mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merge branch 'develop-ascraeus' into develop

Browse Source
This commit is contained in:
Joas Schilling
2014-11-22 17:49:06 +01:00
parent 0c4a0cac61 5c3b6a8559
commit 8f67892f5e
6 changed files with 236 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
phpBB/phpbb/extension/metadata_manager.php
View File

@@ -177,12 +177,24 @@ class metadata_manager
throw new \phpbb\extension\exception($this->user->lang('FILE_JSON_DECODE_ERR', $this->metadata_file));
}
array_walk_recursive($metadata, array($this, 'sanitize_json'));
$this->metadata = $metadata;
return true;
}
}
/**
* Sanitize input from JSON array using htmlspecialchars()
*
* @param mixed $value Value of array row
* @param string $key Key of array row
*/
public function sanitize_json(&$value, $key)
{
$value = htmlspecialchars($value);
}
/**
* This array handles the cleaning of the array
*
@@ -337,30 +349,30 @@ class metadata_manager
public function output_template_data()
{
$this->template->assign_vars(array(
'META_NAME' => htmlspecialchars($this->metadata['name']),
'META_TYPE' => htmlspecialchars($this->metadata['type']),
'META_DESCRIPTION' => (isset($this->metadata['description'])) ? htmlspecialchars($this->metadata['description']) : '',
'META_NAME' => $this->metadata['name'],
'META_TYPE' => $this->metadata['type'],
'META_DESCRIPTION' => (isset($this->metadata['description'])) ? $this->metadata['description'] : '',
'META_HOMEPAGE' => (isset($this->metadata['homepage'])) ? $this->metadata['homepage'] : '',
'META_VERSION' => (isset($this->metadata['version'])) ? htmlspecialchars($this->metadata['version']) : '',
'META_TIME' => (isset($this->metadata['time'])) ? htmlspecialchars($this->metadata['time']) : '',
'META_LICENSE' => htmlspecialchars($this->metadata['license']),
'META_VERSION' => (isset($this->metadata['version'])) ? $this->metadata['version'] : '',
'META_TIME' => (isset($this->metadata['time'])) ? $this->metadata['time'] : '',
'META_LICENSE' => $this->metadata['license'],
'META_REQUIRE_PHP' => (isset($this->metadata['require']['php'])) ? htmlspecialchars($this->metadata['require']['php']) : '',
'META_REQUIRE_PHP' => (isset($this->metadata['require']['php'])) ? $this->metadata['require']['php'] : '',
'META_REQUIRE_PHP_FAIL' => !$this->validate_require_php(),
'META_REQUIRE_PHPBB' => (isset($this->metadata['extra']['soft-require']['phpbb/phpbb'])) ? htmlspecialchars($this->metadata['extra']['soft-require']['phpbb/phpbb']) : '',
'META_REQUIRE_PHPBB' => (isset($this->metadata['extra']['soft-require']['phpbb/phpbb'])) ? $this->metadata['extra']['soft-require']['phpbb/phpbb'] : '',
'META_REQUIRE_PHPBB_FAIL' => !$this->validate_require_phpbb(),
'META_DISPLAY_NAME' => (isset($this->metadata['extra']['display-name'])) ? htmlspecialchars($this->metadata['extra']['display-name']) : '',
'META_DISPLAY_NAME' => (isset($this->metadata['extra']['display-name'])) ? $this->metadata['extra']['display-name'] : '',
));
foreach ($this->metadata['authors'] as $author)
{
$this->template->assign_block_vars('meta_authors', array(
'AUTHOR_NAME' => htmlspecialchars($author['name']),
'AUTHOR_NAME' => $author['name'],
'AUTHOR_EMAIL' => (isset($author['email'])) ? $author['email'] : '',
'AUTHOR_HOMEPAGE' => (isset($author['homepage'])) ? $author['homepage'] : '',
'AUTHOR_ROLE' => (isset($author['role'])) ? htmlspecialchars($author['role']) : '',
'AUTHOR_ROLE' => (isset($author['role'])) ? $author['role'] : '',
));
}
}

19
phpBB/phpbb/version_helper.php
View File

@@ -270,6 +270,16 @@ class version_helper
$info = json_decode($info, true);
// Sanitize any data we retrieve from a server
if (!empty($info))
{
$json_sanitizer = function (&$value, $key) {
$type_cast_helper = new \phpbb\request\type_cast_helper();
$type_cast_helper->set_var($value, $value, gettype($value), true);
};
array_walk_recursive($info, $json_sanitizer);
}
if (empty($info['stable']) && empty($info['unstable']))
{
$this->user->add_lang('acp/common');
@@ -277,15 +287,6 @@ class version_helper
throw new \RuntimeException($this->user->lang('VERSIONCHECK_FAIL'));
}
// Replace & with & on announcement links
foreach ($info as $stability => $branches)
{
foreach ($branches as $branch => $branch_data)
{
$info[$stability][$branch]['announcement'] = (!empty($branch_data['announcement'])) ? str_replace('&', '&', $branch_data['announcement']) : '';
}
}
$info['stable'] = (empty($info['stable'])) ? array() : $info['stable'];
$info['unstable'] = (empty($info['unstable'])) ? $info['stable'] : $info['unstable'];