diff --git a/.gitignore b/.gitignore index 93fa0b6429dbc..5d82596f77fa7 100644 --- a/.gitignore +++ b/.gitignore @@ -204,6 +204,7 @@ Desktop.ini /libraries/vendor/simplepie/simplepie/idn/ReadMe.txt /libraries/vendor/simplepie/simplepie/composer.json /libraries/vendor/typo3/phar-stream-wrapper/tests +/libraries/vendor/typo3/phar-stream-wrapper/.appveyor.yml /libraries/vendor/typo3/phar-stream-wrapper/.gitattributes /libraries/vendor/typo3/phar-stream-wrapper/.gitignore /libraries/vendor/typo3/phar-stream-wrapper/.travis.yml diff --git a/composer.json b/composer.json index a4ddef65e5d59..daf739d7ba3ee 100644 --- a/composer.json +++ b/composer.json @@ -37,7 +37,7 @@ "ircmaxell/password-compat": "1.*", "leafo/lessphp": "0.5.0", "paragonie/random_compat": "~1.4", - "paragonie/sodium_compat": "~1.6", + "paragonie/sodium_compat": "1.9.1", "phpmailer/phpmailer": "^5.2.20", "symfony/polyfill-php55": "~1.9", "symfony/polyfill-php56": "~1.9", diff --git a/composer.lock b/composer.lock index e9716c954ec9c..f19a3200e04dc 100644 --- a/composer.lock +++ b/composer.lock @@ -1,10 +1,10 @@ { "_readme": [ "This file locks the dependencies of your project to a known state", - "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "4fb2cf95954e5222f187ff2959187d72", + "content-hash": "d1f6b442e260dddddd65b634e7b4b767", "packages": [ { "name": "brumann/polyfill-unserialize", @@ -572,16 +572,16 @@ }, { "name": "joomla/input", - "version": "1.3.0", + "version": "1.4.0", "source": { "type": "git", "url": "https://github.com/joomla-framework/input.git", - "reference": "17a9bc63a040f547e9eeda91ee391b15e9865815" + "reference": "a89927d412cdc8172889e3e0e3e66a134f367be1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/joomla-framework/input/zipball/17a9bc63a040f547e9eeda91ee391b15e9865815", - "reference": "17a9bc63a040f547e9eeda91ee391b15e9865815", + "url": "https://api.github.com/repos/joomla-framework/input/zipball/a89927d412cdc8172889e3e0e3e66a134f367be1", + "reference": "a89927d412cdc8172889e3e0e3e66a134f367be1", "shasum": "" }, "require": { @@ -615,7 +615,7 @@ "input", "joomla" ], - "time": "2018-06-26T02:10:46+00:00" + "time": "2019-06-15T22:13:58+00:00" }, { "name": "joomla/ldap", @@ -723,22 +723,23 @@ }, { "name": "joomla/session", - "version": "1.4.0", + "version": "1.5.0", "target-dir": "Joomla/Session", "source": { "type": "git", "url": "https://github.com/joomla-framework/session.git", - "reference": "ac557447e3193d69967d10e720eab9b582d841d7" + "reference": "ae55b6cc56778003ce59ac314335ed38a451b2c7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/joomla-framework/session/zipball/ac557447e3193d69967d10e720eab9b582d841d7", - "reference": "ac557447e3193d69967d10e720eab9b582d841d7", + "url": "https://api.github.com/repos/joomla-framework/session/zipball/ae55b6cc56778003ce59ac314335ed38a451b2c7", + "reference": "ae55b6cc56778003ce59ac314335ed38a451b2c7", "shasum": "" }, "require": { "joomla/event": "~1.1", "joomla/filter": "~1.0", + "joomla/input": "~1.4", "paragonie/random_compat": "~1.0|~2.0", "php": "^5.3.10|~7.0" }, @@ -753,6 +754,11 @@ "joomla/database": "Install joomla/database if you want to use Database session storage." }, "type": "joomla-package", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, "autoload": { "psr-0": { "Joomla\\Session": "" @@ -769,7 +775,7 @@ "joomla", "session" ], - "time": "2019-03-10T15:20:33+00:00" + "time": "2019-06-15T22:14:06+00:00" }, { "name": "joomla/string", @@ -1664,7 +1670,7 @@ }, { "name": "symfony/yaml", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/yaml.git", @@ -1714,27 +1720,30 @@ }, { "name": "typo3/phar-stream-wrapper", - "version": "v2.1.0", + "version": "v2.1.2", "source": { "type": "git", "url": "https://github.com/TYPO3/phar-stream-wrapper.git", - "reference": "b7a21f0859059ed5d9754af8c11f852d43762334" + "reference": "057622f5a3b92a5ffbea0fbaadce573500a62870" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/TYPO3/phar-stream-wrapper/zipball/b7a21f0859059ed5d9754af8c11f852d43762334", - "reference": "b7a21f0859059ed5d9754af8c11f852d43762334", + "url": "https://api.github.com/repos/TYPO3/phar-stream-wrapper/zipball/057622f5a3b92a5ffbea0fbaadce573500a62870", + "reference": "057622f5a3b92a5ffbea0fbaadce573500a62870", "shasum": "" }, "require": { "brumann/polyfill-unserialize": "^1.0", - "ext-fileinfo": "*", "ext-json": "*", "php": "^5.3.3|^7.0" }, "require-dev": { + "ext-xdebug": "*", "phpunit/phpunit": "^4.8.36" }, + "suggest": { + "ext-fileinfo": "For PHP builtin file type guessing, otherwise uses internal processing" + }, "type": "library", "autoload": { "psr-4": { @@ -1753,7 +1762,7 @@ "security", "stream-wrapper" ], - "time": "2019-03-01T17:43:52+00:00" + "time": "2019-05-14T13:14:31+00:00" } ], "packages-dev": [ @@ -1970,16 +1979,16 @@ }, { "name": "phpspec/prophecy", - "version": "1.8.0", + "version": "1.8.1", "source": { "type": "git", "url": "https://github.com/phpspec/prophecy.git", - "reference": "4ba436b55987b4bf311cb7c6ba82aa528aac0a06" + "reference": "1927e75f4ed19131ec9bcc3b002e07fb1173ee76" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpspec/prophecy/zipball/4ba436b55987b4bf311cb7c6ba82aa528aac0a06", - "reference": "4ba436b55987b4bf311cb7c6ba82aa528aac0a06", + "url": "https://api.github.com/repos/phpspec/prophecy/zipball/1927e75f4ed19131ec9bcc3b002e07fb1173ee76", + "reference": "1927e75f4ed19131ec9bcc3b002e07fb1173ee76", "shasum": "" }, "require": { @@ -2000,8 +2009,8 @@ } }, "autoload": { - "psr-0": { - "Prophecy\\": "src/" + "psr-4": { + "Prophecy\\": "src/Prophecy" } }, "notification-url": "https://packagist.org/downloads/", @@ -2029,7 +2038,7 @@ "spy", "stub" ], - "time": "2018-08-05T17:53:17+00:00" + "time": "2019-06-13T12:50:23+00:00" }, { "name": "phpunit/dbunit", @@ -2917,7 +2926,7 @@ }, { "name": "symfony/console", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/console.git", @@ -2978,7 +2987,7 @@ }, { "name": "symfony/debug", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/debug.git", @@ -3035,7 +3044,7 @@ }, { "name": "symfony/event-dispatcher", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/event-dispatcher.git", @@ -3095,7 +3104,7 @@ }, { "name": "symfony/filesystem", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", @@ -3145,7 +3154,7 @@ }, { "name": "symfony/finder", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", @@ -3253,7 +3262,7 @@ }, { "name": "symfony/process", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/process.git", @@ -3302,7 +3311,7 @@ }, { "name": "symfony/stopwatch", - "version": "v2.8.49", + "version": "v2.8.50", "source": { "type": "git", "url": "https://github.com/symfony/stopwatch.git", diff --git a/libraries/vendor/composer/autoload_classmap.php b/libraries/vendor/composer/autoload_classmap.php index a9653c1dfec50..52b2d8b2b2d6e 100644 --- a/libraries/vendor/composer/autoload_classmap.php +++ b/libraries/vendor/composer/autoload_classmap.php @@ -136,9 +136,6 @@ 'Psr\\Log\\LoggerInterface' => $vendorDir . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => $vendorDir . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => $vendorDir . '/psr/log/Psr/Log/NullLogger.php', - 'Psr\\Log\\Test\\DummyTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\LoggerInterfaceTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\TestLogger' => $vendorDir . '/psr/log/Psr/Log/Test/TestLogger.php', 'ReCaptcha\\ReCaptcha' => $vendorDir . '/google/recaptcha/src/ReCaptcha/ReCaptcha.php', 'ReCaptcha\\RequestMethod' => $vendorDir . '/google/recaptcha/src/ReCaptcha/RequestMethod.php', 'ReCaptcha\\RequestMethod\\Curl' => $vendorDir . '/google/recaptcha/src/ReCaptcha/RequestMethod/Curl.php', @@ -201,11 +198,6 @@ 'Symfony\\Polyfill\\Util\\Binary' => $vendorDir . '/symfony/polyfill-util/Binary.php', 'Symfony\\Polyfill\\Util\\BinaryNoFuncOverload' => $vendorDir . '/symfony/polyfill-util/BinaryNoFuncOverload.php', 'Symfony\\Polyfill\\Util\\BinaryOnFuncOverload' => $vendorDir . '/symfony/polyfill-util/BinaryOnFuncOverload.php', - 'Symfony\\Polyfill\\Util\\TestListener' => $vendorDir . '/symfony/polyfill-util/TestListener.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV5' => $vendorDir . '/symfony/polyfill-util/TestListenerForV5.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV6' => $vendorDir . '/symfony/polyfill-util/TestListenerForV6.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV7' => $vendorDir . '/symfony/polyfill-util/TestListenerForV7.php', - 'Symfony\\Polyfill\\Util\\TestListenerTrait' => $vendorDir . '/symfony/polyfill-util/TestListenerTrait.php', 'TYPO3\\PharStreamWrapper\\Assertable' => $vendorDir . '/typo3/phar-stream-wrapper/src/Assertable.php', 'TYPO3\\PharStreamWrapper\\Behavior' => $vendorDir . '/typo3/phar-stream-wrapper/src/Behavior.php', 'TYPO3\\PharStreamWrapper\\Collectable' => $vendorDir . '/typo3/phar-stream-wrapper/src/Collectable.php', diff --git a/libraries/vendor/composer/autoload_static.php b/libraries/vendor/composer/autoload_static.php index 7573d8d8bd0a4..8822ca3d72d67 100644 --- a/libraries/vendor/composer/autoload_static.php +++ b/libraries/vendor/composer/autoload_static.php @@ -344,9 +344,6 @@ class ComposerStaticInit205c915b9c7d3e718e7c95793ee67ffe 'Psr\\Log\\LoggerInterface' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/NullLogger.php', - 'Psr\\Log\\Test\\DummyTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\LoggerInterfaceTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\TestLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/TestLogger.php', 'ReCaptcha\\ReCaptcha' => __DIR__ . '/..' . '/google/recaptcha/src/ReCaptcha/ReCaptcha.php', 'ReCaptcha\\RequestMethod' => __DIR__ . '/..' . '/google/recaptcha/src/ReCaptcha/RequestMethod.php', 'ReCaptcha\\RequestMethod\\Curl' => __DIR__ . '/..' . '/google/recaptcha/src/ReCaptcha/RequestMethod/Curl.php', @@ -409,11 +406,6 @@ class ComposerStaticInit205c915b9c7d3e718e7c95793ee67ffe 'Symfony\\Polyfill\\Util\\Binary' => __DIR__ . '/..' . '/symfony/polyfill-util/Binary.php', 'Symfony\\Polyfill\\Util\\BinaryNoFuncOverload' => __DIR__ . '/..' . '/symfony/polyfill-util/BinaryNoFuncOverload.php', 'Symfony\\Polyfill\\Util\\BinaryOnFuncOverload' => __DIR__ . '/..' . '/symfony/polyfill-util/BinaryOnFuncOverload.php', - 'Symfony\\Polyfill\\Util\\TestListener' => __DIR__ . '/..' . '/symfony/polyfill-util/TestListener.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV5' => __DIR__ . '/..' . '/symfony/polyfill-util/TestListenerForV5.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV6' => __DIR__ . '/..' . '/symfony/polyfill-util/TestListenerForV6.php', - 'Symfony\\Polyfill\\Util\\TestListenerForV7' => __DIR__ . '/..' . '/symfony/polyfill-util/TestListenerForV7.php', - 'Symfony\\Polyfill\\Util\\TestListenerTrait' => __DIR__ . '/..' . '/symfony/polyfill-util/TestListenerTrait.php', 'TYPO3\\PharStreamWrapper\\Assertable' => __DIR__ . '/..' . '/typo3/phar-stream-wrapper/src/Assertable.php', 'TYPO3\\PharStreamWrapper\\Behavior' => __DIR__ . '/..' . '/typo3/phar-stream-wrapper/src/Behavior.php', 'TYPO3\\PharStreamWrapper\\Collectable' => __DIR__ . '/..' . '/typo3/phar-stream-wrapper/src/Collectable.php', diff --git a/libraries/vendor/composer/installed.json b/libraries/vendor/composer/installed.json index 401afdbe402b4..eace17419ba5a 100644 --- a/libraries/vendor/composer/installed.json +++ b/libraries/vendor/composer/installed.json @@ -589,17 +589,17 @@ }, { "name": "joomla/input", - "version": "1.3.0", - "version_normalized": "1.3.0.0", + "version": "1.4.0", + "version_normalized": "1.4.0.0", "source": { "type": "git", "url": "https://github.com/joomla-framework/input.git", - "reference": "17a9bc63a040f547e9eeda91ee391b15e9865815" + "reference": "a89927d412cdc8172889e3e0e3e66a134f367be1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/joomla-framework/input/zipball/17a9bc63a040f547e9eeda91ee391b15e9865815", - "reference": "17a9bc63a040f547e9eeda91ee391b15e9865815", + "url": "https://api.github.com/repos/joomla-framework/input/zipball/a89927d412cdc8172889e3e0e3e66a134f367be1", + "reference": "a89927d412cdc8172889e3e0e3e66a134f367be1", "shasum": "" }, "require": { @@ -611,7 +611,7 @@ "joomla/test": "~1.0", "phpunit/phpunit": "^4.8.35|^5.4.3|~6.0" }, - "time": "2018-06-26T02:10:46+00:00", + "time": "2019-06-15T22:13:58+00:00", "type": "joomla-package", "extra": { "branch-alias": { @@ -746,23 +746,24 @@ }, { "name": "joomla/session", - "version": "1.4.0", - "version_normalized": "1.4.0.0", + "version": "1.5.0", + "version_normalized": "1.5.0.0", "target-dir": "Joomla/Session", "source": { "type": "git", "url": "https://github.com/joomla-framework/session.git", - "reference": "ac557447e3193d69967d10e720eab9b582d841d7" + "reference": "ae55b6cc56778003ce59ac314335ed38a451b2c7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/joomla-framework/session/zipball/ac557447e3193d69967d10e720eab9b582d841d7", - "reference": "ac557447e3193d69967d10e720eab9b582d841d7", + "url": "https://api.github.com/repos/joomla-framework/session/zipball/ae55b6cc56778003ce59ac314335ed38a451b2c7", + "reference": "ae55b6cc56778003ce59ac314335ed38a451b2c7", "shasum": "" }, "require": { "joomla/event": "~1.1", "joomla/filter": "~1.0", + "joomla/input": "~1.4", "paragonie/random_compat": "~1.0|~2.0", "php": "^5.3.10|~7.0" }, @@ -776,8 +777,13 @@ "suggest": { "joomla/database": "Install joomla/database if you want to use Database session storage." }, - "time": "2019-03-10T15:20:33+00:00", + "time": "2019-06-15T22:14:06+00:00", "type": "joomla-package", + "extra": { + "branch-alias": { + "dev-master": "1.x-dev" + } + }, "installation-source": "dist", "autoload": { "psr-0": { @@ -1721,8 +1727,8 @@ }, { "name": "symfony/yaml", - "version": "v2.8.49", - "version_normalized": "2.8.49.0", + "version": "v2.8.50", + "version_normalized": "2.8.50.0", "source": { "type": "git", "url": "https://github.com/symfony/yaml.git", @@ -1773,29 +1779,32 @@ }, { "name": "typo3/phar-stream-wrapper", - "version": "v2.1.0", - "version_normalized": "2.1.0.0", + "version": "v2.1.2", + "version_normalized": "2.1.2.0", "source": { "type": "git", "url": "https://github.com/TYPO3/phar-stream-wrapper.git", - "reference": "b7a21f0859059ed5d9754af8c11f852d43762334" + "reference": "057622f5a3b92a5ffbea0fbaadce573500a62870" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/TYPO3/phar-stream-wrapper/zipball/b7a21f0859059ed5d9754af8c11f852d43762334", - "reference": "b7a21f0859059ed5d9754af8c11f852d43762334", + "url": "https://api.github.com/repos/TYPO3/phar-stream-wrapper/zipball/057622f5a3b92a5ffbea0fbaadce573500a62870", + "reference": "057622f5a3b92a5ffbea0fbaadce573500a62870", "shasum": "" }, "require": { "brumann/polyfill-unserialize": "^1.0", - "ext-fileinfo": "*", "ext-json": "*", "php": "^5.3.3|^7.0" }, "require-dev": { + "ext-xdebug": "*", "phpunit/phpunit": "^4.8.36" }, - "time": "2019-03-01T17:43:52+00:00", + "suggest": { + "ext-fileinfo": "For PHP builtin file type guessing, otherwise uses internal processing" + }, + "time": "2019-05-14T13:14:31+00:00", "type": "library", "installation-source": "source", "autoload": { diff --git a/libraries/vendor/joomla/input/src/Cli.php b/libraries/vendor/joomla/input/src/Cli.php index dc489e0df7c7d..586084ea30d5e 100644 --- a/libraries/vendor/joomla/input/src/Cli.php +++ b/libraries/vendor/joomla/input/src/Cli.php @@ -2,7 +2,7 @@ /** * Part of the Joomla Framework Input Package * - * @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ @@ -13,7 +13,8 @@ /** * Joomla! Input CLI Class * - * @since 1.0 + * @since 1.0 + * @deprecated 2.0 Use a Symfony\Component\Console\Input\InputInterface implementation when using the `joomla/console` package */ class Cli extends Input { @@ -74,8 +75,7 @@ public function serialize() // Remove $_ENV and $_SERVER from the inputs. $inputs = $this->inputs; - unset($inputs['env']); - unset($inputs['server']); + unset($inputs['env'], $inputs['server']); // Serialize the executable, args, options, data, and inputs. return serialize(array($this->executable, $this->args, $this->options, $this->data, $inputs)); @@ -139,7 +139,7 @@ protected function parseArguments() $out = array(); - for ($i = 0, $j = count($argv); $i < $j; $i++) + for ($i = 0, $j = \count($argv); $i < $j; $i++) { $arg = $argv[$i]; @@ -198,7 +198,7 @@ protected function parseArguments() } // -a a-value - if ((count($chars) === 1) && ($i + 1 < $j) && ($argv[$i + 1][0] !== '-')) + if ((\count($chars) === 1) && ($i + 1 < $j) && ($argv[$i + 1][0] !== '-')) { $out[$key] = $argv[$i + 1]; $i++; diff --git a/libraries/vendor/joomla/input/src/Cookie.php b/libraries/vendor/joomla/input/src/Cookie.php index e36b7ea66aa18..09c8405f2010e 100644 --- a/libraries/vendor/joomla/input/src/Cookie.php +++ b/libraries/vendor/joomla/input/src/Cookie.php @@ -2,7 +2,7 @@ /** * Part of the Joomla Framework Input Package * - * @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ @@ -48,42 +48,75 @@ public function __construct($source = null, array $options = array()) * * @param string $name Name of the value to set. * @param mixed $value Value to assign to the input. - * @param integer $expire The time the cookie expires. This is a Unix timestamp so is in number - * of seconds since the epoch. In other words, you'll most likely set this - * with the time() function plus the number of seconds before you want it - * to expire. Or you might use mktime(). time()+60*60*24*30 will set the - * cookie to expire in 30 days. If set to 0, or omitted, the cookie will - * expire at the end of the session (when the browser closes). - * @param string $path The path on the server in which the cookie will be available on. If set - * to '/', the cookie will be available within the entire domain. If set to - * '/foo/', the cookie will only be available within the /foo/ directory and - * all sub-directories such as /foo/bar/ of domain. The default value is the - * current directory that the cookie is being set in. - * @param string $domain The domain that the cookie is available to. To make the cookie available - * on all subdomains of example.com (including example.com itself) then you'd - * set it to '.example.com'. Although some browsers will accept cookies without - * the initial ., RFC 2109 requires it to be included. Setting the domain to - * 'www.example.com' or '.www.example.com' will make the cookie only available - * in the www subdomain. - * @param boolean $secure Indicates that the cookie should only be transmitted over a secure HTTPS - * connection from the client. When set to TRUE, the cookie will only be set - * if a secure connection exists. On the server-side, it's on the programmer - * to send this kind of cookie only on secure connection (e.g. with respect - * to $_SERVER["HTTPS"]). - * @param boolean $httpOnly When TRUE the cookie will be made accessible only through the HTTP protocol. - * This means that the cookie won't be accessible by scripting languages, such - * as JavaScript. This setting can effectively help to reduce identity theft - * through XSS attacks (although it is not supported by all browsers). + * @param array $options An associative array which may have any of the keys expires, path, domain, + * secure, httponly and samesite. The values have the same meaning as described + * for the parameters with the same name. The value of the samesite element + * should be either Lax or Strict. If any of the allowed options are not given, + * their default values are the same as the default values of the explicit + * parameters. If the samesite element is omitted, no SameSite cookie attribute + * is set. * * @return void * - * @link http://www.ietf.org/rfc/rfc2109.txt - * @see setcookie() + * @link https://www.ietf.org/rfc/rfc2109.txt + * @link https://php.net/manual/en/function.setcookie.php + * * @since 1.0 + * + * @note As of 1.4.0, the (name, value, expire, path, domain, secure, httpOnly) signature is deprecated and will not be supported + * when support for PHP 7.2 and earlier is dropped */ - public function set($name, $value, $expire = 0, $path = '', $domain = '', $secure = false, $httpOnly = false) + public function set($name, $value, $options = array()) { - setcookie($name, $value, $expire, $path, $domain, $secure, $httpOnly); + // BC layer to convert old method parameters. + if (is_array($options) === false) + { + $argList = func_get_args(); + + $options = array( + 'expires' => isset($argList[2]) === true ? $argList[2] : 0, + 'path' => isset($argList[3]) === true ? $argList[3] : '', + 'domain' => isset($argList[4]) === true ? $argList[4] : '', + 'secure' => isset($argList[5]) === true ? $argList[5] : false, + 'httponly' => isset($argList[6]) === true ? $argList[6] : false, + ); + } + + // Set the cookie + if (version_compare(PHP_VERSION, '7.3', '>=')) + { + setcookie($name, $value, $options); + } + else + { + // Using the setcookie function before php 7.3, make sure we have default values. + if (array_key_exists('expires', $options) === false) + { + $options['expires'] = 0; + } + + if (array_key_exists('path', $options) === false) + { + $options['path'] = ''; + } + + if (array_key_exists('domain', $options) === false) + { + $options['domain'] = ''; + } + + if (array_key_exists('secure', $options) === false) + { + $options['secure'] = false; + } + + if (array_key_exists('httponly', $options) === false) + { + $options['httponly'] = false; + } + + setcookie($name, $value, $options['expires'], $options['path'], $options['domain'], $options['secure'], $options['httponly']); + } $this->data[$name] = $value; } diff --git a/libraries/vendor/joomla/input/src/Files.php b/libraries/vendor/joomla/input/src/Files.php index 49533a5a801b1..b08316a4fbe90 100644 --- a/libraries/vendor/joomla/input/src/Files.php +++ b/libraries/vendor/joomla/input/src/Files.php @@ -2,7 +2,7 @@ /** * Part of the Joomla Framework Input Package * - * @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ @@ -74,7 +74,7 @@ public function get($name, $default = null, $filter = 'cmd') $this->data[$name]['type'], $this->data[$name]['tmp_name'], $this->data[$name]['error'], - $this->data[$name]['size'] + $this->data[$name]['size'], ) ); @@ -97,7 +97,7 @@ protected function decodeData(array $data) { $result = array(); - if (is_array($data[0])) + if (\is_array($data[0])) { foreach ($data[0] as $k => $v) { diff --git a/libraries/vendor/joomla/input/src/Input.php b/libraries/vendor/joomla/input/src/Input.php index ecb4343ee29c0..c4911729e324c 100644 --- a/libraries/vendor/joomla/input/src/Input.php +++ b/libraries/vendor/joomla/input/src/Input.php @@ -2,7 +2,7 @@ /** * Part of the Joomla Framework Input Package * - * @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ @@ -63,7 +63,7 @@ class Input implements \Serializable, \Countable * @var Filter\InputFilter * @since 1.0 */ - protected $filter = null; + protected $filter; /** * Input data. @@ -109,7 +109,7 @@ public function __construct($source = null, array $options = array()) $this->filter = new Filter\InputFilter; } - if (is_null($source)) + if ($source === null) { $this->data = &$_REQUEST; } @@ -149,7 +149,7 @@ public function __get($name) $superGlobal = '_' . strtoupper($name); - if (in_array(strtoupper($name), self::$allowedGlobals, true) && isset($GLOBALS[$superGlobal])) + if (\in_array(strtoupper($name), self::$allowedGlobals, true) && isset($GLOBALS[$superGlobal])) { $this->inputs[$name] = new Input($GLOBALS[$superGlobal], $this->options); @@ -169,7 +169,7 @@ public function __get($name) */ public function count() { - return count($this->data); + return \count($this->data); } /** @@ -208,7 +208,7 @@ public function get($name, $default = null, $filter = 'cmd') */ public function getArray(array $vars = array(), $datasource = null) { - if (empty($vars) && is_null($datasource)) + if (empty($vars) && $datasource === null) { $vars = $this->data; } @@ -217,9 +217,9 @@ public function getArray(array $vars = array(), $datasource = null) foreach ($vars as $k => $v) { - if (is_array($v)) + if (\is_array($v)) { - if (is_null($datasource)) + if ($datasource === null) { $results[$k] = $this->getArray($v, $this->get($k, null, 'array')); } @@ -230,7 +230,7 @@ public function getArray(array $vars = array(), $datasource = null) } else { - if (is_null($datasource)) + if ($datasource === null) { $results[$k] = $this->get($k, null, $v); } @@ -375,8 +375,7 @@ public function serialize() // Remove $_ENV and $_SERVER from the inputs. $inputs = $this->inputs; - unset($inputs['env']); - unset($inputs['server']); + unset($inputs['env'], $inputs['server']); // Serialize the options, data, and inputs. return serialize(array($this->options, $this->data, $inputs)); @@ -422,7 +421,7 @@ protected function loadAllInputs() foreach ($GLOBALS as $global => $data) { // Check if the global starts with an underscore and is allowed. - if (strpos($global, '_') === 0 && in_array(substr($global, 1), self::$allowedGlobals, true)) + if (strpos($global, '_') === 0 && \in_array(substr($global, 1), self::$allowedGlobals, true)) { // Convert global name to input name. $global = strtolower($global); diff --git a/libraries/vendor/joomla/input/src/Json.php b/libraries/vendor/joomla/input/src/Json.php index 12a752497a86e..ac8da7309c864 100644 --- a/libraries/vendor/joomla/input/src/Json.php +++ b/libraries/vendor/joomla/input/src/Json.php @@ -2,7 +2,7 @@ /** * Part of the Joomla Framework Input Package * - * @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ @@ -45,12 +45,12 @@ public function __construct($source = null, array $options = array()) $this->filter = new Filter\InputFilter; } - if (is_null($source)) + if ($source === null) { $this->raw = file_get_contents('php://input'); // This is a workaround for where php://input has already been read. - // See note under php://input on http://php.net/manual/en/wrappers.php.php + // See note under php://input on https://www.php.net/manual/en/wrappers.php.php if (empty($this->raw) && isset($GLOBALS['HTTP_RAW_POST_DATA'])) { $this->raw = $GLOBALS['HTTP_RAW_POST_DATA']; @@ -58,7 +58,7 @@ public function __construct($source = null, array $options = array()) $this->data = json_decode($this->raw, true); - if (!is_array($this->data)) + if (!\is_array($this->data)) { $this->data = array(); } diff --git a/libraries/vendor/joomla/session/Joomla/Session/Session.php b/libraries/vendor/joomla/session/Joomla/Session/Session.php index 9f4122d455f64..725774c959726 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Session.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Session.php @@ -89,6 +89,24 @@ class Session implements \IteratorAggregate */ protected $cookie_path; + /** + * The configuration of the HttpOnly cookie. + * + * @var mixed + * @since 1.5.0 + * @deprecated 2.0 + */ + protected $cookie_httponly = true; + + /** + * The configuration of the SameSite cookie. + * + * @var mixed + * @since 1.5.0 + * @deprecated 2.0 + */ + protected $cookie_samesite; + /** * Session instances container. * @@ -598,7 +616,7 @@ protected function _start() if ($session_clean) { session_id($session_clean); - $cookie->set($session_name, '', 1); + $cookie->set($session_name, '', array('expires' => 1)); } } } @@ -646,7 +664,20 @@ public function destroy() */ $cookie = session_get_cookie_params(); - $this->input->cookie->set($this->getName(), '', 1, $cookie['path'], $cookie['domain'], $cookie['secure'], true); + $cookieOptions = array( + 'expires' => 1, + 'path' => $cookie['path'], + 'domain' => $cookie['domain'], + 'secure' => $cookie['secure'], + 'httponly' => true, + ); + + if (isset($cookie['samesite'])) + { + $cookieOptions['samesite'] = $cookie['samesite']; + } + + $this->input->cookie->set($this->getName(), '', $cookieOptions); session_unset(); session_destroy(); @@ -715,7 +746,14 @@ public function fork() $this->store->register(); // Restore config - session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure'], true); + if (version_compare(PHP_VERSION, '7.3', '>=')) + { + session_set_cookie_params($cookie); + } + else + { + session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure'], $cookie['httponly']); + } // Restart session with new id session_regenerate_id(true); @@ -804,7 +842,21 @@ protected function _setCookieParams() $cookie['path'] = $this->cookie_path; } - session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure'], true); + $cookie['httponly'] = $this->cookie_httponly; + + if ($this->cookie_samesite) + { + $cookie['samesite'] = $this->cookie_samesite; + } + + if (version_compare(PHP_VERSION, '7.3', '>=')) + { + session_set_cookie_params($cookie); + } + else + { + session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure'], $cookie['httponly']); + } } /** @@ -968,6 +1020,16 @@ protected function setOptions(array $options) $this->cookie_path = $options['cookie_path']; } + if (isset($options['cookie_httponly'])) + { + $this->cookie_httponly = (bool) $options['cookie_httponly']; + } + + if (isset($options['cookie_samesite'])) + { + $this->cookie_samesite = $options['cookie_samesite']; + } + // Sync the session maxlifetime if (!headers_sent()) { diff --git a/libraries/vendor/joomla/session/Joomla/Session/Storage.php b/libraries/vendor/joomla/session/Joomla/Session/Storage.php index 75d80f0742250..c088c3952c06f 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Storage.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Storage.php @@ -13,7 +13,7 @@ /** * Custom session storage handler for PHP * - * @link https://secure.php.net/manual/en/function.session-set-save-handler.php + * @link https://www.php.net/manual/en/function.session-set-save-handler.php * @since 1.0 * @deprecated 2.0 The Storage class chain will be removed. */ diff --git a/libraries/vendor/joomla/session/Joomla/Session/Storage/Apc.php b/libraries/vendor/joomla/session/Joomla/Session/Storage/Apc.php index 5294b1d8527ca..8083037987fa3 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Storage/Apc.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Storage/Apc.php @@ -13,7 +13,7 @@ /** * APC session storage handler for PHP * - * @link https://secure.php.net/manual/en/function.session-set-save-handler.php + * @link https://www.php.net/manual/en/function.session-set-save-handler.php * @since 1.0 * @deprecated 2.0 The Storage class chain will be removed. */ diff --git a/libraries/vendor/joomla/session/Joomla/Session/Storage/Apcu.php b/libraries/vendor/joomla/session/Joomla/Session/Storage/Apcu.php index a3299d6732652..e1f5f8c2236d8 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Storage/Apcu.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Storage/Apcu.php @@ -13,7 +13,7 @@ /** * APCU session storage handler for PHP * - * @link https://secure.php.net/manual/en/function.session-set-save-handler.php + * @link https://www.php.net/manual/en/function.session-set-save-handler.php * @since 1.4.0 * @deprecated 2.0 The Storage class chain will be removed. */ diff --git a/libraries/vendor/joomla/session/Joomla/Session/Storage/Database.php b/libraries/vendor/joomla/session/Joomla/Session/Storage/Database.php index fb1684092808a..0a1147b3ab753 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Storage/Database.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Storage/Database.php @@ -14,7 +14,7 @@ /** * Database session storage handler for PHP * - * @link https://secure.php.net/manual/en/function.session-set-save-handler.php + * @link https://www.php.net/manual/en/function.session-set-save-handler.php * @since 1.0 * @deprecated 2.0 The Storage class chain will be removed */ diff --git a/libraries/vendor/joomla/session/Joomla/Session/Storage/None.php b/libraries/vendor/joomla/session/Joomla/Session/Storage/None.php index 8a15b3b695447..8bae5a41cad59 100644 --- a/libraries/vendor/joomla/session/Joomla/Session/Storage/None.php +++ b/libraries/vendor/joomla/session/Joomla/Session/Storage/None.php @@ -13,7 +13,7 @@ /** * Default PHP configured session handler for Joomla! * - * @link https://secure.php.net/manual/en/function.session-set-save-handler.php + * @link https://www.php.net/manual/en/function.session-set-save-handler.php * @since 1.0 * @deprecated 2.0 The Storage class chain will be removed */ diff --git a/libraries/vendor/typo3/phar-stream-wrapper/composer.json b/libraries/vendor/typo3/phar-stream-wrapper/composer.json index f1d25a070d6b2..e36b09e7a5003 100644 --- a/libraries/vendor/typo3/phar-stream-wrapper/composer.json +++ b/libraries/vendor/typo3/phar-stream-wrapper/composer.json @@ -7,13 +7,16 @@ "keywords": ["php", "phar", "stream-wrapper", "security"], "require": { "php": "^5.3.3|^7.0", - "ext-fileinfo": "*", "ext-json": "*", "brumann/polyfill-unserialize": "^1.0" }, "require-dev": { + "ext-xdebug": "*", "phpunit/phpunit": "^4.8.36" }, + "suggest": { + "ext-fileinfo": "For PHP builtin file type guessing, otherwise uses internal processing" + }, "autoload": { "psr-4": { "TYPO3\\PharStreamWrapper\\": "src/" diff --git a/libraries/vendor/typo3/phar-stream-wrapper/src/Helper.php b/libraries/vendor/typo3/phar-stream-wrapper/src/Helper.php index c074ddea048f6..cdba65ca28151 100644 --- a/libraries/vendor/typo3/phar-stream-wrapper/src/Helper.php +++ b/libraries/vendor/typo3/phar-stream-wrapper/src/Helper.php @@ -52,7 +52,7 @@ public static function determineBaseFile($path) while (count($parts)) { $currentPath = implode('/', $parts); - if (@is_file($currentPath)) { + if (@is_file($currentPath) && realpath($currentPath) !== false) { return $currentPath; } array_pop($parts); @@ -106,7 +106,7 @@ public static function normalizePath($path) * @param string $path File path to process * @return string */ - private static function normalizeWindowsPath($path) + public static function normalizeWindowsPath($path) { return str_replace('\\', '/', $path); } diff --git a/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Container.php b/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Container.php index 3fbbaa57b03e7..f02387d73887a 100644 --- a/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Container.php +++ b/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Container.php @@ -54,6 +54,6 @@ public function getManifest() */ public function getAlias() { - return $this->stub->getMappedAlias() ?: $this->manifest->getAlias(); + return $this->manifest->getAlias() ?: $this->stub->getMappedAlias(); } } diff --git a/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Reader.php b/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Reader.php index faa254fbd9d5d..42794faf52977 100644 --- a/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Reader.php +++ b/libraries/vendor/typo3/phar-stream-wrapper/src/Phar/Reader.php @@ -19,6 +19,11 @@ class Reader private $fileName; /** + * Mime-type in order to use zlib, bzip2 or no compression. + * In case ext-fileinfo is not present only the relevant types + * 'application/x-gzip' and 'application/x-bzip2' are assigned + * to this class property. + * * @var string */ private $fileType; @@ -100,21 +105,19 @@ private function extractData($fileName) break; } - $stubPosition = strpos($line, ']*\?>(\r|\n)*#', '', $line); + // first line contains start of manifest + if ($stubContent === null && $manifestContent === null && $manifestPosition !== false) { + $stubContent = substr($line, 0, $manifestPosition - 1); + $manifestContent = preg_replace('#^.*__HALT_COMPILER\(\);(?>[ \n]\?>(?>\r\n|\n)?)?#', '', $line); $manifestLength = $this->resolveManifestLength($manifestContent); // line contains start of stub - } elseif ($stubContent === null && $stubPosition !== false) { - $stubContent = substr($line, $stubPosition); + } elseif ($stubContent === null) { + $stubContent = $line; // line contains start of manifest } elseif ($manifestContent === null && $manifestPosition !== false) { - $manifestContent = preg_replace('#^.*__HALT_COMPILER\(\)[^>]*\?>(\r|\n)*#', '', $line); + $manifestContent = preg_replace('#^.*__HALT_COMPILER\(\);(?>[ \n]\?>(?>\r\n|\n)?)?#', '', $line); $manifestLength = $this->resolveManifestLength($manifestContent); // manifest has been started (thus is cannot be stub anymore), add content } elseif ($manifestContent !== null) { @@ -154,8 +157,37 @@ private function resolveStream() */ private function determineFileType() { - $fileInfo = new \finfo(); - return $fileInfo->file($this->fileName, FILEINFO_MIME_TYPE); + if (class_exists('\\finfo')) { + $fileInfo = new \finfo(); + return $fileInfo->file($this->fileName, FILEINFO_MIME_TYPE); + } + return $this->determineFileTypeByHeader(); + } + + /** + * In case ext-fileinfo is not present only the relevant types + * 'application/x-gzip' and 'application/x-bzip2' are resolved. + * + * @return string + */ + private function determineFileTypeByHeader() + { + $resource = fopen($this->fileName, 'r'); + if (!is_resource($resource)) { + throw new ReaderException( + sprintf('Resource %s could not be opened', $this->fileName), + 1557753055 + ); + } + $header = fgets($resource, 4); + fclose($resource); + $mimeType = ''; + if (strpos($header, "\x42\x5a\x68") === 0) { + $mimeType = 'application/x-bzip2'; + } elseif (strpos($header, "\x1f\x8b") === 0) { + $mimeType = 'application/x-gzip'; + } + return $mimeType; } /** diff --git a/libraries/vendor/typo3/phar-stream-wrapper/src/Resolver/PharInvocationResolver.php b/libraries/vendor/typo3/phar-stream-wrapper/src/Resolver/PharInvocationResolver.php index 80b86d3db42fc..1dc42e8597e01 100644 --- a/libraries/vendor/typo3/phar-stream-wrapper/src/Resolver/PharInvocationResolver.php +++ b/libraries/vendor/typo3/phar-stream-wrapper/src/Resolver/PharInvocationResolver.php @@ -14,6 +14,7 @@ use TYPO3\PharStreamWrapper\Helper; use TYPO3\PharStreamWrapper\Manager; use TYPO3\PharStreamWrapper\Phar\Reader; +use TYPO3\PharStreamWrapper\Phar\ReaderException; use TYPO3\PharStreamWrapper\Resolvable; class PharInvocationResolver implements Resolvable @@ -59,7 +60,7 @@ public function resolve($path, $flags = null) { $hasPharPrefix = Helper::hasPharPrefix($path); if ($flags === null) { - $flags = static::RESOLVE_REALPATH | static::RESOLVE_ALIAS | static::ASSERT_INTERNAL_INVOCATION; + $flags = static::RESOLVE_REALPATH | static::RESOLVE_ALIAS; } if ($hasPharPrefix && $flags & static::RESOLVE_ALIAS) { @@ -147,9 +148,14 @@ private function resolveBaseName($path, $flags) } // ensure the possible alias name (how we have been called initially) matches // the resolved alias name that was retrieved by the current possible base name - $reader = new Reader($currentBaseName); - $currentAlias = $reader->resolveContainer()->getAlias(); - if ($currentAlias !== $possibleAlias) { + try { + $reader = new Reader($currentBaseName); + $currentAlias = $reader->resolveContainer()->getAlias(); + } catch (ReaderException $exception) { + // most probably that was not a Phar file + continue; + } + if (empty($currentAlias) || $currentAlias !== $possibleAlias) { continue; } $this->addBaseName($currentBaseName); @@ -215,7 +221,9 @@ private function addBaseName($baseName) if (isset($this->baseNames[$baseName])) { return; } - $this->baseNames[$baseName] = realpath($baseName); + $this->baseNames[$baseName] = Helper::normalizeWindowsPath( + realpath($baseName) + ); } /**