YOURLS · ozh · Feb 12, 2023 · Dec 17, 2022 · Dec 18, 2022 · Dec 18, 2022
diff --git a/includes/Config/Init.php b/includes/Config/Init.php
@@ -145,11 +145,20 @@ public function redirect_ssl_if_needed() {
      * @return void
      */
     public function include_db_files() {
-        // Allow drop-in replacement for the DB engine
-        if (file_exists(YOURLS_USERDIR.'/db.php')) {
-            require_once YOURLS_USERDIR.'/db.php';
-        } else {
-            require_once YOURLS_INC.'/class-mysql.php';
+        // Attempt to open drop-in replacement for the DB engine else default to core engine
+        $file = YOURLS_USERDIR . '/db.php';
+        $attempt = false;
+        if(file_exists($file)) {
+            $attempt = yourls_include_file_sandbox( $file );
+            // Check if we have an error to display
+            if ( is_string( $attempt ) ) {
+                yourls_add_notice( $attempt );
+            }
+        }
+
+        // Fallback to core DB engine
+        if ( $attempt !== true ) {
+            require_once YOURLS_INC . '/class-mysql.php';
             yourls_db_connect();
         }
     }
@@ -159,8 +168,14 @@ public function include_db_files() {
      * @return void
      */
     public function include_cache_files() {
-        if (file_exists(YOURLS_USERDIR.'/cache.php')) {
-            require_once YOURLS_USERDIR.'/cache.php';
+        $file = YOURLS_USERDIR . '/cache.php';
+        $attempt = false;
+        if(file_exists($file)) {
+            $attempt = yourls_include_file_sandbox($file);
+            // Check if we have an error to display
+            if (is_string($attempt)) {
+                yourls_add_notice($attempt);
+            }
         }
     }
 

diff --git a/includes/Database/YDB.php b/includes/Database/YDB.php
@@ -157,16 +157,18 @@ public function connect_to_DB() {
      */
     public function dead_or_error(\Exception $exception) {
         // Use any /user/db_error.php file
-        if( file_exists( YOURLS_USERDIR . '/db_error.php' ) ) {
-            include_once( YOURLS_USERDIR . '/db_error.php' );
-            die();
+        $file = YOURLS_USERDIR . '/db_error.php';
+        if(file_exists($file)) {
+            if(yourls_include_file_sandbox( $file ) === true) {
+                die();
+            }
         }
 
         $message  = yourls__( 'Incorrect DB config, or could not connect to DB' );
         $message .= '<br/>' . get_class($exception) .': ' . $exception->getMessage();
-
         yourls_die( yourls__( $message ), yourls__( 'Fatal error' ), 503 );
         die();
+
     }
 
     /**

diff --git a/includes/functions-debug.php b/includes/functions-debug.php
@@ -7,7 +7,7 @@
  * Add a message to the debug log
  *
  * When in debug mode ( YOURLS_DEBUG == true ) the debug log is echoed in yourls_html_footer()
- * Log messages are appended to $ydb->debug_log array, which is instanciated within class ezSQLcore_YOURLS
+ * Log messages are appended to $ydb->debug_log array, which is instanciated within class Database\YDB
  *
  * @since 1.7
  * @param string $msg Message to add to the debug log
@@ -17,7 +17,10 @@ function yourls_debug_log( $msg ) {
     yourls_do_action( 'debug_log', $msg );
     // Get the DB object ($ydb), get its profiler (\Aura\Sql\Profiler\Profiler), its logger (\Aura\Sql\Profiler\MemoryLogger) and
     // pass it a unused argument (loglevel) and the message
-    yourls_get_db()->getProfiler()->getLogger()->log( 'debug', $msg);
+    // Check if function exists to allow usage of the function in very early stages
+    if(function_exists('yourls_debug_log')) {
+        yourls_get_db()->getProfiler()->getLogger()->log( 'debug', $msg);
+    }
     return $msg;
 }
 

diff --git a/includes/functions-deprecated.php b/includes/functions-deprecated.php
@@ -17,6 +17,19 @@
 
 // @codeCoverageIgnoreStart
 
+/**
+ * Plugin activation sandbox
+ *
+ * @since 1.8.3
+ * @deprecated 1.9.2
+ * @param string $pluginfile Plugin filename (full path)
+ * @return string|true  string if error or true if success
+ */
+function yourls_activate_plugin_sandbox( $pluginfile ) {
+    yourls_deprecated_function( __FUNCTION__, '1.9.1', 'yourls_include_file_sandbox');
+    return yourls_include_file_sandbox($pluginfile);
+}
+
 /**
  * Return current admin page, or null if not an admin page. Was not used anywhere.
  *

diff --git a/includes/functions-html.php b/includes/functions-html.php
@@ -906,7 +906,10 @@ function yourls_page( $page ) {
     }
 
 	yourls_do_action( 'pre_page', $page );
-	include_once( YOURLS_PAGEDIR . "/$page.php" );
+    $load = yourls_include_file_sandbox(YOURLS_PAGEDIR . "/$page.php");
+	if (is_string($load)) {
+        yourls_die( $load, yourls__('Not found'), 404 );
+	}
 	yourls_do_action( 'post_page', $page );
 }
 

diff --git a/includes/functions-plugins.php b/includes/functions-plugins.php
@@ -595,7 +595,7 @@ function yourls_load_plugins() {
     $plugins = [];
     foreach ( $active_plugins as $key => $plugin ) {
         $file = YOURLS_PLUGINDIR . '/' . $plugin;
-        if ( yourls_is_a_plugin_file($file) && yourls_activate_plugin_sandbox( $file ) === true ) {
+        if ( yourls_is_a_plugin_file($file) && yourls_include_file_sandbox( $file ) === true ) {
             $plugins[] = $plugin;
             unset( $active_plugins[ $key ] );
         }
@@ -659,7 +659,7 @@ function yourls_activate_plugin( $plugin ) {
     }
 
     // attempt activation.
-    $attempt = yourls_activate_plugin_sandbox( $plugindir.'/'.$plugin );
+    $attempt = yourls_include_file_sandbox( $plugindir.'/'.$plugin );
     if( $attempt !== true ) {
         return yourls_s( 'Plugin generated unexpected output. Error was: <br/><pre>%s</pre>', $attempt );
     }
@@ -673,22 +673,6 @@ function yourls_activate_plugin( $plugin ) {
     return true;
 }
 
-/**
- * Plugin activation sandbox
- *
- * @since 1.8.3
- * @param string $pluginfile Plugin filename (full path)
- * @return string|true  string if error or true if success
- */
-function yourls_activate_plugin_sandbox( $pluginfile ) {
-    try {
-        include_once $pluginfile;
-        return true;
-    } catch ( \Throwable $e ) {
-        return $e->getMessage();
-    }
-}
-
 /**
  * Deactivate a plugin
  *
@@ -706,12 +690,16 @@ function yourls_deactivate_plugin( $plugin ) {
 
     // Check if we have an uninstall file - load if so
     $uninst_file = YOURLS_PLUGINDIR . '/' . dirname($plugin) . '/uninstall.php';
-    if ( file_exists($uninst_file) ) {
+    $attempt = yourls_include_file_sandbox( $uninst_file );
+
+    // Check if we have an error to display
+    if ( is_string( $attempt ) ) {
+        $message = yourls_s( 'Loading %s generated unexpected output. Error was: <br/><pre>%s</pre>', $uninst_file, $attempt );
+        return( $message );
+    }
+
+    if ( $attempt === true ) {
         define('YOURLS_UNINSTALL_PLUGIN', true);
-        $attempt = yourls_activate_plugin_sandbox( $uninst_file );
-        if( $attempt !== true ) {
-            return yourls_s( 'Plugin generated unexpected output. Error was: <br/><pre>%s</pre>', $attempt );
-        }
     }
 
     // Deactivate the plugin

diff --git a/includes/functions.php b/includes/functions.php
@@ -1065,30 +1065,32 @@ function yourls_fix_request_uri() {
  * @return void
  */
 function yourls_check_maintenance_mode() {
-	$file = YOURLS_ABSPATH . '/.maintenance' ;
+	$dot_file = YOURLS_ABSPATH . '/.maintenance' ;
 
-    if ( !file_exists( $file ) || yourls_is_upgrading() || yourls_is_installing() ) {
+    if ( !file_exists( $dot_file ) || yourls_is_upgrading() || yourls_is_installing() ) {
         return;
     }
 
 	global $maintenance_start;
-	include_once( $file );
+	yourls_include_file_sandbox( $dot_file );
 	// If the $maintenance_start timestamp is older than 10 minutes, don't die.
 	if ( ( time() - $maintenance_start ) >= 600 ) {
         return;
     }
 
 	// Use any /user/maintenance.php file
-	if( file_exists( YOURLS_USERDIR.'/maintenance.php' ) ) {
-		include_once( YOURLS_USERDIR.'/maintenance.php' );
-		die();
-	}
+    $file = YOURLS_USERDIR . '/maintenance.php';
+    if(file_exists($file)) {
+        if(yourls_include_file_sandbox( $file ) == true) {
+            die();
+        }
+    }
 
     // Or use the default messages
-	$title   = yourls__( 'Service temporarily unavailable' );
-	$message = yourls__( 'Our service is currently undergoing scheduled maintenance.' ) . "</p>\n<p>" .
-	yourls__( 'Things should not last very long, thank you for your patience and please excuse the inconvenience' );
-	yourls_die( $message, $title , 503 );
+    $title = yourls__('Service temporarily unavailable');
+    $message = yourls__('Our service is currently undergoing scheduled maintenance.') . "</p>\n<p>" .
+        yourls__('Things should not last very long, thank you for your patience and please excuse the inconvenience');
+    yourls_die( $message, $title, 503 );
 }
 
 /**
@@ -1271,3 +1273,26 @@ function yourls_tell_if_new_version() {
     yourls_debug_log( 'Check for new version: '.( yourls_maybe_check_core_version() ? 'yes' : 'no' ) );
     yourls_new_core_version_notice(YOURLS_VERSION);
 }
+
+/**
+ * File include sandbox
+ *
+ * Attempt to include a PHP file, fail with an error message if the file isn't valid PHP code.
+ * This function does not check first if the file exists : depending on use case, you may check first.
+ *
+ * @since 1.9.2
+ * @param string $file filename (full path)
+ * @return string|bool  string if error, true if success
+ */
+function yourls_include_file_sandbox($file) {
+    try {
+        if (is_readable( $file )) {
+            include_once $file;
+            yourls_debug_log("loaded $file");
+            return true;
+        }
+    } catch ( \Throwable $e ) {
+        yourls_debug_log("could not load $file");
+        return sprintf("%s (%s : %s)", $e->getMessage() , $e->getFile() , $e->getLine() );
+    }
+}
diff --git a/tests/data/config/yourls-tests-config-sample.php b/tests/data/config/yourls-tests-config-sample.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * YOURLS Config for local unit tests. Copy this file to yourls-test-config.php
+ * YOURLS Config for local unit tests. Copy this file to yourls-tests-config.php
  */
 
 /*** YOURLS code base you want to test */

diff --git a/tests/tests/plugins/files.php b/tests/tests/plugins/files.php
@@ -193,7 +193,7 @@ public function test_invalid_plugin_deactivate() {
      * @dataProvider get_invalid_code_plugins
      */
     public function test_invalid_plugin_does_not_activate($plugin) {
-        $this->assertNotTrue( yourls_activate_plugin_sandbox( $plugin ) );
+        $this->assertNotTrue( yourls_include_file_sandbox( $plugin ) );
         $this->assertNotTrue( yourls_activate_plugin( $plugin ) );
         $this->assertNotTrue( yourls_is_active_plugin( $plugin ) );
     }

diff --git a/tests/tests/utilities/include_file_sandbox.php b/tests/tests/utilities/include_file_sandbox.php
@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * Test sandboxed file loader
+ *
+ * @group functions
+ * @since 1.9.1
+ */
+
+class FileLoader_Test extends PHPUnit\Framework\TestCase {
+
+    /**
+     * Load valid file = true
+     */
+    public function test_load_file_exists() {
+        $file = YOURLS_TESTDATA_DIR . "/" . rand_str() . ".php";
+        if( touch("$file") ) {
+            $this->assertTrue( yourls_include_file_sandbox( $file ) );
+            unlink("$file");
+        } else {
+            $this->markTestSkipped( "Cannot create test '$file");
+        }
+    }
+
+    /**
+     * Load missing file = string
+     */
+    public function test_load_file_not_exists() {
+        $this->assertIsString( yourls_include_file_sandbox( YOURLS_TESTDATA_DIR . "/" . rand_str() . ".php" ) );
+    }
+
+    /**
+     * For tests to load valid and broken PHP code: see in tests/plugins/files.php
+     */
+
+}