gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 05:31:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add csrf protection, check if target is equal source folder

Browse Source
This commit is contained in:
Uwe Steinmann 2021-01-25 09:07:12 +01:00
parent 64152e0d0b
commit c5694c21b4
4 changed files with 52 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
op/op.MoveDocument.php
View File

@ -20,6 +20,7 @@
include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Utils.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
@ -27,6 +28,11 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
/* Check if the form data comes from a trusted request */
if(!checkFormKey('movedocument', 'GET')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
@ -62,14 +68,17 @@ if($document->isLocked()) {
}
}
if ($targetid == $oldFolder->getID()) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("target_equals_source_folder"));
}
/* Check if name already exists in the folder */
if(!$settings->_enableDuplicateDocNames) {
if($targetFolder->hasDocumentByName($document->getName())) {
UI::exitError(getMLText("folder_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("document_duplicate_name"));
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("document_duplicate_name"));
}
}
if ($targetid != $oldFolder->getID()) {
if ($document->setFolder($targetFolder)) {
// Send notification to subscribers.
if($notifier) {
@ -102,7 +111,6 @@ if ($targetid != $oldFolder->getID()) {
} else {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured"));
}
}
add_log_line();

12
op/op.MoveFolder.php
View File

@ -20,6 +20,7 @@
include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Utils.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
@ -27,6 +28,11 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
/* Check if the form data comes from a trusted request */
if(!checkFormKey('movefolder', 'GET')) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_GET["folderid"]) || !is_numeric($_GET["folderid"]) || intval($_GET["folderid"])<1) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id"));
}
@ -52,6 +58,11 @@ if (!is_object($targetFolder)) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id"));
}
$oldFolder = $folder->getParent();
if ($targetid == $oldFolder->getID()) {
UI::exitError(getMLText("folder_title", array("foldername" => htmlspecialchars($folder->getName()))),getMLText("target_equals_source_folder"));
}
if($folder->isSubFolder($targetFolder)) {
UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("invalid_target_folder"));
}
@ -67,7 +78,6 @@ if(!$settings->_enableDuplicateSubFolderNames) {
}
}
$oldFolder = $folder->getParent();
if ($folder->setParent($targetFolder)) {
// Send notification to subscribers.
if($notifier) {

1
views/bootstrap/class.MoveDocument.php
View File

@ -52,6 +52,7 @@ class SeedDMS_View_MoveDocument extends SeedDMS_Bootstrap_Style {
$this->contentContainerStart('warning');
?>
<form class="form-horizontal" action="../op/op.MoveDocument.php" name="form1">
<?php echo createHiddenFieldWithKey('movedocument'); ?>
<input type="hidden" name="documentid" value="<?php print $document->getID();?>">
<?php
$this->formField(getMLText("choose_target_folder"), $this->getFolderChooserHtml("form1", M_READWRITE, -1, $target));

1
views/bootstrap/class.MoveFolder.php
View File

@ -52,6 +52,7 @@ class SeedDMS_View_MoveFolder extends SeedDMS_Bootstrap_Style {
?>
<form class="form-horizontal" action="../op/op.MoveFolder.php" name="form1">
<?php echo createHiddenFieldWithKey('movefolder'); ?>
<input type="hidden" name="folderid" value="<?php print $folder->getID();?>">
<input type="hidden" name="showtree" value="<?php echo showtree();?>">
<?php