[pLog-svn] r6753 - in plugins/branches/lifetype-1.2/submissions: . class/action templates

jondaley at devel.lifetype.net jondaley at devel.lifetype.net
Thu Dec 4 16:16:19 EST 2008 

Author: jondaley
Date: 2008-12-04 16:16:19 -0500 (Thu, 04 Dec 2008)
New Revision: 6753

Modified:
   plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
   plugins/branches/lifetype-1.2/submissions/class/action/adminsubmissionspluginupdatesettingsaction.class.php
   plugins/branches/lifetype-1.2/submissions/pluginsubmissions.class.php
   plugins/branches/lifetype-1.2/submissions/templates/submitform.template
Log:
validation security holes.  also a bug in selecting the notification enable checkbox

Modified: plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php	2008-12-04 15:24:06 UTC (rev 6752)
+++ plugins/branches/lifetype-1.2/submissions/class/action/addsubmissionaction.class.php	2008-12-04 21:16:19 UTC (rev 6753)
@@ -3,6 +3,8 @@
     lt_include( PLOG_CLASS_PATH."class/action/blogaction.class.php" );
     lt_include( PLOG_CLASS_PATH."class/view/plugintemplatedview.class.php" );
     lt_include( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+    lt_include( PLOG_CLASS_PATH."class/data/validator/arrayvalidator.class.php" );
+    lt_include( PLOG_CLASS_PATH."class/data/validator/integervalidator.class.php" );
 	lt_include( PLOG_CLASS_PATH."class/data/textfilter.class.php" );
 	lt_include( PLOG_CLASS_PATH."class/dao/customfields/customfields.class.php" );
 	lt_include( PLOG_CLASS_PATH."class/dao/customfields/customfieldsvalues.class.php" );	
@@ -30,31 +32,65 @@
         function validate()
         {
             $errors = false;
+            $val1 = new StringValidator();
         
             // these two are optional
-            $this->_userName = $this->_request->getValue( "userName" );
-            $this->_userEmailAddress = $this->_request->getValue( "userEmailAddress" );
-            
+            $userName = $this->_request->getValue( "userName" );
+            if($userName){
+                if( !$val1->validate( $userName )) {
+                    $errors["submissionUserName"] = true;
+                    $message["submissionUserName"] = $this->_locale->tr("error_incorrect_user");
+                }
+                else{
+                    $this->_userName = $userName;
+                }
+            }
+            $userEmailAddress = $this->_request->getValue( "userEmailAddress" );
+            if($userEmailAddress){
+                if( !$val1->validate( $userEmailAddress )) {
+                    $errors["submissionUserEmailAddress"] = true;
+                    $message["submissionUserEmailAddress"] = $this->_locale->tr("error_incorrect_email_address");
+                }
+                else{
+                    $this->_userEmailAddress = $userEmailAddress;
+                }
+            }
+                
             // these ones are mandatory, of course...
-            $this->_topic = $this->_request->getValue( "submissionTopic" );
-            $val1 = new StringValidator();
-            if( !$val1->validate( $this->_topic )) {
+            $this->_topic = "";
+            $topic = $this->_request->getValue( "submissionTopic" );
+            if( !$val1->validate( $topic )) {
                 $errors["submissionTopic"] = true;
                 $message["submissionTopic"] = $this->_locale->tr("error_submission_no_topic");
             }
+            else{
+                $this->_topic = $topic;
+            }
+                
             
-            $this->_text = $this->_request->getValue( "submissionText" );
-            $val2 = new StringValidator();
-            if( !$val2->validate( $this->_text )) {
+            $this->_text = "";
+            $text = $this->_request->getValue( "submissionText" );
+			$config =& Config::getConfig();
+            $htmlEnabled = $config->getValue("plugin_submissions_htmlarea_enabled");
+            $val2 = new StringValidator($htmlEnabled);
+            if( !$val2->validate( $text )) {
                 $errors["submissionText"] = true;
                 $message["submissionText"] = $this->_locale->tr("error_submission_no_text");
             }
+            else{
+                $this->_text = $text;
+            }
             
-            $this->_categoryIds = $this->_request->getValue( "submissionCategory" );
-            if( !is_array($this->_categoryIds)) {
+            $this->_categoryIds = "";
+            $categoryIds = $this->_request->getValue( "submissionCategory" );
+            $val3 = new ArrayValidator(new IntegerValidator());
+            if( !$val3->validate( $categoryIds )) {
                 $errors["submissionCategory"] = true;
-                $message["submissionCategory"] = $this->_locale->tr("error_submission_no_category");          
+                $message["submissionCategory"] = $this->_locale->tr("error_incorrect_category_id");
             }
+            else{
+                $this->_categoryIds = $categoryIds;
+            }
             
             if( $errors ) {
                 $this->_view = new PluginTemplatedView( $this->_blogInfo, "submissions", "submitform", SMARTY_VIEW_CACHE_DISABLED );

Modified: plugins/branches/lifetype-1.2/submissions/class/action/adminsubmissionspluginupdatesettingsaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/submissions/class/action/adminsubmissionspluginupdatesettingsaction.class.php	2008-12-04 15:24:06 UTC (rev 6752)
+++ plugins/branches/lifetype-1.2/submissions/class/action/adminsubmissionspluginupdatesettingsaction.class.php	2008-12-04 21:16:19 UTC (rev 6753)
@@ -11,7 +11,7 @@
 	
 		var $_pluginEnabled;
 		var $_htmlareaEnabled;
-		var $_notificationEnabled;
+		var $_notificationsEnabled;
 
     	/**
          * Constructor. If nothing else, it also has to call the constructor of the parent
@@ -32,8 +32,8 @@
             $this->_htmlareaEnabled = $this->_request->getValue( "htmlareaEnabled" );
             $this->_htmlareaEnabled = ($this->_htmlareaEnabled != "" );            
 
-            $this->_notificationEnabled = $this->_request->getValue( "notificationEnabled" );
-            $this->_notificationEnabled = ($this->_htmlareaEnabled != "" );  
+            $this->_notificationsEnabled = $this->_request->getValue( "notificationsEnabled" );
+            $this->_notificationsEnabled = ($this->_notificationsEnabled != "" );  
 
 			return true;
 		}
@@ -116,7 +116,7 @@
 			$blogSettings = $this->_blogInfo->getSettings();
 			$blogSettings->setValue( "plugin_submissions_enabled", $this->_pluginEnabled );
 			$blogSettings->setValue( "plugin_submissions_htmlarea_enabled", $this->_htmlareaEnabled );
-			$blogSettings->setValue( "plugin_submissions_notifications_enabled", $this->_notificationEnabled );
+			$blogSettings->setValue( "plugin_submissions_notifications_enabled", $this->_notificationsEnabled );
 			$this->_blogInfo->setSettings( $blogSettings );
 			
 			// update the settings in the db, and make sure that everything went fine

Modified: plugins/branches/lifetype-1.2/submissions/pluginsubmissions.class.php
===================================================================
--- plugins/branches/lifetype-1.2/submissions/pluginsubmissions.class.php	2008-12-04 15:24:06 UTC (rev 6752)
+++ plugins/branches/lifetype-1.2/submissions/pluginsubmissions.class.php	2008-12-04 21:16:19 UTC (rev 6753)
@@ -19,7 +19,7 @@
 			$this->id = "submissions";
 			$this->desc = "Allows visitors to submit stories to the blog.";
 			$this->author = "The LifeType Project";
-			$this->version = "20080228";
+			$this->version = "20081204";
 			
 			$this->init();
 		}

Modified: plugins/branches/lifetype-1.2/submissions/templates/submitform.template
===================================================================
--- plugins/branches/lifetype-1.2/submissions/templates/submitform.template	2008-12-04 15:24:06 UTC (rev 6752)
+++ plugins/branches/lifetype-1.2/submissions/templates/submitform.template	2008-12-04 21:16:19 UTC (rev 6753)
@@ -16,15 +16,16 @@
 <form name="submission" method="post" action="{$url->getIndexUrl()}">
  <label for="userName" style="text-align:left">{$locale->tr("your_name")}</label>
  <input type="text" name="userName" value="{$userName}" style="width:100%" /><br/>
+ {if $errors.submissionUserName}<span style="background:red;color:white;font-weight:bold">&nbsp;!&nbsp;</span>&nbsp;{$message.submissionUserName}</p><br/>{/if}
  
  <label for="userEmailAddress" style="text-align:left">{$locale->tr("your_email_address")}</label>
  <input type="text" name="userEmailAddress" value="{$userEmailAddress}" style="width:100%" /><br/>
+ {if $errors.submissionUserEmailAddress}<span style="background:red;color:white;font-weight:bold">&nbsp;!&nbsp;</span>&nbsp;{$message.submissionUserEmailAddress}</p><br/>{/if}
  
  <label for="submissionTopic" style="text-align:left">{$locale->tr("story_topic")}</label>
  <input type="text" name="submissionTopic" value="{$submissionTopic}" style="width:100%" /><br/>
- {if $errors.submissionTopic}<span style="background:red;color:white;font-weight:bold">&nbsp;!&nbsp;</span>&nbsp;{$message.submissionTopic}</p>{/if}
+ {if $errors.submissionTopic}<span style="background:red;color:white;font-weight:bold">&nbsp;!&nbsp;</span>&nbsp;{$message.submissionTopic}</p><br/>{/if}
  <br/>
- <br/>
   
  <div>
  <div style="width:68%;float:left;padding-right:2%">
@@ -54,4 +55,4 @@
  {else}
   {$locale->tr("error_submissions_not_enabled")}
  {/if}
-{include file="$blogtemplate/footer.template"}
\ No newline at end of file
+{include file="$blogtemplate/footer.template"}

More information about the pLog-svn mailing list