mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-30 21:40:43 +02:00
Merge branch 'ticket/13358' into ticket/security-171
This commit is contained in:
Marc Alexander
120
phpBB/phpbb/file_downloader.php
Normal file
120
phpBB/phpbb/file_downloader.php
Normal file
@@ -0,0 +1,120 @@
|
||||
<?php
|
||||
/**
|
||||
*
|
||||
* This file is part of the phpBB Forum Software package.
|
||||
*
|
||||
* @copyright (c) phpBB Limited <https://www.phpbb.com>
|
||||
* @license GNU General Public License, version 2 (GPL-2.0)
|
||||
*
|
||||
* For full copyright and license information, please see
|
||||
* the docs/CREDITS.txt file.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace phpbb;
|
||||
|
||||
class file_downloader
|
||||
{
|
||||
/** @var string Error string */
|
||||
protected $error_string = '';
|
||||
|
||||
/** @var int Error number */
|
||||
protected $error_number = 0;
|
||||
|
||||
/**
|
||||
* Retrieve contents from remotely stored file
|
||||
*
|
||||
* @param string $host File host
|
||||
* @param string $directory Directory file is in
|
||||
* @param string $filename Filename of file to retrieve
|
||||
* @param int $port Port to connect to; default: 80
|
||||
* @param int $timeout Connection timeout in seconds; default: 6
|
||||
*
|
||||
* @return mixed File data as string if file can be read and there is no
|
||||
* timeout, false if there were errors or the connection timed out
|
||||
*
|
||||
* @throws \RuntimeException If data can't be retrieved and no error
|
||||
* message is returned
|
||||
*/
|
||||
public function get($host, $directory, $filename, $port = 80, $timeout = 6)
|
||||
{
|
||||
// Set default values for error variables
|
||||
$this->error_number = 0;
|
||||
$this->error_string = '';
|
||||
|
||||
if ($socket = @fsockopen($host, $port, $this->error_number, $this->error_string, $timeout))
|
||||
{
|
||||
@fputs($socket, "GET $directory/$filename HTTP/1.0\r\n");
|
||||
@fputs($socket, "HOST: $host\r\n");
|
||||
@fputs($socket, "Connection: close\r\n\r\n");
|
||||
|
||||
$timer_stop = time() + $timeout;
|
||||
stream_set_timeout($socket, $timeout);
|
||||
|
||||
$file_info = '';
|
||||
$get_info = false;
|
||||
|
||||
while (!@feof($socket))
|
||||
{
|
||||
if ($get_info)
|
||||
{
|
||||
$file_info .= @fread($socket, 1024);
|
||||
}
|
||||
else
|
||||
{
|
||||
$line = @fgets($socket, 1024);
|
||||
if ($line == "\r\n")
|
||||
{
|
||||
$get_info = true;
|
||||
}
|
||||
else if (stripos($line, '404 not found') !== false)
|
||||
{
|
||||
throw new \RuntimeException(array('FILE_NOT_FOUND', $filename));
|
||||
}
|
||||
}
|
||||
|
||||
$stream_meta_data = stream_get_meta_data($socket);
|
||||
|
||||
if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
|
||||
{
|
||||
throw new \RuntimeException('FSOCK_TIMEOUT');
|
||||
}
|
||||
}
|
||||
@fclose($socket);
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($this->error_string)
|
||||
{
|
||||
$this->error_string = utf8_convert_message($this->error_string);
|
||||
return false;
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new \RuntimeException('FSOCK_DISABLED');
|
||||
}
|
||||
}
|
||||
|
||||
return $file_info;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get error string
|
||||
*
|
||||
* @return string Error string
|
||||
*/
|
||||
public function get_error_string()
|
||||
{
|
||||
return $this->error_string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get error number
|
||||
*
|
||||
* @return int Error number
|
||||
*/
|
||||
public function get_error_number()
|
||||
{
|
||||
return $this->error_number;
|
||||
}
|
||||
}
|
||||
@@ -50,6 +50,9 @@ class version_helper
|
||||
/** @var \phpbb\config\config */
|
||||
protected $config;
|
||||
|
||||
/** @var \phpbb\file_downloader */
|
||||
protected $file_downloader;
|
||||
|
||||
/** @var \phpbb\user */
|
||||
protected $user;
|
||||
|
||||
@@ -58,12 +61,14 @@ class version_helper
|
||||
*
|
||||
* @param \phpbb\cache\service $cache
|
||||
* @param \phpbb\config\config $config
|
||||
* @param \phpbb\file_downloader $file_downloader
|
||||
* @param \phpbb\user $user
|
||||
*/
|
||||
public function __construct(\phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\user $user)
|
||||
public function __construct(\phpbb\cache\service $cache, \phpbb\config\config $config, file_downloader $file_downloader, \phpbb\user $user)
|
||||
{
|
||||
$this->cache = $cache;
|
||||
$this->config = $config;
|
||||
$this->file_downloader = $file_downloader;
|
||||
$this->user = $user;
|
||||
|
||||
if (defined('PHPBB_QA'))
|
||||
@@ -249,12 +254,18 @@ class version_helper
|
||||
}
|
||||
else if ($info === false || $force_update)
|
||||
{
|
||||
$errstr = $errno = '';
|
||||
$info = get_remote_file($this->host, $this->path, $this->file, $errstr, $errno);
|
||||
|
||||
if (!empty($errstr))
|
||||
try {
|
||||
$info = $this->file_downloader->get($this->host, $this->path, $this->file);
|
||||
}
|
||||
catch (\RuntimeException $exception)
|
||||
{
|
||||
throw new \RuntimeException($errstr);
|
||||
throw new \RuntimeException(call_user_func_array(array($this->user, 'lang'), $exception->getMessage()));
|
||||
}
|
||||
$error_string = $this->file_downloader->get_error_string();
|
||||
|
||||
if (!empty($error_string))
|
||||
{
|
||||
throw new \RuntimeException($error_string);
|
||||
}
|
||||
|
||||
$info = json_decode($info, true);
|
||||
|
||||
Reference in New Issue
Block a user