mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-29 04:50:51 +02:00
Code Issues Releases Wiki Activity

Merge branch '3.3.x'

Browse Source
This commit is contained in:
Máté Bartus
2021-01-22 19:14:53 +01:00
parent 64ee69b519 c2b0533fb8
commit 29e7226c96
73 changed files with 218 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
phpBB/includes/functions.php
View File

@@ -2690,7 +2690,7 @@ function parse_cfg_file($filename, $lines = false)
}
// Determine first occurrence, since in values the equal sign is allowed
$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));
$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))), ENT_COMPAT);
$value = trim(substr($line, $delim_pos + 1));
if (in_array($value, array('off', 'false', '0')))
@@ -2707,11 +2707,11 @@ function parse_cfg_file($filename, $lines = false)
}
else if (($value[0] == "'" && $value[strlen($value) - 1] == "'") || ($value[0] == '"' && $value[strlen($value) - 1] == '"'))
{
$value = htmlspecialchars(substr($value, 1, strlen($value)-2));
$value = htmlspecialchars(substr($value, 1, strlen($value)-2), ENT_COMPAT);
}
else
{
$value = htmlspecialchars($value);
$value = htmlspecialchars($value, ENT_COMPAT);
}
$parsed_items[$key] = $value;
@@ -2744,7 +2744,7 @@ function get_backtrace()
foreach ($backtrace as $trace)
{
// Strip the current directory from path
$trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']));
$trace['file'] = (empty($trace['file'])) ? '(not given by php)' : htmlspecialchars(phpbb_filter_root_path($trace['file']), ENT_COMPAT);
$trace['line'] = (empty($trace['line'])) ? '(not given by php)' : $trace['line'];
// Only show function arguments for include etc.
@@ -2752,7 +2752,7 @@ function get_backtrace()
$argument = '';
if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once', 'require_once')))
{
$argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]));
$argument = htmlspecialchars(phpbb_filter_root_path($trace['args'][0]), ENT_COMPAT);
}
$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];
@@ -2762,7 +2762,7 @@ function get_backtrace()
$output .= '<b>FILE:</b> ' . $trace['file'] . '<br />';
$output .= '<b>LINE:</b> ' . ((!empty($trace['line'])) ? $trace['line'] : '') . '<br />';
$output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']);
$output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function'], ENT_COMPAT);
$output .= '(' . (($argument !== '') ? "'$argument'" : '') . ')<br />';
}
$output .= '</div>';
@@ -4334,6 +4334,6 @@ function phpbb_get_board_contact_link(\phpbb\config\config $config, $phpbb_root_
}
else
{
return 'mailto:' . htmlspecialchars($config['board_contact']);
return 'mailto:' . htmlspecialchars($config['board_contact'], ENT_COMPAT);
}
}