mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merge PR #993 branch 'bantu/ticket/8713' into develop

Browse Source 
* bantu/ticket/8713:
  [ticket/8713] Update untrimmed_variable() doc block.
  [ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users.
  [ticket/8713] Trim password in auth_db to keep compatibility.
  [ticket/8713] Call htmlspecialchars_decode() on transfer (e.g. ftp) passwords.
  [ticket/8713] Rename untrimed_variable() to untrimmed_variable().
  [ticket/8713] DRY: variable() and untrimed_variable() into a protected method.
  [ticket/8713] Fix type_cast_helper.php doc blocks: Add punctuation etc.
  [ticket/8713] Always trim array keys.
  [ticket/8713] Add simple (non-nested) test case for untrimmed set_var().
  [ticket/8713] Use \t in double quotes instead of tabs.
  [ticket/8713] Use correct parameter for nested data.
  [ticket/8713] Adjust test method name to other recursive_set_var() tests.
  [ticket/8713] Do not trim login inputs
This commit is contained in:
Oleg Pudeyev
2012-10-10 00:03:13 -04:00
parent 74e41e79d1 238fab3bb9
commit cc5923ea43
10 changed files with 176 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
phpBB/includes/acp/acp_language.php
View File

@@ -100,11 +100,25 @@ class acp_language
switch ($method)
{
case 'ftp':
$transfer = new ftp(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
$transfer = new ftp(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
break;
case 'ftp_fsock':
$transfer = new ftp_fsock(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
$transfer = new ftp_fsock(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
break;
default:
@@ -404,7 +418,14 @@ class acp_language
trigger_error($user->lang['INVALID_UPLOAD_METHOD'], E_USER_ERROR);
}
$transfer = new $method(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', ''));
$transfer = new $method(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
if (($result = $transfer->open_session()) !== true)
{

6
phpBB/includes/acp/acp_users.php
View File

@@ -32,7 +32,7 @@ class acp_users
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
global $phpbb_dispatcher;
global $phpbb_dispatcher, $request;
$user->add_lang(array('posting', 'ucp', 'acp/users'));
$this->tpl_name = 'acp_users';
@@ -770,8 +770,8 @@ class acp_users
'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
'email' => strtolower(request_var('user_email', $user_row['user_email'])),
'new_password' => request_var('new_password', '', true),
'password_confirm' => request_var('password_confirm', '', true),
'new_password' => $request->variable('new_password', '', true),
'password_confirm' => $request->variable('password_confirm', '', true),
);
// Validation data - we do not check the password complexity setting here