From 6395639345b9111ed0aab4af880a152389117212 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 11 Jul 2024 20:35:26 +0200 Subject: [PATCH 01/16] [ticket/12479] Remove deprecated functions PHPBB-12479 --- phpBB/includes/functions_compatibility.php | 488 ------------------- phpBB/phpbb/files/filespec.php | 2 +- phpBB/phpbb/plupload/plupload.php | 3 +- tests/functions/get_remote_file_test.php | 80 --- tests/log/function_add_log_test.php | 52 +- tests/version/version_helper_remote_test.php | 61 +++ 6 files changed, 112 insertions(+), 574 deletions(-) delete mode 100644 tests/functions/get_remote_file_test.php diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 85ec1bd449a..a6b5d26d3f6 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,196 +19,6 @@ exit; } -/** -* Hash the password -* -* @deprecated 3.1.0-a2 (To be removed: 4.0.0) -* -* @param string $password Password to be hashed -* -* @return string|bool Password hash or false if something went wrong during hashing -*/ -function phpbb_hash($password) -{ - global $phpbb_container; - - /* @var $passwords_manager \phpbb\passwords\manager */ - $passwords_manager = $phpbb_container->get('passwords.manager'); - return $passwords_manager->hash($password); -} - -/** -* Check for correct password -* -* @deprecated 3.1.0-a2 (To be removed: 4.0.0) -* -* @param string $password The password in plain text -* @param string $hash The stored password hash -* -* @return bool Returns true if the password is correct, false if not. -*/ -function phpbb_check_hash($password, $hash) -{ - global $phpbb_container; - - /* @var $passwords_manager \phpbb\passwords\manager */ - $passwords_manager = $phpbb_container->get('passwords.manager'); - return $passwords_manager->check($password, $hash); -} - -/** -* Eliminates useless . and .. components from specified path. -* -* Deprecated, use storage helper class instead -* -* @param string $path Path to clean -* @return string Cleaned path -* -* @deprecated 3.1.0 (To be removed: 4.0.0) -*/ -function phpbb_clean_path($path) -{ - return \phpbb\filesystem\helper::clean_path($path); -} - -/** -* Pick a timezone -* -* @param string $default A timezone to select -* @param boolean $truncate Shall we truncate the options text -* -* @return string Returns the options for timezone selector only -* -* @deprecated 3.1.0 (To be removed: 4.0.0) -*/ -function tz_select($default = '', $truncate = false) -{ - global $user; - - return phpbb_timezone_select($user, $default, $truncate); -} - -/** -* Cache moderators. Called whenever permissions are changed -* via admin_permissions. Changes of usernames and group names -* must be carried through for the moderators table. -* -* @deprecated 3.1.0 (To be removed: 4.0.0) -* @return void -*/ -function cache_moderators() -{ - global $db, $cache, $auth, $phpbb_container; - phpbb_cache_moderators($db, $phpbb_container->get('dbal.tools'), $cache, $auth); -} - -/** -* Removes moderators and administrators from foe lists. -* -* @deprecated 3.1.0 (To be removed: 4.0.0) -* @param array|bool $group_id If an array, remove all members of this group from foe lists, or false to ignore -* @param array|bool $user_id If an array, remove this user from foe lists, or false to ignore -* @return void -*/ -function update_foes($group_id = false, $user_id = false) -{ - global $db, $auth; - return phpbb_update_foes($db, $auth, $group_id, $user_id); -} - -/** -* Get user rank title and image -* -* @param int $user_rank the current stored users rank id -* @param int $user_posts the users number of posts -* @param string &$rank_title the rank title will be stored here after execution -* @param string &$rank_img the rank image as full img tag is stored here after execution -* @param string &$rank_img_src the rank image source is stored here after execution -* -* @deprecated 3.1.0-RC5 (To be removed: 4.0.0) -* -* Note: since we do not want to break backwards-compatibility, this function will only properly assign ranks to guests if you call it for them with user_posts == false -*/ -function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src) -{ - global $phpbb_root_path, $phpEx; - if (!function_exists('phpbb_get_user_rank')) - { - include($phpbb_root_path . 'includes/functions_display.' . $phpEx); - } - - $rank_data = phpbb_get_user_rank(array('user_rank' => $user_rank), $user_posts); - $rank_title = $rank_data['title']; - $rank_img = $rank_data['img']; - $rank_img_src = $rank_data['img_src']; -} - -/** - * Retrieve contents from remotely stored file - * - * @deprecated 3.1.2 Use file_downloader instead - */ -function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6) -{ - global $phpbb_container; - - // Get file downloader and assign $errstr and $errno - /* @var $file_downloader \phpbb\file_downloader */ - $file_downloader = $phpbb_container->get('file_downloader'); - - $file_data = $file_downloader->get($host, $directory, $filename, $port, $timeout); - $errstr = $file_downloader->get_error_string(); - $errno = $file_downloader->get_error_number(); - - return $file_data; -} - -/** - * Add log entry - * - * string $mode The mode defines which log_type is used and from which log the entry is retrieved - * int $forum_id Mode 'mod' ONLY: forum id of the related item, NOT INCLUDED otherwise - * int $topic_id Mode 'mod' ONLY: topic id of the related item, NOT INCLUDED otherwise - * int $reportee_id Mode 'user' ONLY: user id of the reportee, NOT INCLUDED otherwise - * string $log_operation Name of the operation - * array $additional_data More arguments can be added, depending on the log_type - * - * @return int|bool Returns the log_id, if the entry was added to the database, false otherwise. - * - * @deprecated 3.1.0 (To be removed: 4.0.0) - */ -function add_log() -{ - global $phpbb_log, $user; - - $args = func_get_args(); - $mode = array_shift($args); - - // This looks kind of dirty, but add_log has some additional data before the log_operation - $additional_data = array(); - switch ($mode) - { - case 'admin': - case 'critical': - break; - case 'mod': - $additional_data['forum_id'] = array_shift($args); - $additional_data['topic_id'] = array_shift($args); - break; - case 'user': - $additional_data['reportee_id'] = array_shift($args); - break; - } - - $log_operation = array_shift($args); - $additional_data = array_merge($additional_data, $args); - - $user_id = (empty($user->data)) ? ANONYMOUS : $user->data['user_id']; - $user_ip = (empty($user->ip)) ? '' : $user->ip; - - return $phpbb_log->add($mode, $user_id, $user_ip, $log_operation, time(), $additional_data); -} - /** * Sets a configuration option's value. * @@ -330,125 +140,6 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false, $ return $tmp_request->variable($var_name, $default, $multibyte, ($cookie) ? \phpbb\request\request_interface::COOKIE : \phpbb\request\request_interface::REQUEST); } -/** - * Get tables of a database - * - * @deprecated 3.1.0 (To be removed: 4.0.0) - */ -function get_tables($db) -{ - throw new BadFunctionCallException('function removed from phpBB core, use db_tools service instead.'); -} - -/** - * Global function for chmodding directories and files for internal use - * - * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions. - * The function determines owner and group from common.php file and sets the same to the provided file. - * The function uses bit fields to build the permissions. - * The function sets the appropiate execute bit on directories. - * - * Supported constants representing bit fields are: - * - * CHMOD_ALL - all permissions (7) - * CHMOD_READ - read permission (4) - * CHMOD_WRITE - write permission (2) - * CHMOD_EXECUTE - execute permission (1) - * - * NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions. - * - * @param string $filename The file/directory to be chmodded - * @param int $perms Permissions to set - * - * @return bool true on success, otherwise false - * - * @deprecated 3.2.0-dev use \phpbb\filesystem\filesystem::phpbb_chmod() instead - */ -function phpbb_chmod($filename, $perms = CHMOD_READ) -{ - global $phpbb_filesystem; - - try - { - $phpbb_filesystem->phpbb_chmod($filename, $perms); - } - catch (\phpbb\filesystem\exception\filesystem_exception $e) - { - return false; - } - - return true; -} - -/** - * Test if a file/directory is writable - * - * This function calls the native is_writable() when not running under - * Windows and it is not disabled. - * - * @param string $file Path to perform write test on - * @return bool True when the path is writable, otherwise false. - * - * @deprecated 3.2.0-dev use \phpbb\filesystem\filesystem::is_writable() instead - */ -function phpbb_is_writable($file) -{ - global $phpbb_filesystem; - - return $phpbb_filesystem->is_writable($file); -} - -/** - * Checks if a path ($path) is absolute or relative - * - * @param string $path Path to check absoluteness of - * @return boolean - * - * @deprecated 3.2.0-dev use \phpbb\filesystem\helper::is_absolute_path() instead - */ -function phpbb_is_absolute($path) -{ - return \phpbb\filesystem\helper::is_absolute_path($path); -} - -/** - * A wrapper for realpath - * - * @deprecated 3.2.0-dev use \phpbb\filesystem\helper::realpath() instead - */ -function phpbb_realpath($path) -{ - return \phpbb\filesystem\helper::realpath($path); -} - -/** - * Determine which plural form we should use. - * For some languages this is not as simple as for English. - * - * @param int $rule ID of the plural rule we want to use, see https://area51.phpbb.com/docs/dev/3.3.x/language/plurals.html - * @param int|float $number The number we want to get the plural case for. Float numbers are floored. - * @return int The plural-case we need to use for the number plural-rule combination - * - * @deprecated 3.2.0-dev (To be removed: 4.0.0) - */ -function phpbb_get_plural_form($rule, $number) -{ - global $phpbb_container; - - /** @var \phpbb\language\language $language */ - $language = $phpbb_container->get('language'); - return $language->get_plural_form($number, $rule); -} - -/** -* @return bool Always true -* @deprecated 3.2.0-dev -*/ -function phpbb_pcre_utf8_support() -{ - return true; -} - /** * Casts a variable to the given type. * @@ -461,142 +152,6 @@ function set_var(&$result, $var, $type, $multibyte = false) $type_cast_helper->set_var($result, $var, $type, $multibyte); } -/** - * Delete Attachments - * - * @deprecated 3.2.0-a1 (To be removed: 4.0.0) - * - * @param string $mode can be: post|message|topic|attach|user - * @param mixed $ids can be: post_ids, message_ids, topic_ids, attach_ids, user_ids - * @param bool $resync set this to false if you are deleting posts or topics - */ -function delete_attachments($mode, $ids, $resync = true) -{ - global $phpbb_container; - - /** @var \phpbb\attachment\manager $attachment_manager */ - $attachment_manager = $phpbb_container->get('attachment.manager'); - $num_deleted = $attachment_manager->delete($mode, $ids, $resync); - - unset($attachment_manager); - - return $num_deleted; -} - -/** - * Delete attached file - * - * @deprecated 3.2.0-a1 (To be removed: 4.0.0) - */ -function phpbb_unlink($filename, $mode = 'file', $entry_removed = false) -{ - global $phpbb_container; - - /** @var \phpbb\attachment\manager $attachment_manager */ - $attachment_manager = $phpbb_container->get('attachment.manager'); - $unlink = $attachment_manager->unlink($filename, $mode, $entry_removed); - unset($attachment_manager); - - return $unlink; -} - -/** - * Display reasons - * - * @deprecated 3.2.0-dev (To be removed: 4.0.0) - */ -function display_reasons($reason_id = 0) -{ - global $phpbb_container; - - $phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id); -} - -/** - * Upload Attachment - filedata is generated here - * Uses upload class - * - * @deprecated 3.2.0-a1 (To be removed: 4.0.0) - * - * @param string $form_name The form name of the file upload input - * @param int $forum_id The id of the forum - * @param bool $local Whether the file is local or not - * @param string $local_storage The path to the local file - * @param bool $is_message Whether it is a PM or not - * @param array $local_filedata A filespec object created for the local file - * - * @return array File data array - */ -function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false) -{ - global $phpbb_container; - - /** @var \phpbb\attachment\manager $attachment_manager */ - $attachment_manager = $phpbb_container->get('attachment.manager'); - $file = $attachment_manager->upload($form_name, $forum_id, $local, $local_storage, $is_message, $local_filedata); - unset($attachment_manager); - - return $file; -} - -/** -* Wrapper for php's checkdnsrr function. -* -* @param string $host Fully-Qualified Domain Name -* @param string $type Resource record type to lookup -* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME -* Other types may work or may not work -* -* @return bool|null true if entry found, -* false if entry not found, -* null if this function is not supported by this environment -* -* Since null can also be returned, you probably want to compare the result -* with === true or === false, -* -* @deprecated 3.3.0-b2 (To be removed: 4.0.0) -*/ -function phpbb_checkdnsrr($host, $type = 'MX') -{ - return checkdnsrr($host, $type); -} - -/* - * Wrapper for inet_ntop() - * - * Converts a packed internet address to a human readable representation - * inet_ntop() is supported by PHP since 5.1.0, since 5.3.0 also on Windows. - * - * @param string $in_addr A 32bit IPv4, or 128bit IPv6 address. - * - * @return mixed false on failure, - * string otherwise - * - * @deprecated 3.3.0-b2 (To be removed: 4.0.0) - */ -function phpbb_inet_ntop($in_addr) -{ - return inet_ntop($in_addr); -} - -/** - * Wrapper for inet_pton() - * - * Converts a human readable IP address to its packed in_addr representation - * inet_pton() is supported by PHP since 5.1.0, since 5.3.0 also on Windows. - * - * @param string $address A human readable IPv4 or IPv6 address. - * - * @return false|string false if address is invalid, - * in_addr representation of the given address otherwise (string) - * - * @deprecated 3.3.0-b2 (To be removed: 4.0.0) - */ -function phpbb_inet_pton($address) -{ - return inet_pton($address); -} - /** * Hashes an email address to a big integer * @@ -829,25 +384,6 @@ function phpbb_to_numeric($input) return ($input > PHP_INT_MAX) ? (float) $input : (int) $input; } -/** -* Check and display the SQL report if requested. -* -* @param \phpbb\request\request_interface $request Request object -* @param \phpbb\auth\auth $auth Auth object -* @param \phpbb\db\driver\driver_interface $db Database connection -* -* @deprecated 3.3.1 (To be removed: 4.0.0-a1); use controller helper's display_sql_report() -*/ -function phpbb_check_and_display_sql_report(\phpbb\request\request_interface $request, \phpbb\auth\auth $auth, \phpbb\db\driver\driver_interface $db) -{ - global $phpbb_container; - - /** @var \phpbb\controller\helper $controller_helper */ - $controller_helper = $phpbb_container->get('controller.helper'); - - $controller_helper->display_sql_report(); -} - /** * Parse cfg file * @param string $filename @@ -909,27 +445,3 @@ function parse_cfg_file($filename, $lines = false) return $parsed_items; } - -/** -* Wraps an url into a simple html page. Used to display attachments in IE. -* this is a workaround for now; might be moved to template system later -* direct any complaints to 1 Microsoft Way, Redmond -* -* @deprecated: 3.3.0-dev (To be removed: 4.0.0) -*/ -function wrap_img_in_html($src, $title) -{ - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo '' . $title . ''; - echo ''; - echo ''; - echo '
'; - echo '' . $title . ''; - echo '
'; - echo ''; - echo ''; -} diff --git a/phpBB/phpbb/files/filespec.php b/phpBB/phpbb/files/filespec.php index 6e4c224e392..48e9284f693 100644 --- a/phpBB/phpbb/files/filespec.php +++ b/phpBB/phpbb/files/filespec.php @@ -398,7 +398,7 @@ public function check_content($disallowed_content) * @param bool $overwrite If set to true, an already existing file will be overwritten * @param bool $skip_image_check If set to true, the check for the file to be a valid image is skipped * @param string|bool $chmod Permission mask for chmodding the file after a successful move. - * The mode entered here reflects the mode defined by {@link phpbb_chmod()} + * The mode entered here reflects the mode defined by {@link \phpbb\filesystem\filesystem::phpbb_chmod()} * * @return bool True if file was moved, false if not * @access public diff --git a/phpBB/phpbb/plupload/plupload.php b/phpBB/phpbb/plupload/plupload.php index db5a1d6dd91..18fdfe588de 100644 --- a/phpBB/phpbb/plupload/plupload.php +++ b/phpBB/phpbb/plupload/plupload.php @@ -344,8 +344,9 @@ protected function integrate_uploaded_file($form_name, $chunk, $file_path) } $tmp_file = $this->temporary_filepath($upload['tmp_name']); + $filesystem = new \phpbb\filesystem\filesystem(); - if (!phpbb_is_writable($this->temporary_directory) || !move_uploaded_file($upload['tmp_name'], $tmp_file)) + if (!$filesystem->is_writable($this->temporary_directory) || !move_uploaded_file($upload['tmp_name'], $tmp_file)) { $this->emit_error(103, 'PLUPLOAD_ERR_MOVE_UPLOADED'); } diff --git a/tests/functions/get_remote_file_test.php b/tests/functions/get_remote_file_test.php deleted file mode 100644 index c0330d01f8a..00000000000 --- a/tests/functions/get_remote_file_test.php +++ /dev/null @@ -1,80 +0,0 @@ - -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -/** -* @group slow -*/ -class phpbb_functions_get_remote_file extends phpbb_test_case -{ - public function test_version_phpbb_com() - { - global $phpbb_container; - $phpbb_container = new phpbb_mock_container_builder(); - $phpbb_container->set('file_downloader', new \phpbb\file_downloader()); - - $hostname = 'version.phpbb.com'; - - if (!checkdnsrr($hostname, 'A')) - { - $this->markTestSkipped(sprintf( - 'Could not find a DNS record for hostname %s. ' . - 'Assuming network is down.', - $hostname - )); - } - - $errstr = $errno = null; - $file = get_remote_file($hostname, '/phpbb', '30x.txt', $errstr, $errno); - - $this->assertNotEquals( - 0, - strlen($file), - 'Failed asserting that the response is not empty.' - ); - - $this->assertSame( - '', - $errstr, - 'Failed asserting that the error string is empty.' - ); - - $this->assertSame( - 0, - $errno, - 'Failed asserting that the error number is 0 (i.e. no error occurred).' - ); - - $lines = explode("\n", $file); - - $this->assertGreaterThanOrEqual( - 2, - count($lines), - 'Failed asserting that the version file has at least two lines.' - ); - - $this->assertStringStartsWith( - '3.', - $lines[0], - "Failed asserting that the first line of the version file starts with '3.'" - ); - - $this->assertNotSame( - false, - filter_var($lines[1], FILTER_VALIDATE_URL), - 'Failed asserting that the second line of the version file is a valid URL.' - ); - - $this->assertStringContainsString('http', $lines[1]); - $this->assertStringContainsString('phpbb.com', $lines[1], '', true); - } -} diff --git a/tests/log/function_add_log_test.php b/tests/log/function_add_log_test.php index bcb4db0705b..8d89c15ab89 100644 --- a/tests/log/function_add_log_test.php +++ b/tests/log/function_add_log_test.php @@ -172,19 +172,63 @@ public function test_add_log_function($expected, $user_id, $mode, $required1, $a if ($additional3 != null) { - add_log($mode, $required1, $additional1, $additional2, $additional3); + $additional_data = [ + 'forum_id' => $required1, + 'topic_id' => $additional1, + $additional3, + ]; + $phpbb_log->add($mode, $user_id, '', $additional2, false, $additional_data); } else if ($additional2 != null) { - add_log($mode, $required1, $additional1, $additional2); + if ($mode == 'user') + { + $additional_data = [ + 'reportee_id' => $required1, + $additional2, + ]; + $log_operation = $additional1; + } + else if ($mode == 'mod') + { + $additional_data = [ + 'forum_id' => $required1, + 'topic_id' => $additional1, + ]; + $log_operation = $additional2; + } + else + { + $log_operation = $required1; + $additional_data = [ + $additional1, + $additional2, + ]; + } + $phpbb_log->add($mode, $user_id, '', $log_operation, false, $additional_data); } else if ($additional1 != null) { - add_log($mode, $required1, $additional1); + if ($mode == 'user') + { + $additional_data = [ + 'reportee_id' => $required1, + ]; + $log_operation = $additional1; + } + else + { + $log_operation = $required1; + $additional_data = [ + $additional1, + ]; + } + + $phpbb_log->add($mode, $user_id, '', $log_operation, false, $additional_data); } else { - add_log($mode, $required1); + $phpbb_log->add($mode, $user_id, '', $required1); } $result = $db->sql_query('SELECT user_id, log_type, log_operation, log_data, reportee_id, forum_id, topic_id diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index de88c281ffb..02a811b5399 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -224,4 +224,65 @@ public function test_get_versions($input, $valid_data, $expected_return = '', $e $this->assertEquals($expected_return, $return); } + + public function test_version_phpbb_com() + { + $file_downloader = new \phpbb\file_downloader(); + + $hostname = 'version.phpbb.com'; + + if (!checkdnsrr($hostname, 'A')) + { + $this->markTestSkipped(sprintf( + 'Could not find a DNS record for hostname %s. ' . + 'Assuming network is down.', + $hostname + )); + } + + $file = $file_downloader->get($hostname, '/phpbb', '30x.txt'); + $errstr = $file_downloader->get_error_string(); + $errno = $file_downloader->get_error_number(); + + $this->assertNotEquals( + 0, + strlen($file), + 'Failed asserting that the response is not empty.' + ); + + $this->assertSame( + '', + $errstr, + 'Failed asserting that the error string is empty.' + ); + + $this->assertSame( + 0, + $errno, + 'Failed asserting that the error number is 0 (i.e. no error occurred).' + ); + + $lines = explode("\n", $file); + + $this->assertGreaterThanOrEqual( + 2, + count($lines), + 'Failed asserting that the version file has at least two lines.' + ); + + $this->assertStringStartsWith( + '3.', + $lines[0], + "Failed asserting that the first line of the version file starts with '3.'" + ); + + $this->assertNotSame( + false, + filter_var($lines[1], FILTER_VALIDATE_URL), + 'Failed asserting that the second line of the version file is a valid URL.' + ); + + $this->assertStringContainsString('http', $lines[1]); + $this->assertStringContainsString('phpbb.com', $lines[1], '', true); + } } From e6e445395f2c84166bfe28233188c8b335d0133a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 11 Jul 2024 21:12:34 +0200 Subject: [PATCH 02/16] [ticket/12479] Update hash test PHPBB-12479 --- tests/security/hash_test.php | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/tests/security/hash_test.php b/tests/security/hash_test.php index 49eefa34116..3c99a70200b 100644 --- a/tests/security/hash_test.php +++ b/tests/security/hash_test.php @@ -40,16 +40,26 @@ protected function setUp(): void public function test_check_hash_with_phpass() { - $this->assertTrue(phpbb_check_hash('test', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); - $this->assertTrue(phpbb_check_hash('test', '$P$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); - $this->assertFalse(phpbb_check_hash('foo', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + global $phpbb_container;; + + /** @var \phpbb\passwords\manager $passwords_manager */ + $passwords_manager = $phpbb_container->get('passwords.manager'); + + $this->assertTrue($passwords_manager->check('test', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertTrue($passwords_manager->check('test', '$P$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertFalse($passwords_manager->check('foo', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); } public function test_check_hash_with_large_input() { + global $phpbb_container;; + + /** @var \phpbb\passwords\manager $passwords_manager */ + $passwords_manager = $phpbb_container->get('passwords.manager'); + // 16 MB password, should be rejected quite fast $start_time = time(); - $this->assertFalse(phpbb_check_hash(str_repeat('a', 1024 * 1024 * 16), '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertFalse($passwords_manager->check(str_repeat('a', 1024 * 1024 * 16), '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); $this->assertLessThanOrEqual(5, time() - $start_time); } } From 54ba185d8217d74e508855621b74a63fce07ab80 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 11 Jul 2024 21:30:44 +0200 Subject: [PATCH 03/16] [ticket/12479] Remove deprecated phpbb\filesystem class PHPBB-12479 --- phpBB/phpbb/filesystem.php | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 phpBB/phpbb/filesystem.php diff --git a/phpBB/phpbb/filesystem.php b/phpBB/phpbb/filesystem.php deleted file mode 100644 index 6ac94593313..00000000000 --- a/phpBB/phpbb/filesystem.php +++ /dev/null @@ -1,21 +0,0 @@ - -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -namespace phpbb; - -/** - * @deprecated 3.2.0-dev (To be removed 4.0.0) use \phpbb\filesystem\filesystem instead - */ -class filesystem extends \phpbb\filesystem\filesystem -{ -} From 06d226f292ecad19a646b302dfe28c00d425b1bf Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 11 Jul 2024 21:43:46 +0200 Subject: [PATCH 04/16] [ticket/12479] Remove set_config and set_config_count PHPBB-12479 --- phpBB/includes/compatibility_globals.php | 2 - phpBB/includes/functions_compatibility.php | 60 ------------------- .../generate_text_for_display_test.php | 1 - .../generate_text_for_storage_test.php | 1 - 4 files changed, 64 deletions(-) diff --git a/phpBB/includes/compatibility_globals.php b/phpBB/includes/compatibility_globals.php index df152c81ab7..f1f5dd8321a 100644 --- a/phpBB/includes/compatibility_globals.php +++ b/phpBB/includes/compatibility_globals.php @@ -67,8 +67,6 @@ function register_compatibility_globals() // Grab global variables, re-cache if necessary /* @var $config phpbb\config\db */ $config = $phpbb_container->get('config'); - set_config('', '', false, $config); - set_config_count('', 0, false, $config); /* @var $phpbb_log \phpbb\log\log_interface */ $phpbb_log = $phpbb_container->get('log'); diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index a6b5d26d3f6..13563d79ef0 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,66 +19,6 @@ exit; } -/** - * Sets a configuration option's value. - * - * Please note that this function does not update the is_dynamic value for - * an already existing config option. - * - * @param string $config_name The configuration option's name - * @param string $config_value New configuration value - * @param bool $is_dynamic Whether this variable should be cached (false) or - * if it changes too frequently (true) to be - * efficiently cached. - * - * @return void - * - * @deprecated 3.1.0 (To be removed: 4.0.0) - */ -function set_config($config_name, $config_value, $is_dynamic = false, \phpbb\config\config $set_config = null) -{ - static $config = null; - - if ($set_config !== null) - { - $config = $set_config; - - if (empty($config_name)) - { - return; - } - } - - $config->set($config_name, $config_value, !$is_dynamic); -} - -/** - * Increments an integer config value directly in the database. - * - * @param string $config_name The configuration option's name - * @param int $increment Amount to increment by - * @param bool $is_dynamic Whether this variable should be cached (false) or - * if it changes too frequently (true) to be - * efficiently cached. - * - * @return void - * - * @deprecated 3.1.0 (To be removed: 4.0.0) - */ -function set_config_count($config_name, $increment, $is_dynamic = false, \phpbb\config\config $set_config = null) -{ - static $config = null; - if ($set_config !== null) - { - $config = $set_config; - if (empty($config_name)) - { - return; - } - } - $config->increment($config_name, $increment, !$is_dynamic); -} - /** * Wrapper function of \phpbb\request\request::variable which exists for backwards compatability. * See {@link \phpbb\request\request_interface::variable \phpbb\request\request_interface::variable} for diff --git a/tests/text_processing/generate_text_for_display_test.php b/tests/text_processing/generate_text_for_display_test.php index 9a909a007cb..7d96152c210 100644 --- a/tests/text_processing/generate_text_for_display_test.php +++ b/tests/text_processing/generate_text_for_display_test.php @@ -21,7 +21,6 @@ protected function setUp(): void $phpbb_dispatcher = new phpbb_mock_event_dispatcher; $config = new \phpbb\config\config(array()); - set_config(null, null, null, $config); } /** diff --git a/tests/text_processing/generate_text_for_storage_test.php b/tests/text_processing/generate_text_for_storage_test.php index c47c9b9f5ef..86c257a9f61 100644 --- a/tests/text_processing/generate_text_for_storage_test.php +++ b/tests/text_processing/generate_text_for_storage_test.php @@ -20,7 +20,6 @@ protected function setUp(): void parent::setUp(); $config = new \phpbb\config\config(array()); - set_config(null, null, null, $config); $phpbb_container = new phpbb_mock_container_builder; $phpbb_container->set('config', $config); From f4cad55581cd9898bf841bcc0185603fc0c3803d Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 11 Jul 2024 21:54:09 +0200 Subject: [PATCH 05/16] [ticket/12479] Remove request_var function PHPBB-12479 --- phpBB/includes/compatibility_globals.php | 2 - phpBB/includes/functions_compatibility.php | 61 ---------------------- tests/request/request_var_test.php | 21 +++----- 3 files changed, 8 insertions(+), 76 deletions(-) diff --git a/phpBB/includes/compatibility_globals.php b/phpBB/includes/compatibility_globals.php index f1f5dd8321a..ca0394e88f6 100644 --- a/phpBB/includes/compatibility_globals.php +++ b/phpBB/includes/compatibility_globals.php @@ -49,8 +49,6 @@ function register_compatibility_globals() /* @var $request \phpbb\request\request_interface */ $request = $phpbb_container->get('request'); - // Inject request instance, so only this instance is used with request_var - request_var('', 0, false, false, $request); /* @var $user \phpbb\user */ $user = $phpbb_container->get('user'); diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 13563d79ef0..df74abe308f 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,67 +19,6 @@ exit; } -/** - * Wrapper function of \phpbb\request\request::variable which exists for backwards compatability. - * See {@link \phpbb\request\request_interface::variable \phpbb\request\request_interface::variable} for - * documentation of this function's use. - * - * @deprecated 3.1.0 (To be removed: 4.0.0) - * @param mixed $var_name The form variable's name from which data shall be retrieved. - * If the value is an array this may be an array of indizes which will give - * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a") - * then specifying array("var", 1) as the name will return "a". - * If you pass an instance of {@link \phpbb\request\request_interface phpbb_request_interface} - * as this parameter it will overwrite the current request class instance. If you do - * not do so, it will create its own instance (but leave superglobals enabled). - * @param mixed $default A default value that is returned if the variable was not set. - * This function will always return a value of the same type as the default. - * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters - * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks - * @param bool $cookie This param is mapped to \phpbb\request\request_interface::COOKIE as the last param for - * \phpbb\request\request_interface::variable for backwards compatability reasons. - * @param \phpbb\request\request_interface|null|false $request - * If an instance of \phpbb\request\request_interface is given the instance is stored in - * a static variable and used for all further calls where this parameters is null. Until - * the function is called with an instance it automatically creates a new \phpbb\request\request - * instance on every call. By passing false this per-call instantiation can be restored - * after having passed in a \phpbb\request\request_interface instance. - * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the - * the same as that of $default. If the variable is not set $default is returned. - */ -function request_var($var_name, $default, $multibyte = false, $cookie = false, $request = null) -{ - // This is all just an ugly hack to add "Dependency Injection" to a function - // the only real code is the function call which maps this function to a method. - static $static_request = null; - if ($request instanceof \phpbb\request\request_interface) - { - $static_request = $request; - if (empty($var_name)) - { - return null; - } - } - else if ($request === false) - { - $static_request = null; - if (empty($var_name)) - { - return null; - } - } - $tmp_request = $static_request; - // no request class set, create a temporary one ourselves to keep backwards compatibility - if ($tmp_request === null) - { - // false param: enable super globals, so the created request class does not - // make super globals inaccessible everywhere outside this function. - $tmp_request = new \phpbb\request\request(new \phpbb\request\type_cast_helper(), false); - } - return $tmp_request->variable($var_name, $default, $multibyte, ($cookie) ? \phpbb\request\request_interface::COOKIE : \phpbb\request\request_interface::REQUEST); -} - /** * Casts a variable to the given type. * diff --git a/tests/request/request_var_test.php b/tests/request/request_var_test.php index c95dce46d06..ea1a1ac89e9 100644 --- a/tests/request/request_var_test.php +++ b/tests/request/request_var_test.php @@ -13,15 +13,6 @@ class phpbb_request_var_test extends phpbb_test_case { - /** - * Makes sure request_var has its standard behaviour. - */ - protected function setUp(): void - { - parent::setUp(); - request_var(false, false, false, false, false); - } - /** * @dataProvider request_variables */ @@ -33,7 +24,8 @@ public function test_post($variable_value, $default, $multibyte, $expected) $_POST[$variable_name] = $variable_value; $_REQUEST[$variable_name] = $variable_value; - $result = request_var($variable_name, $default, $multibyte); + $request = new \phpbb\request\request(new \phpbb\request\type_cast_helper(), false); + $result = $request->variable($variable_name, $default, $multibyte); $label = 'Requesting POST variable, converting from ' . gettype($variable_value) . ' to ' . gettype($default) . (($multibyte) ? ' multibyte' : ''); $this->assertEquals($expected, $result, $label); @@ -50,7 +42,8 @@ public function test_get($variable_value, $default, $multibyte, $expected) $_GET[$variable_name] = $variable_value; $_REQUEST[$variable_name] = $variable_value; - $result = request_var($variable_name, $default, $multibyte); + $request = new \phpbb\request\request(new \phpbb\request\type_cast_helper(), false); + $result = $request->variable($variable_name, $default, $multibyte); $label = 'Requesting GET variable, converting from ' . gettype($variable_value) . ' to ' . gettype($default) . (($multibyte) ? ' multibyte' : ''); $this->assertEquals($expected, $result, $label); @@ -69,7 +62,8 @@ public function test_cookie($variable_value, $default, $multibyte, $expected) $_REQUEST[$variable_name] = false; $_COOKIE[$variable_name] = $variable_value; - $result = request_var($variable_name, $default, $multibyte, true); + $request = new \phpbb\request\request(new \phpbb\request\type_cast_helper(), false); + $result = $request->variable($variable_name, $default, $multibyte, \phpbb\request\request_interface::COOKIE); $label = 'Requesting COOKIE variable, converting from ' . gettype($variable_value) . ' to ' . gettype($default) . (($multibyte) ? ' multibyte' : ''); $this->assertEquals($expected, $result, $label); @@ -109,7 +103,8 @@ public function test_deep_multi_dim_array_access($path, $default, $expected) ), ); - $result = request_var($path, $default); + $request = new \phpbb\request\request(new \phpbb\request\type_cast_helper(), false); + $result = $request->variable($path, $default); $this->assertEquals($expected, $result); } From 3e0637ad2ec687754afeaf5b5f18dead4ac9ae0a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 12 Jul 2024 21:09:26 +0200 Subject: [PATCH 06/16] [ticket/12479] Remove set_var, phpbb_email_hash, and phpbb_http_login PHPBB-12479 --- phpBB/includes/functions_compatibility.php | 131 --------------------- phpBB/phpbb/request/request.php | 6 +- phpBB/phpbb/request/request_interface.php | 4 +- 3 files changed, 5 insertions(+), 136 deletions(-) diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index df74abe308f..d2e39792161 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,32 +19,6 @@ exit; } -/** - * Casts a variable to the given type. - * - * @deprecated 3.1 (To be removed 4.0.0) - */ -function set_var(&$result, $var, $type, $multibyte = false) -{ - // no need for dependency injection here, if you have the object, call the method yourself! - $type_cast_helper = new \phpbb\request\type_cast_helper(); - $type_cast_helper->set_var($result, $var, $type, $multibyte); -} - -/** - * Hashes an email address to a big integer - * - * @param string $email Email address - * - * @return string Unsigned Big Integer - * - * @deprecated 3.3.0-b2 (To be removed: 4.0.0) - */ -function phpbb_email_hash($email) -{ - return sprintf('%u', crc32(strtolower($email))) . strlen($email); -} - /** * Load the autoloaders added by the extensions. * @@ -72,111 +46,6 @@ function phpbb_load_extensions_autoloaders($phpbb_root_path) } } -/** -* Login using http authenticate. -* -* @param array $param Parameter array, see $param_defaults array. -* -* @return void -* -* @deprecated 3.2.10 (To be removed 4.0.0) -*/ -function phpbb_http_login($param) -{ - global $auth, $user, $request; - global $config; - - $param_defaults = array( - 'auth_message' => '', - - 'autologin' => false, - 'viewonline' => true, - 'admin' => false, - ); - - // Overwrite default values with passed values - $param = array_merge($param_defaults, $param); - - // User is already logged in - // We will not overwrite his session - if (!empty($user->data['is_registered'])) - { - return; - } - - // $_SERVER keys to check - $username_keys = array( - 'PHP_AUTH_USER', - 'Authorization', - 'REMOTE_USER', 'REDIRECT_REMOTE_USER', - 'HTTP_AUTHORIZATION', 'REDIRECT_HTTP_AUTHORIZATION', - 'REMOTE_AUTHORIZATION', 'REDIRECT_REMOTE_AUTHORIZATION', - 'AUTH_USER', - ); - - $password_keys = array( - 'PHP_AUTH_PW', - 'REMOTE_PASSWORD', - 'AUTH_PASSWORD', - ); - - $username = null; - foreach ($username_keys as $k) - { - if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) - { - $username = html_entity_decode($request->server($k), ENT_COMPAT); - break; - } - } - - $password = null; - foreach ($password_keys as $k) - { - if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) - { - $password = html_entity_decode($request->server($k), ENT_COMPAT); - break; - } - } - - // Decode encoded information (IIS, CGI, FastCGI etc.) - if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0) - { - list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2); - } - - if (!is_null($username) && !is_null($password)) - { - set_var($username, $username, 'string', true); - set_var($password, $password, 'string', true); - - $auth_result = $auth->login($username, $password, $param['autologin'], $param['viewonline'], $param['admin']); - - if ($auth_result['status'] == LOGIN_SUCCESS) - { - return; - } - else if ($auth_result['status'] == LOGIN_ERROR_ATTEMPTS) - { - send_status_line(401, 'Unauthorized'); - - trigger_error('NOT_AUTHORISED'); - } - } - - // Prepend sitename to auth_message - $param['auth_message'] = ($param['auth_message'] === '') ? $config['sitename'] : $config['sitename'] . ' - ' . $param['auth_message']; - - // We should probably filter out non-ASCII characters - RFC2616 - $param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']); - - header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"'); - send_status_line(401, 'Unauthorized'); - - trigger_error('NOT_AUTHORISED'); -} - /** * Converts query string (GET) parameters in request into hidden fields. * diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index cf81dc42c6e..a28b9df541f 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -184,7 +184,7 @@ public function overwrite($var_name, $value, $super_global = request_interface:: * @param int $super_global (\phpbb\request\request_interface::POST|GET|REQUEST|COOKIE) * Specifies which super global should be used * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * @return mixed The value of $_REQUEST[$var_name] run through {@link type_cast_helper_interface::set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ public function variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST) @@ -208,7 +208,7 @@ public function variable($var_name, $default, $multibyte = false, $super_global * @param int $super_global (\phpbb\request\request_interface::POST|GET|REQUEST|COOKIE) * Specifies which super global should be used * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * @return mixed The value of $_REQUEST[$var_name] run through {@link type_cast_helper_interface::set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ public function untrimmed_variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST) @@ -401,7 +401,7 @@ public function variable_names($super_global = request_interface::REQUEST) * Specifies which super global should be used * @param bool $trim Indicates whether trim() should be applied to string values. * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * @return mixed The value of $_REQUEST[$var_name] run through {@link type_cast_helper_interface::set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ protected function _variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST, $trim = true) diff --git a/phpBB/phpbb/request/request_interface.php b/phpBB/phpbb/request/request_interface.php index 9ebd4c25e39..add58736eab 100644 --- a/phpBB/phpbb/request/request_interface.php +++ b/phpBB/phpbb/request/request_interface.php @@ -59,7 +59,7 @@ public function overwrite($var_name, $value, $super_global = request_interface:: * @param int $super_global (\phpbb\request\request_interface::POST|GET|REQUEST|COOKIE) * Specifies which super global shall be changed * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * @return mixed The value of $_REQUEST[$var_name] run through {@link type_cast_helper_interface::set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ public function variable($var_name, $default, $multibyte = false, $super_global = request_interface::REQUEST); @@ -81,7 +81,7 @@ public function variable($var_name, $default, $multibyte = false, $super_global * @param int $super_global (\phpbb\request\request_interface::POST|GET|REQUEST|COOKIE) * Specifies which super global shall be changed * - * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * @return mixed The value of $_REQUEST[$var_name] run through {@link type_cast_helper_interface::set_var} to ensure that the type is the * the same as that of $default. If the variable is not set $default is returned. */ public function raw_variable($var_name, $default, $super_global = request_interface::REQUEST); From 986b92f3b31430accfeda43ff5329a87476e6401 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 12 Jul 2024 21:17:47 +0200 Subject: [PATCH 07/16] [ticket/12479] Remove unused functions and function aliases PHPBB-12479 --- phpBB/includes/functions_compatibility.php | 98 ------------------- ...ld_hidden_fields_for_query_params_test.php | 73 -------------- tests/privmsgs/delete_user_pms_test.php | 2 +- 3 files changed, 1 insertion(+), 172 deletions(-) delete mode 100644 tests/functions/build_hidden_fields_for_query_params_test.php diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index d2e39792161..38b9cb40dc6 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,104 +19,6 @@ exit; } -/** - * Load the autoloaders added by the extensions. - * - * @param string $phpbb_root_path Path to the phpbb root directory. - */ -function phpbb_load_extensions_autoloaders($phpbb_root_path) -{ - $iterator = new \phpbb\finder\recursive_path_iterator( - $phpbb_root_path . 'ext/', - \RecursiveIteratorIterator::SELF_FIRST, - \FilesystemIterator::SKIP_DOTS | \FilesystemIterator::FOLLOW_SYMLINKS - ); - $iterator->setMaxDepth(2); - - foreach ($iterator as $file_info) - { - if ($file_info->getFilename() === 'vendor' && $iterator->getDepth() === 2) - { - $filename = $file_info->getRealPath() . '/autoload.php'; - if (file_exists($filename)) - { - require $filename; - } - } - } -} - -/** -* Converts query string (GET) parameters in request into hidden fields. -* -* Useful for forwarding GET parameters when submitting forms with GET method. -* -* It is possible to omit some of the GET parameters, which is useful if -* they are specified in the form being submitted. -* -* sid is always omitted. -* -* @param \phpbb\request\request $request Request object -* @param array $exclude A list of variable names that should not be forwarded -* @return string HTML with hidden fields -* -* @deprecated 3.2.10 (To be removed 4.0.0) -*/ -function phpbb_build_hidden_fields_for_query_params($request, $exclude = null) -{ - $names = $request->variable_names(\phpbb\request\request_interface::GET); - $hidden = ''; - foreach ($names as $name) - { - // Sessions are dealt with elsewhere, omit sid always - if ($name == 'sid') - { - continue; - } - - // Omit any additional parameters requested - if (!empty($exclude) && in_array($name, $exclude)) - { - continue; - } - - $escaped_name = phpbb_quoteattr($name); - - // Note: we might retrieve the variable from POST or cookies - // here. To avoid exposing cookies, skip variables that are - // overwritten somewhere other than GET entirely. - $value = $request->variable($name, '', true); - $get_value = $request->variable($name, '', true, \phpbb\request\request_interface::GET); - if ($value === $get_value) - { - $escaped_value = phpbb_quoteattr($value); - $hidden .= ""; - } - } - return $hidden; -} - -/** -* Delete all PM(s) for a given user and delete the ones without references -* -* @param int $user_id ID of the user whose private messages we want to delete -* -* @return boolean False if there were no pms found, true otherwise. -* -* @deprecated 3.2.10 (To be removed 4.0.0) -*/ -function phpbb_delete_user_pms($user_id) -{ - $user_id = (int) $user_id; - - if (!$user_id) - { - return false; - } - - return phpbb_delete_users_pms(array($user_id)); -} - /** * Casts a numeric string $input to an appropriate numeric type (i.e. integer or float) * diff --git a/tests/functions/build_hidden_fields_for_query_params_test.php b/tests/functions/build_hidden_fields_for_query_params_test.php deleted file mode 100644 index aee7a569d4e..00000000000 --- a/tests/functions/build_hidden_fields_for_query_params_test.php +++ /dev/null @@ -1,73 +0,0 @@ - -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -class phpbb_build_hidden_fields_for_query_params_test extends phpbb_test_case -{ - public function build_hidden_fields_for_query_params_test_data() - { - return array( - // get - // post - // exclude - // expected - array( - array('foo' => 'bar'), - array(), - array(), - "", - ), - array( - array('foo' => 'bar', 'a' => 'b'), - array(), - array(), - "", - ), - array( - array('a' => 'quote"', 'b' => ''), - array(), - array(), - "", - ), - array( - array('a' => "quotes'\""), - array(), - array(), - "", - ), - array( - array('foo' => 'bar', 'a' => 'b'), - array('a' => 'c'), - array(), - "", - ), - // strict equality check - array( - array('foo' => 'bar', 'a' => '0'), - array('a' => ''), - array(), - "", - ), - ); - } - - /** - * @dataProvider build_hidden_fields_for_query_params_test_data - */ - public function test_build_hidden_fields_for_query_params($get, $post, $exclude, $expected) - { - $request = new phpbb_mock_request($get, $post); - $result = phpbb_build_hidden_fields_for_query_params($request, $exclude); - - $this->assertEquals($expected, $result); - } -} diff --git a/tests/privmsgs/delete_user_pms_test.php b/tests/privmsgs/delete_user_pms_test.php index a50240aae3b..e618d7c2e6a 100644 --- a/tests/privmsgs/delete_user_pms_test.php +++ b/tests/privmsgs/delete_user_pms_test.php @@ -97,7 +97,7 @@ public function test_delete_user_pms($delete_user, $remaining_privmsgs, $remaini // Works as a workaround for tests $phpbb_container->set('attachment.manager', new \phpbb\attachment\delete(new \phpbb\config\config(array()), $db, new \phpbb_mock_event_dispatcher(), new \phpbb\attachment\resync($db), $storage)); - phpbb_delete_user_pms($delete_user); + phpbb_delete_users_pms([$delete_user]); $sql = 'SELECT msg_id FROM ' . PRIVMSGS_TABLE; From f835fba49eb40095f1cd4808f84bc44990641833 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 12 Jul 2024 21:24:37 +0200 Subject: [PATCH 08/16] [ticket/12479] Remove unused ini class and related function PHPBB-12479 --- phpBB/includes/functions_compatibility.php | 15 -- phpBB/phpbb/php/ini.php | 175 --------------------- 2 files changed, 190 deletions(-) delete mode 100644 phpBB/phpbb/php/ini.php diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 38b9cb40dc6..1efc8c9c2ec 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -19,21 +19,6 @@ exit; } -/** -* Casts a numeric string $input to an appropriate numeric type (i.e. integer or float) -* -* @param string $input A numeric string. -* -* @return int|float Integer $input if $input fits integer, -* float $input otherwise. -* -* @deprecated 3.2.10 (To be removed 4.0.0) -*/ -function phpbb_to_numeric($input) -{ - return ($input > PHP_INT_MAX) ? (float) $input : (int) $input; -} - /** * Parse cfg file * @param string $filename diff --git a/phpBB/phpbb/php/ini.php b/phpBB/phpbb/php/ini.php deleted file mode 100644 index 441e3ff7f6b..00000000000 --- a/phpBB/phpbb/php/ini.php +++ /dev/null @@ -1,175 +0,0 @@ - -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -namespace phpbb\php; - -/** -* Wrapper class for ini_get function. -* -* Provides easier handling of the different interpretations of ini values. -* @deprecated 3.2.10 (To be removed 4.0.0) -*/ -class ini -{ - /** - * Simple wrapper for ini_get() - * See http://php.net/manual/en/function.ini-get.php - * - * @param string $varname The configuration option name. - * @return bool|string False if configuration option does not exist, - * the configuration option value (string) otherwise. - */ - public function get($varname) - { - return ini_get($varname); - } - - /** - * Gets the configuration option value as a trimmed string. - * - * @param string $varname The configuration option name. - * @return bool|string False if configuration option does not exist, - * the configuration option value (string) otherwise. - */ - public function get_string($varname) - { - $value = $this->get($varname); - - if ($value === false) - { - return false; - } - - return trim($value); - } - - /** - * Gets configuration option value as a boolean. - * Interprets the string value 'off' as false. - * - * @param string $varname The configuration option name. - * @return bool False if configuration option does not exist. - * False if configuration option is disabled. - * True otherwise. - */ - public function get_bool($varname) - { - $value = $this->get_string($varname); - - if (empty($value) || strtolower($value) == 'off') - { - return false; - } - - return true; - } - - /** - * Gets configuration option value as an integer. - * - * @param string $varname The configuration option name. - * @return bool|int False if configuration option does not exist, - * false if configuration option value is not numeric, - * the configuration option value (integer) otherwise. - */ - public function get_int($varname) - { - $value = $this->get_string($varname); - - if (!is_numeric($value)) - { - return false; - } - - return (int) $value; - } - - /** - * Gets configuration option value as a float. - * - * @param string $varname The configuration option name. - * @return bool|float False if configuration option does not exist, - * false if configuration option value is not numeric, - * the configuration option value (float) otherwise. - */ - public function get_float($varname) - { - $value = $this->get_string($varname); - - if (!is_numeric($value)) - { - return false; - } - - return (float) $value; - } - - /** - * Gets configuration option value in bytes. - * Converts strings like '128M' to bytes (integer or float). - * - * @param string $varname The configuration option name. - * @return bool|int|float False if configuration option does not exist, - * false if configuration option value is not well-formed, - * the configuration option value otherwise. - */ - public function get_bytes($varname) - { - $value = $this->get_string($varname); - - if ($value === false) - { - return false; - } - - if (is_numeric($value)) - { - // Already in bytes. - return phpbb_to_numeric($value); - } - else if (is_string($value)) - { - if (strlen($value) < 2) - { - // Single character. - return false; - } - else if (strlen($value) < 3 && $value[0] === '-') - { - // Two characters but the first one is a minus. - return false; - } - } - - $value_lower = strtolower($value); - $value_numeric = phpbb_to_numeric($value); - - switch ($value_lower[strlen($value_lower) - 1]) - { - case 'g': - $value_numeric *= 1024; - case 'm': - $value_numeric *= 1024; - case 'k': - $value_numeric *= 1024; - break; - - default: - // It's not already in bytes (and thus numeric) - // and does not carry a unit. - return false; - } - - return $value_numeric; - } -} From 78f96c3e5c64703ddffe681ab830ec5903e54d86 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 12 Jul 2024 21:39:27 +0200 Subject: [PATCH 09/16] [ticket/12479] Remove function bbcode_second_pass_by_extension PHPBB-12479 --- phpBB/includes/bbcode.php | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index d0ced558232..b98fe1e6b3c 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -651,38 +651,4 @@ function bbcode_second_pass_code($type, $code) return $code; } - - /** - * Function to perform custom bbcode second pass by extensions - * can be used to assign bbcode pattern replacement - * Example: '#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_second_pass_by_extension('\$1')" - * - * Accepts variable number of parameters - * - * @return bool Second pass result - * - * @deprecated 3.2.10 (To be removed 4.0.0) - */ - function bbcode_second_pass_by_extension() - { - global $phpbb_dispatcher; - - $return = false; - $params_array = func_get_args(); - - /** - * Event to perform bbcode second pass with - * the custom validating methods provided by extensions - * - * @event core.bbcode_second_pass_by_extension - * @var array params_array Array with the function parameters - * @var mixed return Second pass result to return - * - * @since 3.1.5-RC1 - */ - $vars = array('params_array', 'return'); - extract($phpbb_dispatcher->trigger_event('core.bbcode_second_pass_by_extension', compact($vars))); - - return $return; - } } From 8b3bc0b5f522ec5f4bc1910e4dae4e783a9a0e02 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 17 Jul 2024 18:06:22 +0200 Subject: [PATCH 10/16] [ticket/12479] Remove duplicate semi-colons PHPBB-12479 --- tests/auth/provider_apache_test.php | 2 +- tests/config/db_test.php | 2 +- tests/controller/common_helper_route.php | 2 +- tests/search/native_test.php | 2 +- tests/security/hash_test.php | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index cdccd2a3588..bc211b4ed54 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -33,7 +33,7 @@ protected function setUp(): void $lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx); $lang = new \phpbb\language\language($lang_loader); $this->request = $this->createMock('\phpbb\request\request'); - $this->user = new \phpbb\user($lang, '\phpbb\datetime');; + $this->user = new \phpbb\user($lang, '\phpbb\datetime'); $this->provider = new \phpbb\auth\provider\apache($config, $db, $lang, $this->request, $this->user, $phpbb_root_path, $phpEx); } diff --git a/tests/config/db_test.php b/tests/config/db_test.php index 11c99435f83..5bed8d405d3 100644 --- a/tests/config/db_test.php +++ b/tests/config/db_test.php @@ -136,7 +136,7 @@ public function test_increment() public function test_increment_new() { $this->config->increment('foobar', 3); - $this->assertEquals(3, $this->config['foobar']);; + $this->assertEquals(3, $this->config['foobar']); } public function test_delete() diff --git a/tests/controller/common_helper_route.php b/tests/controller/common_helper_route.php index 45e03861956..0cd52b7d8be 100644 --- a/tests/controller/common_helper_route.php +++ b/tests/controller/common_helper_route.php @@ -111,7 +111,7 @@ protected function generate_route_objects() $this->config = new \phpbb\config\config(array('enable_mod_rewrite' => '0')); $lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx); $lang = new \phpbb\language\language($lang_loader); - $this->user = new \phpbb\user($lang, '\phpbb\datetime');; + $this->user = new \phpbb\user($lang, '\phpbb\datetime'); $container = new phpbb_mock_container_builder(); $container->setParameter('core.environment', PHPBB_ENVIRONMENT); diff --git a/tests/search/native_test.php b/tests/search/native_test.php index 50f2119e7f7..0d8d8e68105 100644 --- a/tests/search/native_test.php +++ b/tests/search/native_test.php @@ -36,7 +36,7 @@ protected function setUp(): void $lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx); $lang = new \phpbb\language\language($lang_loader); - $user = new \phpbb\user($lang, '\phpbb\datetime');; + $user = new \phpbb\user($lang, '\phpbb\datetime'); $this->db = $this->new_dbal(); $tools_factory = new \phpbb\db\tools\factory(); diff --git a/tests/security/hash_test.php b/tests/security/hash_test.php index 3c99a70200b..203d142cb78 100644 --- a/tests/security/hash_test.php +++ b/tests/security/hash_test.php @@ -40,7 +40,7 @@ protected function setUp(): void public function test_check_hash_with_phpass() { - global $phpbb_container;; + global $phpbb_container; /** @var \phpbb\passwords\manager $passwords_manager */ $passwords_manager = $phpbb_container->get('passwords.manager'); @@ -52,7 +52,7 @@ public function test_check_hash_with_phpass() public function test_check_hash_with_large_input() { - global $phpbb_container;; + global $phpbb_container; /** @var \phpbb\passwords\manager $passwords_manager */ $passwords_manager = $phpbb_container->get('passwords.manager'); From 02c59fdf43df76492abb834cf0c5428a65a67405 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 23 Jul 2024 21:04:34 +0200 Subject: [PATCH 11/16] [ticket/12479] Convert file_downloader to use guzzle instead of fsockopen PHPBB-12479 --- phpBB/phpbb/file_downloader.php | 140 ++++++++------ tests/version/version_helper_remote_test.php | 188 ++++++++++++++++++- 2 files changed, 267 insertions(+), 61 deletions(-) diff --git a/phpBB/phpbb/file_downloader.php b/phpBB/phpbb/file_downloader.php index 873bccc9e89..bf466c94bc6 100644 --- a/phpBB/phpbb/file_downloader.php +++ b/phpBB/phpbb/file_downloader.php @@ -13,91 +13,117 @@ namespace phpbb; +use GuzzleHttp\Client; +use GuzzleHttp\Exception\RequestException ; +use phpbb\exception\runtime_exception; +use function Amp\Promise\rethrow; + class file_downloader { + const OK = 200; + const NOT_FOUND = 404; + const REQUEST_TIMEOUT = 408; + /** @var string Error string */ - protected $error_string = ''; + protected string $error_string = ''; /** @var int Error number */ - protected $error_number = 0; + protected int $error_number = 0; + + /** + * Create new guzzle client + * + * @param string $host + * @param int $port + * @param int $timeout + * + * @return Client + */ + protected function create_client(string $host, int $port = 443, int $timeout = 6): Client + { + // Only set URL scheme if not specified in URL + $url_parts = parse_url($host); + if (!isset($url_parts['scheme'])) + { + $host = (($port === 443) ? 'https://' : 'http://') . $host; + } + + // Initialize Guzzle client + return new Client([ + 'base_uri' => $host, + 'timeout' => $timeout, + ]); + } /** * Retrieve contents from remotely stored file * - * @param string $host File host - * @param string $directory Directory file is in - * @param string $filename Filename of file to retrieve - * @param int $port Port to connect to; default: 80 - * @param int $timeout Connection timeout in seconds; default: 6 + * @param string $host File host + * @param string $directory Directory file is in + * @param string $filename Filename of file to retrieve + * @param int $port Port to connect to; default: 80 + * @param int $timeout Connection timeout in seconds; default: 6 * * @return false|string File data as string if file can be read and there is no - * timeout, false if there were errors or the connection timed out + * timeout, false if there were errors or the connection timed out * - * @throws \phpbb\exception\runtime_exception If data can't be retrieved and no error - * message is returned + * @throws runtime_exception If data can't be retrieved and no error + * message is returned */ - public function get($host, $directory, $filename, $port = 80, $timeout = 6) + public function get(string $host, string $directory, string $filename, int $port = 443, int $timeout = 6): bool|string { + // Initialize Guzzle client + $client = $this->create_client($host, $port, $timeout); + // Set default values for error variables $this->error_number = 0; $this->error_string = ''; - if (function_exists('fsockopen') && - $socket = @fsockopen(($port == 443 ? 'ssl://' : '') . $host, $port, $this->error_number, $this->error_string, $timeout) - ) + try { - @fputs($socket, "GET $directory/$filename HTTP/1.0\r\n"); - @fputs($socket, "HOST: $host\r\n"); - @fputs($socket, "Connection: close\r\n\r\n"); - - $timer_stop = time() + $timeout; - stream_set_timeout($socket, $timeout); + $response = $client->request('GET', "$directory/$filename"); - $file_info = ''; - $get_info = false; - - while (!@feof($socket)) + // Check if the response status code is 200 (OK) + if ($response->getStatusCode() == self::OK) { - if ($get_info) - { - $file_info .= @fread($socket, 1024); - } - else - { - $line = @fgets($socket, 1024); - if ($line == "\r\n") - { - $get_info = true; - } - else if (stripos($line, '404 not found') !== false) - { - throw new \phpbb\exception\runtime_exception('FILE_NOT_FOUND', array($filename)); - } - } - - $stream_meta_data = stream_get_meta_data($socket); - - if ($stream_meta_data['timed_out'] || time() >= $timer_stop) - { - throw new \phpbb\exception\runtime_exception('FSOCK_TIMEOUT'); - } + return $response->getBody()->getContents(); + } + else + { + $this->error_number = $response->getStatusCode(); + throw new runtime_exception('FILE_NOT_FOUND', [$filename]); } - @fclose($socket); } - else + catch (RequestException $exception) { - if ($this->error_string) + if ($exception->hasResponse()) { - $this->error_string = utf8_convert_message($this->error_string); - return false; + $this->error_number = $exception->getResponse()->getStatusCode(); + + if ($this->error_number == self::NOT_FOUND) + { + throw new runtime_exception('FILE_NOT_FOUND', [$filename]); + } } else { - throw new \phpbb\exception\runtime_exception('FSOCK_DISABLED'); + $this->error_number = self::REQUEST_TIMEOUT; + throw new runtime_exception('FSOCK_TIMEOUT'); } - } - return $file_info; + $this->error_string = utf8_convert_message($exception->getMessage()); + return false; + } + catch (runtime_exception $exception) + { + // Rethrow runtime_exceptions, only handle unknown cases below + throw $exception; + } + catch (\Throwable $exception) + { + $this->error_string = utf8_convert_message($exception->getMessage()); + throw new runtime_exception('FSOCK_DISABLED'); + } } /** @@ -105,7 +131,7 @@ public function get($host, $directory, $filename, $port = 80, $timeout = 6) * * @return string Error string */ - public function get_error_string() + public function get_error_string(): string { return $this->error_string; } @@ -115,7 +141,7 @@ public function get_error_string() * * @return int Error number */ - public function get_error_number() + public function get_error_number(): int { return $this->error_number; } diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index 02a811b5399..be92a3f977c 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -1,4 +1,7 @@ method('get') ->with($this->anything()) ->will($this->returnValue(false)); - $this->file_downloader = new phpbb_mock_file_downloader(); + + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->addMethods(['set_data']) + ->onlyMethods(['request']) + ->getMock(); + $this->guzzle_mock->method('set_data') + ->will($this->returnCallback(function($data) + { + $this->guzzle_data = $data; + } + )); + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function() + { + return new \GuzzleHttp\Psr7\Response($this->guzzle_status, [], $this->guzzle_data); + } + )); + + $this->file_downloader = $this->getMockBuilder('\phpbb\file_downloader') + ->onlyMethods(['create_client']) + ->getMock(); + $this->file_downloader->method('create_client') + ->will($this->returnValue($this->guzzle_mock)); $lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx); @@ -203,7 +233,7 @@ public function provider_get_versions() */ public function test_get_versions($input, $valid_data, $expected_return = '', $expected_exception = '') { - $this->file_downloader->set($input); + $this->guzzle_mock->set_data($input); // version_helper->get_versions() doesn't return a value on VERSIONCHECK_FAIL but only throws exception // so the $return is undefined. Define it here @@ -214,7 +244,7 @@ public function test_get_versions($input, $valid_data, $expected_return = '', $e try { $return = $this->version_helper->get_versions(); } catch (\phpbb\exception\runtime_exception $e) { - $this->assertEquals((string)$e->getMessage(), $expected_exception); + $this->assertEquals($expected_exception, $e->getMessage()); } } else @@ -227,7 +257,23 @@ public function test_get_versions($input, $valid_data, $expected_return = '', $e public function test_version_phpbb_com() { - $file_downloader = new \phpbb\file_downloader(); + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function() + { + return new \GuzzleHttp\Psr7\Response(200, [], file_get_contents(__DIR__ . '/fixture/30x.txt')); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); $hostname = 'version.phpbb.com'; @@ -285,4 +331,138 @@ public function test_version_phpbb_com() $this->assertStringContainsString('http', $lines[1]); $this->assertStringContainsString('phpbb.com', $lines[1], '', true); } + + public function test_file_downloader_file_not_found() + { + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function() + { + return new \GuzzleHttp\Psr7\Response(404, [], ''); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); + + $this->expectException(\phpbb\exception\runtime_exception::class); + $this->expectExceptionMessage('FILE_NOT_FOUND'); + + $file_downloader->get('foo.com', 'bar', 'foo.txt'); + } + + public function test_file_downloader_exception_not_found() + { + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function($method, $uri) + { + $request = new \GuzzleHttp\Psr7\Request('GET', $uri); + $response = new \GuzzleHttp\Psr7\Response(404, [], ''); + throw new RequestException('FILE_NOT_FOUND', $request, $response); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); + + $this->expectException(\phpbb\exception\runtime_exception::class); + $this->expectExceptionMessage('FILE_NOT_FOUND'); + + $file_downloader->get('foo.com', 'bar', 'foo.txt'); + } + + public function test_file_downloader_exception_moved() + { + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function($method, $uri) + { + $request = new \GuzzleHttp\Psr7\Request('GET', $uri); + $response = new \GuzzleHttp\Psr7\Response(302, [], ''); + throw new RequestException('FILE_MOVED', $request, $response); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); + + $this->assertFalse($file_downloader->get('foo.com', 'bar', 'foo.txt')); + $this->assertEquals(302, $file_downloader->get_error_number()); + $this->assertEquals('FILE_MOVED', $file_downloader->get_error_string()); + } + + public function test_file_downloader_exception_timeout() + { + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function($method, $uri) + { + $request = new \GuzzleHttp\Psr7\Request('GET', $uri); + throw new RequestException('FILE_NOT_FOUND', $request); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); + + $this->expectException(\phpbb\exception\runtime_exception::class); + $this->expectExceptionMessage('FSOCK_TIMEOUT'); + + $file_downloader->get('foo.com', 'bar', 'foo.txt'); + } + + public function test_file_downloader_exception_other() + { + $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + ->onlyMethods(['request']) + ->getMock(); + + $this->guzzle_mock->method('request') + ->will($this->returnCallback(function($method, $uri) + { + throw new \RuntimeException('FSOCK_NOT_SUPPORTED'); + } + )); + + $file_downloader = $this->getMockBuilder(\phpbb\file_downloader::class) + ->onlyMethods(['create_client']) + ->getMock(); + + $file_downloader->method('create_client') + ->willReturn($this->guzzle_mock); + + $this->expectException(\phpbb\exception\runtime_exception::class); + $this->expectExceptionMessage('FSOCK_DISABLED'); + + $file_downloader->get('foo.com', 'bar', 'foo.txt'); + } } From 445a16be938cb9370ac3fcb98a840b066b6fb4c5 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 23 Jul 2024 21:05:54 +0200 Subject: [PATCH 12/16] [ticket/12479] Remove dns check from test as we don't test against host anymore PHPBB-12479 --- tests/version/version_helper_remote_test.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index be92a3f977c..e38f4d7b2c3 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -277,15 +277,6 @@ public function test_version_phpbb_com() $hostname = 'version.phpbb.com'; - if (!checkdnsrr($hostname, 'A')) - { - $this->markTestSkipped(sprintf( - 'Could not find a DNS record for hostname %s. ' . - 'Assuming network is down.', - $hostname - )); - } - $file = $file_downloader->get($hostname, '/phpbb', '30x.txt'); $errstr = $file_downloader->get_error_string(); $errno = $file_downloader->get_error_number(); From efff5ac49e04a73cc1c9c92620e0f534ec1ee109 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 23 Jul 2024 21:06:48 +0200 Subject: [PATCH 13/16] [ticket/12479] Fix use statements in file_downloader PHPBB-12479 --- phpBB/phpbb/file_downloader.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/phpBB/phpbb/file_downloader.php b/phpBB/phpbb/file_downloader.php index bf466c94bc6..b01f4c70436 100644 --- a/phpBB/phpbb/file_downloader.php +++ b/phpBB/phpbb/file_downloader.php @@ -14,9 +14,8 @@ namespace phpbb; use GuzzleHttp\Client; -use GuzzleHttp\Exception\RequestException ; +use GuzzleHttp\Exception\RequestException; use phpbb\exception\runtime_exception; -use function Amp\Promise\rethrow; class file_downloader { From ca561810081c7de02ea381c0dcc2199590caeb90 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 23 Jul 2024 21:25:22 +0200 Subject: [PATCH 14/16] [ticket/12479] Use separate mock in "remote" file test PHPBB-12479 --- tests/version/version_helper_remote_test.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index e38f4d7b2c3..85acfb8fe4c 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -257,11 +257,11 @@ public function test_get_versions($input, $valid_data, $expected_return = '', $e public function test_version_phpbb_com() { - $this->guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') + $guzzle_mock = $this->getMockBuilder('\GuzzleHttp\Client') ->onlyMethods(['request']) ->getMock(); - $this->guzzle_mock->method('request') + $guzzle_mock->method('request') ->will($this->returnCallback(function() { return new \GuzzleHttp\Psr7\Response(200, [], file_get_contents(__DIR__ . '/fixture/30x.txt')); @@ -273,7 +273,7 @@ public function test_version_phpbb_com() ->getMock(); $file_downloader->method('create_client') - ->willReturn($this->guzzle_mock); + ->willReturn($guzzle_mock); $hostname = 'version.phpbb.com'; From c6b40259f73f19cce432d8249b4b13ca13b53678 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 24 Jul 2024 19:13:06 +0200 Subject: [PATCH 15/16] [ticket/12479] Add missing file fixture PHPBB-12479 --- tests/version/fixture/30x.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 tests/version/fixture/30x.txt diff --git a/tests/version/fixture/30x.txt b/tests/version/fixture/30x.txt new file mode 100644 index 00000000000..f138ad0c83b --- /dev/null +++ b/tests/version/fixture/30x.txt @@ -0,0 +1,4 @@ +3.0.14 +https://www.phpbb.com/community/viewtopic.php?f=14&t=2313941 +3.3.12 +https://www.phpbb.com/community/viewtopic.php?t=2653732 From c36c6a2308d811ccf31746793ed4d804ba7d9ee7 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 24 Jul 2024 21:29:35 +0200 Subject: [PATCH 16/16] [ticket/12479] Use fixed mssql docker version until Microsoft learns testing PHPBB-12479 --- .github/workflows/tests.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 4b5a58a30ff..249595cee4f 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -383,14 +383,14 @@ jobs: db: "mcr.microsoft.com/mssql/server:2019-latest" db_alias: 'MSSQL 2019' - php: '8.1' - db: "mcr.microsoft.com/mssql/server:2022-latest" + db: "mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04" db_alias: 'MSSQL 2022' name: PHP ${{ matrix.php }} - ${{ matrix.db_alias != '' && matrix.db_alias || matrix.db }} services: mssql: - image: ${{ matrix.db != 'mcr.microsoft.com/mssql/server:2017-latest' && matrix.db != 'mcr.microsoft.com/mssql/server:2019-latest' && matrix.db != 'mcr.microsoft.com/mssql/server:2022-latest' && 'mcr.microsoft.com/mssql/server:2017-latest' || matrix.db }} + image: ${{ matrix.db != 'mcr.microsoft.com/mssql/server:2017-latest' && matrix.db != 'mcr.microsoft.com/mssql/server:2019-latest' && matrix.db != 'mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04' && 'mcr.microsoft.com/mssql/server:2017-latest' || matrix.db }} env: SA_PASSWORD: "Pssw0rd_12" ACCEPT_EULA: "y" @@ -422,7 +422,7 @@ jobs: env: MATRIX_DB: ${{ matrix.db }} run: | - if [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2017-latest' ] || [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2019-latest' ] || [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2022-latest' ] + if [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2017-latest' ] || [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2019-latest' ] || [ $MATRIX_DB == 'mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04' ] then db='mssql' else