Fix CWE-269 huntr
This commit is contained in:
Laurent Destailleur
parent
11fa523070
commit
4df70dc3f4
@ -188,7 +188,7 @@ if ($action == 'add' && $permtoadd) {
|
||||
exit;
|
||||
}
|
||||
}
|
||||
} elseif ($action == 'confirm_deletesection' && $confirm == 'yes') {
|
||||
} elseif ($action == 'confirm_deletesection' && $confirm == 'yes' && $permtoadd) {
|
||||
// Deleting file
|
||||
$result = $ecmdir->delete($user);
|
||||
setEventMessages($langs->trans("ECMSectionWasRemoved", $ecmdir->label), null, 'mesgs');
|
||||
|
||||
@ -88,17 +88,23 @@ if ($module == 'ecm') {
|
||||
}
|
||||
|
||||
// Permissions
|
||||
$permtoread = 0;
|
||||
$permtoadd = 0;
|
||||
$permtoupload = 0;
|
||||
if ($module == 'ecm') {
|
||||
$permtoread = $user->rights->ecm->read;
|
||||
$permtoadd = $user->rights->ecm->setup;
|
||||
$permtoupload = $user->rights->ecm->upload;
|
||||
}
|
||||
if ($module == 'medias') {
|
||||
$permtoread = ($user->rights->mailing->lire || $user->rights->website->read);
|
||||
$permtoadd = ($user->rights->mailing->creer || $user->rights->website->write);
|
||||
$permtoupload = ($user->rights->mailing->creer || $user->rights->website->write);
|
||||
}
|
||||
|
||||
if (!$permtoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
@ -106,7 +112,7 @@ if ($module == 'medias') {
|
||||
*/
|
||||
|
||||
// Upload file
|
||||
if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) {
|
||||
if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC) && $permtoupload) {
|
||||
if (dol_mkdir($upload_dir) >= 0) {
|
||||
$resupload = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir."/".dol_unescapefile($_FILES['userfile']['name']), 0, 0, $_FILES['userfile']['error']);
|
||||
if (is_numeric($resupload) && $resupload > 0) {
|
||||
@ -131,7 +137,7 @@ if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) {
|
||||
}
|
||||
|
||||
// Remove file
|
||||
if ($action == 'confirm_deletefile' && $confirm == 'yes') {
|
||||
if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permtoupload) {
|
||||
$langs->load("other");
|
||||
$file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
|
||||
$ret = dol_delete_file($file);
|
||||
@ -145,7 +151,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') {
|
||||
}
|
||||
|
||||
// Remove dir
|
||||
if ($action == 'confirm_deletedir' && $confirm == 'yes') {
|
||||
if ($action == 'confirm_deletedir' && $confirm == 'yes' && $permtoupload) {
|
||||
$backtourl = DOL_URL_ROOT."/ecm/index.php";
|
||||
if ($module == 'medias') {
|
||||
$backtourl = DOL_URL_ROOT."/website/index.php?file_manager=1";
|
||||
@ -181,7 +187,7 @@ if ($action == 'confirm_deletedir' && $confirm == 'yes') {
|
||||
}
|
||||
|
||||
// Update dirname or description
|
||||
if ($action == 'update' && !GETPOST('cancel', 'alpha')) {
|
||||
if ($action == 'update' && !GETPOST('cancel', 'alpha') && $permtoadd) {
|
||||
$error = 0;
|
||||
|
||||
if ($module == 'ecm') {
|
||||
|
||||
@ -36,10 +36,6 @@ $action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
if (!$user->rights->ecm->setup) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Get parameters
|
||||
$socid = GETPOST("socid", "int");
|
||||
|
||||
@ -105,6 +101,14 @@ if ($result < 0) {
|
||||
exit;
|
||||
}
|
||||
|
||||
// Permissions
|
||||
$permtoread = $user->rights->ecm->read;
|
||||
$permtoadd = $user->rights->ecm->setup;
|
||||
$permtoupload = $user->rights->ecm->upload;
|
||||
|
||||
if (!$permtoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
@ -123,7 +127,7 @@ if ($cancel) {
|
||||
}
|
||||
|
||||
// Rename file
|
||||
if ($action == 'update') {
|
||||
if ($action == 'update' && $permtoadd) {
|
||||
$error = 0;
|
||||
|
||||
$oldlabel = GETPOST('urlfile', 'alpha');
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
/**
|
||||
* \file htdocs/ecm/file_note.php
|
||||
* \ingroup ecm
|
||||
* \brief Fiche de notes sur une ecm file
|
||||
* \brief Tab for notes on an ECM file
|
||||
*/
|
||||
|
||||
require '../main.inc.php';
|
||||
@ -39,10 +39,6 @@ $ref = GETPOST('ref', 'alpha');
|
||||
$socid = GETPOST('socid', 'int');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
if (!$user->rights->ecm->setup) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Get parameters
|
||||
$socid = GETPOST("socid", "int");
|
||||
// Security check
|
||||
@ -109,6 +105,13 @@ if ($result < 0) {
|
||||
|
||||
$permissionnote = $user->rights->ecm->setup; // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
$permtoread = $user->rights->ecm->read;
|
||||
|
||||
if (!$permtoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
@ -34,12 +34,6 @@ require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("ecm", "companies", "other", "users", "orders", "propal", "bills", "contracts"));
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'ecm', 0);
|
||||
|
||||
// Get parameters
|
||||
$socid = GETPOST('socid', 'int');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
@ -81,6 +75,12 @@ $userstatic = new User($db);
|
||||
|
||||
$error = 0;
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$result = restrictedArea($user, 'ecm', 0);
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -84,6 +84,12 @@ if (!empty($section)) {
|
||||
}
|
||||
}
|
||||
|
||||
$permtoread = $user->rights->ecm->read;
|
||||
|
||||
if (!$permtoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
Loading…
Reference in New Issue
Block a user