Project

General

Profile

Bug #19916 » 10266_v3.diff

Administrator Admin, 2009-03-22 09:41

View differences:

misc/phpcheck/incfile.php (working copy)
die('In the source distribution of TYPO3, this script is disabled by a die() function call.<br/><b>Fix:</b> Open the file misc/phpcheck/incfile.php and remove/out-comment the line that outputs this message!');
}
SetCookie('test_script_cookie', 'Cookie Value!', 0, '/');
include('../../t3lib/class.t3lib_div.php');
SetCookie('test_script_cookie', 'Cookie Value!', 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH'));
error_reporting (E_ALL ^ E_NOTICE);
define("TYPO3_OS", stristr(PHP_OS,"win")&&!stristr(PHP_OS,"darwin")?"WIN":"");
t3lib/class.t3lib_div.php (working copy)
TYPO3_REQUEST_SCRIPT = [scheme]://[host][:[port]][path_script]
TYPO3_REQUEST_DIR = [scheme]://[host][:[port]][path_dir]
TYPO3_SITE_URL = [scheme]://[host][:[port]][path_dir] of the TYPO3 website frontend
TYPO3_SITE_PATH = [path_dir] of the TYPO3 website frontend
TYPO3_SITE_SCRIPT = [script / Speaking URL] of the TYPO3 website
TYPO3_DOCUMENT_ROOT = Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
TYPO3_SSL = Returns TRUE if this session uses SSL/TLS (https)
......
$retVal = $siteUrl;
}
break;
case 'TYPO3_SITE_PATH':
$retVal = substr(t3lib_div::getIndpEnv('TYPO3_SITE_URL'), strlen(t3lib_div::getIndpEnv('TYPO3_REQUEST_HOST')));
break;
case 'TYPO3_SITE_SCRIPT':
$retVal = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'),strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL')));
break;
t3lib/class.t3lib_userauth.php (working copy)
if ($cookieDomain) {
SetCookie($this->name, $id, 0, '/', $cookieDomain);
} else {
SetCookie($this->name, $id, 0, '/');
SetCookie($this->name, $id, 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH'));
}
if ($this->writeDevLog) t3lib_div::devLog('Set new Cookie: '.$id.($cookieDomain ? ', '.$cookieDomain : ''), 't3lib_userAuth');
}
......
if ($cookieDomain) {
SetCookie($this->name, $id, time()+$this->lifetime, '/', $cookieDomain);
} else {
SetCookie($this->name, $id, time()+$this->lifetime, '/');
SetCookie($this->name, $id, time()+$this->lifetime, t3lib_div::getIndpEnv('TYPO3_SITE_PATH'));
}
if ($this->writeDevLog) t3lib_div::devLog('Update Cookie: '.$id.($cookieDomain ? ', '.$cookieDomain : ''), 't3lib_userAuth');
}
tests/t3lib/t3lib_div_testcase.php (working copy)
$this->assertEquals($expectedArray, $actualArray);
}
/**
* @test
*/
public function checkIndpEnvTypo3SitePathNotEmpty() {
$actualEnv = t3lib_div::getIndpEnv('TYPO3_SITE_PATH');
$this->assertTrue(strlen($actualEnv) >= 1);
$this->assertEquals('/', $actualEnv{0});
$this->assertEquals('/', $actualEnv{strlen($actualEnv) - 1});
}
}
?>
typo3/sysext/cms/tslib/class.tslib_fe.php (working copy)
if ($inputCode) {
if ($inputCode=='LOGOUT') { // "log out":
SetCookie('ADMCMD_prev', '', 0);
SetCookie('ADMCMD_prev', '', 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH'));
if ($this->TYPO3_CONF_VARS['FE']['workspacePreviewLogoutTemplate']) {
if (@is_file(PATH_site.$this->TYPO3_CONF_VARS['FE']['workspacePreviewLogoutTemplate'])) {
$message = t3lib_div::getUrl(PATH_site.$this->TYPO3_CONF_VARS['FE']['workspacePreviewLogoutTemplate']);
......
// If ADMCMD_prev is set the $inputCode value cannot come from a cookie and we set that cookie here. Next time it will be found from the cookie if ADMCMD_prev is not set again...
if (t3lib_div::_GP('ADMCMD_prev')) {
SetCookie('ADMCMD_prev', t3lib_div::_GP('ADMCMD_prev'), 0); // Lifetime is 1 hour, does it matter much? Requires the user to click the link from their email again if it expires.
SetCookie('ADMCMD_prev', t3lib_div::_GP('ADMCMD_prev'), 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH')); // Lifetime is 1 hour, does it matter much? Requires the user to click the link from their email again if it expires.
}
return $previewConfig;
} elseif (t3lib_div::getIndpEnv('TYPO3_SITE_URL').'index.php?ADMCMD_prev='.$inputCode === t3lib_div::getIndpEnv('TYPO3_REQUEST_URL')) {
typo3/sysext/install/mod/class.tx_install.php (working copy)
$uKey = $_COOKIE[$this->cookie_name.'_key'];
if (!$uKey) {
$uKey = md5(uniqid(microtime()));
SetCookie($this->cookie_name.'_key', $uKey, 0, '/'); // Cookie is set
SetCookie($this->cookie_name.'_key', $uKey, 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH')); // Cookie is set
$this->JSmessage='SECURITY:
Make sure to protect the Install Tool with another password than "joh316".
......
if ($p && md5($p)==$GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword']) {
$sKey = md5($GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'].'|'.$uKey);
SetCookie($this->cookie_name, $sKey, 0, '/');
SetCookie($this->cookie_name, $sKey, 0, t3lib_div::getIndpEnv('TYPO3_SITE_PATH'));
// Sending warning email
$wEmail = $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'];
(2-2/2)