From c20f92ba1eb089222bfbe7d7acd5992682a9c936 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 19 Nov 2012 18:15:59 -0500 Subject: [PATCH 01/15] [ticket/11215] Correct paths when path info is used for controller access PHPBB3-11215 --- phpBB/app.php | 1 - phpBB/common.php | 3 ++ phpBB/includes/functions.php | 62 ++++++++++++++++++++++++++++-------- 3 files changed, 52 insertions(+), 14 deletions(-) diff --git a/phpBB/app.php b/phpBB/app.php index d93208d585..f1023ff1b5 100644 --- a/phpBB/app.php +++ b/phpBB/app.php @@ -24,7 +24,6 @@ $user->session_begin(); $auth->acl($user->data); $user->setup('app'); -$symfony_request = phpbb_create_symfony_request($request); $http_kernel = $phpbb_container->get('http_kernel'); $response = $http_kernel->handle($symfony_request); $response->send(); diff --git a/phpBB/common.php b/phpBB/common.php index f6f109c3de..236d456eec 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -109,6 +109,9 @@ $db = $phpbb_container->get('dbal.conn'); // make sure request_var uses this request instance request_var('', 0, false, false, $request); // "dependency injection" for a function +// Create a Symfony Request object from our phpbb_request object +$symfony_request = phpbb_create_symfony_request($request); + // Grab global variables, re-cache if necessary $config = $phpbb_container->get('config'); set_config(null, null, null, $config); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 6a1b3fd4f8..60181c488e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2413,6 +2413,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; global $phpbb_dispatcher; + global $request; if ($params === '' || (is_array($params) && empty($params))) { @@ -2420,6 +2421,12 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } + $corrected_root = phpbb_get_web_root_path(phpbb_create_symfony_request($request)); + if ($corrected_root) + { + $url = $corrected_root . substr($url, strlen($phpbb_root_path)); + } + $append_sid_overwrite = false; /** @@ -5209,7 +5216,11 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // Determine board url - we may need it later $board_url = generate_board_url() . '/'; - $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $phpbb_root_path; + // This path is sent with the base template paths in the assign_vars() + // call below. We need to correct it in case we are accessing from a + // controller because the web paths will be incorrect otherwise. + $corrected_path = phpbb_get_web_root_path(phpbb_create_symfony_request($request)); + $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; // Send a proper content-language to the output $user_lang = $user->lang['USER_LANG']; @@ -5685,6 +5696,16 @@ function phpbb_convert_30_dbms_to_31($dbms) */ function phpbb_create_symfony_request(phpbb_request $request) { + // If we have already gotten it, don't go back through all the trouble of + // creating it again; instead, just return it. This allows multiple calls + // of this method so we don't have to globalize $symfony_request in other + // functions. + static $symfony_request; + if (null !== $symfony_request) + { + return $symfony_request; + } + // This function is meant to sanitize the global input arrays $sanitizer = function(&$value, $key) { $type_cast_helper = new phpbb_request_type_cast_helper(); @@ -5704,21 +5725,36 @@ function phpbb_create_symfony_request(phpbb_request $request) array_walk_recursive($get_parameters, $sanitizer); array_walk_recursive($post_parameters, $sanitizer); - // Until we fix the issue with relative paths, we have to fake path info - // to allow urls like app.php?controller=foo/bar - $controller = $request->variable('controller', ''); - $path_info = '/' . $controller; - $request_uri = $server_parameters['REQUEST_URI']; + $symfony_request = new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); + return $symfony_request; +} - // Remove the query string from REQUEST_URI - if ($pos = strpos($request_uri, '?')) +/** +* Get a relative root path from the current URL +* +* @param Request $symfony_request Symfony Request object +*/ +function phpbb_get_web_root_path(Request $symfony_request) +{ + static $path; + if (null !== $path) { - $request_uri = substr($request_uri, 0, $pos); + return $path; } - // Add the path info (i.e. controller route) to the REQUEST_URI - $server_parameters['REQUEST_URI'] = $request_uri . $path_info; - $server_parameters['SCRIPT_NAME'] = ''; + $path_info = $symfony_request->getPathInfo(); + if ($path_info == '/') + { + return ''; + } - return new Request($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); + $corrections = substr_count($symfony_request->getPathInfo(), '/'); + + $path = ''; + for ($i = 0; $i < $corrections; $i++) + { + $path .= '../'; + } + + return $path; } From 0f522ddf5fb6e7d268f9d9cf428b8e3985f374ea Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 19 Nov 2012 19:36:07 -0500 Subject: [PATCH 02/15] [ticket/11215] A few minor optimizations for phpbb_get_web_root_path() PHPBB3-11215 --- phpBB/includes/functions.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 60181c488e..213f178694 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5745,16 +5745,12 @@ function phpbb_get_web_root_path(Request $symfony_request) $path_info = $symfony_request->getPathInfo(); if ($path_info == '/') { - return ''; + $path = ''; + return $path; } - $corrections = substr_count($symfony_request->getPathInfo(), '/'); - - $path = ''; - for ($i = 0; $i < $corrections; $i++) - { - $path .= '../'; - } + $corrections = substr_count($path_info, '/'); + $path = str_repeat('../', $corrections); return $path; } From b9c290b5480a958eabeef66d5e9af799f77e4566 Mon Sep 17 00:00:00 2001 From: David King Date: Tue, 20 Nov 2012 16:13:29 -0500 Subject: [PATCH 03/15] [ticket/11215] Correct for different URL but same path info When Symfony Request calculates path info, both of the following URLs give "/" as the path info: ./app.php and ./app.php/ This commit ensures that the proper correction is made. PHPBB3-11215 --- phpBB/includes/functions.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 213f178694..331eaf742e 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5743,7 +5743,16 @@ function phpbb_get_web_root_path(Request $symfony_request) } $path_info = $symfony_request->getPathInfo(); - if ($path_info == '/') + + // When no path is given (i.e. REQUEST_URI = "./app.php") path info from + // the Symfony Request object is "/". However, that is the same as when + // the REQUEST_URI is "./app.php/". So we want to correct the path when + // we have a trailing slash in the REQUEST_URI, but not when we don't. + $request_uri = $symfony_request->server->get('REQUEST_URI'); + $trailing_slash = substr($request_uri, -1) === '/'; + + // If pathinfo is / and we do not have a trailing slash in the REQUEST_URI + if (!$trailing_slash && '/' === $path_info) { $path = ''; return $path; From 3a87a6b7007c015cf722b7a4e49f2880ba38f533 Mon Sep 17 00:00:00 2001 From: David King Date: Thu, 11 Jul 2013 20:46:18 -0400 Subject: [PATCH 04/15] [ticket/11215] use global PHPBB3-11215 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 331eaf742e..420a13c200 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2413,7 +2413,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; global $phpbb_dispatcher; - global $request; + global $symfony_request; if ($params === '' || (is_array($params) && empty($params))) { @@ -2421,7 +2421,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } - $corrected_root = phpbb_get_web_root_path(phpbb_create_symfony_request($request)); + $corrected_root = phpbb_get_web_root_path($symfony_request); if ($corrected_root) { $url = $corrected_root . substr($url, strlen($phpbb_root_path)); From 068d35065278bf52e85fcc96b629d25712f19c26 Mon Sep 17 00:00:00 2001 From: David King Date: Fri, 12 Jul 2013 00:03:06 -0400 Subject: [PATCH 05/15] [ticket/11215] Don't try to correct paths during tests PHPBB3-11215 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 420a13c200..40583dee54 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2421,7 +2421,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } - $corrected_root = phpbb_get_web_root_path($symfony_request); + $corrected_root = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : ''; if ($corrected_root) { $url = $corrected_root . substr($url, strlen($phpbb_root_path)); From fab7f5fdfd2fd8ec50dae52dfde80a706015dd74 Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 13 Jul 2013 11:43:38 -0400 Subject: [PATCH 06/15] [ticket/11215] Don't try to use when it isn't there PHPBB3-112515 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 40583dee54..f637ab2232 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5059,7 +5059,7 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum') { global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; - global $phpbb_dispatcher, $request, $phpbb_container; + global $phpbb_dispatcher, $request, $phpbb_container, $symfony_request; if (defined('HEADER_INC')) { @@ -5219,7 +5219,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. - $corrected_path = phpbb_get_web_root_path(phpbb_create_symfony_request($request)); + $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : ''; $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; // Send a proper content-language to the output From ffee476047a996c1a138bd0050826a7a45c01a94 Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 31 Aug 2013 14:31:50 -0700 Subject: [PATCH 07/15] [ticket/11215] Everything appears to be working... PHPBB3-11215 --- phpBB/includes/functions.php | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 428dcfec4a..d85606944f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2413,7 +2413,7 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) { global $_SID, $_EXTRA_URL, $phpbb_hook; global $phpbb_dispatcher; - global $symfony_request; + global $symfony_request, $phpbb_root_path; if ($params === '' || (is_array($params) && empty($params))) { @@ -2421,10 +2421,10 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) $params = false; } - $corrected_root = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : ''; - if ($corrected_root) + $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request, $phpbb_root_path) : ''; + if ($corrected_path) { - $url = $corrected_root . substr($url, strlen($phpbb_root_path)); + $url = substr($corrected_path . $url, strlen($phpbb_root_path)); } $append_sid_overwrite = false; @@ -5218,7 +5218,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // This path is sent with the base template paths in the assign_vars() // call below. We need to correct it in case we are accessing from a // controller because the web paths will be incorrect otherwise. - $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request) : ''; + $corrected_path = $symfony_request !== null ? phpbb_get_web_root_path($symfony_request, $phpbb_root_path) : ''; $web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path; // Send a proper content-language to the output @@ -5731,7 +5731,7 @@ function phpbb_create_symfony_request(phpbb_request $request) * * @param Request $symfony_request Symfony Request object */ -function phpbb_get_web_root_path(Request $symfony_request) +function phpbb_get_web_root_path(Request $symfony_request, $phpbb_root_path = '') { static $path; if (null !== $path) @@ -5740,23 +5740,13 @@ function phpbb_get_web_root_path(Request $symfony_request) } $path_info = $symfony_request->getPathInfo(); - - // When no path is given (i.e. REQUEST_URI = "./app.php") path info from - // the Symfony Request object is "/". However, that is the same as when - // the REQUEST_URI is "./app.php/". So we want to correct the path when - // we have a trailing slash in the REQUEST_URI, but not when we don't. - $request_uri = $symfony_request->server->get('REQUEST_URI'); - $trailing_slash = substr($request_uri, -1) === '/'; - - // If pathinfo is / and we do not have a trailing slash in the REQUEST_URI - if (!$trailing_slash && '/' === $path_info) + if ($path_info === '/') { - $path = ''; + $path = $phpbb_root_path; return $path; } $corrections = substr_count($path_info, '/'); - $path = str_repeat('../', $corrections); - + $path = $phpbb_root_path . str_repeat('../', $corrections); return $path; } From 73859da481aa2be6b02e5b7f2825938aed82e858 Mon Sep 17 00:00:00 2001 From: David King Date: Sat, 31 Aug 2013 14:51:28 -0700 Subject: [PATCH 08/15] [ticket/11215] Use new URL structure for controllers In tests, the old app.php?controller=foo structure was used. Instead it should be app.php/foo. PHPBB3-11215 --- tests/functional/extension_controller_test.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php index 7d29f0000c..dc6d9c0f65 100644 --- a/tests/functional/extension_controller_test.php +++ b/tests/functional/extension_controller_test.php @@ -52,7 +52,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c public function test_foo_bar() { $this->phpbb_extension_manager->enable('foo/bar'); - $crawler = self::request('GET', 'app.php?controller=foo/bar', array(), false); + $crawler = self::request('GET', 'app.php/foo/bar', array(), false); self::assert_response_status_code(); $this->assertContains("foo/bar controller handle() method", $crawler->filter('body')->text()); $this->phpbb_extension_manager->purge('foo/bar'); @@ -64,7 +64,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c public function test_controller_with_template() { $this->phpbb_extension_manager->enable('foo/bar'); - $crawler = self::request('GET', 'app.php?controller=foo/template'); + $crawler = self::request('GET', 'app.php/foo/template'); $this->assertContains("I am a variable", $crawler->filter('#content')->text()); $this->phpbb_extension_manager->purge('foo/bar'); } @@ -76,7 +76,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c public function test_missing_argument() { $this->phpbb_extension_manager->enable('foo/bar'); - $crawler = self::request('GET', 'app.php?controller=foo/baz', array(), false); + $crawler = self::request('GET', 'app.php/foo/baz', array(), false); $this->assert_response_html(500); $this->assertContains('Missing value for argument #1: test in class phpbb_ext_foo_bar_controller:baz', $crawler->filter('body')->text()); $this->phpbb_extension_manager->purge('foo/bar'); @@ -88,7 +88,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c public function test_exception_should_result_in_500_status_code() { $this->phpbb_extension_manager->enable('foo/bar'); - $crawler = self::request('GET', 'app.php?controller=foo/exception', array(), false); + $crawler = self::request('GET', 'app.php/foo/exception', array(), false); $this->assert_response_html(500); $this->assertContains('Exception thrown from foo/exception route', $crawler->filter('body')->text()); $this->phpbb_extension_manager->purge('foo/bar'); @@ -105,7 +105,7 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c */ public function test_error_ext_disabled_or_404() { - $crawler = self::request('GET', 'app.php?controller=does/not/exist', array(), false); + $crawler = self::request('GET', 'app.php/does/not/exist', array(), false); $this->assert_response_html(404); $this->assertContains('No route found for "GET /does/not/exist"', $crawler->filter('body')->text()); } From 9d48ee446b10e492b83448c3778b48729839b788 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 09:43:41 -0700 Subject: [PATCH 09/15] [ticket/11215] Add commented-out URL rewrite capability to .htaccess PHPBB3-11215 --- phpBB/.htaccess | 30 ++++++++++++++++++++++++++---- phpBB/includes/functions.php | 8 ++++++++ 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/phpBB/.htaccess b/phpBB/.htaccess index 474f9774c2..df17b17d7d 100644 --- a/phpBB/.htaccess +++ b/phpBB/.htaccess @@ -1,12 +1,34 @@ + +# +# Uncomment the following line if you will be using any of the URL +# rewriting below. +# +#RewriteEngine on + # # Uncomment the statement below if you want to make use of # HTTP authentication and it does not already work. # This could be required if you are for example using PHP via Apache CGI. # -# -#RewriteEngine on #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] -# + +# +# Uncomment the following 3 lines if you want to rewrite URLs passed through +# the front controller to not use app.php in the actual URL. In other words, +# a controller is by default accessed at /app.php/my/controller, but will then +# be accessible at either /app.php/my/controller or just /my/controller +# +#RewriteCond %{REQUEST_FILENAME} !-f +#RewriteCond %{REQUEST_FILENAME} !-d +#RewriteRule ^(.*)$ app.php [QSA,L] + +# +# If symbolic links are not already being followed, +# uncomment the line below. +# http://anothersysadmin.wordpress.com/2008/06/10/mod_rewrite-forbidden-403-with-apache-228/ +# +#Options +FollowSymLinks + Order Allow,Deny @@ -16,4 +38,4 @@ Deny from All Order Allow,Deny Deny from All - + \ No newline at end of file diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index d85606944f..4d2d704a43 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5747,6 +5747,14 @@ function phpbb_get_web_root_path(Request $symfony_request, $phpbb_root_path = '' } $corrections = substr_count($path_info, '/'); + + // When URL Rewriting is enabled, app.php is optional. We have to + // correct for it not being there + if (strpos($symfony_request->getRequestUri(), $symfony_request->getScriptName()) === false) + { + $corrections -= 1; + } + $path = $phpbb_root_path . str_repeat('../', $corrections); return $path; } From 913e5a1f2e847c922f8b48e2c069ba204a976e51 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 10:51:46 -0700 Subject: [PATCH 10/15] [ticket/11215] Make controller helper url() method use correct format PHPBB3-11215 --- phpBB/config/services.yml | 1 + phpBB/phpbb/controller/helper.php | 33 ++++++++++++++++--------------- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index d0753322da..2808e81337 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -90,6 +90,7 @@ services: arguments: - @template - @user + - @request - %core.root_path% - %core.php_ext% diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php index 74410ddfd1..a14354973e 100644 --- a/phpBB/phpbb/controller/helper.php +++ b/phpBB/phpbb/controller/helper.php @@ -35,6 +35,12 @@ class phpbb_controller_helper */ protected $user; + /** + * Request object + * @var phpbb_request + */ + protected $request; + /** * phpBB root path * @var string @@ -55,10 +61,11 @@ class phpbb_controller_helper * @param string $phpbb_root_path phpBB root path * @param string $php_ext PHP extension */ - public function __construct(phpbb_template $template, phpbb_user $user, $phpbb_root_path, $php_ext) + public function __construct(phpbb_template $template, phpbb_user $user, phpbb_request $request, $phpbb_root_path, $php_ext) { $this->template = $template; $this->user = $user; + $this->request = $request; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; } @@ -102,22 +109,16 @@ class phpbb_controller_helper $route = substr($route, 0, $route_delim); } - if (is_array($params) && !empty($params)) - { - $params = array_merge(array( - 'controller' => $route, - ), $params); - } - else if (is_string($params) && $params) - { - $params = 'controller=' . $route . (($is_amp) ? '&' : '&') . $params; - } - else - { - $params = array('controller' => $route); - } + $request_uri = $this->request->variable('REQUEST_URI', '', false, phpbb_request::SERVER); + $script_name = $this->request->variable('SCRIPT_NAME', '', false, phpbb_request::SERVER); - return append_sid($this->phpbb_root_path . 'app.' . $this->php_ext . $route_params, $params, $is_amp, $session_id); + // If the app.php file is being used (no rewrite) keep it in the URL. + // Otherwise, don't include it. + $route_prefix = $this->phpbb_root_path; + $parts = explode('/', $script_name); + $route_prefix .= strpos($request_uri, $script_name) === 0 ? array_pop($parts) . '/' : ''; + + return append_sid($route_prefix . "$route" . $route_params, $params, $is_amp, $session_id); } /** From 1e64095e17ca43273864aa400efed5c7e1fc0ceb Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 11:49:36 -0700 Subject: [PATCH 11/15] [ticket/11215] Uncomment rewrite rules in .htaccess Because we check to see if the rewrite module is available we don't have to comment the rewrite lines PHPBB3-11215 --- phpBB/.htaccess | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/.htaccess b/phpBB/.htaccess index df17b17d7d..aaaae0545d 100644 --- a/phpBB/.htaccess +++ b/phpBB/.htaccess @@ -3,7 +3,7 @@ # Uncomment the following line if you will be using any of the URL # rewriting below. # -#RewriteEngine on +RewriteEngine on # # Uncomment the statement below if you want to make use of @@ -18,9 +18,9 @@ # a controller is by default accessed at /app.php/my/controller, but will then # be accessible at either /app.php/my/controller or just /my/controller # -#RewriteCond %{REQUEST_FILENAME} !-f -#RewriteCond %{REQUEST_FILENAME} !-d -#RewriteRule ^(.*)$ app.php [QSA,L] +RewriteCond %{REQUEST_FILENAME} !-f +RewriteCond %{REQUEST_FILENAME} !-d +RewriteRule ^(.*)$ app.php [QSA,L] # # If symbolic links are not already being followed, From 5c50dc721d0f1d7fbfedcbbd573d23751a0504f5 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 11:51:52 -0700 Subject: [PATCH 12/15] [ticket/11215] Update comment in .htaccess PHPBB3-11215 --- phpBB/.htaccess | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/.htaccess b/phpBB/.htaccess index aaaae0545d..a2695ae892 100644 --- a/phpBB/.htaccess +++ b/phpBB/.htaccess @@ -13,10 +13,10 @@ RewriteEngine on #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] # -# Uncomment the following 3 lines if you want to rewrite URLs passed through -# the front controller to not use app.php in the actual URL. In other words, -# a controller is by default accessed at /app.php/my/controller, but will then -# be accessible at either /app.php/my/controller or just /my/controller +# The following 3 lines will rewrite URLs passed through the front controller +# to not require app.php in the actual URL. In other words, a controller is +# by default accessed at /app.php/my/controller, but can also be accessible +# at /my/controller # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d From 5ed5f43afea226c421a84c21e486c9f7008c8d49 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 11:53:52 -0700 Subject: [PATCH 13/15] [ticket/11215] Add newline back to .htaccess, fix wording PHPBB3-11215 --- phpBB/.htaccess | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/phpBB/.htaccess b/phpBB/.htaccess index a2695ae892..80654cf729 100644 --- a/phpBB/.htaccess +++ b/phpBB/.htaccess @@ -15,8 +15,8 @@ RewriteEngine on # # The following 3 lines will rewrite URLs passed through the front controller # to not require app.php in the actual URL. In other words, a controller is -# by default accessed at /app.php/my/controller, but can also be accessible -# at /my/controller +# by default accessed at /app.php/my/controller, but can also be accessed at +# /my/controller # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d @@ -38,4 +38,4 @@ Deny from All Order Allow,Deny Deny from All - \ No newline at end of file + From a1b4c6f82a01591a121d47d32c57b93870aa946a Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 12:53:37 -0700 Subject: [PATCH 14/15] [ticket/11215] Fix helper_url_test.php tests PHPBB3-11215 --- phpBB/phpbb/controller/helper.php | 2 +- tests/controller/helper_url_test.php | 32 +++++++++++++++------------- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/phpBB/phpbb/controller/helper.php b/phpBB/phpbb/controller/helper.php index a14354973e..4d240f9380 100644 --- a/phpBB/phpbb/controller/helper.php +++ b/phpBB/phpbb/controller/helper.php @@ -61,7 +61,7 @@ class phpbb_controller_helper * @param string $phpbb_root_path phpBB root path * @param string $php_ext PHP extension */ - public function __construct(phpbb_template $template, phpbb_user $user, phpbb_request $request, $phpbb_root_path, $php_ext) + public function __construct(phpbb_template $template, phpbb_user $user, phpbb_request_interface $request, $phpbb_root_path, $php_ext) { $this->template = $template; $this->user = $user; diff --git a/tests/controller/helper_url_test.php b/tests/controller/helper_url_test.php index fc7d02e9cf..49635332a7 100644 --- a/tests/controller/helper_url_test.php +++ b/tests/controller/helper_url_test.php @@ -15,28 +15,28 @@ class phpbb_controller_helper_url_test extends phpbb_test_case public function helper_url_data() { return array( - array('foo/bar?t=1&f=2', false, true, false, 'app.php?t=1&f=2&controller=foo/bar', 'parameters in url-argument'), - array('foo/bar', 't=1&f=2', true, false, 'app.php?controller=foo/bar&t=1&f=2', 'parameters in params-argument using amp'), - array('foo/bar', 't=1&f=2', false, false, 'app.php?controller=foo/bar&t=1&f=2', 'parameters in params-argument using &'), - array('foo/bar', array('t' => 1, 'f' => 2), true, false, 'app.php?controller=foo/bar&t=1&f=2', 'parameters in params-argument as array'), + array('foo/bar?t=1&f=2', false, true, false, 'foo/bar?t=1&f=2', 'parameters in url-argument'), + array('foo/bar', 't=1&f=2', true, false, 'foo/bar?t=1&f=2', 'parameters in params-argument using amp'), + array('foo/bar', 't=1&f=2', false, false, 'foo/bar?t=1&f=2', 'parameters in params-argument using &'), + array('foo/bar', array('t' => 1, 'f' => 2), true, false, 'foo/bar?t=1&f=2', 'parameters in params-argument as array'), // Custom sid parameter - array('foo/bar', 't=1&f=2', true, 'custom-sid', 'app.php?controller=foo/bar&t=1&f=2&sid=custom-sid', 'using session_id'), + array('foo/bar', 't=1&f=2', true, 'custom-sid', 'foo/bar?t=1&f=2&sid=custom-sid', 'using session_id'), // Testing anchors - array('foo/bar?t=1&f=2#anchor', false, true, false, 'app.php?t=1&f=2&controller=foo/bar#anchor', 'anchor in url-argument'), - array('foo/bar', 't=1&f=2#anchor', true, false, 'app.php?controller=foo/bar&t=1&f=2#anchor', 'anchor in params-argument'), - array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, false, 'app.php?controller=foo/bar&t=1&f=2#anchor', 'anchor in params-argument (array)'), + array('foo/bar?t=1&f=2#anchor', false, true, false, 'foo/bar?t=1&f=2#anchor', 'anchor in url-argument'), + array('foo/bar', 't=1&f=2#anchor', true, false, 'foo/bar?t=1&f=2#anchor', 'anchor in params-argument'), + array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, false, 'foo/bar?t=1&f=2#anchor', 'anchor in params-argument (array)'), // Anchors and custom sid - array('foo/bar?t=1&f=2#anchor', false, true, 'custom-sid', 'app.php?t=1&f=2&controller=foo/bar&sid=custom-sid#anchor', 'anchor in url-argument using session_id'), - array('foo/bar', 't=1&f=2#anchor', true, 'custom-sid', 'app.php?controller=foo/bar&t=1&f=2&sid=custom-sid#anchor', 'anchor in params-argument using session_id'), - array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, 'custom-sid', 'app.php?controller=foo/bar&t=1&f=2&sid=custom-sid#anchor', 'anchor in params-argument (array) using session_id'), + array('foo/bar?t=1&f=2#anchor', false, true, 'custom-sid', 'foo/bar?t=1&f=2&sid=custom-sid#anchor', 'anchor in url-argument using session_id'), + array('foo/bar', 't=1&f=2#anchor', true, 'custom-sid', 'foo/bar?t=1&f=2&sid=custom-sid#anchor', 'anchor in params-argument using session_id'), + array('foo/bar', array('t' => 1, 'f' => 2, '#' => 'anchor'), true, 'custom-sid', 'foo/bar?t=1&f=2&sid=custom-sid#anchor', 'anchor in params-argument (array) using session_id'), // Empty parameters should not append the & - array('foo/bar', false, true, false, 'app.php?controller=foo/bar', 'no params using bool false'), - array('foo/bar', '', true, false, 'app.php?controller=foo/bar', 'no params using empty string'), - array('foo/bar', array(), true, false, 'app.php?controller=foo/bar', 'no params using empty array'), + array('foo/bar', false, true, false, 'foo/bar', 'no params using bool false'), + array('foo/bar', '', true, false, 'foo/bar', 'no params using empty string'), + array('foo/bar', array(), true, false, 'foo/bar', 'no params using empty array'), ); } @@ -51,7 +51,9 @@ class phpbb_controller_helper_url_test extends phpbb_test_case $this->user = $this->getMock('phpbb_user'); $this->template = new phpbb_template_twig($phpbb_root_path, $phpEx, $config, $this->user, new phpbb_template_context()); - $helper = new phpbb_controller_helper($this->template, $this->user, '', 'php'); + + $request = new phpbb_mock_request($_GET, $_POST, $_COOKIE, $_SERVER, false, $_FILES); + $helper = new phpbb_controller_helper($this->template, $this->user, $request, '', 'php'); $this->assertEquals($helper->url($route, $params, $is_amp, $session_id), $expected); } } From 918ffc10e173bed411a27ba627aa01f1b1c4fa51 Mon Sep 17 00:00:00 2001 From: David King Date: Mon, 2 Sep 2013 15:34:14 -0700 Subject: [PATCH 15/15] [ticket/11215] Remove unnecessary comment PHPBB3-11215 --- phpBB/.htaccess | 4 ---- 1 file changed, 4 deletions(-) diff --git a/phpBB/.htaccess b/phpBB/.htaccess index 80654cf729..6f33916775 100644 --- a/phpBB/.htaccess +++ b/phpBB/.htaccess @@ -1,8 +1,4 @@ -# -# Uncomment the following line if you will be using any of the URL -# rewriting below. -# RewriteEngine on #