From 7740ab5dc35734177e64bed3a21a94ab11d5d0aa Mon Sep 17 00:00:00 2001
From: Nathan Guse <nathaniel.guse@gmail.com>
Date: Mon, 30 Dec 2013 11:31:24 -0600
Subject: [PATCH] [ticket/12006] Cleanup the module auth function token
 replacement code

PHPBB3-12006
---
 phpBB/includes/functions_module.php | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php
index e1259eba12..a8855a3be2 100644
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@@ -351,6 +351,15 @@ class p_master
 			[(),]                                  |
 			[^\s(),]+)/x', $module_auth, $match);
 
+		// Valid tokens for auth and their replacements
+		$valid_tokens = array(
+			'acl_([a-z0-9_]+)(,\$id)?'		=> '(int) $auth->acl_get(\'\\1\'\\2)',
+			'\$id'							=> '(int) $forum_id',
+			'aclf_([a-z0-9_]+)'				=> '(int) $auth->acl_getf_global(\'\\1\')',
+			'cfg_([a-z0-9_]+)'				=> '(int) $config[\'\\1\']',
+			'request_([a-zA-Z0-9_]+)'		=> '$request->variable(\'\\1\', false)',
+		);
+
 		$tokens = $match[0];
 		for ($i = 0, $size = sizeof($tokens); $i < $size; $i++)
 		{
@@ -366,7 +375,7 @@ class p_master
 				break;
 
 				default:
-					if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token))
+					if (!preg_match('#(?:' . implode(array_keys($valid_tokens), ')|(?:') . ')#', $token))
 					{
 						$token = '';
 					}
@@ -379,8 +388,17 @@ class p_master
 		// Make sure $id separation is working fine
 		$module_auth = str_replace(' , ', ',', $module_auth);
 
+		$module_auth = preg_replace(
+			// Array keys with # prepended/appended
+			array_map(function($value){
+				return '#' . $value . '#';
+			}, array_keys($valid_tokens)),
+			array_values($valid_tokens),
+			$module_auth
+		);
+
 		$is_auth = false;
-		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');');
+		eval('$is_auth = (int) (' .	$module_auth . ');');
 
 		return $is_auth;
 	}