[ticket/14838] Do not query full attachments table in feeds

The fetch_attachments() will also now throw a runtime exception if a feed tries to do this nonetheless. PHPBB3-14838
2025-04-05 00:13:29 +02:00 · 2016-12-25 17:54:11 +01:00 · 2016-12-25 17:54:11 +01:00 · 7cad25e4cb
commit 7cad25e4cb
parent bc96a9f1f6
8 changed files with 36 additions and 3 deletions
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@ -336,6 +336,7 @@ $lang = array_merge($lang, array(
 	'INTERESTS'					=> 'Interests',
 	'INVALID_DIGEST_CHALLENGE'	=> 'Invalid digest challenge.',
 	'INVALID_EMAIL_LOG'			=> '<strong>%s</strong> possibly an invalid email address?',
+	'INVALID_FEED_ATTACHMENTS'	=> 'The selected feed tried fetching attachments with invalid constraints.',
 	'INVALID_PLURAL_RULE'		=> 'The chosen plural rule is invalid. Valid values are integers between 0 and 15.',
 	'IP'						=> 'IP',
 	'IP_BLACKLISTED'			=> 'Your IP %1$s has been blocked because it is blacklisted. For details please see <a href="%2$s">%2$s</a>.',
--- a/phpBB/phpbb/feed/attachments_base.php
+++ b/phpBB/phpbb/feed/attachments_base.php
@ -25,8 +25,11 @@ abstract class attachments_base extends \phpbb\feed\base

 	/**
 	* Retrieve the list of attachments that may be displayed
+	*
+	* @param array $post_ids Specify for which post IDs to fetch the attachments (optional)
+	* @param array $topic_ids Specify for which topic IDs to fetch the attachments (optional)
 	*/
-	protected function fetch_attachments()
+	protected function fetch_attachments($post_ids = array(), $topic_ids = array())
 	{
 		$sql_array = array(
 			'SELECT'   => 'a.*',
@ -37,7 +40,20 @@ abstract class attachments_base extends \phpbb\feed\base
 			'ORDER_BY' => 'a.filetime DESC, a.post_msg_id ASC',
 		);

-		if (isset($this->topic_id))
+		if (!empty($post_ids))
+		{
+			$sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.post_msg_id', $post_ids);
+		}
+		else if (!empty($topic_ids))
+		{
+			if (isset($this->topic_id))
+			{
+				$topic_ids[] = $this->topic_id;
+			}
+
+			$sql_array['WHERE'] .= 'AND ' . $this->db->sql_in_set('a.topic_id', $topic_ids);
+		}
+		else if (isset($this->topic_id))
 		{
 			$sql_array['WHERE'] .= 'AND a.topic_id = ' . (int) $this->topic_id;
 		}
@ -51,6 +67,11 @@ abstract class attachments_base extends \phpbb\feed\base
 			);
 			$sql_array['WHERE'] .= 'AND t.forum_id = ' . (int) $this->forum_id;
 		}
+		else
+		{
+			// Do not allow querying the full attachments table
+			throw new \RuntimeException($this->user->lang('INVALID_FEED_ATTACHMENTS'));
+		}

 		$sql = $this->db->sql_build_query('SELECT', $sql_array);
 		$result = $this->db->sql_query($sql);
@ -69,7 +90,6 @@ abstract class attachments_base extends \phpbb\feed\base
 	public function open()
 	{
 		parent::open();
-		$this->fetch_attachments();
 	}

 	/**
--- a/phpBB/phpbb/feed/forum.php
+++ b/phpBB/phpbb/feed/forum.php
@ -112,6 +112,8 @@ class forum extends \phpbb\feed\post_base
 			return false;
 		}

+		parent::fetch_attachments(array(), $topic_ids);
+
 		$this->sql = array(
 			'SELECT'	=>	'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
 							'u.username, u.user_id',
--- a/phpBB/phpbb/feed/news.php
+++ b/phpBB/phpbb/feed/news.php
@ -83,6 +83,8 @@ class news extends \phpbb\feed\topic_base
 			return false;
 		}

+		parent::fetch_attachments($post_ids);
+
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views, t.topic_time, t.topic_last_post_time,
--- a/phpBB/phpbb/feed/overall.php
+++ b/phpBB/phpbb/feed/overall.php
@ -52,6 +52,8 @@ class overall extends \phpbb\feed\post_base
 			return false;
 		}

+		parent::fetch_attachments(array(), $topic_ids);
+
 		// Get the actual data
 		$this->sql = array(
 			'SELECT'	=>	'f.forum_id, f.forum_name, ' .
--- a/phpBB/phpbb/feed/topic.php
+++ b/phpBB/phpbb/feed/topic.php
@ -91,6 +91,8 @@ class topic extends \phpbb\feed\post_base

 	function get_sql()
 	{
+		parent::fetch_attachments();
+
 		$this->sql = array(
 			'SELECT'	=>	'p.post_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' .
 							'u.username, u.user_id',
--- a/phpBB/phpbb/feed/topics.php
+++ b/phpBB/phpbb/feed/topics.php
@ -55,6 +55,8 @@ class topics extends \phpbb\feed\topic_base
 			return false;
 		}

+		parent::fetch_attachments($post_ids);
+
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views, t.topic_time, t.topic_last_post_time,
--- a/phpBB/phpbb/feed/topics_active.php
+++ b/phpBB/phpbb/feed/topics_active.php
@ -71,6 +71,8 @@ class topics_active extends \phpbb\feed\topic_base
 			return false;
 		}

+		parent::fetch_attachments($post_ids);
+
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_views,