mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-12 06:18:52 +00:00
Merge remote-tracking branch 'github-asperous/ticket/9975' into develop
* github-asperous/ticket/9975: [ticket/9975] Moved a few E_USER_ERROR errors to /language Conflicts: phpBB/includes/user.php
This commit is contained in:
Nils Adermann
commit
b8c2bf6ce4
7 changed files with 12 additions and 8 deletions
|
|
@ -270,7 +270,7 @@ class phpbb_recaptcha extends phpbb_default_captcha
|
||||||
$response = '';
|
$response = '';
|
||||||
if (false == ($fs = @fsockopen($host, $port, $errno, $errstr, 10)))
|
if (false == ($fs = @fsockopen($host, $port, $errno, $errstr, 10)))
|
||||||
{
|
{
|
||||||
trigger_error('Could not open socket', E_USER_ERROR);
|
trigger_error('RECAPTCHA_SOCKET_ERROR', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
fwrite($fs, $http_request);
|
fwrite($fs, $http_request);
|
||||||
|
|
|
||||||
|
|
@ -2733,7 +2733,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
|
||||||
// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
|
// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
|
||||||
if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false)
|
if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false)
|
||||||
{
|
{
|
||||||
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
|
trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Now, also check the protocol and for a valid url the last time...
|
// Now, also check the protocol and for a valid url the last time...
|
||||||
|
|
@ -2742,7 +2742,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
|
||||||
|
|
||||||
if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
|
if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
|
||||||
{
|
{
|
||||||
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
|
trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($return)
|
if ($return)
|
||||||
|
|
@ -4184,7 +4184,7 @@ function phpbb_checkdnsrr($host, $type = 'MX')
|
||||||
// Handler, header and footer
|
// Handler, header and footer
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Error and message handler, call with trigger_error if reqd
|
* Error and message handler, call with trigger_error if read
|
||||||
*/
|
*/
|
||||||
function msg_handler($errno, $msg_text, $errfile, $errline)
|
function msg_handler($errno, $msg_text, $errfile, $errline)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -46,4 +46,5 @@ $lang = array_merge($lang, array(
|
||||||
'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.',
|
'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.',
|
||||||
|
|
||||||
'RECAPTCHA_EXPLAIN' => 'In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.',
|
'RECAPTCHA_EXPLAIN' => 'In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.',
|
||||||
|
'RECAPTCHA_SOCKET_ERROR' => 'There was a problem connecting to the RECAPTCHA service: could not open socket. Try again later.',
|
||||||
));
|
));
|
||||||
|
|
|
||||||
|
|
@ -313,6 +313,7 @@ $lang = array_merge($lang, array(
|
||||||
'IN' => 'in',
|
'IN' => 'in',
|
||||||
'INDEX' => 'Index page',
|
'INDEX' => 'Index page',
|
||||||
'INFORMATION' => 'Information',
|
'INFORMATION' => 'Information',
|
||||||
|
'INSECURE_REDIRECT' => 'Tried to redirect to potentially insecure url.',
|
||||||
'INTERESTS' => 'Interests',
|
'INTERESTS' => 'Interests',
|
||||||
'INVALID_DIGEST_CHALLENGE' => 'Invalid digest challenge.',
|
'INVALID_DIGEST_CHALLENGE' => 'Invalid digest challenge.',
|
||||||
'INVALID_EMAIL_LOG' => '<strong>%s</strong> possibly an invalid email address?',
|
'INVALID_EMAIL_LOG' => '<strong>%s</strong> possibly an invalid email address?',
|
||||||
|
|
|
||||||
|
|
@ -250,6 +250,8 @@ $lang = array_merge($lang, array(
|
||||||
'ONLY_TOPIC' => 'Only topic “%s”',
|
'ONLY_TOPIC' => 'Only topic “%s”',
|
||||||
'OTHER_USERS' => 'Other users posting from this IP',
|
'OTHER_USERS' => 'Other users posting from this IP',
|
||||||
|
|
||||||
|
'QUICKMOD_ACTION_NOT_ALLOWED' => "%s not allowed as quickmod",
|
||||||
|
|
||||||
'PM_REPORT_CLOSED_SUCCESS' => 'The selected PM report has been closed successfully.',
|
'PM_REPORT_CLOSED_SUCCESS' => 'The selected PM report has been closed successfully.',
|
||||||
'PM_REPORT_DELETED_SUCCESS' => 'The selected PM report has been deleted successfully.',
|
'PM_REPORT_DELETED_SUCCESS' => 'The selected PM report has been deleted successfully.',
|
||||||
'PM_REPORTED_SUCCESS' => 'This private message has been successfully reported.',
|
'PM_REPORTED_SUCCESS' => 'This private message has been successfully reported.',
|
||||||
|
|
|
||||||
|
|
@ -182,7 +182,7 @@ if ($quickmod)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
trigger_error("$action not allowed as quickmod", E_USER_ERROR);
|
trigger_error($user->lang('QUICKMOD_ACTION_NOT_ALLOWED', $action), E_USER_ERROR);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,11 +18,11 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
|
||||||
// array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false))
|
// array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false))
|
||||||
return array(
|
return array(
|
||||||
array('data://x', false, 'http://localhost/phpBB'),
|
array('data://x', false, 'http://localhost/phpBB'),
|
||||||
array('bad://localhost/phpBB/index.php', 'Tried to redirect to potentially insecure url.', false),
|
array('bad://localhost/phpBB/index.php', 'INSECURE_REDIRECT', false),
|
||||||
array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),
|
array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),
|
||||||
array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false),
|
array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'INSECURE_REDIRECT', false),
|
||||||
array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
|
array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
|
||||||
array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false),
|
array('http://localhost/phpBB/index.php;url=', 'INSECURE_REDIRECT', false),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue