From 08cc7f673c377bf88897743e340097e93f1e95f4 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 16 Jan 2013 09:30:05 -0500
Subject: [PATCH] - Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals). - nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required. - nginx: modified rewriting.
---
interface/lib/classes/remoting_lib.inc.php | 32 ++++++++++++++++++++++----------
1 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 383df7b..c636518 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -114,6 +114,7 @@
var $sys_default_group;
var $sys_groups;
var $client_id;
+ var $dataRecord;
//* Load the form definition from file.
@@ -390,6 +391,7 @@
if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
}
}
+ if(isset($record['_ispconfig_pw_crypted'])) $new_record['_ispconfig_pw_crypted'] = $record['_ispconfig_pw_crypted']; // this one is not in form definitions!
return $new_record;
}
@@ -655,6 +657,7 @@
$this->action = $action;
$this->primary_id = $primary_id;
+ $this->dataRecord = $record;
$record = $this->encode($record,true);
$sql_insert_key = '';
@@ -672,12 +675,14 @@
if($action == "INSERT") {
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
- if($field['encryption'] == 'CRYPT') {
+ if ((isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') || (isset($record['_ispconfig_pw_crypted']) && $record['_ispconfig_pw_crypted'] == 1)) {
+ $sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
+ } elseif(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
- } elseif ($field['encryption'] == 'MYSQL') {
- $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
- } elseif ($field['encryption'] == 'CLEARTEXT') {
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
+ $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
+ $record[$key] = $tmp['crypted'];
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} else {
$record[$key] = md5(stripslashes($record[$key]));
@@ -699,14 +704,16 @@
}
} else {
if($field['formtype'] == 'PASSWORD') {
- if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
+ if ((isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') || (isset($record['_ispconfig_pw_crypted']) && $record['_ispconfig_pw_crypted'] == 1)) {
+ $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
+ } elseif(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
- $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
- } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
+ $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
+ $record[$key] = $tmp['crypted'];
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
- } else {
+ } else {
$record[$key] = md5(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
}
@@ -825,6 +832,10 @@
} else {
$modules = $app->db->quote($params['modules']);
}
+ if(isset($params['limit_client']) && $params['limit_client'] > 0) {
+ $modules .= ',client';
+ }
+
if(!isset($params['startmodule'])) {
$startmodule = 'dashboard';
} else {
@@ -841,7 +852,7 @@
$language = $app->db->quote($params["language"]);
$groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
$groups = $groupid;
- $password = $app->auth->crypt_password(stripslashes($password));
+ if(!isset($params['_ispconfig_pw_crypted']) || $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($password));
$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
$app->db->query($sql1);
@@ -852,7 +863,8 @@
$username = $app->db->quote($params["username"]);
$clear_password = $app->db->quote($params["password"]);
$client_id = $app->functions->intval($client_id);
- $password = $app->auth->crypt_password(stripslashes($clear_password));
+ if(!isset($params['_ispconfig_pw_crypted']) || $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($clear_password));
+ else $password = $clear_password;
if ($clear_password) $pwstring = ", passwort = '$password'"; else $pwstring ="" ;
$sql = "UPDATE sys_user set username = '$username' $pwstring WHERE client_id = $client_id";
$app->db->query($sql);
--
Gitblit v1.9.1