diff --git a/ChangeLog b/ChangeLog
index 6b599d354ff6c..3fa2a3eda6bd9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,7 @@ English Dolibarr ChangeLog
Fix: Warning into bank conciliation feature.
Fix: Bad get of localtaxes into contracts add lines.
Fix: Add a limit into list to avoid browser to hang when database is too large.
+Fix: [ bug #1212 ] 'jqueryFileTree.php' directory traversal vulnerability
***** ChangeLog for 3.4.2 compared to 3.4.1 *****
Fix: field's problem into company's page (RIB).
diff --git a/dev/dolibarr_changes.txt b/dev/dolibarr_changes.txt
index 4cc7f5761562e..68383139ac6d4 100644
--- a/dev/dolibarr_changes.txt
+++ b/dev/dolibarr_changes.txt
@@ -53,3 +53,9 @@ window.location.href=pRef
JCROP:
------
* Remove analytics tag into file index.html
+
+
+JQUERYFILETREE:
+---------------
+* Remove directory htdocs/includes/jquery/plugins/jqueryFileTree/connectors
+
diff --git a/htdocs/expedition/fiche.php b/htdocs/expedition/fiche.php
index 6ddaea765dde3..d9ea629601891 100644
--- a/htdocs/expedition/fiche.php
+++ b/htdocs/expedition/fiche.php
@@ -51,9 +51,9 @@
$origin = GETPOST('origin','alpha')?GETPOST('origin','alpha'):'expedition'; // Example: commande, propal
$origin_id = GETPOST('id','int')?GETPOST('id','int'):'';
+$id = $origin_id;
if (empty($origin_id)) $origin_id = GETPOST('origin_id','int'); // Id of order or propal
if (empty($origin_id)) $origin_id = GETPOST('object_id','int'); // Id of order or propal
-$id = $origin_id;
$ref=GETPOST('ref','alpha');
// Security check
@@ -917,7 +917,7 @@
}
}
}
-else
+else if ($id || $ref)
/* *************************************************************************** */
/* */
/* Edit and view mode */
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.asp b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.asp
deleted file mode 100755
index 41eb5b4d5b779..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.asp
+++ /dev/null
@@ -1,44 +0,0 @@
-<%
-'
-' jQuery File Tree ASP (VBS) Connector
-' Copyright 2008 Chazzuka
-' programmer@chazzuka.com
-' http://www.chazzuka.com/
-'
-' retrive base directory
-dim BaseFileDir:BaseFileDir=Request.Form("dir")
-' if blank give default value
-if len(BaseFileDir)=0 then BaseFileDir="/userfiles/"
-
-dim ObjFSO,BaseFile,Html
-' resolve the absolute path
-BaseFile = Server.MapPath(BaseFileDir)&"\"
-' create FSO
-Set ObjFSO = Server.CreateObject("Scripting.FileSystemObject")
-' if given folder is exists
-if ObjFSO.FolderExists(BaseFile) then
- dim ObjFolder,ObjSubFolder,ObjFile,i__Name,i__Ext
- Html = Html + ""&VBCRLF
- Set ObjFolder = ObjFSO.GetFolder(BaseFile)
- ' LOOP THROUGH SUBFOLDER
- For Each ObjSubFolder In ObjFolder.SubFolders
- i__Name=ObjSubFolder.name
- Html = Html + "- "&_
- ""&_
- (i__Name)+"
"&VBCRLF
- Next
- 'LOOP THROUGH FILES
- For Each ObjFile In ObjFolder.Files
- ' name
- i__Name=ObjFile.name
- ' extension
- i__Ext = LCase(Mid(i__Name, InStrRev(i__Name, ".", -1, 1) + 1))
- Html = Html + "- "&_
- ""&_
- (i__name)+"
"&VBCRLF
- Next
- Html = Html + "
"&VBCRLF
-end if
-
-Response.Write Html
-%>
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.aspx b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.aspx
deleted file mode 100755
index f8443ae71230a..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.aspx
+++ /dev/null
@@ -1,31 +0,0 @@
-<%@ Page Language="C#" AutoEventWireup="true" %>
-
-<%
- //
- // jQuery File Tree ASP Connector
- //
- // Version 1.0
- //
- // Copyright (c)2008 Andrew Sweeny
- // asweeny@fit.edu
- // 24 March 2008
- //
- string dir;
- if(Request.Form["dir"] == null || Request.Form["dir"].Length <= 0)
- dir = "/";
- else
- dir = Server.UrlDecode(Request.Form["dir"]);
- System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(dir);
- Response.Write("\n");
- foreach (System.IO.DirectoryInfo di_child in di.GetDirectories())
- Response.Write("\t- " + di_child.Name + "
\n");
- foreach (System.IO.FileInfo fi in di.GetFiles())
- {
- string ext = "";
- if(fi.Extension.Length > 1)
- ext = fi.Extension.Substring(1).ToLower();
-
- Response.Write("\t- " + fi.Name + "
\n");
- }
- Response.Write("
");
- %>
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.cf b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.cf
deleted file mode 100755
index 815f83b6ed6da..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.cf
+++ /dev/null
@@ -1,19 +0,0 @@
-
-
-
-
-
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.jsp b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.jsp
deleted file mode 100755
index 27b3420217490..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.jsp
+++ /dev/null
@@ -1,49 +0,0 @@
-<%@ page
- import="java.io.File,java.io.FilenameFilter,java.util.Arrays"%>
-<%
-/**
- * jQuery File Tree JSP Connector
- * Version 1.0
- * Copyright 2008 Joshua Gould
- * 21 April 2008
-*/
- String dir = request.getParameter("dir");
- if (dir == null) {
- return;
- }
-
- if (dir.charAt(dir.length()-1) == '\\') {
- dir = dir.substring(0, dir.length()-1) + "/";
- } else if (dir.charAt(dir.length()-1) != '/') {
- dir += "/";
- }
-
- dir = java.net.URLDecoder.decode(dir, "UTF-8");
-
- if (new File(dir).exists()) {
- String[] files = new File(dir).list(new FilenameFilter() {
- public boolean accept(File dir, String name) {
- return name.charAt(0) != '.';
- }
- });
- Arrays.sort(files, String.CASE_INSENSITIVE_ORDER);
- out.print("");
- // All dirs
- for (String file : files) {
- if (new File(dir, file).isDirectory()) {
- out.print("- "
- + file + "
");
- }
- }
- // All files
- for (String file : files) {
- if (!new File(dir, file).isDirectory()) {
- int dotIndex = file.lastIndexOf('.');
- String ext = dotIndex > 0 ? file.substring(dotIndex + 1) : "";
- out.print("- "
- + file + "
");
- }
- }
- out.print("
");
- }
-%>
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.php b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.php
deleted file mode 100755
index d983e2f1a442d..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.php
+++ /dev/null
@@ -1,43 +0,0 @@
- 2 ) { /* The 2 accounts for . and .. */
- echo "";
- // All dirs
- foreach( $files as $file ) {
- if( file_exists($root . $_POST['dir'] . $file) && $file != '.' && $file != '..' && is_dir($root . $_POST['dir'] . $file) ) {
- echo "- " . htmlentities($file) . "
";
- }
- }
- // All files
- foreach( $files as $file ) {
- if( file_exists($root . $_POST['dir'] . $file) && $file != '.' && $file != '..' && !is_dir($root . $_POST['dir'] . $file) ) {
- $ext = preg_replace('/^.*\./', '', $file);
- echo "- " . htmlentities($file) . "
";
- }
- }
- echo "
";
- }
-}
-
-?>
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.pl b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.pl
deleted file mode 100755
index 200701695b790..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.pl
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/usr/bin/perl
-use strict;
-use HTML::Entities ();
-
-#-----------------------------------------------------------
-# jQuery File Tree Perl Connector
-#
-# Version 1.0
-#
-# Oleg Burlaca
-# http://www.burlaca.com/2009/02/jquery-file-tree-connector/
-# 12 February 2009
-#-----------------------------------------------------------
-
-# for security reasons, specify a root folder
-# to prevent the whole filesystem to be shown
-# for ex: the root folder of your webbrowser
-
-my $root = "/var/www/html/";
-
-#----------------------------------------------------------
-
-my $params = &getCGIParams();
-print "Content-type: text/html\n\n";
-
-my $dir = $params->{dir};
-my $fullDir = $root . $dir;
-
-exit if ! -e $fullDir;
-
-opendir(BIN, $fullDir) or die "Can't open $dir: $!";
-my (@folders, @files);
-my $total = 0;
-while( defined (my $file = readdir BIN) ) {
- next if $file eq '.' or $file eq '..';
- $total++;
- if (-d "$fullDir/$file") {
- push (@folders, $file);
- } else {
- push (@files, $file);
- }
-}
-closedir(BIN);
-
-return if $total == 0;
-print "\n";
-
-
-
-
-#--------------------------------------------------------------------------------------------------
-sub getCGIParams {
- my $line;
-
- if ($ENV{'REQUEST_METHOD'} eq "POST") {
- read(STDIN, $line, $ENV{'CONTENT_LENGTH'});
- } else {
- $line = $ENV{'QUERY_STRING'};
- }
-
- my (@pairs) = split(/&/, $line);
- my ($name, $value, %F);
-
- foreach (@pairs) {
- ($name, $value) = split(/=/);
- $value =~ tr/+/ /;
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-
- if (! exists $F{$name}) {
- $F{$name} = $value;
- } elsif (exists $F{$name} and ref($F{$name}) ne 'ARRAY') {
- my $prev_value = $F{$name};
- delete $F{$name};
- $F{$name} = [ $prev_value, $value ];
- } else { push @{ $F{$name} }, $value }
- }
- return \%F;
-}
-#--------------------------------------------------------------------------------------------------
-
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.py b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.py
deleted file mode 100755
index 6b63c06419fa2..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.py
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# jQuery File Tree
-# Python/Django connector script
-# By Martin Skou
-#
-import os
-import urllib
-
-def dirlist(request):
- r=['']
- try:
- r=['']
- d=urllib.unquote(request.POST.get('dir','c:\\temp'))
- for f in os.listdir(d):
- ff=os.path.join(d,f)
- if os.path.isdir(ff):
- r.append('- %s
' % (ff,f))
- else:
- e=os.path.splitext(f)[1][1:] # get .ext and remove dot
- r.append('- %s
' % (e,ff,f))
- r.append('
')
- except Exception,e:
- r.append('Could not load directory: %s' % str(e))
- r.append('
')
- return HttpResponse(''.join(r))
\ No newline at end of file
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.rb b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.rb
deleted file mode 100755
index b30b8a976a2ff..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree.rb
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# jQuery File Tree Ruby Connector
-#
-# Version 1.01
-#
-# Erik Lax
-# http://datahack.se
-# 13 July 2008
-#
-# History
-#
-# 1.01 Initial Release
-#
-# Output a list of files for jQuery File Tree
-#
-
-#
-#root = "/absolute/path/"
-# or
-root = File.expand_path(".")
-#
-
-#
-require "cgi"
-cgi = CGI.new
-cgi.header("type" => "text/html")
-dir = cgi.params["dir"].to_s
-
-puts ""
-begin
- path = root + "/" + dir
-
- # chdir() to user requested dir (root + "/" + dir)
- Dir.chdir(File.expand_path(path).untaint);
-
- # check that our base path still begins with root path
- if Dir.pwd[0,root.length] == root then
-
- #loop through all directories
- Dir.glob("*") {
- |x|
- if not File.directory?(x.untaint) then next end
- puts "- #{x}
";
- }
-
- #loop through all files
- Dir.glob("*") {
- |x|
- if not File.file?(x.untaint) then next end
- ext = File.extname(x)[1..-1]
- puts "- #{x}
"
- }
- else
- #only happens when someone tries to go outside your root directory...
- puts "You are way out of your league"
- end
-rescue
- puts "Internal Error"
-end
-puts "
"
-#
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_huck.lasso b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_huck.lasso
deleted file mode 100755
index 3359e29314f1f..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_huck.lasso
+++ /dev/null
@@ -1,36 +0,0 @@
-[
- //
- // jQuery File Tree Lasso Connector
- //
- // Version 1.00
- //
- // Jason Huck
- // http://devblog.jasonhuck.com/
- // 1 May 2008
- //
- // History:
- //
- // 1.00 - released (1 May 2008)
- //
- // Output a list of files for jQuery File Tree
- //
-
- !action_param('dir') ? abort;
- var('dir') = action_param('dir');
- var('files') = file_listdirectory($dir);
-
- '';
-
- iterate($files, local('file'));
- #file->beginswith('.') ? loop_continue;
-
- if(#file->endswith('/'));
- '- ' + #file + '
';
- else;
- local('ext') = #file->split('.')->last;
- '- ' + #file + '
';
- /if;
- /iterate;
-
- '
';
-]
diff --git a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_sabourdin.lasso b/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_sabourdin.lasso
deleted file mode 100755
index 077258e2583aa..0000000000000
--- a/htdocs/includes/jquery/plugins/jqueryFileTree/connectors/jqueryFileTree_sabourdin.lasso
+++ /dev/null
@@ -1,48 +0,0 @@
-(Sort);
- if:( $files->(Size) > 0 );
- output:'';
- // All dirs
- Iterate:($files),(Local:'file');
- if:( file_exists:($root + $_POST.dir + #file) )&&( #file != '.' )&&( #file != '..' )&&( File_IsDirectory:($root + $_POST.dir + #file) );
- output:'- ' + (Encode_HTML:(#file)) + '
';
- /if;
- /Iterate;
- // All files
- Local:'ext';
- Iterate:($files),(Local:'file');
- if:( file_exists:($root + $_POST.dir + #file) )&&( #file != '.' )&&( #file != '..' )&&( (File_IsDirectory:($root + $_POST.dir + #file))==false );
- #ext = (#file)->(Split:'.')->Last;
- output:'- ' + (Encode_HTML:(#file)) + '
';
- /if;
- /Iterate;
- output:'
';
- /if;
-/if;
-
-/Encode_set;
-?>
\ No newline at end of file