Skip to content
This repository has been archived by the owner on May 25, 2021. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
Add CSRF check for Special:Report
Also clean up a little of the logic
  • Loading branch information
Kenny2github committed Jan 21, 2021
1 parent 2f43a84 commit f828dc6
Showing 1 changed file with 26 additions and 16 deletions.
42 changes: 26 additions & 16 deletions SpecialReport.php
Expand Up @@ -55,7 +55,7 @@ public function execute( $par ) {
}
$request = $this->getRequest();
if ($request->wasPosted()) {
return self::onPost( $par, $out, $request );
return self::onPost( $par, $out, $request, $user );
}
$out->setIndexPolicy( 'noindex' );
$out->addHTML(
Expand Down Expand Up @@ -87,6 +87,14 @@ public function execute( $par ) {
'id' => 'mw-report-form-reason'
]
));
$out->addHTML(Html::rawElement(
'input',
[
'type' => 'hidden',
'name' => 'token',
'value' => $user->getEditToken()
]
));
$out->addHTML(Html::rawElement(
'input',
[
Expand All @@ -98,29 +106,31 @@ public function execute( $par ) {
$out->addHTML(Html::closeElement( 'form' ));
}

static public function onPost( $par, $out, $request ) {
global $wgUser;
static public function onPost( $par, $out, $request, $user ) {
if (!$user->matchEditToken($request->getText( 'token' ))) {
$out->addWikiMsg( 'sessionfailure' );
return;
}
if (!$request->getText('reason')) {
$out->addHTML(Html::rawElement(
'p',
[ 'class' => 'error '],
wfMessage( 'report-error-missing-reason' )->escaped()
));
} else {
$dbw = wfGetDB( DB_MASTER );
$dbw->startAtomic(__METHOD__);
$dbw->insert( 'report_reports', [
'report_revid' => (int)$par,
'report_reason' => $request->getText('reason'),
'report_user' => $wgUser->getId(),
'report_user_text' => $wgUser->getName(),
'report_timestamp' => wfTimestampNow()
], __METHOD__ );
$dbw->endAtomic(__METHOD__);
$out->addWikiMsg( 'report-success' );
$out->addWikiMsg( 'returnto', '[[' . SpecialPage::getTitleFor('Diff', $par)->getPrefixedText() . ']]' );
return;
}
$dbw = wfGetDB( DB_MASTER );
$dbw->startAtomic(__METHOD__);
$dbw->insert( 'report_reports', [
'report_revid' => (int)$par,
'report_reason' => $request->getText('reason'),
'report_user' => $user->getId(),
'report_user_text' => $user->getName(),
'report_timestamp' => wfTimestampNow()
], __METHOD__ );
$dbw->endAtomic(__METHOD__);
$out->addWikiMsg( 'report-success' );
$out->addWikiMsg( 'returnto', '[[' . SpecialPage::getTitleFor('Diff', $par)->getPrefixedText() . ']]' );
}

public function getGroupName() {
Expand Down

1 comment on commit f828dc6

@Kenny2github
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit fixes GHSA-9f3w-c334-jm2h

Please sign in to comment.