1
0
mirror of https://github.com/moparisthebest/wallabag synced 2024-11-27 11:22:17 -05:00

security issue

This commit is contained in:
Maryana Rozhankivska 2014-07-24 16:48:41 +03:00
parent 6da20812ce
commit 7dd8b5026d
2 changed files with 45 additions and 42 deletions

View File

@ -750,8 +750,8 @@ class Poche
die(sprintf(_('User with this id (%d) does not exist.'), $user_id)); die(sprintf(_('User with this id (%d) does not exist.'), $user_id));
} }
if (!in_array($type, $allowed_types) || $token != $config['token']) { if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) {
die(_('Uh, there is a problem while generating feeds.')); die(_('Uh, there is a problem while generating feed. Wrong token used?'));
} }
$feed = new FeedWriter(RSS2); $feed = new FeedWriter(RSS2);

81
inc/poche/Routing.class.php Normal file → Executable file
View File

@ -98,49 +98,52 @@ class Routing
private function _launchAction() private function _launchAction()
{ {
if (isset($_GET['login'])) { if (isset($_GET['login'])) {
// hello you // hello to you
$this->wallabag->login($this->referer); $this->wallabag->login($this->referer);
} elseif (isset($_GET['logout'])) { } elseif (isset($_GET['feed']) && isset($_GET['user_id'])) {
// see you soon ! $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
$this->wallabag->logout(); $this->wallabag->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
} elseif (isset($_GET['config'])) { }
// update password
$this->wallabag->updatePassword($_POST['password'], $_POST['password_repeat']); //allowed ONLY to logged in user
} elseif (isset($_GET['newuser'])) { if ( \Session::isLogged() === true )
$this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser']); {
} elseif (isset($_GET['deluser'])) { if (isset($_GET['logout'])) {
$this->wallabag->deleteUser($_POST['password4deletinguser']); // see you soon !
} elseif (isset($_GET['epub'])) { $this->wallabag->logout();
$epub = new WallabagEpub($this->wallabag, $_GET['method'], $_GET['id'], $_GET['value']); } elseif (isset($_GET['config'])) {
$epub->run(); // update password
} elseif (isset($_GET['import'])) { $this->wallabag->updatePassword($_POST['password'], $_POST['password_repeat']);
$import = $this->wallabag->import(); } elseif (isset($_GET['newuser'])) {
$tplVars = array_merge($this->vars, $import); $this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser']);
} elseif (isset($_GET['download'])) { } elseif (isset($_GET['deluser'])) {
Tools::downloadDb(); $this->wallabag->deleteUser($_POST['password4deletinguser']);
} elseif (isset($_GET['empty-cache'])) { } elseif (isset($_GET['epub'])) {
Tools::emptyCache(); $epub = new WallabagEpub($this->wallabag, $_GET['method'], $_GET['id'], $_GET['value']);
} elseif (isset($_GET['export'])) { $epub->run();
$this->wallabag->export(); } elseif (isset($_GET['import'])) {
} elseif (isset($_GET['updatetheme'])) { $import = $this->wallabag->import();
$this->wallabag->tpl->updateTheme($_POST['theme']); $tplVars = array_merge($this->vars, $import);
} elseif (isset($_GET['updatelanguage'])) { } elseif (isset($_GET['download'])) {
$this->wallabag->language->updateLanguage($_POST['language']); Tools::downloadDb();
} elseif (isset($_GET['uploadfile'])) { } elseif (isset($_GET['empty-cache'])) {
$this->wallabag->uploadFile(); Tools::emptyCache();
} elseif (isset($_GET['feed'])) { } elseif (isset($_GET['export'])) {
if (isset($_GET['action']) && $_GET['action'] == 'generate') { $this->wallabag->export();
} elseif (isset($_GET['updatetheme'])) {
$this->wallabag->tpl->updateTheme($_POST['theme']);
} elseif (isset($_GET['updatelanguage'])) {
$this->wallabag->language->updateLanguage($_POST['language']);
} elseif (isset($_GET['uploadfile'])) {
$this->wallabag->uploadFile();
} elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
$this->wallabag->updateToken(); $this->wallabag->updateToken();
} }
else { elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
$tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0); $plainUrl = new Url(base64_encode($_GET['plainurl']));
$this->wallabag->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']); $this->wallabag->action('add', $plainUrl);
} }
} }
elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
$plainUrl = new Url(base64_encode($_GET['plainurl']));
$this->wallabag->action('add', $plainUrl);
}
} }
public function _render($file, $vars) public function _render($file, $vars)