$GLOBALS['phpgw*'] and applied a patch from juergen@henge-ernst.de to close a security-hole (faked POST-request for edit-form)

This commit is contained in:
Ralf Becker 2001-10-03 21:29:32 +00:00
parent 7a151f621c
commit 14bfb1423e

View File

@ -28,8 +28,6 @@
function uiinfolog( ) function uiinfolog( )
{ {
global $phpgw;
$this->bo = CreateObject('infolog.boinfolog'); $this->bo = CreateObject('infolog.boinfolog');
$this->icons = array( $this->icons = array(
@ -69,7 +67,7 @@
$this->html = CreateObject('infolog.html'); $this->html = CreateObject('infolog.html');
$this->template = CreateObject('phpgwapi.Template', $this->template = CreateObject('phpgwapi.Template',
$phpgw->common->get_tpl_dir('infolog')); $GLOBALS['phpgw']->common->get_tpl_dir('infolog'));
$this->categories = CreateObject('phpgwapi.categories'); $this->categories = CreateObject('phpgwapi.categories');
$this->nextmatchs = CreateObject('phpgwapi.nextmatchs'); $this->nextmatchs = CreateObject('phpgwapi.nextmatchs');
} }
@ -81,23 +79,13 @@
function icon($cat,$id,$status='') function icon($cat,$id,$status='')
{ {
global $phpgw,$DOCUMENT_ROOT; if (!$status || !($icon = $this->icons[$cat][$id.'_'.$status]))
{
if (!$status || !($icon = $this->icons[$cat][$id.'_'.$status])) {
$icon = $this->icons[$cat][$id]; $icon = $this->icons[$cat][$id];
} }
if ($icon) if ($icon && !is_readable($GLOBALS['phpgw']->common->get_image_dir() . '/' . $icon))
{ {
$fname = $phpgw->common->get_image_dir() . '/' . $icon; $icon = False;
if (!is_readable($fname))
{
$icon = False; // echo "<br>Can't read '$fname' !!!";
}
else
{
$icon = $phpgw->common->get_image_path() . '/' . $icon;
}
} }
if (!$status || !($alt = $this->icons[$cat][$id.'_'.$status.'_alt'])) if (!$status || !($alt = $this->icons[$cat][$id.'_'.$status.'_alt']))
{ {
@ -106,18 +94,15 @@
$alt = $id; $alt = $id;
} }
} }
return ($icon ? "<img src='$icon' alt='" : '') . lang($alt) . return $icon ? $this->html->image('infolog',$icon,lang($alt),'border=0') : lang($alt);
($icon ? '\' border=0>' : '');
} }
function setStyleSheet( ) function setStyleSheet( )
{ {
global $phpgw;
return array ( return array (
'info_css' => '<link rel="stylesheet" type="text/css" href="'. 'info_css' => '<link rel="stylesheet" type="text/css" href="'.
str_replace( '/images','', str_replace( '/images','',
$phpgw->common->get_image_path()).'/info.css">' $GLOBALS['phpgw']->common->get_image_path()).'/info.css">'
); );
} }
@ -127,8 +112,6 @@
*/ */
function formatInfo($info=0,$p_id=0,$a_id=0) function formatInfo($info=0,$p_id=0,$a_id=0)
{ {
global $phpgw,$phpgw_info;
if (!is_array($info) && (!$info || if (!is_array($info) && (!$info ||
!is_array($info=$this->bo->read($info)))) !is_array($info=$this->bo->read($info))))
{ {
@ -185,10 +168,10 @@
} }
else else
{ {
$enddate = $phpgw->common->show_date($info['info_enddate'], $enddate = $GLOBALS['phpgw']->common->show_date($info['info_enddate'],
$phpgw_info['user']['preferences']['common']['dateformat']); $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']);
if (!$done && $info['info_enddate'] < time()+(60*60)*$phpgw_info['user']['preferences']['common']['tz_offset']) if (!$done && $info['info_enddate'] < time()+(60*60)*$GLOBALS['phpgw_info']['user']['preferences']['common']['tz_offset'])
{ {
$enddate = "<span class=overdue>$enddate</span>"; $enddate = "<span class=overdue>$enddate</span>";
} }
@ -213,21 +196,19 @@
'pri' => lang($info['info_pri']), 'pri' => lang($info['info_pri']),
'subject' => $subject, 'subject' => $subject,
'des' => nl2br($info['info_des']), 'des' => nl2br($info['info_des']),
'startdate' => $phpgw->common->show_date($info['info_startdate'], 'startdate' => $GLOBALS['phpgw']->common->show_date($info['info_startdate'],
$phpgw_info['user']['preferences']['common']['dateformat']), $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']),
'enddate' => $enddate, 'enddate' => $enddate,
'owner' => $owner, 'owner' => $owner,
'datecreated' => $phpgw->common->show_date($info['info_datecreated'], 'datecreated' => $GLOBALS['phpgw']->common->show_date($info['info_datecreated'],
$phpgw_info['user']['preferences']['common']['dateformat']), $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']),
'responsible' => $responsible 'responsible' => $responsible
); );
} }
function infoHeaders( $do_sort_header=0,$sort=0,$order=0,$cat_id=0) function infoHeaders( $do_sort_header=0,$sort=0,$order=0,$cat_id=0)
{ {
global $phpgw,$phpgw_info; $headers['th_bg'] = $GLOBALS['phpgw_info']['theme']['th_bg'];
$headers['th_bg'] = $phpgw_info['theme']['th_bg'];
$fields = array( $fields = array(
'type' => 'Type', 'type' => 'Type',
@ -250,12 +231,12 @@
function get_referer( ) function get_referer( )
{ {
global $phpgw_info,$HTTP_REFERER,$referer; global $HTTP_REFERER,$referer;
if (!$referer) if (!$referer)
$referer = $HTTP_REFERER; $referer = $HTTP_REFERER;
$url = parse_url(str_replace($phpgw_info['server']['webserver_url'],'', $url = parse_url(str_replace($GLOBALS['phpgw_info']['server']['webserver_url'],'',
$referer)); $referer));
$referer = $url['path']; $referer = $url['path'];
@ -268,12 +249,11 @@
function get_list($for_include=0) function get_list($for_include=0)
{ {
global $phpgw,$phpgw_info;
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter; global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
global $action,$addr_id,$proj_id,$info_id; global $action,$addr_id,$proj_id,$info_id;
if (!$for_include) { if (!$for_include) {
$phpgw->common->phpgw_header(); $GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar(); echo parse_navbar();
} }
$t = $this->template; $html = $this->html; $t = $this->template; $html = $this->html;
@ -285,7 +265,7 @@
if (!$filter) if (!$filter)
{ {
$filter = $phpgw_info['user']['preferences']['infolog']['defaultFilter']; $filter = $GLOBALS['phpgw_info']['user']['preferences']['infolog']['defaultFilter'];
} }
$hidden_vars = array( $hidden_vars = array(
@ -359,7 +339,7 @@
$action,$addr_id,$proj_id,$info_id, $action,$addr_id,$proj_id,$info_id,
$ordermethod,$start,$total); $ordermethod,$start,$total);
$maxmatchs = $phpgw_info['user']['preferences']['common']['maxmatchs']; $maxmatchs = $GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs'];
if ($total > $maxmatchs) if ($total > $maxmatchs)
{ {
$to = $start + $maxmatchs; $to = $start + $maxmatchs;
@ -412,7 +392,7 @@
$filters[] = array( $f,$lang ); $filters[] = array( $f,$lang );
} }
$next_matchs = $this->nextmatchs->show_tpl('/index.php',$start, $next_matchs = $this->nextmatchs->show_tpl('/index.php',$start,
$total,'&'.$q_string,'95%',$phpgw_info['theme']['th_bg'], $total,'&'.$q_string,'95%',$GLOBALS['phpgw_info']['theme']['th_bg'],
0,$filters,1,0,$cat_id,'cat_id'); 0,$filters,1,0,$cat_id,'cat_id');
$t->set_var('next_matchs',$next_matchs); $t->set_var('next_matchs',$next_matchs);
@ -507,7 +487,6 @@
function edit( ) function edit( )
{ {
global $phpgw,$phpgw_info;
global $cat_id,$sort,$order,$query,$start,$filter; global $cat_id,$sort,$order,$query,$start,$filter;
global $action,$info_id,$save,$add,$query_addr,$query_project; global $action,$info_id,$save,$add,$query_addr,$query_project;
// formular fields // formular fields
@ -603,6 +582,18 @@
$access = $access ? 'private' : 'public'; $access = $access ? 'private' : 'public';
if (! is_array($error)) if (! is_array($error))
{
/*
** if an info_id exists, check if this user hast the rights to edit
** this entry (should prevent faking the info_id in a post request)
** or if is a new sub check if he has rights to add a sub
*/
if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT) ||
!$info_id && $id_parent && !$this->bo->check_access($id_parent,PHPGW_ACL_ADD))
{
$error[]=lang('Access denied');
}
else
{ {
$this->bo->write(array( $this->bo->write(array(
'type' => $type, 'type' => $type,
@ -623,7 +614,7 @@
'id_parent' => $id_parent, 'id_parent' => $id_parent,
'responsible' => $responsible 'responsible' => $responsible
)); ));
}
if (!$query_addr && !$query_project) if (!$query_addr && !$query_project)
{ {
Header('Location: ' . $html->link($referer, array('cd'=>15))); Header('Location: ' . $html->link($referer, array('cd'=>15)));
@ -637,11 +628,11 @@
if (!$this->bo->check_access($info_id,PHPGW_ACL_ADD)) if (!$this->bo->check_access($info_id,PHPGW_ACL_ADD))
{ {
Header('Location: ' . $html->link($referer)); Header('Location: ' . $html->link($referer));
$phpgw->common->phpgw_exit(); $GLOBALS['phpgw']->common->phpgw_exit();
} }
$parent = $this->bo->so->data; $parent = $this->bo->so->data;
$this->bo->so->data['info_id'] = $info_id = 0; $this->bo->so->data['info_id'] = $info_id = 0;
$this->bo->so->data['info_owner'] = $phpgw_info['user']['account_id']; $this->bo->so->data['info_owner'] = $GLOBALS['phpgw_info']['user']['account_id'];
$this->bo->so->data['info_id_parent'] = $parent['info_id']; $this->bo->so->data['info_id_parent'] = $parent['info_id'];
if ($parent['info_type']=='task' && $parent['info_status']=='offer') if ($parent['info_type']=='task' && $parent['info_status']=='offer')
{ {
@ -658,7 +649,7 @@
if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT)) if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT))
{ {
Header('Location: ' . $html->link($referer)); Header('Location: ' . $html->link($referer));
$phpgw->common->phpgw_exit(); $GLOBALS['phpgw']->common->phpgw_exit();
} }
} }
if (!$id_parent) if (!$id_parent)
@ -671,7 +662,7 @@
'referer' => $referer 'referer' => $referer
)); ));
$phpgw->common->phpgw_header(); $GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar(); echo parse_navbar();
$t->set_file(array('info_edit' => 'form.tpl')); $t->set_file(array('info_edit' => 'form.tpl'));
@ -686,7 +677,7 @@
if (is_array($error)) if (is_array($error))
{ {
$t->set_var('error_list',$phpgw->common->error_list($error)); $t->set_var('error_list',$GLOBALS['phpgw']->common->error_list($error));
} }
switch ($action) switch ($action)
@ -728,11 +719,11 @@
'type',$type,$this->bo->enums['type']),True)); 'type',$type,$this->bo->enums['type']),True));
$t->set_var('lang_prfrom', lang('From')); $t->set_var('lang_prfrom', lang('From'));
if (!isset($from)) $from =$phpgw->strip_html($this->bo->so->data['info_from']); if (!isset($from)) $from =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_from']);
$t->set_var('fromval', $from); $t->set_var('fromval', $from);
$t->set_var('lang_praddr', lang('Phone/Email')); $t->set_var('lang_praddr', lang('Phone/Email'));
if (!isset($addr)) $addr =$phpgw->strip_html($this->bo->so->data['info_addr']); if (!isset($addr)) $addr =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_addr']);
$t->set_var('addrval', $addr); $t->set_var('addrval', $addr);
if (!isset($id_project)) $id_project = $this->bo->so->data['info_proj_id']; if (!isset($id_project)) $id_project = $this->bo->so->data['info_proj_id'];
@ -743,12 +734,12 @@
$t->set_var('lang_prsubject', lang('Subject')); $t->set_var('lang_prsubject', lang('Subject'));
if (!isset($subject)) { if (!isset($subject)) {
$subject = $phpgw->strip_html($this->bo->so->data['info_subject']); $subject = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_subject']);
} }
$t->set_var('subjectval', $subject); $t->set_var('subjectval', $subject);
$t->set_var('lang_prdesc', lang('Description')); $t->set_var('lang_prdesc', lang('Description'));
if (!isset($des)) $des = $phpgw->strip_html($this->bo->so->data['info_des']); if (!isset($des)) $des = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_des']);
$t->set_var('descval', $des); $t->set_var('descval', $des);
$t->set_var('lang_start_date',lang('Startdate')); $t->set_var('lang_start_date',lang('Startdate'));
@ -808,7 +799,6 @@
function delete( ) function delete( )
{ {
global $phpgw,$phpgw_info;
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter; global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
global $info_id,$confirm; global $info_id,$confirm;
@ -833,7 +823,7 @@
} }
else else
{ {
$phpgw->common->phpgw_header(); $GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar(); echo parse_navbar();
$t->set_file(array( 'info_delete' => 'delete.tpl' )); $t->set_file(array( 'info_delete' => 'delete.tpl' ));
@ -856,7 +846,6 @@
function preferences( ) function preferences( )
{ {
global $phpgw,$phpgw_info;
global $save; global $save;
$prefs = array( $prefs = array(
@ -869,20 +858,20 @@
'defaultFilter' => $this->filters 'defaultFilter' => $this->filters
); );
$phpgw->preferences->read_repository(); $GLOBALS['phpgw']->preferences->read_repository();
if ($save) if ($save)
{ {
while (list($pref,$lang) = each($prefs)) while (list($pref,$lang) = each($prefs))
{ {
$phpgw->preferences->add('infolog',$pref); $GLOBALS['phpgw']->preferences->add('infolog',$pref);
} }
$phpgw->preferences->save_repository(True); $GLOBALS['phpgw']->preferences->save_repository(True);
Header('Location: '.$phpgw->link('/preferences/index.php')); Header('Location: '.$GLOBALS['phpgw']->link('/preferences/index.php'));
$phpgw->common->phpgw_exit(); $GLOBALS['phpgw']->common->phpgw_exit();
} }
$phpgw->common->phpgw_header(); $GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar(); echo parse_navbar();
$t = $this->template; $html = $this->html; $t = $this->template; $html = $this->html;
@ -894,7 +883,7 @@
'text' => '&nbsp;', 'text' => '&nbsp;',
'action_url' => $html->link('/index.php', 'action_url' => $html->link('/index.php',
$this->menuaction('preferences')), $this->menuaction('preferences')),
'bg_h_color' => $phpgw_info['theme']['th_bg'], 'bg_h_color' => $GLOBALS['phpgw_info']['theme']['th_bg'],
'save_button' => $html->submit_button('save','Save') 'save_button' => $html->submit_button('save','Save')
); );
$t->set_var($vars); $t->set_var($vars);
@ -911,13 +900,13 @@
if (!is_object($sbox)) $sbox = CreateObject('phpgwapi.sbox2'); if (!is_object($sbox)) $sbox = CreateObject('phpgwapi.sbox2');
$t->set_var('data',$sbox->getArrayItem($pref, $t->set_var('data',$sbox->getArrayItem($pref,
$phpgw_info['user']['preferences']['infolog'][$pref], $GLOBALS['phpgw_info']['user']['preferences']['infolog'][$pref],
$allowed_values[$pref],1)); $allowed_values[$pref],1));
} }
else else
{ {
$t->set_var('data',$html->checkbox($pref, $t->set_var('data',$html->checkbox($pref,
$phpgw_info['user']['preferences']['infolog'][$pref])); $GLOBALS['phpgw_info']['user']['preferences']['infolog'][$pref]));
} }
$t->parse('pref_linehandle','pref_line',True); $t->parse('pref_linehandle','pref_line',True);
} }