Fix security check

2021-03-18 20:57:50 +01:00 · 2021-03-18 20:57:50 +01:00 · 9ba568eb25
commit 9ba568eb25
parent d881c73e58
4 changed files with 32 additions and 16 deletions
--- a/htdocs/compta/bank/card.php
+++ b/htdocs/compta/bank/card.php
@ -54,12 +54,6 @@ $langs->loadLangs(array("banks", "bills", "categories", "companies", "compta"));
 $action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');

-// Security check
-$id = GETPOST("id", 'int') ? GETPOST("id", 'int') : GETPOST('ref', 'alpha');
-$fieldid = GETPOSTISSET("ref") ? 'ref' : 'rowid';
-
-$result = restrictedArea($user, 'banque', $id, 'bank_account&bank_account', '', '', $fieldid);
-
 $object = new Account($db);
 $extrafields = new ExtraFields($db);

@ -69,6 +63,12 @@ $extrafields->fetch_name_optionals_label($object->table_element);
 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
 $hookmanager->initHooks(array('bankcard', 'globalcard'));

+// Security check
+$id = GETPOST("id", 'int') ? GETPOST("id", 'int') : GETPOST('ref', 'alpha');
+$fieldid = GETPOSTISSET("ref") ? 'ref' : 'rowid';
+$result = restrictedArea($user, 'banque', $id, 'bank_account&bank_account', '', '', $fieldid);
+
+
 /*
 * Actions
 */
--- a/htdocs/compta/bank/document.php
+++ b/htdocs/compta/bank/document.php
@ -71,6 +71,7 @@ if ($id > 0 || !empty($ref)) {
 	$object->fetch($id, $ref);
 }

+
 $result = restrictedArea($user, 'banque', $object->id, 'bank_account', '', '');


--- a/htdocs/compta/bank/info.php
+++ b/htdocs/compta/bank/info.php
@ -30,6 +30,18 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 $langs->loadLangs(array('banks', 'categories', 'companies'));

 $id = GETPOST("rowid", 'int');
+$ref = GETPOST('ref', 'alpha');
+
+// Security check
+$fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : ''));
+$fieldtype = (!empty($ref) ? 'ref' : 'rowid');
+if ($user->socid) {
+	$socid = $user->socid;
+}
+$result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '', $fieldtype);
+if (!$user->rights->banque->lire && !$user->rights->banque->consolidate) {
+	accessforbidden();
+}


 /*
--- a/htdocs/compta/bank/treso.php
+++ b/htdocs/compta/bank/treso.php
@ -37,22 +37,23 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 $langs->loadLangs(array('banks', 'categories', 'bills', 'companies'));

 // Security check
-if (isset($_GET["account"]) || isset($_GET["ref"])) {
-	$id = isset($_GET["account"]) ? $_GET["account"] : (isset($_GET["ref"]) ? $_GET["ref"] : '');
+if (GETPOSTISSET("account") || GETPOSTISSET("ref")) {
+	$id = GETPOSTISSET("account") ? GETPOST("account") : (GETPOSTISSET("ref") ? GETPOST("ref") : '');
 }
-$fieldid = isset($_GET["ref"]) ? 'ref' : 'rowid';
+$fieldid = GETPOSTISSET("ref") ? 'ref' : 'rowid';
 if ($user->socid) {
 	$socid = $user->socid;
 }
 $result = restrictedArea($user, 'banque', $id, 'bank_account&bank_account', '', '', $fieldid);


-$vline = isset($_GET["vline"]) ? $_GET["vline"] : $_POST["vline"];
-$page = isset($_GET["page"]) ? $_GET["page"] : 0;
+$vline = GETPOST('vline');
+$page = GETPOSTISSET("page") ? GETPOST("page") : 0;

 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
 $hookmanager->initHooks(array('banktreso', 'globalcard'));

+
 /*
 * View
 */
@ -68,7 +69,7 @@ $socialcontribstatic = new ChargeSociales($db);

 $form = new Form($db);

-if ($_REQUEST["account"] || $_REQUEST["ref"]) {
+if (GETPOST("account") || GETPOST("ref")) {
 	if ($vline) {
 		$viewline = $vline;
 	} else {
@ -76,11 +77,11 @@ if ($_REQUEST["account"] || $_REQUEST["ref"]) {
 	}

 	$object = new Account($db);
-	if ($_GET["account"]) {
-		$result = $object->fetch($_GET["account"]);
+	if (GETPOST("account", 'int')) {
+		$result = $object->fetch(GETPOST("account", 'int'));
 	}
-	if ($_GET["ref"]) {
-		$result = $object->fetch(0, $_GET["ref"]);
+	if (GETPOST("ref")) {
+		$result = $object->fetch(0, GETPOST("ref"));
 		$_GET["account"] = $object->id;
 	}

@ -91,6 +92,8 @@ if ($_REQUEST["account"] || $_REQUEST["ref"]) {

 	$linkback = '<a href="'.DOL_URL_ROOT.'/compta/bank/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';

+	$morehtmlref = '';
+
 	dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);

 	print dol_get_fiche_end();