phpBB

Code Changes

File: phpbb/session.php

  Unmodified   Added   Modified   Removed
Line 49Line 49
		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
if (!$script_name)
{

		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
if (!$script_name)
{

			$script_name = htmlspecialchars_decode($request->server('REQUEST_URI'));

			$script_name = html_entity_decode($request->server('REQUEST_URI'), ENT_COMPAT);

			$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
$page_array['failover'] = 1;
}

			$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
$page_array['failover'] = 1;
}

Line 83Line 83

// basenamed page name (for example: index.php)
$page_name = (substr($script_name, -1, 1) == '/') ? '' : basename($script_name);


// basenamed page name (for example: index.php)
$page_name = (substr($script_name, -1, 1) == '/') ? '' : basename($script_name);

		$page_name = urlencode(htmlspecialchars($page_name));

		$page_name = urlencode(htmlspecialchars($page_name, ENT_COMPAT));


$symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo());
if ($symfony_request_path !== '/')


$symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo());
if ($symfony_request_path !== '/')

Line 148Line 148
			'page_dir'			=> $page_dir,

'query_string' => $query_string,

			'page_dir'			=> $page_dir,

'query_string' => $query_string,

			'script_path'		=> str_replace(' ', '%20', htmlspecialchars($script_path)),
'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)),

			'script_path'		=> str_replace(' ', '%20', htmlspecialchars($script_path, ENT_COMPAT)),
'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path, ENT_COMPAT)),


'page' => $page,
'forum' => $forum_id,


'page' => $page,
'forum' => $forum_id,

Line 166Line 166
		global $config, $request;

// Get hostname

		global $config, $request;

// Get hostname

		$host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')));

		$host = html_entity_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT);


// Should be a string and lowered
$host = (string) strtolower($host);


// Should be a string and lowered
$host = (string) strtolower($host);

Line 289Line 289

// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.


// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.

		$ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));

		$ip = html_entity_decode($request->server('REMOTE_ADDR'), ENT_COMPAT);

		$ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip));

/**

		$ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip));

/**

Line 420Line 420
						// Else check the autologin length... and also removing those having autologin enabled but no longer allowed board-wide.
if (!$this->data['session_autologin'])
{

						// Else check the autologin length... and also removing those having autologin enabled but no longer allowed board-wide.
if (!$this->data['session_autologin'])
{

							if ($this->data['session_time'] < $this->time_now - ($config['session_length'] + 60))

							if ($this->data['session_time'] < $this->time_now - ((int) $config['session_length'] + 60))

							{
$session_expired = true;
}

							{
$session_expired = true;
}

Line 439Line 439

// Is user banned? Are they excluded? Won't return on ban, exists within method
$this->check_ban_for_current_session($config);


// Is user banned? Are they excluded? Won't return on ban, exists within method
$this->check_ban_for_current_session($config);

 

// Update user last active time accordingly, but in a minute or so
if ((int) $this->data['session_time'] - (int) $this->data['user_last_active'] > 60)
{
$this->update_last_active_time();
}


return true;
}


return true;
}

Line 455Line 461
								$s_ip,
$u_browser,
$s_browser,

								$s_ip,
$u_browser,
$s_browser,

								htmlspecialchars($u_forwarded_for),
htmlspecialchars($s_forwarded_for)

								htmlspecialchars($u_forwarded_for, ENT_COMPAT),
htmlspecialchars($s_forwarded_for, ENT_COMPAT)

							));
}
else

							));
}
else

Line 688Line 694
				if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page']))
{
// Update the last visit time

				if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page']))
{
// Update the last visit time

					$sql = 'UPDATE ' . USERS_TABLE . '
SET user_lastvisit = ' . (int) $this->data['session_time'] . '
WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);

					$this->update_user_lastvisit();




				}

$SID = '?sid=';

				}

$SID = '?sid=';

Line 815Line 818
				$this->data['user_form_salt'] = unique_id();
// Update the form key
$sql = 'UPDATE ' . USERS_TABLE . '

				$this->data['user_form_salt'] = unique_id();
// Update the form key
$sql = 'UPDATE ' . USERS_TABLE . '

					SET user_form_salt = \'' . $db->sql_escape($this->data['user_form_salt']) . '\'


					SET user_form_salt = \'' . $db->sql_escape($this->data['user_form_salt']) . '\',
user_last_active = ' . (int) $this->data['session_time'] . '

					WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);

					WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);

 
			}
else
{
$this->update_last_active_time();

			}
}
else
{
$this->data['session_time'] = $this->data['session_last_visit'] = $this->time_now;


			}
}
else
{
$this->data['session_time'] = $this->data['session_last_visit'] = $this->time_now;


			// Update the last visit time
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_lastvisit = ' . (int) $this->data['session_time'] . '
WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);

			$this->update_user_lastvisit();






$SID = '?sid=';
$_SID = '';


$SID = '?sid=';
$_SID = '';

Line 960Line 964
		}

/**

		}

/**

		 * Get expired sessions for registered users, only most recent for each user
* Inner SELECT gets most recent expired sessions for unique session_user_id

		 * Get most recent session for each registered user to sync user last visit with it
* Inner SELECT gets most recent sessions for each unique session_user_id

		 * Outer SELECT gets data for them
*/
$sql_select = 'SELECT s1.session_page, s1.session_user_id, s1.session_time AS recent_time

		 * Outer SELECT gets data for them
*/
$sql_select = 'SELECT s1.session_page, s1.session_user_id, s1.session_time AS recent_time

Line 969Line 973
			INNER JOIN (
SELECT session_user_id, MAX(session_time) AS recent_time
FROM ' . SESSIONS_TABLE . '

			INNER JOIN (
SELECT session_user_id, MAX(session_time) AS recent_time
FROM ' . SESSIONS_TABLE . '

				WHERE session_time < ' . ($this->time_now - (int) $config['session_length']) . '
AND session_user_id <> ' . ANONYMOUS . '

				WHERE session_user_id <> ' . ANONYMOUS . '


				GROUP BY session_user_id
) AS s2
ON s1.session_user_id = s2.session_user_id

				GROUP BY session_user_id
) AS s2
ON s1.session_user_id = s2.session_user_id

Line 1344Line 1347
				$this->check_ban($this->data['user_id'], $ips);
}
}

				$this->check_ban($this->data['user_id'], $ips);
}
}

 
	}

/**
* Check if ip is blacklisted by Spamhaus SBL
*
* Disables DNSBL setting if errors are returned by Spamhaus due to a policy violation.
* https://www.spamhaus.com/product/help-for-spamhaus-public-mirror-users/
*
* @param string $dnsbl the blacklist to check against
* @param string|false $ip the IPv4 address to check
*
* @return bool true if listed in spamhaus database, false if not
*/
function check_dnsbl_spamhaus($dnsbl, $ip = false)
{
global $config, $phpbb_log;

if ($ip === false)
{
$ip = $this->ip;
}

// Spamhaus does not support IPv6 addresses.
if (strpos($ip, ':') !== false)
{
return false;
}

if ($ip)
{
$quads = explode('.', $ip);
$reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];

$records = dns_get_record($reverse_ip . '.' . $dnsbl . '.', DNS_A);
if (empty($records))
{
return false;
}
else
{
$error = false;
foreach ($records as $record)
{
if ($record['ip'] == '127.255.255.254')
{
$error = 'LOG_SPAMHAUS_OPEN_RESOLVER';
break;
}
else if ($record['ip'] == '127.255.255.255')
{
$error = 'LOG_SPAMHAUS_VOLUME_LIMIT';
break;
}
}

if ($error !== false)
{
$config->set('check_dnsbl', 0);
$phpbb_log->add('critical', $this->data['user_id'], $ip, $error);
}
else
{
// The existence of a non-error A record means it's a hit
return true;
}
}
}

return false;
}

/**
* Checks if an IPv4 address is in a specified DNS blacklist
*
* Only checks if a record is returned or not.
*
* @param string $dnsbl the blacklist to check against
* @param string|false $ip the IPv4 address to check
*
* @return bool true if record is returned, false if not
*/
function check_dnsbl_ipv4_generic($dnsbl, $ip = false)
{
if ($ip === false)
{
$ip = $this->ip;
}

// This function does not support IPv6 addresses.
if (strpos($ip, ':') !== false)
{
return false;
}

$quads = explode('.', $ip);
$reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];

if (checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true)
{
return true;
}

return false;

	}

/**

	}

/**

Line 1372Line 1478
		}

$dnsbl_check = array(

		}

$dnsbl_check = array(

			'sbl.spamhaus.org'	=> 'http://www.spamhaus.org/query/bl?ip=',

			'sbl.spamhaus.org'	=> ['https://check.spamhaus.org/listed/?searchterm=', 'check_dnsbl_spamhaus'],

		);

if ($mode == 'register')
{

		);

if ($mode == 'register')
{

			$dnsbl_check['bl.spamcop.net'] = 'http://spamcop.net/bl.shtml?';

			$dnsbl_check['bl.spamcop.net'] = ['https://www.spamcop.net/bl.shtml?', 'check_dnsbl_ipv4_generic'];

		}

if ($ip)
{

		}

if ($ip)
{

			$quads = explode('.', $ip);
$reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];


 
			// Need to be listed on all servers...
$listed = true;
$info = array();

foreach ($dnsbl_check as $dnsbl => $lookup)
{

			// Need to be listed on all servers...
$listed = true;
$info = array();

foreach ($dnsbl_check as $dnsbl => $lookup)
{

				if (checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true)

				if (call_user_func(array($this, $lookup[1]), $dnsbl, $ip) === true)

				{

				{

					$info = array($dnsbl, $lookup . $ip);

					$info = array($dnsbl, $lookup[0] . $ip);

				}
else
{

				}
else
{

Line 1584Line 1687
			return true;
}


			return true;
}


		$host = htmlspecialchars($this->host);

		$host = htmlspecialchars($this->host, ENT_COMPAT);

		$ref = substr($this->referer, strpos($this->referer, '://') + 3);

if (!(stripos($ref, $host) === 0) && (!$config['force_server_vars'] || !(stripos($ref, $config['server_name']) === 0)))

		$ref = substr($this->referer, strpos($this->referer, '://') + 3);

if (!(stripos($ref, $host) === 0) && (!$config['force_server_vars'] || !(stripos($ref, $config['server_name']) === 0)))

Line 1660Line 1763
		}

// Do not update the session page for ajax requests, so the view online still works as intended

		}

// Do not update the session page for ajax requests, so the view online still works as intended

		$page_changed = $this->update_session_page && $this->data['session_page'] != $this->page['page'] && !$request->is_ajax();

		$page_changed = $this->update_session_page && (!isset($this->data['session_page']) || $this->data['session_page'] != $this->page['page'] || $this->data['session_forum_id'] != $this->page['forum']) && !$request->is_ajax();


// Only update session DB a minute or so after last update or if page changes
if ($this->time_now - (isset($this->data['session_time']) ? $this->data['session_time'] : 0) > 60 || $page_changed)


// Only update session DB a minute or so after last update or if page changes
if ($this->time_now - (isset($this->data['session_time']) ? $this->data['session_time'] : 0) > 60 || $page_changed)

Line 1696Line 1799
	public function id() : int
{
return isset($this->data['user_id']) ? (int) $this->data['user_id'] : ANONYMOUS;

	public function id() : int
{
return isset($this->data['user_id']) ? (int) $this->data['user_id'] : ANONYMOUS;

 
	}

/**
* Update user last visit time
*/
public function update_user_lastvisit()
{
global $db;

if (isset($this->data['session_time'], $this->data['user_id']))
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_lastvisit = ' . (int) $this->data['session_time'] . ',
user_last_active = ' . (int) $this->data['session_time'] . '
WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);
}
}

/**
* Update user's last active time
*
* @return void
*/
public function update_last_active_time()
{
global $db;

if (isset($this->data['session_time'], $this->data['user_id']))
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_last_active = ' . (int) $this->data['session_time'] . '
WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);
}

	}
}


	}
}