mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

- fix htmlspecialchars handling in search (search backends get specialchared input, and should return specialchared output), current backends strip entities anyway [includes Bug #8156]

Browse Source 
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by  )


git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
2007-02-25 22:09:53 +00:00
parent 424a520d0e
commit b66e0fcd34
16 changed files with 281 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
phpBB/includes/acp/acp_attachments.php
View File

@@ -766,6 +766,8 @@ class acp_attachments
if ($row['left_id'] > $cat_right)
{
// make sure we don't forget anything
$s_forum_id_options .= $holding;
$holding = '';
}
@@ -781,6 +783,12 @@ class acp_attachments
$holding = '';
}
}
if ($holding)
{
$s_forum_id_options .= $holding;
}
$db->sql_freeresult($result);
unset($padding_store);

260
phpBB/includes/acp/acp_search.php
View File

@@ -8,6 +8,16 @@
*
*/
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
// make sure, a start time is saved
still_on_time();
/**
* @package acp
*/
@@ -17,7 +27,7 @@ class acp_search
var $state;
var $search;
var $max_post_id;
var $batch_size = 5000;
var $batch_size = 1000;
function main($id, $mode)
{
@@ -143,7 +153,7 @@ class acp_search
if (!method_exists($search, 'init') || !($error = $search->init()))
{
set_config('search_type', $cfg_array['search_type']);
if (!$updated)
{
add_log('admin', 'LOG_CONFIG_SEARCH');
@@ -210,6 +220,13 @@ class acp_search
}
$this->state = explode(',', $config['search_indexing_state']);
if (isset($_POST['cancel']))
{
$action = '';
$this->state = array();
$this->save_state();
}
if ($action)
{
switch ($action)
@@ -218,15 +235,15 @@ class acp_search
$type = request_var('type', '');
$this->display_progress_bar($type);
break;
case 'delete':
$this->state[1] = 'delete';
break;
case 'create':
$this->state[1] = 'create';
break;
default:
trigger_error('NO_ACTION', E_USER_ERROR);
break;
@@ -243,10 +260,8 @@ class acp_search
{
trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING);
}
$action = &$this->state[1];
@set_time_limit(0);
$action = &$this->state[1];
$this->max_post_id = $this->get_max_post_id();
@@ -254,116 +269,126 @@ class acp_search
$this->state[2] = &$post_counter;
$this->save_state();
if ($action == 'delete')
switch ($action)
{
if (method_exists($this->search, 'delete_index'))
{
// pass a reference to myself so the $search object can make use of save_state() and attributes
if ($error = $this->search->delete_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=delete", false)))
case 'delete':
if (method_exists($this->search, 'delete_index'))
{
$this->state = array('');
$this->save_state();
trigger_error($error . adm_back_link($this->u_action) . $this->close_popup_js(), E_USER_WARNING);
}
}
else
{
$sql = 'SELECT post_id, poster_id, forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id >= ' . (int) ($post_counter + 1) . '
AND post_id < ' . (int) ($post_counter + $this->batch_size);
$result = $db->sql_query($sql);
$ids = $posters = array();
while ($row = $db->sql_fetchrow($result))
{
$ids[] = $row['post_id'];
$posters[] = $row['poster_id'];
$forum_ids[] = $row['forum_id'];
}
$db->sql_freeresult($result);
if (sizeof($ids))
{
$this->search->index_remove($ids, $posters, $forum_ids);
}
$post_counter += $this->batch_size;
// save the current state
$this->save_state();
if ($post_counter <= $this->max_post_id)
{
redirect($this->u_action . '&amp;action=delete');
}
}
$this->search->tidy();
$this->state = array('');
$this->save_state();
trigger_error($user->lang['SEARCH_INDEX_REMOVED'] . adm_back_link($this->u_action) . $this->close_popup_js());
}
else
{
if (method_exists($this->search, 'create_index'))
{
// pass a reference to myself so the $search object can make use of save_state() and attributes
if ($error = $this->search->create_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=create", false)))
{
$this->state = array('');
$this->save_state();
trigger_error($error . adm_back_link($this->u_action) . $this->close_popup_js(), E_USER_WARNING);
}
}
else
{
$sql = 'SELECT forum_id, enable_indexing
FROM ' . FORUMS_TABLE;
$result = $db->sql_query($sql, 3600);
while ($row = $db->sql_fetchrow($result))
{
$forums[$row['forum_id']] = (bool) $row['enable_indexing'];
}
$db->sql_freeresult($result);
$sql = 'SELECT post_id, post_subject, post_text, poster_id, forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id >= ' . (int) ($post_counter + 1) . '
AND post_id < ' . (int) ($post_counter + $this->batch_size);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
// Indexing enabled for this forum or global announcement?
// Global announcements get indexed by default.
if (!$row['forum_id'] || (isset($forums[$row['forum_id']]) && $forums[$row['forum_id']]))
// pass a reference to myself so the $search object can make use of save_state() and attributes
if ($error = $this->search->delete_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=delete", false)))
{
$this->search->index('post', $row['post_id'], $row['post_text'], $row['post_subject'], $row['poster_id'], $row['forum_id']);
$this->state = array('');
$this->save_state();
trigger_error($error . adm_back_link($this->u_action) . $this->close_popup_js(), E_USER_WARNING);
}
}
$db->sql_freeresult($result);
$post_counter += $this->batch_size;
// save the current state
$this->save_state();
if ($post_counter <= $this->max_post_id)
else
{
redirect($this->u_action . '&amp;action=create');
}
}
$this->search->tidy();
$this->state = array('');
$this->save_state();
while (still_on_time() && $post_counter <= $this->max_post_id)
{
$sql = 'SELECT post_id, poster_id, forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id >= ' . (int) ($post_counter + 1) . '
AND post_id < ' . (int) ($post_counter + $this->batch_size);
$result = $db->sql_query($sql);
trigger_error($user->lang['SEARCH_INDEX_CREATED'] . adm_back_link($this->u_action) . $this->close_popup_js());
$ids = $posters = $forum_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$ids[] = $row['post_id'];
$posters[] = $row['poster_id'];
$forum_ids[] = $row['forum_id'];
}
$db->sql_freeresult($result);
if (sizeof($ids))
{
$this->search->index_remove($ids, $posters, $forum_ids);
}
$post_counter += $this->batch_size;
// save the current state
$this->save_state();
}
if ($post_counter <= $this->max_post_id)
{
meta_refresh(1, $this->u_action . '&amp;action=delete&amp;skip_rows=' . $post_counter);
trigger_error(sprintf($user->lang['SEARCH_INDEX_DELETE_REDIRECT'], $post_counter));
}
}
$this->search->tidy();
$this->state = array('');
$this->save_state();
trigger_error($user->lang['SEARCH_INDEX_REMOVED'] . adm_back_link($this->u_action) . $this->close_popup_js());
break;
case 'create':
if (method_exists($this->search, 'create_index'))
{
// pass a reference to acp_search so the $search object can make use of save_state() and attributes
if ($error = $this->search->create_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=create", false)))
{
$this->state = array('');
$this->save_state();
trigger_error($error . adm_back_link($this->u_action) . $this->close_popup_js(), E_USER_WARNING);
}
}
else
{
$sql = 'SELECT forum_id, enable_indexing
FROM ' . FORUMS_TABLE;
$result = $db->sql_query($sql, 3600);
while ($row = $db->sql_fetchrow($result))
{
$forums[$row['forum_id']] = (bool) $row['enable_indexing'];
}
$db->sql_freeresult($result);
while (still_on_time() && $post_counter <= $this->max_post_id)
{
$sql = 'SELECT post_id, post_subject, post_text, poster_id, forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id >= ' . (int) ($post_counter + 1) . '
AND post_id < ' . (int) ($post_counter + $this->batch_size);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
// Indexing enabled for this forum or global announcement?
// Global announcements get indexed by default.
if (!$row['forum_id'] || (isset($forums[$row['forum_id']]) && $forums[$row['forum_id']]))
{
$this->search->index('post', $row['post_id'], $row['post_text'], $row['post_subject'], $row['poster_id'], $row['forum_id']);
}
}
$db->sql_freeresult($result);
$post_counter += $this->batch_size;
// save the current state
$this->save_state();
}
if ($post_counter <= $this->max_post_id)
{
meta_refresh(1, $this->u_action . '&amp;action=create&amp;skip_rows=' . $post_counter);
trigger_error(sprintf($user->lang['SEARCH_INDEX_CREATE_REDIRECT'], $post_counter));
}
}
$this->search->tidy();
$this->state = array('');
$this->save_state();
trigger_error($user->lang['SEARCH_INDEX_CREATED'] . adm_back_link($this->u_action) . $this->close_popup_js());
break;
}
}
@@ -469,14 +494,11 @@ class acp_search
function close_popup_js()
{
/**
* @todo remove Javascript
*/
return '<script type="text/javascript">
<!--
close_waitscreen = 1;
//-->
</script>';
return "<script type=\"text/javascript\">\n" .
"<!--\n" .
" close_waitscreen = 1;\n" .
"//-->\n" .
"</script>\n";
}
function get_search_types()

45
phpBB/includes/auth/auth_db.php
View File

@@ -103,19 +103,44 @@ function login_db(&$username, &$password)
$password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format;
$password_new_format = '';
set_var($password_new_format, $password_old_format, 'string');
set_var($password_new_format, stripslashes($password_old_format), 'string');
if ($password == $password_new_format && md5($password_old_format) == $row['user_password'])
if ($password == $password_new_format)
{
// Update the password in the users table to the new format and remove user_pass_convert flag
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_password = \'' . $db->sql_escape(md5($password_new_format)) . '\',
user_pass_convert = 0
WHERE user_id = ' . $row['user_id'];
$db->sql_query($sql);
if (!function_exists('utf8_to_cp1252'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx);
}
$row['user_pass_convert'] = 0;
$row['user_password'] = md5($password_new_format);
// cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding
if (md5($password_old_format) == $row['user_password'] || utf8_to_cp1252(md5($password_old_format)) == $row['user_password'])
{
// Update the password in the users table to the new format and remove user_pass_convert flag
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_password = \'' . $db->sql_escape(md5($password_new_format)) . '\',
user_pass_convert = 0
WHERE user_id = ' . $row['user_id'];
$db->sql_query($sql);
$row['user_pass_convert'] = 0;
$row['user_password'] = md5($password_new_format);
}
else if (preg_match('/[\x80-\xFF]/', $password_old_format))
{
// Although we weren't able to convert this password we have to
// increase login attempt count to make sure this cannot be exploited
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_login_attempts = user_login_attempts + 1
WHERE user_id = ' . $row['user_id'];
$db->sql_query($sql);
return array(
'status' => LOGIN_ERROR_PASSWORD_CONVERT,
'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT',
'user_row' => $row,
);
}
}
}

1
phpBB/includes/constants.php
View File

@@ -48,6 +48,7 @@ define('LOGIN_ERROR_PASSWORD', 11);
define('LOGIN_ERROR_ACTIVE', 12);
define('LOGIN_ERROR_ATTEMPTS', 13);
define('LOGIN_ERROR_EXTERNAL_AUTH', 14);
define('LOGIN_ERROR_PASSWORD_CONVERT', 15);
// Group settings
define('GROUP_OPEN', 0);

61
phpBB/includes/functions.php
View File

@@ -174,6 +174,41 @@ function unique_id($extra = 'c')
return substr($val, 4, 16);
}
/**
* Determine whether we are approaching the maximum execution time. Should be called once
* at the beginning of the script in which it's used.
* @return bool Either true if the maximum execution time is nearly reached, or false
* if some time is still left.
*/
function still_on_time()
{
static $max_execution_time, $start_time;
$time = explode(' ', microtime());
$current_time = $time[0] + $time[1];
if (empty($max_execution_time))
{
$max_execution_time = (function_exists('ini_get')) ? (int) ini_get('max_execution_time') : (int) get_cfg_var('max_execution_time');
// If zero, then set to something higher to not let the user catch the ten seconds barrier.
if ($max_execution_time === 0)
{
$max_execution_time = 65;
}
$max_execution_time = min(max(10, ($max_execution_time - 15)), 50);
// For debugging purposes
// $max_execution_time = 10;
global $starttime;
$start_time = (empty($starttime)) ? $current_time : $starttime;
}
return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
}
/**
* Generate sort selection fields
*/
@@ -1868,6 +1903,12 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
trigger_error('NO_AUTH_ADMIN_USER_DIFFER');
}
// do not allow empty password
if (!$password)
{
trigger_error('NO_PASSWORD_SUPPLIED');
}
// If authentication is successful we redirect user to previous page
$result = $auth->login($username, $password, $autologin, $viewonline, $admin);
@@ -1955,6 +1996,16 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
break;
case LOGIN_ERROR_PASSWORD_CONVERT:
$err = sprintf(
$user->lang[$result['error_msg']],
($config['email_enable']) ? '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') . '">' : '',
($config['email_enable']) ? '</a>' : '',
($config['board_contact']) ? '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">' : '',
($config['board_contact']) ? '</a>' : ''
);
break;
// Username, password, etc...
default:
$err = $user->lang[$result['error_msg']];
@@ -1964,6 +2015,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
{
$err = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>');
}
break;
}
}
@@ -2254,7 +2306,7 @@ function decode_message(&$message, $bbcode_uid = '')
$message = str_replace($match, $replace, $message);
$match = get_preg_expression('bbcode_htm');
$replace = array('\1', '\2', '\1', '', '');
$replace = array('\1', '\1', '\2', '\1', '', '');
$message = preg_replace($match, $replace, $message);
}
@@ -2272,7 +2324,7 @@ function strip_bbcode(&$text, $uid = '')
$text = preg_replace("#\[\/?[a-z0-9\*\+\-]+(?:=.*?)?(?::[a-z])?(\:?$uid)\]#", ' ', $text);
$match = get_preg_expression('bbcode_htm');
$replace = array('\1', '\2', '\1', '', '');
$replace = array('\1', '\1', '\2', '\1', '', '');
$text = preg_replace($match, $replace, $text);
}
@@ -2399,7 +2451,7 @@ function make_clickable($text, $server_url = false)
// relative urls for this board
$magic_url_match[] = '#(^|[\n\t (])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#ie';
$magic_url_replace[] = "'\$1<!-- l --><a href=\"\$2/' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '\">' . ((strlen('\$3')) ? preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') : '\$2/') . '</a><!-- l -->'";
$magic_url_replace[] = "'\$1<!-- l --><a href=\"' . append_sid('\$2/' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}$/', '', preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}&amp;/', '\\\\1', '\$3'))) . '\">' . ((strlen('\$3')) ? preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}$/', '', preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}&amp;/', '\\\\1', '\$3')) : '\$2/') . '</a><!-- l -->'";
// matches a xxxx://aaaaa.bbb.cccc. ...
$magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('url_inline') . ')#ie';
@@ -3027,7 +3079,8 @@ function get_preg_expression($mode)
case 'bbcode_htm':
return array(
'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
'#<!\-\- ([lmw]) \-\-><a href="(.*?)">.*?</a><!\-\- \1 \-\->#',
'#<!\-\- l \-\-><a href="(.*?)(?:(&amp;|\?)sid=[0-9a-f]{32})?">.*?</a><!\-\- l \-\->#',
'#<!\-\- ([mw]) \-\-><a href="(.*?)">.*?</a><!\-\- \1 \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#<!\-\- .*? \-\->#s',
'#<.*?>#s',

32
phpBB/includes/functions_convert.php
View File

@@ -17,38 +17,6 @@ define('DEFAULT_AVATAR_Y', 80);
// Global functions - all functions can be used by convertors
/**
* Determine whether we are approaching the maximum execution time
*/
function still_on_time()
{
static $max_execution_time, $start_time;
$time = explode(' ', microtime());
$current_time = $time[0] + $time[1];
if (empty($max_execution_time))
{
$max_execution_time = (function_exists('ini_get')) ? (int) ini_get('max_execution_time') : (int) get_cfg_var('max_execution_time');
// If zero, then set to something higher to not let the user catch the ten seconds barrier.
if ($max_execution_time === 0)
{
$max_execution_time = 65;
}
$max_execution_time = min(max(10, ($max_execution_time - 15)), 50);
// For debugging purposes
// $max_execution_time = 10;
global $starttime;
$start_time = (empty($starttime)) ? $current_time : $starttime;
}
return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
}
// SIMPLE FUNCTIONS
/**

8
phpBB/includes/message_parser.php
View File

@@ -366,9 +366,9 @@ class bbcode_firstpass extends bbcode
// Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
$htm_match = get_preg_expression('bbcode_htm');
// $htm_match[3] = '/&#([0-9]+);/';
unset($htm_match[3], $htm_match[4]);
unset($htm_match[4], $htm_match[5]);
$htm_replace = array('\1', '\2', '\1'); //, '&amp;#\1;');
$htm_replace = array('\1', '\1', '\2', '\1'); //, '&amp;#\1;');
$out = '';
@@ -848,7 +848,9 @@ class bbcode_firstpass extends bbcode
// Is this a link to somewhere inside this board? If so then remove the session id from the url
if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false)
{
$url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\1', $url);
$url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}&amp;/', '\1', $url);
$url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}$/', '', $url);
$url = append_sid($url);
}
return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']';

11
phpBB/includes/session.php
View File

@@ -168,14 +168,9 @@ class session
// check IPv4 first, the IPv6 is hopefully only going to be used very seldomly
if (!empty($ip) && !preg_match($ipv4, $ip) && !preg_match($ipv6, $ip))
{
if (!defined('DEBUG_EXTRA'))
{
trigger_error('Hacking attempt!');
}
else
{
trigger_error('Invalid HTTP_X_FORWARDED_FOR header detected: ' . htmlspecialchars($this->forwarded_for));
}
// contains invalid data, don't use the forwarded for header
$this->forwarded_for = '';
break;
}
}
}