From d6fe865133511ac64565a583106b3233b70a0b1e Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Mon, 1 Feb 2010 13:14:35 +0100 Subject: Removed hAtom pattern from registration page. --- actions/register.php | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'actions') diff --git a/actions/register.php b/actions/register.php index 698137346..063bbe2cc 100644 --- a/actions/register.php +++ b/actions/register.php @@ -303,27 +303,6 @@ class RegisterAction extends Action return ($user !== false); } - // overrrided to add entry-title class - function showPageTitle() { - if (Event::handle('StartShowPageTitle', array($this))) { - $this->element('h1', array('class' => 'entry-title'), $this->title()); - } - } - - // overrided to add hentry, and content-inner class - function showContentBlock() - { - $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); - $this->showPageTitle(); - $this->showPageNoticeBlock(); - $this->elementStart('div', array('id' => 'content_inner', - 'class' => 'entry-content')); - // show the actual content (forms, lists, whatever) - $this->showContent(); - $this->elementEnd('div'); - $this->elementEnd('div'); - } - /** * Instructions or a notice for the page * -- cgit v1.2.3-54-g00ecf From 57d8f22a3ae8aba882b7782cbc426e65cdb355f6 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 1 Feb 2010 11:10:36 -0500 Subject: fix local file include vulnerability in doc.php Conflicts: actions/doc.php --- actions/doc.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'actions') diff --git a/actions/doc.php b/actions/doc.php index 25d363472..eaf4b7df2 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -54,6 +54,9 @@ class DocAction extends Action parent::prepare($args); $this->title = $this->trimmed('title'); + if (!preg_match('/^[a-zA-Z0-9_-]*$/', $this->title)) { + $this->title = 'help'; + } $this->output = null; $this->loadDoc(); -- cgit v1.2.3-54-g00ecf From 6159edcebbcb1c230113e18788a676035979a4c8 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 1 Feb 2010 08:48:31 -0800 Subject: Improve name validation checks on local File references --- actions/getfile.php | 2 +- classes/File.php | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/getfile.php b/actions/getfile.php index cd327e410..9cbe8e1d9 100644 --- a/actions/getfile.php +++ b/actions/getfile.php @@ -71,7 +71,7 @@ class GetfileAction extends Action $filename = $this->trimmed('filename'); $path = null; - if ($filename) { + if ($filename && File::validFilename($filename)) { $path = File::path($filename); } diff --git a/classes/File.php b/classes/File.php index c527c4ffe..6dd9e0c06 100644 --- a/classes/File.php +++ b/classes/File.php @@ -176,8 +176,22 @@ class File extends Memcached_DataObject return "$nickname-$datestamp-$random.$ext"; } + /** + * Validation for as-saved base filenames + */ + static function validFilename($filename) + { + return preg_match('^/[A-Za-z0-9._-]+$/', $filename); + } + + /** + * @throws ClientException on invalid filename + */ static function path($filename) { + if (!self::validFilename($filename)) { + throw new ClientException("Invalid filename"); + } $dir = common_config('attachments', 'dir'); if ($dir[strlen($dir)-1] != '/') { @@ -189,6 +203,9 @@ class File extends Memcached_DataObject static function url($filename) { + if (!self::validFilename($filename)) { + throw new ClientException("Invalid filename"); + } if(common_config('site','private')) { return common_local_url('getfile', -- cgit v1.2.3-54-g00ecf