mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-09 17:15:19 +02:00
Code Issues Releases Wiki Activity

Merge PR #993 branch 'bantu/ticket/8713' into develop

Browse Source 
* bantu/ticket/8713:
  [ticket/8713] Update untrimmed_variable() doc block.
  [ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users.
  [ticket/8713] Trim password in auth_db to keep compatibility.
  [ticket/8713] Call htmlspecialchars_decode() on transfer (e.g. ftp) passwords.
  [ticket/8713] Rename untrimed_variable() to untrimmed_variable().
  [ticket/8713] DRY: variable() and untrimed_variable() into a protected method.
  [ticket/8713] Fix type_cast_helper.php doc blocks: Add punctuation etc.
  [ticket/8713] Always trim array keys.
  [ticket/8713] Add simple (non-nested) test case for untrimmed set_var().
  [ticket/8713] Use \t in double quotes instead of tabs.
  [ticket/8713] Use correct parameter for nested data.
  [ticket/8713] Adjust test method name to other recursive_set_var() tests.
  [ticket/8713] Do not trim login inputs
This commit is contained in:
Oleg Pudeyev 2012-10-10 00:03:13 -04:00
commit cc5923ea43
10 changed files with 176 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
phpBB/includes/acp/acp_language.php
View File

@ -100,11 +100,25 @@ class acp_language
switch ($method) switch ($method)
{ {
case 'ftp': case 'ftp':
$transfer = new ftp(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); $transfer = new ftp(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
break; break;
case 'ftp_fsock': case 'ftp_fsock':
$transfer = new ftp_fsock(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); $transfer = new ftp_fsock(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
break; break;
default: default:
@ -404,7 +418,14 @@ class acp_language
trigger_error($user->lang['INVALID_UPLOAD_METHOD'], E_USER_ERROR); trigger_error($user->lang['INVALID_UPLOAD_METHOD'], E_USER_ERROR);
} }
$transfer = new $method(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); $transfer = new $method(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
if (($result = $transfer->open_session()) !== true) if (($result = $transfer->open_session()) !== true)
{ {

6
phpBB/includes/acp/acp_users.php
View File

@ -32,7 +32,7 @@ class acp_users
{ {
global $config, $db, $user, $auth, $template, $cache; global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
global $phpbb_dispatcher; global $phpbb_dispatcher, $request;
$user->add_lang(array('posting', 'ucp', 'acp/users')); $user->add_lang(array('posting', 'ucp', 'acp/users'));
$this->tpl_name = 'acp_users'; $this->tpl_name = 'acp_users';
@ -770,8 +770,8 @@ class acp_users
'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)), 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0), 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
'email' => strtolower(request_var('user_email', $user_row['user_email'])), 'email' => strtolower(request_var('user_email', $user_row['user_email'])),
'new_password' => request_var('new_password', '', true), 'new_password' => $request->variable('new_password', '', true),
'password_confirm' => request_var('password_confirm', '', true), 'password_confirm' => $request->variable('password_confirm', '', true),
); );
// Validation data - we do not check the password complexity setting here // Validation data - we do not check the password complexity setting here

4
phpBB/includes/auth/auth_db.php
View File

@ -41,6 +41,10 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
global $db, $config; global $db, $config;
global $request; global $request;
// Auth plugins get the password untrimmed.
// For compatibility we trim() here.
$password = trim($password);
// do not allow empty password // do not allow empty password
if (!$password) if (!$password)
{ {

4
phpBB/includes/functions.php
View File

@ -3044,11 +3044,11 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
trigger_error('NO_AUTH_ADMIN'); trigger_error('NO_AUTH_ADMIN');
} }
$password = request_var('password_' . $credential, '', true); $password = $request->untrimmed_variable('password_' . $credential, '', true);
} }
else else
{ {
$password = request_var('password', '', true); $password = $request->untrimmed_variable('password', '', true);
} }
$username = request_var('username', '', true); $username = request_var('username', '', true);

125
phpBB/includes/request/request.php
View File

@ -200,46 +200,31 @@ class phpbb_request implements phpbb_request_interface
*/ */
public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST) public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST)
{ {
$path = false; return $this->_variable($var_name, $default, $multibyte, $super_global, true);
}
// deep direct access to multi dimensional arrays /**
if (is_array($var_name)) * Get a variable, but without trimming strings.
{ * Same functionality as variable(), except does not run trim() on strings.
$path = $var_name; * This method should be used when handling passwords.
// make sure at least the variable name is specified *
if (empty($path)) * @param string|array $var_name The form variable's name from which data shall be retrieved.
{ * If the value is an array this may be an array of indizes which will give
return (is_array($default)) ? array() : $default; * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
} * then specifying array("var", 1) as the name will return "a".
// the variable name is the first element on the path * @param mixed $default A default value that is returned if the variable was not set.
$var_name = array_shift($path); * This function will always return a value of the same type as the default.
} * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
if (!isset($this->input[$super_global][$var_name])) * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global
{ * Specifies which super global should be used
return (is_array($default)) ? array() : $default; *
} * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
$var = $this->input[$super_global][$var_name]; * the same as that of $default. If the variable is not set $default is returned.
*/
if ($path) public function untrimmed_variable($var_name, $default, $multibyte, $super_global = phpbb_request_interface::REQUEST)
{ {
// walk through the array structure and find the element we are looking for return $this->_variable($var_name, $default, $multibyte, $super_global, false);
foreach ($path as $key)
{
if (is_array($var) && isset($var[$key]))
{
$var = $var[$key];
}
else
{
return (is_array($default)) ? array() : $default;
}
}
}
$this->type_cast_helper->recursive_set_var($var, $default, $multibyte);
return $var;
} }
/** /**
@ -351,4 +336,66 @@ class phpbb_request implements phpbb_request_interface
return array_keys($this->input[$super_global]); return array_keys($this->input[$super_global]);
} }
/**
* Helper function used by variable() and untrimmed_variable().
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
* @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
* @param bool $trim Indicates whether trim() should be applied to string values.
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
protected function _variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST, $trim = true)
{
$path = false;
// deep direct access to multi dimensional arrays
if (is_array($var_name))
{
$path = $var_name;
// make sure at least the variable name is specified
if (empty($path))
{
return (is_array($default)) ? array() : $default;
}
// the variable name is the first element on the path
$var_name = array_shift($path);
}
if (!isset($this->input[$super_global][$var_name]))
{
return (is_array($default)) ? array() : $default;
}
$var = $this->input[$super_global][$var_name];
if ($path)
{
// walk through the array structure and find the element we are looking for
foreach ($path as $key)
{
if (is_array($var) && isset($var[$key]))
{
$var = $var[$key];
}
else
{
return (is_array($default)) ? array() : $default;
}
}
}
$this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim);
return $var;
}
} }

22
phpBB/includes/request/type_cast_helper.php
View File

@ -93,15 +93,23 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i
* @param mixed $type The variable type. Will be used with {@link settype()} * @param mixed $type The variable type. Will be used with {@link settype()}
* @param bool $multibyte Indicates whether string values may contain UTF-8 characters. * @param bool $multibyte Indicates whether string values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
* @param bool $trim Indicates whether trim() should be applied to string values.
* Default is true.
*/ */
public function set_var(&$result, $var, $type, $multibyte = false) public function set_var(&$result, $var, $type, $multibyte = false, $trim = true)
{ {
settype($var, $type); settype($var, $type);
$result = $var; $result = $var;
if ($type == 'string') if ($type == 'string')
{ {
$result = trim(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result)); $result = str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result);
if ($trim)
{
$result = trim($result);
}
$result = htmlspecialchars($result, ENT_COMPAT, 'UTF-8'); $result = htmlspecialchars($result, ENT_COMPAT, 'UTF-8');
if ($multibyte) if ($multibyte)
@ -141,8 +149,10 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i
* @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters. * @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to * Default is false, causing all bytes outside the ASCII range (0-127) to
* be replaced with question marks. * be replaced with question marks.
* @param bool $trim Indicates whether trim() should be applied to string values.
* Default is true.
*/ */
public function recursive_set_var(&$var, $default, $multibyte) public function recursive_set_var(&$var, $default, $multibyte, $trim = true)
{ {
if (is_array($var) !== is_array($default)) if (is_array($var) !== is_array($default))
{ {
@ -153,7 +163,7 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i
if (!is_array($default)) if (!is_array($default))
{ {
$type = gettype($default); $type = gettype($default);
$this->set_var($var, $var, $type, $multibyte); $this->set_var($var, $var, $type, $multibyte, $trim);
} }
else else
{ {
@ -174,9 +184,9 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i
foreach ($_var as $k => $v) foreach ($_var as $k => $v)
{ {
$this->set_var($k, $k, $key_type, $multibyte, $multibyte); $this->set_var($k, $k, $key_type, $multibyte);
$this->recursive_set_var($v, $default_value, $multibyte); $this->recursive_set_var($v, $default_value, $multibyte, $trim);
$var[$k] = $v; $var[$k] = $v;
} }
} }

6
phpBB/includes/ucp/ucp_profile.php
View File

@ -46,9 +46,9 @@ class ucp_profile
$data = array( $data = array(
'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)),
'email' => strtolower(request_var('email', $user->data['user_email'])), 'email' => strtolower(request_var('email', $user->data['user_email'])),
'new_password' => request_var('new_password', '', true), 'new_password' => $request->variable('new_password', '', true),
'cur_password' => request_var('cur_password', '', true), 'cur_password' => $request->variable('cur_password', '', true),
'password_confirm' => request_var('password_confirm', '', true), 'password_confirm' => $request->variable('password_confirm', '', true),
); );
add_form_key('ucp_reg_details'); add_form_key('ucp_reg_details');

4
phpBB/includes/ucp/ucp_register.php
View File

@ -170,8 +170,8 @@ class ucp_register
$data = array( $data = array(
'username' => utf8_normalize_nfc(request_var('username', '', true)), 'username' => utf8_normalize_nfc(request_var('username', '', true)),
'new_password' => request_var('new_password', '', true), 'new_password' => $request->variable('new_password', '', true),
'password_confirm' => request_var('password_confirm', '', true), 'password_confirm' => $request->variable('password_confirm', '', true),
'email' => strtolower(request_var('email', '')), 'email' => strtolower(request_var('email', '')),
'lang' => basename(request_var('lang', $user->lang_name)), 'lang' => basename(request_var('lang', $user->lang_name)),
'tz' => request_var('tz', $timezone), 'tz' => request_var('tz', $timezone),

18
phpBB/install/install_update.php
View File

@ -862,7 +862,14 @@ class install_update extends module
$test_connection = false; $test_connection = false;
if ($test_ftp_connection || $submit) if ($test_ftp_connection || $submit)
{ {
$transfer = new $method(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); $transfer = new $method(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
$test_connection = $transfer->open_session(); $test_connection = $transfer->open_session();
// Make sure that the directory is correct by checking for the existence of common.php // Make sure that the directory is correct by checking for the existence of common.php
@ -948,7 +955,14 @@ class install_update extends module
} }
else else
{ {
$transfer = new $method(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); $transfer = new $method(
request_var('host', ''),
request_var('username', ''),
htmlspecialchars_decode($request->untrimmed_variable('password', '')),
request_var('root_path', ''),
request_var('port', ''),
request_var('timeout', '')
);
$transfer->open_session(); $transfer->open_session();
} }

20
tests/request/type_cast_helper_test.php
View File

@ -48,4 +48,24 @@ class phpbb_type_cast_helper_test extends phpbb_test_case
$this->assertEquals($expected, $data); $this->assertEquals($expected, $data);
} }
public function test_simple_untrimmed_recursive_set_var()
{
$data = " eviL<3\t\t";
$expected = " eviL&lt;3\t\t";
$this->type_cast_helper->recursive_set_var($data, '', true, false);
$this->assertEquals($expected, $data);
}
public function test_nested_untrimmed_recursive_set_var()
{
$data = array(" eviL<3\t\t");
$expected = array(" eviL&lt;3\t\t");
$this->type_cast_helper->recursive_set_var($data, array(0 => ''), true, false);
$this->assertEquals($expected, $data);
}
} }