Permalink
Browse files

Require POST for sending forms

* Ensure that the form is submitted with a post request
* Replaced several links with forms

Closes engelsystem#494 (Security Vulnerability)
  • Loading branch information...
MyIgel authored and msquare committed Nov 20, 2018
1 parent 7e45452 commit 2e28336818183e2c63c8015fb476bc01c822f50a
@@ -86,7 +86,7 @@ function angeltype_delete_controller()
$angeltype = load_angeltype();
if (request()->has('confirmed')) {
if (request()->hasPostData('delete')) {
AngelType_delete($angeltype);
success(sprintf(__('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes'));
@@ -127,7 +127,7 @@ function angeltype_edit_controller()
$angeltype = AngelType_new();
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
if (!$supporter_mode) {
@@ -35,7 +35,7 @@ function event_config_edit_controller()
/** @var Carbon $teardown_end_date */
$teardown_end_date = $config->get('teardown_end');
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
if ($request->has('event_name')) {
@@ -96,7 +96,7 @@ function shift_entry_create_controller_admin($shift, $angeltype)
$angeltype = $angeltypes[0];
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
ShiftEntry_create([
'SID' => $shift['SID'],
'TID' => $angeltype['id'],
@@ -167,7 +167,7 @@ function shift_entry_create_controller_supporter($shift, $angeltype)
redirect(shift_link($shift));
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
ShiftEntry_create([
'SID' => $shift['SID'],
'TID' => $angeltype['id'],
@@ -246,7 +246,7 @@ function shift_entry_create_controller_user($shift, $angeltype)
}
$comment = '';
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$comment = strip_request_item_nl('comment');
ShiftEntry_create([
'SID' => $shift['SID'],
@@ -346,7 +346,7 @@ function shift_entry_delete_controller()
redirect(user_link($signout_user->id));
}
if ($request->has('continue')) {
if ($request->hasPostData('delete')) {
ShiftEntry_delete($shiftEntry);
success(__('Shift entry removed.'));
redirect(shift_link($shift));
@@ -355,13 +355,13 @@ function shift_entry_delete_controller()
if ($user->id == $signout_user->id) {
return [
ShiftEntry_delete_title(),
ShiftEntry_delete_view($shiftEntry, $shift, $angeltype, $signout_user->id)
ShiftEntry_delete_view($shift, $angeltype, $signout_user->id)
];
}
return [
ShiftEntry_delete_title(),
ShiftEntry_delete_view_admin($shiftEntry, $shift, $angeltype, $signout_user)
ShiftEntry_delete_view_admin($shift, $angeltype, $signout_user)
];
}
@@ -81,7 +81,7 @@ function shift_edit_controller()
$start = $shift['start'];
$end = $shift['end'];
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
// Name/Bezeichnung der Schicht, darf leer sein
$title = strip_request_item('title');
@@ -222,7 +222,7 @@ function shift_delete_controller()
}
// Schicht löschen bestätigt
if ($request->has('delete')) {
if ($request->hasPostData('delete')) {
Shift_delete($shift_id);
engelsystem_log(
@@ -241,9 +241,10 @@ function shift_delete_controller()
date('Y-m-d H:i', $shift['start']),
date('H:i', $shift['end'])
), true),
'<a class="button" href="'
. page_link_to('user_shifts', ['delete_shift' => $shift_id, 'delete' => 1]) .
'">' . __('delete') . '</a>'
form([
form_hidden('delete_shift', $shift_id),
form_submit('delete', __('delete')),
]),
]);
}
@@ -26,7 +26,7 @@ function shifttype_delete_controller()
redirect(page_link_to('shifttypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('delete')) {
ShiftType_delete($shifttype['id']);
engelsystem_log('Deleted shifttype ' . $shifttype['name']);
@@ -67,7 +67,7 @@ function shifttype_edit_controller()
$description = $shifttype['description'];
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
if ($request->has('name') && $request->input('name') != '') {
@@ -59,7 +59,7 @@ function user_angeltypes_delete_all_controller()
redirect(page_link_to('angeltypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('deny_all')) {
UserAngelTypes_delete_all($angeltype['id']);
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
@@ -100,7 +100,7 @@ function user_angeltypes_confirm_all_controller()
redirect(page_link_to('angeltypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('confirm_all')) {
UserAngelTypes_confirm_all($angeltype['id'], $user->id);
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
@@ -152,7 +152,7 @@ function user_angeltype_confirm_controller()
redirect(page_link_to('angeltypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('confirm_user')) {
UserAngelType_confirm($user_angeltype['id'], $user->id);
engelsystem_log(sprintf(
@@ -212,7 +212,7 @@ function user_angeltype_delete_controller()
redirect(page_link_to('angeltypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('delete')) {
UserAngelType_delete($user_angeltype);
$success_message = sprintf(__('User %s removed from %s.'), User_Nick_render($user_source), $angeltype['name']);
@@ -274,7 +274,7 @@ function user_angeltype_update_controller()
redirect(page_link_to('angeltypes'));
}
if ($request->has('confirmed')) {
if ($request->hasPostData('submit')) {
UserAngelType_update($user_angeltype['id'], $supporter);
$success_message = sprintf(
@@ -318,7 +318,7 @@ function user_angeltype_add_controller()
// Load possible users, that are not in the angeltype already
$users_source = Users_by_angeltype_inverted($angeltype);
if (request()->has('submit')) {
if (request()->hasPostData('submit')) {
$user_source = load_user();
if (!UserAngelType_exists($user_source->id, $angeltype)) {
@@ -369,7 +369,7 @@ function user_angeltype_join_controller($angeltype)
redirect(page_link_to('angeltypes'));
}
if (request()->has('confirmed')) {
if (request()->hasPostData('submit')) {
$user_angeltype_id = UserAngelType_create($user->id, $angeltype);
$success_message = sprintf(__('You joined %s.'), $angeltype['name']);
@@ -114,7 +114,7 @@ function user_driver_license_edit_controller()
$wants_to_drive = true;
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$wants_to_drive = $request->has('wants_to_drive');
if ($wants_to_drive) {
$user_driver_license['has_car'] = $request->has('has_car');
@@ -16,7 +16,7 @@ function user_worklog_delete_controller()
}
$user_source = User::find($userWorkLog['user_id']);
if ($request->has('confirmed')) {
if ($request->hasPostData('submit')) {
UserWorkLog_delete($userWorkLog);
success(__('Work log entry deleted.'));
@@ -25,7 +25,7 @@ function user_worklog_delete_controller()
return [
UserWorkLog_delete_title(),
UserWorkLog_delete_view($user_source, $userWorkLog)
UserWorkLog_delete_view($user_source)
];
}
@@ -43,7 +43,7 @@ function user_worklog_edit_controller()
}
$user_source = User::find($userWorkLog['user_id']);
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
list ($valid, $userWorkLog) = user_worklog_from_request($userWorkLog);
if ($valid) {
@@ -114,7 +114,7 @@ function user_worklog_add_controller()
$userWorkLog = UserWorkLog_new($user_source->id);
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
list ($valid, $userWorkLog) = user_worklog_from_request($userWorkLog);
if ($valid) {
@@ -66,7 +66,7 @@ function user_delete_controller()
redirect(user_link($user->id));
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
if (
@@ -80,6 +80,8 @@ function user_delete_controller()
}
if ($valid) {
// Load data before user deletion to prevent errors when displaying
$user_source->load(['contact', 'personalData', 'settings', 'state']);
$user_source->delete();
mail_user_delete($user_source);
@@ -150,7 +152,7 @@ function user_edit_vouchers_controller()
redirect(page_link_to(''));
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
$vouchers = '';
@@ -326,7 +328,7 @@ function user_password_recovery_set_new_controller()
redirect(page_link_to('login'));
}
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
if (
@@ -361,7 +363,7 @@ function user_password_recovery_set_new_controller()
function user_password_recovery_start_controller()
{
$request = request();
if ($request->has('submit')) {
if ($request->hasPostData('submit')) {
$valid = true;
$user_source = null;
Oops, something went wrong.

0 comments on commit 2e28336

Please sign in to comment.