lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX security in import of files

Browse Source
This commit is contained in:
Laurent Destailleur 2016-12-07 12:41:48 +01:00
parent f9ef6f52a6
commit 455a9ed4da
3 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/class/html.formfile.class.php
View File

@ -140,10 +140,8 @@ class FormFile
if ($perm)
{
$langs->load('other');
//$out .= ' ('.$langs->trans("MaxSize").': '.$max.' '.$langs->trans("Kb");
$out .= ' ';
$out.=info_admin($langs->trans("ThisLimitIsDefinedInSetup",$max,$maxphp),1);
//$out .= ')';
$out .= info_admin($langs->trans("ThisLimitIsDefinedInSetup",$max,$maxphp),1);
}
}
else

2
htdocs/core/modules/import/import_csv.modules.php
View File

@ -372,7 +372,7 @@ class ImportCsv extends ModeleImports
if ($isidorref == 'ref') // If value into input import file is a ref, we apply the function defined into descriptor
{
$file=$objimport->array_import_convertvalue[0][$val]['classfile'];
$file=(empty($objimport->array_import_convertvalue[0][$val]['classfile'])?$objimport->array_import_convertvalue[0][$val]['file']:$objimport->array_import_convertvalue[0][$val]['classfile']);
$class=$objimport->array_import_convertvalue[0][$val]['class'];
$method=$objimport->array_import_convertvalue[0][$val]['method'];
if ($this->cacheconvert[$file.'_'.$class.'_'.$method.'_'][$newval] != '')

42
htdocs/imports/import.php
View File

@ -529,7 +529,15 @@ if ($step == 3 && $datatoimport)
print '<form name="userfile" action="'.$_SERVER["PHP_SELF"].'" enctype="multipart/form-data" METHOD="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="max_file_size" value="'.$conf->maxfilesize.'">';
print '<input type="hidden" value="'.$step.'" name="step">';
print '<input type="hidden" value="'.$format.'" name="format">';
print '<input type="hidden" value="'.$excludefirstline.'" name="excludefirstline">';
print '<input type="hidden" value="'.$endatlinenb.'" name="endatlinenb">';
print '<input type="hidden" value="'.$separator.'" name="separator">';
print '<input type="hidden" value="'.$enclosure.'" name="enclosure">';
print '<input type="hidden" value="'.$datatoimport.'" name="datatoimport">';
print '<table class="noborder" width="100%" cellspacing="0" cellpadding="4">';
$filetoimport='';
@ -543,14 +551,30 @@ if ($step == 3 && $datatoimport)
$var=false;
print '<tr '.$bc[$var].'><td colspan="6">';
print '<input type="file" name="userfile" size="20" maxlength="80"> &nbsp; &nbsp; ';
print '<input type="submit" class="button" value="'.$langs->trans("AddFile").'" name="sendit">';
print '<input type="hidden" value="'.$step.'" name="step">';
print '<input type="hidden" value="'.$format.'" name="format">';
print '<input type="hidden" value="'.$excludefirstline.'" name="excludefirstline">';
print '<input type="hidden" value="'.$endatlinenb.'" name="endatlinenb">';
print '<input type="hidden" value="'.$separator.'" name="separator">';
print '<input type="hidden" value="'.$enclosure.'" name="enclosure">';
print '<input type="hidden" value="'.$datatoimport.'" name="datatoimport">';
$out = (empty($conf->global->MAIN_UPLOAD_DOC)?' disabled':'');
print '<input type="submit" class="button" value="'.$langs->trans("AddFile").'"'.$out.' name="sendit">';
$out='';
if (! empty($conf->global->MAIN_UPLOAD_DOC))
{
$max=$conf->global->MAIN_UPLOAD_DOC; // En Kb
$maxphp=@ini_get('upload_max_filesize'); // En inconnu
if (preg_match('/k$/i',$maxphp)) $maxphp=$maxphp*1;
if (preg_match('/m$/i',$maxphp)) $maxphp=$maxphp*1024;
if (preg_match('/g$/i',$maxphp)) $maxphp=$maxphp*1024*1024;
if (preg_match('/t$/i',$maxphp)) $maxphp=$maxphp*1024*1024*1024;
// Now $max and $maxphp are in Kb
if ($maxphp > 0) $max=min($max,$maxphp);
$langs->load('other');
$out .= ' ';
$out.=info_admin($langs->trans("ThisLimitIsDefinedInSetup",$max,$maxphp),1);
}
else
{
$out .= ' ('.$langs->trans("UploadDisabled").')';
}
print $out;
print '</td>';
print "</tr>\n";
// Search available imports