Permalink
Browse files

Now everything in files/index.php is using sesskey.

Patch submmited by skodak.
  • Loading branch information...
1 parent 20f961f commit e674aa8ba89a609fc3609d6ab20616f78c96a04c stronk7 committed Oct 24, 2004
Showing with 25 additions and 27 deletions.
  1. +25 −27 files/index.php
View
@@ -9,10 +9,14 @@
require("../config.php");
- $id = required_param('id', PARAM_INT);
- $file = optional_param('file', '');
- $wdir = optional_param('wdir', '');
- $action = optional_param('action', '');
+ global $USER;
+
+ $id = required_param('id', PARAM_INT);
+ $file = optional_param('file', '', PARAM_PATH);
+ $wdir = optional_param('wdir', '', PARAM_PATH);
+ $action = optional_param('action', '', PARAM_ACTION);
+ $name = optional_param('name', '', PARAM_FILE);
+ $oldname = optional_param('oldname', '', PARAM_FILE);
if (! $course = get_record("course", "id", $id) ) {
error("That's an invalid course id");
@@ -114,7 +118,7 @@ function html_header($course, $wdir, $formfield=""){
} else {
$save = false;
}
- if (!empty($save)) {
+ if (!empty($save) and confirm_sesskey()) {
if (!is_uploaded_file($userfile['tmp_name']) or $userfile['size'] == 0) {
notify(get_string("uploadnofilefound"));
} else {
@@ -150,6 +154,7 @@ function html_header($course, $wdir, $formfield=""){
echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
echo " <INPUT TYPE=hidden NAME=action VALUE=upload>";
+ echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo " <INPUT NAME=\"userfile\" TYPE=\"file\" size=\"60\">";
echo " </TD><TR><TD WIDTH=10>";
echo " <INPUT TYPE=submit NAME=save VALUE=\"$struploadthisfile\">";
@@ -167,7 +172,7 @@ function html_header($course, $wdir, $formfield=""){
break;
case "delete":
- if (!empty($confirm)) {
+ if (!empty($confirm) and confirm_sesskey()) {
html_header($course, $wdir);
foreach ($USER->filelist as $file) {
$fullfile = $basedir.$file;
@@ -188,7 +193,7 @@ function html_header($course, $wdir, $formfield=""){
print_simple_box_end();
echo "<br />";
notice_yesno (get_string("deletecheckfiles"),
- "index.php?id=$id&wdir=$wdir&action=delete&confirm=1",
+ "index.php?id=$id&wdir=$wdir&action=delete&confirm=1&amp;sesskey=$USER->sesskey",
"index.php?id=$id&wdir=$wdir&action=cancel");
} else {
displaydir($wdir);
@@ -228,10 +233,9 @@ function html_header($course, $wdir, $formfield=""){
break;
case "rename":
- if (!empty($name)) {
+ if (!empty($name) and confirm_sesskey()) {
html_header($course, $wdir);
- $name = clean_filename($name);
- $oldname = clean_filename($oldname);
+ $name = clean_filename($name);
if (file_exists($basedir.$wdir."/".$name)) {
echo "Error: $name already exists!";
} else if (!rename($basedir.$wdir."/".$oldname, $basedir.$wdir."/".$name)) {
@@ -252,6 +256,7 @@ function html_header($course, $wdir, $formfield=""){
echo " <INPUT TYPE=hidden NAME=action VALUE=rename>";
echo " <INPUT TYPE=hidden NAME=oldname VALUE=\"$file\">";
echo " <INPUT TYPE=text NAME=name SIZE=35 VALUE=\"$file\">";
+ echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo " <INPUT TYPE=submit VALUE=\"$strrename\">";
echo "</FORM>";
echo "</TD><TD>";
@@ -267,7 +272,7 @@ function html_header($course, $wdir, $formfield=""){
break;
case "mkdir":
- if (!empty($name)) {
+ if (!empty($name) and confirm_sesskey()) {
html_header($course, $wdir);
$name = clean_filename($name);
if (file_exists("$basedir$wdir/$name")) {
@@ -289,6 +294,7 @@ function html_header($course, $wdir, $formfield=""){
echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
echo " <INPUT TYPE=hidden NAME=action VALUE=mkdir>";
echo " <INPUT TYPE=text NAME=name SIZE=35>";
+ echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo " <INPUT TYPE=submit VALUE=\"$strcreate\">";
echo "</FORM>";
echo "</TD><TD>";
@@ -355,7 +361,7 @@ function html_header($course, $wdir, $formfield=""){
break;
case "zip":
- if (!empty($name)) {
+ if (!empty($name) and confirm_sesskey()) {
html_header($course, $wdir);
$name = clean_filename($name);
@@ -387,6 +393,7 @@ function html_header($course, $wdir, $formfield=""){
echo " <INPUT TYPE=hidden NAME=wdir VALUE=\"$wdir\">";
echo " <INPUT TYPE=hidden NAME=action VALUE=zip>";
echo " <INPUT TYPE=text NAME=name SIZE=35 VALUE=\"new.zip\">";
+ echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo " <INPUT TYPE=submit VALUE=\"".get_string("createziparchive")."\">";
echo "</FORM>";
echo "</TD><TD>";
@@ -407,7 +414,7 @@ function html_header($course, $wdir, $formfield=""){
case "unzip":
html_header($course, $wdir);
- if (!empty($file)) {
+ if (!empty($file) and confirm_sesskey()) {
$strok = get_string("ok");
$strunpacking = get_string("unpacking", "", $file);
@@ -434,7 +441,7 @@ function html_header($course, $wdir, $formfield=""){
case "listzip":
html_header($course, $wdir);
- if (!empty($file)) {
+ if (!empty($file) and confirm_sesskey()) {
$strname = get_string("name");
$strsize = get_string("size");
$strmodified = get_string("modified");
@@ -481,7 +488,7 @@ function html_header($course, $wdir, $formfield=""){
case "restore":
html_header($course, $wdir);
- if (!empty($file)) {
+ if (!empty($file) and confirm_sesskey()) {
echo "<p align=center>".get_string("youaregoingtorestorefrom").":</p>";
print_simple_box_start("center");
echo $file;
@@ -511,14 +518,6 @@ function html_header($course, $wdir, $formfield=""){
/// FILE FUNCTIONS ///////////////////////////////////////////////////////////
-function approvefile($p_event, &$p_header){
- if (detect_munged_arguments($p_header['filename'], 0)) {
- return 0; // do not extract file!!
- } else {
- return 1;
- }
-}
-
function fulldelete($location) {
if (is_dir($location)) {
$currdir = opendir($location);
@@ -561,7 +560,6 @@ function setfilelist($VARS) {
foreach ($VARS as $key => $val) {
if (substr($key,0,4) == "file") {
$count++;
- $val = rawurldecode($val);
if (!detect_munged_arguments($val, 0)) {
$USER->filelist[] = rawurldecode($val);
}
@@ -729,10 +727,10 @@ function displaydir ($wdir) {
if ($icon == "text.gif" || $icon == "html.gif") {
$edittext = "<a href=\"index.php?id=$id&wdir=$wdir&file=$fileurl&action=edit\">$stredit</a>";
} else if ($icon == "zip.gif") {
- $edittext = "<a href=\"index.php?id=$id&wdir=$wdir&file=$fileurl&action=unzip\">$strunzip</a>&nbsp;";
- $edittext .= "<a href=\"index.php?id=$id&wdir=$wdir&file=$fileurl&action=listzip\">$strlist</a> ";
+ $edittext = "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=unzip&amp;sesskey=$USER->sesskey\">$strunzip</a>&nbsp;";
+ $edittext .= "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=listzip&amp;sesskey=$USER->sesskey\">$strlist</a> ";
if (!empty($CFG->backup_version) and isteacheredit($id)) {
- $edittext .= "<a href=\"index.php?id=$id&wdir=$wdir&file=$filesafe&action=restore\">$strrestore</a> ";
+ $edittext .= "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$filesafe&amp;action=restore&amp;sesskey=$USER->sesskey\">$strrestore</a> ";
}
} else {
$edittext = "";

0 comments on commit e674aa8

Please sign in to comment.