From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- interface/web/client/client_message.php | 16 ++++++++++++---- 1 files changed, 12 insertions(+), 4 deletions(-) diff --git a/interface/web/client/client_message.php b/interface/web/client/client_message.php index 5707e88..eb8bcdb 100644 --- a/interface/web/client/client_message.php +++ b/interface/web/client/client_message.php @@ -51,7 +51,10 @@ //* Save data if(isset($_POST) && count($_POST) > 1) { - + + //* CSRF Check + $app->auth->csrf_token_check(); + //* Check values if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $_POST['sender'])) $error .= $wb['sender_invalid_error'].'<br />'; if(empty($_POST['subject'])) $error .= $wb['subject_invalid_error'].'<br />'; @@ -60,7 +63,7 @@ //* Send message if($error == '') { if($app->functions->intval($_POST['recipient']) > 0){ - $circle = $app->db->queryOneRecord("SELECT client_ids FROM client_circle WHERE active = 'y' AND circle_id = ".$app->functions->intval($_POST['recipient'])." AND ".$app->tform->getAuthSQL('r')); + $circle = $app->db->queryOneRecord("SELECT client_ids FROM client_circle WHERE active = 'y' AND circle_id = ? AND ".$app->tform->getAuthSQL('r'), $_POST['recipient']); if(isset($circle['client_ids']) && $circle['client_ids'] != ''){ $tmp_client_ids = explode(',', $circle['client_ids']); $where = array(); @@ -120,8 +123,8 @@ if($_SESSION["s"]["user"]["typ"] != 'admin'){ $client_id = $app->functions->intval($_SESSION['s']['user']['client_id']); if($client_id > 0){ - $sql = "SELECT email FROM client WHERE client_id = ".$client_id; - $client = $app->db->queryOneRecord($sql); + $sql = "SELECT email FROM client WHERE client_id = ?"; + $client = $app->db->queryOneRecord($sql, $client_id); if($client['email'] != '') $app->tpl->setVar('sender', $client['email']); } } @@ -161,6 +164,11 @@ } $app->tpl->setVar('message_variables', trim($message_variables)); +//* SET csrf token +$csrf_token = $app->auth->csrf_token_get('client_message'); +$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); +$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); + $app->tpl->setVar('okmsg', $msg); $app->tpl->setVar('error', $error); -- Gitblit v1.9.1