From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
---
installer/test.php | 60 +++++++++++++++++++++++++++++++++---------------------------
1 files changed, 33 insertions(+), 27 deletions(-)
diff --git a/installer/test.php b/installer/test.php
index 02a1ceb..340fe26 100644
--- a/installer/test.php
+++ b/installer/test.php
@@ -1,10 +1,17 @@
+<?php
+
+if (!class_exists('rcube_install') || !is_object($RCI)) {
+ die("Not allowed! Please open installer/index.php instead.");
+}
+
+?>
<form action="index.php?_step=3" method="post">
<h3>Check config files</h3>
<?php
-$read_main = is_readable(RCMAIL_CONFIG_DIR.'/main.inc.php');
-$read_db = is_readable(RCMAIL_CONFIG_DIR.'/db.inc.php');
+$read_main = is_readable(RCUBE_CONFIG_DIR . 'main.inc.php');
+$read_db = is_readable(RCUBE_CONFIG_DIR . 'db.inc.php');
if ($read_main && !empty($RCI->config)) {
$RCI->pass('main.inc.php');
@@ -31,13 +38,13 @@
if (is_array($messages['missing'])) {
echo '<h3 class="warning">Missing config options</h3>';
- echo '<p class="hint">The following config options are not present in the current configuration.<br/>';
- echo 'Please check the default config files and add the missing properties to your local config files.</p>';
-
- echo '<ul class="configwarings">';
+ echo '<p class="hint">The following config options are not set (not present or empty) in the current configuration.<br/>';
+ echo 'Please check the default config files and set the missing properties in your local config files.</p>';
+
+ echo '<ul class="configwarnings">';
foreach ($messages['missing'] as $msg) {
echo html::tag('li', null, html::span('propname', $msg['prop']) . ($msg['name'] ? ': ' . $msg['name'] : ''));
- }
+ }
echo '</ul>';
}
@@ -125,9 +132,9 @@
$db_working = false;
if ($RCI->configured) {
if (!empty($RCI->config['db_dsnw'])) {
-
- $DB = new rcube_mdb2($RCI->config['db_dsnw'], '', false);
+ $DB = rcube_db::factory($RCI->config['db_dsnw'], '', false);
$DB->db_connect('w');
+
if (!($db_error_msg = $DB->is_error())) {
$RCI->pass('DSN (write)');
echo '<br />';
@@ -157,17 +164,15 @@
}
else if ($db_working && $_POST['updatedb']) {
- if (!($success = $RCI->update_db($DB, $_POST['version']))) {
- $updatefile = INSTALL_PATH . 'SQL/' . (isset($RCI->db_map[$DB->db_provider]) ? $RCI->db_map[$DB->db_provider] : $DB->db_provider) . '.update.sql';
- echo '<p class="warning">Please manually execute the SQL statements from '.$updatefile.' on your database.<br/>';
- echo 'See comments in the file and execute queries below the comment with the currently installed version number.</p>';
- }
+ if (!($success = $RCI->update_db($_POST['version']))) {
+ echo '<p class="warning">Database schema update failed.</p>';
+ }
}
// test database
if ($db_working) {
$db_read = $DB->query("SELECT count(*) FROM {$RCI->config['db_table_users']}");
- if ($DB->db_error) {
+ if ($DB->is_error()) {
$RCI->fail('DB Schema', "Database not initialized");
echo '<p><input type="submit" name="initdb" value="Initialize database" /></p>';
$db_working = false;
@@ -176,9 +181,8 @@
$RCI->fail('DB Schema', "Database schema differs");
echo '<ul style="margin:0"><li>' . join("</li>\n<li>", $err) . "</li></ul>";
$select = $RCI->versions_select(array('name' => 'version'));
- echo '<p class="suggestion">You should run the update queries to get the schmea fixed.<br/><br/>Version to update from: ' . $select->show() . ' <input type="submit" name="updatedb" value="Update" /></p>';
-// echo '<p class="warning">Please manually execute the SQL statements from '.$updatefile.' on your database.<br/>';
-// echo 'See comments in the file and execute queries that are superscribed with the currently installed version number.</p>';
+ $select->add('0.9 or newer', '');
+ echo '<p class="suggestion">You should run the update queries to get the schema fixed.<br/><br/>Version to update from: ' . $select->show() . ' <input type="submit" name="updatedb" value="Update" /></p>';
$db_working = false;
}
else {
@@ -382,18 +386,20 @@
<?php
if (isset($_POST['imaptest']) && !empty($_POST['_host']) && !empty($_POST['_user'])) {
-
+
echo '<p>Connecting to ' . Q($_POST['_host']) . '...<br />';
-
- $a_host = parse_url($_POST['_host']);
+
+ $imap_host = trim($_POST['_host']);
+ $imap_port = $RCI->getprop('default_port');
+ $a_host = parse_url($imap_host);
+
if ($a_host['host']) {
$imap_host = $a_host['host'];
- $imap_ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
- $imap_port = isset($a_host['port']) ? $a_host['port'] : ($imap_ssl ? 993 : $CONFIG['default_port']);
- }
- else {
- $imap_host = trim($_POST['_host']);
- $imap_port = $RCI->getprop('default_port');
+ $imap_ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
+ if (isset($a_host['port']))
+ $imap_port = $a_host['port'];
+ else if ($imap_ssl && $imap_ssl != 'tls' && (!$imap_port || $imap_port == 143))
+ $imap_port = 993;
}
$imap_host = idn_to_ascii($imap_host);
--
Gitblit v1.9.1