mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-02 20:57:26 +02:00
Code Issues Releases Wiki Activity

Input filter fixes.

Browse Source
This commit is contained in:
Cameron
2016-08-19 16:13:38 -07:00
parent eac663e889
commit 17382b25ac
3 changed files with 30 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
class2.php
View File

@@ -1861,7 +1861,7 @@ function cookie($name, $value, $expire=0, $path = e_HTTP, $domain = '', $secure
$domain = (e_DOMAIN != FALSE) ? ".".e_DOMAIN : ""; $domain = (e_DOMAIN != FALSE) ? ".".e_DOMAIN : "";
} }
setcookie($name, $value, $expire, $path, $domain, $secure); setcookie($name, $value, $expire, $path, $domain, $secure, true);
} }
// generic function for retaining values across pages. ie. cookies or sessions. // generic function for retaining values across pages. ie. cookies or sessions.
@@ -1879,7 +1879,7 @@ function session_set($name, $value, $expire='', $path = e_HTTP, $domain = '', $s
$domain = (e_DOMAIN != FALSE) ? ".".e_DOMAIN : ""; $domain = (e_DOMAIN != FALSE) ? ".".e_DOMAIN : "";
} }
setcookie($name, $value, $expire, $path, $domain, $secure); setcookie($name, $value, $expire, $path, $domain, $secure, true);
$_COOKIE[$name] = $value; $_COOKIE[$name] = $value;
} }
} }

30
e107_handlers/e107_class.php
View File

@@ -3292,7 +3292,7 @@ class e107
return array_walk($input, array('self', 'filter_request'), $type); return array_walk($input, array('self', 'filter_request'), $type);
} }
if($type == "_POST" || ($type == "_SERVER" && ($key == "QUERY_STRING"))) if($type == "_POST" || ($type == "_SERVER" && ($key == "QUERY_STRING")))
{ {
if($type == "_POST" && ($base64 == FALSE)) if($type == "_POST" && ($base64 == FALSE))
@@ -3357,14 +3357,29 @@ class e107
} }
} }
if($type == '_GET') // Basic XSS check.
{
if(stripos($input, "<script")!==false || stripos($input, "%3Cscript")!==false)
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
}
if($type == "_SERVER") if($type == "_SERVER")
{ {
if(($key == "QUERY_STRING") && ( if(($key == "QUERY_STRING") && (
strpos(strtolower($input),"../../")!==FALSE strpos(strtolower($input),"../../")!==FALSE
|| strpos(strtolower($input),"php:")!==FALSE || stripos($input,"php:")!==FALSE
|| strpos(strtolower($input),"data:")!==FALSE || stripos($input,"data:")!==FALSE
|| strpos(strtolower($input),strtolower("%3Cscript"))!==FALSE || stripos($input,"%3cscript")!==FALSE
)) ))
{ {
@@ -3413,10 +3428,13 @@ class e107
exit(); exit();
} }
if($base64 != TRUE) if($base64 != true)
{ {
self::filter_request(base64_decode($input),$key,$type,TRUE); self::filter_request(base64_decode($input),$key,$type,true);
} }
} }

7
e107_handlers/session_handler.php
View File

@@ -147,7 +147,7 @@ class e_session
'path' => '', 'path' => '',
'domain' => '', 'domain' => '',
'secure' => false, 'secure' => false,
'httponly' => false, 'httponly' => true,
); );
/** /**
@@ -197,7 +197,8 @@ class e_session
); );
$options = array( $options = array(
'httponly' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_PARANOID), // 'httponly' => (e_SECURITY_LEVEL >= self::SECURITY_LEVEL_PARANOID),
'httponly' => true,
); );
if(!defined('E107_INSTALL')) if(!defined('E107_INSTALL'))
@@ -226,7 +227,7 @@ class e_session
$this->setConfig($config) $this->setConfig($config)
->setOptions($options); ->setOptions($options);
} }
return $this; return $this;
} }