From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
interface/web/tools/import_ispconfig.php | 23 ++++++++++++++++-------
1 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/interface/web/tools/import_ispconfig.php b/interface/web/tools/import_ispconfig.php
index 75e5992..efcf022 100644
--- a/interface/web/tools/import_ispconfig.php
+++ b/interface/web/tools/import_ispconfig.php
@@ -49,6 +49,10 @@
$app->tpl->setVar($wb);
if(isset($_POST['connected'])) {
+
+ //* CSRF Check
+ $app->auth->csrf_token_check();
+
$connected = $app->functions->intval($_POST['connected']);
if($connected == 0) {
@@ -133,6 +137,11 @@
$app->tpl->setVar('msg', $msg);
$app->tpl->setVar('error', $error);
+//* SET csrf token
+$csrf_token = $app->auth->csrf_token_get('ispconfig_import');
+$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
+$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
+
$app->tpl_defaults();
$app->tpl->pparse();
@@ -143,7 +152,7 @@
//* Get the user and groupid for the new records
$sys_groupid = $app->functions->intval($_POST['client_group_id']);
- $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $sys_groupid");
+ $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $sys_groupid);
$sys_userid = $app->functions->intval($tmp['userid']);
unset($tmp);
if($sys_groupid == 0) $error .= 'Inavlid groupid<br />';
@@ -159,7 +168,7 @@
$mail_domain_rec = $client->mail_domain_get($remote_session_id, array('domain' => $mail_domain));
if(is_array($mail_domain_rec)) {
$mail_domain_rec = $mail_domain_rec[0];
- $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE domain = '".$app->db->quote($mail_domain)."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE domain = ?", $mail_domain);
if($tmp['number'] > 0) $error .= 'Domain '.$mail_domain.' exists already in local database.<br />';
unset($tmp);
@@ -182,7 +191,7 @@
$mail_users = $client->mail_user_get($remote_session_id, array('email' => '%@'.$mail_domain));
if(is_array($mail_users)) {
foreach($mail_users as $mail_user) {
- $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE email = '".$app->db->quote($mail_user['email'])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE email = ?", $mail_user['email']);
if($tmp['number'] == 0) {
//* Prepare record
@@ -229,7 +238,7 @@
$mail_aliases = $client->mail_alias_get($remote_session_id, array('type' => 'alias', 'destination' => '%@'.$mail_domain));
if(is_array($mail_aliases)) {
foreach($mail_aliases as $mail_alias) {
- $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'alias' AND source = '".$app->db->quote($mail_alias['source'])."' AND destination = '".$app->db->quote($mail_alias['destination'])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'alias' AND source = ? AND destination = ?", $mail_alias['source'], $mail_alias['destination']);
if($tmp['number'] == 0) {
$mail_alias['sys_userid'] = $sys_userid;
$mail_alias['sys_groupid'] = $sys_groupid;
@@ -250,7 +259,7 @@
$mail_aliases = $client->mail_alias_get($remote_session_id, array('type' => 'aliasdomain', 'destination' => '@'.$mail_domain));
if(is_array($mail_aliases)) {
foreach($mail_aliases as $mail_alias) {
- $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'aliasdomain' AND source = '".$app->db->quote($mail_alias['source'])."' AND destination = '".$app->db->quote($mail_alias['destination'])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'aliasdomain' AND source = ? AND destination = ?", $mail_alias['source'], $mail_alias['destination']);
if($tmp['number'] == 0) {
$mail_alias['sys_userid'] = $sys_userid;
$mail_alias['sys_groupid'] = $sys_groupid;
@@ -271,7 +280,7 @@
$mail_forwards = $client->mail_forward_get($remote_session_id, array('type' => 'forward', 'source' => '%@'.$mail_domain));
if(is_array($mail_forwards)) {
foreach($mail_forwards as $mail_forward) {
- $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'forward' AND source = '".$app->db->quote($mail_forward['source'])."' AND destination = '".$app->db->quote($mail_forward['destination'])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'forward' AND source = ? AND destination = ?", $mail_forward['source'], $mail_forward['destination']);
if($tmp['number'] == 0) {
$mail_forward['sys_userid'] = $sys_userid;
$mail_forward['sys_groupid'] = $sys_groupid;
@@ -292,7 +301,7 @@
$mail_spamfilters = $client->mail_spamfilter_user_get($remote_session_id, array('email' => '%@'.$mail_domain));
if(is_array($mail_spamfilters)) {
foreach($mail_spamfilters as $mail_spamfilter) {
- $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_users WHERE email = '".$app->db->quote($mail_spamfilter['email'])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_users WHERE email = ?", $mail_spamfilter['email']);
if($tmp['number'] == 0) {
$mail_spamfilter['sys_userid'] = $sys_userid;
$mail_spamfilter['sys_groupid'] = $sys_groupid;
--
Gitblit v1.9.1