Skip to content

Commit

Permalink
Merge branch 'dev-3-security' into dev-3
Browse files Browse the repository at this point in the history
  • Loading branch information
ryuring committed Sep 28, 2016
2 parents ebf6ef1 + 8469208 commit 02ca6c6
Show file tree
Hide file tree
Showing 45 changed files with 1,071 additions and 563 deletions.
84 changes: 83 additions & 1 deletion lib/Baser/Controller/BcAppController.php
Original file line number Diff line number Diff line change
Expand Up @@ -262,10 +262,16 @@ public function beforeFilter() {
// TODO 管理画面は送信データチェックを行わない(全て対応させるのは大変なので暫定処置)
if (!empty($this->request->params['admin'])) {
$this->Security->validatePost = false;
$this->Security->csrfCheck = false;
$corePlugins = Configure::read('BcApp.corePlugins');
if(BC_INSTALLED && (!$this->plugin || in_array($this->plugin, $corePlugins))) {
$this->Security->csrfCheck = true;
} else {
$this->Security->csrfCheck = false;
}
}

if (!BC_INSTALLED || Configure::read('BcRequest.isUpdater')) {
$this->Security->validatePost = false;
return;
}

Expand Down Expand Up @@ -427,6 +433,9 @@ public function beforeFilter() {
$this->Security->requireSecure = $adminSslMethods;
}
}

$this->_isRequireCheckSubmitToken();

}

/**
Expand Down Expand Up @@ -1557,4 +1566,77 @@ public function dispatchEvent($name, $params = array(), $options = array()) {
return BcEventDispatcher::dispatch($name, $this, $params, $options);
}

/**
* Token の key を取得
*
* @return string
*/
public function admin_ajax_get_token() {
$this->autoRender = false;
return $this->request->params['_Token']['key'];
}

/**
* リクエストメソッドとトークンをチェックする
*
* - GETでのアクセスの場合 not found
* - トークンが送信されていない場合 not found
*/
protected function _checkSubmitToken() {
if(strtoupper($_SERVER['REQUEST_METHOD']) == 'GET' || empty($_POST['_Token']['key']) && empty($_POST['data']['_Token']['key'])) {
$this->notFound();
}
}

protected function _isRequireCheckSubmitToken() {
if($this->name == 'CakeError') {
return;
}
$controller = $this->request->params['controller'];
$action = $this->request->params['action'];
$requires = [
'dashboard' => ['admin_del'],
'editor_templates' => ['admin_delete', 'admin_ajax_delete'],
'pages' => ['admin_delete', 'admin_ajax_copy', 'admin_ajax_publish', 'admin_ajax_unpublish', 'admin_ajax_update_sort', 'admin_ajax_delete', 'admin_entry_page_files', 'admin_write_page_files'],
'page_categories' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy', 'admin_ajax_down', 'admin_ajax_up'],
'permissions' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy', 'admin_ajax_unpublish', 'admin_ajax_publish'],
'plugins' => ['admin_ajax_delete_file', 'admin_ajax_delete'],
'search_indices' => ['admin_ajax_delete'],
'site_configs' => ['admin_del_cache'],
'theme_files' => ['admin_del', 'admin_ajax_del', 'admin_copy_to_theme', 'admin_copy_folder_to_theme'],
'themes' => ['admin_reset_data', 'admin_ajax_copy', 'admin_ajax_delete', 'admin_del', 'admin_apply'],
'user_groups' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy'],
'users' => ['admin_ajax_delete', 'admin_delete'],
'widget_areas' => ['admin_ajax_delete', 'admin_delete', 'admin_del_widget'],
'blog_categories' => ['admin_ajax_delete', 'admin_delete'],
'blog_comments' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_unpublish', 'admin_ajax_publish'],
'blog_contents' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy'],
'blog_posts' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_unpublish', 'admin_ajax_publish', 'admin_ajax_copy'],
'blog_tags' => ['admin_delete', 'admin_ajax_delete'],
'feed_configs' => ['admin_ajax_delete', 'admin_delete', 'admin_delete_cache'],
'feed_details' => ['admin_ajax_delete', 'admin_delete'],
'mail_contents' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy'],
'mail_fields' => ['admin_ajax_delete', 'admin_delete', 'admin_ajax_copy', 'admin_ajax_unpublish', 'admin_ajax_publish'],
'mail_messages' => ['admin_ajax_delete', 'admin_delete'],
'uploader_categories' => ['admin_delete', 'admin_ajax_delete', 'admin_ajax_copy'],
'uploader_files' => ['admin_delete'],
'menus' => ['admin_delete', 'admin_ajax_delete'],
];
if($controller == 'tools' && $action == 'admin_log' && $this->request->params['pass'][0] == 'delete') {
$this->_checkSubmitToken();
} elseif($action == 'admin_ajax_batch') {
$this->_checkSubmitToken();
}

foreach($requires as $checkController => $checkActions) {
foreach($checkActions as $checkAction) {
if($controller == $checkController && $action == $checkAction) {
$this->_checkSubmitToken();
break;
}
}
}
}


}
34 changes: 0 additions & 34 deletions lib/Baser/Plugin/Blog/Controller/BlogCommentsController.php
Original file line number Diff line number Diff line change
Expand Up @@ -230,40 +230,6 @@ protected function _del($id = null) {
}
}

/**
* [ADMIN] 削除処理
*
* @param int $blogContentId
* @param int $blogPostId
* @param int $id
* @return void
* @access public
*/
public function admin_delete($blogContentId, $blogPostId, $id = null) {
/* 除外処理 */
if (!$blogContentId || !$id) {
$this->notFound();
}

/* 削除処理 */
if ($this->BlogComment->delete($id)) {
if (isset($this->blogPost['BlogPost']['name'])) {
$message = '記事「' . $this->blogPost['BlogPost']['name'] . '」へのコメントを削除しました。';
} else {
$message = '記事「' . $this->blogContent['BlogContent']['title'] . '」へのコメントを削除しました。';
}
$this->setMessage($message, false, true);
} else {
$this->setMessage('データベース処理中にエラーが発生しました。', true);
}

if ($blogPostId) {
$this->redirect(array('action' => 'index', $blogContentId, $blogPostId));
} else {
$this->redirect(array('action' => 'index', $blogContentId));
}
}

/**
* [ADMIN] 無効状態にする(AJAX)
*
Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Blog/View/BlogCategories/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php
$this->BcBaser->link('削除', array('action' => 'delete', $blogContent['BlogContent']['id'], $this->BcForm->value('BlogCategory.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogCategory.name')), false);
$this->BcBaser->link('削除', array('action' => 'delete', $blogContent['BlogContent']['id'], $this->BcForm->value('BlogCategory.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogCategory.name')), false);
?>
<?php endif ?>
</div>
Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Blog/View/BlogContents/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -290,7 +290,7 @@
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('BlogContent.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogContent.title')), false);
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('BlogContent.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogContent.title')), false);
?>
<?php endif ?>
</div>
Expand Down
120 changes: 65 additions & 55 deletions lib/Baser/Plugin/Blog/View/BlogPosts/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -94,32 +94,37 @@
if(!$("#BlogTagName").val()) {
return false;
}
$.ajax({
type: "POST",
url: $("#AddTagUrl").html(),
data: {'data[BlogTag][name]': $("#BlogTagName").val()},
dataType: 'html',
beforeSend: function() {
$("#BtnAddBlogTag").attr('disabled', 'disabled');
$("#TagLoader").show();
},
success: function(result){
if(result) {
$("#BlogTags").append(result);
$("#BlogTagName").val('');
} else {
alert('ブログタグの追加に失敗しました。既に登録されていないか確認してください。');
$.bcToken.check(function(){
$.ajax({
type: "POST",
url: $("#AddTagUrl").html(),
data: {
'data[BlogTag][name]': $("#BlogTagName").val(),
'data[_Token][key]': $.bcToken.key
},
dataType: 'html',
beforeSend: function() {
$("#BtnAddBlogTag").attr('disabled', 'disabled');
$("#TagLoader").show();
},
success: function(result){
if(result) {
$("#BlogTags").append(result);
$("#BlogTagName").val('');
} else {
alert('ブログタグの追加に失敗しました。既に登録されていないか確認してください。');
}
},
error: function(){
alert('ブログタグの追加に失敗しました。');
},
complete: function(xhr, textStatus) {
$("#BtnAddBlogTag").removeAttr('disabled');
$("#TagLoader").hide();
$("#BlogTags").effect("highlight",{},1500);
}
},
error: function(){
alert('ブログタグの追加に失敗しました。');
},
complete: function(xhr, textStatus) {
$("#BtnAddBlogTag").removeAttr('disabled');
$("#TagLoader").hide();
$("#BlogTags").effect("highlight",{},1500);
}
});
});
}, {loaderType: 'target', loaderSelector: '#TagLoader', hideLoader: false});
return false;
});
/**
Expand All @@ -130,36 +135,41 @@
if(!category) {
return false;
}
$.ajax({
type: "POST",
url: $("#AddBlogCategoryUrl").html(),
data: {'data[BlogCategory][name]': category},
dataType: 'script',
beforeSend: function() {
$("#BtnAddBlogCategory").attr('disabled', 'disabled');
$("#BlogCategoryLoader").show();
},
success: function(result){
if(result) {
$("#BlogPostBlogCategoryId").append($('<option />').val(result).html(category));
$("#BlogPostBlogCategoryId").val(result);
} else {
alert('ブログカテゴリの追加に失敗しました。既に登録されていないか確認してください。');
$.bcToken.check(function(){
$.ajax({
type: "POST",
url: $("#AddBlogCategoryUrl").html(),
data: {
'data[BlogCategory][name]': category,
'data[_Token][key]': $.bcToken.key
},
dataType: 'script',
beforeSend: function() {
$("#BtnAddBlogCategory").attr('disabled', 'disabled');
$("#BlogCategoryLoader").show();
},
success: function(result){
if(result) {
$("#BlogPostBlogCategoryId").append($('<option />').val(result).html(category));
$("#BlogPostBlogCategoryId").val(result);
} else {
alert('ブログカテゴリの追加に失敗しました。既に登録されていないか確認してください。');
}
},
error: function(XMLHttpRequest, textStatus){
if(XMLHttpRequest.responseText) {
alert('ブログカテゴリの追加に失敗しました。\n\n' + XMLHttpRequest.responseText);
} else {
alert('ブログカテゴリの追加に失敗しました。\n\n' + XMLHttpRequest.statusText);
}
},
complete: function(xhr, textStatus) {
$("#BtnAddBlogCategory").removeAttr('disabled');
$("#BlogCategoryLoader").hide();
$("#BlogPostBlogCategoryId").effect("highlight",{},1500);
}
},
error: function(XMLHttpRequest, textStatus){
if(XMLHttpRequest.responseText) {
alert('ブログカテゴリの追加に失敗しました。\n\n' + XMLHttpRequest.responseText);
} else {
alert('ブログカテゴリの追加に失敗しました。\n\n' + XMLHttpRequest.statusText);
}
},
complete: function(xhr, textStatus) {
$("#BtnAddBlogCategory").removeAttr('disabled');
$("#BlogCategoryLoader").hide();
$("#BlogPostBlogCategoryId").effect("highlight",{},1500);
}
});
});
}, {loaderType: 'target', loaderSelector: '#BlogCategoryLoader', hideLoader: false});
return false;
});
});
Expand Down Expand Up @@ -341,7 +351,7 @@
<?php endif ?>
<?php echo $this->BcForm->button('保存前確認', array('div' => false, 'class' => 'button', 'id' => 'BtnPreview')) ?>
<?php if ($editable): ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $blogContent['BlogContent']['id'], $this->BcForm->value('BlogPost.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogPost.name')), false); ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $blogContent['BlogContent']['id'], $this->BcForm->value('BlogPost.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogPost.name')), false); ?>
<?php endif ?>
<?php endif ?>
</div>
Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Blog/View/BlogTags/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('BlogTag.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogTag.name')), false);
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('BlogTag.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('BlogTag.name')), false);
?>
<?php endif ?>
</div>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
<li><?php $this->BcBaser->link('フィード設定一覧', array('action' => 'index')) ?></li>
<li><?php $this->BcBaser->link('フィード設定新規追加', array('action' => 'add')) ?></li>
<?php if ($this->params['controller'] == 'feed_configs' && $this->action == 'admin_index'): ?>
<li><?php $this->BcBaser->link('フィードキャッシュ削除', array('action' => 'delete_cache'), null, 'フィードのキャッシュを削除します。いいですか?') ?></li>
<li><?php $this->BcBaser->link('フィードキャッシュ削除', array('action' => 'delete_cache'), array('class' => 'submit-token'), 'フィードのキャッシュを削除します。いいですか?') ?></li>
<?php endif ?>
</ul>
</td>
Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Feed/View/FeedConfigs/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@
<div class="submit">
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('FeedConfig.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('FeedConfig.name')), false); ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('FeedConfig.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('FeedConfig.name')), false); ?>
<?php endif ?>
</div>

Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Feed/View/FeedDetails/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@
<div class="submit">
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('FeedConfig.id'), $this->BcForm->value('FeedDetail.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('FeedConfig.name')), false); ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('FeedConfig.id'), $this->BcForm->value('FeedDetail.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('FeedConfig.name')), false); ?>
<?php endif ?>
</div>

Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Mail/View/MailContents/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ function mailContentSender1ClickHandler(){
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('MailContent.id')), array('class' => 'button'), sprintf("%s を本当に削除してもいいですか?\n\n※ 現在このメールフォームに設定されているフィールドは全て削除されます。", $this->BcForm->value('MailContent.name')), false);
$this->BcBaser->link('削除', array('action' => 'delete', $this->BcForm->value('MailContent.id')), array('class' => 'submit-token button'), sprintf("%s を本当に削除してもいいですか?\n\n※ 現在このメールフォームに設定されているフィールドは全て削除されます。", $this->BcForm->value('MailContent.name')), false);
?>
<?php endif; ?>
</div>
Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Mail/View/MailFields/admin/form.php
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,7 @@
<div class="submit">
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php if ($this->action == 'admin_edit'): ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $mailContent['MailContent']['id'], $this->BcForm->value('MailField.id')), array('class' => 'button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('MailField.name')), false); ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $mailContent['MailContent']['id'], $this->BcForm->value('MailField.id')), array('class' => 'submit-token button'), sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('MailField.name')), false); ?>
<?php endif ?>
</div>

Expand Down
2 changes: 1 addition & 1 deletion lib/Baser/Plugin/Mail/View/MailMessages/admin/view.php
Original file line number Diff line number Diff line change
Expand Up @@ -66,5 +66,5 @@

<!-- button -->
<p class="submit">
<?php $this->BcBaser->link('削除', array('action' => 'delete', $mailContent['MailContent']['id'], $message['Message']['id']), array('class' => 'btn-gray button'), sprintf('受信メール NO「%s」を削除してもいいですか?', $message['Message']['id']), false); ?>
<?php $this->BcBaser->link('削除', array('action' => 'delete', $mailContent['MailContent']['id'], $message['Message']['id']), array('class' => 'submit-token btn-gray button'), sprintf('受信メール NO「%s」を削除してもいいですか?', $message['Message']['id']), false); ?>
</p>
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ public function admin_delete($id = null) {
// メッセージ用にデータを取得
$name = $this->UploaderCategory->field('name', array('UploaderCategory.id' => $id));

if($this->UploaderCategory->del($id)) {
if($this->UploaderCategory->delete($id)) {
$this->setMessage('アップロードファイルカテゴリ「'.$name.'」を削除しました。', false, true);
}else {
$this->setMessage('データベース処理中にエラーが発生しました。', true);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@
<?php echo $this->BcForm->submit('保存', array('div' => false, 'class' => 'button', 'id' => 'BtnSave')) ?>
<?php $this->BcBaser->link('削除',
array('action' => 'delete', $this->BcForm->value('UploaderFile.id')),
array('class' => 'button'),
array('class' => 'submit-token button'),
sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('UploaderFile.name')),
false); ?>
</div>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
<?php echo $this->BcForm->submit('更 新', array('div' => false, 'class' => 'button')) ?>
<?php $this->BcBaser->link('削 除',
array('action' => 'delete', $this->BcForm->value('UploaderCategory.id')),
array('class' => 'button'),
array('class' => 'submit-token button'),
sprintf('%s を本当に削除してもいいですか?', $this->BcForm->value('UploaderCategory.name')),
false); ?>
<?php endif ?>
Expand Down
Loading

0 comments on commit 02ca6c6

Please sign in to comment.