[feature/request-class] Adjust code base to do html decoding manually

PHPBB3-9716
2025-05-05 15:16:16 +02:00 · 2011-08-18 23:38:39 +02:00 · 2011-08-18 23:38:39 +02:00 · c5cef773c4
commit c5cef773c4
parent fd08cd8dd0
10 changed files with 31 additions and 30 deletions
--- a/phpBB/includes/auth/auth_apache.php
+++ b/phpBB/includes/auth/auth_apache.php
@ -30,7 +30,7 @@ function init_apache()
 {
 	global $user, $request;

-	if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== $request->server('PHP_AUTH_USER'))
+	if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER')))
 	{
 		return $user->lang['APACHE_SETUP_BEFORE_USE'];
 	}
@ -72,8 +72,8 @@ function login_apache(&$username, &$password)
 		);
 	}

-	$php_auth_user = $request->server('PHP_AUTH_USER');
-	$php_auth_pw = $request->server('PHP_AUTH_PW');
+	$php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER'));
+	$php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW'));

 	if (!empty($php_auth_user) && !empty($php_auth_pw))
 	{
@ -143,8 +143,8 @@ function autologin_apache()
 		return array();
 	}

-	$php_auth_user = $request->server('PHP_AUTH_USER');
-	$php_auth_pw = $request->server('PHP_AUTH_PW');
+	$php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER'));
+	$php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW'));

 	if (!empty($php_auth_user) && !empty($php_auth_pw))
 	{
@ -233,7 +233,7 @@ function validate_session_apache(&$user)
 	// Check if PHP_AUTH_USER is set and handle this case
 	if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER))
 	{
-		$php_auth_user = $request->server('PHP_AUTH_USER', '', true);
+		$php_auth_user = $request->server('PHP_AUTH_USER');

 		return ($php_auth_user === $user['username']) ? true : false;
 	}
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -879,7 +879,8 @@ function phpbb_own_realpath($path)
 		{
 			// Warning: If chdir() has been used this will lie!
 			// Warning: This has some problems sometime (CLI can create them easily)
-			$path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($request->server('SCRIPT_FILENAME'))) . '/' . $path;
+			$filename = htmlspecialchars_decode($request->server('SCRIPT_FILENAME'));
+			$path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($filename)) . '/' . $path;
 			$absolute = true;
 			$path_prefix = '';
 		}
@ -4242,7 +4243,7 @@ function phpbb_http_login($param)
 	{
 		if ($request->is_set($k, phpbb_request_interface::SERVER))
 		{
-			$username = $request->server($k);
+			$username = htmlspecialchars_decode($request->server($k));
 			break;
 		}
 	}
@ -4252,7 +4253,7 @@ function phpbb_http_login($param)
 	{
 		if ($request->is_set($k, phpbb_request_interface::SERVER))
 		{
-			$password = $request->server($k);
+			$password = htmlspecialchars_decode($request->server($k));
 			break;
 		}
 	}
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@ -301,7 +301,7 @@ function download_allowed()
 		return true;
 	}

-	$url = trim($request->header('Referer'));
+	$url = htmlspecialchars_decode($request->header('Referer'));

 	if (!$url)
 	{
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@ -342,7 +342,7 @@ class messenger
 			$user->session_begin();
 		}

-		$calling_page = $request->server('PHP_SELF');
+		$calling_page = htmlspecialchars_decode($request->server('PHP_SELF'));

 		$message = '';
 		switch ($type)
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@ -152,11 +152,11 @@ class phpbb_questionnaire_system_data_provider

 		// Start discovering the IPV4 server address, if available
 		// Try apache, IIS, fall back to 0.0.0.0
-		$server_address = $request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0'));
+		$server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')));

 		return array(
 			'os'	=> PHP_OS,
-			'httpd'	=> $request->server('SERVER_SOFTWARE'),
+			'httpd'	=> htmlspecialchars_decode($request->server('SERVER_SOFTWARE')),
 			// we don't want the real IP address (for privacy policy reasons) but only
 			// a network address to see whether your installation is running on a private or public network.
 			'private_ip'	=> $this->is_private_ip($server_address),
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -46,13 +46,13 @@ class session
 		$page_array = array();

 		// First of all, get the request uri...
-		$script_name = $request->server('PHP_SELF');
-		$args = explode('&', $request->server('QUERY_STRING'));
+		$script_name = htmlspecialchars_decode($request->server('PHP_SELF'));
+		$args = explode('&', htmlspecialchars_decode($request->server('QUERY_STRING')));

 		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
 		if (!$script_name)
 		{
-			$script_name = $request->server('REQUEST_URI');
+			$script_name = htmlspecialchars_decode($request->server('REQUEST_URI'));
 			$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
 			$page_array['failover'] = 1;
 		}
@ -146,7 +146,7 @@ class session
 		global $config, $request;

 		// Get hostname
-		$host = $request->header('Host', $request->server('SERVER_NAME'));
+		$host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')));

 		// Should be a string and lowered
 		$host = (string) strtolower($host);
@ -214,9 +214,9 @@ class session
 		$this->time_now				= time();
 		$this->cookie_data			= array('u' => 0, 'k' => '');
 		$this->update_session_page	= $update_session_page;
-		$this->browser				= $request->header('User-Agent', '', true);
-		$this->referer				= $request->header('Referer', '', true);
-		$this->forwarded_for		= $request->header('X-Forwarded-For', '', true);
+		$this->browser				= $request->header('User-Agent');
+		$this->referer				= $request->header('Referer');
+		$this->forwarded_for		= $request->header('X-Forwarded-For');

 		$this->host					= $this->extract_current_hostname();
 		$this->page					= $this->extract_current_page($phpbb_root_path);
@ -270,7 +270,7 @@ class session

 		// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
 		// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.
-		$this->ip = $request->server('REMOTE_ADDR');
+		$this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));
 		$this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip));

 		// split the list of IPs
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@ -145,7 +145,7 @@ unset($dbpasswd);
 $user->ip = '';
 if ($request->server('REMOTE_ADDR'))
 {
-	$user->ip = (function_exists('phpbb_ip_normalise')) ? phpbb_ip_normalise($request->server('REMOTE_ADDR')) : $request->server('REMOTE_ADDR', '', true);
+	$user->ip = (function_exists('phpbb_ip_normalise')) ? phpbb_ip_normalise($request->server('REMOTE_ADDR')) : $request->server('REMOTE_ADDR');
 }

 $sql = "SELECT config_value
--- a/phpBB/install/index.php
+++ b/phpBB/install/index.php
@ -430,14 +430,14 @@ class module
 		global $request;

 		// HTTP_HOST is having the correct browser url in most cases...
-		$server_name = strtolower($request->header('Host', $request->server('SERVER_NAME')));
+		$server_name = strtolower(htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME'))));
 		$server_port = $request->server('SERVER_PORT', 0);
 		$secure = $request->is_secure() ? 1 : 0;

-		$script_name = $request->server('PHP_SELF');
+		$script_name = htmlspecialchars_decode($request->server('PHP_SELF'));
 		if (!$script_name)
 		{
-			$script_name = $request->server('REQUEST_URI');
+			$script_name = htmlspecialchars_decode($request->server('REQUEST_URI'));
 		}

 		// Replace backslashes and doubled slashes (could happen on some proxy setups)
--- a/phpBB/install/install_install.php
+++ b/phpBB/install/install_install.php
@ -1017,7 +1017,7 @@ class install_install extends module
 		$s_hidden_fields .= '<input type="hidden" name="language" value="' . $data['language'] . '" />';

 		// HTTP_HOST is having the correct browser url in most cases...
-		$server_name = strtolower($request->header('Host', $request->server('SERVER_NAME')));
+		$server_name = strtolower(htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME'))));

 		// HTTP HOST can carry a port number...
 		if (strpos($server_name, ':') !== false)
@ -1033,10 +1033,10 @@ class install_install extends module

 		if ($data['script_path'] === '')
 		{
-			$name = $request->server('PHP_SELF');
+			$name = htmlspecialchars_decode($request->server('PHP_SELF'));
 			if (!$name)
 			{
-				$name = $request->server('REQUEST_URI');
+				$name = htmlspecialchars_decode($request->server('REQUEST_URI'));
 			}

 			// Replace backslashes and doubled slashes (could happen on some proxy setups)
@ -1117,7 +1117,7 @@ class install_install extends module
 		}

 		// HTTP_HOST is having the correct browser url in most cases...
-		$server_name = strtolower($request->header('Host', $request->server('SERVER_NAME')));
+		$server_name = strtolower(htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME'))));
 		$referer = strtolower($request->header('Referer'));

 		// HTTP HOST can carry a port number...
--- a/phpBB/style.php
+++ b/phpBB/style.php
@ -152,7 +152,7 @@ if ($id)
 	if ($config['gzip_compress'])
 	{
 		// IE6 is not able to compress the style (do not ask us why!)
-		$browser = strtolower($request->header('User-Agent', '', true));
+		$browser = strtolower($request->header('User-Agent'));

 		if ($browser && strpos($browser, 'msie 6.0') === false && @extension_loaded('zlib') && !headers_sent())
 		{