fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xss

Browse Source
This commit is contained in:
marcelo.cuiza
2015-03-16 17:36:45 -04:00
parent db29297e35
commit de8553d10a
5 changed files with 51 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
gulliver/methods/controls/calendar.php
View File

@@ -25,6 +25,9 @@
td {font-family: Tahoma, Verdana, sans-serif; font-size: 11px;} td {font-family: Tahoma, Verdana, sans-serif; font-size: 11px;}
</style> </style>
<?php <?php
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET);
$ARR_MONTHS = array ( "January", "February", "March", "April", "May", "June", $ARR_MONTHS = array ( "January", "February", "March", "April", "May", "June",
"July", "August", "September", "October", "November", "December"); "July", "August", "September", "October", "November", "December");
@@ -108,6 +111,11 @@
$end_date = mktime ( 0,0,0, $dt_currentMonth+1, + $i, $dt_currentYear ) ; $end_date = mktime ( 0,0,0, $dt_currentMonth+1, + $i, $dt_currentYear ) ;
} }
$numWeeks = ( $end_date - $start_date )/3600/24/7 ; $numWeeks = ( $end_date - $start_date )/3600/24/7 ;
$dtmin_value = $filter->xssFilterHard($dtmin_value);
$dtmax_value = $filter->xssFilterHard($dtmax_value);
$dt_currentYear = $filter->xssFilterHard($dt_currentYear);
$dt_currentMonth = $filter->xssFilterHard($dt_currentMonth);
//print date('Y-m-d', $start_date ) . " $dtmin_value $dtmax_value "; //print date('Y-m-d', $start_date ) . " $dtmin_value $dtmax_value ";
?> ?>

16
workflow/engine/controllers/adminProxy.php
View File

@@ -1009,6 +1009,12 @@ class adminProxy extends HttpProxyController
public function uploadImage() public function uploadImage()
{ {
//!dataSystem //!dataSystem
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_SERVER["REQUEST_URI"] = $filter->xssFilterHard($_SERVER["REQUEST_URI"]);
$_FILES = $filter->xssFilterHard($_FILES);
$ainfoSite = explode("/", $_SERVER["REQUEST_URI"]); $ainfoSite = explode("/", $_SERVER["REQUEST_URI"]);
$dir = PATH_DATA."sites".PATH_SEP.str_replace("sys","",$ainfoSite[1]).PATH_SEP."files/logos"; $dir = PATH_DATA."sites".PATH_SEP.str_replace("sys","",$ainfoSite[1]).PATH_SEP."files/logos";
global $_FILES; global $_FILES;
@@ -1035,8 +1041,10 @@ class adminProxy extends HttpProxyController
$uploaded = 0; $uploaded = 0;
$failed = 0; $failed = 0;
$files_img_type = $filter->xssFilterHard($_FILES['img']['type']);
if (in_array($_FILES['img']['type'], $allowedType)) { if (in_array($files_img_type, $allowedType)) {
// max upload file is 500 KB // max upload file is 500 KB
if ($_FILES['img']['size'] <= 500000) { if ($_FILES['img']['size'] <= 500000) {
$formf = $_FILES['img']; $formf = $_FILES['img'];
@@ -1055,7 +1063,7 @@ class adminProxy extends HttpProxyController
$arrayInfo = getimagesize($dir . '/' . 'tmp' . $fileName); $arrayInfo = getimagesize($dir . '/' . 'tmp' . $fileName);
$typeMime = $arrayInfo[2]; $typeMime = $arrayInfo[2];
} }
if ($typeMime == $allowedTypeArray['index' . base64_encode($_FILES['img']['type'])]) { if ($typeMime == $allowedTypeArray['index' . base64_encode($files_img_type)]) {
$error = false; $error = false;
try { try {
list($imageWidth, $imageHeight, $imageType) = @getimagesize($dir . '/' . 'tmp' . $fileName); list($imageWidth, $imageHeight, $imageType) = @getimagesize($dir . '/' . 'tmp' . $fileName);
@@ -1075,10 +1083,10 @@ class adminProxy extends HttpProxyController
} else { } else {
$failed = "2"; $failed = "2";
} }
} elseif ($_FILES['img']['type'] != '') { } elseif ($files_img_type != '') {
$failed = "1"; $failed = "1";
} }
echo '{success: true, failed: ' . $failed . ', uploaded: ' . $uploaded . ', type: "' . $_FILES['img']['type'] . '"}'; echo '{success: true, failed: ' . $failed . ', uploaded: ' . $uploaded . ', type: "' . $files_img_type . '"}';
exit(); exit();
} }

6
workflow/engine/methods/cases/ajaxListener.php
View File

@@ -33,6 +33,12 @@
//require_once 'classes/model/AppDelay.php'; //require_once 'classes/model/AppDelay.php';
//require_once 'classes/model/Process.php'; //require_once 'classes/model/Process.php';
//require_once 'classes/model/Task.php'; //require_once 'classes/model/Task.php';
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_POST = $filter->xssFilterHard($_POST);
if(isset($_REQUEST['action']) && $_REQUEST['action'] == "verifySession" ) { if(isset($_REQUEST['action']) && $_REQUEST['action'] == "verifySession" ) {
if (!isset($_SESSION['USER_LOGGED'])) { if (!isset($_SESSION['USER_LOGGED'])) {
$response = new stdclass(); $response = new stdclass();

7
workflow/engine/methods/cases/casesHistoryDynaformPage_Ajax.php
View File

@@ -21,6 +21,13 @@
* For more information, contact Colosa Inc, 2566 Le Jeune Rd., * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com. * Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/ */
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET);
$_POST = $filter->xssFilterHard($_POST);
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_SESSION = $filter->xssFilterHard($_SESSION);
$actionAjax = isset( $_REQUEST['actionAjax'] ) ? $_REQUEST['actionAjax'] : null; $actionAjax = isset( $_REQUEST['actionAjax'] ) ? $_REQUEST['actionAjax'] : null;

19
workflow/engine/methods/cases/cases_Ajax.php
View File

@@ -1,4 +1,11 @@
<?php <?php
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET);
$_POST = $filter->xssFilterHard($_POST);
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_SESSION = $filter->xssFilterHard($_SESSION);
if (!isset($_SESSION['USER_LOGGED'])) { if (!isset($_SESSION['USER_LOGGED'])) {
$response = new stdclass(); $response = new stdclass();
$response->message = G::LoadTranslation('ID_LOGIN_AGAIN'); $response->message = G::LoadTranslation('ID_LOGIN_AGAIN');
@@ -243,12 +250,16 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
G::RenderPage( 'publish', 'raw' ); G::RenderPage( 'publish', 'raw' );
break; break;
case 'showUsers': case 'showUsers':
$_POST['TAS_ASSIGN_TYPE'] = $filter->xssFilterHard($_POST['TAS_ASSIGN_TYPE']);
switch ($_POST['TAS_ASSIGN_TYPE']) { switch ($_POST['TAS_ASSIGN_TYPE']) {
// switch verify $_POST['TAS_ASSIGN_TYPE'] // switch verify $_POST['TAS_ASSIGN_TYPE']
case 'BALANCED': case 'BALANCED':
$_POST['USR_UID'] = $filter->xssFilterHard($_POST['USR_UID']);
G::LoadClass( 'user' ); G::LoadClass( 'user' );
$oUser = new User( new DBConnection() ); $oUser = new User( new DBConnection() );
$oUser->load( $_POST['USR_UID'] ); $oUser->load( $_POST['USR_UID'] );
$oUser->Fields['USR_FIRSTNAME'] = $filter->xssFilterHard($oUser->Fields['USR_FIRSTNAME']);
$oUser->Fields['USR_LASTNAME'] = $filter->xssFilterHard($oUser->Fields['USR_LASTNAME']);
echo $oUser->Fields['USR_FIRSTNAME'] . ' ' . $oUser->Fields['USR_LASTNAME'] . '<input type="hidden" name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]" value="' . $_POST['USR_UID'] . '">'; echo $oUser->Fields['USR_FIRSTNAME'] . ' ' . $oUser->Fields['USR_LASTNAME'] . '<input type="hidden" name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]" value="' . $_POST['USR_UID'] . '">';
break; break;
case 'MANUAL': case 'MANUAL':
@@ -300,6 +311,8 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
echo $sAux; echo $sAux;
break; break;
case 'EVALUATE': case 'EVALUATE':
$_POST['TAS_ASSIGN_VARIABLE'] = $filter->xssFilterHard($_POST['TAS_ASSIGN_VARIABLE']);
$_SESSION['APPLICATION'] = $filter->xssFilterHard($_SESSION['APPLICATION']);
G::LoadClass( 'application' ); G::LoadClass( 'application' );
$oApplication = new Application( new DBConnection() ); $oApplication = new Application( new DBConnection() );
$oApplication->load( $_SESSION['APPLICATION'] ); $oApplication->load( $_SESSION['APPLICATION'] );
@@ -315,7 +328,8 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
$oUser->load( $sUser ); $oUser->load( $sUser );
echo $oUser->Fields['USR_FIRSTNAME'] . ' ' . $oUser->Fields['USR_LASTNAME'] . '<input type="hidden" name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]" value="' . $sUser . '">'; echo $oUser->Fields['USR_FIRSTNAME'] . ' ' . $oUser->Fields['USR_LASTNAME'] . '<input type="hidden" name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]" value="' . $sUser . '">';
} else { } else {
echo '<strong>Error: </strong>' . $_POST['TAS_ASSIGN_VARIABLE'] . ' ' . G::LoadTranslation( 'ID_EMPTY' ); $ID_EMPTY = $filter->xssFilterHard(G::LoadTranslation( 'ID_EMPTY' ));
echo '<strong>Error: </strong>' . $_POST['TAS_ASSIGN_VARIABLE'] . ' ' . $ID_EMPTY;
echo '<input type="hidden" name="_ERROR_" id="_ERROR_" value="">'; echo '<input type="hidden" name="_ERROR_" id="_ERROR_" value="">';
} }
break; break;
@@ -447,6 +461,9 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
$cases->reassignCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $_POST['USR_UID'], $_POST['THETYPE'] ); $cases->reassignCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $_POST['USR_UID'], $_POST['THETYPE'] );
break; break;
case 'toRevisePanel': case 'toRevisePanel':
$_POST['APP_UID'] = $filter->xssFilterHard($_POST['APP_UID']);
$_POST['DEL_INDEX'] = $filter->xssFilterHard($_POST['DEL_INDEX']);
$_GET['APP_UID'] = $_POST['APP_UID']; $_GET['APP_UID'] = $_POST['APP_UID'];
$_GET['DEL_INDEX'] = $_POST['DEL_INDEX']; $_GET['DEL_INDEX'] = $_POST['DEL_INDEX'];
$G_PUBLISH = new Publisher(); $G_PUBLISH = new Publisher();