mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-25 17:01:43 +02:00
Code Issues Releases Wiki Activity

Issue #1287 - PHP7 and SSL fixes.

Browse Source
This commit is contained in:
Cameron
2016-02-14 19:00:12 -08:00
parent 303195d81e
commit 4e8412b16c
12 changed files with 73 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
class2.php
View File

@@ -547,7 +547,7 @@ define('e_COOKIE', $pref['cookie_name']);
// if the option to force users to use a particular url for the site is enabled, redirect users there as needed // if the option to force users to use a particular url for the site is enabled, redirect users there as needed
// Now matches RFC 2616 (sec 3.2): case insensitive, https/:443 and http/:80 are equivalent. // Now matches RFC 2616 (sec 3.2): case insensitive, https/:443 and http/:80 are equivalent.
// And, this is robust against hack attacks. Malignant users can put **anything** in HTTP_HOST! // And, this is robust against hack attacks. Malignant users can put **anything** in HTTP_HOST!
if($pref['redirectsiteurl'] && $pref['siteurl']) { if(!empty($pref['redirectsiteurl']) && !empty($pref['siteurl'])) {
if(isset($pref['multilanguage_subdomain']) && $pref['multilanguage_subdomain']) if(isset($pref['multilanguage_subdomain']) && $pref['multilanguage_subdomain'])
{ {
@@ -556,11 +556,17 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
$self = e_REQUEST_URL; $self = e_REQUEST_URL;
//if(e_QUERY){ $self .= '?'.e_QUERY; } //if(e_QUERY){ $self .= '?'.e_QUERY; }
$location = str_replace('://www.', '://', $self); $location = str_replace('://www.', '://', $self);
header("Location: {$location}", true, 301); // send 301 header, not 302 if(defined('e_DEBUG') && e_DEBUG === true)
{
echo "Redirecting to location: ".$location;
}
e107::getRedirect()->go($location,true,301);
// header("Location: {$location}", true, 301); // send 301 header, not 302
exit(); exit();
} }
} }
else elseif(deftrue('e_DOMAIN'))
{ {
// Find domain and port from user and from pref // Find domain and port from user and from pref
list($urlbase,$urlport) = explode(':',$_SERVER['HTTP_HOST'].':'); list($urlbase,$urlport) = explode(':',$_SERVER['HTTP_HOST'].':');
@@ -588,8 +594,20 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
$aeSELF[2] = $aPrefURL[2]; // Swap in correct domain and possibly port $aeSELF[2] = $aPrefURL[2]; // Swap in correct domain and possibly port
$location = implode('/',$aeSELF).($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : ''); $location = implode('/',$aeSELF).($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : '');
header("Location: {$location}", true, 301); // send 301 header, not 302 //
exit(); // header("Location: {$location}", true, 301); // send 301 header, not 302
if(defined('e_DEBUG') && e_DEBUG === true)
{
echo "DEBUG INFO: site-redirect preference enabled.<br />Redirecting to: <a hre='".$location."'>".$location."</a>";;
echo "<br />e_DOMAIN: ".e_DOMAIN;
echo "<br />e_SUBDOMAIN: ".e_SUBDOMAIN;
}
else
{
e107::getRedirect()->go($location,true,301);
}
exit();
} }
} }
} }

14
e107_core/url/page/url.php
View File

@@ -33,7 +33,7 @@ class core_page_url extends eUrlConfig
/** /**
* *
*/ */
public function create($route, $params = array()) public function create($route, $params = array(), $options = array())
{ {
if(!$params) return 'page.php'; if(!$params) return 'page.php';
@@ -62,9 +62,9 @@ class core_page_url extends eUrlConfig
case 'chapter': case 'chapter':
$url .= "ch=".intval($params['id']); $url .= "ch=".intval($params['id']);
break; break;
case 'view': case 'view':
default: default:
## aliases as retrieved from the DB, map vars to proper values ## aliases as retrieved from the DB, map vars to proper values
if(isset($params['page_title']) && !empty($params['page_title'])) if(isset($params['page_title']) && !empty($params['page_title']))
{ {
@@ -85,10 +85,10 @@ class core_page_url extends eUrlConfig
$page = '--FROM--'; $page = '--FROM--';
} }
$url .= "id=".intval($params['id']).($page ? '.'.$page : ''); $url .= "id=".intval($params['id']).($page ? '.'.$page : '');
break; break;
} }

6
e107_handlers/cron_class.php
View File

@@ -322,11 +322,11 @@ class _system_cron
return; return;
/*
require(e_BASE."e107_config.php"); require(e_BASE."e107_config.php");
$sql = e107::getDb(); $sql = e107::getDb();
$dbtable = $mySQLdefaultdb; // TODO - retrieve this in a better way. (without including e107_config) $dbtable = $mySQLdefaultdb; //
$backupFile = e_BACKUP.SITENAME."_".date("Y-m-d-H-i-s").".sql"; $backupFile = e_BACKUP.SITENAME."_".date("Y-m-d-H-i-s").".sql";
$result = mysql_list_tables($dbtable); $result = mysql_list_tables($dbtable);
@@ -374,7 +374,7 @@ class _system_cron
} }
*/
} }

14
e107_handlers/e107_class.php
View File

@@ -2984,8 +2984,9 @@ class e107
$searchPath[3] = e_PLUGIN.$unitName.'/languages/'.e_LANGUAGE.'.php'; // menu language file. $searchPath[3] = e_PLUGIN.$unitName.'/languages/'.e_LANGUAGE.'.php'; // menu language file.
break; break;
case 'admin' : case 'admin' :
$adminLan = vartrue(self::getPref('adminlanguage'), e_LANGUAGE); $aLangPref = self::getPref('adminlanguage');
$adminLan = vartrue($aLangPref, e_LANGUAGE);
$searchPath[1] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'_admin_'.$unitName.'.php'; $searchPath[1] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'_admin_'.$unitName.'.php';
$searchPath[2] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'/'.'admin_'.$unitName.'.php'; $searchPath[2] = e_PLUGIN.$unitName.'/languages/'.$adminLan.'/'.'admin_'.$unitName.'.php';
@@ -3650,8 +3651,9 @@ class e107
} }
define('e_REQUEST_URL', str_replace(array("'", '"'), array('%27', '%22'), $requestUrl)); // full request url string (including domain) define('e_REQUEST_URL', str_replace(array("'", '"'), array('%27', '%22'), $requestUrl)); // full request url string (including domain)
$requestSelf = array_shift(explode('?', e_REQUEST_URL)); $tmp = explode('?', e_REQUEST_URL);
$requestSelf = array_shift($tmp);
if(substr($requestSelf,-4) !== '.php' && substr($requestSelf,-1) !== '/') if(substr($requestSelf,-4) !== '.php' && substr($requestSelf,-1) !== '/')
{ {
@@ -3659,9 +3661,11 @@ class e107
} }
// the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF // the last anti-XSS measure, XHTML compliant URL to be used in forms instead e_SELF
define('e_REQUEST_SELF', $requestSelf); // full URL without the QUERY string define('e_REQUEST_SELF', $requestSelf); // full URL without the QUERY string
define('e_REQUEST_URI', str_replace(array("'", '"'), array('%27', '%22'), $requestUri)); // absolute http path + query string define('e_REQUEST_URI', str_replace(array("'", '"'), array('%27', '%22'), $requestUri)); // absolute http path + query string
define('e_REQUEST_HTTP', array_shift(explode('?', e_REQUEST_URI))); // SELF URL without the QUERY string and leading domain part $tmp2 = explode('?', e_REQUEST_URI);
define('e_REQUEST_HTTP', array_shift($tmp2)); // SELF URL without the QUERY string and leading domain part
if(!deftrue('e_SINGLE_ENTRY')) if(!deftrue('e_SINGLE_ENTRY'))
{ {

2
e107_handlers/iphandler_class.php
View File

@@ -397,7 +397,7 @@ class eIPHandler
{ {
$line .= '?'.$search; // Add on the ban reason - may be useful in the page $line .= '?'.$search; // Add on the ban reason - may be useful in the page
} }
header('location: '.$line); e107::redirect($line);
exit(); exit();
} }
// Otherwise just display any message and die // Otherwise just display any message and die

20
e107_handlers/model_class.php
View File

@@ -1488,13 +1488,13 @@ class e_model extends e_object
$qry = str_replace('{ID}', $id, $this->getParam('db_query')); $qry = str_replace('{ID}', $id, $this->getParam('db_query'));
if($qry) if($qry)
{ {
$res = $sql->db_Select_gen($qry, $this->getParam('db_debug') ? true : false); $res = $sql->gen($qry, $this->getParam('db_debug') ? true : false);
} }
else else
{ {
if(!is_numeric($id)) $id = "'{$id}'"; if(!is_numeric($id)) $id = "'{$id}'";
$res = $sql->db_Select( $res = $sql->select(
$this->getModelTable(), $this->getModelTable(),
$this->getParam('db_fields', '*'), $this->getParam('db_fields', '*'),
$this->getFieldIdName().'='.$id.' '.trim($this->getParam('db_where', '')), $this->getFieldIdName().'='.$id.' '.trim($this->getParam('db_where', '')),
@@ -1506,7 +1506,7 @@ class e_model extends e_object
if($res) if($res)
{ {
$this->setData($sql->db_Fetch()); $this->setData($sql->fetch());
} }
if($sql->getLastErrorNumber()) if($sql->getLastErrorNumber())
@@ -1624,7 +1624,7 @@ class e_model extends e_object
* Awaiting for child class implementation * Awaiting for child class implementation
* @see e_model_admin * @see e_model_admin
*/ */
public function delete() public function delete($ids, $destroy = true, $session_messages = false)
{ {
} }
@@ -1651,7 +1651,7 @@ class e_model extends e_object
* Awaiting for child class implementation * Awaiting for child class implementation
* @see e_model_admin * @see e_model_admin
*/ */
protected function dbUpdate() protected function dbUpdate($force = false, $session_messages = false)
{ {
} }
@@ -2510,7 +2510,7 @@ class e_front_model extends e_model
* @param boolean $force * @param boolean $force
* @return e_front_model * @return e_front_model
*/ */
public function load($id, $force = false) public function load($id=null, $force = false)
{ {
parent::load($id, $force); parent::load($id, $force);
@@ -3121,12 +3121,12 @@ class e_tree_model extends e_front_model
return $this; return $this;
} }
public function isCacheEnabled() public function isCacheEnabled($checkId = true)
{ {
return (null !== $this->getCacheString()); return (null !== $this->getCacheString());
} }
public function getCacheString() public function getCacheString($replace = false)
{ {
return $this->_cache_string; return $this->_cache_string;
} }
@@ -3424,11 +3424,11 @@ class e_tree_model extends e_front_model
return (string) e107::getArrayStorage()->WriteArray($this->toArray($total), $AddSlashes); return (string) e107::getArrayStorage()->WriteArray($this->toArray($total), $AddSlashes);
} }
public function update() public function update($from_post = true, $force = false, $session_messages = false)
{ {
} }
public function delete() public function delete($ids, $destroy = true, $session_messages = false)
{ {
} }
} }

2
e107_handlers/news_class.php
View File

@@ -500,7 +500,7 @@ class e_news_item extends e_front_model
* @param boolean $force * @param boolean $force
* @return e_news_item * @return e_news_item
*/ */
public function load($id, $force = false) public function load($id=null, $force = false)
{ {
$id = intval($id); $id = intval($id);

14
e107_handlers/pref_class.php
View File

@@ -205,7 +205,7 @@ class e_pref extends e_front_model
* @param mixed $value * @param mixed $value
* @return e_pref * @return e_pref
*/ */
public function set($pref_name, $value) public function set($pref_name, $value=null, $strict = false)
{ {
global $pref; global $pref;
if(empty($pref_name) || !is_string($pref_name)) if(empty($pref_name) || !is_string($pref_name))
@@ -341,7 +341,7 @@ class e_pref extends e_front_model
* @param boolean $strict * @param boolean $strict
* @return $this|\e_model * @return $this|\e_model
*/ */
final public function addData($pref_name, $value = null) final public function addData($pref_name, $value = null, $override = true)
{ {
global $pref; global $pref;
parent::addData($pref_name, $value, false); parent::addData($pref_name, $value, false);
@@ -361,7 +361,7 @@ class e_pref extends e_front_model
* @param mixed $value * @param mixed $value
* @return e_pref * @return e_pref
*/ */
final public function setData($pref_name, $value = null) final public function setData($pref_name, $value = null, $strict = false)
{ {
global $pref; global $pref;
if(empty($pref_name)) if(empty($pref_name))
@@ -393,7 +393,7 @@ class e_pref extends e_front_model
* @param string $pref_name * @param string $pref_name
* @return e_pref * @return e_pref
*/ */
final public function removeData($pref_name) final public function removeData($pref_name=null)
{ {
global $pref; global $pref;
parent::removeData((string) $pref_name); parent::removeData((string) $pref_name);
@@ -752,14 +752,14 @@ class e_pref extends e_front_model
/** /**
* Override * Override
*/ */
public function delete() public function delete($ids, $destroy = true, $session_messages = false)
{ {
} }
/** /**
* Override * Override
*/ */
protected function dbUpdate() protected function dbUpdate($force = false, $session_messages = false)
{ {
} }
} }
@@ -983,7 +983,7 @@ class e_plugin_pref extends e_pref
* @see e107_handlers/e_pref#delete() * @see e107_handlers/e_pref#delete()
* @return boolean * @return boolean
*/ */
public function delete() public function delete($ids, $destroy = true, $session_messages = false)
{ {
$ret = false; $ret = false;
if($this->plugin_id) if($this->plugin_id)

8
e107_handlers/user_model.php
View File

@@ -906,7 +906,7 @@ class e_user_model extends e_admin_model
* data to user model * data to user model
* @return e_user_model * @return e_user_model
*/ */
public function mergePostedData() public function mergePostedData($strict = true, $sanitize = true, $validate = true)
{ {
$posted = $this->getPostedData(); $posted = $this->getPostedData();
foreach ($posted as $key => $value) foreach ($posted as $key => $value)
@@ -2383,7 +2383,7 @@ class e_user_extended_model extends e_admin_model
* data to user extended model * data to user extended model
* @return e_user_extended_model * @return e_user_extended_model
*/ */
public function mergePostedData() public function mergePostedData($strict = true, $sanitize = true, $validate = true)
{ {
$posted = $this->getPostedData(); $posted = $this->getPostedData();
foreach ($posted as $key => $value) foreach ($posted as $key => $value)
@@ -2493,7 +2493,7 @@ class e_user_extended_structure_model extends e_model
/** /**
* Loading of single structure row not allowed for front model * Loading of single structure row not allowed for front model
*/ */
public function load() public function load($id = null, $force = false)
{ {
return $this; return $this;
} }
@@ -2732,7 +2732,7 @@ class e_user_pref extends e_front_model
* @param boolean $force * @param boolean $force
* @return boolean success * @return boolean success
*/ */
public function save($from_post = false, $force = false) public function save($from_post = false, $force = false, $session_messages = false)
{ {
if($this->_user->getId()) if($this->_user->getId())
{ {

2
e107_handlers/xml_class.php
View File

@@ -1242,7 +1242,7 @@ class XMLParse
var $isError = false; var $isError = false;
var $error = ''; var $error = '';
function XMLParse($xml = NULL) function __construct($xml = NULL)
{ {
$this->rawXML = $xml; $this->rawXML = $xml;
$mes = e107::getMessage(); $mes = e107::getMessage();

8
e107_plugins/gallery/e_shortcode.php
View File

@@ -23,9 +23,11 @@ class gallery_shortcodes extends e_shortcode
function init() function init()
{ {
$this->downloadable = e107::getPlugPref('gallery','downloadable'); $this->downloadable = e107::getPlugPref('gallery','downloadable');
$pop_w = vartrue(e107::getPlugPref('gallery','pop_w'),1024); $prefW = e107::getPlugPref('gallery','pop_w');
$pop_h = vartrue(e107::getPlugPref('gallery','pop_h'),768); $prefH = e107::getPlugPref('gallery','pop_h');
$pop_w = vartrue($prefW, 1024);
$pop_h = vartrue($prefH, 768);
$this->attFull = array('w'=>$pop_w, 'h'=>$pop_h, 'x'=>1, 'crop'=>0); // 'w='.$pop_w.'&h='.$pop_h.'&x=1'; $this->attFull = array('w'=>$pop_w, 'h'=>$pop_h, 'x'=>1, 'crop'=>0); // 'w='.$pop_w.'&h='.$pop_h.'&x=1';
} }

4
install.php
View File

@@ -2093,8 +2093,8 @@ function template_data()
<!-- The javascript <!-- The javascript
================================================== --> ================================================== -->
<!-- Placed at the end of the document so the pages load faster --> <!-- Placed at the end of the document so the pages load faster -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"m type="text/javascript"></script> <script src="https://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"m type="text/javascript"></script>