Permalink
Browse files

merge r20712 from branch 2.4 to trunk

bug 2844: increase security on LocalFiles Editor, filter on files to edit.



git-svn-id: http://piwigo.org/svn/trunk@20714 68402e56-0260-453c-a942-63ccdbb3a9ee
  • Loading branch information...
plegall committed Feb 12, 2013
1 parent 270d033 commit 8a7952a1712ee79386291e3e92e5b5cc91227812
@@ -55,7 +55,6 @@
// +-----------------------------------------------------------------------+
if (isset($_POST['restore']))
{
$edited_file = $_POST['edited_file'];
$content_file = file_get_contents(get_bak_file($edited_file));
array_push($page['infos'],
l10n('locfiledit_bak_loaded1'),
@@ -73,7 +72,6 @@
}
else
{
$edited_file = $_POST['edited_file'];
$content_file = stripslashes($_POST['text']);
if (get_extension($edited_file) == 'php')
{
@@ -1,24 +1,40 @@
<?php
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit']))
{
$edited_file = $_POST['file_to_edit'];
}
elseif (isset($_POST['edited_file']))
include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
$themes = new themes();
if (isset($_POST['edit']))
{
$edited_file = $_POST['edited_file'];
$_POST['theme'] = $_POST['theme_select'];
}
elseif (isset($_GET['theme']) and in_array($_GET['theme'], array_keys(get_pwg_themes(true))))
if (isset($_POST['theme']) and '~common~' == $_POST['theme'])
{
$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$_GET['theme'].'-rules.css';
$page['theme'] = $_POST['theme'];
$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'css/rules.css';
}
else
{
$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.get_default_theme().'-rules.css';
if (isset($_GET['theme']))
{
$page['theme'] = $_GET['theme'];
}
elseif (isset($_POST['theme']))
{
$page['theme'] = $_POST['theme'];
}
if (!isset($page['theme']) or !in_array($page['theme'], array_keys($themes->fs_themes)))
{
$page['theme'] = get_default_theme();
}
$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$page['theme'].'-rules.css';
}
$template->assign('theme', $page['theme']);
if (file_exists($edited_file))
{
$content_file = file_get_contents($edited_file);
@@ -29,21 +45,18 @@
}
$selected = 0;
// $options[] = l10n('locfiledit_choose_file');
// $options[] = '----------------------';
$value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . "css/rules.css";
$value = '~common~';
$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/rules.css';
$options[$value] = (file_exists($value) ? '&#x2714;' : '&#x2718;').' local / css / rules.css';
if ($edited_file == $value)
$options[$value] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' local / css / rules.css';
if ($page['theme'] == $value)
{
$selected = $value;
}
// themes are displayed in the same order as on screen
// [Administration > Configuration > Themes]
include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
$themes = new themes();
$themes->sort_fs_themes();
$default_theme = get_default_theme();
$db_themes = $themes->get_db_themes();
@@ -81,47 +94,57 @@
}
}
$options[] = '';
$options[] = '----- '.l10n('Active Themes').' -----';
$options[] = '';
$active_theme_options = array();
foreach ($active_themes as $theme)
{
$value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
$options[$value] = (file_exists($value) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
$label = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
if ($default_theme == $theme['id'])
{
$options[$value].= ' ('.l10n('default').')';
$label.= ' ('.l10n('default').')';
}
$active_theme_options[$theme['id']] = $label;
if ($edited_file == $value)
if ($theme['id'] == $page['theme'])
{
$selected = $value;
$selected = $theme['id'];
}
}
$options[] = '';
$options[] = '----- '.l10n('Inactive Themes').' -----';
$options[] = '';
if (count($active_theme_options) > 0)
{
$options[l10n('Active Themes')] = $active_theme_options;
}
$inactive_theme_options = array();
foreach ($inactive_themes as $theme)
{
$value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
$options[$value] = (file_exists($value) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
$inactive_theme_options[$theme['id']] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
if ($edited_file == $value)
if ($theme['id'] == $page['theme'])
{
$selected = $value;
$selected = $theme['id'];
}
}
$template->assign('css_lang_tpl', array(
'OPTIONS' => $options,
'SELECTED' => $selected
)
if (count($inactive_theme_options) > 0)
{
$options[l10n('Inactive Themes')] = $inactive_theme_options;
}
$template->assign(
'css_lang_tpl',
array(
'SELECT_NAME' => 'theme_select',
'OPTIONS' => $options,
'SELECTED' => $selected
)
);
$codemirror_mode = 'text/css';
?>
@@ -1,32 +1,46 @@
<?php
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
$edited_file = isset($_POST['edited_file']) ? $_POST['edited_file'] : '';
$content_file = '';
$languages = get_languages();
if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit']))
if (isset($_POST['edit']))
{
$edited_file = $_POST['file_to_edit'];
if (file_exists($edited_file))
{
$content_file = file_get_contents($edited_file);
}
else
{
$content_file = "<?php\n\n/* ".l10n('locfiledit_newfile')." */\n\n\n\n\n?>";
}
$_POST['language'] = $_POST['language_select'];
}
if (isset($_POST['language']))
{
$page['language'] = $_POST['language'];
}
if (!isset($page['language']) or !in_array($page['language'], array_keys($languages)))
{
$page['language'] = get_default_language();
}
$selected = 0;
$options[] = l10n('locfiledit_choose_file');
$options[] = '----------------------';
$template->assign('language', $page['language']);
$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$page['language'].'.lang.php';;
if (file_exists($edited_file))
{
$content_file = file_get_contents($edited_file);
}
else
{
$content_file = "<?php\n\n/* ".l10n('locfiledit_newfile')." */\n\n\n\n\n?>";
}
$selected = 0;
foreach (get_languages() as $language_code => $language_name)
{
$value = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$language_code.'.lang.php';
if ($edited_file == $value)
$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$language_code.'.lang.php';
$options[$language_code] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$language_name;
if ($page['language'] == $language_code)
{
$selected = $value;
$selected = $language_code;
$template->assign('show_default', array(
array(
'URL' => LOCALEDIT_PATH.'show_default.php?file=language/'.$language_code.'/common.lang.php',
@@ -39,10 +53,12 @@
)
);
}
$options[$value] = $language_name;
}
$template->assign('css_lang_tpl', array(
$template->assign(
'css_lang_tpl',
array(
'SELECT_NAME' => 'language_select',
'OPTIONS' => $options,
'SELECTED' => $selected
)
@@ -1,21 +1,34 @@
<?php
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
$edited_file = isset($_POST['edited_file']) ? $_POST['edited_file'] : '';
$content_file = '';
$edited_file = '';
if ((isset($_POST['edit'])) and !is_numeric($_POST['file_to_edit']))
if (isset($_POST['edit']))
{
$edited_file = $_POST['file_to_edit'];
if (file_exists($edited_file))
$_POST['template'] = $_POST['file_to_edit'];
}
if (!empty($_POST['template']))
{
if (preg_match('#\.\./#', $_POST['template']))
{
$content_file = file_get_contents($edited_file);
die('Hacking attempt! template extension must be in template-extension directory');
}
else
if (!preg_match('#\.tpl$#', $_POST['template']))
{
$content_file = '';
die('Hacking attempt! template extension must be a *.tpl file');
}
$template->assign('template', $_POST['template']);
$edited_file = './template-extension/'.$_POST['template'];
}
$content_file = '';
if (file_exists($edited_file))
{
$content_file = file_get_contents($edited_file);
}
$newfile_page = isset($_GET['newfile']);
@@ -50,6 +63,7 @@
}
else
{
$template->assign('template', $filename);
$edited_file = $_POST['tpl_parent'] . '/' . $filename;
$content_file = ($_POST['tpl_model'] == '0') ? '' : file_get_contents($_POST['tpl_model']);
}
@@ -117,7 +131,7 @@
$options[] = '----------------------';
foreach (get_extents() as $pwg_template)
{
$value = './template-extension/' . $pwg_template;
$value = $pwg_template;
$options[$value] = str_replace('/', ' / ', $pwg_template);
if ($edited_file == $value) $selected = $value;
}
@@ -126,13 +140,16 @@
$options[$edited_file] = str_replace(array('./template-extension/', '/'), array('', ' / '), $edited_file);
$selected = $edited_file;
}
$template->assign('css_lang_tpl', array(
'OPTIONS' => $options,
'SELECTED' => $selected,
'NEW_FILE_URL' => $my_base_url.'-tpl&amp;newfile',
'NEW_FILE_CLASS' => empty($edited_file) ? '' : 'top_right'
)
);
$template->assign(
'css_lang_tpl',
array(
'SELECT_NAME' => 'file_to_edit',
'OPTIONS' => $options,
'SELECTED' => $selected,
'NEW_FILE_URL' => $my_base_url.'-tpl&amp;newfile',
'NEW_FILE_CLASS' => empty($edited_file) ? '' : 'top_right'
)
);
}
$codemirror_mode = 'text/html';
@@ -30,7 +30,18 @@ if (document.getElementById("text") != null)

<div id="LocalFilesEditor">

<input type="hidden" value="{$zone_edit.EDITED_FILE}" name="edited_file"/>
{if isset($theme)}
<input type="hidden" value="{$theme}" name="theme">
{/if}

{if isset($language)}
<input type="hidden" value="{$language}" name="language">
{/if}

{if isset($template)}
<input type="hidden" value="{$template}" name="template">
{/if}


{if isset ($create_tpl)}
<table>
@@ -52,20 +63,18 @@ if (document.getElementById("text") != null)
{/if}

{if isset ($css_lang_tpl)}
<select name="file_to_edit">
{foreach from=$css_lang_tpl.OPTIONS item=theme key=value}
<option value="{$value}" {if $value == $css_lang_tpl.SELECTED}selected="selected"{/if} {if is_numeric($value)}disabled="disabled"{/if}>{$theme}</option>
{/foreach}
<select name="{$css_lang_tpl.SELECT_NAME}">
{html_options options=$css_lang_tpl.OPTIONS selected=$css_lang_tpl.SELECTED}
</select>


<input class="submit" type="submit" value="{'locfiledit_edit'|@translate}" name="edit" />
<br><br>
{if isset ($css_lang_tpl.NEW_FILE_URL)}
<span class="{$css_lang_tpl.NEW_FILE_CLASS}">
<a href="{$css_lang_tpl.NEW_FILE_URL}">{'locfiledit_new_tpl'|@translate}</a>
</span>
{/if}
{/if}

{if isset ($css_lang_tpl.NEW_FILE_URL)}
<span class="{$css_lang_tpl.NEW_FILE_CLASS}">
<a href="{$css_lang_tpl.NEW_FILE_URL}">{'locfiledit_new_tpl'|@translate}</a>
</span>
{/if}

{if isset ($zone_edit)}

0 comments on commit 8a7952a

Please sign in to comment.