From e61324a599d35cfe08b7468009d2338104d13f51 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Tue, 13 Mar 2012 21:02:37 +0000 Subject: [PATCH] additional checks --- lam/lib/config.inc | 8 ++++++-- lam/lib/security.inc | 2 +- lam/templates/config/confmain.php | 4 ++-- lam/templates/config/mainmanage.php | 4 ++-- lam/templates/config/profmanage.php | 30 +++++++++++++++++------------ 5 files changed, 29 insertions(+), 19 deletions(-) diff --git a/lam/lib/config.inc b/lam/lib/config.inc index 9c8dc8ef..d97e1d7d 100644 --- a/lam/lib/config.inc +++ b/lam/lib/config.inc @@ -289,9 +289,13 @@ class LAMConfig { /** * Loads preferences from config file * - * @param integer $file Index number in config file array + * @param String $file file name without ".conf" (e.g. lam) */ - function __construct($file = 0) { + function __construct($file) { + if (empty($file) || !preg_match("/^[a-z0-9_-]+$/i", $file)) { + logNewMessage('ERROR', 'Invalid config file name: ' . $file); + die(); + } // load first profile if none is given if (!is_string($file)) { $profiles = getConfigProfiles(); diff --git a/lam/lib/security.inc b/lam/lib/security.inc index dc769bef..0d73606d 100644 --- a/lam/lib/security.inc +++ b/lam/lib/security.inc @@ -90,7 +90,7 @@ function checkClientIP() { $grantAccess = false; for ($i = 0; $i < sizeof($allowedHosts); $i++) { $host = $allowedHosts[$i]; - $ipRegex = '/^[0-9\\.\\*]+$/'; + $ipRegex = '/^[0-9a-z\\.:\\*]+$/i'; if (!preg_match($ipRegex, $host)) continue; $hostRegex = str_replace(".", "\\.", $host); $hostRegex = '/^' . str_replace("*", ".*", $hostRegex) . '$/'; diff --git a/lam/templates/config/confmain.php b/lam/templates/config/confmain.php index 3d083295..08f9b58b 100644 --- a/lam/templates/config/confmain.php +++ b/lam/templates/config/confmain.php @@ -434,10 +434,10 @@ function checkInput() { if (isLAMProVersion()) { $conf->setAccessLevel($_POST['accessLevel']); if (!$conf->setLamProMailFrom($_POST['pwdResetMail_from'])) { - $errors[] = array("ERROR", _("From address for password mails is invalid."), $_POST['pwdResetMail_from']); + $errors[] = array("ERROR", _("From address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_from'])); } if (!$conf->setLamProMailReplyTo($_POST['pwdResetMail_replyTo'])) { - $errors[] = array("ERROR", _("Reply-to address for password mails is invalid."), $_POST['pwdResetMail_replyTo']); + $errors[] = array("ERROR", _("Reply-to address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_replyTo'])); } $conf->setLamProMailSubject($_POST['pwdResetMail_subject']); if (isset($_POST['pwdResetMail_isHTML']) && ($_POST['pwdResetMail_isHTML'] == 'on')) { diff --git a/lam/templates/config/mainmanage.php b/lam/templates/config/mainmanage.php index 2f3ad688..7f0b60eb 100644 --- a/lam/templates/config/mainmanage.php +++ b/lam/templates/config/mainmanage.php @@ -90,9 +90,9 @@ if (isset($_POST['submit'])) { continue; } // check each line - $ipRegex = '/^[0-9\\.\\*]+$/'; + $ipRegex = '/^[0-9a-f\\.:\\*]+$/i'; if (!preg_match($ipRegex, $allowedHostsList[$i]) || (strlen($allowedHostsList[$i]) > 15)) { - $errors[] = sprintf(_("The IP address %s is invalid!"), str_replace('%', '%%', $allowedHostsList[$i])); + $errors[] = sprintf(_("The IP address %s is invalid!"), htmlspecialchars(str_replace('%', '%%', $allowedHostsList[$i]))); } } $allowedHosts = implode(",", $allowedHostsList); diff --git a/lam/templates/config/profmanage.php b/lam/templates/config/profmanage.php index c9e4d819..7c355517 100644 --- a/lam/templates/config/profmanage.php +++ b/lam/templates/config/profmanage.php @@ -109,22 +109,28 @@ if (isset($_POST['action'])) { } // set new profile password elseif ($_POST['action'] == "setpass") { - if ($_POST['setpassword'] && $_POST['setpassword2'] && ($_POST['setpassword'] == $_POST['setpassword2'])) { - $config = new LAMConfig($_POST['setprofile']); - $config->set_Passwd($_POST['setpassword']); - $config->save(); - $config = null; - $msg = _("New password set successfully."); + if (preg_match("/^[a-z0-9_-]+$/i", $_POST['setprofile'])) { + if ($_POST['setpassword'] && $_POST['setpassword2'] && ($_POST['setpassword'] == $_POST['setpassword2'])) { + $config = new LAMConfig($_POST['setprofile']); + $config->set_Passwd($_POST['setpassword']); + $config->save(); + $config = null; + $msg = _("New password set successfully."); + } + else $error = _("Profile passwords are different or empty!"); } - else $error = _("Profile passwords are different or empty!"); + else $error = _("Profile name is invalid!"); } // set default profile elseif ($_POST['action'] == "setdefault") { - $configMain = new LAMCfgMain(); - $configMain->default = $_POST['defaultfilename']; - $configMain->save(); - $configMain = null; - $msg = _("New default profile set successfully."); + if (preg_match("/^[a-z0-9_-]+$/i", $_POST['defaultfilename'])) { + $configMain = new LAMCfgMain(); + $configMain->default = $_POST['defaultfilename']; + $configMain->save(); + $configMain = null; + $msg = _("New default profile set successfully."); + } + else $error = _("Profile name is invalid!"); } }