diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index 342bebcc9..b27716e01 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -448,10 +448,12 @@ class Context unset($db_info->db_userid); $db_info->master_db["db_table_prefix"] = $db_info->db_table_prefix; unset($db_info->db_table_prefix); - if(substr_compare($db_info->master_db["db_table_prefix"], '_', -1) !== 0) + + if(isset($db_info->master_db["db_table_prefix"]) && substr_compare($db_info->master_db["db_table_prefix"], '_', -1) !== 0) { $db_info->master_db["db_table_prefix"] .= '_'; } + $db_info->slave_db = array($db_info->master_db); $self->setDBInfo($db_info); @@ -633,6 +635,7 @@ class Context { return TRUE; } + if(substr_compare($default_url, '/', -1) !== 0) { $default_url .= '/'; @@ -841,6 +844,7 @@ class Context global $lang; if(!$path) return; + $_path = 'eval://' . $path; if(in_array($_path, $this->loaded_lang_files)) @@ -872,6 +876,7 @@ class Context function _loadXmlLang($path) { if(!$path) return; + $oXmlLangParser = new XmlLangParser($path . ((substr_compare($path, '/', -1) !== 0) ? '/' : '') . 'lang.xml', $this->lang_type); return $oXmlLangParser->compile(); } @@ -885,6 +890,7 @@ class Context function _loadPhpLang($path) { if(!$path) return; + if(substr_compare($path, '/', -1) !== 0) { $path .= '/'; diff --git a/classes/file/FileHandler.class.php b/classes/file/FileHandler.class.php index 3a5c35fa0..7bbb9015b 100644 --- a/classes/file/FileHandler.class.php +++ b/classes/file/FileHandler.class.php @@ -17,7 +17,7 @@ class FileHandler */ function getRealPath($source) { - if(strlen($source) > 2 && substr_compare($source, './', 0, 2) === 0) + if(isset() && substr_compare($source, './', 0, 2) === 0) { return _XE_PATH_ . substr($source, 2); } diff --git a/classes/module/ModuleObject.class.php b/classes/module/ModuleObject.class.php index 61cbd59bf..661c5dda7 100644 --- a/classes/module/ModuleObject.class.php +++ b/classes/module/ModuleObject.class.php @@ -253,7 +253,7 @@ class ModuleObject extends Object * */ function setTemplateFile($filename) { - if(substr_compare($filename, '.html', -5) !== 0) + if(isset($filename) && substr_compare($filename, '.html', -5) !== 0) { $filename .= '.html'; } @@ -276,10 +276,13 @@ class ModuleObject extends Object * */ function setTemplatePath($path) { + if(!$path) return; + if(substr_compare($path, '/', 0, 1) !== 0 && substr_compare($path, './', 0, 2) !== 0) { $path = './' . $path; } + if(substr_compare($path, '/', -1) !== 0) { $path .= '/'; @@ -303,6 +306,8 @@ class ModuleObject extends Object * */ function setEditedLayoutFile($filename) { + if(!$filename) return; + if(substr_compare($filename, '.html', -5) !== 0) { $filename .= '.html'; @@ -326,6 +331,8 @@ class ModuleObject extends Object * */ function setLayoutFile($filename) { + if(!$filename) return; + if(substr_compare($filename, '.html', -5) !== 0) { $filename .= '.html'; @@ -348,6 +355,8 @@ class ModuleObject extends Object * */ function setLayoutPath($path) { + if(!$path) return; + if(substr_compare($path, '/', 0, 1) !== 0 && substr_compare($path, './', 0, 2) !== 0) { $path = './' . $path; diff --git a/config/func.inc.php b/config/func.inc.php index 53ac022c3..1dc748672 100644 --- a/config/func.inc.php +++ b/config/func.inc.php @@ -1015,7 +1015,7 @@ function removeSrcHack($match) { foreach($m[1] as $idx => $name) { - if(substr_compare($name, 'on', 0, 2) === 0) + if(isset($name) && substr_compare($name, 'on', 0, 2) === 0) { continue; } diff --git a/modules/layout/layout.admin.controller.php b/modules/layout/layout.admin.controller.php index 92e564854..80acc425c 100644 --- a/modules/layout/layout.admin.controller.php +++ b/modules/layout/layout.admin.controller.php @@ -697,6 +697,7 @@ class layoutAdminController extends layout if(!Context::isUploaded()) exit(); $file = Context::get('file'); if(!is_uploaded_file($file['tmp_name']) || !checkUploadedFile($file['tmp_name'])) exit(); + if(substr_compare($file['name'], '.tar', -4) !== 0) exit(); $layout_srl = Context::get('layout_srl');