From aaa98248d6801a85d0be060d0d359b1b96b72e76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20Calvo?= Date: Mon, 30 Jul 2018 13:58:52 +0200 Subject: [PATCH 1/2] [ticket/15738] Remove code related with safe_mode PHPBB3-15738 --- phpBB/adm/index.php | 1 - phpBB/includes/functions_posting.php | 6 ------ phpBB/language/en/acp/board.php | 2 +- phpBB/phpbb/files/filespec.php | 2 +- tests/upload/filespec_test.php | 4 ++-- 5 files changed, 4 insertions(+), 11 deletions(-) diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index d27f56f28b..c648fdf100 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -49,7 +49,6 @@ if (!$auth->acl_get('a_')) define('IN_ADMIN', true); // Some oft used variables -$safe_mode = (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) === 'on') ? true : false; $file_uploads = (@ini_get('file_uploads') == '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false; $module_id = $request->variable('i', ''); $mode = $request->variable('mode', ''); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index e6f328f102..9dd9d1fc30 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -605,12 +605,6 @@ function create_thumbnail($source, $destination, $mimetype) imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height); } - // If we are in safe mode create the destination file prior to using the gd functions to circumvent a PHP bug - if (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') - { - @touch($destination); - } - switch ($type['format']) { case IMG_GIF: diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 76982be098..eaa9640014 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -437,7 +437,7 @@ $lang = array_merge($lang, array( 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', - 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username. Apache authentication can only be used with mod_php (not with a CGI version) and safe_mode disabled.', + 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username. Apache authentication can only be used with mod_php (not with a CGI version).', 'LDAP' => 'LDAP', 'LDAP_DN' => 'LDAP base dn', diff --git a/phpBB/phpbb/files/filespec.php b/phpBB/phpbb/files/filespec.php index 6847bca4cb..1e6771a3a4 100644 --- a/phpBB/phpbb/files/filespec.php +++ b/phpBB/phpbb/files/filespec.php @@ -420,7 +420,7 @@ class filespec return false; } - $upload_mode = ($this->php_ini->getBool('open_basedir') || $this->php_ini->getBool('safe_mode')) ? 'move' : 'copy'; + $upload_mode = ($this->php_ini->getBool('open_basedir')) ? 'move' : 'copy'; $upload_mode = ($this->local) ? 'local' : $upload_mode; $this->destination_file = $this->destination_path . '/' . utf8_basename($this->realname); diff --git a/tests/upload/filespec_test.php b/tests/upload/filespec_test.php index 18b6deed1f..29f6a017b2 100644 --- a/tests/upload/filespec_test.php +++ b/tests/upload/filespec_test.php @@ -420,7 +420,7 @@ class phpbb_filespec_test extends phpbb_test_case /** * @dataProvider data_move_file_copy */ - public function test_move_file_copy($tmp_name, $move_success, $safe_mode_on, $expected_error) + public function test_move_file_copy($tmp_name, $move_success, $open_basedir_on, $expected_error) { // Initialise a blank filespec object for use with trivial methods $upload_ary = array( @@ -436,7 +436,7 @@ class phpbb_filespec_test extends phpbb_test_case $php_ini->expects($this->any()) ->method('getBool') ->with($this->anything()) - ->willReturn($safe_mode_on); + ->willReturn($open_basedir_on); $upload = new phpbb_mock_fileupload(); $upload->max_filesize = self::UPLOAD_MAX_FILESIZE; $filespec = new \phpbb\files\filespec($this->filesystem, $this->language, $php_ini, new \FastImageSize\FastImagesize, '', $this->mimetype_guesser); From 6742f3e6bf20a969cf1e4f36e739974625b207ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20Calvo?= Date: Thu, 2 Aug 2018 16:18:48 +0200 Subject: [PATCH 2/2] [ticket/15738] Remove deprecated variables from questionnaire PHPBB3-15738 --- phpBB/includes/questionnaire/questionnaire.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index ee6d0ee2a6..5a541155db 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -110,7 +110,6 @@ class phpbb_questionnaire_php_data_provider 'version' => PHP_VERSION, 'sapi' => PHP_SAPI, 'int_size' => defined('PHP_INT_SIZE') ? PHP_INT_SIZE : '', - 'safe_mode' => (int) @ini_get('safe_mode'), 'open_basedir' => (int) @ini_get('open_basedir'), 'memory_limit' => @ini_get('memory_limit'), 'allow_url_fopen' => (int) @ini_get('allow_url_fopen'), @@ -121,8 +120,6 @@ class phpbb_questionnaire_php_data_provider 'disable_functions' => @ini_get('disable_functions'), 'disable_classes' => @ini_get('disable_classes'), 'enable_dl' => (int) @ini_get('enable_dl'), - 'magic_quotes_gpc' => (int) @ini_get('magic_quotes_gpc'), - 'register_globals' => (int) @ini_get('register_globals'), 'filter.default' => @ini_get('filter.default'), 'zend.ze1_compatibility_mode' => (int) @ini_get('zend.ze1_compatibility_mode'), 'unicode.semantics' => (int) @ini_get('unicode.semantics'),