From d69a7c620a08d1866a24033ef43646a4bbfc9925 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 23 Feb 2011 20:12:12 -0500 Subject: [PATCH 01/16] [ticket/10057] Report postgres db connection errors. Addresses two issues: 1. When pgsql extension is missing, @pg_connect would silently abort execution. Check for pg_connect existence before calling it, same with pg_pconnect. 2. When connection fails, the error reported by php is discarded. User is shown the failure message without the reason for failure, making debugging difficult. Collect the error (if any) via a temporarily installed error handler, and display it if connection failed. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 15 +++++++++++- phpBB/includes/functions.php | 44 ++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 4360c790a1..29e15143bc 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -81,13 +81,25 @@ class dbal_postgres extends dbal if ($this->persistency) { + if (!function_exists('pg_pconnect')) + { + return $this->sql_error('pg_pconnect does not exist'); + } + phpbb_start_error_collection(); $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW); } else { + if (!function_exists('pg_pconnect')) + { + return $this->sql_error('pg_connect does not exist'); + } + phpbb_start_error_collection(); $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW); } + $errors = phpbb_stop_error_collection(); + if ($this->db_connect_id) { if (version_compare($this->sql_server_info(true), '8.2', '>=')) @@ -102,7 +114,8 @@ class dbal_postgres extends dbal return $this->db_connect_id; } - return $this->sql_error(''); + $errors = phpbb_format_collected_errors($errors); + return $this->sql_error($errors); } /** diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 398a02380b..471d3476a0 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3928,6 +3928,50 @@ function msg_handler($errno, $msg_text, $errfile, $errline) return false; } +function phpbb_error_collection_handler($errno, $msg_text, $errfile, $errline) +{ + global $phpbb_collected_errors; + $phpbb_collected_errors[-1][] = array($errno, $msg_text, $errfile, $errline); +} + +function phpbb_start_error_collection() +{ + global $phpbb_collected_errors; + if (!isset($phpbb_collected_errors)) + { + $phpbb_collected_errors = array(); + } + $phpbb_collected_errors[] = array(); + set_error_handler('phpbb_error_collection_handler'); +} + +function phpbb_stop_error_collection() +{ + global $phpbb_collected_errors; + restore_error_handler(); + $errors = array_pop($phpbb_collected_errors); + return $errors; +} + +function phpbb_format_collected_errors($errors) +{ + $text = ''; + foreach ($errors as $error) + { + if (!empty($text)) + { + $text .= "
\n"; + } + list($errno, $msg_text, $errfile, $errline) = $error; + $text .= "Errno $errno: $msg_text"; + if (defined('DEBUG')) + { + $text .= " at $errfile line $errline"; + } + } + return $text; +} + /** * Queries the session table to get information about online guests * @param int $item_id Limits the search to the item with this id From fc5be6928fc2af13333569e766a289e5e3334233 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 23 Feb 2011 22:52:41 -0500 Subject: [PATCH 02/16] [ticket/10057] No negative array indexing. PHP manual does not say that negative array indices are allowed, so it's best to assume they are not guaranteed to work the way one would expect. PHPBB3-10057 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 471d3476a0..e0623c0869 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3931,7 +3931,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) function phpbb_error_collection_handler($errno, $msg_text, $errfile, $errline) { global $phpbb_collected_errors; - $phpbb_collected_errors[-1][] = array($errno, $msg_text, $errfile, $errline); + $phpbb_collected_errors[count($phpbb_collected_errors)-1][] = array($errno, $msg_text, $errfile, $errline); } function phpbb_start_error_collection() From a4100fe7094aaa5377065d2f25ca8d0fa2ff6bf8 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 23 Feb 2011 22:54:25 -0500 Subject: [PATCH 03/16] [ticket/10057] More informative error messages in postgres dbal. When pg_connect/pg_pconnect do not exist, mention that they come with pgsql extension. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 29e15143bc..c1dc7f7e2b 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -83,7 +83,7 @@ class dbal_postgres extends dbal { if (!function_exists('pg_pconnect')) { - return $this->sql_error('pg_pconnect does not exist'); + return $this->sql_error('pg_pconnect function does not exist, is pgsql extension installed?'); } phpbb_start_error_collection(); $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW); @@ -92,7 +92,7 @@ class dbal_postgres extends dbal { if (!function_exists('pg_pconnect')) { - return $this->sql_error('pg_connect does not exist'); + return $this->sql_error('pg_connect function does not exist, is pgsql extension installed?'); } phpbb_start_error_collection(); $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW); From 17693c2802c92297251f5cd94cc5452f5e54eb0b Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Wed, 2 Mar 2011 06:35:25 -0500 Subject: [PATCH 04/16] [ticket/10057] Use a class for error collection. Replaced error collection functions with a class for a cleaner implementation. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 10 +++-- phpBB/includes/functions.php | 70 +++++++++++++++++----------------- 2 files changed, 41 insertions(+), 39 deletions(-) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index c1dc7f7e2b..a8dc3dd8ee 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -85,7 +85,8 @@ class dbal_postgres extends dbal { return $this->sql_error('pg_pconnect function does not exist, is pgsql extension installed?'); } - phpbb_start_error_collection(); + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW); } else @@ -94,11 +95,12 @@ class dbal_postgres extends dbal { return $this->sql_error('pg_connect function does not exist, is pgsql extension installed?'); } - phpbb_start_error_collection(); + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW); } - $errors = phpbb_stop_error_collection(); + $collector->uninstall(); if ($this->db_connect_id) { @@ -114,7 +116,7 @@ class dbal_postgres extends dbal return $this->db_connect_id; } - $errors = phpbb_format_collected_errors($errors); + $errors = $collector->format_errors(); return $this->sql_error($errors); } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index e0623c0869..39a02034c4 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3928,48 +3928,48 @@ function msg_handler($errno, $msg_text, $errfile, $errline) return false; } -function phpbb_error_collection_handler($errno, $msg_text, $errfile, $errline) +class phpbb_error_collector { - global $phpbb_collected_errors; - $phpbb_collected_errors[count($phpbb_collected_errors)-1][] = array($errno, $msg_text, $errfile, $errline); -} + var $errors; -function phpbb_start_error_collection() -{ - global $phpbb_collected_errors; - if (!isset($phpbb_collected_errors)) + function phpbb_error_collector() { - $phpbb_collected_errors = array(); + $this->errors = array(); } - $phpbb_collected_errors[] = array(); - set_error_handler('phpbb_error_collection_handler'); -} -function phpbb_stop_error_collection() -{ - global $phpbb_collected_errors; - restore_error_handler(); - $errors = array_pop($phpbb_collected_errors); - return $errors; -} - -function phpbb_format_collected_errors($errors) -{ - $text = ''; - foreach ($errors as $error) + function install() { - if (!empty($text)) - { - $text .= "
\n"; - } - list($errno, $msg_text, $errfile, $errline) = $error; - $text .= "Errno $errno: $msg_text"; - if (defined('DEBUG')) - { - $text .= " at $errfile line $errline"; - } + set_error_handler(array(&$this, 'error_handler')); + } + + function uninstall() + { + restore_error_handler(); + } + + function error_handler($errno, $msg_text, $errfile, $errline) + { + $this->errors[] = array($errno, $msg_text, $errfile, $errline); + } + + function format_errors() + { + $text = ''; + foreach ($this->errors as $error) + { + if (!empty($text)) + { + $text .= "
\n"; + } + list($errno, $msg_text, $errfile, $errline) = $error; + $text .= "Errno $errno: $msg_text"; + if (defined('DEBUG')) + { + $text .= " at $errfile line $errline"; + } + } + return $text; } - return $text; } /** From 24834543eef54650d198e1eb2b3a851e1ce08227 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 20:14:06 -0500 Subject: [PATCH 05/16] [ticket/10057] Moved error collector class into its own file. This will make it autoloadable in 3.1. This commit breaks 3.0 since no code includes the error collector. Such include code will be in its own commit since it will need to be reverted in 3.1. PHPBB3-10057 --- phpBB/includes/error_collector.php | 45 ++++++++++++++++++++++++++++++ phpBB/includes/functions.php | 44 ----------------------------- 2 files changed, 45 insertions(+), 44 deletions(-) create mode 100644 phpBB/includes/error_collector.php diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php new file mode 100644 index 0000000000..8b4a7660e9 --- /dev/null +++ b/phpBB/includes/error_collector.php @@ -0,0 +1,45 @@ +errors = array(); + } + + function install() + { + set_error_handler(array(&$this, 'error_handler')); + } + + function uninstall() + { + restore_error_handler(); + } + + function error_handler($errno, $msg_text, $errfile, $errline) + { + $this->errors[] = array($errno, $msg_text, $errfile, $errline); + } + + function format_errors() + { + $text = ''; + foreach ($this->errors as $error) + { + if (!empty($text)) + { + $text .= "
\n"; + } + list($errno, $msg_text, $errfile, $errline) = $error; + $text .= "Errno $errno: $msg_text"; + if (defined('DEBUG')) + { + $text .= " at $errfile line $errline"; + } + } + return $text; + } +} diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 39a02034c4..398a02380b 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3928,50 +3928,6 @@ function msg_handler($errno, $msg_text, $errfile, $errline) return false; } -class phpbb_error_collector -{ - var $errors; - - function phpbb_error_collector() - { - $this->errors = array(); - } - - function install() - { - set_error_handler(array(&$this, 'error_handler')); - } - - function uninstall() - { - restore_error_handler(); - } - - function error_handler($errno, $msg_text, $errfile, $errline) - { - $this->errors[] = array($errno, $msg_text, $errfile, $errline); - } - - function format_errors() - { - $text = ''; - foreach ($this->errors as $error) - { - if (!empty($text)) - { - $text .= "
\n"; - } - list($errno, $msg_text, $errfile, $errline) = $error; - $text .= "Errno $errno: $msg_text"; - if (defined('DEBUG')) - { - $text .= " at $errfile line $errline"; - } - } - return $text; - } -} - /** * Queries the session table to get information about online guests * @param int $item_id Limits the search to the item with this id From 22004fa7d65b19e8bfe96a97042a614be1adf444 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 20:51:09 -0500 Subject: [PATCH 06/16] [ticket/10057] Include error collector class file in postgres dbal. This change is in its own commit because it will be reverted for 3.1. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index a8dc3dd8ee..d703f5b567 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -18,6 +18,11 @@ if (!defined('IN_PHPBB')) include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx); +if (!class_exists('phpbb_error_collector')) +{ + include($phpbb_root_path . 'includes/error_collector.' . $phpEx); +} + /** * PostgreSQL Database Abstraction Layer * Minimum Requirement is Version 7.3+ From af43ed655bf31ae4b9ef999e0a95eeae67724597 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 20:55:41 -0500 Subject: [PATCH 07/16] [ticket/10057] Split statements in firebird dbal for readability. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 6f60dd5dad..2f17b00b3f 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -53,9 +53,23 @@ class dbal_firebird extends dbal $use_database = $this->server . ':' . $this->dbname; } - $this->db_connect_id = ($this->persistency) ? @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3) : @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + if ($this->persistency) + { + $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3); + } + else + { + $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + } - $this->service_handle = (function_exists('ibase_service_attach') && $this->server) ? @ibase_service_attach($this->server, $this->user, $sqlpassword) : false; + if (function_exists('ibase_service_attach') && $this->server) + { + $this->service_handle = @ibase_service_attach($this->server, $this->user, $sqlpassword); + } + else + { + $thih->service_handle = false; + } return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error(''); } From 4d92f9bb2eea82a9af36401649c318623d39307f Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 21:03:24 -0500 Subject: [PATCH 08/16] [ticket/10057] Check for interbase function existence. Calling nonexistent functions with @ destroys the script with no feedback as to the cause of the error. Check whether interbase functions exist before calling them. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 2f17b00b3f..d1d88ffe42 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -55,10 +55,18 @@ class dbal_firebird extends dbal if ($this->persistency) { + if (!function_exists('ibase_pconnect')) + { + return $this->sql_error('ibase_pconnect function does not exist, is interbase extension installed?'); + } $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3); } else { + if (!function_exists('ibase_connect')) + { + return $this->sql_error('ibase_connect function does not exist, is interbase extension installed?'); + } $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); } From edc1deaa3afcadab82d404e705e162a9f3fa26c5 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 23:07:48 -0500 Subject: [PATCH 09/16] [ticket/10057] Skip ibase_service_attach if firebird connection failed. ibase_errmsg works for the most recent call. If the connection fails, any error message is clobbered by ibase_service_attach call. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index d1d88ffe42..660acb35db 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -70,7 +70,9 @@ class dbal_firebird extends dbal $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); } - if (function_exists('ibase_service_attach') && $this->server) + // Do not call ibase_service_attach if connection failed, + // otherwise error message from ibase_(p)connect call will be clobbered. + if ($this->db_connect_id && function_exists('ibase_service_attach') && $this->server) { $this->service_handle = @ibase_service_attach($this->server, $this->user, $sqlpassword); } From 98388b29212cf94c443e0b4f626508efc937715f Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Sun, 6 Mar 2011 23:17:01 -0500 Subject: [PATCH 10/16] [ticket/10057] Fixed wrong usage of sql_error in postgres dbal. pg_last_error does not work if no connection was ever established. Therefore we must keep track of connection errors in postgres dbal ourselves. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index d703f5b567..78b6a75750 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -31,6 +31,7 @@ if (!class_exists('phpbb_error_collector')) class dbal_postgres extends dbal { var $last_query_text = ''; + var $connect_error = ''; /** * Connect to server @@ -121,8 +122,8 @@ class dbal_postgres extends dbal return $this->db_connect_id; } - $errors = $collector->format_errors(); - return $this->sql_error($errors); + $this->connect_error = $collector->format_errors(); + return $this->sql_error(''); } /** @@ -391,8 +392,19 @@ class dbal_postgres extends dbal */ function _sql_error() { + // pg_last_error only works when there is an established connection. + // Connection errors have to be tracked by us manually. + if ($this->db_connect_id) + { + $message = @pg_last_error($this->db_connect_id); + } + else + { + $message = $this->connect_error; + } + return array( - 'message' => (!$this->db_connect_id) ? @pg_last_error() : @pg_last_error($this->db_connect_id), + 'message' => $message, 'code' => '' ); } From 40468a5adcd11628c123b54911919e533d2dbd28 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Mon, 7 Mar 2011 08:46:49 -0500 Subject: [PATCH 11/16] [ticket/10057] Condition file/line display on DEBUG_EXTRA or IN_INSTALL. PHPBB3-10057 --- phpBB/includes/error_collector.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php index 8b4a7660e9..6327a38649 100644 --- a/phpBB/includes/error_collector.php +++ b/phpBB/includes/error_collector.php @@ -35,7 +35,7 @@ class phpbb_error_collector } list($errno, $msg_text, $errfile, $errline) = $error; $text .= "Errno $errno: $msg_text"; - if (defined('DEBUG')) + if (defined('DEBUG_EXTRA') || defined('IN_INSTALL')) { $text .= " at $errfile line $errline"; } From e5aa2c9ac112156b56db9c4b1d8fc2b6f6f79265 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Mon, 7 Mar 2011 08:52:59 -0500 Subject: [PATCH 12/16] [ticket/10057] Fixed usage of sql_error again. PHPBB3-10057 --- phpBB/includes/db/postgres.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 78b6a75750..69f605fc47 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -89,7 +89,8 @@ class dbal_postgres extends dbal { if (!function_exists('pg_pconnect')) { - return $this->sql_error('pg_pconnect function does not exist, is pgsql extension installed?'); + $this->connect_error = 'pg_pconnect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); } $collector = new phpbb_error_collector; $collector->install(); @@ -99,7 +100,8 @@ class dbal_postgres extends dbal { if (!function_exists('pg_pconnect')) { - return $this->sql_error('pg_connect function does not exist, is pgsql extension installed?'); + $this->connect_error = 'pg_connect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); } $collector = new phpbb_error_collector; $collector->install(); From 7acbf98692dfe4b3bf1ca103a1fa90d7f51d3c1b Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Mon, 7 Mar 2011 09:04:01 -0500 Subject: [PATCH 13/16] [ticket/10057] Fixed wrong usage of sql_error again, in firebird. This necessitates adding connect_error property to firebird. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 660acb35db..fb820b4894 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -28,6 +28,7 @@ class dbal_firebird extends dbal var $last_query_text = ''; var $service_handle = false; var $affected_rows = 0; + var $connect_error = ''; /** * Connect to server @@ -57,7 +58,8 @@ class dbal_firebird extends dbal { if (!function_exists('ibase_pconnect')) { - return $this->sql_error('ibase_pconnect function does not exist, is interbase extension installed?'); + $this->connect_error = 'ibase_pconnect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); } $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3); } @@ -65,7 +67,8 @@ class dbal_firebird extends dbal { if (!function_exists('ibase_connect')) { - return $this->sql_error('ibase_connect function does not exist, is interbase extension installed?'); + $this->connect_error = 'ibase_connect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); } $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); } From 020d06cdaac13372feef615b8689ad2526733243 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Mon, 7 Mar 2011 09:09:40 -0500 Subject: [PATCH 14/16] [ticket/10057] Handle the case of missing interbase extension better. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index fb820b4894..6786edb964 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -498,8 +498,24 @@ class dbal_firebird extends dbal */ function _sql_error() { + // Need special handling here because ibase_errmsg returns + // connection errors, however if the interbase extension + // is not installed then ibase_errmsg does not exist and + // we cannot call it. + if (function_exists('ibase_errmsg')) + { + $msg = @ibase_errmsg(); + if (!$msg) + { + $msg = $this->connect_error; + } + } + else + { + $msg = $this->connect_error; + } return array( - 'message' => @ibase_errmsg(), + 'message' => $msg, 'code' => (@function_exists('ibase_errcode') ? @ibase_errcode() : '') ); } From 9a9b156a8ed5a8c0ad71d51c10ae7a32b24359f4 Mon Sep 17 00:00:00 2001 From: rxu Date: Mon, 7 Mar 2011 21:22:33 +0700 Subject: [PATCH 15/16] [ticket/10035] ACP template edit feature allows to read any files on webserver. ... and to upload/execute any script on it. Use preg_replace to filter filename PHPBB3-10035 --- phpBB/includes/acp/acp_styles.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 0f157ceff3..37cf8d1f72 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -716,7 +716,7 @@ parse_css_file = {PARSE_CSS_FILE} $save_changes = (isset($_POST['save'])) ? true : false; // make sure template_file path doesn't go upwards - $template_file = str_replace('..', '.', $template_file); + $template_file = preg_replace('#\.{2,}#', '.', $template_file); // Retrieve some information about the template $sql = 'SELECT template_storedb, template_path, template_name From 87e3560c30365d757280f6ef6f067c29c1f9c5f0 Mon Sep 17 00:00:00 2001 From: Oleg Pudeyev Date: Tue, 8 Mar 2011 19:48:56 -0500 Subject: [PATCH 16/16] [ticket/10057] Fixes for a bunch of small problems. PHPBB3-10057 --- phpBB/includes/db/firebird.php | 2 +- phpBB/includes/db/postgres.php | 2 +- phpBB/includes/error_collector.php | 16 ++++++++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 6786edb964..7e3f15ed1d 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -81,7 +81,7 @@ class dbal_firebird extends dbal } else { - $thih->service_handle = false; + $this->service_handle = false; } return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error(''); diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 69f605fc47..bb116e0763 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -98,7 +98,7 @@ class dbal_postgres extends dbal } else { - if (!function_exists('pg_pconnect')) + if (!function_exists('pg_connect')) { $this->connect_error = 'pg_connect function does not exist, is pgsql extension installed?'; return $this->sql_error(''); diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php index 6327a38649..55834f354c 100644 --- a/phpBB/includes/error_collector.php +++ b/phpBB/includes/error_collector.php @@ -1,4 +1,20 @@