Fixed issue #8565: Possible code injection when using old mod_php ver…

…sions
LimeSurvey · Jan 22, 2014 · 21a0cbc · 21a0cbc
1 parent bbfeb62
commit 21a0cbc
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 8 deletions.
diff --git a/application/helpers/admin/template_helper.php b/application/helpers/admin/template_helper.php
@@ -155,6 +155,8 @@ function templateExtractFilter($p_event, &$p_header)
     $aAllowExtensions=explode(',',Yii::app()->getConfig('allowedtemplateuploads'));    
     $aAllowExtensions[]='pstpl'; 
     $info = pathinfo($p_header['filename']);
+    // Deny files with multiple extensions in general
+    if (substr_count($info['basename'],'.')!=1) return 0;
     if ($p_header['folder'] || !isset($info['extension']) || in_array($info['extension'],$aAllowExtensions)) {
         return 1;
     }

diff --git a/application/views/admin/templates/importuploaded_view.php b/application/views/admin/templates/importuploaded_view.php
@@ -2,7 +2,7 @@
 <div class='messagebox ui-corner-all'>
     <div class='successheader'><?php $clang->eT("Success") ?></div><br />
     <?php $clang->eT("File upload succeeded.") ?><br /><br />
-    <?php $clang->eT("Reading file..") ?><br /><br />
+    <?php $clang->eT("Reading file...") ?><br /><br />
     <strong><?php $clang->eT("Imported template files for") ?></strong> <?php echo $lid ?><br /><br />
     <?php
         $okfiles = 0;
@@ -28,9 +28,9 @@
         }
     ?>
     <div class="<?php echo $statusClass ?>"><?php echo $status ?></div><br />
-    <strong><u><?php $clang->eT("Resources Import Summary") ?></u></strong><br />
-    <?php echo $clang->gT("Total Imported files") . ": $okfiles" ?><br />
-    <?php echo $clang->gT("Total Errors") . ": $errfiles" ?><br />
+    <strong><u><?php $clang->eT("Resources import summary") ?></u></strong><br />
+    <?php echo $clang->gT("Total files imported") . ": $okfiles" ?><br />
+    <?php echo $clang->gT("Total errors") . ": $errfiles" ?><br />
     <?php
         if (count($aImportedFilesInfo) > 0)
         {
@@ -42,12 +42,12 @@
                 {
                     if ($entry['is_folder']){
                     ?> 
-                    <li><?php echo $clang->gT("Folder") . ": " . $entry["filename"] ?></li>
+                    <li><?php echo $clang->gT("Folder") . ": " . htmlspecialchars($entry["filename"],ENT_QUOTES,'utf-8'); ?></li>
                     <?php
                     }
                     else
                     { ?>
-                    <li><?php echo $clang->gT("File") . ": " . $entry["filename"] ?></li>
+                    <li><?php echo $clang->gT("File") . ": " . htmlspecialchars($entry["filename"],ENT_QUOTES,'utf-8'); ?></li>
 
 
                     <?php
@@ -58,7 +58,7 @@
             {
             ?>
         </ul>
-        <br /><strong><u><?php $clang->eT("Error Files List") ?>:</u></strong><br />
+        <br /><strong><u><?php $clang->eT("Error files list") ?>:</u></strong><br />
         <ul>
             <?php
                 foreach ($aErrorFilesInfo as $entry)
@@ -102,5 +102,5 @@
         <?php
         }
     ?>
-    <input type='submit' value='<?php $clang->eT("Open imported template") ?>' onclick="window.open('<?php echo $this->createUrl('admin/templates/view/editfile/startpage.pstpl/screenname/welcome/templatename/' . $newdir) ?>', '_top')" />
+    <input type='submit' value='<?php $clang->eT("Open imported template") ?>' onclick="window.open('<?php echo $this->createUrl('admin/templates/sa/view/editfile/startpage.pstpl/screenname/welcome/templatename/' . $newdir) ?>', '_top')" />
 </div>