bug_7397_v2.diff

Administrator Admin, 2008-02-20 10:29

Download (10.7 KB)

View differences:

t3lib/config_default.php (working copy)
89 89
		'maxFileNameLength' => 60,				// Integer, This is the maximum file name length. The value will be taken into account by basic file operations like renaming or creation of files and folders.
90 90
		'UTF8filesystem' => 0,					// Boolean: If true and [BE][forceCharset] is set to utf-8, then TYPO3 uses utf-8 to store file names. This allows for accented Latin letters as well as any other non-latin characters like Cyrillic and Chinese.
91 91
		'lockingMode' => 'simple',					// String: Define which locking mode is used to control requests to pages being generated. Can be one of either "disable" (no locking), "simple" (checks for file existance), "flock" (using PHPs flock() function), "semaphore" (using PHPs sem_acquire() function). Default is "disable".
92
		'proxyIP' => '',					// String: list of IP addresses. If TYPO3 is behind one or more (intransparent) reverese proxies the IP addresses must be added here.
93
		'proxyPrefix' => '',					// String: optional prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI).
94
		'proxySSL' => '',					// String: '*' or list of IP addresses of proxies that use SSL (https) for the connection to the client, but an unencrypted connection (http) to the server. If '*' all proxies defined in SYS[proxyIP] use SSL.
95
		'proxyPrefixSSL' => '',					// String: prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI) when SSL accessing the server via an SSL proxy. This setting overrides SYS[proxyPrefix].
92 96
	),
93 97
	'EXT' => Array (	// Options related to the Extension Management
94 98
		'noEdit' => 1,							// Boolean: If set, the Extension Manager does NOT allow extension files to be edited! (Otherwise both local and global extensions can be edited.)
t3lib/class.t3lib_div.php (working copy)
792 792
	}
793 793

  
794 794
	/**
795
	 * Validate a given IP address.
796
	 *
797
	 * Possible format are IPv4 and IPv6.
798
	 *
799
	 * @param	string		IP address to be tested
800
	 * @return	boolean		True if $ip is either of IPv4 or IPv6 format.
801
	 */
802
	public static function validIP($ip) {
803
		if (strpos($ip, ':') === false)	{
804
			return t3lib_div::validIPv4($ip);
805
		} else {
806
			return t3lib_div::validIPv6($ip);
807
		}
808
	}
809

  
810
	/**
811
	 * Validate a given IP address to the IPv4 address format.
812
	 *
813
	 * Example for possible format:  10.0.45.99
814
	 *
815
	 * @param	string		IP address to be tested
816
	 * @return	boolean		True if $ip is of IPv4 format.
817
	 */
818
	public static function validIPv4($ip) {
819
		$parts = explode('.', $ip);
820
		if (count($parts)==4 &&
821
			t3lib_div::testInt($parts[0]) && $parts[0]>=1 && $parts[0]<256 &&
822
			t3lib_div::testInt($parts[1]) && $parts[0]>=0 && $parts[0]<256 &&
823
			t3lib_div::testInt($parts[2]) && $parts[0]>=0 && $parts[0]<256 &&
824
			t3lib_div::testInt($parts[3]) && $parts[0]>=0 && $parts[0]<256)	{
825
			return true;
826
		} else {
827
			return false;
828
		}
829
	}
830

  
831
	/**
795 832
	 * Validate a given IP address to the IPv6 address format.
796 833
	 *
797 834
	 * Example for possible format:  43FB::BB3F:A0A0:0 | ::1
......
3188 3225
			Special extras:
3189 3226
				TYPO3_HOST_ONLY =		[host] = 192.168.1.4
3190 3227
				TYPO3_PORT =			[port] = 8080 (blank if 80, taken from host value)
3191
				TYPO3_REQUEST_HOST = 	[scheme]://[host][:[port]]
3228
				TYPO3_REQUEST_HOST = 		[scheme]://[host][:[port]]
3192 3229
				TYPO3_REQUEST_URL =		[scheme]://[host][:[port]][path]?[query] (scheme will by default be "http" until we can detect something different)
3193
				TYPO3_REQUEST_SCRIPT =  [scheme]://[host][:[port]][path_script]
3230
				TYPO3_REQUEST_SCRIPT =  	[scheme]://[host][:[port]][path_script]
3194 3231
				TYPO3_REQUEST_DIR =		[scheme]://[host][:[port]][path_dir]
3195 3232
				TYPO3_SITE_URL = 		[scheme]://[host][:[port]][path_dir] of the TYPO3 website frontend
3196
				TYPO3_SITE_SCRIPT = 	[script / Speaking URL] of the TYPO3 website
3197
				TYPO3_DOCUMENT_ROOT =	Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
3198
				TYPO3_SSL = 			Returns TRUE if this session uses SSL (HTTPS)
3233
				TYPO3_SITE_SCRIPT = 		[script / Speaking URL] of the TYPO3 website
3234
				TYPO3_DOCUMENT_ROOT =		Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
3235
				TYPO3_SSL = 			Returns TRUE if this session uses SSL/TLS (https)
3236
				TYPO3_PROXY = 			Returns TRUE if this session runs over a well known proxy
3199 3237

  
3200 3238
			Notice: [fragment] is apparently NEVER available to the script!
3201 3239

  
......
3214 3252
		switch ((string)$getEnvName)	{
3215 3253
			case 'SCRIPT_NAME':
3216 3254
				$retVal = (php_sapi_name()=='cgi'||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) ? ($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) : ($_SERVER['ORIG_SCRIPT_NAME']?$_SERVER['ORIG_SCRIPT_NAME']:$_SERVER['SCRIPT_NAME']);
3255
					// add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
3256
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'])) {
3257
					if (t3lib_div::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefixSSL']) {
3258
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefixSSL'].$retVal;
3259
					} elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefix']) {
3260
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefix'].$retVal;
3261
					}
3262
				}
3217 3263
			break;
3218 3264
			case 'SCRIPT_FILENAME':
3219 3265
				$retVal = str_replace('//','/', str_replace('\\','/', (php_sapi_name()=='cgi'||php_sapi_name()=='isapi' ||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME'])));
......
3226 3272
				} elseif (!$_SERVER['REQUEST_URI'])	{	// This is for ISS/CGI which does not have the REQUEST_URI available.
3227 3273
					$retVal = '/'.ereg_replace('^/','',t3lib_div::getIndpEnv('SCRIPT_NAME')).
3228 3274
						($_SERVER['QUERY_STRING']?'?'.$_SERVER['QUERY_STRING']:'');
3229
				} else $retVal = $_SERVER['REQUEST_URI'];
3275
				} else {
3276
					$retVal = $_SERVER['REQUEST_URI'];
3277
				}
3278
					// add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
3279
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'])) {
3280
					if (t3lib_div::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefixSSL']) {
3281
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefixSSL'].$retVal;
3282
					} elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefix']) {
3283
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyPrefix'].$retVal;
3284
					}
3285
				}
3230 3286
			break;
3231 3287
			case 'PATH_INFO':
3232 3288
					// $_SERVER['PATH_INFO']!=$_SERVER['SCRIPT_NAME'] is necessary because some servers (Windows/CGI) are seen to set PATH_INFO equal to script_name
3233 3289
					// Further, there must be at least one '/' in the path - else the PATH_INFO value does not make sense.
3234 3290
					// IF 'PATH_INFO' never works for our purpose in TYPO3 with CGI-servers, then 'php_sapi_name()=='cgi'' might be a better check. Right now strcmp($_SERVER['PATH_INFO'],t3lib_div::getIndpEnv('SCRIPT_NAME')) will always return false for CGI-versions, but that is only as long as SCRIPT_NAME is set equal to PATH_INFO because of php_sapi_name()=='cgi' (see above)
3235 3291
//				if (strcmp($_SERVER['PATH_INFO'],t3lib_div::getIndpEnv('SCRIPT_NAME')) && count(explode('/',$_SERVER['PATH_INFO']))>1)	{
3236
				if (php_sapi_name()!='cgi'&&php_sapi_name()!='cgi-fcgi')	{
3292
				if (php_sapi_name()!='cgi' && php_sapi_name()!='cgi-fcgi')	{
3237 3293
					$retVal = $_SERVER['PATH_INFO'];
3238 3294
				}
3239 3295
			break;
3296
			case 'TYPO3_PROXY':
3297
				$retVal = t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP']);
3298
			break;
3299
			case 'REMOTE_ADDR':
3300
				$retVal = $_SERVER['REMOTE_ADDR'];
3301
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'])) {
3302
						// use first IP found in list
3303
					$ip = t3lib_div::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
3304
					$ip = array_pop($ip);
3305
					if (t3lib_div::validIP($ip))	{
3306
						$retVal = $ip;
3307
					}
3308
				}
3309
			break;
3310
			case 'HTTP_HOST':
3311
				$retVal = $_SERVER['HTTP_HOST'];
3312
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'])) {
3313
						// use first host found in list
3314
					$host = t3lib_div::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
3315
					$host = array_pop($host);
3316
					if ($host)	{
3317
						$retVal = $host;
3318
					}
3319
				}
3320
			break;
3240 3321
				// These are let through without modification
3241
			case 'REMOTE_ADDR':
3242
			case 'REMOTE_HOST':
3243 3322
			case 'HTTP_REFERER':
3244
			case 'HTTP_HOST':
3245 3323
			case 'HTTP_USER_AGENT':
3246 3324
			case 'HTTP_ACCEPT_ENCODING':
3247 3325
			case 'HTTP_ACCEPT_LANGUAGE':
3326
			case 'REMOTE_HOST':
3248 3327
			case 'QUERY_STRING':
3249 3328
				$retVal = $_SERVER[$getEnvName];
3250 3329
			break;
......
3265 3344
				$retVal = $DR;
3266 3345
			break;
3267 3346
			case 'TYPO3_HOST_ONLY':
3268
				$p = explode(':',$_SERVER['HTTP_HOST']);
3347
				$p = explode(':',t3lib_div::getIndpEnv('HTTP_HOST'));
3269 3348
				$retVal = $p[0];
3270 3349
			break;
3271 3350
			case 'TYPO3_PORT':
3272
				$p = explode(':',$_SERVER['HTTP_HOST']);
3351
				$p = explode(':',t3lib_div::getIndpEnv('HTTP_HOST'));
3273 3352
				$retVal = $p[1];
3274 3353
			break;
3275 3354
			case 'TYPO3_REQUEST_HOST':
3276 3355
				$retVal = (t3lib_div::getIndpEnv('TYPO3_SSL') ? 'https://' : 'http://').
3277
					$_SERVER['HTTP_HOST'];
3356
					t3lib_div::getIndpEnv('HTTP_HOST');
3278 3357
			break;
3279 3358
			case 'TYPO3_REQUEST_URL':
3280 3359
				$retVal = t3lib_div::getIndpEnv('TYPO3_REQUEST_HOST').t3lib_div::getIndpEnv('REQUEST_URI');
......
3298 3377
				$retVal = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'),strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL')));
3299 3378
			break;
3300 3379
			case 'TYPO3_SSL':
3301
				$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'on') || !strcmp($_SERVER['HTTPS'],'1') ? TRUE : FALSE;	// see http://bugs.typo3.org/view.php?id=3909
3380
				$proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxySSL'];
3381
				if ($proxySSL == '*') {
3382
					$proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'];
3383
				}
3384
				if ($proxySSL && t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['proxyIP'])) {
3385
					$retVal = true;
3386
				} else {
3387
					$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'on') || !strcmp($_SERVER['HTTPS'],'1') ? true : false;	// see http://bugs.typo3.org/view.php?id=3909
3388
				}
3302 3389
			break;
3303 3390
			case '_ARRAY':
3304 3391
				$out = array();
......
4903 4990
		return '\''.$value.'\'';
4904 4991
	}
4905 4992
}
4906
?>
4993
?>