security issue

2024-08-13 16:54:00 -04:00 · 2014-07-24 16:48:41 +03:00 · 2014-07-24 16:48:41 +03:00 · 7dd8b5026d
commit 7dd8b5026d
parent 6da20812ce
2 changed files with 45 additions and 42 deletions
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@ -750,8 +750,8 @@ class Poche
            die(sprintf(_('User with this id (%d) does not exist.'), $user_id));
        }
-        if (!in_array($type, $allowed_types) || $token != $config['token']) {
+        if (!in_array($type, $allowed_types) || !isset($config['token']) || $token != $config['token']) {
-            die(_('Uh, there is a problem while generating feeds.'));
+            die(_('Uh, there is a problem while generating feed. Wrong token used?'));
        }
        $feed = new FeedWriter(RSS2);
--- a/inc/poche/Routing.class.php
+++ b/inc/poche/Routing.class.php
@ -98,49 +98,52 @@ class Routing
    private function _launchAction()
    {
        if (isset($_GET['login'])) {
-            // hello you
+        	// hello to you
-            $this->wallabag->login($this->referer);
+        	$this->wallabag->login($this->referer);
-        } elseif (isset($_GET['logout'])) {
+        } elseif (isset($_GET['feed']) && isset($_GET['user_id'])) {
-            // see you soon !
+            $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
-            $this->wallabag->logout();
+            $this->wallabag->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
-        } elseif (isset($_GET['config'])) {
+        }
-            // update password
+        
-            $this->wallabag->updatePassword($_POST['password'], $_POST['password_repeat']);
+        //allowed ONLY to logged in user
-        } elseif (isset($_GET['newuser'])) {
+        if ( \Session::isLogged() === true ) 
-            $this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser']);
+        {
-        } elseif (isset($_GET['deluser'])) {
+            if (isset($_GET['logout'])) {
-            $this->wallabag->deleteUser($_POST['password4deletinguser']);
+                // see you soon !
-        } elseif (isset($_GET['epub'])) {
+                $this->wallabag->logout();
-            $epub = new WallabagEpub($this->wallabag, $_GET['method'], $_GET['id'], $_GET['value']);
+            } elseif (isset($_GET['config'])) {
-            $epub->run();
+                // update password
-        } elseif (isset($_GET['import'])) {
+                $this->wallabag->updatePassword($_POST['password'], $_POST['password_repeat']);
-            $import = $this->wallabag->import();
+            } elseif (isset($_GET['newuser'])) {
-            $tplVars = array_merge($this->vars, $import);
+                $this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser']);
-        } elseif (isset($_GET['download'])) {
+            } elseif (isset($_GET['deluser'])) {
-            Tools::downloadDb();
+                $this->wallabag->deleteUser($_POST['password4deletinguser']);
-        } elseif (isset($_GET['empty-cache'])) {
+            } elseif (isset($_GET['epub'])) {
-            Tools::emptyCache();
+                $epub = new WallabagEpub($this->wallabag, $_GET['method'], $_GET['id'], $_GET['value']);
-        } elseif (isset($_GET['export'])) {
+                $epub->run();
-            $this->wallabag->export();
+            } elseif (isset($_GET['import'])) {
-        } elseif (isset($_GET['updatetheme'])) {
+                $import = $this->wallabag->import();
-            $this->wallabag->tpl->updateTheme($_POST['theme']);
+                $tplVars = array_merge($this->vars, $import);
-        } elseif (isset($_GET['updatelanguage'])) {
+            } elseif (isset($_GET['download'])) {
-            $this->wallabag->language->updateLanguage($_POST['language']);
+                Tools::downloadDb();
-        } elseif (isset($_GET['uploadfile'])) {
+            } elseif (isset($_GET['empty-cache'])) {
-            $this->wallabag->uploadFile();
+                Tools::emptyCache();
-        } elseif (isset($_GET['feed'])) {
+            } elseif (isset($_GET['export'])) {
-            if (isset($_GET['action']) && $_GET['action'] == 'generate') {
+                $this->wallabag->export();
            } elseif (isset($_GET['updatetheme'])) {
                $this->wallabag->tpl->updateTheme($_POST['theme']);
            } elseif (isset($_GET['updatelanguage'])) {
                $this->wallabag->language->updateLanguage($_POST['language']);
            } elseif (isset($_GET['uploadfile'])) {
                $this->wallabag->uploadFile();
            } elseif (isset($_GET['feed']) && isset($_GET['action']) && $_GET['action'] == 'generate') {
                $this->wallabag->updateToken();
            }
-            else {
+            elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
-                $tag_id = (isset($_GET['tag_id']) ? intval($_GET['tag_id']) : 0);
+                $plainUrl = new Url(base64_encode($_GET['plainurl']));
-                $this->wallabag->generateFeeds($_GET['token'], filter_var($_GET['user_id'],FILTER_SANITIZE_NUMBER_INT), $tag_id, $_GET['type']);
+                $this->wallabag->action('add', $plainUrl);
            }
        }
        elseif (isset($_GET['plainurl']) && !empty($_GET['plainurl'])) {
            $plainUrl = new Url(base64_encode($_GET['plainurl']));
            $this->wallabag->action('add', $plainUrl);
        }
    }
    public function _render($file, $vars)