Menu
▾
▴
[phpwiki-checkins] SF.net SVN: phpwiki:[6776] trunk/lib/plugin
|
From: <var...@us...> - 2009-04-09 16:07:28
|
Revision: 6776
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6776&view=rev
Author: vargenau
Date: 2009-04-09 16:06:54 +0000 (Thu, 09 Apr 2009)
Log Message:
-----------
Critical security fix: it was possible to see the content of pages protected by ACLs with no read access by using plugins
Modified Paths:
--------------
trunk/lib/plugin/CreateToc.php
trunk/lib/plugin/Diff.php
trunk/lib/plugin/IncludePage.php
trunk/lib/plugin/PageDump.php
trunk/lib/plugin/Template.php
trunk/lib/plugin/UnfoldSubpages.php
Modified: trunk/lib/plugin/CreateToc.php
===================================================================
--- trunk/lib/plugin/CreateToc.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/CreateToc.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -361,6 +361,13 @@
if (($notoc) or ($liststyle == 'ol')) {
$with_counter = 1;
}
+
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $pagename)) {
+ return $this->error(sprintf(_("Illegal access to page %s: no read access"),
+ $pagename));
+ }
+
$page = $dbi->getPage($pagename);
$current = $page->getCurrentRevision();
//FIXME: I suspect this only to crash with Apache2
Modified: trunk/lib/plugin/Diff.php
===================================================================
--- trunk/lib/plugin/Diff.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/Diff.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -87,6 +87,12 @@
list ($version, $previous) = $versions;
}
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $pagename)) {
+ return $this->error(sprintf(_("Illegal access to page %s: no read access"),
+ $pagename));
+ }
+
// abort if page doesn't exist
$page = $request->getPage($pagename);
$current = $page->getCurrentRevision();
Modified: trunk/lib/plugin/IncludePage.php
===================================================================
--- trunk/lib/plugin/IncludePage.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/IncludePage.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -88,6 +88,12 @@
$page));
}
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $page)) {
+ return $this->error(sprintf(_("Illegal inclusion of page %s: no read access"),
+ $page));
+ }
+
$p = $dbi->getPage($page);
if ($rev) {
$r = $p->getRevision($rev);
Modified: trunk/lib/plugin/PageDump.php
===================================================================
--- trunk/lib/plugin/PageDump.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/PageDump.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -65,6 +65,12 @@
return fmt("Page %s not found.",
WikiLink($page, 'unknown'));
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $page)) {
+ return $this->error(sprintf(_("Illegal access to page %s: no read access"),
+ $page));
+ }
+
$p = $dbi->getPage($page);
include_once("lib/loadsave.php");
$mailified = MailifyPage($p, ($format == 'backup') ? 99 : 1);
Modified: trunk/lib/plugin/Template.php
===================================================================
--- trunk/lib/plugin/Template.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/Template.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -102,8 +102,8 @@
function run($dbi, $argstr, &$request, $basepage) {
$this->vars = array();
$args = $this->getArgs($argstr, $request);
- $vars = $args['vars'] ? $args['vars'] : $this->vars;
- $page = $args['page'];
+ $vars = $args['vars'] ? $args['vars'] : $this->vars;
+ $page = $args['page'];
if ($page) {
// Expand relative page names.
$page = new WikiPageName($page, $basepage);
@@ -120,6 +120,12 @@
$page));
}
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $page)) {
+ return $this->error(sprintf(_("Illegal inclusion of page %s: no read access"),
+ $page));
+ }
+
$p = $dbi->getPage($page);
if ($args['rev']) {
$r = $p->getRevision($args['rev']);
Modified: trunk/lib/plugin/UnfoldSubpages.php
===================================================================
--- trunk/lib/plugin/UnfoldSubpages.php 2009-04-09 15:57:46 UTC (rev 6775)
+++ trunk/lib/plugin/UnfoldSubpages.php 2009-04-09 16:06:54 UTC (rev 6776)
@@ -108,6 +108,13 @@
$cpagename)));
continue;
}
+
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $cpagename)) {
+ return $this->error(sprintf(_("Illegal inclusion of page %s: no read access"),
+ $cpagename));
+ }
+
// trap any remaining nonexistant subpages
if ($page->exists()) {
$r = $page->getCurrentRevision();
@@ -124,8 +131,15 @@
$cpagename.' => '.$m[1])));
continue;
}
- $cpagename = $m[1];
- $page = $dbi->getPage($cpagename);
+ $cpagename = $m[1];
+
+ // Check if user is allowed to get the Page.
+ if (!mayAccessPage ('view', $cpagename)) {
+ return $this->error(sprintf(_("Illegal inclusion of page %s: no read access"),
+ $cpagename));
+ }
+
+ $page = $dbi->getPage($cpagename);
$r = $page->getCurrentRevision();
$c = $r->getContent(); // array of lines
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
