Project

General

Profile

« Previous | Next » 

Revision 1596

Added by Dietmar over 12 years ago

highly critical security-fix
announced on http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt

View differences:

branches/2.8.x/CHANGELOG
11 11 
! = Update/Change
12 12 

  		




  13
  13
  
    
=========================== add small Features 2.8.2 ==========================


  		




  
  14
  
    
04 Feb-2012 Build 1596 Dietmar Woellbrink (Luisehahne)


  		




  
  15
  
    
# highly critical security-fix


  		




  
  16
  
    
# announced on http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt


  		




  14
  17
  
    
04 Feb-2012 Build 1595 Dietmar Woellbrink (Luisehahne)


  		




  15
  18
  
    
# fix form language vars for better understanding (Tks to Maverik)


  		




  16
  19
  
    
! change request if HTTP_REFERER is not empty in logout.php 


  		












  

    
      branches/2.8.x/wb/admin/interface/version.php
    
  





  51
  51
  
    

  		




  52
  52
  
    
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)


  		




  53
  53
  
    
if(!defined('VERSION')) define('VERSION', '2.8.2');


  		




  54
  
  
    
if(!defined('REVISION')) define('REVISION', '1595');


  		




  
  54
  
    
if(!defined('REVISION')) define('REVISION', '1596');


  		




  55
  55
  
    
if(!defined('SP')) define('SP', 'SP2');


  		












  

    
      branches/2.8.x/wb/account/logout.php
    
  





  22
  22
  
    
	setcookie('REMEMBER_KEY', '', time()-3600, '/');


  		




  23
  23
  
    
}


  		




  24
  24
  
    

  		




  25
  
  
    
$redirect = ((isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) ?  $_SERVER['HTTP_REFERER'] : WB_URL.'/index.php');


  		




  
  25
  
    
$redirect = ((isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') ?  $_SERVER['HTTP_REFERER'] : WB_URL.'/index.php');


  		




  26
  26
  
    

  		




  27
  27
  
    
$_SESSION['USER_ID'] = null;


  		




  28
  28
  
    
$_SESSION['GROUP_ID'] = null;


  		












  

    
      branches/2.8.x/wb/framework/initialize.php
    
  





  24
  24
  
    
//set_include_path(get_include_path() . PATH_SEPARATOR . WB_PATH);


  		




  25
  25
  
    

  		




  26
  26
  
    
if (file_exists(WB_PATH.'/framework/class.database.php')) {


  		




  27
  
  
    

  		




  
  27
  
    
	$sTmpReferer = '';


  		




  
  28
  
    
	if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') {


  		




  
  29
  
    
	        $tmp0 = parse_url($_SERVER['HTTP_REFERER']);


  		




  
  30
  
    
	        if ($tmp0 !== false) {


  		




  
  31
  
    
	                $tmp0['host'] = isset($tmp0['host']) ? $tmp0['host'] : '';


  		




  
  32
  
    
	                $tmp0['path'] = isset($tmp0['path']) ? $tmp0['path'] : '';


  		




  
  33
  
    
	                $tmp1 = parse_url(WB_URL);


  		




  
  34
  
    
	                if ($tmp1 !== false) {


  		




  
  35
  
    
	                        $tmp1['host'] = isset($tmp1['host']) ? $tmp1['host'] : '';


  		




  
  36
  
    
	                        $tmp1['path'] = isset($tmp1['path']) ? $tmp1['path'] : '';


  		




  
  37
  
    
	                        if (strpos($tmp0['host'].'/'.$tmp0['path'], $tmp1['host'].'/'.$tmp1['path'])) {


  		




  
  38
  
    
	                                $sTmpReferer = WB_URL.$tmp['path'].$tmp[fragment];


  		




  
  39
  
    
	                        }


  		




  
  40
  
    
	                }


  		




  
  41
  
    
	        }


  		




  
  42
  
    
	}


  		




  
  43
  
    
	$_SERVER['HTTP_REFERER'] = $sTmpReferer;


  		




  28
  44
  
    
	date_default_timezone_set('UTC');


  		




  29
  45
  
    
	require_once(WB_PATH.'/framework/class.database.php');


  		




  30
  46
  
    

  		












  

    
      branches/2.8.x/wb/templates/allcss/index.php
    
  





  83
  83
  
    
		show_menu2(0,SM2_ROOT,SM2_CURR+1,SM2_TRIM,'<li><span class="menu-default">[ac][menu_title]</a></span>','</li>','<ul>','</ul>');


  		




  84
  84
  
    
		// CODE FOR WEBSITE BAKER FRONTEND LOGIN


  		




  85
  85
  
    
		if (FRONTEND_LOGIN == 'enabled' && VISIBILITY != 'private' && $wb->get_session('USER_ID') == '') {


  		




  86
  
  
    
			$redirect_url = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : WB_URL );


  		




  
  86
  
    
			$redirect_url = ((isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') ? $_SERVER['HTTP_REFERER'] : WB_URL );


  		




  87
  87
  
    
			$redirect_url = (isset($thisApp->redirect_url) ? $thisApp->redirect_url : $redirect_url );?>


  		




  88
  88
  
    
			<!-- login form -->


  		




  89
  89
  
    
			<br />


  		












  

    
      branches/2.8.x/wb/templates/round/index.php
    
  





  121
  121
  
    
		


  		




  122
  122
  
    
<?php


  		




  123
  123
  
    
		if(FRONTEND_LOGIN AND !$wb->is_authenticated() AND VISIBILITY != 'private' ) {


  		




  124
  
  
    
			$redirect_url = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : WB_URL );


  		




  
  124
  
    
			$redirect_url = ((isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') ? $_SERVER['HTTP_REFERER'] : WB_URL );


  		




  125
  125
  
    
			$redirect_url = (isset($thisApp->redirect_url) ? $thisApp->redirect_url : $redirect_url );


  		




  126
  126
  
    
?>


  		




  127
  127
  
    
		<form name="login" action="<?php echo LOGIN_URL; ?>" method="post">


  		












Also available in:  Unified diff