[ticket/11215] Correct paths when path info is used for controller access #1102
Conversation
| $server_parameters['REQUEST_URI'] = $request_uri . $path_info; | ||
| $server_parameters['SCRIPT_NAME'] = ''; | ||
| $path = ''; | ||
| for ($i = 0; $i < $corrections; $i++) |
|
Accidentally closed it, it's still open. |
|
@igorw @p @naderman This is perhaps not the most elegant solution, but it is the best I could come up with, and I have tested it and it works. If anyone has any suggestions for something else, let me know; otherwise, this can be merged so that controllers can return to using path_info instead of the query string. |
| return $path; | ||
| } | ||
|
|
||
| $corrections = substr_count($path_info, '/'); |
There was a problem hiding this comment.
What about http://localhost/phpBB/./././?
There was a problem hiding this comment.
Any number of /././././... is automatically removed by the browser. At least, it is for me.
There was a problem hiding this comment.
Also, I just noticed this function https://github.com/phpbb/phpbb3/blob/develop/phpBB/includes/functions.php#L1055 which can be used to clean the path if needed.
|
Since I have not seen an explanation for how you arrived at this solution:
Then we can start to think about how a valid solution might be implemented. |
|
@p @igorw @naderman To bump this, I understand that this is not the most elegant solution. I'm just highly doubtful that we will find a very good solution that isn't going to completely redesign how we handle pathing. I have yet to find any issues with this patch, and am willing to work further on making it better, but I don't have the time or interest to go as in depth as was described in the previous comment. If someone would like to provide a better solution, they are welcome to. Until then, I'm convinced that a hacky solution is what we're going to have to live with for the time being. I would much rather have a hacky solution that works for 3.1 than wait until 4.0 to get better paths. |
|
Can you write tests for apache/mod_php, cgi and fastcgi that cover the functionality being discussed here? |
|
@p How do I specify certain tests for certain servers? |
|
I do not think this is covered by phpbb tests so you would need to implement it. |
|
Implementing these tests in wolis should be straightforward (but not trivial, it will still take some effort). If you want to pursue this option I can help you with it. |
|
I have very little familiarity with python, but am definitely willing to learn to use it if you don't mind helping me some. I'll take a look at wolis and we can go from there. |
|
@p To bump this, I did find this function http://php.net/manual/en/function.php-sapi-name.php that might come in handy. I don't think I understand how tests on different sapi's would differ, though. |
|
http environment variables may be set differently. |
…cess PHPBB3-11215
When Symfony Request calculates path info, both of the following URLs give "/" as the path info: ./app.php and ./app.php/ This commit ensures that the proper correction is made. PHPBB3-11215
* develop: (176 commits) [feature/bootstrap-dic] Bootstrap container from config.php [ticket/11548] Use new static methods for request and submit [ticket/10772] Updating tests [ticket/10772] Remove 3.1 code [ticket/11388] Add newlines at EOF [ticket/11388] INCLUDECSS [ticket/11548] Run array_map on complete error array and not just colour_error [ticket/11644] Skip phpbb_dbal_order_lower_test on MySQL 5.6 [ticket/11388] Do not append assets_version if using remote path (e.g. http) [ticket/11388] Fix typo [ticket/11388] Remove typehints (causing tests to fail) [ticket/11388] Disable cache if IN_INSTALL defined [ticket/11388] Do not modify by reference [ticket/11388] typehits [ticket/11388] INCLUDEJS test for //(url) [ticket/11388] INCLUDEJS supports //(url) [ticket/11388] Fixing includejs test [ticket/11388] includejs inherit from includeasset [feature/twig] Unit tests for includejs [ticket/8319] Add migration file for update change ...
PHPBB3-11215
* develop: (53 commits) [ticket/11671] Update composer.lock [ticket/11671] Update composer.lock [ticket/11671] Add phing as a dependency and upgrade deps [ticket/11668] Move lint test to the end for travis [ticket/11626] Remove last reference to template in ldap [ticket/11626] Remove LDAP dependency on template [develop-olympus] Increment version number to 3.0.13-dev. [develop-olympus] Add changelog for 3.0.12 release. [develop-olympus] Bump version numbers for 3.0.12-RC1 release. [develop-olympus] Bumping version numbers to final for 3.0.12 releases. [ticket/11669] Fix PHP bug #55124 (recursive mkdir on /./) [ticket/11668] Run lint test at the end of the test suite [ticket/11548] Fix test errors in groups test on develop [ticket/11548] Check upload avatar URL the same way as in phpBB 3.0 [ticket/11548] Fix incorrect usage of array_map on acp groups page [ticket/11665] Fix test class name [ticket/11664] Stop creating php.html file in root path in tests [ticket/11665] Can't change file names already sent to set_filenames [ticket/11662] Typos: occured -> occurred [ticket/11662] Typos: occured -> occurred ...
PHPBB3-112515
* develop: [ticket/11647] Always use & for URLs [ticket/11647] Allow custom ports [ticket/11647] Use $config for assets_version [ticket/11647] Fix invalid variable name [ticket/11647] New assets handling [ticket/11647] Fix tests for INCLUDEJS
* develop: (214 commits) [ticket/10999] Fix assets_version in ACP [prep-release-3.0.12] More changelog items for the 3.0.12 release. [ticket/11687] Add assets_version to phpbb_config [ticket/11670] Consistency with logo: Replace "phpBB(tm)" with "phpBB(R)". [ticket/11674] Do not include vendor folder if there are no dependencies. [ticket/11685] Remove logout confirmation page [ticket/11684] Remove useless confirmation page after login and admin login [ticket/9657] Define user before injecting [ticket/9657] Remove old code [ticket/9657] Keep approval state of posts/topics when copying them [ticket/9657] Add functional tests for forking a copy [ticket/9657] Add functional test for splitting topic [ticket/11112] Do not change opensource.org link to https [ticket/9657] Add functional test for restoring a post/topic [ticket/11112] Use https for user-visible links to phpbb.com [ticket/9657] Fix a little error when moving softdeleted topics [ticket/9657] Add unit tests for softdeleting and moving posts/topics [ticket/9657] Remove last references to m_restore permission [ticket/9657] Fix english language :( [ticket/9657] Notifications do not require emails or jabber anymore ...
* develop: [ticket/11675] Fix template loop [ticket/11690] Old module class names may get autoloaded by class_exists [ticket/9649] Display information on index for moderators on unapproved posts [ticket/11686] Not checking for phpBB Debug errors on functional tests [ticket/11553] Typo [ticket/11553] Replace bullet with unicode [ticket/11553] Move bulletin points to pseudo class [ticket/11600] Remove duplicate test case [ticket/11600] Use lowercase null and remove duplicate test cases [ticket/11600] Use local variable for $user in test_localize_errors [ŧicket/11600] Split get driver tests into tests for all and only enabled ones [ticket/11600] Increase code test coverage of avatar manager
* develop: [ticket/11694] Do not locate assets with root path
In tests, the old app.php?controller=foo structure was used. Instead it should be app.php/foo. PHPBB3-11215
Because we check to see if the rewrite module is available we don't have to comment the rewrite lines PHPBB3-11215
PHPBB3-11215
PHPBB3-11215
| @@ -1,12 +1,34 @@ | |||
| <IfModule mod_rewrite.c> | |||
| # | |||
| # Uncomment the following line if you will be using any of the URL | |||
There was a problem hiding this comment.
comment no longer necessary
PHPBB3-11215
|
Looks good to me |
[ticket/11215] Correct paths when path info is used for controller access
|
I'm missing tests for app.php ? It still needs to generate such URLs? |
|
What tests are you missing and what URLs are you talking about? |
|
urls with app.php?controller= when the php module is disabled? |
|
I'm assuming you mean with the apache module mod-rewrite? The urls are now phpbb.com/app.php/some/path when the rewriting is disabled. Mod rewrite isn't required for this functionality. Urls using rewriting will be phpbb.com/some/path |
http://tracker.phpbb.com/browse/PHPBB3-11215