[geeklog-cvs] Geeklog-1.x/public_html/admin database.php, 1.47, 1.48 group.php, 1.101, 1.102
Dirk Haun
dhaun at qs1489.pair.com
Sun May 18 07:37:22 EDT 2008
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/admin block.php, 1.122, 1.123 syndication.php, 1.53, 1.54 user.php, 1.203, 1.204
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/layout/professional/admin/group groupeditor.thtml, 1.7, 1.8 groupmembers.thtml, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvsroot/geeklog/Geeklog-1.x/public_html/admin
In directory qs1489.pair.com:/tmp/cvs-serv15795/public_html/admin
Modified Files:
database.php group.php
Log Message:
More CSRF protection
Index: database.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/database.php,v
retrieving revision 1.47
retrieving revision 1.48
diff -C2 -d -r1.47 -r1.48
*** database.php 1 May 2008 18:35:14 -0000 1.47
--- database.php 18 May 2008 11:37:20 -0000 1.48
***************
*** 3,7 ****
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.4 |
// +---------------------------------------------------------------------------+
// | database.php |
--- 3,7 ----
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Geeklog 1.5 |
// +---------------------------------------------------------------------------+
// | database.php |
***************
*** 9,13 ****
// | Geeklog database backup administration page. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2007 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
--- 9,13 ----
// | Geeklog database backup administration page. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2008 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
***************
*** 111,117 ****
}
$menu_arr = array(
array('url' => $_CONF['site_admin_url']
! . '/database.php?mode=backup&'.CSRF_TOKEN.'='.SEC_createToken(),
'text' => $LANG_ADMIN['create_new']),
array('url' => $_CONF['site_admin_url'],
--- 111,118 ----
}
+ $token = SEC_createToken();
$menu_arr = array(
array('url' => $_CONF['site_admin_url']
! . '/database.php?mode=backup&'.CSRF_TOKEN.'='.$token,
'text' => $LANG_ADMIN['create_new']),
array('url' => $_CONF['site_admin_url'],
***************
*** 135,139 ****
$form_arr = array('bottom' => '', 'top' => '');
if ($num_backups > 0) {
! $form_arr['bottom'] = '<input type="hidden" name="mode" value="delete"' . XHTML . '>' . LB;
}
$listoptions = array('chkdelete' => true, 'chkminimum' => 0,
--- 136,142 ----
$form_arr = array('bottom' => '', 'top' => '');
if ($num_backups > 0) {
! $form_arr['bottom'] = '<input type="hidden" name="mode" value="delete"' . XHTML . '>'
! . '<input type="hidden" name="' . CSRF_TOKEN
! . '" value="' . $token . '"' . XHTML . '>' . LB;
}
$listoptions = array('chkdelete' => true, 'chkminimum' => 0,
***************
*** 289,298 ****
$display .= dobackup();
}
! } else if ($mode == 'delete') {
! foreach ($_POST['delitem'] as $delfile) {
! $file = preg_replace('/[^a-zA-Z0-9\-_\.]/', '', $delfile);
! $file = str_replace('..', '', $file);
! if (!@unlink($_CONF['backup_path'] . $file)) {
! COM_errorLog('Unable to remove backup file "' . $file . '"');
}
}
--- 292,303 ----
$display .= dobackup();
}
! } elseif ($mode == 'delete') {
! if (SEC_checkToken()) {
! foreach ($_POST['delitem'] as $delfile) {
! $file = preg_replace('/[^a-zA-Z0-9\-_\.]/', '', $delfile);
! $file = str_replace('..', '', $file);
! if (!@unlink($_CONF['backup_path'] . $file)) {
! COM_errorLog('Unable to remove backup file "' . $file . '"');
! }
}
}
Index: group.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/group.php,v
retrieving revision 1.101
retrieving revision 1.102
diff -C2 -d -r1.101 -r1.102
*** group.php 17 May 2008 19:52:49 -0000 1.101
--- group.php 18 May 2008 11:37:20 -0000 1.102
***************
*** 242,245 ****
--- 242,247 ----
$group_templates->set_var('rights_options', printrights($grp_id, $A['grp_gl_core']));
+ $group_templates->set_var('gltoken_name', CSRF_TOKEN);
+ $group_templates->set_var('gltoken', SEC_createToken());
$group_templates->parse('output','editor');
$retval .= $group_templates->finish($group_templates->get_var('output'));
***************
*** 837,842 ****
}
!
! function editusers ($group)
{
global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG_ADMIN, $LANG28;
--- 839,850 ----
}
! /**
! * Allow easy addition/removal of users to/from a group
! *
! * @param int $group Group ID
! * @return string HTML form
! *
! */
! function editusers($group)
{
global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG_ADMIN, $LANG28;
***************
*** 866,899 ****
$group_listing_url = $_CONF['site_admin_url'] . '/group.php';
! if ($_REQUEST['chk_showall'] == 1) {
$group_listing_url .= '?chk_showall=1';
}
! $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'] . " - $groupName" , '',
! COM_getBlockTemplate ('_admin_block', 'header'));
$groupmembers = new Template($_CONF['path_layout'] . 'admin/group');
! $groupmembers->set_file (array ('groupmembers'=>'groupmembers.thtml'));
! $groupmembers->set_var ('site_url', $_CONF['site_url']);
! $groupmembers->set_var ('site_admin_url', $_CONF['site_admin_url']);
! $groupmembers->set_var ('group_listing_url', $group_listing_url);
! $groupmembers->set_var ('layout_url', $_CONF['layout_url']);
! $groupmembers->set_var ('phpself', $_CONF['site_admin_url'] . '/group.php');
$groupmembers->set_var('lang_adminhome', $LANG_ACCESS['adminhome']);
$groupmembers->set_var('lang_instructions', $LANG_ACCESS['editgroupmsg']);
! $groupmembers->set_var ('LANG_sitemembers',$LANG_ACCESS['availmembers']);
! $groupmembers->set_var ('LANG_grpmembers',$LANG_ACCESS['groupmembers']);
! $groupmembers->set_var ('sitemembers', grp_selectUsers($group,true) );
! $groupmembers->set_var ('group_list', grp_selectUsers($group) );
! $groupmembers->set_var ('LANG_add',$LANG_ACCESS['add']);
! $groupmembers->set_var ('LANG_remove',$LANG_ACCESS['remove']);
$groupmembers->set_var('lang_save', $LANG_ADMIN['save']);
$groupmembers->set_var('lang_cancel', $LANG_ADMIN['cancel']);
! $groupmembers->set_var ('lang_grouplist', $LANG28[38]);
! $groupmembers->set_var('show_all', COM_applyFilter($_GET['chk_showall'],true));
! $groupmembers->set_var ('group_id',$group);
! $groupmembers->set_var ( 'xhtml', XHTML );
! $groupmembers->parse ('output', 'groupmembers');
$retval .= $groupmembers->finish($groupmembers->get_var('output'));
! $retval .= COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer'));
return $retval;
--- 874,911 ----
$group_listing_url = $_CONF['site_admin_url'] . '/group.php';
! $showall = 0;
! if (isset($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] == 1)) {
$group_listing_url .= '?chk_showall=1';
+ $showall = 1;
}
! $retval .= COM_startBlock($LANG_ACCESS['usergroupadmin'] . " - $groupName" , '',
! COM_getBlockTemplate('_admin_block', 'header'));
$groupmembers = new Template($_CONF['path_layout'] . 'admin/group');
! $groupmembers->set_file(array('groupmembers'=>'groupmembers.thtml'));
! $groupmembers->set_var('site_url', $_CONF['site_url']);
! $groupmembers->set_var('site_admin_url', $_CONF['site_admin_url']);
! $groupmembers->set_var('group_listing_url', $group_listing_url);
! $groupmembers->set_var('layout_url', $_CONF['layout_url']);
! $groupmembers->set_var('phpself', $_CONF['site_admin_url'] . '/group.php');
$groupmembers->set_var('lang_adminhome', $LANG_ACCESS['adminhome']);
$groupmembers->set_var('lang_instructions', $LANG_ACCESS['editgroupmsg']);
! $groupmembers->set_var('LANG_sitemembers',$LANG_ACCESS['availmembers']);
! $groupmembers->set_var('LANG_grpmembers',$LANG_ACCESS['groupmembers']);
! $groupmembers->set_var('sitemembers', grp_selectUsers($group,true) );
! $groupmembers->set_var('group_list', grp_selectUsers($group) );
! $groupmembers->set_var('LANG_add',$LANG_ACCESS['add']);
! $groupmembers->set_var('LANG_remove',$LANG_ACCESS['remove']);
$groupmembers->set_var('lang_save', $LANG_ADMIN['save']);
$groupmembers->set_var('lang_cancel', $LANG_ADMIN['cancel']);
! $groupmembers->set_var('lang_grouplist', $LANG28[38]);
! $groupmembers->set_var('show_all', $showall);
! $groupmembers->set_var('group_id',$group);
! $groupmembers->set_var('xhtml', XHTML);
! $groupmembers->set_var('gltoken_name', CSRF_TOKEN);
! $groupmembers->set_var('gltoken', SEC_createToken());
! $groupmembers->parse('output', 'groupmembers');
$retval .= $groupmembers->finish($groupmembers->get_var('output'));
! $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
***************
*** 903,906 ****
--- 915,919 ----
{
global $_CONF, $_TABLES;
+
// Delete all the current buddy records for this user and add all the selected ones
$sql = "DELETE FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id={$groupid} AND ug_uid IS NOT NULL";
***************
*** 967,974 ****
COM_errorLog ('Attempted to delete group grp_id=' . $grp_id);
$display .= COM_refresh ($_CONF['site_admin_url'] . '/group.php');
! } else {
$display .= deleteGroup ($grp_id);
}
! } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save'])) {
$chk_grpadmin = '';
if (isset($_POST['chk_grpadmin'])) {
--- 980,990 ----
COM_errorLog ('Attempted to delete group grp_id=' . $grp_id);
$display .= COM_refresh ($_CONF['site_admin_url'] . '/group.php');
! } elseif (SEC_checkToken()) {
$display .= deleteGroup ($grp_id);
+ } else {
+ COM_accessLog("User {$_USER['username']} tried to illegally delete group $grp_id and failed CSRF checks.");
+ echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
! } elseif (($mode == $LANG_ADMIN['save']) && !empty($LANG_ADMIN['save']) && SEC_checkToken()) {
$chk_grpadmin = '';
if (isset($_POST['chk_grpadmin'])) {
***************
*** 988,992 ****
COM_applyFilter($_POST['grp_gl_core']),
$features, $groups);
! } else if ($mode == 'savegroupusers') {
$grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
$display .= savegroupusers ($grp_id, $_POST['groupmembers']);
--- 1004,1008 ----
COM_applyFilter($_POST['grp_gl_core']),
$features, $groups);
! } else if (($mode == 'savegroupusers') && SEC_checkToken()) {
$grp_id = COM_applyFilter ($_REQUEST['grp_id'], true);
$display .= savegroupusers ($grp_id, $_POST['groupmembers']);
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/admin block.php, 1.122, 1.123 syndication.php, 1.53, 1.54 user.php, 1.203, 1.204
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/layout/professional/admin/group groupeditor.thtml, 1.7, 1.8 groupmembers.thtml, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the geeklog-cvs
mailing list