Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
6
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Switch to GitLab Next
Sign in / Register
Toggle navigation
D
DAViCal
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
78
Issues
78
List
Boards
Labels
Service Desk
Milestones
Iterations
Merge Requests
6
Merge Requests
6
Requirements
Requirements
List
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Test Cases
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Code Review
Insights
Issue
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
DAViCal Project
DAViCal
Commits
a3acb770
Commit
a3acb770
authored
Dec 03, 2019
by
Jim Fenton
1
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
release 1.1.9.1: fix XSS function lost in rebuild of always.php
parent
e2070c9b
Pipeline
#100456231
passed with stages
in 4 minutes and 56 seconds
Changes
3
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
84 additions
and
2 deletions
+84
-2
VERSION
VERSION
+1
-1
htdocs/always.php
htdocs/always.php
+42
-1
inc/always.php.in
inc/always.php.in
+41
-0
No files found.
VERSION
View file @
a3acb770
1.1.9
1.1.9
.1
htdocs/always.php
View file @
a3acb770
...
...
@@ -8,6 +8,47 @@
if
(
preg_match
(
'{/always.php$}'
,
$_SERVER
[
'SCRIPT_NAME'
]
)
)
header
(
'Location: index.php'
);
// XSS Protection
function
filter_post
(
&
$val
,
$index
)
{
if
(
in_array
(
$index
,
[
"newpass1"
,
"newpass2"
]))
return
;
switch
(
gettype
(
$val
))
{
case
"string"
:
$val
=
htmlspecialchars
(
$val
);
break
;
case
"array"
:
array_walk_recursive
(
$val
,
function
(
&
$v
)
{
if
(
gettype
(
$v
)
==
"string"
)
{
$v
=
htmlspecialchars
(
$v
);
}
});
break
;
}
}
function
clean_get
()
{
$temp
=
[];
foreach
(
$_GET
as
$key
=>
$value
)
{
// XSS is possible in both key and values
$k
=
htmlspecialchars
(
$key
);
$v
=
htmlspecialchars
(
$value
);
$temp
[
$k
]
=
$v
;
}
return
$temp
;
}
// Before anything else is executed we filter all the user input, a lot of code in this project
// relies on variables that are easily manipulated by the user. These lines and functions filter all those variables.
if
(
isset
(
$_POST
))
array_walk
(
$_POST
,
'filter_post'
);
$_GET
=
clean_get
();
$_SERVER
[
'REQUEST_URI'
]
=
str_replace
(
"&"
,
"&"
,
htmlspecialchars
(
$_SERVER
[
'REQUEST_URI'
]));
$_SERVER
[
'HTTP_REFERER'
]
=
htmlspecialchars
(
$_SERVER
[
'HTTP_REFERER'
]);
// Ensure the configuration starts out as an empty object.
$c
=
(
object
)
array
();
$c
->
script_start_time
=
microtime
(
true
);
...
...
@@ -246,7 +287,7 @@ if ( function_exists('awl_set_locale') ) {
*/
$c
->
code_version
=
0
;
$c
->
want_awl_version
=
'0.60'
;
$c
->
version_string
=
'1.1.9'
;
// The actual version # is replaced into that during the build /release process
$c
->
version_string
=
'1.1.9
.1
'
;
// The actual version # is replaced into that during the build /release process
if
(
isset
(
$c
->
version_string
)
&&
preg_match
(
'/(\d+)\.(\d+)\.(\d+)(.*)/'
,
$c
->
version_string
,
$matches
)
)
{
$c
->
code_major
=
$matches
[
1
];
$c
->
code_minor
=
$matches
[
2
];
...
...
inc/always.php.in
View file @
a3acb770
...
...
@@ -8,6 +8,47 @@
if
(
preg_match
(
'{/always.php$}'
,
$_SERVER
[
'SCRIPT_NAME'
]
)
)
header
(
'Location: index.php'
);
// XSS Protection
function
filter_post
(
&
$val
,
$index
)
{
if
(
in_array
(
$index
,
[
"newpass1"
,
"newpass2"
]))
return
;
switch
(
gettype
(
$val
))
{
case
"string"
:
$val
=
htmlspecialchars
(
$val
);
break
;
case
"array"
:
array_walk_recursive
(
$val
,
function
(
&
$v
)
{
if
(
gettype
(
$v
)
==
"string"
)
{
$v
=
htmlspecialchars
(
$v
);
}
});
break
;
}
}
function
clean_get
()
{
$temp
=
[];
foreach
(
$_GET
as
$key
=>
$value
)
{
// XSS is possible in both key and values
$k
=
htmlspecialchars
(
$key
);
$v
=
htmlspecialchars
(
$value
);
$temp
[
$k
]
=
$v
;
}
return
$temp
;
}
// Before anything else is executed we filter all the user input, a lot of code in this project
// relies on variables that are easily manipulated by the user. These lines and functions filter all those variables.
if
(
isset
(
$_POST
))
array_walk
(
$_POST
,
'filter_post'
);
$_GET
=
clean_get
();
$_SERVER
[
'REQUEST_URI'
]
=
str_replace
(
"&"
,
"&"
,
htmlspecialchars
(
$_SERVER
[
'REQUEST_URI'
]));
$_SERVER
[
'HTTP_REFERER'
]
=
htmlspecialchars
(
$_SERVER
[
'HTTP_REFERER'
]);
// Ensure the configuration starts out as an empty object.
$c
=
(
object
)
array
();
$c
->
script_start_time
=
microtime
(
true
);
...
...
Seth
@seth0201
mentioned in issue
#229
·
Jun 10, 2020
mentioned in issue
#229
mentioned in issue #229
Toggle commit list
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment