Merge branch 'staging' of https://github.com/joomla/joomla-cms into s…

…taging

administrator/components/com_media/controllers/file.json.php

@@ -93,7 +93,8 @@ public function upload()
 
 			$filepath = JPath::clean($files['final']);
 
-			if (!$mediaHelper->canUpload($file, 'com_media'))
+			if (!$mediaHelper->canUpload($file, 'com_media')
+				|| strpos(realpath($fileparts['dirname']), JPath::clean(COM_MEDIA_BASE)) !== 0)
 			{
 				try
 				{

administrator/components/com_media/controllers/file.php

@@ -114,6 +114,13 @@ public function upload()
 			// We need a url safe name
 			$fileparts = pathinfo(COM_MEDIA_BASE . '/' . $this->folder . '/' . $file['name']);
 
+			if (strpos(realpath($fileparts['dirname']), JPath::clean(COM_MEDIA_BASE)) !== 0)
+			{
+				JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNINVALID_FOLDER'));
+
+				return false;
+			}
+
 			// Transform filename to punycode, check extension and transform it to lowercase
 			$fileparts['filename'] = JStringPunycode::toPunycode($fileparts['filename']);
 			$tempExt = !empty($fileparts['extension']) ? strtolower($fileparts['extension']) : '';
@@ -274,6 +281,17 @@ public function delete()
 		$ret = true;
 
 		$safePaths = array_intersect($paths, array_map(array('JFile', 'makeSafe'), $paths));
+
+		foreach ($safePaths as $key => $path)
+		{
+			$fullPath = implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path));
+
+			if (strpos(realpath($fullPath), JPath::clean(COM_MEDIA_BASE)) !== 0)
+			{
+				unset($safePaths[$key]);
+			}
+		}
+
 		$unsafePaths = array_diff($paths, $safePaths);
 
 		foreach ($unsafePaths as $path)

administrator/components/com_media/controllers/folder.php

@@ -87,6 +87,14 @@ public function delete()
 		foreach ($safePaths as $path)
 		{
 			$fullPath = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
+
+			if (strpos(realpath($fullPath), JPath::clean(COM_MEDIA_BASE)) !== 0)
+			{
+				JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNINVALID_FOLDER'));
+
+				continue;
+			}
+
 			$object_file = new JObject(array('filepath' => $fullPath));
 
 			if (is_file($object_file->filepath))
@@ -190,6 +198,14 @@ public function create()
 
 			$path = JPath::clean(COM_MEDIA_BASE . '/' . $parent . '/' . $folder);
 
+			if (strpos(realpath(COM_MEDIA_BASE . '/' . $parent), JPath::clean(COM_MEDIA_BASE)) !== 0)
+			{
+				$app = JFactory::getApplication();
+				$app->enqueueMessage(JText::_('COM_MEDIA_ERROR_WARNINVALID_FOLDER'));
+
+				return false;
+			}
+
 			if (!is_dir($path) && !is_file($path))
 			{
 				// Trigger the onContentBeforeSave event.

administrator/components/com_media/models/list.php

@@ -113,6 +113,12 @@ public function getList()
 		$basePath  = COM_MEDIA_BASE . ((strlen($current) > 0) ? '/' . $current : '');
 		$mediaBase = str_replace(DIRECTORY_SEPARATOR, '/', COM_MEDIA_BASE . '/');
 
+		// Reset base path
+		if (strpos(realpath($basePath), JPath::clean(COM_MEDIA_BASE)) !== 0)
+		{
+			$basePath = COM_MEDIA_BASE;
+		}
+
 		$images  = array ();
 		$folders = array ();
 		$docs    = array ();

administrator/language/en-GB/en-GB.com_languages.ini

@@ -40,7 +40,7 @@ COM_LANGUAGES_OVERRIDE_FIELD_SEARCHTYPE_TEXT="Value"
 COM_LANGUAGES_OVERRIDE_FIRST_SELECT_MESSAGE="To create a new override, please first select a language and client."
 COM_LANGUAGES_OVERRIDE_SELECT_LANGUAGE="- Select Language & Client -"
 COM_LANGUAGES_FIELD_PUBLISHED_DESC="Whether this content language is published or not. If published, it will display as a choice in the Language Switcher module in Frontend."
-COM_LANGUAGES_FIELD_LANG_CODE_DESC="This Language Code will be appended to the site URL. When SEF is enabled, you will get http://example.com/en/. If SEF is disabled the suffix &amp;lang=en will be appended at the end of the URL. Note <em>the Language Code must be unique among all the languages</em>."
+COM_LANGUAGES_FIELD_LANG_CODE_DESC="This Language Code will be appended to the site URL. When SEF is enabled, you will get https://example.com/en/. If SEF is disabled the suffix &amp;lang=en will be appended at the end of the URL. Note <em>the Language Code must be unique among all the languages</em>."
 COM_LANGUAGES_FIELD_LANG_CODE_LABEL="URL Language Code"
 COM_LANGUAGES_FIELD_SITE_NAME_DESC="Enter a custom site name for this content language. If the site name is set to display, this custom site name will be used instead of the Global Configuration setting."
 COM_LANGUAGES_FIELD_SITE_NAME_LABEL="Custom Site Name"

administrator/language/en-GB/en-GB.com_media.ini

@@ -45,6 +45,7 @@ COM_MEDIA_ERROR_WARNFILETOOLARGE="This file is too large to upload."
 COM_MEDIA_ERROR_WARNFILETYPE="This file type is not supported."
 COM_MEDIA_ERROR_WARNIEXSS="Possible IE XSS Attack found."
 COM_MEDIA_ERROR_WARNINVALID_IMG="Not a valid image."
+COM_MEDIA_ERROR_WARNINVALID_FOLDER="Invalid folder provided."
 COM_MEDIA_ERROR_WARNINVALID_MIME="Illegal or invalid mime type detected."
 COM_MEDIA_ERROR_WARNNOTADMIN="Uploaded file is not an image file and you are not a manager or higher."
 COM_MEDIA_ERROR_WARNNOTEMPTY="Not empty!"

administrator/language/en-GB/en-GB.com_modules.ini

@@ -43,6 +43,7 @@ COM_MODULES_FIELD_CLIENT_ID_DESC="The location of the module, Frontend or Backen
 COM_MODULES_FIELD_CLIENT_ID_LABEL="Module Location"
 COM_MODULES_FIELD_CONTENT_DESC="Text"
 COM_MODULES_FIELD_CONTENT_LABEL="Text"
+COM_MODULES_FIELD_CONTENT_TOO_LARGE="The content exceeds allowed limits"
 COM_MODULES_FIELD_MODULE_DESC="Module type."
 COM_MODULES_FIELD_MODULE_LABEL="Module Type"
 COM_MODULES_FIELD_MODULECLASS_SFX_DESC="A suffix to be applied to the CSS class of the module. This allows for individual module styling."

administrator/language/en-GB/en-GB.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <metafile version="3.8" client="administrator">
 	<name>English (en-GB)</name>
-	<version>3.9.5</version>
+	<version>3.9.6</version>
 	<creationDate>April 2019</creationDate>
 	<author>Joomla! Project</author>
 	<authorEmail>admin@joomla.org</authorEmail>

administrator/language/en-GB/install.xml

@@ -2,7 +2,7 @@
 <extension version="3.8" client="administrator" type="language" method="upgrade">
 	<name>English (en-GB)</name>
 	<tag>en-GB</tag>
-	<version>3.9.5</version>
+	<version>3.9.6</version>
 	<creationDate>April 2019</creationDate>
 	<author>Joomla! Project</author>
 	<authorEmail>admin@joomla.org</authorEmail>

administrator/manifests/files/joomla.xml

@@ -6,7 +6,7 @@
 	<authorUrl>www.joomla.org</authorUrl>
 	<copyright>(C) 2005 - 2019 Open Source Matters. All rights reserved</copyright>
 	<license>GNU General Public License version 2 or later; see LICENSE.txt</license>
-	<version>3.9.5-dev</version>
+	<version>3.9.6-dev</version>
 	<creationDate>April 2019</creationDate>
 	<description>FILES_JOOMLA_XML_DESCRIPTION</description>
 

administrator/manifests/packages/pkg_en-GB.xml

@@ -2,7 +2,7 @@
 <extension type="package" version="3.8" method="upgrade">
 	<name>English (en-GB) Language Pack</name>
 	<packagename>en-GB</packagename>
-	<version>3.9.5.1</version>
+	<version>3.9.6.1</version>
 	<creationDate>April 2019</creationDate>
 	<author>Joomla! Project</author>
 	<authorEmail>admin@joomla.org</authorEmail>

components/com_users/controllers/profile_base_json.php

@@ -28,6 +28,11 @@ public function gethelpsites()
 	{
 		jimport('joomla.filesystem.file');
 
+		if (JFactory::getUser()->guest)
+		{
+			throw new Exception(JText::_('JERROR_ALERTNOAUTHOR'));
+		}
+
 		// Set FTP credentials, if given
 		JClientHelper::setCredentialsFromRequest('ftp');
 

installation/language/en-GB/en-GB.xml

@@ -3,7 +3,7 @@
 	version="3.8"
 	client="installation">
 	<name>English (United Kingdom)</name>
-	<version>3.9.5</version>
+	<version>3.9.6</version>
 	<creationDate>April 2019</creationDate>
 	<author>Joomla! Project</author>
 	<copyright>Copyright (C) 2005 - 2019 Open Source Matters. All rights reserved.</copyright>