $session_messages = false)
{
}
}

2
e107_handlers/news_class.php
View File

@@ -500,7 +500,7 @@ class e_news_item extends e_front_model
* @param boolean $force
* @return e_news_item
*/
public function load($id, $force = false)
public function load($id=null, $force = false)
{
$id = intval($id);

14
e107_handlers/pref_class.php
View File

@@ -205,7 +205,7 @@ class e_pref extends e_front_model
* @param mixed $value
* @return e_pref
*/
public function set($pref_name, $value)
public function set($pref_name, $value=null, $strict = false)
{
global $pref;
if(empty($pref_name) || !is_string($pref_name))
@@ -341,7 +341,7 @@ class e_pref extends e_front_model
* @param boolean $strict
* @return $this|\e_model
*/
final public function addData($pref_name, $value = null)
final public function addData($pref_name, $value = null, $override = true)
{
global $pref;
parent::addData($pref_name, $value, false);
@@ -361,7 +361,7 @@ class e_pref extends e_front_model
* @param mixed $value
* @return e_pref
*/
final public function setData($pref_name, $value = null)
final public function setData($pref_name, $value = null, $strict = false)
{
global $pref;
if(empty($pref_name))
@@ -393,7 +393,7 @@ class e_pref extends e_front_model
* @param string $pref_name
* @return e_pref
*/
final public function removeData($pref_name)
final public function removeData($pref_name=null)
{
global $pref;
parent::removeData((string) $pref_name);
@@ -752,14 +752,14 @@ class e_pref extends e_front_model
/**
* Override
*/
public function delete()
public function delete($ids, $destroy = true, $session_messages = false)
{
}
/**
* Override
*/
protected function dbUpdate()
protected function dbUpdate($force = false, $session_messages = false)
{
}
}
@@ -983,7 +983,7 @@ class e_plugin_pref extends e_pref
* @see e107_handlers/e_pref#delete()
* @return boolean
*/
public function delete()
public function delete($ids, $destroy = true, $session_messages = false)
{
$ret = false;
if($this->plugin_id)

8
e107_handlers/user_model.php
View File

@@ -906,7 +906,7 @@ class e_user_model extends e_admin_model
* data to user model
* @return e_user_model
*/
public function mergePostedData()
public function mergePostedData($strict = true, $sanitize = true, $validate = true)
{
$posted = $this->getPostedData();
foreach ($posted as $key => $value)
@@ -2383,7 +2383,7 @@ class e_user_extended_model extends e_admin_model
* data to user extended model
* @return e_user_extended_model
*/
public function mergePostedData()
public function mergePostedData($strict = true, $sanitize = true, $validate = true)
{
$posted = $this->getPostedData();
foreach ($posted as $key => $value)
@@ -2493,7 +2493,7 @@ class e_user_extended_structure_model extends e_model
/**
* Loading of single structure row not allowed for front model
*/
public function load()
public function load($id = null, $force = false)
{
return $this;
}
@@ -2732,7 +2732,7 @@ class e_user_pref extends e_front_model
* @param boolean $force
* @return boolean success
*/
public function save($from_post = false, $force = false)
public function save($from_post = false, $force = false, $session_messages = false)
{
if($this->_user->getId())
{

2
e107_handlers/xml_class.php
View File

@@ -1242,7 +1242,7 @@ class XMLParse
var $isError = false;
var $error = '';
function XMLParse($xml = NULL)
function __construct($xml = NULL)
{
$this->rawXML = $xml;
$mes = e107::getMessage();

8
e107_plugins/gallery/e_shortcode.php
View File

@@ -23,9 +23,11 @@ class gallery_shortcodes extends e_shortcode
function init()
{
$this->downloadable = e107::getPlugPref('gallery','downloadable');
$pop_w = vartrue(e107::getPlugPref('gallery','pop_w'),1024);
$pop_h = vartrue(e107::getPlugPref('gallery','pop_h'),768);
$this->downloadable = e107::getPlugPref('gallery','downloadable');
$prefW = e107::getPlugPref('gallery','pop_w');
$prefH = e107::getPlugPref('gallery','pop_h');
$pop_w = vartrue($prefW, 1024);
$pop_h = vartrue($prefH, 768);
$this->attFull = array('w'=>$pop_w, 'h'=>$pop_h, 'x'=>1, 'crop'=>0); // 'w='.$pop_w.'&h='.$pop_h.'&x=1';
}

4
install.php
View File

@@ -2093,8 +2093,8 @@ function template_data()
<!-- The javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"m type="text/javascript"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="https://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"m type="text/javascript"></script>