- Timestamp:
- Mar 6, 2019 9:18:39 PM (5 years ago)
- Location:
- trunk/lib
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r668 r670 78 78 'site_name' => null, 79 79 'site_email' => '', // Set to no-reply@HTTP_HOST if not set here. 80 'site_hostname' => '', // The hostname of this application (if not set, use a cleaned HTTP_HOST environment variable). 80 81 'site_url' => '', // URL to the root of the site (created during App->start()). 81 82 'page_url' => '', // URL to the current page (created during App->start()). … … 478 479 */ 479 480 481 $safe_http_host = preg_replace('/[^a-z\d.-]/', '', getenv('HTTP_HOST')); 482 if ('' != $safe_http_host && '' == $this->getParam('site_hostname')) { 483 $this->setParam(array('site_hostname' => $safe_http_host)); 484 } 485 480 486 // Site URL will become something like http://host.name.tld (no ending slash) 481 487 // and is used whenever a URL need be used to the current site. 482 488 // Not available on CLI scripts obviously. 483 if ( isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']&& '' == $this->getParam('site_url')) {484 $this->setParam(array('site_url' => sprintf('%s://%s', (getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST'))));489 if ($safe_http_host && '' == $this->getParam('site_url')) { 490 $this->setParam(array('site_url' => sprintf('%s://%s', (getenv('HTTPS') ? 'https' : 'http'), $safe_http_host))); 485 491 } 486 492 487 493 // Page URL will become a permalink to the current page. 488 494 // Also not available on CLI scripts obviously. 489 if ( isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']) {490 $this->setParam(array('page_url' => sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST'), getenv('REQUEST_URI'))));495 if ('' != $safe_http_host) { 496 $this->setParam(array('page_url' => sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), $safe_http_host, getenv('REQUEST_URI')))); 491 497 } 492 498 493 499 // In case site_email isn't set, use something halfway presentable. 494 if ( isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']&& '' == $this->getParam('site_email')) {495 $this->setParam(array('site_email' => sprintf('no-reply@%s', getenv('HTTP_HOST'))));500 if ('' != $safe_http_host && '' == $this->getParam('site_email')) { 501 $this->setParam(array('site_email' => sprintf('no-reply@%s', $safe_http_host))); 496 502 } 497 503 … … 909 915 // EMAIL ACTION 910 916 if (false !== $this->getParam('log_email_priority') && $priority <= $this->getParam('log_email_priority') && $send_notifications) { 911 $hostname = ( isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST']: php_uname('n');917 $hostname = ('' != $this->getParam('site_hostname')) ? $this->getParam('site_hostname') : php_uname('n'); 912 918 $subject = sprintf('[%s %s] %s', $hostname, $event['type'], mb_substr($event['message'], 0, 64)); 913 919 $email_msg = sprintf("A log event of type '%s' occurred on %s\n\n", $event['type'], $hostname); … … 923 929 // SMS ACTION 924 930 if (false !== $this->getParam('log_sms_priority') && $priority <= $this->getParam('log_sms_priority') && $send_notifications) { 925 $hostname = ( isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST']: php_uname('n');931 $hostname = ('' != $this->getParam('site_hostname')) ? $this->getParam('site_hostname') : php_uname('n'); 926 932 $subject = sprintf('[%s %s]', $hostname, $priority); 927 933 $sms_msg = sprintf('%s [%s:%s]', mb_substr($event_short['message'], 0, 64), basename($file), $line); … … 1391 1397 // If relative URL is given, prepend correct local hostname. 1392 1398 $scheme = getenv('HTTPS') ? 'https' : 'http'; 1393 $host = getenv('HTTP_HOST');1399 $host = $this->getParam('site_hostname'); 1394 1400 $url = sprintf('%s://%s%s', $scheme, $host, $url); 1395 1401 } -
trunk/lib/Email.inc.php
r668 r670 363 363 364 364 // Process headers. 365 $final_headers = array(); 365 $final_headers_arr = array(); 366 $final_headers = ''; 366 367 foreach ($headers as $key => $val) { 367 368 // Validate key and values. … … 385 386 continue; 386 387 } 387 $final_headers [] = sprintf('%s: %s', $key, $val);388 } 389 $final_headers = join($this->getParam('crlf'), $final_headers );388 $final_headers_arr[] = sprintf('%s: %s', $key, $val); 389 } 390 $final_headers = join($this->getParam('crlf'), $final_headers_arr); 390 391 391 392 // This is the address where delivery problems are sent to. We must strip off everything except the local@domain part. -
trunk/lib/Utilities.inc.php
r667 r670 1377 1377 1378 1378 if (!isset($urls[$url])) { 1379 if (!preg_match(' |https?://[\w.]+/|', $url)) {1379 if (!preg_match('!^https?://!i', $url)) { 1380 1380 // If we can't find a domain we assume the URL is local (i.e. "/my/url/path/" or "../img/file.jpg"). 1381 1381 $urls[$url] = true; 1382 1382 } else { 1383 $urls[$url] = preg_match(' |https?://[\w.]*' . preg_quote(getenv('HTTP_HOST'), '|') . '|i', $url);1383 $urls[$url] = preg_match('!^https?://' . preg_quote(getenv('HTTP_HOST'), '!') . '!i', $url); 1384 1384 } 1385 1385 } … … 1405 1405 function absoluteMe() 1406 1406 { 1407 return sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST'), getenv('REQUEST_URI')); 1407 $safe_http_host = preg_replace('/[^a-z\d.-]/', '', getenv('HTTP_HOST')); 1408 return sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), $safe_http_host, getenv('REQUEST_URI')); 1408 1409 } 1409 1410
Note: See TracChangeset
for help on using the changeset viewer.