fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'hotfix/1.8.16' into develop

Browse source
This commit is contained in:
bnu 2016-02-18 17:30:58 +09:00
commit e155c6107d
17 changed files with 41 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

13
classes/context/Context.class.php
View file

@ -200,9 +200,16 @@ class Context
*/
function init()
{
if(!isset($GLOBALS['HTTP_RAW_POST_DATA']) && version_compare(PHP_VERSION, '5.6.0', '>=') === true) {
if(simplexml_load_string(file_get_contents("php://input")) !== false) $GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents("php://input");
if(strpos($_SERVER['CONTENT_TYPE'], 'json') || strpos($_SERVER['HTTP_CONTENT_TYPE'], 'json')) $GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents("php://input");
// fix missing HTTP_RAW_POST_DATA in PHP 5.6 and above
if(!isset($GLOBALS['HTTP_RAW_POST_DATA']) && version_compare(PHP_VERSION, '5.6.0', '>=') === TRUE)
{
$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents("php://input");
// If content is not XML JSON, unset
if(!preg_match('/^[\<\{\[]/', $GLOBALS['HTTP_RAW_POST_DATA']) && strpos($_SERVER['CONTENT_TYPE'], 'json') === FALSE && strpos($_SERVER['HTTP_CONTENT_TYPE'], 'json') === FALSE)
{
unset($GLOBALS['HTTP_RAW_POST_DATA']);
}
}
// set context variables in $GLOBALS (to use in display handler)

4
classes/db/DB.class.php
View file

@ -1089,7 +1089,7 @@ class DB
* this method is protected
* @return boolean
*/
function _begin()
function _begin($transactionLevel = 0)
{
return TRUE;
}
@ -1117,7 +1117,7 @@ class DB
* this method is protected
* @return boolean
*/
function _rollback()
function _rollback($transactionLevel = 0)
{
return TRUE;
}

4
classes/db/DBCubrid.class.php
View file

@ -144,7 +144,7 @@ class DBCubrid extends DB
* this method is private
* @return boolean
*/
function _begin($transactionLevel)
function _begin($transactionLevel = 0)
{
if(__CUBRID_VERSION__ >= '8.4.0')
{
@ -167,7 +167,7 @@ class DBCubrid extends DB
* this method is private
* @return boolean
*/
function _rollback($transactionLevel)
function _rollback($transactionLevel = 0)
{
$connection = $this->_getConnection('master');

4
classes/db/DBMssql.class.php
View file

@ -113,7 +113,7 @@ class DBMssql extends DB
* this method is private
* @return boolean
*/
function _begin($transactionLevel)
function _begin($transactionLevel = 0)
{
$connection = $this->_getConnection('master');
@ -136,7 +136,7 @@ class DBMssql extends DB
* this method is private
* @return boolean
*/
function _rollback($transactionLevel)
function _rollback($transactionLevel = 0)
{
$connection = $this->_getConnection('master');

4
classes/db/DBMysql.class.php
View file

@ -147,7 +147,7 @@ class DBMysql extends DB
* this method is private
* @return boolean
*/
function _begin()
function _begin($transactionLevel = 0)
{
return true;
}
@ -157,7 +157,7 @@ class DBMysql extends DB
* this method is private
* @return boolean
*/
function _rollback()
function _rollback($transactionLevel = 0)
{
return true;
}

4
classes/db/DBMysql_innodb.class.php
View file

@ -51,7 +51,7 @@ class DBMysql_innodb extends DBMysql
* this method is private
* @return boolean
*/
function _begin($transactionLevel)
function _begin($transactionLevel = 0)
{
$connection = $this->_getConnection('master');
@ -71,7 +71,7 @@ class DBMysql_innodb extends DBMysql
* this method is private
* @return boolean
*/
function _rollback($transactionLevel)
function _rollback($transactionLevel = 0)
{
$connection = $this->_getConnection('master');

4
classes/db/DBMysqli_innodb.class.php
View file

@ -85,7 +85,7 @@ class DBMysqli_innodb extends DBMysql
* this method is private
* @return boolean
*/
function _begin($transactionLevel)
function _begin($transactionLevel = 0)
{
$connection = $this->_getConnection('master');
@ -105,7 +105,7 @@ class DBMysqli_innodb extends DBMysql
* this method is private
* @return boolean
*/
function _rollback($transactionLevel)
function _rollback($transactionLevel = 0)
{
$connection = $this->_getConnection('master');

4
classes/module/ModuleObject.class.php
View file

@ -86,7 +86,7 @@ class ModuleObject extends Object
* @param string $type type of message (error, info, update)
* @return void
* */
function setMessage($message, $type = NULL)
function setMessage($message = 'success', $type = NULL)
{
parent::setMessage($message);
$this->setMessageType($type);
@ -370,7 +370,7 @@ class ModuleObject extends Object
* set the directory path of the layout directory
* @return string
* */
function getLayoutPath()
function getLayoutPath($layout_name = "", $layout_type = "P")
{
return $this->layout_path;
}

2
classes/object/Object.class.php
View file

@ -94,7 +94,7 @@ class Object
* @param string $message Error message
* @return bool Alaways returns true.
*/
function setMessage($message = 'success')
function setMessage($message = 'success', $type = NULL)
{
if($str = Context::getLang($message))
{

22
classes/security/Purifier.class.php
View file

@ -142,28 +142,16 @@ class Purifier
private function _getWhiteDomainRegx()
{
require_once(_XE_PATH_ . 'classes/security/EmbedFilter.class.php');
$oEmbedFilter = EmbedFilter::getInstance();
$whiteIframeUrlList = $oEmbedFilter->getWhiteIframeUrlList();
$whiteDomainRegex = '%^(';
$whiteDomainCount = count($whiteIframeUrlList);
$i=1;
if(is_array($whiteIframeUrlList))
$whiteDomain = array();
foreach($whiteIframeUrlList as $value)
{
foreach($whiteIframeUrlList as $value)
{
$whiteDomainRegex .= $value;
if($i < $whiteDomainCount)
{
$whiteDomainRegex .= '|';
}
$i++;
}
$whiteDomain[] = preg_quote($value, '%');
}
$whiteDomainRegex .= ')%';
$whiteDomainRegex = '%^(' . implode('|', $whiteDomain) . ')%';
return $whiteDomainRegex;
}

2
config/func.inc.php
View file

@ -1200,7 +1200,7 @@ function removeSrcHack($match)
continue;
}
$val = preg_replace('/&#(?:x([a-fA-F0-9]+)|0*(\d+));/e', 'chr("\\1"?0x00\\1:\\2+0)', $m[3][$idx] . $m[4][$idx]);
$val = preg_replace_callback('/&#(?:x([a-fA-F0-9]+)|0*(\d+));/', function($n) {return chr($n[1] ? ('0x00' . $n[1]) : ($n[2] + 0)); }, $m[3][$idx] . $m[4][$idx]);
$val = preg_replace('/^\s+|[\t\n\r]+/', '', $val);
if(preg_match('/^[a-z]+script:/i', $val))

4
libs/phpmailer/phpmailer.php
View file

@ -1724,10 +1724,10 @@ class PHPMailer {
switch (strtolower($position)) {
case 'phrase':
$encoded = preg_replace("/([^A-Za-z0-9!*+\/ -])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
$encoded = preg_replace_callback('/([^A-Za-z0-9!*+\/ -])/', function($n) { return '='.sprintf('%02X', ord('\\1')); }, $encoded);
break;
case 'comment':
$encoded = preg_replace("/([\(\)\"])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded);
$encoded = preg_replace_callback('/([\(\)\"])/', function($n) { return '='.sprintf('%02X', ord('\\1')); }, $encoded);
case 'text':
default:
// Replace every high ascii, control =, ? and _ characters

4
modules/communication/communication.controller.php
View file

@ -131,8 +131,8 @@ class communicationController extends communication
$view_url = Context::getRequestUri();
$content = sprintf("%s<br /><br />From : <a href=\"%s\" target=\"_blank\">%s</a>", $content, $view_url, $view_url);
$oMail = new Mail();
$oMail->setTitle($title);
$oMail->setContent($content);
$oMail->setTitle(htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
$oMail->setContent(removeHackTag($content));
$oMail->setSender($logged_info->nick_name, $logged_info->email_address);
$oMail->setReceiptor($receiver_member_info->nick_name, $receiver_member_info->email_address);
$oMail->send();

3
modules/document/document.controller.php
View file

@ -274,7 +274,7 @@ class documentController extends document
$obj->homepage = $logged_info->homepage;
}
// If the tile is empty, extract string from the contents.
$obj->title = htmlspecialchars($obj->title);
$obj->title = htmlspecialchars($obj->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
settype($obj->title, "string");
if($obj->title == '') $obj->title = cut_str(trim(strip_tags(nl2br($obj->content))),20,'...');
// If no tile extracted from the contents, leave it untitled.
@ -473,6 +473,7 @@ class documentController extends document
$obj->homepage = $source_obj->get('homepage');
}
// If the tile is empty, extract string from the contents.
$obj->title = htmlspecialchars($obj->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
settype($obj->title, "string");
if($obj->title == '') $obj->title = cut_str(strip_tags($obj->content),20,'...');
// If no tile extracted from the contents, leave it untitled.

3
modules/editor/editor.admin.controller.php
View file

@ -144,7 +144,8 @@ class editorAdminController extends editor
{
$oModuleController = getController('module');
$configVars = Context::getRequestVars();
$config = new stdClass;
if($configVars->font_defined != 'Y') $config->font_defined = $configVars->font_defined = 'N';
else $config->font_defined = 'Y';

2
modules/layout/layout.model.php
View file

@ -289,7 +289,7 @@ class layoutModel extends layout
* @param string $layout_type (P : PC, M : Mobile)
* @return string path of layout
*/
function getLayoutPath($layout_name, $layout_type = "P")
function getLayoutPath($layout_name = "", $layout_type = "P")
{
$layout_parse = explode('|@|', $layout_name);
if(count($layout_parse) > 1)

2
modules/member/member.admin.view.php
View file

@ -615,7 +615,7 @@ class memberAdminView extends member
}
$replace = array_merge($extentionReplace, $replace);
$inputTag = preg_replace('@%(\w+)%@e', '$replace[$1]', $template);
$inputTag = preg_replace_callback('@%(\w+)%@', function($n) { return $replace[$n[1]]; }, $template);
if($extendForm->description)
$inputTag .= '<p class="help-block">'.$extendForm->description.'</p>';