From c695136e4d75695178a9fc848a7cf6bfa2b9346c Mon Sep 17 00:00:00 2001 From: plegall Date: Fri, 19 Mar 2010 22:25:39 +0000 Subject: bug 1328: backport the pwg_token on trunk bug 1329: backport the check_input_parameter on trunk feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring on this feature to make the code simpler and easier to maintain (I hope). git-svn-id: http://piwigo.org/svn/trunk@5195 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions.inc.php | 82 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) (limited to 'include/functions.inc.php') diff --git a/include/functions.inc.php b/include/functions.inc.php index 91738090f..092fe15a4 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -1482,4 +1482,86 @@ function get_icon($date, $is_child_date = false) return $cache['get_icon'][$date] ? $icon : array(); } + +/** + * check token comming from form posted or get params to prevent csrf attacks + * if pwg_token is empty action doesn't require token + * else pwg_token is compare to server token + * + * @return void access denied if token given is not equal to server token + */ +function check_pwg_token() +{ + $valid_token = get_pwg_token(); + $given_token = null; + + if (!empty($_POST['pwg_token'])) + { + $given_token = $_POST['pwg_token']; + } + elseif (!empty($_GET['pwg_token'])) + { + $given_token = $_GET['pwg_token']; + } + if ($given_token != $valid_token) + { + access_denied(); + } +} + +function get_pwg_token() +{ + global $conf; + + return hash_hmac('md5', session_id(), $conf['secret_key']); +} + +/* + * breaks the script execution if the given value doesn't match the given + * pattern. This should happen only during hacking attempts. + * + * @param string param_name + * @param array param_array + * @param boolean is_array + * @param string pattern + * + * @return void + */ +function check_input_parameter($param_name, $param_array, $is_array, $pattern) +{ + $param_value = null; + if (isset($param_array[$param_name])) + { + $param_value = $param_array[$param_name]; + } + + // it's ok if the input parameter is null + if (empty($param_value)) + { + return true; + } + + if ($is_array) + { + if (!is_array($param_value)) + { + fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array'); + } + + foreach ($param_value as $item_to_check) + { + if (!preg_match($pattern, $item_to_check)) + { + fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"'); + } + } + } + else + { + if (!preg_match($pattern, $param_value)) + { + fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid'); + } + } +} ?> \ No newline at end of file -- cgit v1.2.3