From 4e8412b16c3a2f2130769ff04fcb59d5f9584927 Mon Sep 17 00:00:00 2001 From: Cameron Date: Sun, 14 Feb 2016 19:00:12 -0800 Subject: [PATCH] Issue #1287 - PHP7 and SSL fixes. --- class2.php | 28 +++++++++++++++++++++++----- e107_core/url/page/url.php | 14 +++++++------- e107_handlers/cron_class.php | 6 +++--- e107_handlers/e107_class.php | 14 +++++++++----- e107_handlers/iphandler_class.php | 2 +- e107_handlers/model_class.php | 20 ++++++++++---------- e107_handlers/news_class.php | 2 +- e107_handlers/pref_class.php | 14 +++++++------- e107_handlers/user_model.php | 8 ++++---- e107_handlers/xml_class.php | 2 +- e107_plugins/gallery/e_shortcode.php | 8 +++++--- install.php | 4 ++-- 12 files changed, 73 insertions(+), 49 deletions(-) diff --git a/class2.php b/class2.php index 0f6275c0b..caf62bc1a 100644 --- a/class2.php +++ b/class2.php @@ -547,7 +547,7 @@ define('e_COOKIE', $pref['cookie_name']); // if the option to force users to use a particular url for the site is enabled, redirect users there as needed // Now matches RFC 2616 (sec 3.2): case insensitive, https/:443 and http/:80 are equivalent. // And, this is robust against hack attacks. Malignant users can put **anything** in HTTP_HOST! -if($pref['redirectsiteurl'] && $pref['siteurl']) { +if(!empty($pref['redirectsiteurl']) && !empty($pref['siteurl'])) { if(isset($pref['multilanguage_subdomain']) && $pref['multilanguage_subdomain']) { @@ -556,11 +556,17 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) { $self = e_REQUEST_URL; //if(e_QUERY){ $self .= '?'.e_QUERY; } $location = str_replace('://www.', '://', $self); - header("Location: {$location}", true, 301); // send 301 header, not 302 + if(defined('e_DEBUG') && e_DEBUG === true) + { + echo "Redirecting to location: ".$location; + } + + e107::getRedirect()->go($location,true,301); + // header("Location: {$location}", true, 301); // send 301 header, not 302 exit(); } } - else + elseif(deftrue('e_DOMAIN')) { // Find domain and port from user and from pref list($urlbase,$urlport) = explode(':',$_SERVER['HTTP_HOST'].':'); @@ -588,8 +594,20 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) { $aeSELF[2] = $aPrefURL[2]; // Swap in correct domain and possibly port $location = implode('/',$aeSELF).($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : ''); - header("Location: {$location}", true, 301); // send 301 header, not 302 - exit(); + // + // header("Location: {$location}", true, 301); // send 301 header, not 302 + if(defined('e_DEBUG') && e_DEBUG === true) + { + echo "DEBUG INFO: site-redirect preference enabled.
Redirecting to: ".$location."";; + echo "
e_DOMAIN: ".e_DOMAIN; + echo "
e_SUBDOMAIN: ".e_SUBDOMAIN; + } + else + { + e107::getRedirect()->go($location,true,301); + } + + exit(); } } } diff --git a/e107_core/url/page/url.php b/e107_core/url/page/url.php index 1e36615b0..411846d96 100644 --- a/e107_core/url/page/url.php +++ b/e107_core/url/page/url.php @@ -33,7 +33,7 @@ class core_page_url extends eUrlConfig /** * */ - public function create($route, $params = array()) + public function create($route, $params = array(), $options = array()) { if(!$params) return 'page.php'; @@ -62,9 +62,9 @@ class core_page_url extends eUrlConfig case 'chapter': $url .= "ch=".intval($params['id']); break; - + case 'view': - default: + default: ## aliases as retrieved from the DB, map vars to proper values if(isset($params['page_title']) && !empty($params['page_title'])) { @@ -85,10 +85,10 @@ class core_page_url extends eUrlConfig $page = '--FROM--'; } - $url .= "id=".intval($params['id']).($page ? '.'.$page : ''); - break; - - + $url .= "id=".intval($params['id']).($page ? '.'.$page : ''); + break; + + } diff --git a/e107_handlers/cron_class.php b/e107_handlers/cron_class.php index 92906edf5..dfe3f1030 100644 --- a/e107_handlers/cron_class.php +++ b/e107_handlers/cron_class.php @@ -322,11 +322,11 @@ class _system_cron return; - + /* require(e_BASE."e107_config.php"); $sql = e107::getDb(); - $dbtable = $mySQLdefaultdb; // TODO - retrieve this in a better way. (without including e107_config) + $dbtable = $mySQLdefaultdb; // $backupFile = e_BACKUP.SITENAME."_".date("Y-m-d-H-i-s").".sql"; $result = mysql_list_tables($dbtable); @@ -374,7 +374,7 @@ class _system_cron } - + */ } diff --git a/e107_handlers/e107_class.php b/e107_handlers/e107_class.php index feae95f09..a0e26a9a1 100644 --- a/e107_handlers/e107_class.php +++ b/e107_handlers/e107_class.php @@ -2984,8 +2984,9 @@ class e107 $searchPath[3] = e_PLUGIN.$unitName.'/languages/'.e_LANGUAGE.'.php'; // menu language file. break; case 'admin' : - - $adminLan = vartrue(self::getPref('adminlanguage'), e_LANGUAGE); + + $aLangPref = self::getPref('adminlanguage'); + $adminLan = vartrue($aLangPref, e_LANGUAGE); $searchPath[1] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'_admin_'.$unitName.'.php'; $searchPath[2] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'/'.'admin_'.$unitName.'.php'; @@ -3650,8 +3651,9 @@ class e107 } define('e_REQUEST_URL', str_replace(array("'", '"'), array('%27', '%22'), $requestUrl)); // full request url string (including domain) - - $requestSelf = array_shift(explode('?', e_REQUEST_URL)); + + $tmp = explode('?', e_REQUEST_URL); + $requestSelf = array_shift($tmp); if(substr($requestSelf,-4) !== '.php' && substr($requestSelf,-1) !== '/') { @@ -3659,9 +3661,11 @@ class e107 } // the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF + define('e_REQUEST_SELF', $requestSelf); // full URL without the QUERY string define('e_REQUEST_URI', str_replace(array("'", '"'), array('%27', '%22'), $requestUri)); // absolute http path + query string - define('e_REQUEST_HTTP', array_shift(explode('?', e_REQUEST_URI))); // SELF URL without the QUERY string and leading domain part + $tmp2 = explode('?', e_REQUEST_URI); + define('e_REQUEST_HTTP', array_shift($tmp2)); // SELF URL without the QUERY string and leading domain part if(!deftrue('e_SINGLE_ENTRY')) { diff --git a/e107_handlers/iphandler_class.php b/e107_handlers/iphandler_class.php index 167f2c21e..e110574f1 100644 --- a/e107_handlers/iphandler_class.php +++ b/e107_handlers/iphandler_class.php @@ -397,7 +397,7 @@ class eIPHandler { $line .= '?'.$search; // Add on the ban reason - may be useful in the page } - header('location: '.$line); + e107::redirect($line); exit(); } // Otherwise just display any message and die diff --git a/e107_handlers/model_class.php b/e107_handlers/model_class.php index 11540e7f2..5ebfbd7bc 100644 --- a/e107_handlers/model_class.php +++ b/e107_handlers/model_class.php @@ -1488,13 +1488,13 @@ class e_model extends e_object $qry = str_replace('{ID}', $id, $this->getParam('db_query')); if($qry) { - $res = $sql->db_Select_gen($qry, $this->getParam('db_debug') ? true : false); + $res = $sql->gen($qry, $this->getParam('db_debug') ? true : false); } else { if(!is_numeric($id)) $id = "'{$id}'"; - $res = $sql->db_Select( + $res = $sql->select( $this->getModelTable(), $this->getParam('db_fields', '*'), $this->getFieldIdName().'='.$id.' '.trim($this->getParam('db_where', '')), @@ -1506,7 +1506,7 @@ class e_model extends e_object if($res) { - $this->setData($sql->db_Fetch()); + $this->setData($sql->fetch()); } if($sql->getLastErrorNumber()) @@ -1624,7 +1624,7 @@ class e_model extends e_object * Awaiting for child class implementation * @see e_model_admin */ - public function delete() + public function delete($ids, $destroy = true, $session_messages = false) { } @@ -1651,7 +1651,7 @@ class e_model extends e_object * Awaiting for child class implementation * @see e_model_admin */ - protected function dbUpdate() + protected function dbUpdate($force = false, $session_messages = false) { } @@ -2510,7 +2510,7 @@ class e_front_model extends e_model * @param boolean $force * @return e_front_model */ - public function load($id, $force = false) + public function load($id=null, $force = false) { parent::load($id, $force); @@ -3121,12 +3121,12 @@ class e_tree_model extends e_front_model return $this; } - public function isCacheEnabled() + public function isCacheEnabled($checkId = true) { return (null !== $this->getCacheString()); } - public function getCacheString() + public function getCacheString($replace = false) { return $this->_cache_string; } @@ -3424,11 +3424,11 @@ class e_tree_model extends e_front_model return (string) e107::getArrayStorage()->WriteArray($this->toArray($total), $AddSlashes); } - public function update() + public function update($from_post = true, $force = false, $session_messages = false) { } - public function delete() + public function delete($ids, $destroy = true, $session_messages = false) { } } diff --git a/e107_handlers/news_class.php b/e107_handlers/news_class.php index 223aeac42..f770f722f 100644 --- a/e107_handlers/news_class.php +++ b/e107_handlers/news_class.php @@ -500,7 +500,7 @@ class e_news_item extends e_front_model * @param boolean $force * @return e_news_item */ - public function load($id, $force = false) + public function load($id=null, $force = false) { $id = intval($id); diff --git a/e107_handlers/pref_class.php b/e107_handlers/pref_class.php index 23cd69404..2f4ad7e9a 100644 --- a/e107_handlers/pref_class.php +++ b/e107_handlers/pref_class.php @@ -205,7 +205,7 @@ class e_pref extends e_front_model * @param mixed $value * @return e_pref */ - public function set($pref_name, $value) + public function set($pref_name, $value=null, $strict = false) { global $pref; if(empty($pref_name) || !is_string($pref_name)) @@ -341,7 +341,7 @@ class e_pref extends e_front_model * @param boolean $strict * @return $this|\e_model */ - final public function addData($pref_name, $value = null) + final public function addData($pref_name, $value = null, $override = true) { global $pref; parent::addData($pref_name, $value, false); @@ -361,7 +361,7 @@ class e_pref extends e_front_model * @param mixed $value * @return e_pref */ - final public function setData($pref_name, $value = null) + final public function setData($pref_name, $value = null, $strict = false) { global $pref; if(empty($pref_name)) @@ -393,7 +393,7 @@ class e_pref extends e_front_model * @param string $pref_name * @return e_pref */ - final public function removeData($pref_name) + final public function removeData($pref_name=null) { global $pref; parent::removeData((string) $pref_name); @@ -752,14 +752,14 @@ class e_pref extends e_front_model /** * Override */ - public function delete() + public function delete($ids, $destroy = true, $session_messages = false) { } /** * Override */ - protected function dbUpdate() + protected function dbUpdate($force = false, $session_messages = false) { } } @@ -983,7 +983,7 @@ class e_plugin_pref extends e_pref * @see e107_handlers/e_pref#delete() * @return boolean */ - public function delete() + public function delete($ids, $destroy = true, $session_messages = false) { $ret = false; if($this->plugin_id) diff --git a/e107_handlers/user_model.php b/e107_handlers/user_model.php index 50466ed43..2d9bd8035 100644 --- a/e107_handlers/user_model.php +++ b/e107_handlers/user_model.php @@ -906,7 +906,7 @@ class e_user_model extends e_admin_model * data to user model * @return e_user_model */ - public function mergePostedData() + public function mergePostedData($strict = true, $sanitize = true, $validate = true) { $posted = $this->getPostedData(); foreach ($posted as $key => $value) @@ -2383,7 +2383,7 @@ class e_user_extended_model extends e_admin_model * data to user extended model * @return e_user_extended_model */ - public function mergePostedData() + public function mergePostedData($strict = true, $sanitize = true, $validate = true) { $posted = $this->getPostedData(); foreach ($posted as $key => $value) @@ -2493,7 +2493,7 @@ class e_user_extended_structure_model extends e_model /** * Loading of single structure row not allowed for front model */ - public function load() + public function load($id = null, $force = false) { return $this; } @@ -2732,7 +2732,7 @@ class e_user_pref extends e_front_model * @param boolean $force * @return boolean success */ - public function save($from_post = false, $force = false) + public function save($from_post = false, $force = false, $session_messages = false) { if($this->_user->getId()) { diff --git a/e107_handlers/xml_class.php b/e107_handlers/xml_class.php index f69221590..dbc1bdc38 100644 --- a/e107_handlers/xml_class.php +++ b/e107_handlers/xml_class.php @@ -1242,7 +1242,7 @@ class XMLParse var $isError = false; var $error = ''; - function XMLParse($xml = NULL) + function __construct($xml = NULL) { $this->rawXML = $xml; $mes = e107::getMessage(); diff --git a/e107_plugins/gallery/e_shortcode.php b/e107_plugins/gallery/e_shortcode.php index 2169bc0bc..11c60de18 100644 --- a/e107_plugins/gallery/e_shortcode.php +++ b/e107_plugins/gallery/e_shortcode.php @@ -23,9 +23,11 @@ class gallery_shortcodes extends e_shortcode function init() { - $this->downloadable = e107::getPlugPref('gallery','downloadable'); - $pop_w = vartrue(e107::getPlugPref('gallery','pop_w'),1024); - $pop_h = vartrue(e107::getPlugPref('gallery','pop_h'),768); + $this->downloadable = e107::getPlugPref('gallery','downloadable'); + $prefW = e107::getPlugPref('gallery','pop_w'); + $prefH = e107::getPlugPref('gallery','pop_h'); + $pop_w = vartrue($prefW, 1024); + $pop_h = vartrue($prefH, 768); $this->attFull = array('w'=>$pop_w, 'h'=>$pop_h, 'x'=>1, 'crop'=>0); // 'w='.$pop_w.'&h='.$pop_h.'&x=1'; } diff --git a/install.php b/install.php index ea03d9344..b0e85f1ad 100644 --- a/install.php +++ b/install.php @@ -2093,8 +2093,8 @@ function template_data() - - + +