Permalink
Browse files

[#15440423] Fix several XSS vectors

  • Loading branch information...
1 parent 63e7726 commit bbf98e8e654a10ddd35a62b0e8ad010ea14a55d1 @ctfliblime ctfliblime committed Jul 7, 2011
Showing with 37 additions and 14 deletions.
  1. +3 −1 opac/opac-addbybiblionumber.pl
  2. +10 −6 opac/opac-downloadshelf.pl
  3. +9 −3 opac/opac-review.pl
  4. +7 −3 opac/opac-sendshelf.pl
  5. +8 −1 opac/opac-serial-issues.pl
@@ -128,9 +128,11 @@ sub AddBibliosToShelf {
my @biblios;
for my $bib (@biblionumber) {
+ $bib =~ s/[^\d]//g;
my $data = GetBiblioData( $bib );
+ next if !$data;
push(@biblios,
- { biblionumber => $bib,
+ { biblionumber => $data->{'biblionumber'},
title => $data->{'title'},
author => $data->{'author'},
} );
View
@@ -32,8 +32,8 @@
use C4::Record;
use C4::Ris;
use C4::Csv;
-use utf8;
-my $query = new CGI;
+
+my $query = CGI->new();
my ( $template, $borrowernumber, $cookie ) = get_template_and_user (
{
@@ -46,13 +46,17 @@
);
my $shelfid = $query->param('shelfid');
+$shelfid =~ s/[^\d]//g;
my $format = $query->param('format');
-my $dbh = C4::Context->dbh;
-if ($shelfid && $format) {
+my @shelf = GetShelf($shelfid);
+if (! @shelf) {
+ print $query->redirect('/cgi-bin/koha/errors/404.pl');
+ exit;
+}
- my @shelf = GetShelf($shelfid);
- my ($items, $totitems) = GetShelfContents($shelfid);
+if ($shelfid && $format) {
+ my ($items, undef) = GetShelfContents($shelfid);
my $marcflavour = C4::Context->preference('marcflavour');
my $output;
View
@@ -28,9 +28,16 @@
use C4::Scrubber;
use C4::Debug;
-my $query = new CGI;
+my $query = CGI->new();
my $biblionumber = $query->param('biblionumber');
-my $review = $query->param('review');
+$biblionumber =~ s/[^\d]//g;
+my $biblio = GetBiblioData($biblionumber);
+if (!$biblio) {
+ print $query->redirect('/cgi-bin/koha/errors/404.pl');
+ exit;
+}
+
+my $review = $query->param('review');
my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
template_name => "opac-review.tmpl",
@@ -42,7 +49,6 @@
# FIXME: need to allow user to delete their own comment(s)
-my $biblio = GetBiblioData($biblionumber);
my $savedreview = getreview($biblionumber,$borrowernumber);
my ($clean, @errors);
if (defined $review) {
View
@@ -45,9 +45,14 @@
);
my $shelfid = $query->param('shelfid');
-my $email = $query->param('email');
+$shelfid =~ s/[^\d]//g;
+my @shelf = GetShelf($shelfid);
+if (! @shelf) {
+ print $query->redirect('/cgi-bin/koha/errors/404.pl');
+ exit;
+}
-my $dbh = C4::Context->dbh;
+my $email = $query->param('email');
if ( $email ) {
my $email_from = C4::Context->preference('KohaAdminEmailAddress');
@@ -68,7 +73,6 @@
}
);
- my @shelf = GetShelf($shelfid);
my ($items, $totitems) = GetShelfContents($shelfid);
my $marcflavour = C4::Context->preference('marcflavour');
my $iso2709;
@@ -32,7 +32,7 @@
use C4::Context;
-my $query = new CGI;
+my $query = CGI->new();
my $op = $query->param('op');
my $dbh = C4::Context->dbh;
my $selectview = $query->param('selectview');
@@ -43,6 +43,13 @@
# my $id;
my ( $template, $loggedinuser, $cookie );
my $biblionumber = $query->param('biblionumber');
+$biblionumber =~ s/[^\d]//g;
+my $biblio = GetBiblioData($biblionumber);
+if (!$biblio) {
+ print $query->redirect('/cgi-bin/koha/errors/404.pl');
+ exit;
+}
+
if ( $selectview eq "full" ) {
( $template, $loggedinuser, $cookie ) = get_template_and_user(
{

0 comments on commit bbf98e8

Please sign in to comment.