phpBB

Code Changes

File: phpbb/path_helper.php

  Unmodified   Added   Modified   Removed
Line 154Line 154
			return $this->web_root_path;
}


			return $this->web_root_path;
}


 
		// We do not need to escape $path_info, $request_uri and $script_name because we can not find their content in the result.

		// Path info (e.g. /foo/bar)
$path_info = $this->filesystem->clean_path($this->symfony_request->getPathInfo());


		// Path info (e.g. /foo/bar)
$path_info = $this->filesystem->clean_path($this->symfony_request->getPathInfo());


Line 203Line 204
		*/
if ($this->request->is_ajax() && $this->symfony_request->get('_referer'))
{

		*/
if ($this->request->is_ajax() && $this->symfony_request->get('_referer'))
{

 
			// We need to escape $absolute_board_url because it can be partially concatenated to the result.
$absolute_board_url = $this->request->escape($this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath(), true);


			$referer_web_root_path = $this->get_web_root_path_from_ajax_referer(
$this->symfony_request->get('_referer'),

			$referer_web_root_path = $this->get_web_root_path_from_ajax_referer(
$this->symfony_request->get('_referer'),

				$this->symfony_request->getSchemeAndHttpHost() . $this->symfony_request->getBasePath()

				$absolute_board_url

			);
return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path;
}

			);
return $this->web_root_path = $this->phpbb_root_path . $referer_web_root_path;
}

Line 278Line 282
			$referer_dir = dirname($referer_dir);
}


			$referer_dir = dirname($referer_dir);
}


		while (strpos($absolute_board_url, $referer_dir) !== 0)

		while (($dir_position = strpos($absolute_board_url, $referer_dir)) !== 0)

		{
$fixed_root_path .= '../';
$referer_dir = dirname($referer_dir);

		{
$fixed_root_path .= '../';
$referer_dir = dirname($referer_dir);

 

// Just return phpbb_root_path if we reach the top directory
if ($referer_dir === '.')
{
return $this->phpbb_root_path;
}

		}

$fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1);

		}

$fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1);

Line 444Line 454
		}

return $url_parts['base'] . (($params) ? '?' . $this->glue_url_params($params) : '');

		}

return $url_parts['base'] . (($params) ? '?' . $this->glue_url_params($params) : '');

 
	}

/**
* Get a valid page
*
* @param string $page The page to verify
* @param bool $mod_rewrite Whether mod_rewrite is enabled, default: false
*
* @return string A valid page based on given page and mod_rewrite
*/
public function get_valid_page($page, $mod_rewrite = false)
{
// We need to be cautious here.
// On some situations, the redirect path is an absolute URL, sometimes a relative path
// For a relative path, let's prefix it with $phpbb_root_path to point to the correct location,
// else we use the URL directly.
$url_parts = parse_url($page);

// URL
if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host']))
{
// Remove 'app.php/' from the page, when rewrite is enabled.
// Treat app.php as a reserved file name and remove on mod rewrite
// even if it might not be in the phpBB root.
if ($mod_rewrite && ($app_position = strpos($page, 'app.' . $this->php_ext . '/')) !== false)
{
$page = substr($page, 0, $app_position) . substr($page, $app_position + strlen('app.' . $this->php_ext . '/'));
}

// Remove preceding slashes from page name and prepend root path
$page = $this->get_phpbb_root_path() . ltrim($page, '/\\');
}

return $page;

	}
}


	}
}