From: <ny...@us...> - 2008-10-15 09:54:35
|
Revision: 15151 http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=15151&view=rev Author: nyloth Date: 2008-10-15 09:54:24 +0000 (Wed, 15 Oct 2008) Log Message: ----------- [FIX] security checks: fix tiki_p_trust_input since make_clean has to be called when magic_quotes_gpc is on. Modified Paths: -------------- trunk/tiki-setup_base.php Modified: trunk/tiki-setup_base.php =================================================================== --- trunk/tiki-setup_base.php 2008-10-15 01:32:48 UTC (rev 15150) +++ trunk/tiki-setup_base.php 2008-10-15 09:54:24 UTC (rev 15151) @@ -108,14 +108,14 @@ // DEAL WITH XSS-TYPE ATTACKS AND OTHER REQUEST ISSUES require_once('lib/setup/sanitization.php'); -function make_clean(&$var,$gpc=false) { +function make_clean(&$var,$gpc=false,$clean_xss=false) { if ( is_array($var) ) { foreach ( $var as $key=>$val ) { - make_clean($var[$key],$gpc); + make_clean($var[$key],$gpc,$clean_xss); } } else { if ($gpc) $var = stripslashes($var); - if ( ! isset($_SERVER['SCRIPT_FILENAME']) || basename($_SERVER['SCRIPT_FILENAME']) != 'tiki-admin.php' ) { + if ( $clean_xss && ( ! isset($_SERVER['SCRIPT_FILENAME']) || basename($_SERVER['SCRIPT_FILENAME']) != 'tiki-admin.php' ) ) { $var = RemoveXSS($var); } } @@ -408,27 +408,27 @@ unset($allperms); // -------------------------------------------------------------- +$magic_quotes_gpc = get_magic_quotes_gpc(); +$clean_xss = ( $tiki_p_trust_input != 'y' ); -if ( $tiki_p_trust_input != 'y' ) { - $magic_quotes_gpc = get_magic_quotes_gpc(); - - // deal with register_globals - if ( ini_get('register_globals') ) { - foreach ( array($_ENV, $_GET, $_POST, $_COOKIE, $_SERVER) as $superglob ) { - foreach ( $superglob as $key=>$val ) { - if ( isset($GLOBALS[$key]) && $GLOBALS[$key]==$val ) { // if global has been set some other way - // that is OK (prevents munging of $_SERVER with ?_SERVER=rubbish etc.) - unset($GLOBALS[$key]); - } +// deal with register_globals +if ( ini_get('register_globals') ) { + foreach ( array($_ENV, $_GET, $_POST, $_COOKIE, $_SERVER) as $superglob ) { + foreach ( $superglob as $key=>$val ) { + if ( isset($GLOBALS[$key]) && $GLOBALS[$key]==$val ) { // if global has been set some other way + // that is OK (prevents munging of $_SERVER with ?_SERVER=rubbish etc.) + unset($GLOBALS[$key]); } } } - make_clean($_GET, $magic_quotes_gpc); - make_clean($_POST, $magic_quotes_gpc); - make_clean($_COOKIE, $magic_quotes_gpc); - make_clean($_SERVER['QUERY_STRING']); - make_clean($_SERVER['REQUEST_URI']); +} +make_clean($_GET, $magic_quotes_gpc, $clean_xss); +make_clean($_POST, $magic_quotes_gpc, $clean_xss); +make_clean($_COOKIE, $magic_quotes_gpc, $clean_xss); +make_clean($_SERVER['QUERY_STRING'], false, $clean_xss); +make_clean($_SERVER['REQUEST_URI'], false, $clean_xss); +if ( $tiki_p_trust_input != 'y' ) { $varcheck_vars = array('_COOKIE', '_GET', '_POST', '_ENV', '_SERVER'); $varcheck_errors = ''; foreach ( $varcheck_vars as $var ) { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |