From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- interface/web/tools/import_ispconfig.php | 23 ++++++++++++++++------- 1 files changed, 16 insertions(+), 7 deletions(-) diff --git a/interface/web/tools/import_ispconfig.php b/interface/web/tools/import_ispconfig.php index 75e5992..efcf022 100644 --- a/interface/web/tools/import_ispconfig.php +++ b/interface/web/tools/import_ispconfig.php @@ -49,6 +49,10 @@ $app->tpl->setVar($wb); if(isset($_POST['connected'])) { + + //* CSRF Check + $app->auth->csrf_token_check(); + $connected = $app->functions->intval($_POST['connected']); if($connected == 0) { @@ -133,6 +137,11 @@ $app->tpl->setVar('msg', $msg); $app->tpl->setVar('error', $error); +//* SET csrf token +$csrf_token = $app->auth->csrf_token_get('ispconfig_import'); +$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); +$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); + $app->tpl_defaults(); $app->tpl->pparse(); @@ -143,7 +152,7 @@ //* Get the user and groupid for the new records $sys_groupid = $app->functions->intval($_POST['client_group_id']); - $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $sys_groupid"); + $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $sys_groupid); $sys_userid = $app->functions->intval($tmp['userid']); unset($tmp); if($sys_groupid == 0) $error .= 'Inavlid groupid<br />'; @@ -159,7 +168,7 @@ $mail_domain_rec = $client->mail_domain_get($remote_session_id, array('domain' => $mail_domain)); if(is_array($mail_domain_rec)) { $mail_domain_rec = $mail_domain_rec[0]; - $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE domain = '".$app->db->quote($mail_domain)."'"); + $tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE domain = ?", $mail_domain); if($tmp['number'] > 0) $error .= 'Domain '.$mail_domain.' exists already in local database.<br />'; unset($tmp); @@ -182,7 +191,7 @@ $mail_users = $client->mail_user_get($remote_session_id, array('email' => '%@'.$mail_domain)); if(is_array($mail_users)) { foreach($mail_users as $mail_user) { - $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE email = '".$app->db->quote($mail_user['email'])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE email = ?", $mail_user['email']); if($tmp['number'] == 0) { //* Prepare record @@ -229,7 +238,7 @@ $mail_aliases = $client->mail_alias_get($remote_session_id, array('type' => 'alias', 'destination' => '%@'.$mail_domain)); if(is_array($mail_aliases)) { foreach($mail_aliases as $mail_alias) { - $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'alias' AND source = '".$app->db->quote($mail_alias['source'])."' AND destination = '".$app->db->quote($mail_alias['destination'])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'alias' AND source = ? AND destination = ?", $mail_alias['source'], $mail_alias['destination']); if($tmp['number'] == 0) { $mail_alias['sys_userid'] = $sys_userid; $mail_alias['sys_groupid'] = $sys_groupid; @@ -250,7 +259,7 @@ $mail_aliases = $client->mail_alias_get($remote_session_id, array('type' => 'aliasdomain', 'destination' => '@'.$mail_domain)); if(is_array($mail_aliases)) { foreach($mail_aliases as $mail_alias) { - $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'aliasdomain' AND source = '".$app->db->quote($mail_alias['source'])."' AND destination = '".$app->db->quote($mail_alias['destination'])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'aliasdomain' AND source = ? AND destination = ?", $mail_alias['source'], $mail_alias['destination']); if($tmp['number'] == 0) { $mail_alias['sys_userid'] = $sys_userid; $mail_alias['sys_groupid'] = $sys_groupid; @@ -271,7 +280,7 @@ $mail_forwards = $client->mail_forward_get($remote_session_id, array('type' => 'forward', 'source' => '%@'.$mail_domain)); if(is_array($mail_forwards)) { foreach($mail_forwards as $mail_forward) { - $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'forward' AND source = '".$app->db->quote($mail_forward['source'])."' AND destination = '".$app->db->quote($mail_forward['destination'])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(forwarding_id) as number FROM mail_forwarding WHERE `type` = 'forward' AND source = ? AND destination = ?", $mail_forward['source'], $mail_forward['destination']); if($tmp['number'] == 0) { $mail_forward['sys_userid'] = $sys_userid; $mail_forward['sys_groupid'] = $sys_groupid; @@ -292,7 +301,7 @@ $mail_spamfilters = $client->mail_spamfilter_user_get($remote_session_id, array('email' => '%@'.$mail_domain)); if(is_array($mail_spamfilters)) { foreach($mail_spamfilters as $mail_spamfilter) { - $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_users WHERE email = '".$app->db->quote($mail_spamfilter['email'])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM spamfilter_users WHERE email = ?", $mail_spamfilter['email']); if($tmp['number'] == 0) { $mail_spamfilter['sys_userid'] = $sys_userid; $mail_spamfilter['sys_groupid'] = $sys_groupid; -- Gitblit v1.9.1