public function __construct(\phpbb\controller\helper $helper, \phpbb\template\template $template, \phpbb\user $user, \phpbb\config\config $config, \phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\captcha\factory $captcha, \phpbb\db\driver\driver_interface $db, $root_path, $php_ext) { $this->helper = $helper; $this->template = $template; $this->user = $user; $this->config = $config; $this->auth = $auth; $this->request = $request; $this->db = $db; $this->captcha = $captcha; $this->root_path = $root_path; $this->php_ext = $php_ext; $this->user->session_begin(); $this->auth->acl($this->user->data); $this->enable_download = isset($this->config['codebox_plus_download']) ? $this->config['codebox_plus_download'] : 0; $this->enable_login_required = isset($this->config['codebox_plus_login_required']) ? $this->config['codebox_plus_login_required'] : 0; $this->enable_prevent_bots = isset($this->config['codebox_plus_prevent_bots']) ? $this->config['codebox_plus_prevent_bots'] : 0; $this->enable_captcha = isset($this->config['codebox_plus_captcha']) ? $this->config['codebox_plus_captcha'] : 0; $this->max_attempt = isset($this->config['codebox_plus_max_attempt']) ? $this->config['codebox_plus_max_attempt'] : 0; }
/** * @param int $user_id * @param array $userdata * @param string|array $permission * @param bool $admin * @param bool $try * @return bool */ private function do_permission_check($user_id, $userdata, $permission, $admin, $try) { if ($this->isTfaRegistered($user_id)) { return true; } $userdata = $this->user_data($user_id, $userdata); $auth = new auth(); $auth->acl($userdata); if (!is_array($permission)) { $permission = array($permission); } foreach ($permission as $perm) { if ($auth->acl_get($perm) && ($admin || $try)) { return true; } } return false; }
public function core_common($event) { if (empty($this->core->seo_opt['url_rewrite'])) { return; } // this helps fixing several cases of relative links define('PHPBB_USE_BOARD_URL_PATH', true); $this->start = max(0, $this->request->variable('start', 0)); switch ($this->core->seo_opt['req_file']) { case 'viewforum': $this->forum_id = max(0, $this->request->variable('f', 0)); if (!$this->forum_id) { $this->core->get_forum_id($this->forum_id); if (!$this->forum_id) { // here we need to find out if the uri really was a forum one if (!preg_match('`^.+?\\.' . $this->php_ext . '(\\?.*)?$`', $this->core->seo_path['uri'])) { // request url is rewriten // re-route request to app.php global $phpbb_container; // god save the hax $phpbb_root_path = $this->phpbb_root_path; $phpEx = $this->php_ext; include $phpbb_root_path . 'includes/functions_url_matcher.' . $phpEx; // we need to overwrite couple SERVER variable to simulate direct app.php call // start with scripts $script_fix_list = array('SCRIPT_FILENAME', 'SCRIPT_NAME', 'PHP_SELF'); foreach ($script_fix_list as $varname) { if ($this->request->is_set($varname, \phpbb\request\request_interface::SERVER)) { $value = $this->request->server($varname); if ($value) { $value = preg_replace('`^(.*?)viewforum\\.' . $this->php_ext . '((\\?|/).*)?$`', '\\1app.' . $this->php_ext . '\\2', $value); $this->request->overwrite($varname, $value, \phpbb\request\request_interface::SERVER); } } } // then fix query strings $qs_fix_list = array('QUERY_STRING', 'REDIRECT_QUERY_STRING'); foreach ($qs_fix_list as $varname) { if ($this->request->is_set($varname, \phpbb\request\request_interface::SERVER)) { $value = $this->request->server($varname); if ($value) { $value = preg_replace('`^forum_uri=[^&]*(&|&)start=((&|&).*)?$`i', '', $value); $this->request->overwrite($varname, $value, \phpbb\request\request_interface::SERVER); } } } // Start session management $this->user->session_begin(); $this->auth->acl($this->user->data); $this->user->setup('app'); $http_kernel = $phpbb_container->get('http_kernel'); $symfony_request = $phpbb_container->get('symfony_request'); $response = $http_kernel->handle($symfony_request); $response->send(); $http_kernel->terminate($symfony_request, $response); exit; } if ($this->core->seo_opt['redirect_404_forum']) { $this->core->seo_redirect($this->core->seo_path['phpbb_url']); } else { send_status_line(404, 'Not Found'); } } else { $this->request->overwrite('f', (int) $this->forum_id); } } break; case 'viewtopic': $this->forum_id = max(0, $this->request->variable('f', 0)); $this->topic_id = max(0, $this->request->variable('t', 0)); $this->post_id = max(0, $this->request->variable('p', 0)); if (!$this->forum_id) { $this->core->get_forum_id($this->forum_id); if ($this->forum_id > 0) { $this->request->overwrite('f', (int) $this->forum_id); } } $this->hilit_words = $this->request->variable('hilit', '', true); if ($this->hilit_words) { $this->hilit_words = rawurldecode($this->hilit_words); if (!$this->core->is_utf8($this->hilit_words)) { $this->hilit_words = utf8_normalize_nfc(utf8_recode($this->hilit_words, 'iso-8859-1')); } $this->request->overwrite('hilit', $this->hilit_words); } if (!$this->topic_id && !$this->post_id) { if ($this->core->seo_opt['redirect_404_forum']) { if ($this->forum_id && !empty($this->core->seo_url['forum'][$this->forum_id])) { $this->core->seo_redirect(append_sid("{$this->phpbb_root_path}viewforum.{$this->php_ext}", 'f=' . $this->forum_id)); } else { $this->core->seo_redirect($this->core->seo_path['phpbb_url']); } } else { send_status_line(404, 'Not Found'); } } break; } }