Sources/QueryString.php stripslashes__recursive in 1.1-3 and 1.1-4 Downloads

Started by nwsw, November 06, 2007, 10:56:25 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

nwsw

November 06, 2007, 10:56:25 AM
Our production copy is running SMF 1.1.4, but it was generated from the series of update packages that built on our original installation of the SMF 1.1 Charter Member Package.

I just got finished building the entire SMF 1.1 history into a git repository. During the branching of our production copy of SMF 1.1.4 into the respository, several discrepancies were revealed between our copy of 1.1.4 and the official download. In most cases, I opted for the version that was contained in the official download. However, there was one case where I opted for the version that we were using.

The official downloads for SMF 1.1.3 and SMF 1.1.4 contain a version of Sources/QueryString.php:stripslashes__recursive that I did not opt to keep. If you are interested, here is the delta from the official SMF 1.1.4 that I decided to keep (which had been preserved by the smf_1-1-2_to_1-1-3_patch.mod that we used when updating to 1.1.3).

git diff -U9 smf1.1.4 mynwsw1.1.4 Sources/QueryString.php

Code Select

@@ -363,37 +363,37 @@ function stripslashes__recursive($var, $level = 0)
{
if (!is_array($var))
return stripslashes($var);

// Reindex the array without slashes, this time.
$new_var = array();

// Strip the slashes from every element.
foreach ($var as $k => $v)
- $var[stripslashes($k)] = $level > 25 ? null : stripslashes__recursive($v, $level + 1);
+ $new_var[stripslashes($k)] = $level > 25 ? null : stripslashes__recursive($v, $level + 1);

- return $var;
+ return $new_var;
}

// Trim a string including the HTML space, character 160.
function htmltrim__recursive($var, $level = 0)
{
global $func;

// Remove spaces (32), tabs (9), returns (13, 10, and 11), nulls (0), and hard spaces. (160)
if (!is_array($var))
return isset($func) ? $func['htmltrim']($var) : trim($var, " \t\n\r\x0B\0\xA0");

// Go through all the elements and remove the whitespace.
foreach ($var as $k => $v)
- $new_var[$k] = $level > 25 ? null : htmltrim__recursive($v, $level + 1);
+ $var[$k] = $level > 25 ? null : htmltrim__recursive($v, $level + 1);

- return $new_var;
+ return $var;
}

SleePy

#1
November 06, 2007, 12:14:30 PM
So what about it?

Some lines where added some where removed, thats all that looks like happened.
Jeremy D ~ Site Team / SMF Developer ~ GitHub Profile ~ Join us on IRC @ Libera.chat/#smf ~ Support the SMF Support team!

nwsw

#2
November 06, 2007, 01:37:07 PM
Users that downloaded SMF 1.1.2 or earlier, then use posted updates to move to 1.1.4, will have a version of stripslashes__recursive that stripslashes on the keys of the array, altering both the key and value pairs at the same time.

Users that download SMF 1.1.3 or 1.1.4 directly will be using a version of stripslashes__recursive that does not properly stripslashes on any key=>value pairs where the key includes a slash.

It is obviously up to you guys whether you do anything with this information.

nwsw

#3
November 06, 2007, 06:03:29 PM Last Edit: November 06, 2007, 06:08:34 PM by ntworthy
I just found this prior topic (which didn't come up in my searches, but happens to be in close proximity to this one in the index):

Error when approving users after 1.1.3 --> 1.1.4 upgrade: new_var

The exact cause for that issue, and why it does not strike everyone, is explained here (see my full diff, which includes the htmltrim__recursive function as well).

nwsw

#4
December 18, 2007, 06:39:39 PM
Just a note: Although this topic has been moved to the fixed or bogus bugs, the full, upgrade, and update downloads for version 1.1.4 all still contain this problem. In those versions:


  • array keys that contain slashes will not be stripped in stripslashes__recursive, and neither will the data that those keys contain
  • calls to htmltrim__recursive with an empty array will result in an "Undefined variable: new_var" error (described in Topic 200048)

Anyone who started with 1.1.2 or earlier and applied the patches to get to 1.1.4 will not be subject to these issues.

SleePy

#5
December 18, 2007, 09:21:00 PM
I can see this in our svn for both 1.1 and 2.0 has been fixed. So it has been moved here.
It should appear in 1.1.5 fixed. When 1.1.5 will be released I do not know.
Jeremy D ~ Site Team / SMF Developer ~ GitHub Profile ~ Join us on IRC @ Libera.chat/#smf ~ Support the SMF Support team!

techstop

#6
March 19, 2008, 05:40:20 AM
Hi there. I have been using smf for quite some time now, so I have upgraded an installation along the way to 1.1.4. I have not noticed any issues until now. I recently installed a clean installation of 1.1.4, and the first problem I noticed was when my users were complaining that they had not received their account activation approval emails. I check the error log to find;

Code Select
http://my.forum.address/index.php?action=profile2;sa=activateAccount;userID=6;sesc

8: Undefined variable: new_var
File: /home/account_name/public_html/subdir/Sources/QueryString.php
Line: 390

...and then I end up in this thread. It seems the problem has been known for some time. Does this mean every user with a clean install of 1.1.4 will be having issues? Surely a patch for 1.1.4 could have been released within the last 3 months or so? I haven't had any smf issues until now.
Print
Go Up Pages1
User actions
Advertisement: