/ - Diff - WB 2.11.0 - Tracking

« Previous | Next »

Revision 4

Added by Manuela almost 7 years ago

install:: security issue fixed. Now save.php only can be called from form inside index.php

branches/main/admin/interface/version.php
48	48
49	49	// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
50	50	if(!defined('VERSION')) { define('VERSION', '2.10.1-dev'); }
51		if(!defined('REVISION')) { define('REVISION', '103'); }
	51	if(!defined('REVISION')) { define('REVISION', '4'); }
52	52	if(!defined('SP')) { define('SP', ''); }
53	53

+     *
      */
     //    $aNumber = str_split(strrev('ZZZZ'));
     //    $aToBase = str_split('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
     //    $iResult = 0;
     //    for ($i = 0; $i < sizeof($aNumber); $i++) {
     //        $iResult += array_search($aNumber[$i], $aToBase) * (sizeof($aToBase) ** $i);
     //    }
     /**
      * create a new 4-digit secure token
      * @return string
      */
         function getNewToken()
+        {
             $aToBase = str_split('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
             $iToBaseLen = sizeof($aToBase);
             shuffle($aToBase);
             $iNumber = rand(238328, 14776335);
             $sRetval = '';
             while ($iNumber != 0) {
                 $sRetval = $aToBase[($iNumber % $iToBaseLen)].$sRetval;
                 $iNumber = intval($iNumber / $iToBaseLen);
+            }
             return $sRetval;
+        }
     /**
      * highlight input fields which contain wrong/missing data
      * @param string $field_name
      * @return string
      */
         function field_error($field_name='') {
             if(!defined('SESSION_STARTED') || $field_name == '') return;
             if(isset($_SESSION['ERROR_FIELD']) && $_SESSION['ERROR_FIELD'] == $field_name) {
                 return ' class="wrong"';
+            }
+        }
     // Start a session
     if (version_compare(PHP_VERSION, '5.6', '<')) { die('Sorry, at last PHP-5.6 required !!'); }
     if(!defined('SESSION_STARTED')) {
-...
         $sScriptPath = str_replace('\\', '/', ($_SERVER['SCRIPT_FILENAME']));
         $sScriptUrl = $sUrl.str_replace($wb_path, '', $sScriptPath);
     // Function to highlight input fields which contain wrong/missing data
     function field_error($field_name='') {
         if(!defined('SESSION_STARTED') || $field_name == '') return;
         if(isset($_SESSION['ERROR_FIELD']) && $_SESSION['ERROR_FIELD'] == $field_name) {
             return ' class="wrong"';
+        }
+    }
     $installFlag = true;
     // Check if the page has been reloaded
-...
             $session_support = '<span class="bad">Disabled</span>';
+        }
+    }
     // create security tokens
         $aToken = [getNewToken(), getNewToken()];
         $_SESSION['token'] = ['name' => $aToken[0], 'value' => $aToken[1]];
     // Check if AddDefaultCharset is set
     $e_adc=false;
     $sapi=php_sapi_name();
-...
     <title>WebsiteBaker Installation Wizard</title>
     <link href="stylesheet.css" rel="stylesheet" type="text/css" />
     <script>
     function confirm_link(message, url) {
         if(confirm(message)) location.href = url;
+    }
     function change_os(type) {
         if(type == 'linux') {
             document.getElementById('operating_system_linux').checked = true;
             document.getElementById('operating_system_windows').checked = false;
             document.getElementById('file_perms_box').style.display = 'none';
         } else if(type == 'windows') {
             document.getElementById('operating_system_linux').checked = false;
             document.getElementById('operating_system_windows').checked = true;
             document.getElementById('file_perms_box').style.display = 'none';
         function confirm_link(message, url) {
             if(confirm(message)) location.href = url;
+        }
+    }
         function change_os(type) {
             if(type == 'linux') {
                 document.getElementById('operating_system_linux').checked = true;
                 document.getElementById('operating_system_windows').checked = false;
                 document.getElementById('file_perms_box').style.display = 'none';
             } else if(type == 'windows') {
                 document.getElementById('operating_system_linux').checked = false;
                 document.getElementById('operating_system_windows').checked = true;
                 document.getElementById('file_perms_box').style.display = 'none';
+            }
+        }
     </script>
     </head>
     <body>
-...
         <input type="hidden" name="username_fieldname" value="admin_username" />
         <input type="hidden" name="password_fieldname" value="admin_password" />
         <input type="hidden" name="remember" id="remember" value="true" />
         <input type="hidden" name="<?php echo $aToken[0]; ?>" value="<?php echo $aToken[1]; ?>" />
             <div class="welcome">
                 Welcome to the WebsiteBaker Installation Wizard.
             </div>

+     *
      */
     $debug = false;
     if (true === $debug) {
         ini_set('display_errors', 1);
         error_reporting(E_ALL);
+    }
     // Start a session
     if (!defined('SESSION_STARTED')) {
         session_name('wb-installer');
         session_start();
         define('SESSION_STARTED', true);
+    }
     // get random-part for session_name()
     list($usec,$sec) = explode(' ',microtime());
     srand((float)$sec+((float)$usec*100000));
     $session_rand = rand(1000,9999);
     // Function to set error
     function set_error($message, $field_name = '') {
     //    global $_POST;
         if (isset($message) AND $message != '') {
             // Copy values entered into session so user doesn't have to re-enter everything
             if (isset($_POST['website_title'])) {
                 $_SESSION['wb_url'] = $_POST['wb_url'];
                 $_SESSION['default_timezone'] = $_POST['default_timezone'];
                 $_SESSION['default_language'] = $_POST['default_language'];
                 if (!isset($_POST['operating_system'])) {
                     $_SESSION['operating_system'] = 'linux';
                 } else {
                     $_SESSION['operating_system'] = $_POST['operating_system'];
         function set_error($message, $field_name = '') {
         //    global $_POST;
             if (isset($message) AND $message != '') {
                 // first clean session before fill up with values to remember
                 $_SESSION = [];
                 // Copy values entered into session so user doesn't have to re-enter everything
                 if (isset($_POST['website_title'])) {
                     $_SESSION['wb_url'] = $_POST['wb_url'];
                     $_SESSION['default_timezone'] = $_POST['default_timezone'];
                     $_SESSION['default_language'] = $_POST['default_language'];
                     if (!isset($_POST['operating_system'])) {
                         $_SESSION['operating_system'] = 'linux';
                     } else {
                         $_SESSION['operating_system'] = $_POST['operating_system'];
+                    }
                     $_SESSION['world_writeable'] = (bool) isset($_POST['world_writeable']) ? $_POST['world_writeable'] : false;
                     $_SESSION['database_host'] = $_POST['database_host'];
                     $_SESSION['database_username'] = $_POST['database_username'];
                     $_SESSION['database_password'] = $_POST['database_password'];
                     $_SESSION['database_name'] = $_POST['database_name'];
                     $_SESSION['table_prefix'] = $_POST['table_prefix'];
                     $_SESSION['install_tables'] = (bool) isset($_POST['install_tables']) ? $_POST['install_tables'] : false;
                     $_SESSION['website_title'] = $_POST['website_title'];
                     $_SESSION['admin_username'] = $_POST['admin_username'];
                     $_SESSION['admin_email'] = $_POST['admin_email'];
                     $_SESSION['admin_password'] = $_POST['admin_password'];
                     $_SESSION['admin_repassword'] = $_POST['admin_repassword'];
+                }
                 if (!isset($_POST['world_writeable'])) {
                     $_SESSION['world_writeable'] = false;
                 } else {
                     $_SESSION['world_writeable'] = true;
                 // Set the message
                 $_SESSION['message'] = $message;
                 // Set the element(s) to highlight
                 if ($field_name != '') {
                     $_SESSION['ERROR_FIELD'] = $field_name;
+                }
                 $_SESSION['database_host'] = $_POST['database_host'];
                 $_SESSION['database_username'] = $_POST['database_username'];
                 $_SESSION['database_password'] = $_POST['database_password'];
                 $_SESSION['database_name'] = $_POST['database_name'];
                 $_SESSION['table_prefix'] = $_POST['table_prefix'];
                 if (!isset($_POST['install_tables'])) {
                     $_SESSION['install_tables'] = false;
                 } else {
                     $_SESSION['install_tables'] = true;
+                }
                 $_SESSION['website_title'] = $_POST['website_title'];
                 $_SESSION['admin_username'] = $_POST['admin_username'];
                 $_SESSION['admin_email'] = $_POST['admin_email'];
                 $_SESSION['admin_password'] = $_POST['admin_password'];
                 $_SESSION['admin_repassword'] = $_POST['admin_repassword'];
                 // Specify that session support is enabled
                 $_SESSION['session_support'] = '<font class="good">Enabled</font>';
                 // Redirect to first page again and exit
                 header('Location: index.php?sessions_checked=true');
                 exit();
+            }
             // Set the message
             $_SESSION['message'] = $message;
             // Set the element(s) to highlight
             if ($field_name != '') {
                 $_SESSION['ERROR_FIELD'] = $field_name;
+            }
             // Specify that session support is enabled
             $_SESSION['session_support'] = '<font class="good">Enabled</font>';
             // Redirect to first page again and exit
             header('Location: index.php?sessions_checked=true');
             exit();
+        }
+    }
     /* */
     // Function to workout what the default permissions are for files created by the webserver
     function default_file_mode($temp_dir) {
         if (version_compare(PHP_VERSION, '5.3.6', '>=') && is_writable($temp_dir)) {
             $filename = $temp_dir.'/test_permissions.txt';
             $handle = fopen($filename, 'w');
             fwrite($handle, 'This file is to get the default file permissions');
             fclose($handle);
             $default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
             unlink($filename);
         } else {
             $default_file_mode = '0777';
         function default_file_mode($temp_dir) {
             if (version_compare(PHP_VERSION, '5.3.6', '>=') && is_writable($temp_dir)) {
                 $filename = $temp_dir.'/test_permissions.txt';
                 $handle = fopen($filename, 'w');
                 fwrite($handle, 'This file is to get the default file permissions');
                 fclose($handle);
                 $default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
                 unlink($filename);
             } else {
                 $default_file_mode = '0777';
+            }
             return $default_file_mode;
+        }
         return $default_file_mode;
+    }
     // Function to workout what the default permissions are for directories created by the webserver
     function default_dir_mode($temp_dir) {
         if (version_compare(PHP_VERSION, '5.3.6', '>=') && is_writable($temp_dir)) {
             $dirname = $temp_dir.'/test_permissions/';
             mkdir($dirname);
             $default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
             rmdir($dirname);
         } else {
             $default_dir_mode = '0777';
         function default_dir_mode($temp_dir) {
             if (version_compare(PHP_VERSION, '5.3.6', '>=') && is_writable($temp_dir)) {
                 $dirname = $temp_dir.'/test_permissions/';
                 mkdir($dirname);
                 $default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
                 rmdir($dirname);
             } else {
                 $default_dir_mode = '0777';
+            }
             return $default_dir_mode;
+        }
         return $default_dir_mode;
+    }
     function add_slashes($input) {
         if (get_magic_quotes_gpc() || ( !is_string($input) )) {
             return $input;
         function add_slashes($sInput) {
         //    if (get_magic_quotes_gpc() || ( !is_string($input) )) {
         //        return $input;
         //    }
         //    $output = addslashes($input);
         //    return $output;
             return $sInput;
+        }
         $output = addslashes($input);
         return $output;
     //
     // ************************************************************************************ //
     //
     $debug = false;
     if (true === $debug) {
         ini_set('display_errors', 1);
         error_reporting(E_ALL);
+    }
     // Start a session
     if (!defined('SESSION_STARTED')) {
         session_name('wb-installer');
         session_start();
         define('SESSION_STARTED', true);
+    }
     $bTokenOk = false;
     if (isset($_SESSION['token']) && isset($_POST[$_SESSION['token']['name']])) {
         $bTokenOk = (bool) ($_POST[$_SESSION['token']['name']] == $_SESSION['token']['value']);
+    }
     if (!$bTokenOk) { throw new RuntimeException('Illegal file access detected!!'); }
     unset($_SESSION['token']);
     // Begin check to see if form was even submitted
     // Set error if no post vars found
-...
         $default_language = $_POST['default_language'];
         // make sure the selected language file exists in the language folder
         if (!file_exists('../languages/' .$default_language .'.php')) {
             set_error('The language file: \'' .$default_language .'.php\' is missing. Upload file to language folder or choose another language','default_language');
             set_error(
                 'The language file: \'' .$default_language .'.php\' is missing. '.
                 'Upload file to language folder or choose another language',
                 'default_language'
             );
+        }
+    }
     // End default language details code
-...
         .'(\'wb_sp\', \''.SP.'\'),'
         .'(\'website_title\', \''.$website_title.'\'),'
         .'(\'default_language\', \''.$default_language.'\'),'
         .'(\'app_name\', \'wb-'.$session_rand.'\'),'
         .'(\'app_name\', \'wb-'.(string) rand(1000, 9999).'\'),'
         .'(\'default_timezone\', \''.$default_timezone.'\'),'
         .'(\'operating_system\', \''.$operating_system.'\'),'
         .'(\'string_dir_mode\', \''.$dir_mode.'\'),'
-...
     class admin_dummy extends admin
+    {
         public $error='';
         // overwrite method from parent
         public function print_error($message, $link = 'index.php', $auto_footer = true)
+        {
             $this->error=$message;
-...
     $admin = new admin_dummy('Start','',false,false);
     // Load addons into DB
     $dirs['modules']   = WB_PATH.'/modules/';
     $dirs['templates'] = WB_PATH.'/templates/';
     $dirs['languages'] = WB_PATH.'/languages/';
     foreach ($dirs as $type => $dir) {
         if ($handle = opendir($dir)) {
             while (false !== ($file = readdir($handle))) {
                 if ($file != '' AND substr($file, 0, 1) != '.' AND $file != 'admin.php' AND $file != 'index.php') {
                     // Get addon type
                     if ($type == 'modules') {
                         load_module($dir.'/'.$file, true);
                         // Pretty ugly hack to let modules run $admin->set_error
                         // See dummy class definition admin_dummy above
                         if ($admin->error!='') {
                             set_error($admin->error);
+                        }
                     } elseif ($type == 'templates') {
                         load_template($dir.'/'.$file);
                     } elseif ($type == 'languages') {
                         load_language($dir.'/'.$file);
+                    }
+                }
         $sOldWorkingDir = getcwd();
         foreach (glob(WB_PATH.'/modules/*', GLOB_ONLYDIR) as $sModule) {
             load_module($sModule, true);
             if ($admin->error!='') {
                 set_error($admin->error);
+            }
         closedir($handle);
+        }
+    }
         foreach (glob(WB_PATH.'/templates/*', GLOB_ONLYDIR) as $sTemplate) {
             load_template($sTemplate);
+        }
         foreach (glob(WB_PATH.'/languages/??.php') as $sLanguage) {
             load_language($sLanguage);
+        }
     // Check if there was a database error
     if ($database->is_error()) {
         set_error($database->get_error());

Also available in: Unified diff

Project

General

Profile

WB 2.11.0

Revision 4

Added by Manuela almost 7 years ago