Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG (revision 1459)
+++ branches/2.8.x/CHANGELOG (revision 1460)
@@ -11,6 +11,11 @@
! = Update/Change
------------------------------------- 2.8.2 ------------------------------------
+29 Jun-2011 Build 1460 Dietmar Woellbrink (Luisehahne)
+# Ticket 1101, phtml|php5|php4|php|cgi|pl|exe|com|bat|src| will be hardcoded
+ additional you can set more extension in settings extended in field rename_file_types
+ rename_file_types now is a blacklist and will no longer be renamed to .txt
+! update admintools modules to work with SecureForm Patch from NorHei
26 Jun-2011 Build 1459 Dietmar Woellbrink (Luisehahne)
# Ticket 1099: change title for add_child_page in page tree
26 Jun-2011 Build 1458 Dietmar Woellbrink (Luisehahne)
Index: branches/2.8.x/wb/admin/media/browse.php
===================================================================
--- branches/2.8.x/wb/admin/media/browse.php (revision 1459)
+++ branches/2.8.x/wb/admin/media/browse.php (revision 1460)
@@ -151,10 +151,10 @@
// $filename = $currentdir;
if(!empty($currentdir)) {
$usedFiles = $Dse->getMatchesFromDir( $currentdir, DseTwo::RETURN_USED);
-/* */
+/*
print 'function '.__FUNCTION__.'(); basename: '.basename(__FILE__).' line: '.__LINE__.' ->
';
print_r( $usedFiles ); print '
'; // flush ();sleep(10); die();
-
+*/
}
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
@@ -253,8 +253,7 @@
'DATE' => $date,
'PREVIEW' => $preview,
'IMAGE_TITLE' => $name,
- // 'IMAGE_EXIST' => search_image($directory.'/',$name)
- 'IMAGE_EXIST' => (in_array($name, $usedFiles) ? 'view_16.png' : 'pic_16.png')
+ 'IMAGE_EXIST' => 'blank_16.gif'
)
);
$template->parse('list', 'list_block', true);
Index: branches/2.8.x/wb/admin/media/upload.php
===================================================================
--- branches/2.8.x/wb/admin/media/upload.php (revision 1459)
+++ branches/2.8.x/wb/admin/media/upload.php (revision 1460)
@@ -66,7 +66,10 @@
$file_extension_string=$fetch_result['value'];
}
$file_extensions=explode(",",$file_extension_string);
-
+// get from settings and add to forbidden list
+$rename_file_types = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
+// hardcodet forbidden filetypes
+$forbidden_file_types = 'phtml|php5|php4|php|cgi|pl|exe|com|bat|src|'.$rename_file_types;
// Loop through the files
$good_uploads = 0;
for($count = 1; $count <= 10; $count++) {
@@ -73,22 +76,28 @@
// If file was upload to tmp
if(isset($_FILES["file$count"]['name'])) {
// Remove bad characters
- $filename = media_filename($_FILES["file$count"]['name']);
+ $filename = trim(media_filename($_FILES["file$count"]['name']),'.') ;
// Check if there is still a filename left
- if($filename != '') {
- // Check for potentially malicious files and append 'txt' to their name
+ // if($filename != '') {
+ $info = pathinfo($filename);
+ $ext = isset($info['extension']) ? $info['extension'] : '';
+
+ if ( ($filename != '') && !preg_match("/\." . $forbidden_file_types . "$/i", $ext) ) {
+/*
+ // Check for potentially malicious files and append 'txt' to their name
foreach($file_extensions as $file_ext) {
$file_ext_len=strlen($file_ext);
if (substr($filename,-$file_ext_len)==$file_ext) {
$filename.='.txt';
}
- }
+ }
+*/
// Move to relative path (in media folder)
- if(file_exists($relative.$filename) AND $overwrite == true) {
+ if(file_exists($relative.$filename) AND $overwrite == true) {
if(move_uploaded_file($_FILES["file$count"]['tmp_name'], $relative.$filename)) {
$good_uploads++;
// Chmod the uploaded file
- change_mode($relative.$filename, 'file');
+ change_mode($relative.$filename);
}
} elseif(!file_exists($relative.$filename)) {
if(move_uploaded_file($_FILES["file$count"]['tmp_name'], $relative.$filename)) {
@@ -97,7 +106,7 @@
change_mode($relative.$filename);
}
}
-
+
if(file_exists($relative.$filename)) {
if ($pathsettings[$resizepath]['width'] || $pathsettings[$resizepath]['height'] ) {
$rimg=new RESIZEIMAGE($relative.$filename);
@@ -105,7 +114,7 @@
$rimg->close();
}
}
-
+
// store file name of first file for possible unzip action
if ($count == 1) {
$filename1 = $relative . $filename;
@@ -113,34 +122,55 @@
}
}
}
+/*
+ * Callback function to skip files in black-list
+ */
+function pclzipCheckValidFile($p_event, &$p_header)
+{
+ // return 1;
+ $rename_file_types = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
+ // hardcodet forbidden filetypes
+ $forbidden_file_types = 'phtml|php5|php4|php|cgi|pl|exe|com|bat|src|'.$rename_file_types;
+ $info = pathinfo($p_header['filename']);
+ $ext = isset($info['extension']) ? $info['extension'] : '';
+ $dots = (substr($info['basename'], 0, 1) == '.') || (substr($info['basename'], -1, 1) == '.');
+ if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) && $dots != '.' )
+ { // ----- allowed file types are extracted
+ return 1;
+ }else
+ { // ----- all other files are skiped
+ return 0;
+ }
+}
+/* ********************************* */
// If the user chose to unzip the first file, unzip into the current folder
if (isset($_POST['unzip']) && isset($filename1) && file_exists($filename1) ) {
$archive = new PclZip($filename1);
- $list = $archive->extract(PCLZIP_OPT_PATH, $relative);
+
+ $list = $archive->extract(PCLZIP_OPT_PATH, $relative,PCLZIP_CB_PRE_EXTRACT, 'pclzipCheckValidFile');
+
if($list == 0) {
// error while trying to extract the archive (most likely wrong format)
$admin->print_error('UNABLE TO UNZIP FILE' . $archive -> errorInfo(true));
}
-
+
+ $sum_dirs = 0;
+ $sum_files = 0;
+
// rename executable files!
- foreach ($list as $val) {
- $fn = $val['filename'];
- $fnp = pathinfo($fn);
- if (isset($fnp['extension'])) {
- $fext = $fnp['extension'];
- if (in_array($fext, $file_extensions)) {
- rename($fn, $fn.".txt");
- }
+ foreach ($list as $key => $val) {
+ if( ($val['folder'] ) && change_mode($val['filename']) ) {
+ $sum_dirs++;
+ } elseif( is_writable($val['filename']) && ($val['status'] == 'ok') && change_mode($val['filename']) ) {
+ $sum_files++;
}
}
+ if (isset($_POST['delzip'])) { unlink($filename1); }
}
-
+unset($list);
if($good_uploads == 1) {
- $admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['SINGLE_UPLOADED'] );
- if (isset($_POST['delzip'])) {
- unlink($filename1);
- }
+ $admin->print_success($sum_files.' '.$MESSAGE['MEDIA']['SINGLE_UPLOADED'] );
} else {
$admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['UPLOADED'] );
}
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php (revision 1459)
+++ branches/2.8.x/wb/admin/interface/version.php (revision 1460)
@@ -52,6 +52,6 @@
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
if(!defined('VERSION')) define('VERSION', '2.8.2.RC6');
-if(!defined('REVISION')) define('REVISION', '1459');
+if(!defined('REVISION')) define('REVISION', '1460');
?>
Index: branches/2.8.x/wb/admin/admintools/tool.php
===================================================================
--- branches/2.8.x/wb/admin/admintools/tool.php (revision 1459)
+++ branches/2.8.x/wb/admin/admintools/tool.php (revision 1460)
@@ -29,21 +29,22 @@
$tool = $array[0];
}
-$list = array();
+$ModulesList = array();
+$admin_header = true;
if(isset($_POST['save_settings'])) {
$ModulesUsingFTAN = ADMIN_PATH.'/admintools/modules.inc';
if(file_exists($ModulesUsingFTAN)){
- if(($list = file($ModulesUsingFTAN, FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES)) !== false)
+ if(($ModulesList = file($ModulesUsingFTAN, FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES)) !== false)
{
// remove remark-lines
- $list = preg_grep('/^\s*?[^#;]/', $list);
+ $ModulesList = preg_grep('/^\s*?[^#;]/', $ModulesList);
}
}
}
-$admin_header = (in_array($tool, $list) ? false : true);
-$admin = new admin('admintools', 'admintools',$admin_header );
-unset($list);
+$admin_header = (!in_array($tool, $ModulesList));
+$admin = new admin('admintools', 'admintools', $admin_header );
+unset($ModulesList);
// Check if tool is installed
$result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'module' AND function = 'tool' AND directory = '".preg_replace("/\W/", "", $tool)."'");
@@ -51,7 +52,7 @@
header("Location: index.php");
exit(0);
}
-$tool = $result->fetchRow();
+$tools = $result->fetchRow();
if(!isset($_POST['save_settings'])) {
?>
@@ -58,10 +59,10 @@
»
-
+
print_footer();
Index: branches/2.8.x/wb/modules/captcha_control/tool.php
===================================================================
--- branches/2.8.x/wb/modules/captcha_control/tool.php (revision 1459)
+++ branches/2.8.x/wb/modules/captcha_control/tool.php (revision 1460)
@@ -42,7 +42,7 @@
if(isset($_POST['save_settings'])) {
if (!$admin->checkFTAN())
{
- $admin->print_header();
+ if(!$admin_header) { $admin->print_header(); }
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $js_back );
}
@@ -67,7 +67,7 @@
}
// check if there is a database error, otherwise say successful
- $admin->print_header();
+ if(!$admin_header) { $admin->print_header(); }
if($database->is_error()) {
$admin->print_error($database->get_error(), $js_back);
} else {
@@ -75,6 +75,7 @@
}
} else {
+}
// include captcha-file
require_once(WB_PATH .'/include/captcha/captcha.php');
@@ -200,6 +201,5 @@
\ No newline at end of file
Index: branches/2.8.x/wb/modules/jsadmin/tool.php
===================================================================
--- branches/2.8.x/wb/modules/jsadmin/tool.php (revision 1459)
+++ branches/2.8.x/wb/modules/jsadmin/tool.php (revision 1460)
@@ -39,12 +39,12 @@
// Check if user selected what add-ons to reload
if(isset($_POST['save_settings'])) {
+
if (!$admin->checkFTAN())
{
- $admin->print_header();
+ if(!$admin_header) { $admin->print_header(); }
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$_SERVER['REQUEST_URI']);
}
- $admin->print_header();
// Include functions file
require_once(WB_PATH.'/framework/functions.php');
@@ -53,6 +53,7 @@
save_setting('mod_jsadmin_ajax_order_sections', isset($_POST['ajax_order_sections']));
// echo ''.$MESSAGE['SETTINGS']['SAVED'].'
';
// check if there is a database error, otherwise say successful
+ if(!$admin_header) { $admin->print_header(); }
if($database->is_error()) {
$admin->print_error($database->get_error(), $js_back);
} else {
Index: branches/2.8.x/wb/modules/output_filter/tool.php
===================================================================
--- branches/2.8.x/wb/modules/output_filter/tool.php (revision 1459)
+++ branches/2.8.x/wb/modules/output_filter/tool.php (revision 1460)
@@ -33,7 +33,7 @@
if (!$admin->checkFTAN())
{
- $admin->print_header();
+ if(!$admin_header) { $admin->print_header(); }
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$_SERVER['REQUEST_URI'],false);
}
// get overall output filter settings
@@ -51,7 +51,7 @@
mailto_filter = '$mailto_filter', at_replacement = '$at_replacement', dot_replacement = '$dot_replacement'");
// check if there is a database error, otherwise say successful
- $admin->print_header();
+ if(!$admin_header) { $admin->print_header(); }
if($database->is_error()) {
$admin->print_error($database->get_error(), $js_back);
} else {
@@ -59,6 +59,7 @@
}
} else {
+}
// write out heading
echo '' .$MOD_MAIL_FILTER['HEADING'] .'
';
@@ -109,6 +110,5 @@