diff options
author | plegall <plg@piwigo.org> | 2013-02-12 10:01:46 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2013-02-12 10:01:46 +0000 |
commit | ff5b60a215769bcf046bb9109b61ffe6af0ca5eb (patch) | |
tree | caf6066f015c0bd09620fb720c689a22552f1c99 | |
parent | ca9158ee817910c15449bc19cb595ed6886e3099 (diff) |
bug 2844: increase security on LocalFiles Editor, filter on files to edit.
git-svn-id: http://piwigo.org/svn/branches/2.4@20712 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | plugins/LocalFilesEditor/admin.php | 2 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/include/css.inc.php | 97 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/include/lang.inc.php | 58 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/include/tpl.inc.php | 51 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/template/admin.tpl | 31 |
5 files changed, 151 insertions, 88 deletions
diff --git a/plugins/LocalFilesEditor/admin.php b/plugins/LocalFilesEditor/admin.php index 4ca4cd2d0..136e601e7 100644 --- a/plugins/LocalFilesEditor/admin.php +++ b/plugins/LocalFilesEditor/admin.php @@ -55,7 +55,6 @@ include_once(LOCALEDIT_PATH.'include/'.$page['tab'].'.inc.php'); // +-----------------------------------------------------------------------+ if (isset($_POST['restore'])) { - $edited_file = $_POST['edited_file']; $content_file = file_get_contents(get_bak_file($edited_file)); array_push($page['infos'], l10n('locfiledit_bak_loaded1'), @@ -73,7 +72,6 @@ if (isset($_POST['submit'])) } else { - $edited_file = $_POST['edited_file']; $content_file = stripslashes($_POST['text']); if (get_extension($edited_file) == 'php') { diff --git a/plugins/LocalFilesEditor/include/css.inc.php b/plugins/LocalFilesEditor/include/css.inc.php index 15e434582..e1d70995a 100644 --- a/plugins/LocalFilesEditor/include/css.inc.php +++ b/plugins/LocalFilesEditor/include/css.inc.php @@ -1,24 +1,40 @@ <?php - if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); -if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit'])) -{ - $edited_file = $_POST['file_to_edit']; -} -elseif (isset($_POST['edited_file'])) +include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php'); +$themes = new themes(); + +if (isset($_POST['edit'])) { - $edited_file = $_POST['edited_file']; + $_POST['theme'] = $_POST['theme_select']; } -elseif (isset($_GET['theme']) and in_array($_GET['theme'], array_keys(get_pwg_themes(true)))) + +if (isset($_POST['theme']) and '~common~' == $_POST['theme']) { - $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$_GET['theme'].'-rules.css'; + $page['theme'] = $_POST['theme']; + $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'css/rules.css'; } else { - $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.get_default_theme().'-rules.css'; + if (isset($_GET['theme'])) + { + $page['theme'] = $_GET['theme']; + } + elseif (isset($_POST['theme'])) + { + $page['theme'] = $_POST['theme']; + } + + if (!isset($page['theme']) or !in_array($page['theme'], array_keys($themes->fs_themes))) + { + $page['theme'] = get_default_theme(); + } + + $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$page['theme'].'-rules.css'; } +$template->assign('theme', $page['theme']); + if (file_exists($edited_file)) { $content_file = file_get_contents($edited_file); @@ -29,12 +45,11 @@ else } $selected = 0; -// $options[] = l10n('locfiledit_choose_file'); -// $options[] = '----------------------'; -$value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . "css/rules.css"; +$value = '~common~'; +$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/rules.css'; -$options[$value] = (file_exists($value) ? '✔' : '✘').' local / css / rules.css'; -if ($edited_file == $value) +$options[$value] = (file_exists($file) ? '✔' : '✘').' local / css / rules.css'; +if ($page['theme'] == $value) { $selected = $value; } @@ -42,8 +57,6 @@ if ($edited_file == $value) // themes are displayed in the same order as on screen // [Administration > Configuration > Themes] -include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php'); -$themes = new themes(); $themes->sort_fs_themes(); $default_theme = get_default_theme(); $db_themes = $themes->get_db_themes(); @@ -81,47 +94,57 @@ foreach ($themes->fs_themes as $theme_id => $fs_theme) } } -$options[] = ''; -$options[] = '----- '.l10n('Active Themes').' -----'; -$options[] = ''; +$active_theme_options = array(); foreach ($active_themes as $theme) { - $value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css'; + $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css'; - $options[$value] = (file_exists($value) ? '✔' : '✘').' '.$theme['name']; + $label = (file_exists($file) ? '✔' : '✘').' '.$theme['name']; if ($default_theme == $theme['id']) { - $options[$value].= ' ('.l10n('default').')'; + $label.= ' ('.l10n('default').')'; } + + $active_theme_options[$theme['id']] = $label; - if ($edited_file == $value) + if ($theme['id'] == $page['theme']) { - $selected = $value; + $selected = $theme['id']; } } -$options[] = ''; -$options[] = '----- '.l10n('Inactive Themes').' -----'; -$options[] = ''; +if (count($active_theme_options) > 0) +{ + $options[l10n('Active Themes')] = $active_theme_options; +} + +$inactive_theme_options = array(); foreach ($inactive_themes as $theme) { - $value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css'; + $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css'; - $options[$value] = (file_exists($value) ? '✔' : '✘').' '.$theme['name']; + $inactive_theme_options[$theme['id']] = (file_exists($file) ? '✔' : '✘').' '.$theme['name']; - if ($edited_file == $value) + if ($theme['id'] == $page['theme']) { - $selected = $value; + $selected = $theme['id']; } } -$template->assign('css_lang_tpl', array( - 'OPTIONS' => $options, - 'SELECTED' => $selected - ) +if (count($inactive_theme_options) > 0) +{ + $options[l10n('Inactive Themes')] = $inactive_theme_options; +} + +$template->assign( + 'css_lang_tpl', + array( + 'SELECT_NAME' => 'theme_select', + 'OPTIONS' => $options, + 'SELECTED' => $selected + ) ); $codemirror_mode = 'text/css'; - ?>
\ No newline at end of file diff --git a/plugins/LocalFilesEditor/include/lang.inc.php b/plugins/LocalFilesEditor/include/lang.inc.php index fe5a4f85c..e32a26c49 100644 --- a/plugins/LocalFilesEditor/include/lang.inc.php +++ b/plugins/LocalFilesEditor/include/lang.inc.php @@ -1,32 +1,46 @@ <?php - if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); -$edited_file = isset($_POST['edited_file']) ? $_POST['edited_file'] : ''; -$content_file = ''; +$languages = get_languages(); -if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit'])) +if (isset($_POST['edit'])) { - $edited_file = $_POST['file_to_edit']; - if (file_exists($edited_file)) - { - $content_file = file_get_contents($edited_file); - } - else - { - $content_file = "<?php\n\n/* ".l10n('locfiledit_newfile')." */\n\n\n\n\n?>"; - } + $_POST['language'] = $_POST['language_select']; +} + +if (isset($_POST['language'])) +{ + $page['language'] = $_POST['language']; +} + +if (!isset($page['language']) or !in_array($page['language'], array_keys($languages))) +{ + $page['language'] = get_default_language(); } -$selected = 0; -$options[] = l10n('locfiledit_choose_file'); -$options[] = '----------------------'; +$template->assign('language', $page['language']); + +$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$page['language'].'.lang.php';; + +if (file_exists($edited_file)) +{ + $content_file = file_get_contents($edited_file); +} +else +{ + $content_file = "<?php\n\n/* ".l10n('locfiledit_newfile')." */\n\n\n\n\n?>"; +} + +$selected = 0; foreach (get_languages() as $language_code => $language_name) { - $value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$language_code.'.lang.php'; - if ($edited_file == $value) + $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$language_code.'.lang.php'; + + $options[$language_code] = (file_exists($file) ? '✔' : '✘').' '.$language_name; + + if ($page['language'] == $language_code) { - $selected = $value; + $selected = $language_code; $template->assign('show_default', array( array( 'URL' => LOCALEDIT_PATH.'show_default.php?file=language/'.$language_code.'/common.lang.php', @@ -39,10 +53,12 @@ foreach (get_languages() as $language_code => $language_name) ) ); } - $options[$value] = $language_name; } -$template->assign('css_lang_tpl', array( +$template->assign( + 'css_lang_tpl', + array( + 'SELECT_NAME' => 'language_select', 'OPTIONS' => $options, 'SELECTED' => $selected ) diff --git a/plugins/LocalFilesEditor/include/tpl.inc.php b/plugins/LocalFilesEditor/include/tpl.inc.php index 1063b2238..4e985ac92 100644 --- a/plugins/LocalFilesEditor/include/tpl.inc.php +++ b/plugins/LocalFilesEditor/include/tpl.inc.php @@ -1,21 +1,34 @@ <?php - if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); -$edited_file = isset($_POST['edited_file']) ? $_POST['edited_file'] : ''; -$content_file = ''; +$edited_file = ''; -if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit'])) +if (isset($_POST['edit'])) { - $edited_file = $_POST['file_to_edit']; - if (file_exists($edited_file)) + $_POST['template'] = $_POST['file_to_edit']; +} + +if (!empty($_POST['template'])) +{ + if (preg_match('#\.\./#', $_POST['template'])) { - $content_file = file_get_contents($edited_file); + die('Hacking attempt! template extension must be in template-extension directory'); } - else + + if (!preg_match('#\.tpl$#', $_POST['template'])) { - $content_file = ''; + die('Hacking attempt! template extension must be a *.tpl file'); } + + $template->assign('template', $_POST['template']); + + $edited_file = './template-extension/'.$_POST['template']; +} + +$content_file = ''; +if (file_exists($edited_file)) +{ + $content_file = file_get_contents($edited_file); } $newfile_page = isset($_GET['newfile']); @@ -50,6 +63,7 @@ if (isset($_POST['create_tpl'])) } else { + $template->assign('template', $filename); $edited_file = $_POST['tpl_parent'] . '/' . $filename; $content_file = ($_POST['tpl_model'] == '0') ? '' : file_get_contents($_POST['tpl_model']); } @@ -117,7 +131,7 @@ else $options[] = '----------------------'; foreach (get_extents() as $pwg_template) { - $value = './template-extension/' . $pwg_template; + $value = $pwg_template; $options[$value] = str_replace('/', ' / ', $pwg_template); if ($edited_file == $value) $selected = $value; } @@ -126,13 +140,16 @@ else $options[$edited_file] = str_replace(array('./template-extension/', '/'), array('', ' / '), $edited_file); $selected = $edited_file; } - $template->assign('css_lang_tpl', array( - 'OPTIONS' => $options, - 'SELECTED' => $selected, - 'NEW_FILE_URL' => $my_base_url.'-tpl&newfile', - 'NEW_FILE_CLASS' => empty($edited_file) ? '' : 'top_right' - ) - ); + $template->assign( + 'css_lang_tpl', + array( + 'SELECT_NAME' => 'file_to_edit', + 'OPTIONS' => $options, + 'SELECTED' => $selected, + 'NEW_FILE_URL' => $my_base_url.'-tpl&newfile', + 'NEW_FILE_CLASS' => empty($edited_file) ? '' : 'top_right' + ) + ); } $codemirror_mode = 'text/html'; diff --git a/plugins/LocalFilesEditor/template/admin.tpl b/plugins/LocalFilesEditor/template/admin.tpl index 00be8a017..23a5d1975 100644 --- a/plugins/LocalFilesEditor/template/admin.tpl +++ b/plugins/LocalFilesEditor/template/admin.tpl @@ -30,7 +30,18 @@ if (document.getElementById("text") != null) <div id="LocalFilesEditor"> -<input type="hidden" value="{$zone_edit.EDITED_FILE}" name="edited_file"/> +{if isset($theme)} +<input type="hidden" value="{$theme}" name="theme"> +{/if} + +{if isset($language)} +<input type="hidden" value="{$language}" name="language"> +{/if} + +{if isset($template)} +<input type="hidden" value="{$template}" name="template"> +{/if} + {if isset ($create_tpl)} <table> @@ -52,20 +63,18 @@ if (document.getElementById("text") != null) {/if} {if isset ($css_lang_tpl)} -<select name="file_to_edit"> -{foreach from=$css_lang_tpl.OPTIONS item=theme key=value} - <option value="{$value}" {if $value == $css_lang_tpl.SELECTED}selected="selected"{/if} {if is_numeric($value)}disabled="disabled"{/if}>{$theme}</option> -{/foreach} +<select name="{$css_lang_tpl.SELECT_NAME}"> +{html_options options=$css_lang_tpl.OPTIONS selected=$css_lang_tpl.SELECTED} </select> - <input class="submit" type="submit" value="{'locfiledit_edit'|@translate}" name="edit" /> <br><br> - {if isset ($css_lang_tpl.NEW_FILE_URL)} - <span class="{$css_lang_tpl.NEW_FILE_CLASS}"> - <a href="{$css_lang_tpl.NEW_FILE_URL}">{'locfiledit_new_tpl'|@translate}</a> - </span> - {/if} +{/if} + +{if isset ($css_lang_tpl.NEW_FILE_URL)} +<span class="{$css_lang_tpl.NEW_FILE_CLASS}"> +<a href="{$css_lang_tpl.NEW_FILE_URL}">{'locfiledit_new_tpl'|@translate}</a> +</span> {/if} {if isset ($zone_edit)} |