Add session token checking to various admin pages.

horde · Oct 19, 2015 · 0583e53 · 0583e53
1 parent 33ddcc7
commit 0583e53
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 2 deletions.
diff --git a/horde/admin/cmdshell.php b/horde/admin/cmdshell.php
@@ -27,8 +27,9 @@
 $view->action = Horde::url('admin/cmdshell.php');
 $view->command = trim(Horde_Util::getFormData('cmd'));
 $view->title = $title;
-
+$view->session = $session;
 if ($view->command) {
+    $session->checkToken(Horde_Util::getPost('token'));
     $cmds = explode("\n", $view->command);
     $out = array();
 

diff --git a/horde/admin/phpshell.php b/horde/admin/phpshell.php
@@ -48,8 +48,10 @@
 $view->apps = $apps;
 $view->command = $command;
 $view->title = $title;
+$view->session = $session;
 
 if ($command) {
+    $session->checkToken($vars->token);
     $pushed = $registry->pushApp($application);
 
     $part = new Horde_Mime_Part();

diff --git a/horde/admin/sqlshell.php b/horde/admin/sqlshell.php
@@ -22,7 +22,9 @@
 $q_cache = $session->get('horde', 'sql_query_cache', Horde_Session::TYPE_ARRAY);
 $title = _("SQL Shell");
 $vars = $injector->getInstance('Horde_Variables');
-
+if ($vars->get('list-tables') || ($command = trim($vars->sql))) {
+    $session->checkToken($vars->token);
+}
 if ($vars->get('list-tables')) {
     $description = 'LIST TABLES';
     $result = $db->tables();
@@ -48,6 +50,7 @@
 $view = new Horde_View(array(
     'templatePath' => HORDE_TEMPLATES . '/admin'
 ));
+$view->session = $session;
 $view->addHelper('Horde_Core_View_Helper_Help');
 $view->addHelper('Text');
 

diff --git a/horde/templates/admin/cmdshell.html.php b/horde/templates/admin/cmdshell.html.php
@@ -11,6 +11,8 @@
 <?php endif; ?>
 
 <form action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <h1 class="header"><?php echo $this->title ?></h1>
 
  <div class="horde-content">

diff --git a/horde/templates/admin/phpshell.html.php b/horde/templates/admin/phpshell.html.php
@@ -1,4 +1,6 @@
 <form action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <h1 class="header"><?php echo $this->h($this->title) ?></h1>
 
  <div class="horde-content">

diff --git a/horde/templates/admin/sqlshell.html.php b/horde/templates/admin/sqlshell.html.php
@@ -1,6 +1,8 @@
 <h1 class="header"><?php echo $this->title ?></h1>
 
 <form name="sqlshell" action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <div class="horde-content">
 <?php if ($this->results): ?>
 <?php if ($this->command): ?>