From 7524ca52497a05b9079983c0fc7239a7e6e9a643 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 7 Jun 2008 13:42:06 +0000 Subject: [PATCH] do not allow [flash=0,0]... not implemented for images due to the reliance on getimagesize() - as usual both sizes are able to be limited by the maximum/minimum image size configuration options git-svn-id: file:///svn/phpbb/trunk@8614 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/cache.php | 4 ++-- phpBB/includes/message_parser.php | 6 ++++++ phpBB/includes/session.php | 14 +++++++------- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/phpBB/includes/cache.php b/phpBB/includes/cache.php index 879fbb6a80..f537b52b3f 100644 --- a/phpBB/includes/cache.php +++ b/phpBB/includes/cache.php @@ -63,7 +63,7 @@ class cache $cache->put('config', $cached_config); } - + return $config; } @@ -310,7 +310,7 @@ class cache $cache->put('_bots', $bots); } - + return $bots; } diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 286ccd8152..d9c5dbaa31 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -346,6 +346,12 @@ class bbcode_firstpass extends bbcode $in = trim($in); $error = false; + // Do not allow 0-sizes generally being entered + if ($width <= 0 || $height <= 0) + { + return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; + } + // Apply the same size checks on flash files as on images if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) { diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index fedaba8559..05c9aa8de8 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -39,7 +39,7 @@ class session * * @param string $root_path current root path (phpbb_root_path) */ - function extract_current_page($root_path) + public static function extract_current_page($root_path) { $page_array = array(); @@ -160,7 +160,7 @@ class session $this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : ''; $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; $this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); - $this->page = $this->extract_current_page(PHPBB_ROOT_PATH); + $this->page = self::extract_current_page(PHPBB_ROOT_PATH); // if the forwarded for header shall be checked we have to validate its contents if ($config['forwarded_for_check']) @@ -266,7 +266,7 @@ class session $s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : ''; $u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : ''; - + // referer checks $check_referer_path = $config['referer_validation'] == REFERER_VALIDATE_PATH; $referer_valid = true; @@ -275,7 +275,7 @@ class session { $referer_valid = $this->validate_referer($check_referer_path); } - + if ($u_ip === $s_ip && $s_browser === $u_browser && $s_forwarded_for === $u_forwarded_for && $referer_valid) { @@ -1287,10 +1287,10 @@ class session $this->set_login_key($user_id); } } - - + + /** - * Check if the request originated from the same page. + * Check if the request originated from the same page. * @param bool $check_script_path If true, the path will be checked as well */ function validate_referer($check_script_path = false)