makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/12009] Do not allow incorrectly structured extensions to be installed.

Browse source 
PHPBB3-12009
This commit is contained in:
Cesar G 2013-12-11 21:07:21 -08:00
parent d5742d7ec1
commit 4d65727acc
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
phpBB/phpbb/extension/manager.php
View file

@ -411,9 +411,24 @@ class manager
if ($file_info->isFile() && $file_info->getFilename() == 'ext.' . $this->php_ext) if ($file_info->isFile() && $file_info->getFilename() == 'ext.' . $this->php_ext)
{ {
$ext_name = $iterator->getInnerIterator()->getSubPath(); $ext_name = $iterator->getInnerIterator()->getSubPath();
$composer_file = $iterator->getPath() . '/composer.json';
// Ignore the extension if there is no composer.json.
if (!is_readable($composer_file) || !($ext_info = file_get_contents($composer_file)))
{
continue;
}
$ext_info = json_decode($ext_info, true);
$ext_name = str_replace(DIRECTORY_SEPARATOR, '/', $ext_name); $ext_name = str_replace(DIRECTORY_SEPARATOR, '/', $ext_name);
// Ignore the extension if directory depth is not correct or if the directory structure
// does not match the name value specified in composer.json.
if (substr_count($ext_name, '/') !== 1 || !isset($ext_info['name']) || $ext_name != $ext_info['name'])
{
continue;
}
$available[$ext_name] = $this->phpbb_root_path . 'ext/' . $ext_name . '/'; $available[$ext_name] = $this->phpbb_root_path . 'ext/' . $ext_name . '/';
} }
} }