From 87a4de40dee695557b2e8bf567ae5a82bc9e49e6 Mon Sep 17 00:00:00 2001 From: Samuel Georges Date: Sat, 16 Apr 2016 08:22:31 +1000 Subject: [PATCH] Address serialize/unserialize issues This will require a cache clear for the combiner Ref https://davidwalsh.name/php-serialize-unserialize-issues --- modules/backend/classes/WidgetBase.php | 11 +++++++---- modules/cms/classes/CmsCompoundObject.php | 4 ++-- modules/cms/classes/CodeParser.php | 10 ++++++++-- modules/cms/classes/MediaLibrary.php | 8 ++++++-- modules/cms/classes/Router.php | 16 ++++++++++++---- modules/cms/widgets/AssetList.php | 4 ++-- modules/system/classes/CombineAssets.php | 16 +++++++++------- modules/system/classes/UpdateManager.php | 8 ++++---- 8 files changed, 50 insertions(+), 27 deletions(-) diff --git a/modules/backend/classes/WidgetBase.php b/modules/backend/classes/WidgetBase.php index cf93e5256..209d4f92b 100644 --- a/modules/backend/classes/WidgetBase.php +++ b/modules/backend/classes/WidgetBase.php @@ -229,7 +229,7 @@ abstract class WidgetBase $currentStore = $this->getSession(); $currentStore[$key] = $value; - Session::put($sessionId, serialize($currentStore)); + Session::put($sessionId, base64_encode(serialize($currentStore))); } /** @@ -241,10 +241,13 @@ abstract class WidgetBase protected function getSession($key = null, $default = null) { $sessionId = $this->makeSessionId(); - $currentStore = []; - if (Session::has($sessionId)) { - $currentStore = unserialize(Session::get($sessionId)); + + if ( + Session::has($sessionId) && + ($cached = @unserialize(@base64_decode(Session::get($sessionId)))) !== false + ) { + $currentStore = $cached; } if ($key === null) { diff --git a/modules/cms/classes/CmsCompoundObject.php b/modules/cms/classes/CmsCompoundObject.php index abf381125..a7aeefe3a 100644 --- a/modules/cms/classes/CmsCompoundObject.php +++ b/modules/cms/classes/CmsCompoundObject.php @@ -268,7 +268,7 @@ class CmsCompoundObject extends CmsObject } else { $cached = Cache::get($key, false); - $unserialized = $cached ? @unserialize($cached) : false; + $unserialized = $cached ? @unserialize(@base64_decode($cached)) : false; $objectComponentMap = $unserialized ? $unserialized : []; if ($objectComponentMap) { self::$objectComponentPropertyMap = $objectComponentMap; @@ -312,7 +312,7 @@ class CmsCompoundObject extends CmsObject self::$objectComponentPropertyMap = $objectComponentMap; - Cache::put($key, serialize($objectComponentMap), Config::get('cms.parsedPageCacheTTL', 10)); + Cache::put($key, base64_encode(serialize($objectComponentMap)), Config::get('cms.parsedPageCacheTTL', 10)); if (array_key_exists($componentName, $objectComponentMap[$objectCode])) { return $objectComponentMap[$objectCode][$componentName]; diff --git a/modules/cms/classes/CodeParser.php b/modules/cms/classes/CodeParser.php index 496300f78..e0761dbdb 100644 --- a/modules/cms/classes/CodeParser.php +++ b/modules/cms/classes/CodeParser.php @@ -134,7 +134,7 @@ class CodeParser $cacheItem['mtime'] = $this->object->mtime; $cached[$this->filePath] = $cacheItem; - Cache::put($this->dataCacheKey, serialize($cached), 1440); + Cache::put($this->dataCacheKey, base64_encode(serialize($cached)), 1440); return self::$cache[$this->filePath] = $result; } @@ -171,6 +171,7 @@ class CodeParser protected function handleCorruptCache() { $path = $this->getFilePath(); + if (File::isFile($path)) { File::delete($path); } @@ -211,7 +212,11 @@ class CodeParser protected function getCachedInfo() { $cached = Cache::get($this->dataCacheKey, false); - if ($cached !== false && ($cached = @unserialize($cached)) !== false) { + + if ( + $cached !== false && + ($cached = @unserialize(@base64_decode($cached))) !== false + ) { return $cached; } @@ -225,6 +230,7 @@ class CodeParser protected function getCachedFileInfo() { $cached = $this->getCachedInfo(); + if ($cached !== null) { if (array_key_exists($this->filePath, $cached)) { return $cached[$this->filePath]; diff --git a/modules/cms/classes/MediaLibrary.php b/modules/cms/classes/MediaLibrary.php index 57ab26788..7dc8e940a 100644 --- a/modules/cms/classes/MediaLibrary.php +++ b/modules/cms/classes/MediaLibrary.php @@ -88,7 +88,7 @@ class MediaLibrary */ $cached = Cache::get('cms-media-library-contents', false); - $cached = $cached ? @unserialize($cached) : []; + $cached = $cached ? @unserialize(@base64_decode($cached)) : []; if (!is_array($cached)) { $cached = []; @@ -101,7 +101,11 @@ class MediaLibrary $folderContents = $this->scanFolderContents($fullFolderPath); $cached[$fullFolderPath] = $folderContents; - Cache::put(self::CACHE_KEY, serialize($cached), Config::get('cms.storage.media.ttl', 10)); + Cache::put( + self::CACHE_KEY, + base64_encode(serialize($cached)), + Config::get('cms.storage.media.ttl', 10) + ); } /* diff --git a/modules/cms/classes/Router.php b/modules/cms/classes/Router.php index b0bc76bfa..af87aa77e 100644 --- a/modules/cms/classes/Router.php +++ b/modules/cms/classes/Router.php @@ -117,7 +117,11 @@ class Router : $fileName; $key = $this->getUrlListCacheKey(); - Cache::put($key, serialize($urlList), Config::get('cms.urlCacheTtl', 1)); + Cache::put( + $key, + base64_encode(serialize($urlList)), + Config::get('cms.urlCacheTtl', 1) + ); } } } @@ -221,7 +225,7 @@ class Router $cached = false; } - if (!$cached || ($unserialized = @unserialize($cached)) === false) { + if (!$cached || ($unserialized = @unserialize(@base64_decode($cached))) === false) { /* * The item doesn't exist in the cache, create the map */ @@ -237,7 +241,7 @@ class Router $this->urlMap = $map; if ($cacheable) { - Cache::put($key, serialize($map), Config::get('cms.urlCacheTtl', 1)); + Cache::put($key, base64_encode(serialize($map)), Config::get('cms.urlCacheTtl', 1)); } return false; @@ -327,7 +331,11 @@ class Router $key = $this->getUrlListCacheKey(); $urlList = Cache::get($key, false); - if ($urlList && ($urlList = @unserialize($urlList)) && is_array($urlList)) { + if ( + $urlList && + ($urlList = @unserialize(@base64_decode($urlList))) && + is_array($urlList) + ) { if (array_key_exists($url, $urlList)) { return $urlList[$url]; } diff --git a/modules/cms/widgets/AssetList.php b/modules/cms/widgets/AssetList.php index ac202959c..f7c6db885 100644 --- a/modules/cms/widgets/AssetList.php +++ b/modules/cms/widgets/AssetList.php @@ -293,7 +293,7 @@ class AssetList extends WidgetBase $this->listDestinationDirectories($directories, $selectedList); $this->vars['directories'] = $directories; - $this->vars['selectedList'] = serialize(array_keys($selectedList)); + $this->vars['selectedList'] = base64_encode(serialize(array_keys($selectedList))); return $this->makePartial('move_form'); } @@ -316,7 +316,7 @@ class AssetList extends WidgetBase throw new ApplicationException(Lang::get('cms::lang.asset.destination_not_found')); } - $list = @unserialize($selectedList); + $list = @unserialize(@base64_decode($selectedList)); if ($list === false) { throw new ApplicationException(Lang::get('cms::lang.asset.selected_files_not_found')); } diff --git a/modules/system/classes/CombineAssets.php b/modules/system/classes/CombineAssets.php index 7720d3159..a748e653f 100644 --- a/modules/system/classes/CombineAssets.php +++ b/modules/system/classes/CombineAssets.php @@ -167,7 +167,7 @@ class CombineAssets { $cacheInfo = $this->getCache($cacheId); if (!$cacheInfo) { - throw new ApplicationException(Lang::get('cms::lang.combiner.not_found', ['name'=>$cacheId])); + throw new ApplicationException(Lang::get('system::lang.combiner.not_found', ['name'=>$cacheId])); } $this->localPath = $cacheInfo['path']; @@ -615,7 +615,7 @@ class CombineAssets } $this->putCacheIndex($cacheId); - Cache::forever($cacheId, serialize($cacheInfo)); + Cache::forever($cacheId, base64_encode(serialize($cacheInfo))); return true; } @@ -632,7 +632,7 @@ class CombineAssets return false; } - return unserialize(Cache::get($cacheId)); + return @unserialize(@base64_decode(Cache::get($cacheId))); } /** @@ -655,7 +655,8 @@ class CombineAssets return; } - $index = unserialize(Cache::get('combiner.index')); + $index = (array) @unserialize(@base64_decode(Cache::get('combiner.index'))) ?: []; + foreach ($index as $cacheId) { Cache::forget($cacheId); } @@ -672,9 +673,9 @@ class CombineAssets protected function putCacheIndex($cacheId) { $index = []; - + if (Cache::has('combiner.index')) { - $index = unserialize(Cache::get('combiner.index')); + $index = (array) @unserialize(@base64_decode(Cache::get('combiner.index'))) ?: []; } if (in_array($cacheId, $index)) { @@ -683,7 +684,8 @@ class CombineAssets $index[] = $cacheId; - Cache::forever('combiner.index', serialize($index)); + Cache::forever('combiner.index', base64_encode(serialize($index))); + return true; } } diff --git a/modules/system/classes/UpdateManager.php b/modules/system/classes/UpdateManager.php index 829f3d03d..206e4beae 100644 --- a/modules/system/classes/UpdateManager.php +++ b/modules/system/classes/UpdateManager.php @@ -637,11 +637,11 @@ class UpdateManager $cacheKey = 'system-updates-popular-'.$type; if (Cache::has($cacheKey)) { - return @unserialize(Cache::get($cacheKey)) ?: []; + return @unserialize(@base64_decode(Cache::get($cacheKey))) ?: []; } $data = $this->requestServerData($type.'/popular'); - Cache::put($cacheKey, serialize($data), 60); + Cache::put($cacheKey, base64_encode(serialize($data)), 60); foreach ($data as $product) { $code = array_get($product, 'code', -1); @@ -659,7 +659,7 @@ class UpdateManager $cacheKey = 'system-updates-product-details'; if (Cache::has($cacheKey)) { - $this->productCache = @unserialize(Cache::get($cacheKey)) ?: $defaultCache; + $this->productCache = @unserialize(@base64_decode(Cache::get($cacheKey))) ?: $defaultCache; } else { $this->productCache = $defaultCache; @@ -674,7 +674,7 @@ class UpdateManager $cacheKey = 'system-updates-product-details'; $expiresAt = Carbon::now()->addDays(2); - Cache::put($cacheKey, serialize($this->productCache), $expiresAt); + Cache::put($cacheKey, base64_encode(serialize($this->productCache)), $expiresAt); } protected function cacheProductDetail($type, $code, $data)