makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

#27395

Browse source 
git-svn-id: file:///svn/phpbb/trunk@8637 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2008-06-09 17:10:59 +00:00
parent d7a217c28c
commit e199f55ba2
3 changed files with 26 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/functions.php
View file

@ -1722,7 +1722,7 @@ function generate_board_url($without_script_path = false)
if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80)))
{
// HTTP HOST can carry a port number...
// HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true)
if (strpos($server_name, ':') === false)
{
$url .= ':' . $server_port;

12
phpBB/includes/session.php
View file

@ -160,6 +160,13 @@ class session
$this->referer = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars((string) $_SERVER['HTTP_REFERER']) : '';
$this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// Since HTTP_HOST may carry a port definition, we need to remove it here...
if (strpos($this->host, ':') !== false)
{
$this->host = substr($this->host, 0, strpos($this->host, ':'));
}
$this->page = self::extract_current_page(PHPBB_ROOT_PATH);
// if the forwarded for header shall be checked we have to validate its contents
@ -1300,8 +1307,10 @@ class session
{
return true;
}
$host = htmlspecialchars($this->host);
$ref = substr($this->referer, strpos($this->referer, '://') + 3);
if (!(stripos($ref , $host) === 0))
{
return false;
@ -1310,15 +1319,18 @@ class session
{
$ref = substr($ref, strlen($host));
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
if ($server_port !== 80 && $server_port !== 443 && stripos($ref, ":$server_port") === 0)
{
$ref = substr($ref, strlen(":$server_port"));
}
if (!(stripos(rtrim($ref, '/'), rtrim($this->page['root_script_path'], '/')) === 0))
{
return false;
}
}
return true;
}

13
phpBB/install/install_install.php
View file

@ -1043,6 +1043,12 @@ class install_install extends module
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') !== false)
{
$server_name = substr($server_name, 0, strpos($server_name, ':'));
}
$data['email_enable'] = ($data['email_enable'] !== '') ? $data['email_enable'] : true;
$data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : $server_name;
$data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'));
@ -1136,6 +1142,13 @@ class install_install extends module
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') !== false)
{
$server_name = substr($server_name, 0, strpos($server_name, ':'));
}
$cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : $server_name;
// Try to come up with the best solution for cookie domain...