Fix bug: prevent CSRF attacks to admin page

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@174 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
mensonge 2008-11-25 16:23:55 +00:00
parent 15b91c7e66
commit 111bcdec75

View file

@ -1,21 +1,21 @@
<?php <?php
/*************************************************************************** /***************************************************************************
Copyright (C) 2007 - 2008 SemanticScuttle project (fork from Scuttle) Copyright (C) 2007 - 2008 SemanticScuttle project (fork from Scuttle)
http://sourceforge.net/projects/semanticscuttle/ http://sourceforge.net/projects/semanticscuttle/
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/ ***************************************************************************/
require_once('header.inc.php'); require_once('header.inc.php');
@ -26,29 +26,30 @@ $bookmarkservice = & ServiceFactory :: getServiceInstance('BookmarkService');
$tag2tagservice = & ServiceFactory :: getServiceInstance('Tag2TagService'); $tag2tagservice = & ServiceFactory :: getServiceInstance('Tag2TagService');
$templateservice = & ServiceFactory :: getServiceInstance('TemplateService'); $templateservice = & ServiceFactory :: getServiceInstance('TemplateService');
/* Managing current logged user */
$currentUser = $userservice->getCurrentObjectUser();
// Header variables // Header variables
$tplVars['subtitle'] = T_('Manage users'); $tplVars['subtitle'] = T_('Manage users');
$tplVars['loadjs'] = true; $tplVars['loadjs'] = true;
$tplVars['sidebar_blocks'] = array('users' ); $tplVars['sidebar_blocks'] = array('users' );
if ( !$userservice->isLoggedOn() ) { if ( !$userservice->isLoggedOn() ) {
header('Location: '. createURL('login', '')); header('Location: '. createURL('login', ''));
exit(); exit();
} }
//$currentUser = $userservice->getCurrentUser(); if ( !$currentUser->isAdmin() ) {
//$currentUserID = $userservice->getCurrentUserId(); header('Location: '. createURL('bookmarks', $currentUser->getUsername()));
//$currentUsername = $currentUser[$userservice->getFieldName('username')]; exit();
$currentObjectUser = $userservice->getCurrentObjectUser();
if ( !$currentObjectUser->isAdmin() ) {
header('Location: '. createURL('bookmarks', $currentObjectUser->getUsername()));
exit();
} }
@list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL; @list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
if ( $action ) {
if ( $action
&& strpos($_SERVER['HTTP_REFERER'], ROOT.'/admin.php') == 0 // Prevent CSRF attacks
) {
switch ( $action ) { switch ( $action ) {
case 'delete': case 'delete':
if ( $user && ($userinfo = $userservice->getUserByUsername($user)) ) { if ( $user && ($userinfo = $userservice->getUserByUsername($user)) ) {