Line 154 | Line 154 |
---|
return $this->web_root_path; }
|
return $this->web_root_path; }
|
| // We do not need to escape $path_info, $request_uri and $script_name because we can not find their content in the result.
|
// Path info (e.g. /foo/bar) $path_info = $this->filesystem->clean_path($this->symfony_request->getPathInfo());
| // Path info (e.g. /foo/bar) $path_info = $this->filesystem->clean_path($this->symfony_request->getPathInfo());
|
Line 203 | Line 204 |
---|
*/ if ($this->request->is_ajax() && $this->symfony_request->get('_referer')) {
|
*/ if ($this->request->is_ajax() && $this->symfony_request->get('_referer')) {
|
| // We need to escape $absolute_board_url because it can be partially concatenated to the result. $absolute_board_url = $this->request->escape($this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath(), true);
|
$referer_web_root_path = $this->get_web_root_path_from_ajax_referer( $this->symfony_request->get('_referer'),
|
$referer_web_root_path = $this->get_web_root_path_from_ajax_referer( $this->symfony_request->get('_referer'),
|
$this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath()
| $absolute_board_url
|
); return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path; }
| ); return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path; }
|
Line 278 | Line 282 |
---|
$referer_dir = dirname($referer_dir); }
|
$referer_dir = dirname($referer_dir); }
|
while (strpos($absolute_board_url, $referer_dir) !== 0)
| while (($dir_position = strpos($absolute_board_url, $referer_dir)) !== 0)
|
{ $fixed_root_path .= '../'; $referer_dir = dirname($referer_dir);
|
{ $fixed_root_path .= '../'; $referer_dir = dirname($referer_dir);
|
| // Just return phpbb_root_path if we reach the top directory if ($referer_dir === '.') { return $this->phpbb_root_path; }
|
}
$fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1);
| }
$fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1);
|
Line 444 | Line 454 |
---|
}
return $url_parts['base'] . (($params) ? '?' . $this->glue_url_params($params) : '');
|
}
return $url_parts['base'] . (($params) ? '?' . $this->glue_url_params($params) : '');
|
| }
/** * Get a valid page * * @param string $page The page to verify * @param bool $mod_rewrite Whether mod_rewrite is enabled, default: false * * @return string A valid page based on given page and mod_rewrite */ public function get_valid_page($page, $mod_rewrite = false) { // We need to be cautious here. // On some situations, the redirect path is an absolute URL, sometimes a relative path // For a relative path, let's prefix it with $phpbb_root_path to point to the correct location, // else we use the URL directly. $url_parts = parse_url($page);
// URL if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host'])) { // Remove 'app.php/' from the page, when rewrite is enabled. // Treat app.php as a reserved file name and remove on mod rewrite // even if it might not be in the phpBB root. if ($mod_rewrite && ($app_position = strpos($page, 'app.' . $this->php_ext . '/')) !== false) { $page = substr($page, 0, $app_position) . substr($page, $app_position + strlen('app.' . $this->php_ext . '/')); }
// Remove preceding slashes from page name and prepend root path $page = $this->get_phpbb_root_path() . ltrim($page, '/\\'); }
return $page;
|
} }
| } }
|