mirror of
https://github.com/moparisthebest/wallabag
synced 2024-11-30 12:52:24 -05:00
[fix] security problems with tags
This commit is contained in:
parent
53ae58e1a1
commit
b89d5a2bf4
@ -344,30 +344,36 @@ class Database {
|
|||||||
return $this->getHandle()->lastInsertId($column);
|
return $this->getHandle()->lastInsertId($column);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveAllTags() {
|
public function retrieveAllTags($user_id) {
|
||||||
$sql = "SELECT * FROM tags";
|
$sql = "SELECT tags.* FROM tags
|
||||||
$query = $this->executeQuery($sql, array());
|
LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
|
||||||
|
LEFT JOIN entries ON tags_entries.entry_id=entries.id
|
||||||
|
WHERE entries.user_id=?";
|
||||||
|
$query = $this->executeQuery($sql, array($user_id));
|
||||||
$tags = $query->fetchAll();
|
$tags = $query->fetchAll();
|
||||||
|
|
||||||
return $tags;
|
return $tags;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveTag($id) {
|
public function retrieveTag($id, $user_id) {
|
||||||
$tag = NULL;
|
$tag = NULL;
|
||||||
$sql = "SELECT * FROM tags WHERE id=?";
|
$sql = "SELECT tags.* FROM tags
|
||||||
$params = array(intval($id));
|
LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
|
||||||
|
LEFT JOIN entries ON tags_entries.entry_id=entries.id
|
||||||
|
WHERE tags.id=? AND entries.user_id=?";
|
||||||
|
$params = array(intval($id), $user_id);
|
||||||
$query = $this->executeQuery($sql, $params);
|
$query = $this->executeQuery($sql, $params);
|
||||||
$tag = $query->fetchAll();
|
$tag = $query->fetchAll();
|
||||||
|
|
||||||
return isset($tag[0]) ? $tag[0] : null;
|
return isset($tag[0]) ? $tag[0] : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveEntriesByTag($tag_id) {
|
public function retrieveEntriesByTag($tag_id, $user_id) {
|
||||||
$sql =
|
$sql =
|
||||||
"SELECT entries.* FROM entries
|
"SELECT entries.* FROM entries
|
||||||
LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id
|
LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id
|
||||||
WHERE tags_entries.tag_id = ?";
|
WHERE tags_entries.tag_id = ? AND entries.user_id=?";
|
||||||
$query = $this->executeQuery($sql, array($tag_id));
|
$query = $this->executeQuery($sql, array($tag_id, $user_id));
|
||||||
$entries = $query->fetchAll();
|
$entries = $query->fetchAll();
|
||||||
|
|
||||||
return $entries;
|
return $entries;
|
||||||
|
@ -463,6 +463,12 @@ class Poche
|
|||||||
case 'add_tag' :
|
case 'add_tag' :
|
||||||
$tags = explode(',', $_POST['value']);
|
$tags = explode(',', $_POST['value']);
|
||||||
$entry_id = $_POST['entry_id'];
|
$entry_id = $_POST['entry_id'];
|
||||||
|
$entry = $this->store->retrieveOneById($entry_id, $this->user->getId());
|
||||||
|
if (!$entry) {
|
||||||
|
$this->messages->add('e', _('Article not found!'));
|
||||||
|
Tools::logm('error : article not found');
|
||||||
|
Tools::redirect();
|
||||||
|
}
|
||||||
foreach($tags as $key => $tag_value) {
|
foreach($tags as $key => $tag_value) {
|
||||||
$value = trim($tag_value);
|
$value = trim($tag_value);
|
||||||
$tag = $this->store->retrieveTagByValue($value);
|
$tag = $this->store->retrieveTagByValue($value);
|
||||||
@ -487,6 +493,12 @@ class Poche
|
|||||||
break;
|
break;
|
||||||
case 'remove_tag' :
|
case 'remove_tag' :
|
||||||
$tag_id = $_GET['tag_id'];
|
$tag_id = $_GET['tag_id'];
|
||||||
|
$entry = $this->store->retrieveOneById($id, $this->user->getId());
|
||||||
|
if (!$entry) {
|
||||||
|
$this->messages->add('e', _('Article not found!'));
|
||||||
|
Tools::logm('error : article not found');
|
||||||
|
Tools::redirect();
|
||||||
|
}
|
||||||
$this->store->removeTagForEntry($id, $tag_id);
|
$this->store->removeTagForEntry($id, $tag_id);
|
||||||
Tools::redirect();
|
Tools::redirect();
|
||||||
break;
|
break;
|
||||||
@ -525,6 +537,12 @@ class Poche
|
|||||||
break;
|
break;
|
||||||
case 'edit-tags':
|
case 'edit-tags':
|
||||||
# tags
|
# tags
|
||||||
|
$entry = $this->store->retrieveOneById($id, $this->user->getId());
|
||||||
|
if (!$entry) {
|
||||||
|
$this->messages->add('e', _('Article not found!'));
|
||||||
|
Tools::logm('error : article not found');
|
||||||
|
Tools::redirect();
|
||||||
|
}
|
||||||
$tags = $this->store->retrieveTagsByEntry($id);
|
$tags = $this->store->retrieveTagsByEntry($id);
|
||||||
$tpl_vars = array(
|
$tpl_vars = array(
|
||||||
'entry_id' => $id,
|
'entry_id' => $id,
|
||||||
@ -532,8 +550,8 @@ class Poche
|
|||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
case 'tag':
|
case 'tag':
|
||||||
$entries = $this->store->retrieveEntriesByTag($id);
|
$entries = $this->store->retrieveEntriesByTag($id, $this->user->getId());
|
||||||
$tag = $this->store->retrieveTag($id);
|
$tag = $this->store->retrieveTag($id, $this->user->getId());
|
||||||
$tpl_vars = array(
|
$tpl_vars = array(
|
||||||
'tag' => $tag,
|
'tag' => $tag,
|
||||||
'entries' => $entries,
|
'entries' => $entries,
|
||||||
@ -541,7 +559,7 @@ class Poche
|
|||||||
break;
|
break;
|
||||||
case 'tags':
|
case 'tags':
|
||||||
$token = $this->user->getConfigValue('token');
|
$token = $this->user->getConfigValue('token');
|
||||||
$tags = $this->store->retrieveAllTags();
|
$tags = $this->store->retrieveAllTags($this->user->getId());
|
||||||
$tpl_vars = array(
|
$tpl_vars = array(
|
||||||
'token' => $token,
|
'token' => $token,
|
||||||
'user_id' => $this->user->getId(),
|
'user_id' => $this->user->getId(),
|
||||||
@ -1056,7 +1074,7 @@ class Poche
|
|||||||
$feed->setChannelElement('author', 'wallabag');
|
$feed->setChannelElement('author', 'wallabag');
|
||||||
|
|
||||||
if ($type == 'tag') {
|
if ($type == 'tag') {
|
||||||
$entries = $this->store->retrieveEntriesByTag($tag_id);
|
$entries = $this->store->retrieveEntriesByTag($tag_id, $user_id);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$entries = $this->store->getEntriesByView($type, $user_id);
|
$entries = $this->store->getEntriesByView($type, $user_id);
|
||||||
|
Loading…
Reference in New Issue
Block a user