From 83fa1948c2a1e8ee37593e199a0dd6f3565119cc Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Tue, 15 Nov 2005 18:20:15 +0000
Subject: [PATCH] XSS prevention in older PHP versions SC#190

---
 admin/phpinfo.php | 35 ++++++++++++++++++++---------------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/admin/phpinfo.php b/admin/phpinfo.php
index b8265bbaa1c29..a71cdee7a938a 100644
--- a/admin/phpinfo.php
+++ b/admin/phpinfo.php
@@ -3,32 +3,37 @@
 
     require_once("../config.php");
 
+    $topframe    = optional_param('topframe', false, PARAM_BOOL);
+    $bottomframe = optional_param('bottomframe', false, PARAM_BOOL);
+
     require_login();
 
     if (!isadmin()) {
         error("Only the admin can use this page");
     }
 
-    if (isset($topframe)) {
+    if (!$topframe && !$bottomframe) {
+        ?>
+
+        <head>
+        <title>PHP info</title>
+        </head>
+
+        <frameset rows="80,*">
+           <frame src="phpinfo.php?topframe=true&amp;sesskey=<?php echo $USER->sesskey ?>">
+           <frame src="phpinfo.php?bottomframe=true&amp;sesskey=<?php echo $USER->sesskey ?>">
+        </frameset>
+
+        <?php
+    } else if ($topframe && confirm_sesskey()) {
         $stradministration = get_string("administration");
         $site = get_site();
-    
-        print_header("$site->shortname: phpinfo", "$site->fullname", 
+
+        print_header("$site->shortname: phpinfo", "$site->fullname",
                      "<a target=\"$CFG->framename\" href=\"index.php\">$stradministration</a> -> PHP info");
         exit;
-    }
-
-    if (isset($bottomframe)) {
+    } else if ($bottomframe && confirm_sesskey()) {
         phpinfo();
         exit;
     }
-
 ?>
-<head>
-<title>PHP info</title>
-</head>
-
-<frameset rows="80,*">
-   <frame src="phpinfo.php?topframe=true">
-   <frame src="phpinfo.php?bottomframe=true">
-</frameset>