From 92b8f3238658782e6eb5a4285185a8fae6665f05 Mon Sep 17 00:00:00 2001 From: Georg Ehrke Date: Thu, 2 Feb 2012 15:01:05 +0100 Subject: Calendar: Bugfix: better input validation --- apps/calendar/ajax/createcalendar.php | 2 +- apps/calendar/ajax/events.php | 4 ++-- apps/calendar/ajax/updatecalendar.php | 2 +- apps/calendar/js/calendar.js | 1 + apps/calendar/templates/part.eventform.php | 6 +++--- 5 files changed, 8 insertions(+), 7 deletions(-) diff --git a/apps/calendar/ajax/createcalendar.php b/apps/calendar/ajax/createcalendar.php index b719b207c74..08bf7b4ee49 100644 --- a/apps/calendar/ajax/createcalendar.php +++ b/apps/calendar/ajax/createcalendar.php @@ -25,7 +25,7 @@ foreach($calendars as $cal){ } $userid = OC_User::getUser(); -$calendarid = OC_Calendar_Calendar::addCalendar($userid, $_POST['name'], 'VEVENT,VTODO,VJOURNAL', null, 0, $_POST['color']); +$calendarid = OC_Calendar_Calendar::addCalendar($userid, htmlspecialchars($_POST['name']), 'VEVENT,VTODO,VJOURNAL', null, 0, $_POST['color']); OC_Calendar_Calendar::setCalendarActive($calendarid, 1); $calendar = OC_Calendar_Calendar::find($calendarid); diff --git a/apps/calendar/ajax/events.php b/apps/calendar/ajax/events.php index 998991c2fb4..75fac6838d7 100644 --- a/apps/calendar/ajax/events.php +++ b/apps/calendar/ajax/events.php @@ -11,8 +11,8 @@ require_once('../../../3rdparty/when/When.php'); function addoutput($event, $vevent, $return_event){ $return_event['id'] = (int)$event['id']; - $return_event['title'] = $event['summary']; - $return_event['description'] = isset($vevent->DESCRIPTION)?$vevent->DESCRIPTION->value:''; + $return_event['title'] = htmlspecialchars($event['summary']); + $return_event['description'] = isset($vevent->DESCRIPTION)?htmlspecialchars($vevent->DESCRIPTION->value):''; $last_modified = $vevent->__get('LAST-MODIFIED'); if ($last_modified){ $lastmodified = $last_modified->getDateTime()->format('U'); diff --git a/apps/calendar/ajax/updatecalendar.php b/apps/calendar/ajax/updatecalendar.php index 269b7b7ca06..90dafd35b68 100644 --- a/apps/calendar/ajax/updatecalendar.php +++ b/apps/calendar/ajax/updatecalendar.php @@ -26,7 +26,7 @@ foreach($calendars as $cal){ $calendarid = $_POST['id']; $calendar = OC_Calendar_App::getCalendar($calendarid);//access check -OC_Calendar_Calendar::editCalendar($calendarid, $_POST['name'], null, null, null, $_POST['color']); +OC_Calendar_Calendar::editCalendar($calendarid, htmlspecialchars($_POST['name']), null, null, null, $_POST['color']); OC_Calendar_Calendar::setCalendarActive($calendarid, $_POST['active']); $calendar = OC_Calendar_App::getCalendar($calendarid); diff --git a/apps/calendar/js/calendar.js b/apps/calendar/js/calendar.js index afd1b692dd4..64c029404cb 100644 --- a/apps/calendar/js/calendar.js +++ b/apps/calendar/js/calendar.js @@ -698,6 +698,7 @@ $(document).ready(function(){ eventDrop: Calendar.UI.moveEvent, eventResize: Calendar.UI.resizeEvent, eventRender: function(event, element) { + element.find('span.fc-event-title').html(element.find('span.fc-event-title').text()); element.tipsy({ className: 'tipsy-event', opacity: 0.9, diff --git a/apps/calendar/templates/part.eventform.php b/apps/calendar/templates/part.eventform.php index 1f2073f4bc7..49214aca77c 100644 --- a/apps/calendar/templates/part.eventform.php +++ b/apps/calendar/templates/part.eventform.php @@ -2,7 +2,7 @@ t("Title");?>: - " value="" maxlength="100" name="title"/> + " value="" maxlength="100" name="title"/> @@ -207,7 +207,7 @@ t("Location");?>: - " value="" maxlength="100" name="location" /> + " value="" maxlength="100" name="location" /> @@ -215,7 +215,7 @@ t("Description");?>: - + -- cgit v1.2.3 From 66b96e4440961483d026473fc6242599b3d51550 Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Thu, 2 Feb 2012 16:46:38 +0100 Subject: Sanitize in- and output. --- apps/contacts/ajax/addcard.php | 2 +- apps/contacts/ajax/addproperty.php | 2 ++ apps/contacts/ajax/setproperty.php | 6 +++- apps/contacts/templates/part.property.FN.php | 4 +-- apps/contacts/templates/part.property.php | 20 ++++++------- apps/contacts/templates/part.setpropertyform.php | 36 ++++++++++++------------ 6 files changed, 38 insertions(+), 32 deletions(-) diff --git a/apps/contacts/ajax/addcard.php b/apps/contacts/ajax/addcard.php index 140d6a48095..f15a1685840 100644 --- a/apps/contacts/ajax/addcard.php +++ b/apps/contacts/ajax/addcard.php @@ -77,7 +77,7 @@ foreach( $add as $propname){ ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form! $value = OC_VObject::escapeSemicolons($value); } - $vcard->addProperty($propname, $value); //, $prop_parameters); + $vcard->addProperty($propname, strip_tags($value)); //, $prop_parameters); $line = count($vcard->children) - 1; foreach ($prop_parameters as $key=>$element) { if(is_array($element) && strtoupper($key) == 'TYPE') { diff --git a/apps/contacts/ajax/addproperty.php b/apps/contacts/ajax/addproperty.php index c90af217c87..a00346c7dff 100644 --- a/apps/contacts/ajax/addproperty.php +++ b/apps/contacts/ajax/addproperty.php @@ -67,6 +67,8 @@ foreach($current as $item) { if(is_array($value)) { ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form! +} else { + $value = strip_tags($value); } $property = $vcard->addProperty($name, $value); //, $parameters); diff --git a/apps/contacts/ajax/setproperty.php b/apps/contacts/ajax/setproperty.php index cf3fe582247..f9e2a8e8647 100644 --- a/apps/contacts/ajax/setproperty.php +++ b/apps/contacts/ajax/setproperty.php @@ -37,9 +37,13 @@ $line = OC_Contacts_App::getPropertyLineByChecksum($vcard, $checksum); $value = $_POST['value']; if(is_array($value)){ ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form! + foreach(array_keys($value) as $key) { + OC_Log::write('contacts','ajax/setproperty.php: setting: '.$key.': '.$value[$key], OC_Log::DEBUG); + } + $value = OC_VObject::escapeSemicolons($value); } OC_Log::write('contacts','ajax/setproperty.php: setting: '.$vcard->children[$line]->name.': '.$value, OC_Log::DEBUG); -$vcard->children[$line]->setValue($value); +$vcard->children[$line]->setValue(strip_tags($value)); // Add parameters $postparameters = isset($_POST['parameters'])?$_POST['parameters']:array(); diff --git a/apps/contacts/templates/part.property.FN.php b/apps/contacts/templates/part.property.FN.php index 83cef94e303..c9e21c20e60 100644 --- a/apps/contacts/templates/part.property.FN.php +++ b/apps/contacts/templates/part.property.FN.php @@ -1,9 +1,9 @@

- +

diff --git a/apps/contacts/templates/part.property.php b/apps/contacts/templates/part.property.php index e4010397500..7b23fae45b5 100644 --- a/apps/contacts/templates/part.property.php +++ b/apps/contacts/templates/part.property.php @@ -8,21 +8,21 @@

t('Organization'); ?>

- +

t('Email'); ?>

- +

t('Preferred').' ' : '' ?>t('Phone'); ?>

- +

-
+
-
+
-
+
-
+
-
+
-
+
- + diff --git a/apps/contacts/templates/part.setpropertyform.php b/apps/contacts/templates/part.setpropertyform.php index 49fa9662146..93ade8faaa7 100644 --- a/apps/contacts/templates/part.setpropertyform.php +++ b/apps/contacts/templates/part.setpropertyform.php @@ -5,18 +5,18 @@

-
+
-
+
-
- - +
+ +

-

+

@@ -32,60 +32,60 @@
- +
- - + +
- + - +
- +
- +

-

+

-

+

-

+

-- cgit v1.2.3 From 6225b5ec869922a8e292610794bfda0f4dfdd77d Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Thu, 2 Feb 2012 17:53:46 +0100 Subject: More in-/output sanitation, --- apps/contacts/ajax/createaddressbook.php | 2 +- apps/contacts/templates/part.chooseaddressbook.rowfields.php | 2 +- apps/contacts/templates/part.editaddressbook.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/contacts/ajax/createaddressbook.php b/apps/contacts/ajax/createaddressbook.php index edcf794f497..3d766b6a60a 100644 --- a/apps/contacts/ajax/createaddressbook.php +++ b/apps/contacts/ajax/createaddressbook.php @@ -15,7 +15,7 @@ OC_JSON::checkLoggedIn(); OC_JSON::checkAppEnabled('contacts'); $userid = OC_User::getUser(); -$bookid = OC_Contacts_Addressbook::add($userid, $_POST['name'], null); +$bookid = OC_Contacts_Addressbook::add($userid, strip_tags($_POST['name']), null); if(!$bookid) { OC_JSON::error(array('data' => array('message' => $l->t('Error adding addressbook.')))); OC_Log::write('contacts','ajax/createaddressbook.php: Error adding addressbook: '.$_POST['name'], OC_Log::ERROR); diff --git a/apps/contacts/templates/part.chooseaddressbook.rowfields.php b/apps/contacts/templates/part.chooseaddressbook.rowfields.php index 0cbfe2bf803..95a4b2362aa 100644 --- a/apps/contacts/templates/part.chooseaddressbook.rowfields.php +++ b/apps/contacts/templates/part.chooseaddressbook.rowfields.php @@ -1,5 +1,5 @@ "; - echo ""; + echo ""; echo "t("CardDav Link") . "\" class=\"action\">t("Download") . "\" class=\"action\">t("Edit") . "\" class=\"action\" onclick=\"Contacts.UI.Addressbooks.editAddressbook(this, " . $_['addressbook']["id"] . ");\">t("Delete") . "\" class=\"action\">"; diff --git a/apps/contacts/templates/part.editaddressbook.php b/apps/contacts/templates/part.editaddressbook.php index 48fe5c3b378..c1c585687c4 100644 --- a/apps/contacts/templates/part.editaddressbook.php +++ b/apps/contacts/templates/part.editaddressbook.php @@ -11,7 +11,7 @@ t('Displayname') ?> - + -- cgit v1.2.3 From bfa69c3e591e0c9f930af7948364e1aae4bdff8b Mon Sep 17 00:00:00 2001 From: Georg Ehrke Date: Thu, 2 Feb 2012 18:36:37 +0100 Subject: add a label calendar to the settings page - bugfix for oc-157 --- apps/calendar/templates/settings.php | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/calendar/templates/settings.php b/apps/calendar/templates/settings.php index fc8e0e061d9..e174378d02d 100644 --- a/apps/calendar/templates/settings.php +++ b/apps/calendar/templates/settings.php @@ -9,6 +9,7 @@ ?>
+ t('Calendar'); ?>
+ + +
+
+ + -- cgit v1.2.3 From 5a106d10361865dfd5cffe8809caee73ff410c4c Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Sat, 4 Feb 2012 10:30:32 +0100 Subject: gallery: fix FS hooks --- apps/gallery/lib/album.php | 1 + apps/gallery/lib/hooks_handlers.php | 10 ++++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/apps/gallery/lib/album.php b/apps/gallery/lib/album.php index 502237481a9..167813a1a31 100644 --- a/apps/gallery/lib/album.php +++ b/apps/gallery/lib/album.php @@ -54,6 +54,7 @@ class OC_Gallery_Album { public static function removeByPath($path, $owner) { $album = self::find($owner, null, $path); $album = $album->fetchRow(); + error_log($path . '--' . $album['album_name']); self::remove($owner, $album['album_name']); OC_Gallery_Photo::removeByAlbumId($album['album_id']); // find and remove any gallery which might be stored lower in dir hierarchy diff --git a/apps/gallery/lib/hooks_handlers.php b/apps/gallery/lib/hooks_handlers.php index 236a4b96a07..605cb0d0037 100644 --- a/apps/gallery/lib/hooks_handlers.php +++ b/apps/gallery/lib/hooks_handlers.php @@ -58,12 +58,18 @@ class OC_Gallery_Hooks_Handlers { return OC_Gallery_Album::find(OC_User::getUser(), null, $path); } + public static function pathInRoot($path) { + $root = OC_Appconfig::getValue('gallery', 'root', '/'); + return substr($path, 0, strlen($path)>strlen($root)?strlen($root):strlen($path)) == $root; + } + public static function addPhotoFromPath($params) { $fullpath = $params[OC_Filesystem::signal_param_path]; if (!self::isPhoto($fullpath)) return; $path = substr($fullpath, 0, strrpos($fullpath, '/')); + if (!self::pathInRoot($path)) return; OC_Gallery_Scanner::scanDir($path, $albums); } @@ -71,8 +77,8 @@ class OC_Gallery_Hooks_Handlers { public static function removePhoto($params) { $path = $params[OC_Filesystem::signal_param_path]; if (OC_Filesystem::is_dir($path) && self::directoryContainsPhotos($path)) { - OC_Gallery_Album::removeByPath($path, OC_User::getUser()); - OC_Gallery_Photo::removeByPath($path.'/%'); + if(!self::pathInRoot($path)) return; + OC_Gallery_Album::removeByPath($path.'/', OC_User::getUser()); } elseif (self::isPhoto($path)) { OC_Gallery_Photo::removeByPath($path); } -- cgit v1.2.3 From f1672d7d10477026cfa4f49a8ec7c71e03f3f6ba Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Sat, 4 Feb 2012 11:02:13 +0100 Subject: handling special chars in dirnames --- apps/gallery/ajax/galleryOp.php | 4 ++-- apps/gallery/js/albums.js | 4 ++-- apps/gallery/lib/album.php | 1 - apps/gallery/lib/scanner.php | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/apps/gallery/ajax/galleryOp.php b/apps/gallery/ajax/galleryOp.php index 187cd8af292..1233b49052f 100644 --- a/apps/gallery/ajax/galleryOp.php +++ b/apps/gallery/ajax/galleryOp.php @@ -104,7 +104,7 @@ if ($_GET['operation']) { OC_JSON::success(); break; case 'get_covers': - handleGetThumbnails($_GET['albumname']); + handleGetThumbnails(urldecode($_GET['albumname'])); break; case 'scan': handleGalleryScanning(); @@ -113,7 +113,7 @@ if ($_GET['operation']) { handleFilescan($_GET['cleanup']); break; case 'partial_create': - handlePartialCreate($_GET['path']); + handlePartialCreate(urldecode($_GET['path'])); break; case 'store_settings': handleStoreSettings($_GET['root'], $_GET['order']); diff --git a/apps/gallery/js/albums.js b/apps/gallery/js/albums.js index 01e146a2f12..987412f28e0 100644 --- a/apps/gallery/js/albums.js +++ b/apps/gallery/js/albums.js @@ -54,12 +54,12 @@ Albums={ event.preventDefault(); galleryRemove(event.data.name); }); - $("a.view", local).attr('href','?view='+a.name); + $("a.view", local).attr('href','?view='+escape(a.name)); $('h1',local).text(a.name); $(".gallery_album_cover", local).attr('title',a.name); $(".gallery_album_cover", local).css('background-repeat', 'no-repeat'); $(".gallery_album_cover", local).css('background-position', '0'); - $(".gallery_album_cover", local).css('background-image','url("ajax/galleryOp.php?operation=get_covers&albumname='+a.name+'")'); + $(".gallery_album_cover", local).css('background-image','url("ajax/galleryOp.php?operation=get_covers&albumname='+escape(a.name)+'")'); $(".gallery_album_cover", local).mousemove(function(e) { var albumMetadata = Albums.find(this.title); diff --git a/apps/gallery/lib/album.php b/apps/gallery/lib/album.php index 167813a1a31..502237481a9 100644 --- a/apps/gallery/lib/album.php +++ b/apps/gallery/lib/album.php @@ -54,7 +54,6 @@ class OC_Gallery_Album { public static function removeByPath($path, $owner) { $album = self::find($owner, null, $path); $album = $album->fetchRow(); - error_log($path . '--' . $album['album_name']); self::remove($owner, $album['album_name']); OC_Gallery_Photo::removeByAlbumId($album['album_id']); // find and remove any gallery which might be stored lower in dir hierarchy diff --git a/apps/gallery/lib/scanner.php b/apps/gallery/lib/scanner.php index dfb9edebfea..2af63d8bf0e 100644 --- a/apps/gallery/lib/scanner.php +++ b/apps/gallery/lib/scanner.php @@ -106,7 +106,7 @@ class OC_Gallery_Scanner { if (self::isPhoto($path.$file)) $addpath = TRUE; } - if ($addpath) $ret[] = $path; + if ($addpath) $ret[] = urlencode($path); return $ret; } -- cgit v1.2.3 From f6a27dfa2898ab23527d4efe8063ff32895b52e8 Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Sat, 4 Feb 2012 15:35:58 +0100 Subject: stripping root from gallery name --- apps/gallery/lib/scanner.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/apps/gallery/lib/scanner.php b/apps/gallery/lib/scanner.php index 2af63d8bf0e..13800f48e69 100644 --- a/apps/gallery/lib/scanner.php +++ b/apps/gallery/lib/scanner.php @@ -39,12 +39,19 @@ class OC_Gallery_Scanner { $stmt->execute(array()); } + public static function createName($name) { + $root = OC_Appconfig::getValue('gallery', 'root', '/'); + $name = str_replace('/', '.', str_replace(OC::$CONFIG_DATADIRECTORY, '', $name)); + if (substr($name, 0, strlen($root)) == str_replace('/','.',$root)) { + $name = substr($name, strlen($root)); + } + $name = ($name==='.') ? 'main' : trim($name,'.'); + return $name; + } + public static function scanDir($path, &$albums) { $current_album = array('name'=> $path, 'imagesCount' => 0, 'images' => array()); - $current_album['name'] = str_replace('/', '.', str_replace(OC::$CONFIG_DATADIRECTORY, '', $current_album['name'])); - $current_album['name'] = ($current_album['name']==='.') ? - 'main' : - trim($current_album['name'],'.'); + $current_album['name'] = self::createName($current_album['name']); if ($dh = OC_Filesystem::opendir($path)) { while (($filename = readdir($dh)) !== false) { -- cgit v1.2.3 From cfc710e7683a3e16e80fd0f2b6e8bef047e8502c Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Sat, 4 Feb 2012 20:15:55 +0100 Subject: preferences store fix --- apps/gallery/ajax/galleryOp.php | 8 ++++---- apps/gallery/lib/album.php | 2 +- apps/gallery/lib/hooks_handlers.php | 2 +- apps/gallery/lib/scanner.php | 2 +- apps/gallery/templates/index.php | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/gallery/ajax/galleryOp.php b/apps/gallery/ajax/galleryOp.php index 1233b49052f..f819d87f666 100644 --- a/apps/gallery/ajax/galleryOp.php +++ b/apps/gallery/ajax/galleryOp.php @@ -57,7 +57,7 @@ function handleGalleryScanning() { function handleFilescan($cleanup) { OC_JSON::checkLoggedIn(); if ($cleanup) OC_Gallery_Album::cleanup(); - $root = OC_Appconfig::getValue('gallery', 'root', '').'/'; + $root = OC_Preferences::getValue(OC_User::getUser(), 'gallery', 'root', '').'/'; $pathlist = OC_Gallery_Scanner::find_paths($root); sort($pathlist); OC_JSON::success(array('paths' => $pathlist)); @@ -85,11 +85,11 @@ function handleStoreSettings($root, $order) { return; } - $current_root = OC_Appconfig::getValue('gallery', 'root', '/'); + $current_root = OC_Preferences::getValue(OC_User::getUser(),'gallery', 'root', '/'); $root = trim(rtrim($root, '/')); $rescan = $current_root==$root?'no':'yes'; - OC_Appconfig::setValue('gallery', 'root', $root); - OC_Appconfig::setValue('gallery', 'order', $order); + OC_Preferences::setValue(OC_User::getUser(), 'gallery', 'root', $root); + OC_Preferences::setValue(OC_User::getUser(), 'gallery', 'order', $order); OC_JSON::success(array('rescan' => $rescan)); } diff --git a/apps/gallery/lib/album.php b/apps/gallery/lib/album.php index 502237481a9..d1405333ac7 100644 --- a/apps/gallery/lib/album.php +++ b/apps/gallery/lib/album.php @@ -77,7 +77,7 @@ class OC_Gallery_Album { $sql .= ' AND album_path = ?'; $args[] = $path; } - $order = OC_Appconfig::getValue('gallery', 'order', 'ASC'); + $order = OC_Preferences::getValue(OC_User::getUser(), 'gallery', 'order', 'ASC'); $sql .= ' ORDER BY album_name ' . $order; $stmt = OC_DB::prepare($sql); diff --git a/apps/gallery/lib/hooks_handlers.php b/apps/gallery/lib/hooks_handlers.php index 605cb0d0037..046866e5c5d 100644 --- a/apps/gallery/lib/hooks_handlers.php +++ b/apps/gallery/lib/hooks_handlers.php @@ -59,7 +59,7 @@ class OC_Gallery_Hooks_Handlers { } public static function pathInRoot($path) { - $root = OC_Appconfig::getValue('gallery', 'root', '/'); + $root = OC_Preferences::getValue(OC_User::getUser(), 'gallery', 'root', '/'); return substr($path, 0, strlen($path)>strlen($root)?strlen($root):strlen($path)) == $root; } diff --git a/apps/gallery/lib/scanner.php b/apps/gallery/lib/scanner.php index 13800f48e69..3aae94d1a4f 100644 --- a/apps/gallery/lib/scanner.php +++ b/apps/gallery/lib/scanner.php @@ -40,7 +40,7 @@ class OC_Gallery_Scanner { } public static function createName($name) { - $root = OC_Appconfig::getValue('gallery', 'root', '/'); + $root = OC_Preferences::getValue(OC_User::getUser(), 'gallery', 'root', '/'); $name = str_replace('/', '.', str_replace(OC::$CONFIG_DATADIRECTORY, '', $name)); if (substr($name, 0, strlen($root)) == str_replace('/','.',$root)) { $name = substr($name, strlen($root)); diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php index 4e74be4c64e..7cc7dad3ac6 100644 --- a/apps/gallery/templates/index.php +++ b/apps/gallery/templates/index.php @@ -33,7 +33,7 @@ $l = new OC_L10N('gallery');