mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-09 02:06:32 +02:00
"Fix" for realpath and Lycos?
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3222 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
@@ -903,7 +903,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
|
||||
// a hackers attempt at getting us to process a local system
|
||||
// file.
|
||||
//
|
||||
if( file_exists(realpath($backup_file_tmpname)) )
|
||||
if( file_exists(phpbb_realpath($backup_file_tmpname)) )
|
||||
{
|
||||
if( preg_match("/^(text\/[a-zA-Z]+)|(application\/(x\-)?gzip(\-compressed)?)|(application\/octet-stream)$/is", $backup_file_type) )
|
||||
{
|
||||
|
||||
@@ -72,7 +72,7 @@ $dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
|
||||
|
||||
while($file = @readdir($dir))
|
||||
{
|
||||
if( !@is_dir(realpath($phpbb_root_path . $board_config['smilies_path'] . '/' . $file)) )
|
||||
if( !@is_dir(phpbb_realpath($phpbb_root_path . $board_config['smilies_path'] . '/' . $file)) )
|
||||
{
|
||||
$img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . $file);
|
||||
|
||||
|
||||
@@ -132,9 +132,9 @@ switch( $mode )
|
||||
{
|
||||
while( $sub_dir = @readdir($dir) )
|
||||
{
|
||||
if( !is_file(realpath($phpbb_root_path . 'templates/' .$sub_dir)) && !is_link(realpath($phpbb_root_path . 'templates/' .$sub_dir)) && $sub_dir != "." && $sub_dir != ".." && $sub_dir != "CVS" )
|
||||
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' .$sub_dir)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' .$sub_dir)) && $sub_dir != "." && $sub_dir != ".." && $sub_dir != "CVS" )
|
||||
{
|
||||
if( @file_exists(@realpath($phpbb_root_path. "templates/" . $sub_dir . "/theme_info.cfg")) )
|
||||
if( @file_exists(@phpbb_realpath($phpbb_root_path. "templates/" . $sub_dir . "/theme_info.cfg")) )
|
||||
{
|
||||
include($phpbb_root_path. "templates/" . $sub_dir . "/theme_info.cfg");
|
||||
|
||||
@@ -549,7 +549,7 @@ switch( $mode )
|
||||
$s_template_select = '<select name="template_name">';
|
||||
while( $file = @readdir($dir) )
|
||||
{
|
||||
if( !is_file(realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(realpath($phpbb_root_path . 'templates/' . $file)) && $file != "." && $file != ".." && $file != "CVS" )
|
||||
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && $file != "." && $file != ".." && $file != "CVS" )
|
||||
{
|
||||
if($file == $selected['template_name'])
|
||||
{
|
||||
@@ -790,7 +790,7 @@ switch( $mode )
|
||||
$s_template_select = '<select name="export_template">';
|
||||
while( $file = @readdir($dir) )
|
||||
{
|
||||
if( !is_file(realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(realpath($phpbb_root_path . 'templates/' .$file)) && $file != "." && $file != ".." && $file != "CVS" )
|
||||
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' .$file)) && $file != "." && $file != ".." && $file != "CVS" )
|
||||
{
|
||||
$s_template_select .= '<option value="' . $file . '">' . $file . "</option>\n";
|
||||
}
|
||||
|
||||
@@ -379,7 +379,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
{
|
||||
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
|
||||
{
|
||||
if( @file_exists(@realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
if( @file_exists(@phpbb_realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
{
|
||||
@unlink("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
|
||||
}
|
||||
@@ -404,7 +404,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
|
||||
if( $user_avatar_loc != "" )
|
||||
{
|
||||
if( file_exists(@realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
|
||||
if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
|
||||
{
|
||||
if( $user_avatar_size <= $board_config['avatar_filesize'] && $user_avatar_size > 0)
|
||||
{
|
||||
@@ -447,7 +447,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
|
||||
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
|
||||
{
|
||||
if( @file_exists(@realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
if( @file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
{
|
||||
@unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']);
|
||||
}
|
||||
@@ -556,7 +556,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
|
||||
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "")
|
||||
{
|
||||
if( file_exists(@realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
if( file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
|
||||
{
|
||||
@unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
|
||||
}
|
||||
@@ -788,7 +788,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
$avatar_images = array();
|
||||
while( $file = @readdir($dir) )
|
||||
{
|
||||
if( $file != "." && $file != ".." && !is_file(realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) )
|
||||
if( $file != "." && $file != ".." && !is_file(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) )
|
||||
{
|
||||
$sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file);
|
||||
|
||||
@@ -1078,7 +1078,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx"))
|
||||
);
|
||||
|
||||
if( file_exists(@realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) )
|
||||
if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) )
|
||||
{
|
||||
if ( $form_enctype != '' )
|
||||
{
|
||||
@@ -1087,7 +1087,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
|
||||
$template->assign_block_vars('avatar_remote_upload', array() );
|
||||
}
|
||||
|
||||
if( file_exists(@realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) )
|
||||
if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) )
|
||||
{
|
||||
$template->assign_block_vars('avatar_local_gallery', array() );
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user