fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-05 01:52:17 +09:00
Code Issues Projects Releases Packages Wiki Activity

CSRF defense

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@12460 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-12-26 04:52:07 +00:00
parent 36a04a44ba
commit a3266c1c53
2 changed files with 33 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

18
config/func.inc.php
View file

@ -1131,6 +1131,24 @@
} }
} }
function checkCSRF()
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
return false;
}
$defaultUrl = Context::getDefaultUrl();
$referer = parse_url($_SERVER["HTTP_REFERER"]);
if(!strstr($defaultUrl, $referer['host']))
{
return false;
}
return true;
}
/** /**
* Print raw html header * Print raw html header
* *

15
modules/document/document.controller.php
View file

@ -175,6 +175,11 @@ class documentController extends document {
* @return object * @return object
*/ */
function insertDocument($obj, $manual_inserted = false, $isRestore = false) { function insertDocument($obj, $manual_inserted = false, $isRestore = false) {
if(!checkCSRF())
{
return new Object(-1, 'msg_invalid_request');
}
// begin transaction // begin transaction
$oDB = &DB::getInstance(); $oDB = &DB::getInstance();
$oDB->begin(); $oDB->begin();
@ -309,6 +314,11 @@ class documentController extends document {
* @return object * @return object
*/ */
function updateDocument($source_obj, $obj) { function updateDocument($source_obj, $obj) {
if(!checkCSRF())
{
return new Object(-1, 'msg_invalid_request');
}
if(!$source_obj->document_srl || !$obj->document_srl) return new Object(-1,'msg_invalied_request'); if(!$source_obj->document_srl || !$obj->document_srl) return new Object(-1,'msg_invalied_request');
if(!$obj->status && $obj->is_secret == 'Y') $obj->status = 'SECRET'; if(!$obj->status && $obj->is_secret == 'Y') $obj->status = 'SECRET';
if(!$obj->status) $obj->status = 'PUBLIC'; if(!$obj->status) $obj->status = 'PUBLIC';
@ -1862,6 +1872,11 @@ class documentController extends document {
set_time_limit(0); set_time_limit(0);
if(!Context::get('is_logged')) return new Object(-1,'msg_not_permitted'); if(!Context::get('is_logged')) return new Object(-1,'msg_not_permitted');
if(!checkCSRF())
{
return new Object(-1, 'msg_invalid_request');
}
$type = Context::get('type'); $type = Context::get('type');
$target_module = Context::get('target_module'); $target_module = Context::get('target_module');
$module_srl = Context::get('module_srl'); $module_srl = Context::get('module_srl');