[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fmsystem-commits] [14877] clean url for xss
From: |
Sigurd Nes |
Subject: |
[Fmsystem-commits] [14877] clean url for xss |
Date: |
Thu, 31 Mar 2016 09:16:45 +0000 |
Revision: 14877
http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=14877
Author: sigurdne
Date: 2016-03-31 09:16:44 +0000 (Thu, 31 Mar 2016)
Log Message:
-----------
clean url for xss
Modified Paths:
--------------
trunk/home.php
trunk/phpgwapi/inc/class.phpgw.inc.php
trunk/phpgwapi/inc/class.sessions.inc.php
trunk/phpgwapi/templates/portico/navbar.inc.php
trunk/phpgwapi/templates/pure/navbar.inc.php
Modified: trunk/home.php
===================================================================
--- trunk/home.php 2016-03-31 06:31:27 UTC (rev 14876)
+++ trunk/home.php 2016-03-31 09:16:44 UTC (rev 14877)
@@ -39,7 +39,7 @@
if (preg_match('/phpgw_/', $name) && ($name !=
'phpgw_forward'))
{
$name = substr($name, 6); // cut 'phpgw_'
- $extra_vars[$name] = $value;
+ $extra_vars[$name] = phpgw::clean_value($value);
}
}
Modified: trunk/phpgwapi/inc/class.phpgw.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.phpgw.inc.php 2016-03-31 06:31:27 UTC (rev
14876)
+++ trunk/phpgwapi/inc/class.phpgw.inc.php 2016-03-31 09:16:44 UTC (rev
14877)
@@ -529,7 +529,7 @@
$filtered = filter_var($value,
FILTER_VALIDATE_IP);
if ( $filtered == $value )
{
- return
$filtered;
+ return $filtered;
}
// make the default sane
@@ -545,7 +545,7 @@
$filtered = filter_var($value,
FILTER_VALIDATE_REGEXP, $regex);
if ( $filtered == $value )
{
- return
$filtered;
+ return $filtered;
}
return (string) $default;
@@ -553,11 +553,14 @@
$filtered = filter_var($value,
FILTER_VALIDATE_URL);
if ( $filtered == $value )
{
- if ($filtered) {
+ if ($filtered)
+ {
return
$filtered;
- } else {
- return $value;
- }
+ }
+ else
+ {
+ return $value;
+ }
}
return (string) $default;
Modified: trunk/phpgwapi/inc/class.sessions.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.sessions.inc.php 2016-03-31 06:31:27 UTC (rev
14876)
+++ trunk/phpgwapi/inc/class.sessions.inc.php 2016-03-31 09:16:44 UTC (rev
14877)
@@ -892,13 +892,19 @@
*/
public function read_session($sessionid)
{
+/*
if($sessionid)
{
session_id($sessionid);
}
-
+*/
session_start();
+ if(!session_id() == $sessionid)
+ {
+ return array();
+ }
+
if ( isset($_SESSION['phpgw_session']) &&
is_array($_SESSION['phpgw_session']) )
{
return $_SESSION['phpgw_session'];
@@ -1121,6 +1127,10 @@
$this->_sessionid = $sessionid;
$session = $this->read_session($sessionid);
+ if(!$session)
+ {
+ return false;
+ }
$this->_session_flags = $session['session_flags'];
$lid_data = explode('#', $session['session_lid']);
Modified: trunk/phpgwapi/templates/portico/navbar.inc.php
===================================================================
--- trunk/phpgwapi/templates/portico/navbar.inc.php 2016-03-31 06:31:27 UTC
(rev 14876)
+++ trunk/phpgwapi/templates/portico/navbar.inc.php 2016-03-31 09:16:44 UTC
(rev 14877)
@@ -9,10 +9,15 @@
}
$user = $GLOBALS['phpgw']->accounts->get(
$GLOBALS['phpgw_info']['user']['id'] );
+ $extra_vars = array();
+ foreach($_GET as $name => $value)
+ {
+ $extra_vars[$name] = phpgw::clean_value($value);
+ }
$var = array
(
- 'print_url' =>
strpos($_SERVER['REQUEST_URI'], '?') ?
"{$_SERVER['REQUEST_URI']}&phpgw_return_as=noframes" :
"{$_SERVER['REQUEST_URI']}?phpgw_return_as=noframes",
+ 'print_url' => "{$_SERVER['PHP_SELF']}?" .
http_build_query(array_merge($extra_vars, array('phpgw_return_as' =>
'noframes'))),
'print_text' => lang('print'),
'home_url' =>
$GLOBALS['phpgw']->link('/home.php'),
'home_text' => lang('home'),
@@ -83,7 +88,7 @@
$current_url = array
(
'id' => $flags['menu_selection'],
- 'url' => phpgw::get_var('REQUEST_URI', 'string',
'SERVER'),
+ 'url' => "{$_SERVER['PHP_SELF']}?" .
http_build_query($extra_vars),
'name' => $var['current_app_title']
);
$breadcrumbs =
phpgwapi_cache::session_get('phpgwapi','breadcrumbs');
Modified: trunk/phpgwapi/templates/pure/navbar.inc.php
===================================================================
--- trunk/phpgwapi/templates/pure/navbar.inc.php 2016-03-31 06:31:27 UTC
(rev 14876)
+++ trunk/phpgwapi/templates/pure/navbar.inc.php 2016-03-31 09:16:44 UTC
(rev 14877)
@@ -21,8 +21,14 @@
'webserver_url' =>
$GLOBALS['phpgw_info']['server']['webserver_url']
);
+ $extra_vars = array();
+ foreach($_GET as $name => $value)
+ {
+ $extra_vars[$name] = phpgw::clean_value($value);
+ }
+
+ $print_url = "{$_SERVER['PHP_SELF']}?" .
http_build_query(array_merge($extra_vars, array('phpgw_return_as' =>
'noframes')));
$user_fullname = $user->__toString();
- $print_url = strpos($_SERVER['REQUEST_URI'], '?')
? "{$_SERVER['REQUEST_URI']}&phpgw_return_as=noframes" :
"{$_SERVER['REQUEST_URI']}?phpgw_return_as=noframes";
$print_text = lang('print');
$home_url = $GLOBALS['phpgw']->link('/home.php');
$home_text = lang('home');
@@ -126,7 +132,7 @@
$current_url = array
(
'id' => $flags['menu_selection'],
- 'url' => phpgw::get_var('REQUEST_URI', 'string',
'SERVER'),
+ 'url' => "{$_SERVER['PHP_SELF']}?" .
http_build_query($extra_vars),
'name' => $var['current_app_title']
);
$breadcrumbs =
phpgwapi_cache::session_get('phpgwapi','breadcrumbs');
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Fmsystem-commits] [14877] clean url for xss,
Sigurd Nes <=