bug_7397_v3.diff

Administrator Admin, 2008-02-21 20:57

Download (14.8 KB)

View differences:

t3lib/config_default.php (working copy)
76 76
		'binPath' => '', 						// String: List of absolute paths where external programs should be searched for. Eg. '/usr/local/webbin/,/home/xyz/bin/'. (ImageMagick path have to be configured separately)
77 77
		'binSetup' => '', 						// String (textarea): List of programs (separated by newline or comma). By default programs will be searched in default paths and the special paths defined by 'binPath'. When PHP has openbasedir enabled the programs can not be found and have to be configured here. Example: 'perl=/usr/bin/perl,unzip=/usr/local/bin/unzip'
78 78
		't3lib_cs_convMethod' => '',			// String (values: "iconv", "recode", "mbstring", default is homemade PHP-code). Defines which of these PHP-features to use for various Charset conversing functions in t3lib_cs. Will speed up charset conversion radically.
79
		't3lib_cs_utils' => '',					// String (values: "iconv" - PHP 5.0 only!, "mbstring", default is homemade PHP-code). Defines which of these PHP-features to use for various Charset processing functions in t3lib_cs. Will speed up charset functions radically.
79
		't3lib_cs_utils' => '',					// String (values: "iconv", "mbstring", default is homemade PHP-code). Defines which of these PHP-features to use for various character set processing functions in t3lib_cs. Will speed up charset functions radically.
80 80
		'no_pconnect' => 0,						// Boolean: If true, "connect" is used instead of "pconnect" when connecting to the database!
81 81
		'multiplyDBfieldSize' => 1,				// Double: 1-5: Amount used to multiply the DB field size when the install tool is evaluating the database size (eg. "2.5"). This is only useful e.g. if your database is iso-8859-1 encoded but you want to use utf-8 for your site. For Western European sites using utf-8 the need should not be for more than twice the normal single-byte size (2) and for Chinese / Asian languages 3 should suffice. NOTICE: It is recommended to change the native database charset instead! (see http://wiki.typo3.org/index.php/UTF-8_support for more information)
82 82
		'setDBinit' => '',						// String (textarea): Commands to send to database right after connecting, separated by newline. Ignored by the DBAL extension except for the 'native' type!
......
89 89
		'maxFileNameLength' => 60,				// Integer, This is the maximum file name length. The value will be taken into account by basic file operations like renaming or creation of files and folders.
90 90
		'UTF8filesystem' => 0,					// Boolean: If true and [BE][forceCharset] is set to utf-8, then TYPO3 uses utf-8 to store file names. This allows for accented Latin letters as well as any other non-latin characters like Cyrillic and Chinese.
91 91
		'lockingMode' => 'simple',					// String: Define which locking mode is used to control requests to pages being generated. Can be one of either "disable" (no locking), "simple" (checks for file existance), "flock" (using PHPs flock() function), "semaphore" (using PHPs sem_acquire() function). Default is "disable".
92
		'reverseProxyIP' => '',					// String: list of IP addresses. If TYPO3 is behind one or more (intransparent) reverese proxies the IP addresses must be added here.
93
		'reverseProxyHeaderMultiValue' => 'none',		// String, "none","first","last": defines which values of a proxy header (eg HTTP_X_FORWARDED_FOR) to use, if more than one is found. "none" discards the value, "first" and "last" use the first/last of the values in the list.
94
		'reverseProxyPrefix' => '',				// String: optional prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI).
95
		'reverseProxySSL' => '',				// String: '*' or list of IP addresses of proxies that use SSL (https) for the connection to the client, but an unencrypted connection (http) to the server. If '*' all proxies defined in SYS[proxyIP] use SSL.
96
		'reverseProxyPrefixSSL' => '',				// String: prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI) when SSL accessing the server via an SSL proxy. This setting overrides SYS[proxyPrefix].
92 97
	),
93 98
	'EXT' => Array (	// Options related to the Extension Management
94 99
		'noEdit' => 1,							// Boolean: If set, the Extension Manager does NOT allow extension files to be edited! (Otherwise both local and global extensions can be edited.)
......
186 191
			'ShortcutMenu::delete'       => 'typo3/classes/class.shortcutmenu.php:ShortcutMenu->deleteAjaxShortcut',
187 192
			'ShortcutMenu::create'       => 'typo3/classes/class.shortcutmenu.php:ShortcutMenu->createAjaxShortcut',
188 193
			'ModuleMenu::saveMenuState'  => 'typo3/classes/class.modulemenu.php:ModuleMenu->saveMenuState',
189
			'ModuleMenu::render'         => 'typo3/classes/class.modulemenu.php:ModuleMenu->renderAjax',
190
			'SC_mod_web_perm_ajax::dispatch' => 'typo3/mod/web/perm/class.sc_mod_web_perm_ajax.php:SC_mod_web_perm_ajax->dispatch'
194
			'ModuleMenu::render'         => 'typo3/classes/class.modulemenu.php:ModuleMenu->renderAjax'
191 195
		),
192 196
	),
193 197
	'FE' => Array(			// Configuration for the TypoScript frontend (FE). Nothing here relates to the administration backend!
t3lib/class.t3lib_div.php (working copy)
792 792
	}
793 793

  
794 794
	/**
795
	 * Validate a given IP address.
796
	 *
797
	 * Possible format are IPv4 and IPv6.
798
	 *
799
	 * @param	string		IP address to be tested
800
	 * @return	boolean		True if $ip is either of IPv4 or IPv6 format.
801
	 */
802
	public static function validIP($ip) {
803
		if (strpos($ip, ':') === false)	{
804
			return t3lib_div::validIPv4($ip);
805
		} else {
806
			return t3lib_div::validIPv6($ip);
807
		}
808
	}
809

  
810
	/**
811
	 * Validate a given IP address to the IPv4 address format.
812
	 *
813
	 * Example for possible format:  10.0.45.99
814
	 *
815
	 * @param	string		IP address to be tested
816
	 * @return	boolean		True if $ip is of IPv4 format.
817
	 */
818
	public static function validIPv4($ip) {
819
		$parts = explode('.', $ip);
820
		if (count($parts)==4 &&
821
			t3lib_div::testInt($parts[0]) && $parts[0]>=1 && $parts[0]<256 &&
822
			t3lib_div::testInt($parts[1]) && $parts[0]>=0 && $parts[0]<256 &&
823
			t3lib_div::testInt($parts[2]) && $parts[0]>=0 && $parts[0]<256 &&
824
			t3lib_div::testInt($parts[3]) && $parts[0]>=0 && $parts[0]<256)	{
825
			return true;
826
		} else {
827
			return false;
828
		}
829
	}
830

  
831
	/**
795 832
	 * Validate a given IP address to the IPv6 address format.
796 833
	 *
797 834
	 * Example for possible format:  43FB::BB3F:A0A0:0 | ::1
......
3188 3225
			Special extras:
3189 3226
				TYPO3_HOST_ONLY =		[host] = 192.168.1.4
3190 3227
				TYPO3_PORT =			[port] = 8080 (blank if 80, taken from host value)
3191
				TYPO3_REQUEST_HOST = 	[scheme]://[host][:[port]]
3228
				TYPO3_REQUEST_HOST = 		[scheme]://[host][:[port]]
3192 3229
				TYPO3_REQUEST_URL =		[scheme]://[host][:[port]][path]?[query] (scheme will by default be "http" until we can detect something different)
3193
				TYPO3_REQUEST_SCRIPT =  [scheme]://[host][:[port]][path_script]
3230
				TYPO3_REQUEST_SCRIPT =  	[scheme]://[host][:[port]][path_script]
3194 3231
				TYPO3_REQUEST_DIR =		[scheme]://[host][:[port]][path_dir]
3195 3232
				TYPO3_SITE_URL = 		[scheme]://[host][:[port]][path_dir] of the TYPO3 website frontend
3196
				TYPO3_SITE_SCRIPT = 	[script / Speaking URL] of the TYPO3 website
3197
				TYPO3_DOCUMENT_ROOT =	Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
3198
				TYPO3_SSL = 			Returns TRUE if this session uses SSL (HTTPS)
3233
				TYPO3_SITE_SCRIPT = 		[script / Speaking URL] of the TYPO3 website
3234
				TYPO3_DOCUMENT_ROOT =		Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
3235
				TYPO3_SSL = 			Returns TRUE if this session uses SSL/TLS (https)
3236
				TYPO3_PROXY = 			Returns TRUE if this session runs over a well known proxy
3199 3237

  
3200 3238
			Notice: [fragment] is apparently NEVER available to the script!
3201 3239

  
......
3214 3252
		switch ((string)$getEnvName)	{
3215 3253
			case 'SCRIPT_NAME':
3216 3254
				$retVal = (php_sapi_name()=='cgi'||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) ? ($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) : ($_SERVER['ORIG_SCRIPT_NAME']?$_SERVER['ORIG_SCRIPT_NAME']:$_SERVER['SCRIPT_NAME']);
3255
					// add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
3256
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
3257
					if (t3lib_div::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL']) {
3258
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL'].$retVal;
3259
					} elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix']) {
3260
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix'].$retVal;
3261
					}
3262
				}
3217 3263
			break;
3218 3264
			case 'SCRIPT_FILENAME':
3219 3265
				$retVal = str_replace('//','/', str_replace('\\','/', (php_sapi_name()=='cgi'||php_sapi_name()=='isapi' ||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME'])));
......
3226 3272
				} elseif (!$_SERVER['REQUEST_URI'])	{	// This is for ISS/CGI which does not have the REQUEST_URI available.
3227 3273
					$retVal = '/'.ereg_replace('^/','',t3lib_div::getIndpEnv('SCRIPT_NAME')).
3228 3274
						($_SERVER['QUERY_STRING']?'?'.$_SERVER['QUERY_STRING']:'');
3229
				} else $retVal = $_SERVER['REQUEST_URI'];
3275
				} else {
3276
					$retVal = $_SERVER['REQUEST_URI'];
3277
				}
3278
					// add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
3279
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
3280
					if (t3lib_div::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL']) {
3281
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL'].$retVal;
3282
					} elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix']) {
3283
						$retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix'].$retVal;
3284
					}
3285
				}
3230 3286
			break;
3231 3287
			case 'PATH_INFO':
3232 3288
					// $_SERVER['PATH_INFO']!=$_SERVER['SCRIPT_NAME'] is necessary because some servers (Windows/CGI) are seen to set PATH_INFO equal to script_name
3233 3289
					// Further, there must be at least one '/' in the path - else the PATH_INFO value does not make sense.
3234 3290
					// IF 'PATH_INFO' never works for our purpose in TYPO3 with CGI-servers, then 'php_sapi_name()=='cgi'' might be a better check. Right now strcmp($_SERVER['PATH_INFO'],t3lib_div::getIndpEnv('SCRIPT_NAME')) will always return false for CGI-versions, but that is only as long as SCRIPT_NAME is set equal to PATH_INFO because of php_sapi_name()=='cgi' (see above)
3235 3291
//				if (strcmp($_SERVER['PATH_INFO'],t3lib_div::getIndpEnv('SCRIPT_NAME')) && count(explode('/',$_SERVER['PATH_INFO']))>1)	{
3236
				if (php_sapi_name()!='cgi'&&php_sapi_name()!='cgi-fcgi')	{
3292
				if (php_sapi_name()!='cgi' && php_sapi_name()!='cgi-fcgi')	{
3237 3293
					$retVal = $_SERVER['PATH_INFO'];
3238 3294
				}
3239 3295
			break;
3296
			case 'TYPO3_REV_PROXY':
3297
				$retVal = t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP']);
3298
			break;
3299
			case 'REMOTE_ADDR':
3300
				$retVal = $_SERVER['REMOTE_ADDR'];
3301
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
3302
					$ip = t3lib_div::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
3303
						// choose which IP in list to use
3304
					if (count($ip)) {
3305
						switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
3306
							case 'last':
3307
								$ip = array_pop($ip);
3308
							break;
3309
							case 'first':
3310
								$ip = array_unshift($ip);
3311
							break;
3312
							case 'none':
3313
							default:
3314
								$ip = '';
3315
							break;
3316
						}
3317
					}
3318
					if (t3lib_div::validIP($ip)) {
3319
						$retVal = $ip;
3320
					}
3321
				}
3322
			break;
3323
			case 'HTTP_HOST':
3324
				$retVal = $_SERVER['HTTP_HOST'];
3325
				if (t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
3326
					$host = t3lib_div::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
3327
						// choose which host in list to use
3328
					if (count($host)) {
3329
						switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
3330
							case 'last':
3331
								$host = array_pop($host);
3332
							break;
3333
							case 'first':
3334
								$host = array_unshift($host);
3335
							break;
3336
							case 'none':
3337
							default:
3338
								$host = '';
3339
							break;
3340
						}
3341
					}
3342
					if ($host)	{
3343
						$retVal = $host;
3344
					}
3345
				}
3346
			break;
3240 3347
				// These are let through without modification
3241
			case 'REMOTE_ADDR':
3242
			case 'REMOTE_HOST':
3243 3348
			case 'HTTP_REFERER':
3244
			case 'HTTP_HOST':
3245 3349
			case 'HTTP_USER_AGENT':
3246 3350
			case 'HTTP_ACCEPT_ENCODING':
3247 3351
			case 'HTTP_ACCEPT_LANGUAGE':
3352
			case 'REMOTE_HOST':
3248 3353
			case 'QUERY_STRING':
3249 3354
				$retVal = $_SERVER[$getEnvName];
3250 3355
			break;
......
3265 3370
				$retVal = $DR;
3266 3371
			break;
3267 3372
			case 'TYPO3_HOST_ONLY':
3268
				$p = explode(':',$_SERVER['HTTP_HOST']);
3373
				$p = explode(':',t3lib_div::getIndpEnv('HTTP_HOST'));
3269 3374
				$retVal = $p[0];
3270 3375
			break;
3271 3376
			case 'TYPO3_PORT':
3272
				$p = explode(':',$_SERVER['HTTP_HOST']);
3377
				$p = explode(':',t3lib_div::getIndpEnv('HTTP_HOST'));
3273 3378
				$retVal = $p[1];
3274 3379
			break;
3275 3380
			case 'TYPO3_REQUEST_HOST':
3276 3381
				$retVal = (t3lib_div::getIndpEnv('TYPO3_SSL') ? 'https://' : 'http://').
3277
					$_SERVER['HTTP_HOST'];
3382
					t3lib_div::getIndpEnv('HTTP_HOST');
3278 3383
			break;
3279 3384
			case 'TYPO3_REQUEST_URL':
3280 3385
				$retVal = t3lib_div::getIndpEnv('TYPO3_REQUEST_HOST').t3lib_div::getIndpEnv('REQUEST_URI');
......
3298 3403
				$retVal = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'),strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL')));
3299 3404
			break;
3300 3405
			case 'TYPO3_SSL':
3301
				$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'on') || !strcmp($_SERVER['HTTPS'],'1') ? TRUE : FALSE;	// see http://bugs.typo3.org/view.php?id=3909
3406
				$proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxySSL'];
3407
				if ($proxySSL == '*') {
3408
					$proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'];
3409
				}
3410
				if ($proxySSL && t3lib_div::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
3411
					$retVal = true;
3412
				} else {
3413
					$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'on') || !strcmp($_SERVER['HTTPS'],'1') ? true : false;	// see http://bugs.typo3.org/view.php?id=3909
3414
				}
3302 3415
			break;
3303 3416
			case '_ARRAY':
3304 3417
				$out = array();
......
3318 3431
					TYPO3_SITE_URL,
3319 3432
					TYPO3_SITE_SCRIPT,
3320 3433
					TYPO3_SSL,
3434
					TYPO3_REV_PROXY,
3321 3435
					SCRIPT_NAME,
3322 3436
					TYPO3_DOCUMENT_ROOT,
3323 3437
					SCRIPT_FILENAME,
......
4903 5017
		return '\''.$value.'\'';
4904 5018
	}
4905 5019
}
4906
?>
5020
?>