Index: branches/2.8.x/CHANGELOG =================================================================== --- branches/2.8.x/CHANGELOG (revision 1391) +++ branches/2.8.x/CHANGELOG (revision 1392) @@ -11,6 +11,8 @@ ! = Update/Change ------------------------------------- 2.8.2 ------------------------------------- +16 Jan-2011 Build 1392 Dietmar Woellbrink (Luisehahne) +! update headerinfos, change secure messages 16 Jan-2011 Build 1389-1391 Frank Heyne (FrankH) # Security fixes for modules captcha_control, code and droplets 16 Jan-2011 Build 1388 Dietmar Woellbrink (Luisehahne) Index: branches/2.8.x/wb/admin/templates/uninstall.php =================================================================== --- branches/2.8.x/wb/admin/templates/uninstall.php (revision 1391) +++ branches/2.8.x/wb/admin/templates/uninstall.php (revision 1392) @@ -1,28 +1,21 @@ - Copyright (C) 2004-2009, Ryan Djurovich - - Website Baker is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Website Baker is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Website Baker; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -*/ - // Check if user selected template if(!isset($_POST['file']) OR $_POST['file'] == "") { header("Location: index.php"); @@ -44,7 +37,7 @@ if( !$admin->checkFTAN() ) { - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); exit(); } Index: branches/2.8.x/wb/admin/templates/details.php =================================================================== --- branches/2.8.x/wb/admin/templates/details.php (revision 1391) +++ branches/2.8.x/wb/admin/templates/details.php (revision 1392) @@ -1,118 +1,111 @@ - - Copyright (C) 2004-2009, Ryan Djurovich - - Website Baker is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Website Baker is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Website Baker; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -*/ - -// Include the config file -require('../../config.php'); -require_once(WB_PATH .'/framework/functions.php'); -require_once(WB_PATH.'/framework/class.admin.php'); -$admin = new admin('Addons', 'templates_view',false); - -if( !$admin->checkFTAN() ) -{ - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); - exit(); -} - -// Get template name -if(!isset($_POST['file']) OR $_POST['file'] == "") { - header("Location: index.php"); - exit(0); -} else { - $file = preg_replace("/\W/", "", $admin->add_slashes($_POST['file'])); // fix secunia 2010-92-2 -} - -// Check if the template exists -if(!file_exists(WB_PATH.'/templates/'.$file)) { - header("Location: index.php"); - exit(0); -} - -// Print admin header -$admin = new admin('Addons', 'templates_view'); - -// Setup template object -$template = new Template(THEME_PATH.'/templates'); -$template->set_file('page', 'templates_details.htt'); -$template->set_block('page', 'main_block', 'main'); -$template->set_var('FTAN', $admin->getFTAN()); - -// Insert values -$result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'template' AND directory = '$file'"); -if($result->numRows() > 0) { - $row = $result->fetchRow(); -} - -// check if a template description exists for the displayed backend language -$tool_description = false; -if(function_exists('file_get_contents') && file_exists(WB_PATH.'/templates/'.$file.'/languages/'.LANGUAGE .'.php')) { - // read contents of the template language file into string - $data = @file_get_contents(WB_PATH .'/templates/' .$file .'/languages/' .LANGUAGE .'.php'); - // use regular expressions to fetch the content of the variable from the string - $tool_description = get_variable_content('template_description', $data, false, false); - // replace optional placeholder {WB_URL} with value stored in config.php - if($tool_description !== false && strlen(trim($tool_description)) != 0) { - $tool_description = str_replace('{WB_URL}', WB_URL, $tool_description); - } else { - $tool_description = false; - } -} -if($tool_description !== false) { - // Override the template-description with correct desription in users language - $row['description'] = $tool_description; -} - -$template->set_var(array( - 'NAME' => $row['name'], - 'AUTHOR' => $row['author'], - 'DESCRIPTION' => $row['description'], - 'VERSION' => $row['version'], - 'DESIGNED_FOR' => $row['platform'] - ) - ); - -// Insert language headings -$template->set_var(array( - 'HEADING_TEMPLATE_DETAILS' => $HEADING['TEMPLATE_DETAILS'] - ) - ); -// Insert language text and messages -$template->set_var(array( - 'TEXT_NAME' => $TEXT['NAME'], - 'TEXT_AUTHOR' => $TEXT['AUTHOR'], - 'TEXT_VERSION' => $TEXT['VERSION'], - 'TEXT_DESIGNED_FOR' => $TEXT['DESIGNED_FOR'], - 'TEXT_DESCRIPTION' => $TEXT['DESCRIPTION'], - 'TEXT_BACK' => $TEXT['BACK'] - ) - ); - -// Parse template object -$template->parse('main', 'main_block', false); -$template->pparse('output', 'page'); - -// Print admin footer -$admin->print_footer(); - +checkFTAN() ) +{ + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); + exit(); +} + +// Get template name +if(!isset($_POST['file']) OR $_POST['file'] == "") { + header("Location: index.php"); + exit(0); +} else { + $file = preg_replace("/\W/", "", $admin->add_slashes($_POST['file'])); // fix secunia 2010-92-2 +} + +// Check if the template exists +if(!file_exists(WB_PATH.'/templates/'.$file)) { + header("Location: index.php"); + exit(0); +} + +// Print admin header +$admin = new admin('Addons', 'templates_view'); + +// Setup template object +$template = new Template(THEME_PATH.'/templates'); +$template->set_file('page', 'templates_details.htt'); +$template->set_block('page', 'main_block', 'main'); +$template->set_var('FTAN', $admin->getFTAN()); + +// Insert values +$result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'template' AND directory = '$file'"); +if($result->numRows() > 0) { + $row = $result->fetchRow(); +} + +// check if a template description exists for the displayed backend language +$tool_description = false; +if(function_exists('file_get_contents') && file_exists(WB_PATH.'/templates/'.$file.'/languages/'.LANGUAGE .'.php')) { + // read contents of the template language file into string + $data = @file_get_contents(WB_PATH .'/templates/' .$file .'/languages/' .LANGUAGE .'.php'); + // use regular expressions to fetch the content of the variable from the string + $tool_description = get_variable_content('template_description', $data, false, false); + // replace optional placeholder {WB_URL} with value stored in config.php + if($tool_description !== false && strlen(trim($tool_description)) != 0) { + $tool_description = str_replace('{WB_URL}', WB_URL, $tool_description); + } else { + $tool_description = false; + } +} +if($tool_description !== false) { + // Override the template-description with correct desription in users language + $row['description'] = $tool_description; +} + +$template->set_var(array( + 'NAME' => $row['name'], + 'AUTHOR' => $row['author'], + 'DESCRIPTION' => $row['description'], + 'VERSION' => $row['version'], + 'DESIGNED_FOR' => $row['platform'] + ) + ); + +// Insert language headings +$template->set_var(array( + 'HEADING_TEMPLATE_DETAILS' => $HEADING['TEMPLATE_DETAILS'] + ) + ); +// Insert language text and messages +$template->set_var(array( + 'TEXT_NAME' => $TEXT['NAME'], + 'TEXT_AUTHOR' => $TEXT['AUTHOR'], + 'TEXT_VERSION' => $TEXT['VERSION'], + 'TEXT_DESIGNED_FOR' => $TEXT['DESIGNED_FOR'], + 'TEXT_DESCRIPTION' => $TEXT['DESCRIPTION'], + 'TEXT_BACK' => $TEXT['BACK'] + ) + ); + +// Parse template object +$template->parse('main', 'main_block', false); +$template->pparse('output', 'page'); + +// Print admin footer +$admin->print_footer(); + ?> \ No newline at end of file Index: branches/2.8.x/wb/admin/templates/install.php =================================================================== --- branches/2.8.x/wb/admin/templates/install.php (revision 1391) +++ branches/2.8.x/wb/admin/templates/install.php (revision 1392) @@ -1,28 +1,21 @@ - Copyright (C) 2004-2009, Ryan Djurovich - - Website Baker is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Website Baker is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Website Baker; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -*/ - // Check if user uploaded a file if(!isset($_FILES['userfile'])) { header("Location: index.php"); @@ -39,7 +32,7 @@ if( !$admin->checkFTAN() ) { - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); exit(); } Index: branches/2.8.x/wb/admin/interface/version.php =================================================================== --- branches/2.8.x/wb/admin/interface/version.php (revision 1391) +++ branches/2.8.x/wb/admin/interface/version.php (revision 1392) @@ -52,6 +52,6 @@ // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) if(!defined('VERSION')) define('VERSION', '2.8.2.RC4'); -if(!defined('REVISION')) define('REVISION', '1391'); +if(!defined('REVISION')) define('REVISION', '1392'); ?> Index: branches/2.8.x/wb/admin/settings/save.php =================================================================== --- branches/2.8.x/wb/admin/settings/save.php (revision 1391) +++ branches/2.8.x/wb/admin/settings/save.php (revision 1392) @@ -35,7 +35,7 @@ if( !$admin->checkFTAN() ) { - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); exit(); } Index: branches/2.8.x/wb/admin/users/save.php =================================================================== --- branches/2.8.x/wb/admin/users/save.php (revision 1391) +++ branches/2.8.x/wb/admin/users/save.php (revision 1392) @@ -25,7 +25,7 @@ //$database = new database(); if( !$admin->checkFTAN() ) { - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); exit(); } Index: branches/2.8.x/wb/admin/users/add.php =================================================================== --- branches/2.8.x/wb/admin/users/add.php (revision 1391) +++ branches/2.8.x/wb/admin/users/add.php (revision 1392) @@ -1,110 +1,110 @@ -checkFTAN() ) -{ - $admin->print_error($MESSAGE['PAGES_NOT_SAVED'],'index.php'); - exit(); -} - -// Get details entered -$groups_id = implode(",", $admin->add_slashes($_POST['groups'])); //should check permissions -$groups_id = trim($groups_id, ','); // there will be an additional ',' when "Please Choose" was selected, too -$active = $admin->add_slashes($_POST['active'][0]); -$username_fieldname = $admin->get_post_escaped('username_fieldname'); -$username = strtolower($admin->get_post_escaped($username_fieldname)); -$password = $admin->get_post('password'); -$password2 = $admin->get_post('password2'); -$display_name = $admin->get_post_escaped('display_name'); -$email = $admin->get_post_escaped('email'); -$home_folder = $admin->get_post_escaped('home_folder'); -$default_language = DEFAULT_LANGUAGE; - -// Create a javascript back link -$js_back = 'javascript: history.go(-1);'; - -// Check values -if($groups_id == '') { - $admin->print_error($MESSAGE['USERS']['NO_GROUP'], $js_back); -} -if(strlen($username) < 2) { - $admin->print_error($MESSAGE['USERS']['USERNAME_TOO_SHORT'], $js_back); -} -if(strlen($password) < 2) { - $admin->print_error($MESSAGE['USERS']['PASSWORD_TOO_SHORT'], $js_back); -} -if($password != $password2) { - $admin->print_error($MESSAGE['USERS']['PASSWORD_MISMATCH'], $js_back); -} -if($email != '') -{ - if($admin->validate_email($email) == false) - { - $admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back); - } -} else { // e-mail must be present - $admin->print_error($MESSAGE['SIGNUP']['NO_EMAIL'], $js_back); -} - -// choose group_id from groups_id - workaround for still remaining calls to group_id (to be cleaned-up) -$gid_tmp = explode(',', $groups_id); -if(in_array('1', $gid_tmp)) $group_id = '1'; // if user is in administrator-group, get this group -else $group_id = $gid_tmp[0]; // else just get the first one -unset($gid_tmp); - -// Check if username already exists -$results = $database->query("SELECT user_id FROM ".TABLE_PREFIX."users WHERE username = '$username'"); -if($results->numRows() > 0) { - $admin->print_error($MESSAGE['USERS']['USERNAME_TAKEN'], $js_back); -} - -// Check if the email already exists -$results = $database->query("SELECT user_id FROM ".TABLE_PREFIX."users WHERE email = '".$admin->add_slashes($_POST['email'])."'"); -if($results->numRows() > 0) -{ - if(isset($MESSAGE['USERS']['EMAIL_TAKEN'])) - { - $admin->print_error($MESSAGE['USERS']['EMAIL_TAKEN'], $js_back); - } else { - $admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back); - } -} - -// MD5 supplied password -$md5_password = md5($password); - -// Inser the user into the database -$query = "INSERT INTO ".TABLE_PREFIX."users (group_id,groups_id,active,username,password,display_name,home_folder,email,timezone, language) VALUES ('$group_id', '$groups_id', '$active', '$username','$md5_password','$display_name','$home_folder','$email','-72000', '$default_language')"; -$database->query($query); -if($database->is_error()) { - $admin->print_error($database->get_error()); -} else { - $admin->print_success($MESSAGE['USERS']['ADDED']); -} - -// Print admin footer -$admin->print_footer(); - +checkFTAN() ) +{ + $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],'index.php'); + exit(); +} + +// Get details entered +$groups_id = implode(",", $admin->add_slashes($_POST['groups'])); //should check permissions +$groups_id = trim($groups_id, ','); // there will be an additional ',' when "Please Choose" was selected, too +$active = $admin->add_slashes($_POST['active'][0]); +$username_fieldname = $admin->get_post_escaped('username_fieldname'); +$username = strtolower($admin->get_post_escaped($username_fieldname)); +$password = $admin->get_post('password'); +$password2 = $admin->get_post('password2'); +$display_name = $admin->get_post_escaped('display_name'); +$email = $admin->get_post_escaped('email'); +$home_folder = $admin->get_post_escaped('home_folder'); +$default_language = DEFAULT_LANGUAGE; + +// Create a javascript back link +$js_back = 'javascript: history.go(-1);'; + +// Check values +if($groups_id == '') { + $admin->print_error($MESSAGE['USERS']['NO_GROUP'], $js_back); +} +if(strlen($username) < 2) { + $admin->print_error($MESSAGE['USERS']['USERNAME_TOO_SHORT'], $js_back); +} +if(strlen($password) < 2) { + $admin->print_error($MESSAGE['USERS']['PASSWORD_TOO_SHORT'], $js_back); +} +if($password != $password2) { + $admin->print_error($MESSAGE['USERS']['PASSWORD_MISMATCH'], $js_back); +} +if($email != '') +{ + if($admin->validate_email($email) == false) + { + $admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back); + } +} else { // e-mail must be present + $admin->print_error($MESSAGE['SIGNUP']['NO_EMAIL'], $js_back); +} + +// choose group_id from groups_id - workaround for still remaining calls to group_id (to be cleaned-up) +$gid_tmp = explode(',', $groups_id); +if(in_array('1', $gid_tmp)) $group_id = '1'; // if user is in administrator-group, get this group +else $group_id = $gid_tmp[0]; // else just get the first one +unset($gid_tmp); + +// Check if username already exists +$results = $database->query("SELECT user_id FROM ".TABLE_PREFIX."users WHERE username = '$username'"); +if($results->numRows() > 0) { + $admin->print_error($MESSAGE['USERS']['USERNAME_TAKEN'], $js_back); +} + +// Check if the email already exists +$results = $database->query("SELECT user_id FROM ".TABLE_PREFIX."users WHERE email = '".$admin->add_slashes($_POST['email'])."'"); +if($results->numRows() > 0) +{ + if(isset($MESSAGE['USERS']['EMAIL_TAKEN'])) + { + $admin->print_error($MESSAGE['USERS']['EMAIL_TAKEN'], $js_back); + } else { + $admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back); + } +} + +// MD5 supplied password +$md5_password = md5($password); + +// Inser the user into the database +$query = "INSERT INTO ".TABLE_PREFIX."users (group_id,groups_id,active,username,password,display_name,home_folder,email,timezone, language) VALUES ('$group_id', '$groups_id', '$active', '$username','$md5_password','$display_name','$home_folder','$email','-72000', '$default_language')"; +$database->query($query); +if($database->is_error()) { + $admin->print_error($database->get_error()); +} else { + $admin->print_success($MESSAGE['USERS']['ADDED']); +} + +// Print admin footer +$admin->print_footer(); + ?> \ No newline at end of file