diff options
| author | Florian Pritz <bluewind@xinu.at> | 2017-05-12 21:50:05 +0200 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2017-05-12 21:50:05 +0200 |
| commit | d2707dd055538298bd3ccced73ddcfb08d353986 (patch) | |
| tree | c8c292f9321b13d1a2d8e490bbb8db5a0ddd6d36 | |
| parent | a252d6c6fbd2b9989ab630d74ef476fb9e54bcc6 (diff) | |
Catch incorrect POST parameters (array vs string)
Signed-off-by: Florian Pritz <bluewind@xinu.at>
| -rw-r--r-- | application/controllers/api/v2/file.php | 4 | ||||
| -rw-r--r-- | application/controllers/file/file_default.php | 10 | ||||
| -rw-r--r-- | application/controllers/file/multipaste.php | 6 | ||||
| -rw-r--r-- | application/core/MY_Input.php | 34 |
4 files changed, 44 insertions, 10 deletions
diff --git a/application/controllers/api/v2/file.php b/application/controllers/api/v2/file.php index 6eb0ae43b..6f95d5525 100644 --- a/application/controllers/api/v2/file.php +++ b/application/controllers/api/v2/file.php @@ -71,14 +71,14 @@ class file extends \controllers\api\api_controller { public function delete() { $this->muser->require_access("apikey"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); return \service\files::delete($ids); } public function create_multipaste() { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $userid = $this->muser->get_userid(); $limits = $this->muser->get_upload_id_limits(); diff --git a/application/controllers/file/file_default.php b/application/controllers/file/file_default.php index 2a26c380c..f4f106990 100644 --- a/application/controllers/file/file_default.php +++ b/application/controllers/file/file_default.php @@ -565,7 +565,7 @@ class File_default extends MY_Controller { private function _append_multipaste_queue() { - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); if ($ids === false) { $ids = []; } @@ -658,7 +658,7 @@ class File_default extends MY_Controller { { $this->muser->require_access("apikey"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $ret = \service\files::delete($ids); @@ -675,7 +675,7 @@ class File_default extends MY_Controller { { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $userid = $this->muser->get_userid(); $limits = $this->muser->get_upload_id_limits(); @@ -690,8 +690,8 @@ class File_default extends MY_Controller { public function do_websubmit() { $files = getNormalizedFILES(); - $contents = $this->input->post("content"); - $filenames = $this->input->post("filename"); + $contents = $this->input->post_array("content"); + $filenames = $this->input->post_array("filename"); if (!is_array($filenames) || !is_array($contents)) { throw new \exceptions\UserInputException('file/websubmit/invalid-form', 'The submitted POST form is invalid'); diff --git a/application/controllers/file/multipaste.php b/application/controllers/file/multipaste.php index 759a781f0..50367697c 100644 --- a/application/controllers/file/multipaste.php +++ b/application/controllers/file/multipaste.php @@ -19,7 +19,7 @@ class Multipaste extends MY_Controller { public function append_multipaste_queue() { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); if ($ids === false) { $ids = []; } @@ -55,7 +55,7 @@ class Multipaste extends MY_Controller { public function form_submit() { $this->muser->require_access("basic"); - $ids = $this->input->post('ids'); + $ids = $this->input->post_array('ids'); $process = $this->input->post('process'); if ($ids === false) { @@ -87,7 +87,7 @@ class Multipaste extends MY_Controller { public function ajax_submit() { $this->muser->require_access("basic"); - $ids = $this->input->post('ids'); + $ids = $this->input->post_array('ids'); if ($ids === false) { $ids = []; diff --git a/application/core/MY_Input.php b/application/core/MY_Input.php new file mode 100644 index 000000000..ef7af5528 --- /dev/null +++ b/application/core/MY_Input.php @@ -0,0 +1,34 @@ +<?php +/* + * Copyright 2017 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +class MY_Input extends CI_Input { + public function post($key = null, $xss_clean = false) { + $ret = parent::post($key, $xss_clean); + if (is_array($ret) || is_object($ret)) { + $data = [ + "key" => $key, + "ret" => $ret + ]; + if (preg_match("/^[a-zA-Z0-9_\.-]+$/", $key)) { + throw new \exceptions\UserInputException("input/invalid-form-field", "Invalid input in field $key", $data); + } else { + throw new \exceptions\UserInputException("input/invalid-form-field", "Invalid input", $data); + } + } + return $ret; + } + + public function post_array($key) { + $ret = parent::post($key); + if (!is_array($ret)) { + throw new \exceptions\UserInputException("input/invalid-form-field", "Invalid input", $data); + } + return $ret; + } +} |