From b42a1cd93908b18ccb5f93c89804a179772095a0 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Sat, 1 Jun 2013 16:43:43 +0200
Subject: [PATCH] Fixed path info check in WCF/WCFACP

---
 .../install/files/lib/system/WCF.class.php    |  4 +-
 .../install/files/lib/system/WCFACP.class.php |  2 +-
 .../lib/system/request/RouteHandler.class.php | 66 ++++++++++++-------
 3 files changed, 45 insertions(+), 27 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/WCF.class.php b/wcfsetup/install/files/lib/system/WCF.class.php
index 0d403c5a59..8cd63a2f36 100644
--- a/wcfsetup/install/files/lib/system/WCF.class.php
+++ b/wcfsetup/install/files/lib/system/WCF.class.php
@@ -15,6 +15,7 @@ use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\SystemException;
 use wcf\system\language\LanguageFactory;
 use wcf\system\package\PackageInstallationDispatcher;
+use wcf\system\request\RouteHandler;
 use wcf\system\session\SessionFactory;
 use wcf\system\session\SessionHandler;
 use wcf\system\style\StyleHandler;
@@ -691,7 +692,8 @@ class WCF {
 	public static function getRequestURI() {
 		// resolve path and query components
 		$scriptName = $_SERVER['SCRIPT_NAME'];
-		if (empty($_SERVER['PATH_INFO'])) {
+		$pathInfo = RouteHandler::getPathInfo();
+		if (empty($pathInfo)) {
 			// bug fix if URL omits script name and path
 			$scriptName = substr($scriptName, 0, strrpos($scriptName, '/'));
 		}
diff --git a/wcfsetup/install/files/lib/system/WCFACP.class.php b/wcfsetup/install/files/lib/system/WCFACP.class.php
index 15d0207e7e..81fdfde8a3 100644
--- a/wcfsetup/install/files/lib/system/WCFACP.class.php
+++ b/wcfsetup/install/files/lib/system/WCFACP.class.php
@@ -60,7 +60,7 @@ class WCFACP extends WCF {
 	protected function initAuth() {
 		// this is a work-around since neither RequestHandler
 		// nor RouteHandler are populated right now
-		$pathInfo = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : '';
+		$pathInfo = RouteHandler::getPathInfo();
 		if (empty($pathInfo) || !preg_match('~^/(ACPCaptcha|Login|Logout)/~', $pathInfo)) {
 			if (WCF::getUser()->userID == 0) {
 				// build redirect path
diff --git a/wcfsetup/install/files/lib/system/request/RouteHandler.class.php b/wcfsetup/install/files/lib/system/request/RouteHandler.class.php
index 176b0e3ea3..8eaa4898f2 100644
--- a/wcfsetup/install/files/lib/system/request/RouteHandler.class.php
+++ b/wcfsetup/install/files/lib/system/request/RouteHandler.class.php
@@ -31,6 +31,12 @@ class RouteHandler extends SingletonFactory {
 	 */
 	protected static $path = '';
 	
+	/**
+	 * current path info component
+	 * @var	string
+	 */
+	protected static $pathInfo = '';
+	
 	/**
 	 * HTTP protocol, either 'http://' or 'https://'
 	 * @var	string
@@ -105,36 +111,12 @@ class RouteHandler extends SingletonFactory {
 	 * @return	boolean
 	 */
 	public function matches() {
-		$pathInfo = '';
-		if (isset($_SERVER['ORIG_PATH_INFO'])) {
-			$pathInfo = $_SERVER['ORIG_PATH_INFO'];
-			
-			// in some configurations ORIG_PATH_INFO contains the path to the file
-			// if the intended PATH_INFO component is empty
-			if (!empty($pathInfo)) {
-				if (isset($_SERVER['SCRIPT_NAME']) && ($pathInfo == $_SERVER['SCRIPT_NAME'])) {
-					$pathInfo = '';
-				}
-				
-				if (isset($_SERVER['PHP_SELF']) && ($pathInfo == $_SERVER['PHP_SELF'])) {
-					$pathInfo = '';
-				}
-				
-				if (isset($_SERVER['SCRIPT_URL']) && ($pathInfo == $_SERVER['SCRIPT_URL'])) {
-					$pathInfo = '';
-				}
-			}
-		}
-		else if (isset($_SERVER['PATH_INFO'])) {
-			$pathInfo = $_SERVER['PATH_INFO'];
-		}
-		
 		foreach ($this->routes as $route) {
 			if (RequestHandler::getInstance()->isACPRequest() != $route->isACP()) {
 				continue;
 			}
 			
-			if ($route->matches($pathInfo)) {
+			if ($route->matches(self::getPathInfo())) {
 				$this->routeData = $route->getRouteData();
 				
 				$this->isDefaultController = $this->routeData['isDefaultController'];
@@ -271,4 +253,38 @@ class RouteHandler extends SingletonFactory {
 		
 		return self::$path;
 	}
+	
+	/**
+	 * Returns current path info component.
+	 * 
+	 * @return	string
+	 */
+	public static function getPathInfo() {
+		if (empty(self::$pathInfo)) {
+			if (isset($_SERVER['ORIG_PATH_INFO'])) {
+				self::$pathInfo = $_SERVER['ORIG_PATH_INFO'];
+					
+				// in some configurations ORIG_PATH_INFO contains the path to the file
+				// if the intended PATH_INFO component is empty
+				if (!empty(self::$pathInfo)) {
+					if (isset($_SERVER['SCRIPT_NAME']) && (self::$pathInfo == $_SERVER['SCRIPT_NAME'])) {
+						self::$pathInfo = '';
+					}
+			
+					if (isset($_SERVER['PHP_SELF']) && (self::$pathInfo == $_SERVER['PHP_SELF'])) {
+						self::$pathInfo = '';
+					}
+			
+					if (isset($_SERVER['SCRIPT_URL']) && (self::$pathInfo == $_SERVER['SCRIPT_URL'])) {
+						self::$pathInfo = '';
+					}
+				}
+			}
+			else if (isset($_SERVER['PATH_INFO'])) {
+				self::$pathInfo = $_SERVER['PATH_INFO'];
+			}
+		}
+		
+		return self::$pathInfo;
+	}
 }
-- 
2.20.1