diff --git a/account.php b/account.php index 0343fc6..51d4276 100644 --- a/account.php +++ b/account.php @@ -11,11 +11,15 @@ require(BASE."include/mail.php"); header("Pragma: no-cache"); header("Cache-control: no-cache"); +$aClean = array(); //array of filtered user input + // check command and process -if(isset($_POST['cmd'])) - do_account($_POST['cmd']); +if(!empty($_POST['cmd'])) + $aClean['cmd'] = makeSafe( $_POST['cmd'] ); else - do_account($_GET['cmd']); + $aClean['cmd'] = makeSafe( $_GET['cmd'] ); + +do_account($aClean['cmd']); /** @@ -76,25 +80,31 @@ function retry($cmd, $msg) */ function cmd_do_new() { - - if(!ereg("^.+@.+\\..+$", $_POST['ext_email'])) + $aClean = array(); //array of filtered user input + + $aClean['ext_email'] = makeSafe($_POST['ext_email']); + $aClean['ext_password'] = makeSafe($_POST['ext_password']); + $aClean['ext_password2'] = makeSafe($_POST['ext_password2']); + $aClean['CVSrelease'] = makeSafe($_POST['CVSrelease']); + $aClean['ext_realname']= makeSafe($_POST['ext_realname']); + + if(!ereg("^.+@.+\\..+$", $aClean['ext_email'])) { - $_POST['ext_email'] = ""; + $aClean['ext_email'] = ""; retry("new", "Invalid email address"); return; } - if(strlen($_POST['ext_password']) < 5) + if(strlen($aClean['ext_password']) < 5) { retry("new", "Password must be at least 5 characters"); return; } - if($_POST['ext_password'] != $_POST['ext_password2']) + if($aClean['ext_password'] != $aClean['ext_password2']) { retry("new", "Passwords don't match"); return; } - $_POST['ext_realname']=trim($_POST['ext_realname']); - if(empty($_POST['ext_realname'])) + if(empty($aClean['ext_realname'])) { retry("new", "You don't have a Real name?"); return; @@ -102,15 +112,15 @@ function cmd_do_new() $user = new User(); - $result = $user->create($_POST['ext_email'], $_POST['ext_password'], $_POST['ext_realname'], $_POST['CVSrelease'] ); + $result = $user->create($aClean['ext_email'], $aClean['ext_password'], $aClean['ext_realname'], $aClean['CVSrelease'] ); if($result == true) { /* if we can log the user in, log them in automatically */ - if($user->login($_POST['ext_email'], $_POST['ext_password'])) + if($user->login($aClean['ext_email'], $aClean['ext_password'])) $_SESSION['current'] = $user; - addmsg("Account created! (".$_POST['ext_email'].")", "green"); + addmsg("Account created! (".$aClean['ext_email'].")", "green"); redirect(apidb_fullurl()); } else @@ -126,10 +136,14 @@ function cmd_do_new() function cmd_send_passwd() { + $aClean = array(); //array of filtered user input + + $aClean['ext_email'] = makeSafe($_POST['ext_email']); + $note = '(Note: accounts for appdb.winehq.org and bugs.winehq.org ' .'are separated, so You might need to create second account for appdb.)'; - $userid = user_exists($_POST['ext_email']); + $userid = user_exists($aClean['ext_email']); $passwd = generate_passwd(); $user = new User($userid); if ($userid) @@ -159,7 +173,7 @@ function cmd_send_passwd() } else { - addmsg("Sorry, that user (".$_POST['ext_email'].") does not exist.

" + addmsg("Sorry, that user (".$aClean['ext_email'].") does not exist.

" .$note, "red"); } @@ -171,8 +185,13 @@ function cmd_send_passwd() */ function cmd_do_login() { + $aClean = array(); //array of filtered user input + + $aClean['ext_email'] = makeSafe($_POST['ext_email']); + $aClean['ext_password'] = makeSafe($_POST['ext_password']); + $user = new User(); - $result = $user->login($_POST['ext_email'], $_POST['ext_password']); + $result = $user->login($aClean['ext_email'], $aClean['ext_password']); if($result == true) { diff --git a/addcomment.php b/addcomment.php index 4e71b0a..a54fa1c 100644 --- a/addcomment.php +++ b/addcomment.php @@ -1,4 +1,16 @@ isLoggedIn()) { @@ -19,24 +26,24 @@ if(!$_SESSION['current']->isLoggedIn()) exit; } -if(!is_numeric($_REQUEST['versionId'])) +if( !is_numeric($aClean['versionId']) ) { errorpage('Internal Database Access Error'); exit; } -if(!is_numeric($_REQUEST['thread'])) +if(!is_numeric($aClean['thread'])) { - $_REQUEST['thread'] = 0; + $aClean['thread'] = 0; } ############################ # ADDS COMMENT TO DATABASE # ############################ -if(isset($_REQUEST['body'])) +if(!empty($aClean['body'])) { $oComment = new Comment(); - $oComment->create($_REQUEST['subject'], $_REQUEST['body'], $_REQUEST['thread'], $_REQUEST['versionId']); + $oComment->create($aClean['subject'], $aClean['body'], $aClean['thread'], $aClean['versionId']); redirect(apidb_fullurl("appview.php?versionId=".$oComment->iVersionId)); } @@ -49,9 +56,9 @@ else $mesTitle = "Post New Comment"; - if($_REQUEST['thread'] > 0) + if($aClean['thread'] > 0) { - $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']); + $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$aClean['thread']); $ob = mysql_fetch_object($result); if($ob) { @@ -71,8 +78,8 @@ else echo "From: \n"; echo "  ".$_SESSION['current']->sRealname."\n"; echo "Subject: \n"; - echo "   \n"; - echo "\n"; + echo "   \n"; + echo "\n"; echo "\n"; echo " \n"; echo " \n"; @@ -81,10 +88,10 @@ else echo html_frame_end(); - echo "\n"; - echo "\n"; - echo "\n"; - if (isset($_REQUEST['thread'])) + echo "\n"; + echo "\n"; + echo "\n"; + if (!empty($aClean['thread'])) { echo "\n"; } diff --git a/admin/addAppNote.php b/admin/addAppNote.php index 61e2378..acd23b0 100644 --- a/admin/addAppNote.php +++ b/admin/addAppNote.php @@ -8,36 +8,45 @@ require(BASE."include/incl.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['appId'] = makeSafe( $_REQUEST['appId']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['submit'] = makeSafe($_REQUEST['submit']); +$aClean['noteTitle'] = makeSafe($_REQUEST['noteTitle']); +$aClean['noteDesc'] = makeSafe($_REQUEST['noteDesc']); + //FIXME: get rid of appId references everywhere, as version is enough. -$sQuery = "SELECT appId FROM appVersion WHERE versionId = '".$_REQUEST['versionId']."'"; +$sQuery = "SELECT appId FROM appVersion WHERE versionId = '".$aClean['versionId']."'"; $hResult = query_appdb($sQuery); $oRow = mysql_fetch_object($hResult); $appId = $oRow->appId; //check for admin privs -if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['versionId']) && !$_SESSION['current']->isSuperMaintainer($_REQUEST['appId'])) +if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($aClean['versionId']) && !$_SESSION['current']->isSuperMaintainer($aClean['appId'])) { errorpage("Insufficient Privileges!"); exit; } //set link for version -if(is_numeric($_REQUEST['versionId']) and !empty($_REQUEST['versionId'])) +if(is_numeric($aClean['versionId']) and !empty($aClean['versionId'])) { - $versionLink = "versionId={$_REQUEST['versionId']}"; + $versionLink = "versionId={$aClean['versionId']}"; } else exit; -if($_REQUEST['sub'] == "Submit") +if($aClean['sub'] == "Submit") { $oNote = new Note(); - $oNote->create($_REQUEST['noteTitle'], $_REQUEST['noteDesc'], $_REQUEST['versionId']); + $oNote->create($aClean['noteTitle'], $aClean['noteDesc'], $aClean['versionId']); redirect(apidb_fullurl("appview.php?".$versionLink)); exit; } -else if($_REQUEST['sub'] == 'Preview' OR empty($_REQUEST['submit'])) +else if($aClean['sub'] == 'Preview' OR empty($aClean['submit'])) { HtmlAreaLoaderScript(array("editor")); @@ -47,22 +56,22 @@ else if($_REQUEST['sub'] == 'Preview' OR empty($_REQUEST['submit'])) echo html_frame_start("Add Application Note", "90%","",0); echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'"); - echo ""; - echo add_br($_REQUEST['noteDesc']); + echo ""; + echo add_br($aClean['noteDesc']); - if ($_REQUEST['noteTitle'] == "HOWTO" || $_REQUEST['noteTitle'] == "WARNING") + if ($aClean['noteTitle'] == "HOWTO" || $aClean['noteTitle'] == "WARNING") { - echo ""; - echo "Type{$_REQUEST['noteTitle']}\n"; + echo ""; + echo "Type{$aClean['noteTitle']}\n"; } else { - echo "Title\n"; + echo "Title\n"; } echo 'Description', "\n"; - if(trim(strip_tags($_REQUEST['noteDesc']))=="") $_REQUEST['noteDesc']="

Enter note here

"; + if ( $aClean['noteDesc'] == "" ) $aClean['noteDesc']="

Enter note here

"; echo '

', "\n"; - echo '',"\n"; + echo '',"\n"; echo '

'; echo '',"\n"; echo ' ',"\n"; diff --git a/admin/addCategory.php b/admin/addCategory.php index c904378..c1e457b 100644 --- a/admin/addCategory.php +++ b/admin/addCategory.php @@ -3,21 +3,29 @@ include("path.php"); require(BASE."include/incl.php"); require(BASE."include/category.php"); +$aClean = array(); //array of filtered user input + +$aClean['catId'] = makeSafe($_REQUEST['catId']); +$aClean['name'] = makeSafe($_REQUEST['name']); +$aClean['description'] = makeSafe($_REQUEST['description']); +$aClean['parentId'] = makeSafe($_REQUEST['parentId']); +$aClean['submit'] = makeSafe($_REQUEST['submit']); + if(!$_SESSION['current']->hasPriv("admin")) { errorpage(); exit; } -$oCat = new Category($_REQUEST['catId']); -if($_REQUEST['submit']) +$oCat = new Category($aClean['catId']); +if($aClean['submit']) { - $oCat->update($_REQUEST['name'],$_REQUEST['description'],$_REQUEST['parentId']); + $oCat->update($aClean['name'],$aClean['description'],$aClean['parentId']); redirect(apidb_fullurl("appbrowse.php?catId=".$oCat->iCatId)); } else { apidb_header("Add Category"); -$sQuery = "SELECT catId, catName FROM appCategory WHERE catId!='".$_REQUEST['catId']."'"; +$sQuery = "SELECT catId, catName FROM appCategory WHERE catId!='".$aClean['catId']."'"; $hResult = query_appdb($sQuery); while($oRow = mysql_fetch_object($hResult)) { diff --git a/admin/adminAppDataQueue.php b/admin/adminAppDataQueue.php index 2c34181..b933925 100644 --- a/admin/adminAppDataQueue.php +++ b/admin/adminAppDataQueue.php @@ -9,6 +9,15 @@ require(BASE."include/mail.php"); require(BASE."include/tableve.php"); require(BASE."include/application.php"); +$aClean = array(); //array of user input + +$aClean['id'] = makeSafe($_REQUEST['id']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['add'] = makeSafe($_REQUEST['add']); +$aClean['description'] = makeSafe($_REQUEST['description']); +$aClean['replyText'] = makeSafe($_REQUEST['replyText']); +$aClean['reject'] = makeSafe($_REQUEST['reject']); + // deny access if not admin or at least some kind of maintainer if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer()) { @@ -17,7 +26,7 @@ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintaine } // shows the list of appdata in queue -if (!$_REQUEST['id']) +if (!$aClean['id']) { apidb_header("Admin Application Data Queue"); @@ -76,10 +85,10 @@ if (!$_REQUEST['id']) } } else // shows a particular appdata { - $hResult = $_SESSION['current']->getAppDataQuery($_REQUEST['id'], false, false); + $hResult = $_SESSION['current']->getAppDataQuery($aClean['id'], false, false); $obj_row = mysql_fetch_object($hResult); - if(!$_REQUEST['sub']=="inside_form") + if(!$aClean['sub']=="inside_form") { apidb_header("Admin Application Data Queue"); @@ -146,9 +155,9 @@ if (!$_REQUEST['id']) echo '',"\n"; echo '',"\n"; - echo '',"\n"; + echo '',"\n"; echo ''; - } elseif ($_REQUEST['add']) // we accepted the request + } elseif ($aClean['add']) // we accepted the request { $statusMessage = ""; $goodtogo = 0; @@ -161,7 +170,7 @@ if (!$_REQUEST['id']) elseif ($obj_row->type == "url") { // FIXME: use Link class $query = "INSERT INTO appData VALUES (null, ".$obj_row->versionId.", 'url', ". - "'".addslashes($_REQUEST['description'])."', '".$obj_row->url."')"; + "'".$aClean['description']."', '".$obj_row->url."')"; if (query_appdb($sQuery)) { $statusMessage = "

The application data was successfully added into the database

\n"; @@ -175,7 +184,7 @@ if (!$_REQUEST['id']) { $sSubject = "Application Data Request Report"; $sMsg = "Your submission of an application data for ".lookup_app_name($obj_row->appId).lookup_version_name($obj_row->versionId)." has been accepted. "; - $sMsg .= $_REQUEST['replyText']; + $sMsg .= $aClean['replyText']; $sMsg .= "We appreciate your help in making the Application Database better for all users.\r\n"; mail_appdb($oUser->sEmail, $sSubject ,$sMsg); @@ -183,7 +192,7 @@ if (!$_REQUEST['id']) } } redirect(apidb_fullurl("admin/adminAppDataQueue.php")); - } elseif ($_REQUEST['reject']) + } elseif ($aClean['reject']) { if($obj_row->type == "image") { @@ -197,7 +206,7 @@ if (!$_REQUEST['id']) { $sSubject = "Application Data Request Report"; $sMsg = "Your submission of an application data for ".lookup_app_name($obj_row->appId).lookup_version_name($obj_row->versionId)." was rejected. "; - $sMsg .= $_REQUEST['replyText']; + $sMsg .= $aClean['replyText']; mail_appdb($oUser->sEmail, $sSubject ,$sMsg); } diff --git a/admin/adminAppQueue.php b/admin/adminAppQueue.php index e0f1e92..28a90ed 100644 --- a/admin/adminAppQueue.php +++ b/admin/adminAppQueue.php @@ -10,6 +10,20 @@ require(BASE."include/application.php"); require(BASE."include/mail.php"); require_once(BASE."include/testResults.php"); +$aClean = array(); //array of filtered user input + +$aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); +$aClean['sub'] = makeSafe($_REQUEST['sub'] ); +$aClean['apptype'] = makeSafe($_REQUEST['apptype']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['appVendorName'] = makeSafe($_REQUEST['appVendorName']); +$aClean['appVendorId'] = makeSafe($_REQUEST['appVendorId']); +$aClean['appWebpage'] = makeSafe($_REQUEST['appWebpage']); +$aClean['appIdMergeTo'] = makeSafe($_REQUEST['appIdMergeTo']); +$aClean['replyText'] = makeSafe($_REQUEST['replyText']); +$aClean['versionIdMergeTo'] = makeSafe($_REQUEST['versionIdMergeTo']); +$aClean['sDistribution'] = makeSafe($_REQUEST['sDistribution']); function get_vendor_from_keywords($sKeywords) { @@ -120,11 +134,11 @@ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isSuperMain errorpage("Insufficient privileges."); exit; } -$oTest = new testData($_REQUEST['iTestingId']); +$oTest = new testData($aClean['iTestingId']); -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if($_REQUEST['apptype'] == 'application') + if($aClean['apptype'] == 'application') { /* make sure the user is authorized to view this application request */ if(!$_SESSION['current']->hasPriv("admin")) @@ -133,21 +147,21 @@ if ($_REQUEST['sub']) exit; } - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); // if we are processing a queued application there MUST be an implicitly queued // version to go along with it. - $sQuery = "Select versionId from appVersion where appId='".$_REQUEST['appId']."';"; + $sQuery = "Select versionId from appVersion where appId='".$aClean['appId']."';"; $hResult = query_appdb($sQuery); $oRow = mysql_fetch_object($hResult); $oVersion = new Version($oRow->versionId); } - else if($_REQUEST['apptype'] == 'version') + else if($aClean['apptype'] == 'version') { /* make sure the user has permission to view this version */ - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion)) { errorpage("Insufficient privileges."); @@ -173,21 +187,21 @@ if ($_REQUEST['sub']) $oTest = new testResult(); } - if($_REQUEST['sub'] == 'add') + if($aClean['sub'] == 'add') { - $oVersion = new Version($_REQUEST['versionId']); - $oTest = new testData($_REQUEST['iTestingId']); + $oVersion = new Version($aClean['versionId']); + $oTest = new testData($aClean['iTestingId']); $oVersion->GetOutputEditorValues(); $oTest->GetOutputEditorValues(); - if ($_REQUEST['apptype'] == "application") // application + if ($aClean['apptype'] == "application") // application { - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $oApp->GetOutputEditorValues(); // load the values from $_REQUEST // add new vendor - if($_REQUEST['appVendorName'] and !$_REQUEST['appVendorId']) + if($aClean['appVendorName'] and !$aClean['appVendorId']) { $oVendor = new Vendor(); - $oVendor->create($_REQUEST['appVendorName'],$_REQUEST['appWebpage']); + $oVendor->create($aClean['appVendorName'],$aClean['appWebpage']); $oApp->iVendorId = $oVendor->iVendorId; } $oApp->update(true); @@ -199,16 +213,16 @@ if ($_REQUEST['sub']) $oTest->unQueue(); redirect($_SERVER['PHP_SELF']); } - else if ($_REQUEST['sub'] == 'duplicate') + else if ($aClean['sub'] == 'duplicate') { - if(is_numeric($_REQUEST['appIdMergeTo'])) + if(is_numeric($aClean['appIdMergeTo'])) { /* move this version submission under the existing app */ - $oVersion->iAppId = $_REQUEST['appIdMergeTo']; + $oVersion->iAppId = $aClean['appIdMergeTo']; $oVersion->update(); /* delete the appId that is the duplicate */ - $_REQUEST['replyText'] = "Your Vesion information was moved to an existing Application"; + $aClean['replyText'] = "Your Vesion information was moved to an existing Application"; $oAppDelete = new Application($oApp->iAppId); $oAppDelete->delete(); } @@ -216,51 +230,51 @@ if ($_REQUEST['sub']) /* redirect back to the main page */ redirect(apidb_fullurl("admin/adminAppQueue.php")); } - else if ($_REQUEST['sub'] == 'movetest') + else if ($aClean['sub'] == 'movetest') { - if(is_numeric($_REQUEST['versionIdMergeTo'])) + if(is_numeric($aClean['versionIdMergeTo'])) { // move this Test submission under the existing version // - $oTest->iVersionId = $_REQUEST['versionIdMergeTo']; + $oTest->iVersionId = $aClean['versionIdMergeTo']; $oTest->update(); // delete the Version entry - $_REQUEST['replyText'] = "Your Test results were moved to existing version"; - $oVersion = new Version($_REQUEST['versionId']); + $aClean['replyText'] = "Your Test results were moved to existing version"; + $oVersion = new Version($aClean['versionId']); $oVersion->delete(); } // redirect back to the main page redirect(apidb_fullurl("admin/adminAppQueue.php")); } - else if ($_REQUEST['sub'] == 'Delete') + else if ($aClean['sub'] == 'Delete') { - if (($_REQUEST['apptype'] == "application") && is_numeric($_REQUEST['appId'])) // application + if (($aClean['apptype'] == "application") && is_numeric($aClean['appId'])) // application { // delete the application entry - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $oApp->delete(); - } else if(($_REQUEST['apptype'] == "version") && is_numeric($_REQUEST['versionId'])) // version + } else if(($aClean['apptype'] == "version") && is_numeric($aClean['versionId'])) // version { // delete the Version entry - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); $oVersion->delete(); } redirect(apidb_fullurl("admin/adminAppQueue.php")); } - else if ($_REQUEST['sub'] == 'Reject') + else if ($aClean['sub'] == 'Reject') { - $oVersion = new Version($_REQUEST['versionId']); - $oTest = new testData($_REQUEST['iTestingId']); + $oVersion = new Version($aClean['versionId']); + $oTest = new testData($aClean['iTestingId']); $oVersion->GetOutputEditorValues(); $oTest->GetOutputEditorValues(); - if ($_REQUEST['apptype'] == "application") // application + if ($aClean['apptype'] == "application") // application { - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $oApp->GetOutputEditorValues(); // load the values from $_REQUEST $oApp->update(true); $oApp->reject(); @@ -273,7 +287,7 @@ if ($_REQUEST['sub']) } //process according to sub flag - if ($_REQUEST['sub'] == 'view') + if ($aClean['sub'] == 'view') { $x = new TableVE("view"); apidb_header("Admin App Queue"); @@ -385,7 +399,7 @@ if ($_REQUEST['sub']) { $oVersion->OutputEditor(false, false); } - $oTest->OutputEditor($_REQUEST['sDistribution']); + $oTest->OutputEditor($aClean['sDistribution']); echo html_frame_start("Reply text", "90%", "", 0); echo "\n"; @@ -418,7 +432,7 @@ if ($_REQUEST['sub']) redirect(apidb_fullurl("admin/adminAppQueue.php")); } } -else /* if ($_REQUEST['sub']) is not defined, display the main app queue page */ +else /* if ($aClean['sub']) is not defined, display the main app queue page */ { apidb_header("Admin App Queue"); diff --git a/admin/adminBugs.php b/admin/adminBugs.php index f0981dd..3259f2b 100644 --- a/admin/adminBugs.php +++ b/admin/adminBugs.php @@ -11,6 +11,15 @@ require(BASE."include/incl.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['buglinkId'] = makeSafe($_REQUEST['buglinkId']); +$aClean['ItemsPerPage'] = makeSafe($_REQUEST['ItemsPerPage']); +$aClean['QueuedOnly'] = makeSafe($_REQUEST['QueuedOnly']); +$aClean['page'] = makeSafe($_REQUEST['page']); + + // deny access if not logged in if(!$_SESSION['current']->hasPriv("admin")) { @@ -18,19 +27,19 @@ if(!$_SESSION['current']->hasPriv("admin")) exit; } -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if(($_REQUEST['sub'] == 'delete' ) && ($_REQUEST['buglinkId'])) + if(($aClean['sub'] == 'delete' ) && ($aClean['buglinkId'])) { - $oBuglink = new bug($_REQUEST['buglinkId']); + $oBuglink = new bug($aClean['buglinkId']); $oBuglink->delete(); } - if(($_REQUEST['sub'] == 'unqueue' ) && ($_REQUEST['buglinkId'])) + if(($aClean['sub'] == 'unqueue' ) && ($aClean['buglinkId'])) { - $oBuglink = new bug($_REQUEST['buglinkId']); + $oBuglink = new bug($aClean['buglinkId']); $oBuglink->unqueue(); } - redirect($_SERVER['PHP_SELF']."?ItemsPerPage=".$_REQUEST['ItemsPerPage']."&QueuedOnly=".$_REQUEST['QueuedOnly']."&page=".$_REQUEST['page']); + redirect($_SERVER['PHP_SELF']."?ItemsPerPage=".$aClean['ItemsPerPage']."&QueuedOnly=".$aClean['QueuedOnly']."&page=".$aClean['page']); exit; } @@ -40,13 +49,13 @@ if ($_REQUEST['sub']) $pageRange = 10; $ItemsPerPage = 10; $currentPage = 1; - $QueuedOnly = !isset($_REQUEST['QueuedOnly'])? NULL: $_REQUEST['QueuedOnly']; + $QueuedOnly = empty($aClean['QueuedOnly'])? NULL: $aClean['QueuedOnly']; $BugLinks = ($QueuedOnly == 'on')?getNumberOfQueuedBugLinks():getNumberOfBugLinks(); - if($_REQUEST['ItemsPerPage']) - $ItemsPerPage = $_REQUEST['ItemsPerPage']; + if($aClean['ItemsPerPage']) + $ItemsPerPage = $aClean['ItemsPerPage']; - if($_REQUEST['page']) - $currentPage = $_REQUEST['page']; + if($aClean['page']) + $currentPage = $aClean['page']; $ItemsPerPage = min($ItemsPerPage,100); $totalPages = max(ceil($BugLinks/$ItemsPerPage),1); diff --git a/admin/adminCommentView.php b/admin/adminCommentView.php index e9f31fb..24c0e14 100644 --- a/admin/adminCommentView.php +++ b/admin/adminCommentView.php @@ -15,10 +15,15 @@ $pageRange = 10; $ItemsPerPage = 10; $currentPage = 1; -if($_REQUEST['ItemsPerPage']) - $ItemsPerPage = $_REQUEST['ItemsPerPage']; -if($_REQUEST['page']) - $currentPage = $_REQUEST['page']; +$aClean = array(); //array of filtered user input + +$aClean['ItemsPerPage'] = makeSafe($_REQUEST['ItemsPerPage']); +$aClean['page'] = makeSafe($_REQUEST['page']); + +if($aClean['ItemsPerPage']) + $ItemsPerPage = $aClean['ItemsPerPage']; +if($aClean['page']) + $currentPage = $aClean['page']; $totalPages = ceil(getNumberOfComments()/$ItemsPerPage); diff --git a/admin/adminMaintainerQueue.php b/admin/adminMaintainerQueue.php index 36f1e58..038e7b2 100644 --- a/admin/adminMaintainerQueue.php +++ b/admin/adminMaintainerQueue.php @@ -11,21 +11,29 @@ require(BASE."include/maintainer.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['sub'] = makeSafe( $_REQUEST['sub'] ); +$aClean['queueId'] = makeSafe( $_REQUEST['queueId'] ); +$aClean['add'] = makeSafe( $_REQUEST['add'] ); +$aClean['reject'] = makeSafe( $_REQUEST'reject'] ); +$aClean['replyText'] = makeSafe( $_REQUEST['replyText'] ); + if(!$_SESSION['current']->hasPriv("admin")) { errorpage("Insufficient privileges."); exit; } -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if ($_REQUEST['queueId']) + if ($aClean['queueId']) { //get data $query = "SELECT queueId, appId, versionId,". "userId, maintainReason, superMaintainer,". "UNIX_TIMESTAMP(submitTime) as submitTime ". - "FROM appMaintainerQueue WHERE queueId = ".$_REQUEST['queueId'].";"; + "FROM appMaintainerQueue WHERE queueId = ".$aClean['queueId'].";"; $result = query_appdb($query); $ob = mysql_fetch_object($result); $oUser = new User($ob->userId); @@ -38,7 +46,7 @@ if ($_REQUEST['sub']) } //process according to which request was submitted and optionally the sub flag - if (!$_REQUEST['add'] && !$_REQUEST['reject'] && $_REQUEST['queueId']) + if (!$aClean['add'] && !$aClean['reject'] && $aClean['queueId']) { apidb_header("Admin Maintainer Queue"); echo '',"\n"; @@ -163,7 +171,7 @@ if ($_REQUEST['sub']) echo '
',"\n"; echo '',"\n"; - echo '',"\n"; + echo '',"\n"; echo html_frame_end(" "); echo html_back_link(1,'adminMaintainerQueue.php'); @@ -172,7 +180,7 @@ if ($_REQUEST['sub']) exit; } - else if ($_REQUEST['add'] && $_REQUEST['queueId']) + else if ($aClean['add'] && $aClean['queueId']) { /* create a new user object for the maintainer */ $maintainerUser = new User($ob->userId); @@ -180,11 +188,11 @@ if ($_REQUEST['sub']) /* add the user as a maintainer and return the statusMessage */ $statusMessage = $maintainerUser->addAsMaintainer($ob->appId, $ob->versionId, $ob->superMaintainer, - $_REQUEST['queueId']); + $aClean['queueId']); //done addmsg("

$statusMessage

", 'green'); } - else if (($_REQUEST['reject'] || ($_REQUEST['sub'] == 'reject')) && $_REQUEST['queueId']) + else if (($aClean['reject'] || ($aClean['sub'] == 'reject')) && $aClean['queueId']) { $sEmail = $oUser->sEmail; if ($sEmail) @@ -193,7 +201,7 @@ if ($_REQUEST['sub']) $oVersion = new Version($ob->versionId); $sSubject = "Application Maintainer Request Report"; $sMsg = "Your application to be the maintainer of ".$oApp->sName." ".$oVersion->sName." was rejected. "; - $sMsg .= $_REQUEST['replyText']; + $sMsg .= $aClean['replyText']; $sMsg .= ""; $sMsg .= "-The AppDB admins\n"; @@ -201,7 +209,7 @@ if ($_REQUEST['sub']) } //delete main item - $query = "DELETE from appMaintainerQueue where queueId = ".$_REQUEST['queueId'].";"; + $query = "DELETE from appMaintainerQueue where queueId = ".$aClean['queueId'].";"; $result = query_appdb($query,"unable to delete selected maintainer application"); echo html_frame_start("Delete maintainer application",400,"",0); if($result) diff --git a/admin/adminMaintainers.php b/admin/adminMaintainers.php index 9568cb3..1385f50 100644 --- a/admin/adminMaintainers.php +++ b/admin/adminMaintainers.php @@ -9,6 +9,11 @@ include("path.php"); require(BASE."include/incl.php"); +$aClean = array(); //array of filtered user input + +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['maintainerId'] = makeSafe($_REQUEST['maintainerId']); + // deny access if not logged in if(!$_SESSION['current']->hasPriv("admin")) { @@ -19,13 +24,13 @@ if(!$_SESSION['current']->hasPriv("admin")) apidb_header("Admin Maintainers"); echo '',"\n"; -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if($_REQUEST['sub'] == 'delete') + if($aClean['sub'] == 'delete') { - $sQuery = "DELETE FROM appMaintainers WHERE maintainerId = ".$_REQUEST['maintainerId'].";"; + $sQuery = "DELETE FROM appMaintainers WHERE maintainerId = ".$aClean['maintainerId'].";"; $hResult = query_appdb($sQuery); - echo html_frame_start("Delete maintainer: ".$_REQUEST['maintainerId'],400,"",0); + echo html_frame_start("Delete maintainer: ".$aClean['maintainerId'],400,"",0); if($hResult) { // success diff --git a/admin/adminScreenshots.php b/admin/adminScreenshots.php index 0231608..7ac0770 100644 --- a/admin/adminScreenshots.php +++ b/admin/adminScreenshots.php @@ -10,6 +10,15 @@ require_once(BASE."include/screenshot.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['cmd'] = makeSafe($_REQUEST['cmd']); +$aClean['imageId'] = makeSafe($_REQUEST['imageId']); +$aClean['ItemsPerPage'] = makeSafe($_REQUEST['ItemsPerPage']); +$aClean['page'] = makeSafe($_REQUEST['page']); +$aClean['regenerate'] = makeSafe($_REQUEST['regenerate']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); + // deny access if not admin if(!$_SESSION['current']->hasPriv("admin")) { @@ -19,18 +28,18 @@ if(!$_SESSION['current']->hasPriv("admin")) /* * We issued a delete command. */ -if($_REQUEST['cmd']) +if($aClean['cmd']) { // process screenshot deletion - if($_REQUEST['cmd'] == "delete" && is_numeric($_REQUEST['imageId'])) + if($aClean['cmd'] == "delete" && is_numeric($aClean['imageId'])) { - $oScreenshot = new Screenshot($_REQUEST['imageId']); + $oScreenshot = new Screenshot($aClean['imageId']); $oScreenshot->delete(); $oScreenshot->free(); } redirect($_SERVER['PHP_SELF']. - "?ItemsPerPage=".$_REQUEST['ItemsPerPage']. - "&page=".$_REQUEST['page']); + "?ItemsPerPage=".$aClean['ItemsPerPage']. + "&page=".$aClean['page']); exit; } @@ -38,7 +47,7 @@ if($_REQUEST['cmd']) apidb_header("Screenshots"); // regenerate all screenshots -if($_REQUEST['regenerate']) +if($aClean['regenerate']) { $sQuery = "SELECT id FROM appData WHERE type = 'image'"; $hResult = query_appdb($sQuery); @@ -63,10 +72,10 @@ $pageRange = 10; $ItemsPerPage = 6; $currentPage = 1; -if($_REQUEST['ItemsPerPage']) - $ItemsPerPage = $_REQUEST['ItemsPerPage']; -if($_REQUEST['page']) - $currentPage = $_REQUEST['page']; +if($aClean['ItemsPerPage']) + $ItemsPerPage = $aClean['ItemsPerPage']; +if($aClean['page']) + $currentPage = $aClean['page']; $ItemsPerPage = min($ItemsPerPage,100); $totalPages = ceil(getNumberOfImages()/$ItemsPerPage); @@ -130,7 +139,7 @@ while ($oRow = mysql_fetch_object($Ids)) //show admin delete link if($_SESSION['current']->isLoggedIn() && ($_SESSION['current']->hasPriv("admin") || - $_SESSION['current']->isMaintainer($_REQUEST['versionId']))) + $_SESSION['current']->isMaintainer($aClean['versionId']))) { echo "
[id"; diff --git a/admin/adminTestResults.php b/admin/adminTestResults.php index 5ed7e32..7bfea76 100644 --- a/admin/adminTestResults.php +++ b/admin/adminTestResults.php @@ -11,11 +11,14 @@ require(BASE."include/mail.php"); require_once(BASE."include/testResults.php"); require_once(BASE."include/distributions.php"); +$aClean = array(); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); -if ($_REQUEST['sub']) +if ($aClean['sub']) { - $oTest = new testData($_REQUEST['iTestingId']); + $oTest = new testData($aClean['iTestingId']); $oVersion = new Version($oTest->iVersionId); if(!($_SESSION['current']->hasAppVersionModifyPermission($oVersion))) { @@ -23,26 +26,26 @@ if ($_REQUEST['sub']) exit; } - if(($_REQUEST['sub'] == 'Submit') || ($_REQUEST['sub'] == 'Save') || - ($_REQUEST['sub'] == 'Reject') || ($_REQUEST['sub'] == 'Delete')) + if(($aClean['sub'] == 'Submit') || ($aClean['sub'] == 'Save') || + ($aClean['sub'] == 'Reject') || ($aClean['sub'] == 'Delete')) { - if(is_numeric($_REQUEST['iTestingId'])) + if(is_numeric($aClean['iTestingId'])) { - $oTest = new testData($_REQUEST['iTestingId']); + $oTest = new testData($aClean['iTestingId']); $oTest->GetOutputEditorValues(); - if($_REQUEST['sub'] == 'Submit') // submit the testing results + if($aClean['sub'] == 'Submit') // submit the testing results { $oTest->update(true); $oTest->unQueue(); - } else if($_REQUEST['sub'] == 'Save') // save the testing results + } else if($aClean['sub'] == 'Save') // save the testing results { $oTest->update(); - } else if($_REQUEST['sub'] == 'Reject') // reject testing results + } else if($aClean['sub'] == 'Reject') // reject testing results { $oTest->update(true); $oTest->Reject(); - } else if($_REQUEST['sub'] == 'Delete') // delete testing results + } else if($aClean['sub'] == 'Delete') // delete testing results { $oTest->delete(); } @@ -51,15 +54,15 @@ if ($_REQUEST['sub']) } } - if(is_numeric($_REQUEST['iTestingId'])) + if(is_numeric($aClean['iTestingId'])) { - $oTest = new testData($_REQUEST['iTestingId']); + $oTest = new testData($aClean['iTestingId']); } $oVersion = new Version($oTest->iVersionId); $oApp = new application($oVersion->iAppId); $sVersionInfo = $oApp->sName." ".$oVersion->sName; - if ($_REQUEST['sub'] == 'view') + if ($aClean['sub'] == 'view') { switch($oTest->sQueued) { @@ -141,7 +144,7 @@ if ($_REQUEST['sub']) redirect($_SERVER['PHP_SELF']); } } -else // if ($_REQUEST['sub']) is not defined, display the Testing results queue page +else // if ($aClean['sub']) is not defined, display the Testing results queue page { $oTest = new TestData(); apidb_header("Testing Results"); diff --git a/admin/adminUsers.php b/admin/adminUsers.php index 1683e48..14dbf49 100644 --- a/admin/adminUsers.php +++ b/admin/adminUsers.php @@ -6,6 +6,15 @@ include("path.php"); include(BASE."include/incl.php"); +$aClean = array(); //filtered user input + +$aClean['action'] = makeSafe($_REQUEST['action']); +$aClean['userId'] = makeSafe($_REQUEST['userId']); +$aClean['sSearch'] = makeSafe($_REQUEST['sSearch']); +$aClean['iLimit'] = makeSafe($_REQUEST['iLimit']); +$aClean['sOrderBy'] = makeSafe($_REQUEST['sOrderBy']); +$aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); + apidb_header("Admin Users Management"); if(!$_SESSION['current']->hasPriv("admin")) @@ -15,9 +24,9 @@ if(!$_SESSION['current']->hasPriv("admin")) } // we want to delete a user -if($_REQUEST['action'] == "delete" && is_numeric($_REQUEST['userId'])) +if($aClean['action'] == "delete" && is_numeric($aClean['userId'])) { - $oUser = new User($_REQUEST['userId']); + $oUser = new User($aClean['userId']); $oUser->delete(); } @@ -28,15 +37,15 @@ echo html_frame_start("Users Management","400","",0) - + @@ -44,9 +53,9 @@ echo html_frame_start("Users Management","400","",0) @@ -59,7 +68,7 @@ echo html_frame_start("Users Management","400","",0) echo html_frame_end(); // if the search form was submitted -if($_REQUEST['sSubmit']) +if($aClean['sSubmit']) { echo html_frame_start("Query Results","90%","",0); echo "
Pattern
(leave blank to match all)
(leave blank to match all)
Show first
Order by
\n\n"; @@ -71,13 +80,13 @@ if($_REQUEST['sSubmit']) echo " \n"; echo " \n"; echo "\n\n"; - if(is_numeric($_REQUEST['iLimit']) && in_array($_REQUEST['sOrderBy'],array("email","realname","created"))) + if(is_numeric($aClean['iLimit']) && in_array($aClean['sOrderBy'],array("email","realname","created"))) { - $sSearch = addslashes($_REQUEST['sSearch']); + $sSearch = $aClean['sSearch']; $sQuery = "SELECT * FROM user_list WHERE realname LIKE '%".$sSearch."%' OR email LIKE '%".$sSearch."%' - ORDER BY ".$_REQUEST['sOrderBy']." - LIMIT ".$_REQUEST['iLimit']; + ORDER BY ".$aClean['sOrderBy']." + LIMIT ".$aClean['iLimit']; $hResult = query_appdb($sQuery); $i=0; while($hResult && $oRow = mysql_fetch_object($hResult)) @@ -93,7 +102,7 @@ if($_REQUEST['sSubmit']) if($oUser->hasPriv("admin")) echo "A"; if($oUser->isMaintainer()) echo "M"; echo " \n"; - echo " \n"; + echo " \n"; echo "\n\n"; } } diff --git a/admin/deleteAny.php b/admin/deleteAny.php index 917b53f..6d7334d 100644 --- a/admin/deleteAny.php +++ b/admin/deleteAny.php @@ -14,8 +14,15 @@ require_once(BASE."include/mail.php"); require_once(BASE."include/monitor.php"); require_once(BASE."include/testResults.php"); +$aClean = array(); //filtered user input -if($_REQUEST['confirmed'] != "yes") +$aClean['confirmed'] = makeSafe($_REQUEST['confirmed']); +$aClean['what'] = makeSafe($_REQUEST['what']); +$aClean['catId'] = makeSafe($_REQUEST['catId']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); + +if($aClean['confirmed'] != "yes") { // ask for confirmation // could do some Real Damage if someone accidently hits the delete button on the main category :) @@ -25,13 +32,13 @@ if($_REQUEST['confirmed'] != "yes") errorpage("Not confirmed"); } -if($_REQUEST['what']) +if($aClean['what']) { - switch($_REQUEST['what']) + switch($aClean['what']) { case "category": // delete category and the apps in it - $oCategory = new Category($_REQUEST['catId']); + $oCategory = new Category($aClean['catId']); if(!$oCategory->delete()) errorpage(); else @@ -39,18 +46,18 @@ if($_REQUEST['what']) break; case "appFamily": // delete app family & all its versions - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); if(!$oApp->delete()) errorpage(); else redirect(BASE."appbrowse.php"); break; case "appVersion": - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); if(!$oVersion->delete()) errorpage(); else - redirect(BASE."appview.php?appId=".$_REQUEST['appId']); + redirect(BASE."appview.php?appId=".$aClean['appId']); break; } } diff --git a/admin/editAppFamily.php b/admin/editAppFamily.php index 2e01e90..c37953a 100644 --- a/admin/editAppFamily.php +++ b/admin/editAppFamily.php @@ -10,22 +10,27 @@ require(BASE."include/application.php"); require(BASE."include/category.php"); require(BASE."include/mail.php"); -if(!is_numeric($_REQUEST['appId'])) +$aClean = array(); //array of filtered user input + +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['submit'] = makeSafe($_REQUEST['submit']); + +if(!is_numeric($aClean['appId'])) { errorpage("Wrong ID"); exit; } -if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isSuperMaintainer($_REQUEST['appId']))) +if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isSuperMaintainer($aClean['appId']))) { errorpage("Insufficient Privileges!"); exit; } -if(isset($_REQUEST['submit'])) +if(!empty($aClean['submit'])) { process_app_version_changes(false); - redirect(apidb_fullurl("appview.php?appId={$_REQUEST['appId']}")); + redirect(apidb_fullurl("appview.php?appId={$aClean['appId']}")); } else // Show the form for editing the Application Family @@ -33,7 +38,7 @@ else $family = new TableVE("edit"); - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); if(!$oApp) { diff --git a/admin/editAppNote.php b/admin/editAppNote.php index 6c796c2..56799ab 100644 --- a/admin/editAppNote.php +++ b/admin/editAppNote.php @@ -8,14 +8,24 @@ require(BASE."include/incl.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); -if(!is_numeric($_REQUEST['noteId'])) +$aClean = array(); //array of filtered user input + +$aClean['noteId'] = makeSafe($_REQUEST['noteId']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['noteTitle'] = makeSafe($_REQUEST['noteTitle']); +$aClean['noteDesc'] = makeSafe($_REQUEST['noteDesc']); +$aClean['preview'] = makeSafe($_REQUEST['preview']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); + +if(!is_numeric($aClean['noteId'])) { errorpage('Wrong note ID'); exit; } /* Get note data */ -$oNote = new Note($_REQUEST['noteId']); +$oNote = new Note($aClean['noteId']); /* Check for privs */ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !$_SESSION['current']->isSuperMaintainer($oNote->iAppId)) @@ -24,26 +34,26 @@ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintaine exit; } -if(isset($_REQUEST['sub'])) +if(!empty($aClean['sub'])) { - if ($_REQUEST['sub'] == 'Delete') + if ($aClean['sub'] == 'Delete') { $oNote->delete(); } - else if ($_REQUEST['sub'] == 'Update') + else if ($aClean['sub'] == 'Update') { - $oNote->update($_REQUEST['noteTitle'],$_REQUEST['noteDesc']); + $oNote->update($aClean['noteTitle'],$aClean['noteDesc']); } redirect(apidb_fullurl("appview.php?versionId={$oNote->iVersionId}")); } else { - if (!isset($_REQUEST['preview'])) + if (empty($aClean['preview'])) { - $_REQUEST['noteTitle'] = $oNote->sTitle; - $_REQUEST['noteDesc'] = $oNote->sDescription; - $_REQUEST['appId'] = $oNote->iAppId; - $_REQUEST['versionId'] = $oNote->iVersionId; + $aClean['noteTitle'] = $oNote->sTitle; + $aClean['noteDesc'] = $oNote->sDescription; + $aClean['appId'] = $oNote->iAppId; + $aClean['versionId'] = $oNote->iVersionId; } HtmlAreaLoaderScript(array("editor")); @@ -52,24 +62,24 @@ else apidb_header("Edit Application Note"); echo "\n"; - echo html_frame_start("Edit Application Note {$_REQUEST['noteId']}", "90%","",0); + echo html_frame_start("Edit Application Note {$aClean['noteId']}", "90%","",0); echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'"); - echo add_br($_REQUEST['noteDesc']); + echo add_br($aClean['noteDesc']); - echo ''; + echo ''; - if ($_REQUEST['noteTitle'] == "HOWTO" || $_REQUEST['noteTitle'] == "WARNING") + if ($aClean['noteTitle'] == "HOWTO" || $aClean['noteTitle'] == "WARNING") { echo ''; - echo '',"\n"; + echo '',"\n"; } else { - echo '',"\n"; + echo '',"\n"; } echo '
RolesAction
[userid."&sSearch=".$sSearch."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."\">edit] [userid."&sSearch=".$sSearch."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."&sSubmit=true\">delete][userid."&sSearch=".$sSearch."&iLimit=".$aClean['iLimit']."&sOrderBy=".$aClean['sOrderBy']."\">edit] [userid."&sSearch=".$sSearch."&iLimit=".$aClean['iLimit']."&sOrderBy=".$aClean['sOrderBy']."&sSubmit=true\">delete]
Title (Do not change)
Title
Title
Description', "\n"; echo '

', "\n"; - echo '',"\n"; + echo '',"\n"; echo '

'; echo '
',"\n"; echo ' ',"\n"; diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php index 0a43b8b..8f3e287 100644 --- a/admin/editAppVersion.php +++ b/admin/editAppVersion.php @@ -5,28 +5,34 @@ require(BASE."include/tableve.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); -if(!is_numeric($_REQUEST['appId']) OR !is_numeric($_REQUEST['versionId'])) +$aClean = array(); //array of filtered user input + +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['submit'] = makeSafe($_REQUEST['submit']); + +if(!is_numeric($aClean['appId']) OR !is_numeric($aClean['versionId'])) { errorpage("Wrong ID"); exit; } /* Check for admin privs */ -if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['versionId']) && !$_SESSION['current']->isSuperMaintainer($_REQUEST['appId'])) +if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($aClean['versionId']) && !$_SESSION['current']->isSuperMaintainer($aClean['appId'])) { errorpage("Insufficient Privileges!"); exit; } /* process the changes the user entered into the web form */ -if(isset($_REQUEST['submit'])) +if(!empty($aClean['submit'])) { process_app_version_changes(true); - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); } else /* or display the webform for making changes */ { - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); apidb_header("Edit Application Version"); diff --git a/admin/editDistribution.php b/admin/editDistribution.php index 1108675..7153c2f 100644 --- a/admin/editDistribution.php +++ b/admin/editDistribution.php @@ -3,6 +3,11 @@ include("path.php"); require(BASE."include/incl.php"); require(BASE."include/distributions.php"); +$aClean = array(); //array of filtered user input + +$aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); +$aClean['submit'] = makeSafe($_REQUEST['submit']); + if(!$_SESSION['current']->hasPriv("admin")) { errorpage("Insufficient privileges."); @@ -10,8 +15,8 @@ if(!$_SESSION['current']->hasPriv("admin")) } -$oDistribution = new distribution($_REQUEST['iDistributionId']); -if($_REQUEST['Submit']) +$oDistribution = new distribution($aClean['iDistributionId']); +if($aClean['Submit']) { $oDistribution->GetOutputEditorValues(); diff --git a/admin/editVendor.php b/admin/editVendor.php index 716272e..26fad04 100644 --- a/admin/editVendor.php +++ b/admin/editVendor.php @@ -3,16 +3,22 @@ include("path.php"); require_once(BASE."include/incl.php"); require_once(BASE."include/vendor.php"); +$aClean = array(); //array of filtered user input +$aClean['iVendorId'] = makeSafe($_REQUEST['iVendorId']); +$aClean['Submit'] = makeSafe($_REQUEST['Submit']); +$aClean['sName'] = makeSafe($_REQUEST['sName']); +$aClean['sWebpage'] = makeSafe($_REQUEST['sWebpage']); + if(!$_SESSION['current']->hasPriv("admin")) { errorpage(); exit; } -$oVendor = new Vendor($_REQUEST['iVendorId']); -if($_REQUEST['Submit']) +$oVendor = new Vendor($aClean['iVendorId']); +if($aClean['Submit']) { - $oVendor->update($_REQUEST['sName'],$_REQUEST['sWebpage']); + $oVendor->update($aClean['sName'],$aClean['sWebpage']); redirect(apidb_fullurl("vendorview.php")); } else diff --git a/admin/moveAppVersion.php b/admin/moveAppVersion.php index 48a2247..459f35a 100644 --- a/admin/moveAppVersion.php +++ b/admin/moveAppVersion.php @@ -5,7 +5,13 @@ require(BASE."include/tableve.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); -if(!is_numeric($_REQUEST['appId']) OR !is_numeric($_REQUEST['versionId'])) +$aClean = array(); //array of filtered user input + +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['action'] = makeSafe($_REQUEST['action']); + +if(!is_numeric($aClean['appId']) OR !is_numeric($aClean['versionId'])) { errorpage("Wrong ID"); exit; @@ -18,20 +24,20 @@ if(!$_SESSION['current']->hasPriv("admin")) exit; } -if(isset($_REQUEST['action'])) +if(!empty($aClean['action'])) { /* move this version to the given application */ - $oVersion = new Version($_REQUEST['versionId']); - $oVersion->update(null, null, null, null, $_REQUEST['appId']); + $oVersion = new Version($aClean['versionId']); + $oVersion->update(null, null, null, null, $aClean['appId']); /* redirect to the application we just moved this version to */ - redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId'])); + redirect(apidb_fullurl("appview.php?appId=".$aClean['appId'])); } else /* or display the webform for making changes */ { ?> iAppId); apidb_header("Choose application to move this version under"); diff --git a/appbrowse.php b/appbrowse.php index 3f3afcc..38498da 100644 --- a/appbrowse.php +++ b/appbrowse.php @@ -8,36 +8,43 @@ require(BASE."include/"."incl.php"); require(BASE."include/"."appdb.php"); require(BASE."include/"."category.php"); +$aClean = array(); //array of filtered user input + +$aClean['catId'] = makeSafe($_REQUEST['catId']); function admin_menu() { - if(isset($_REQUEST['catId'])) $catId=$_REQUEST['catId']; - else $catId=""; + if( empty( $aClean['catId'] ) ) + { + $aClean['catId'] = ""; + } $m = new htmlmenu("Admin"); - $m->add("Edit this Category", BASE."admin/addCategory.php?catId=$catId"); - $url = BASE."admin/deleteAny.php?what=category&catId=$catId&confirmed=yes"; + $m->add("Edit this Category", BASE."admin/addCategory.php?catId']}"); + $url = BASE."admin/deleteAny.php?what=category&catId={$aClean['catId']}&confirmed=yes"; $m->add("Delete this Category", "javascript:deleteURL(\"Are you sure?\", \"".$url."\")"); $m->done(); } -if(isset($_REQUEST['catId'])) $catId=$_REQUEST['catId']; -else $catId=0; // ROOT +if( empty( $aClean['catId'] ) ) +{ + $aClean['catId'] = 0; // ROOT +} -if( !is_numeric($catId) ) +if( !is_numeric($aClean['catId']) ) { errorpage("Something went wrong with the category ID"); exit; } // list sub categories -$cat = new Category($catId); +$cat = new Category($aClean['catId']); $catFullPath = make_cat_path($cat->getCategoryPath()); $subs = $cat->aSubcatsIds; //display admin box -if($_SESSION['current']->hasPriv("admin") && $catId != 0) +if($_SESSION['current']->hasPriv("admin") && $aClean['catId'] != 0) apidb_sidebar_add("admin_menu"); //output header @@ -125,7 +132,7 @@ if($apps) } // Disabled for now -//if ($catId != 0) +//if ($aClean['catId'] != 0) //{ // log_category_visit($cat->id); //} diff --git a/appimage.php b/appimage.php index 1c3cb0c..dd58b34 100644 --- a/appimage.php +++ b/appimage.php @@ -7,22 +7,28 @@ include("path.php"); require(BASE."include/"."incl.php"); require_once(BASE."include/"."screenshot.php"); +$aClean = array(); //array of filtered user input + +$aClean['id'] = makeSafe($_REQUEST['id']); +$aClean['REQUEST_METHOD'] = makeSafe($_REQUEST['REQUEST_METHOD']); +$aClean['thumbnail'] = makeSafe($_REQUEST['thumbnail']); + /* an image doesn't have a link, so a cookie makes no sense */ header("Set-Cookie: "); header("Pragma: "); /* if the user isn't supposed to be viewing this image */ /* display an error message and exit */ -if(!$_SESSION['current']->canViewImage($_REQUEST['id'])) +if(!$_SESSION['current']->canViewImage($aClean['id'])) { errorpage("Insufficient privileges."); exit; } -if ($_REQUEST['REQUEST_METHOD']='HEAD') +if ($aClean['REQUEST_METHOD']='HEAD') { /* WARNING! optimization of logic in include/screenshots.php */ - if (sscanf($_REQUEST['id'],"%d", &$iId) < 1) + if (sscanf($aClean['id'],"%d", &$iId) < 1) { errorpage("Bad parameter"); exit; @@ -67,12 +73,12 @@ if ($_REQUEST['REQUEST_METHOD']='HEAD') header("Expires: "); header("Last-Modified: ".fHttpDate($iModTime)); } -$oScreenshot = new Screenshot($_REQUEST['id']); +$oScreenshot = new Screenshot($aClean['id']); /* at this point, we know that .../screenshots/$id and * .../screenshots/thumbnails/$id both exist as normally * they would both be created at the same time. */ -$fstat_val = stat(appdb_fullpath("data/screenshots/".$_REQUEST['id'])); +$fstat_val = stat(appdb_fullpath("data/screenshots/".$aClean['id'])); $iModTime = $fstat_val['mtime']; header("Cache-Control: public"); @@ -90,9 +96,8 @@ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && header("Last-Modified: ".fHttpDate($iModTime)); -if(!$_REQUEST['thumbnail']) +if(!$aClean['thumbnail']) $oScreenshot->oScreenshotImage->output_to_browser(1); else $oScreenshot->oThumbnailImage->output_to_browser(1); - -?> \ No newline at end of file +?> diff --git a/appsubmit.php b/appsubmit.php index 486befb..9c42c8f 100644 --- a/appsubmit.php +++ b/appsubmit.php @@ -10,6 +10,19 @@ require_once(BASE."include/application.php"); require_once(BASE."include/mail.php"); require_once(BASE."include/testResults.php"); +$aClean = array(); //array of filtered user input + +$aClean['apptype'] = makeSafe($_REQUEST['apptype']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); +$aClean['appVendorName'] = makeSafe($_REQUEST['appVendorName']); +$aClean['vendorId'] = makeSafe($_REQUEST['vendorId']); +$aClean['appWebpage'] = makeSafe($_REQUEST['appWebpage']); +$aClean['appKeywords'] = makeSafe($_REQUEST['appKeywords']); +$aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); +$aClean['sDistribution'] = makeSafe($_REQUEST['sDistribution']); function get_vendor_from_keywords($sKeywords) { @@ -27,7 +40,7 @@ function newSubmition($errors) echo "and you will be notified via e-mail if it is added to the database or rejected.

\n"; echo "

Before continuing, please ensure that you have

\n"; echo "
    \n"; - if ($_REQUEST['apptype'] == 1) + if ($aClean['apptype'] == 1) { echo "
  • Searched for this application in the database. Duplicate submissions will be rejected
    • \n"; echo "
  • Really want to submit an application instead of a new version of an application\n"; @@ -58,18 +71,18 @@ if(!$_SESSION['current']->isLoggedIn()) } -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if($_REQUEST['apptype'] == 'application') + if($aClean['apptype'] == 'application') { - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application( $aClean['appId']); if($oApp->iAppId) { // if we are processing a queued application there MUST be an implicitly queued // version to go along with it. Find this version so we can display its information // during application processing so the admin can make a better choice about // whether to accept or reject the overall application - $sQuery = "Select versionId from appVersion where appId='".$_REQUEST['appId']."';"; + $sQuery = "Select versionId from appVersion where appId='".$aClean['appId']."';"; $hResult = query_appdb($sQuery); $oRow = mysql_fetch_object($hResult); @@ -89,9 +102,9 @@ if ($_REQUEST['sub']) } } - else if($_REQUEST['apptype'] == 'version') + else if($aClean['apptype'] == 'version') { - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); // make sure the user has permission to view this version if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) && @@ -123,35 +136,35 @@ if ($_REQUEST['sub']) } //process according to sub flag - if ($_REQUEST['sub'] == 'Submit') + if ($aClean['sub'] == 'Submit') { $errors = ""; - $oVersion = new Version($_REQUEST['versionId']); - $oTest = new testData($_REQUEST['iTestingId']); + $oVersion = new Version($aClean['versionId']); + $oTest = new testData($aClean['iTestingId']); $errors .= $oVersion->CheckOutputEditorInput(); $errors .= $oTest->CheckOutputEditorInput(); $oVersion->GetOutputEditorValues(); $oTest->GetOutputEditorValues(); - if ($_REQUEST['apptype'] == "application") // application + if ($aClean['apptype'] == "application") // application { - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $errors .= $oApp->CheckOutputEditorInput(); $oApp->GetOutputEditorValues(); // load the values from $_REQUEST if(empty($errors)) { - if($_REQUEST['appVendorName']) + if($aClean['appVendorName']) { - $_REQUEST['vendorId']=""; + $aClean['vendorId']=""; //FIXME: fix this when we fix vendor submission if($_SESSION['current']->hasPriv("admin")) { $oVendor = new Vendor(); - $oVendor->create($_REQUEST['appVendorName'],$_REQUEST['appWebpage']); + $oVendor->create($aClean['appVendorName'],$aClean['appWebpage']); } } //FIXME: remove this when we fix vendor submission - $oApp->sKeywords = $_REQUEST['appKeywords']." *** ".$_REQUEST['appVendorName']; + $oApp->sKeywords = $aClean['appKeywords']." *** ".$aClean['appVendorName']; if(is_numeric($oApp->iAppId)) { $oApp->update(); @@ -167,7 +180,7 @@ if ($_REQUEST['sub']) if(!empty($errors)) { addmsg("we've got Errors???:".$errors.":"); - $_REQUEST['sub'] = 'view'; + $aClean['sub'] = 'view'; } else { @@ -180,10 +193,10 @@ if ($_REQUEST['sub']) { $oVersion->create(); } - if(!$_REQUEST['iDistributionId']) + if(!$aClean['iDistributionId']) { - $sDistribution = trim($_REQUEST['sDistribution']); - if(!empty($sDistribution)) + $sDistribution = $aClean['sDistribution']; + if( !empty($sDistribution) ) { $oDistribution = new distribution(); $oDistribution->sName = $sDistribution; @@ -203,13 +216,13 @@ if ($_REQUEST['sub']) redirect($_SERVER['PHP_SELF']); } } - if ($_REQUEST['sub'] == 'Delete') + if ($aClean['sub'] == 'Delete') { - if (($_REQUEST['apptype'] == "application") && is_numeric($_REQUEST['appId'])) // application + if (($aClean['apptype'] == "application") && is_numeric($aClean['appId'])) // application { // get the queued versions that refers to the application entry we just removed // and delete them as we implicitly added a version entry when adding a new application - $sQuery = "SELECT versionId FROM appVersion WHERE appVersion.appId = '".$_REQUEST['appId']."' AND appVersion.queued = 'rejected';"; + $sQuery = "SELECT versionId FROM appVersion WHERE appVersion.appId = '".$aClean['appId']."' AND appVersion.queued = 'rejected';"; $hResult = query_appdb($sQuery); if($hResult) { @@ -221,17 +234,17 @@ if ($_REQUEST['sub']) } // delete the application entry - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $oApp->delete(); - } else if(($_REQUEST['apptype'] == "version") && is_numeric($_REQUEST['versionId'])) // version + } else if(($aClean['apptype'] == "version") && is_numeric($aClean['versionId'])) // version { - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); $oVersion->delete(); } redirect($_SERVER['PHP_SELF']); } - if ($_REQUEST['sub'] == 'view') + if ($aClean['sub'] == 'view') { $x = new TableVE("view"); apidb_header("Application Queue"); @@ -241,7 +254,7 @@ if ($_REQUEST['sub']) echo html_back_link(1,$_SERVER['PHP_SELF']); - if($_REQUEST['apptype'] == 'application') // application + if($aClean['apptype'] == 'application') // application { if ($oApp->sName != "") { @@ -275,7 +288,7 @@ if ($_REQUEST['sub']) if(!$iVendorId) { $sVendor = get_vendor_from_keywords($oApp->sKeywords); - $sQuery = "SELECT vendorId FROM vendor WHERE vendorname = '".$_REQUEST['appVendorName']."';"; + $sQuery = "SELECT vendorId FROM vendor WHERE vendorname = '".$aClean['appVendorName']."';"; $hResult = query_appdb($sQuery); if($hResult) { @@ -287,7 +300,7 @@ if ($_REQUEST['sub']) // try for a partial match if(!$iVendorId) { - $sQuery = "select * from vendor where vendorname like '%".$_REQUEST['appVendorName']."%';"; + $sQuery = "select * from vendor where vendorname like '%".$aClean['appVendorName']."%';"; $hResult = query_appdb($sQuery); if($hResult) { @@ -297,7 +310,7 @@ if ($_REQUEST['sub']) } //vendor field if($iVendorId) - $_REQUEST['appVendorName'] = ""; + $aClean['appVendorName'] = ""; } else //app version { if(is_numeric($oVersion->iVersionId)) @@ -330,20 +343,20 @@ if ($_REQUEST['sub']) if(!($oTest->sTestedDate)) $oTest->sTestedDate = date('Y-m-d H:i:s'); - if($_REQUEST['apptype'] == 'application') + if($aClean['apptype'] == 'application') { - $oApp->OutputEditor($_REQUEST['appVendorName']); + $oApp->OutputEditor($aClean['appVendorName']); $oVersion->OutputEditor(false, false); } else { $oVersion->OutputEditor(false, false); } - $oTest->OutputEditor($_REQUEST['sDistribution'],true); + $oTest->OutputEditor($aClean['sDistribution'],true); echo "\n"; - if($_REQUEST['apptype'] == 'application') // application + if($aClean['apptype'] == 'application') // application { echo ''; if(is_numeric($oApp->iAppId)) @@ -359,7 +372,7 @@ if ($_REQUEST['sub']) } else // version { echo ''; - echo ''; + echo ''; if(is_numeric($oVersion->iVersionId)) { echo '\n"; // optional links - $result = query_appdb("SELECT * FROM appData WHERE appId = ".$_REQUEST['appId']." AND versionID = 0 AND type = 'url'"); + $result = query_appdb("SELECT * FROM appData WHERE appId = ".$aClean['appId']." AND versionID = 0 AND type = 'url'"); if($result && mysql_num_rows($result) > 0) { echo " ',"\n"; + echo '',"\n"; echo '',"\n"; echo '',"\n"; } diff --git a/include/comment.php b/include/comment.php index 95007d7..8e2baa2 100644 --- a/include/comment.php +++ b/include/comment.php @@ -367,6 +367,12 @@ function display_comments_flat($versionId) function view_app_comments($versionId, $threadId = 0) { + + $aClean = array(); //array of filtered user input + + $aClean['cmode'] = makeSafe($_REQUEST['cmode']); + $aClean['mode'] = makeSafe($_REQUEST['mode']); + // count posts $result = query_appdb("SELECT commentId FROM appComments WHERE versionId = $versionId"); $messageCount = mysql_num_rows($result); @@ -381,8 +387,8 @@ function view_app_comments($versionId, $threadId = 0) if ($_SESSION['current']->isLoggedIn()) { // FIXME we need to change this so not logged in users can change current view as well - if (isset($_REQUEST['cmode'])) - $_SESSION['current']->setPref("comments:mode", $_REQUEST['cmode']); + if (!empty($aClean['cmode'])) + $_SESSION['current']->setPref("comments:mode", $aClean['cmode']); $sel[$_SESSION['current']->getPref("comments:mode", "threaded")] = 'selected'; echo ' diff --git a/include/form_login.php b/include/form_login.php index f410faa..bca4ef0 100644 --- a/include/form_login.php +++ b/include/form_login.php @@ -1,4 +1,10 @@ - + diff --git a/include/form_new.php b/include/form_new.php index 18f70e2..f225574 100644 --- a/include/form_new.php +++ b/include/form_new.php @@ -1,4 +1,12 @@ - + @@ -23,7 +31,7 @@ echo html_frame_start("Create New Application DB Account","400","",0) - + sBody."\n"; $sMsg .= "\n"; $sMsg .= "Because:\n"; - if($_REQUEST['replyText']) - $sMsg .= $_REQUEST['replyText']."\n"; + if($aClean['replyText']) + $sMsg .= $aClean['replyText']."\n"; else $sMsg .= "No reason given.\n"; diff --git a/include/screenshot.php b/include/screenshot.php index ba944ba..d076919 100644 --- a/include/screenshot.php +++ b/include/screenshot.php @@ -3,7 +3,9 @@ /* screenshot class and related functions */ /******************************************/ +require_once(BASE."include/util.php"); require_once(BASE."include/image.php"); + // load the watermark $watermark = new image("/images/watermark.png"); @@ -233,6 +235,10 @@ class Screenshot { function mailSubmitter($bRejected=false) { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + if($this->iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -245,7 +251,7 @@ class Screenshot { $sSubject = "Submitted screenshot rejected"; $sMsg = "The screenshot you submitted for ".lookup_app_name($this->iAppId)." ".lookup_version_name($this->iVersionId)." has been rejected."; } - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Application Database better for all users."; mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); diff --git a/include/sidebar.php b/include/sidebar.php index 7a628aa..69a1fd8 100644 --- a/include/sidebar.php +++ b/include/sidebar.php @@ -4,9 +4,14 @@ /***********/ require_once(BASE."include/distributions.php"); require_once(BASE."include/vendor.php"); +require_once(BASE."include/util.php"); function global_sidebar_menu() { - + + $aClean = array(); //array of filtered user input + + $aClean['q'] = makeSafe($_REQUEST['q']); + $g = new htmlmenu(APPDB_OWNER." Menu"); $g->add(APPDB_OWNER, APPDB_OWNER_URL); $g->add("AppDB", BASE); @@ -29,7 +34,7 @@ function global_sidebar_menu() { $g->done(); $g = new htmlmenu("Search"); - $g->addmisc(app_search_box(isset($_REQUEST['q']) ? $_REQUEST['q'] : '')); + $g->addmisc(app_search_box(!empty($aClean['q']) ? $aClean['q'] : '')); $g->done(); } diff --git a/include/testResults.php b/include/testResults.php index a58ccbd..d1a2b96 100644 --- a/include/testResults.php +++ b/include/testResults.php @@ -3,7 +3,7 @@ /* this class represents Testing results */ /*****************************************/ require_once(BASE."include/distributions.php"); - +require_once(BASE."include/util.php"); // Testing class for handling Testing History. class testData{ @@ -228,6 +228,11 @@ class testData{ function mailSubmitter($sAction="add") { + + $aClean = array(); //array of filtered user input + + $aClean = makeSafe($_REQUEST['replyText']); + if($this->iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -251,7 +256,7 @@ class testData{ $sMsg .= "Reason given:\n"; break; } - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Application Database better for all users."; mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); @@ -261,6 +266,10 @@ class testData{ function SendNotificationMail($sAction="add",$sMsg=null) { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + $oVersion = new Version($this->iVersionId); $oApp = new Application($oVersion->iAppId); switch($sAction) @@ -276,10 +285,10 @@ class testData{ $sMsg .= "This Testing data has been submitted by ".$oSubmitter->sRealname."."; $sMsg .= "\n"; } - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Appdb admin reply text:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("The testing data was successfully added into the database.", "green"); } else // testing data queued. @@ -299,10 +308,10 @@ class testData{ case "delete": $sSubject = "Test Results deleted for version ".$oVersion->sName." of ".$oApp->sName." submitted by ".$_SESSION['current']->sRealname; // if replyText is set we should report the reason the data was deleted - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("testing data deleted.", "green"); @@ -311,10 +320,10 @@ class testData{ $sSubject = "Test Results rejected for version ".$oVersion->sName." of ".$oApp->sName." submitted by ".$_SESSION['current']->sRealname; $sMsg .= APPDB_ROOT."admin/adminTestResults.php?sub=view&iTestingId=".$this->iTestingId."\n"; // if replyText is set we should report the reason the data was rejected - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("testing data rejected.", "green"); break; @@ -351,7 +360,10 @@ class testData{ // Show the Test results for a application version function ShowVersionsTestingTable($iVersionId, $iCurrentTest, $link, $iDisplayLimit) { - $showAll = $_REQUEST['showAll']; + $aClean = array(); //array of filtered user input + $aClean['showAll'] = makeSafe($_REQUEST['showAll']); + + $showAll = $aClean['showAll']; $sQuery = "SELECT * FROM testResults @@ -500,38 +512,46 @@ class testData{ function CheckOutputEditorInput($sDistribution="") { - $errors = ""; - $sWhatWorks = trim($_REQUEST['sWhatWorks']); - $sWhatDoesnt = trim($_REQUEST['sWhatDoesnt']); - $sWhatNotTested = trim($_REQUEST['sWhatNotTested']); - $sDistribution = trim($_REQUEST['sDistribution']); + $aClean = array(); //array of filtered user input + $aClean['sWhatWorks'] = makeSafe($_REQUEST['sWhatWorks']); + $aClean['sWhatDoesnt'] = makeSafe($_REQUEST['sWhatDoesnt']); + $aClean['sWhatNotTested'] = makeSafe($_REQUEST['sWhatNotTested']); + $aClean['sDistribution'] = makeSafe($_REQUEST['sDistribution']); + $aClean['sTestedDate'] = makeSafe($_REQUEST['sTestedDate']); + $aClean['sTestedRelease'] = makeSafe($_REQUEST['sTestedRelease']); + $aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); + $aClean['sInstalls'] = makeSafe($_REQUEST['sInstalls']); + $aClean['sRuns'] = makeSafe($_REQUEST['sRuns']); + $aClean['sTestedRating'] = makeSafe($_REQUEST['sTestedRating']); - if (empty($sWhatWorks)) + $errors = ""; + + if (empty($aClean['sWhatWorks'])) $errors .= "
  • Please enter what worked.
    • \n"; - if (empty($sWhatDoesnt)) + if (empty($aClean['sWhatDoesnt'])) $errors .= "
  • Please enter what did not work.
    • \n"; - if (empty($sWhatNotTested)) + if (empty($aClean['sWhatNotTested'])) $errors .= "
  • Please enter what was not tested.
    • \n"; - if (empty($_REQUEST['sTestedDate'])) + if (empty($aClean['sTestedDate'])) $errors .= "
  • Please enter the date and time when you tested.
    • \n"; - if (empty($_REQUEST['sTestedRelease'])) + if (empty($aClean['sTestedRelease'])) $errors .= "
  • Please enter the version of Wine that you tested with.
    • \n"; // No Distribution entered, and nothing in the list is selected - if (empty($sDistribution) && !$_REQUEST['iDistributionId']) + if (empty($sDistribution) && !$aClean['iDistributionId']) $errors .= "
  • Please enter a distribution.
    • \n"; - if (empty($_REQUEST['sInstalls'])) + if (empty($aClean['sInstalls'])) $errors .= "
  • Please enter whether this application installs or not.
    • \n"; - if (empty($_REQUEST['sRuns'])) + if (empty($aClean['sRuns'])) $errors .= "
  • Please enter whether this application runs or not.
    • \n"; - if (empty($_REQUEST['sTestedRating'])) + if (empty($aClean['sTestedRating'])) $errors .= "
  • Please enter a rating based on how well this application runs.
    • \n"; return $errors; @@ -541,34 +561,49 @@ class testData{ /* retrieves values from $_REQUEST that were output by OutputEditor() */ function GetOutputEditorValues() { + $aClean = array(); //array of filtered user input + + $aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); + $aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']); + $aClean['sWhatWorks'] = makeSafe($_REQUEST['sWhatWorks']); + $aClean['sWhatDoesnt'] = makeSafe($_REQUEST['sWhatDoesnt']); + $aClean['sWhatNotTested'] = makeSafe($_REQUEST['sWhatNotTested']); + $aClean['sTestedDate'] = makeSafe($_REQUEST['sTestedDate']); + $aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); + $aClean['sTestedRelease'] = makeSafe($_REQUEST['sTestedRelease']); + $aClean['sInstalls'] = makeSafe($_REQUEST['sInstalls']); + $aClean['sRuns'] = makeSafe($_REQUEST['sRuns']); + $aClean['sTestedRating'] = makeSafe($_REQUEST['sTestedRating']); + $aClean['sComments'] = makeSafe($_REQUEST['sComments']); + if(get_magic_quotes_gpc()) { - $this->iTestingId = stripslashes($_REQUEST['iTestingId']); - $this->iVersionId = stripslashes($_REQUEST['iVersionId']); - $this->sWhatWorks = stripslashes($_REQUEST['sWhatWorks']); - $this->sWhatDoesnt = stripslashes($_REQUEST['sWhatDoesnt']); - $this->sWhatNotTested = stripslashes($_REQUEST['sWhatNotTested']); - $this->sTestedDate = stripslashes($_REQUEST['sTestedDate']); - $this->iDistributionId = stripslashes($_REQUEST['iDistributionId']); - $this->sTestedRelease = stripslashes($_REQUEST['sTestedRelease']); - $this->sInstalls = stripslashes($_REQUEST['sInstalls']); - $this->sRuns = stripslashes($_REQUEST['sRuns']); - $this->sTestedRating = stripslashes($_REQUEST['sTestedRating']); - $this->sComments = stripslashes($_REQUEST['sComments']); + $this->iTestingId = stripslashes($aClean['iTestingId']); + $this->iVersionId = stripslashes($aClean['iVersionId']); + $this->sWhatWorks = stripslashes($aClean['sWhatWorks']); + $this->sWhatDoesnt = stripslashes($aClean['sWhatDoesnt']); + $this->sWhatNotTested = stripslashes($aClean['sWhatNotTested']); + $this->sTestedDate = stripslashes($aClean['sTestedDate']); + $this->iDistributionId = stripslashes($aClean['iDistributionId']); + $this->sTestedRelease = stripslashes($aClean['sTestedRelease']); + $this->sInstalls = stripslashes($aClean['sInstalls']); + $this->sRuns = stripslashes($aClean['sRuns']); + $this->sTestedRating = stripslashes($aClean['sTestedRating']); + $this->sComments = stripslashes($aClean['sComments']); } else { - $this->iTestingId = $_REQUEST['iTestingId']; - $this->iVersionId = $_REQUEST['iVersionId']; - $this->sWhatWorks = $_REQUEST['sWhatWorks']; - $this->sWhatDoesnt = $_REQUEST['sWhatDoesnt']; - $this->sWhatNotTested = $_REQUEST['sWhatNotTested']; - $this->sTestedDate = $_REQUEST['sTestedDate']; - $this->iDistributionId = $_REQUEST['iDistributionId']; - $this->sTestedRelease = $_REQUEST['sTestedRelease']; - $this->sInstalls = $_REQUEST['sInstalls']; - $this->sRuns = $_REQUEST['sRuns']; - $this->sTestedRating = $_REQUEST['sTestedRating']; - $this->sComments = $_REQUEST['sComments']; + $this->iTestingId = $aClean['iTestingId']; + $this->iVersionId = $aClean['iVersionId']; + $this->sWhatWorks = $aClean['sWhatWorks']; + $this->sWhatDoesnt = $aClean['sWhatDoesnt']; + $this->sWhatNotTested = $aClean['sWhatNotTested']; + $this->sTestedDate = $aClean['sTestedDate']; + $this->iDistributionId = $aClean['iDistributionId']; + $this->sTestedRelease = $aClean['sTestedRelease']; + $this->sInstalls = $aClean['sInstalls']; + $this->sRuns = $aClean['sRuns']; + $this->sTestedRating = $aClean['sTestedRating']; + $this->sComments = $aClean['sComments']; } } diff --git a/include/url.php b/include/url.php index fea8e1b..4b5f4a3 100644 --- a/include/url.php +++ b/include/url.php @@ -2,7 +2,7 @@ /***************************************/ /* url class and related functions */ /***************************************/ - +require_once(BASE."include/util.php"); /** * Url class for handling urls @@ -51,8 +51,13 @@ class Url { */ function create($sDescription = null, $sUrl = null, $iVersionId = null, $iAppId = null) { + $aClean = array(); //array of filtered user input + + $aClean['versionId'] = makeSafe($_REQUEST['versionId']); + $aClean['appId'] = makeSafe($_REQUEST['appId']); + // Security, if we are not an administrator or a maintainer, the url must be queued. - if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($_REQUEST['versionId']) || $_SESSION['current']->isSupermaintainer($_REQUEST['appId']))) + if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($aClean['versionId']) || $_SESSION['current']->isSupermaintainer($aClean['appId']))) { $this->bQueued = true; } @@ -177,6 +182,9 @@ class Url { function mailSubmitter($bRejected=false) { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); if($this->iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -189,7 +197,7 @@ class Url { $sSubject = "Submitted url rejected"; $sMsg = "The url you submitted for ".lookup_app_name($this->appId)." ".lookup_version_name($this->versionId)." has been rejected."; } - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Application Database better for all users."; mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); diff --git a/include/user.php b/include/user.php index 1b4d1cb..9d74c0d 100644 --- a/include/user.php +++ b/include/user.php @@ -4,6 +4,7 @@ /************************************/ require_once(BASE."include/version.php"); +require_once(BASE."include/util.php"); /** * User class for handling users @@ -267,6 +268,10 @@ class User { */ function addAsMaintainer($iAppId, $iVersionId, $bSuperMaintainer, $iQueueId) { + + $aClean = array(); + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + /* if the user isn't already a supermaintainer of the application and */ /* if they are trying to become a maintainer and aren't already a maintainer of */ /* the version, then continue processing the request */ @@ -295,7 +300,7 @@ class User { { $sSubject = "Application Maintainer Request Report"; $sMsg = "Your application to be the maintainer of ".$oApp->sName." ".$oVersion->sName." has been accepted. "; - $sMsg .= $_REQUEST['replyText']; + $sMsg .= $aClean['replyText']; $sMsg .= "We appreciate your help in making the Application Database better for all users.\n\n"; mail_appdb($sEmail, $sSubject ,$sMsg); diff --git a/include/util.php b/include/util.php index 26b8e37..8a32d3c 100644 --- a/include/util.php +++ b/include/util.php @@ -1,4 +1,11 @@ iSubmitterId) { $oApp = new Application($this->iAppId); @@ -439,7 +443,7 @@ class Version { $sMsg .= "Reason given:\n"; break; } - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Version Database better for all users."; mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); @@ -449,6 +453,9 @@ class Version { function SendNotificationMail($sAction="add",$sMsg=null) { + $aClean = array(); //array of filtered user input + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + $oApp = new Application($this->iAppId); switch($sAction) { @@ -463,10 +470,10 @@ class Version { $sMsg .= "This version has been submitted by ".$oSubmitter->sRealname."."; $sMsg .= "\n"; } - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Appdb admin reply text:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("The version was successfully added into the database.", "green"); @@ -487,10 +494,10 @@ class Version { $sSubject = "Version '".$this->sName."' of '".$oApp->sName."' has been deleted by ".$_SESSION['current']->sRealname; // if replyText is set we should report the reason the application was deleted - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Version deleted.", "green"); @@ -500,10 +507,10 @@ class Version { $sMsg .= APPDB_ROOT."appsubmit.php?apptype=application&sub=view&versionId=".$this->iVersionId."\n"; // if replyText is set we should report the reason the version was rejected - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Version rejected.", "green"); @@ -580,12 +587,17 @@ class Version { function CheckOutputEditorInput() { + $aClean = array(); //array of filtered user input + + $aClean['versionName'] = makeSafe($_REQUEST['versionName']); + $aClean['versionDescription'] = makeSafe($_REQUEST['versionDescription']); + $errors = ""; - if (empty($_REQUEST['versionName'])) + if (empty($aClean['versionName'])) $errors .= "
  • Please enter an application version.
    • \n"; - if (empty($_REQUEST['versionDescription'])) + if (empty($aClean['versionDescription'])) $errors .= "
  • Please enter a version description.
    • \n"; return $errors; @@ -594,29 +606,40 @@ class Version { /* retrieves values from $_REQUEST that were output by OutputEditor() */ function GetOutputEditorValues() { + $aClean = array(); //array of filtered user input + $aClean['appid'] = makeSafe($_REQUEST['appId']); + $aClean['versionId'] = makeSafe($_REQUEST['versionId']); + $aClean['versionName'] = makeSafe($_REQUEST['versionName']); + $aClean['versionDescription'] = makeSafe($_REQUEST['versionDescription']); + $aClean['maintainer_rating'] = makeSafe($_REQUEST['maintainer_rating']); + $aClean['maintainer_release'] = makeSafe($_REQUEST['maintainer_release']); + if(get_magic_quotes_gpc()) { - $this->iAppId = stripslashes($_REQUEST['appId']); - $this->iVersionId = stripslashes($_REQUEST['versionId']); - $this->sName = stripslashes($_REQUEST['versionName']); - $this->sDescription = stripslashes($_REQUEST['versionDescription']); - - $this->sTestedRating = stripslashes($_REQUEST['maintainer_rating']); - $this->sTestedRelease = stripslashes($_REQUEST['maintainer_release']); + $this->iAppId = stripslashes($aClean['appId']); + $this->iVersionId = stripslashes($aClean['versionId']); + $this->sName = stripslashes($aClean['versionName']); + $this->sDescription = stripslashes($aClean['versionDescription']); + $this->sTestedRating = stripslashes($aClean['maintainer_rating']); + $this->sTestedRelease = stripslashes($aClean['maintainer_release']); } else { - $this->iAppId = $_REQUEST['appId']; - $this->iVersionId = $_REQUEST['versionId']; - $this->sName = $_REQUEST['versionName']; - $this->sDescription = $_REQUEST['versionDescription']; + $this->iAppId = $aClean['appId']; + $this->iVersionId = $aClean['versionId']; + $this->sName = $aClean['versionName']; + $this->sDescription = $aClean['versionDescription']; - $this->sTestedRating = $_REQUEST['maintainer_rating']; - $this->sTestedRelease = $_REQUEST['maintainer_release']; + $this->sTestedRating = $aClean['maintainer_rating']; + $this->sTestedRelease = $aClean['maintainer_release']; } } function display() { + $aClean = array(); //array of filtered user input + $aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); + + /* is this user supposed to view this version? */ if(!$_SESSION['current']->canViewVersion($this)) { @@ -801,7 +824,7 @@ class Version { echo $this->sDescription; // Show testing data - $oTest = new TestData($_REQUEST['iTestingId']); + $oTest = new TestData($aClean['iTestingId']); $iCurrentTest = $oTest->ShowTestResult($oTest->iTestingId, $this->iVersionId); if($iCurrentTest) { diff --git a/include/vote.php b/include/vote.php index 07e7c04..bc2ffa0 100644 --- a/include/vote.php +++ b/include/vote.php @@ -1,5 +1,5 @@ add(""); $m->add(""); - $m->addmisc(""); + $m->addmisc(""); $m->add("View Results", BASE."votestats.php"); $m->add("Voting Help", BASE."help/?topic=voting"); diff --git a/maintainerdelete.php b/maintainerdelete.php index d67776e..7ac3939 100644 --- a/maintainerdelete.php +++ b/maintainerdelete.php @@ -11,27 +11,30 @@ require(BASE."include/incl.php"); require(BASE."include/category.php"); require(BASE."include/application.php"); +$aClean = array(); //array of filtered user input + +$aClean['appId'] = makeSafe($_POST['appId']); +$aClean['versionId'] = makeSafe($_POST['versionId']); +$aClean['confirmed'] = makeSafe($_POST['confirmed']); +$aClean['superMaintainer'] = makeSafe($_POST['superMaintainer']); + if(!$_SESSION['current']->isLoggedIn()) { errorpage("You need to be logged in to resign from being a maintainer."); exit; } -$appId = strip_tags($_POST['appId']); -$versionId = strip_tags($_POST['versionId']); -$confirmed = strip_tags($_POST['confirmed']); -$superMaintainer = strip_tags($_POST['superMaintainer']); -if($confirmed) +if($aClean['confirmed']) { - $oApp = new Application($appId); - if($superMaintainer) + $oApp = new Application($aClean['appId']); + if($aClean['superMaintainer']) { apidb_header("You have resigned as super maintainer of ".$oApp->sName); $result = $_SESSION['current']->deleteMaintainer($oApp->iAppId, null); } else { - $oVersion = new Version($versionId); + $oVersion = new Version($aClean['versionId']); apidb_header("You have resigned as maintainer of ".$oApp->sName." ".$oVersion->sName); $result = $_SESSION['current']->deleteMaintainer($oApp->iAppId, $oVersion->iVersionId); } @@ -39,14 +42,14 @@ if($confirmed) */ if($result) { - if($superMaintainer) + if($aClean['superMaintainer']) echo "You were removed as a super maintainer of ".$oApp->sName; else echo "You were removed as a maintainer of ".$oApp->sName." ".$oVersion->sName; } } else { - if($superMaintainer) + if($aClean['superMaintainer']) apidb_header("Confirm super maintainer resignation of ".$oApp->sName); else apidb_header("Confirm maintainer resignation of ".$oApp->sName." ".$oVersion->sName); @@ -56,12 +59,12 @@ if($confirmed) echo html_frame_start("Confirm",400,"",0); echo "
    ' ,"\n"; @@ -384,7 +397,7 @@ if ($_REQUEST['sub']) redirect($_SERVER['PHP_SELF']); } } -else // if ($_REQUEST['sub']) is not defined, display the main app queue page +else // if ($aClean['sub']) is not defined, display the main app queue page { apidb_header("Resubmit application"); diff --git a/appview.php b/appview.php index bf6b8e8..d2714c5 100644 --- a/appview.php +++ b/appview.php @@ -17,9 +17,15 @@ require(BASE."include/mail.php"); require(BASE."include/monitor.php"); require_once(BASE."include/testResults.php"); +$aClean = array(); //array of filtered user input -$oApp = new Application($_REQUEST['appId']); -$oVersion = new Version($_REQUEST['versionId']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['buglinkId'] = makeSafe($_REQUEST['buglinkId']); + +$oApp = new Application($aClean['appId']); +$oVersion = new Version($aClean['versionId']); /** * display the full path of the Category we are looking at @@ -122,63 +128,63 @@ function show_note($sType,$oData){ return $s; } -if(!is_numeric($_REQUEST['appId']) && !is_numeric($_REQUEST['versionId'])) +if(!is_numeric($aClean['appId']) && !is_numeric($aClean['versionId'])) { errorpage("Something went wrong with the application or version id"); exit; } -if ($_REQUEST['sub']) +if ($aClean['sub']) { - if(($_REQUEST['sub'] == 'delete' ) && ($_REQUEST['buglinkId'])) + if(($aClean['sub'] == 'delete' ) && ($aClean['buglinkId'])) { if(($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($oVersion->iVersionId) || $_SESSION['current']->isSuperMaintainer($oVersion->iAppId))) { - $oBuglink = new bug($_REQUEST['buglinkId']); + $oBuglink = new bug($aClean['buglinkId']); $oBuglink->delete(); - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); exit; } } - if(($_REQUEST['sub'] == 'unqueue' ) && ($_REQUEST['buglinkId'])) + if(($aClean['sub'] == 'unqueue' ) && ($aClean['buglinkId'])) { if(($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($oVersion->iVersionId) || $_SESSION['current']->isSuperMaintainer($oVersion->iAppId))) { - $oBuglink = new bug($_REQUEST['buglinkId']); + $oBuglink = new bug($aClean['buglinkId']); $oBuglink->unqueue(); - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); exit; } } - if(($_REQUEST['sub'] == 'Submit a new bug link.' ) && ($_REQUEST['buglinkId'])) + if(($aClean['sub'] == 'Submit a new bug link.' ) && ($aClean['buglinkId'])) { $oBuglink = new bug(); - $oBuglink->create($_REQUEST['versionId'],$_REQUEST['buglinkId']); - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + $oBuglink->create($aClean['versionId'],$aClean['buglinkId']); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); exit; } - if($_REQUEST['sub'] == 'StartMonitoring') + if($aClean['sub'] == 'StartMonitoring') { $oMonitor = new Monitor(); - $oMonitor->create($_SESSION['current']->iUserId,$_REQUEST['appId'],$_REQUEST['versionId']); - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + $oMonitor->create($_SESSION['current']->iUserId,$aClean['appId'],$aClean['versionId']); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); exit; } - if($_REQUEST['sub'] == 'StopMonitoring') + if($aClean['sub'] == 'StopMonitoring') { $oMonitor = new Monitor(); - $oMonitor->find($_SESSION['current']->iUserId,$_REQUEST['appId'],$_REQUEST['versionId']); + $oMonitor->find($_SESSION['current']->iUserId,$aClean['appId'],$aClean['versionId']); if($oMonitor->iMonitorId) { $oMonitor->delete(); } - redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); + redirect(apidb_fullurl("appview.php?versionId=".$aClean['versionId'])); exit; } @@ -187,13 +193,13 @@ if ($_REQUEST['sub']) /** * We want to see an application family (=no version). */ -if($_REQUEST['appId']) +if($aClean['appId']) { - $oApp = new Application($_REQUEST['appId']); + $oApp = new Application($aClean['appId']); $oApp->display(); -} else if($_REQUEST['versionId']) // We want to see a particular version. +} else if($aClean['versionId']) // We want to see a particular version. { - $oVersion = new Version($_REQUEST['versionId']); + $oVersion = new Version($aClean['versionId']); $oVersion->display(); } else { diff --git a/commentview.php b/commentview.php index dedb279..220e517 100644 --- a/commentview.php +++ b/commentview.php @@ -12,15 +12,22 @@ include("path.php"); include(BASE."include/incl.php"); require_once(BASE."include/comment.php"); +$aClean = array(); //array of filtered user input + +$aClean['appId'] = makeSafe($_REQUEST['appId']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['threadId'] = makeSafe($_REQUEST['threadId']); + apidb_header("Comments"); -if(!is_numeric($_REQUEST['appId']) OR !is_numeric($_REQUEST['versionId']) OR (isset($_REQUEST['threadId']) AND !is_numeric($_REQUEST['threadId']))) + +if(!is_numeric($aClean['appId']) OR !is_numeric($aClean['versionId']) OR (!empty($aClean['threadId']) AND !is_numeric($aClean['threadId']))) { errorpage("Wrong IDs"); exit; } -view_app_comments($_REQUEST['versionId'], $_REQUEST['threadId']); +view_app_comments($aClean['versionId'], $aClean['threadId']); apidb_footer(); ?> diff --git a/deletecomment.php b/deletecomment.php index 65e2a8a..ca59d3d 100644 --- a/deletecomment.php +++ b/deletecomment.php @@ -11,7 +11,13 @@ require(BASE."include/incl.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); -$oComment = new Comment($_REQUEST['commentId']); +$aClean = array(); //array of filtered user input + +$aClean['str_why'] = makeSafe($_REQUEST['str_why']); +$aClean['commentId'] = makeSafe($_REQUEST['commentId']); +$aClean['int_delete_it'] = makeSafe($_REQUEST['int_delete_it']); + +$oComment = new Comment($aClean['commentId']); /* if we aren't an admin or the maintainer of this app we shouldn't be */ /* allowed to delete any comments */ @@ -23,7 +29,7 @@ if (!$_SESSION['current']->hasPriv("admin") exit; } -if($_SESSION['current']->getPref("confirm_comment_deletion") != "no" && !isset($_REQUEST['int_delete_it'])) +if($_SESSION['current']->getPref("confirm_comment_deletion") != "no" && !isset($aClean['int_delete_it'])) { apidb_header("Delete Comment"); $mesTitle = "Please state why you are deleting the following comment"; @@ -47,7 +53,7 @@ if($_SESSION['current']->getPref("confirm_comment_deletion") != "no" && !isset($ apidb_footer(); } else { - $oComment->delete($_REQUEST['str_why']); + $oComment->delete($aClean['str_why']); redirect(apidb_fullurl("appview.php?versionId=".$oComment->iVersionId)); } ?> diff --git a/distributionView.php b/distributionView.php index ef04f53..bd5355e 100644 --- a/distributionView.php +++ b/distributionView.php @@ -11,7 +11,13 @@ require(BASE."include/incl.php"); require(BASE."include/distributions.php"); require(BASE."include/testResults.php"); -if ($_REQUEST['sub']) +$aClean = array(); //array of filtered user input + +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['iDistributionId'] = makeSafe( $_REQUEST['iDistributionId']); + + +if ($aClean['sub']) { if(!$_SESSION['current']->hasPriv("admin")) { @@ -19,14 +25,14 @@ if ($_REQUEST['sub']) exit; } - if($_REQUEST['sub'] == 'delete') + if($aClean['sub'] == 'delete') { - $oDistribution = new distribution($_REQUEST['iDistributionId']); + $oDistribution = new distribution($aClean['iDistributionId']); $oDistribution->delete(); redirect($_SERVER['PHP_SELF']); } } -$oDistribution = new distribution($_REQUEST['iDistributionId']); +$oDistribution = new distribution($aClean['iDistributionId']); //exit with error if no vendor if(!$oDistribution->iDistributionId) diff --git a/include/application.php b/include/application.php index c84a8c0..6900d76 100644 --- a/include/application.php +++ b/include/application.php @@ -6,6 +6,7 @@ require_once(BASE."include/version.php"); require_once(BASE."include/vendor.php"); require_once(BASE."include/url.php"); +require_once(BASE."include/util.php"); /** * Application class for handling applications. @@ -308,6 +309,10 @@ class Application { function mailSubmitter($sAction="add") { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + if($this->iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -332,7 +337,7 @@ class Application { $sMsg .= "Reason given:\n"; break; - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Application Database better for all users."; } mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); @@ -342,6 +347,10 @@ class Application { function SendNotificationMail($sAction="add",$sMsg=null) { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + switch($sAction) { case "add": @@ -355,10 +364,10 @@ class Application { $sMsg .= "This application has been submitted by ".$oSubmitter->sRealname."."; $sMsg .= "\n"; } - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Appdb admin reply text:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("The application was successfully added into the database.", "green"); @@ -379,10 +388,10 @@ class Application { $sSubject = $this->sName." has been deleted by ".$_SESSION['current']->sRealname; // if replyText is set we should report the reason the application was deleted - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Application deleted.", "green"); @@ -392,10 +401,10 @@ class Application { $sMsg .= APPDB_ROOT."appsubmit.php?apptype=application&sub=view&appId=".$this->iAppId."\n"; // if replyText is set we should report the reason the application was rejected - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Application rejected.", "green"); @@ -457,22 +466,31 @@ class Application { function CheckOutputEditorInput() { + + $aClean = array(); //array of filtered user input + + $aClean['appCatId'] = makeSafe($_REQUEST['appCatId']); + $aClean['appName'] = makeSafe($_REQUEST['appName']); + $aClean['appVendorName'] = makeSafe($_REQUEST['appVendorName']); + $aClean['appVendorId'] = makeSafe($_REQUEST['appVendorId']); + $aClean['appDescription'] = makeSafe($_REQUEST['appDescription']); + $errors = ""; - if (empty($_REQUEST['appCatId'])) + if (empty($aClean['appCatId'])) $errors .= "
  • Please enter a category for your application.
    • \n"; - if (strlen($_REQUEST['appName']) > 200 ) + if (strlen($aClean['appName']) > 200 ) $errors .= "
  • Your application name is too long.
    • \n"; - if (empty($_REQUEST['appName'])) + if (empty($aClean['appName'])) $errors .= "
  • Please enter an application name.
    • \n"; // No vendor entered, and nothing in the list is selected - if (empty($_REQUEST['appVendorName']) && !$_REQUEST['appVendorId']) + if (empty($aClean['appVendorName']) && !$aClean['appVendorId']) $errors .= "
  • Please enter a vendor.
    • \n"; - if (empty($_REQUEST['appDescription'])) + if (empty($aClean['appDescription'])) $errors .= "
  • Please enter a description of your application.
    • \n"; return $errors; @@ -481,30 +499,44 @@ class Application { /* retrieves values from $_REQUEST that were output by OutputEditor() */ function GetOutputEditorValues() { + $aClean = array(); //array of filtered user input + + $aClean['appId'] = makeSafe($_REQUEST['appId']); + $aClean['appVendorId'] = makeSafe($_REQUEST['appVendorId']); + $aClean['appName'] = makeSafe($_REQUEST['appName']); + $aClean['appDescription'] = makeSafe($_REQUEST['appDescription']); + $aClean['appCatId'] = makeSafe($_REQUEST['appCatId']); + $aClean['appWebpage'] = makeSafe($_REQUEST['appWebpage']); + $aClean['appKeywords'] = makeSafe($_REQUEST['appKeywords']); + if(get_magic_quotes_gpc()) { - $this->iAppId = stripslashes($_REQUEST['appId']); - $this->sName = stripslashes($_REQUEST['appName']); - $this->sDescription = stripslashes($_REQUEST['appDescription']); - $this->iCatId = stripslashes($_REQUEST['appCatId']); - $this->iVendorId = stripslashes($_REQUEST['appVendorId']); - $this->sWebpage = stripslashes($_REQUEST['appWebpage']); - $this->sKeywords = stripslashes($_REQUEST['appKeywords']); + $this->iAppId = stripslashes($aClean['appId']); + $this->sName = stripslashes($aClean['appName']); + $this->sDescription = stripslashes($aClean['appDescription']); + $this->iCatId = stripslashes($aClean['appCatId']); + $this->iVendorId = stripslashes($aClean['appVendorId']); + $this->sWebpage = stripslashes($aClean['appWebpage']); + $this->sKeywords = stripslashes($aClean['appKeywords']); } else { - $this->iAppId = $_REQUEST['appId']; - $this->sName = $_REQUEST['appName']; - $this->sDescription = $_REQUEST['appDescription']; - $this->iCatId = $_REQUEST['appCatId']; - $this->iVendorId = $_REQUEST['appVendorId']; - $this->sWebpage = $_REQUEST['appWebpage']; - $this->sKeywords = $_REQUEST['appKeywords']; + $this->iAppId = $aClean['appId']; + $this->sName = $aClean['appName']; + $this->sDescription = $aClean['appDescription']; + $this->iCatId = $aClean['appCatId']; + $this->iVendorId = $aClean['appVendorId']; + $this->sWebpage = $aClean['appWebpage']; + $this->sKeywords = $aClean['appKeywords']; } } /* display this application */ function display() { + $aClean = array(); //array of filtered user input + + $aClean['appId'] = makeSafe($_REQUEST['appId']); + /* is this user supposed to view this version? */ if(!$_SESSION['current']->canViewApplication($this)) { @@ -546,7 +578,7 @@ class Application { echo "
    URL".$appLinkURL."
    Links\n"; @@ -603,7 +635,7 @@ class Application { if($_SESSION['current']->isSuperMaintainer($this->iAppId) || $_SESSION['current']->hasPriv("admin")) { - echo ' '; + echo '
    '; } if($_SESSION['current']->isLoggedIn()) { diff --git a/include/bugs.php b/include/bugs.php index 2b6f12c..7c2ae73 100644 --- a/include/bugs.php +++ b/include/bugs.php @@ -1,4 +1,5 @@ iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -202,7 +207,7 @@ class Bug { $sSubject = "Submitted Bug Link rejected"; $sMsg = "The Bug Link you submitted for ".lookup_app_name($this->iAppId)." ".lookup_version_name($this->iVersionId)." has been rejected."; } - $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= $aClean['replyText']."\n"; $sMsg .= "We appreciate your help in making the Application Database better for all users."; mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); @@ -255,6 +260,10 @@ class Bug { function view_version_bugs($iVersionId = null, $aBuglinkIds) { + $aClean = array(); //array of filtered user input + + $aClean['buglinkId'] = makeSafe($_REQUEST['buglinkId']); + $bCanEdit = FALSE; $oVersion = new Version($iVersionId); @@ -325,7 +334,7 @@ function view_version_bugs($iVersionId = null, $aBuglinkIds) { echo '',"\n"; echo '
    ',"\n"; - echo '
    ',"\n"; @@ -422,7 +428,7 @@ function view_app_comments($versionId, $threadId = 0) else $mode = "threaded"; /* default non-logged in users to threaded comment display mode */ - if ($_REQUEST['mode']=="nested") + if ($aClean['mode']=="nested") $mode = "nested"; switch ($mode) diff --git a/include/distributions.php b/include/distributions.php index 05ce49f..fcb9c73 100644 --- a/include/distributions.php +++ b/include/distributions.php @@ -3,6 +3,7 @@ /* this class represents Distributions */ /***************************************/ require_once(BASE."include/mail.php"); +require_once(BASE."include/util.php"); // Testing class for handling Distributions. @@ -231,6 +232,11 @@ class distribution{ function mailSubmitter($sAction="add") { + + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); + if($this->iSubmitterId) { $oSubmitter = new User($this->iSubmitterId); @@ -248,7 +254,7 @@ class distribution{ $sMsg = "The Distribution you submitted (".$this->sName.") has been rejected."; $sMsg .= APPDB_ROOT."testingData.php?sub=view&versionId=".$this->iVersionId."\n"; $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } break; @@ -257,7 +263,7 @@ class distribution{ $sSubject = "Submitted Distribution deleted"; $sMsg = "The Distribution you submitted (".$this->sName.") has been deleted."; $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } break; } @@ -270,6 +276,9 @@ class distribution{ function SendNotificationMail($sAction="add",$sMsg=null) { + $aClean = array(); //array of filtered user input + + $aClean['replyText'] = makeSafe($_REQUEST['replyText']); switch($sAction) { case "add": @@ -283,7 +292,7 @@ class distribution{ $sMsg .= "This Distribution has been submitted by ".$oSubmitter->sRealname."."; $sMsg .= "\n"; $sMsg .= "Appdb admin reply text:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("The Distribution was successfully added into the database.", "green"); } else // testing data queued. @@ -303,10 +312,10 @@ class distribution{ $sSubject = "Distribution ".$this->sName." has been deleted by ".$_SESSION['current']->sRealname; // if replyText is set we should report the reason the data was deleted - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Distribution deleted.", "green"); @@ -316,10 +325,10 @@ class distribution{ $sMsg = APPDB_ROOT."distributionView.php?iDistributionId=".$this->iDistributionId."\n"; // if replyText is set we should report the reason the data was rejected - if($_REQUEST['replyText']) + if($aClean['replyText']) { $sMsg .= "Reason given:\n"; - $sMsg .= $_REQUEST['replyText']."\n"; // append the reply text, if there is any + $sMsg .= $aClean['replyText']."\n"; // append the reply text, if there is any } addmsg("Distribution rejected.", "green"); @@ -351,16 +360,23 @@ class distribution{ /* retrieves values from $_REQUEST that were output by OutputEditor() */ function GetOutputEditorValues() { + + $aClean = array(); //array of filtered user input + + $aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); + $aClean['sName'] = makeSafe($_REQUEST['sName']); + $aClean['sUrl'] = makeSafe($_REQUEST['sUrl']); + if(get_magic_quotes_gpc()) { - $this->iDistributionId = stripslashes($_REQUEST['iDistributionId']); - $this->sName = stripslashes($_REQUEST['sName']); - $this->sUrl = stripslashes($_REQUEST['sUrl']); + $this->iDistributionId = stripslashes($aClean['iDistributionId']); + $this->sName = stripslashes($aClean['sName']); + $this->sUrl = stripslashes($aClean['sUrl']); } else { - $this->iDistributionId = $_REQUEST['iDistributionId']; - $this->sName = $_REQUEST['sName']; - $this->sUrl = $_REQUEST['sUrl']; + $this->iDistributionId = $aClean['iDistributionId']; + $this->sName = $aClean['sName']; + $this->sUrl = $aClean['sUrl']; } } diff --git a/include/form_edit.php b/include/form_edit.php index f42c2cd..0b6afb9 100644 --- a/include/form_edit.php +++ b/include/form_edit.php @@ -1,4 +1,9 @@ iUserId == $_REQUEST['userId']) +if($oUser->iUserId == $aClean['userId']) { ?>
    E-mail '> '>
    Password
    E-mail '> '>
    Password
    Real Name '> '>
    \n"; - echo ""; - echo ""; - echo ""; + echo ""; + echo ""; + echo ""; echo ""; - if($superMaintainer) + if($aClean['superMaintainer']) { echo "\n"; echo '',"\n"; - if($versionId) + if($aClean['versionId']) { echo "',"\n"; } - echo ""; - echo ""; - echo ""; + echo ""; + echo ""; + echo "']}"; - if($superMaintainer) + if($aClean['superMaintainer']) echo '',"\n"; else echo '',"\n"; diff --git a/preferences.php b/preferences.php index 1267e6d..8e8d9ec 100644 --- a/preferences.php +++ b/preferences.php @@ -9,6 +9,19 @@ include("path.php"); include(BASE."include/"."incl.php"); +$aClean = array(); //array of filtered user input + +$aClean['userId'] = makeSafe($REQUEST['userId']); +$aClean['iLimit'] = makeSafe($REQUEST['iLimit']); +$aClean['sOrderBy'] = makeSafe($REQUEST['sOrderBy']); +$aClean['ext_password'] = makeSafe($REQUEST['ext_password']); +$aClean['ext_password2'] = makeSafe($REQUEST['ext_password2']); +$aClean['ext_email'] = makeSafe($REQUEST['ext_email']); +$aClean['ext_realname'] = makeSafe($REQUEST['ext_realname']); +$aClean['CVSrelease'] = makeSafe($REQUEST['CVSrelease']); +$aClean['ext_hasadmin'] = makeSafe($POST['ext_hasadmin']); + + if(!$_SESSION['current']->isLoggedIn()) { errorpage("You must be logged in to edit preferences"); @@ -17,12 +30,12 @@ if(!$_SESSION['current']->isLoggedIn()) // we come from the administration to edit an user if($_SESSION['current']->hasPriv("admin") && - is_numeric($_REQUEST['userId']) && - is_numeric($_REQUEST['iLimit']) && - in_array($_REQUEST['sOrderBy'],array("email","realname","created")) + is_numeric($aClean['userId']) && + is_numeric($aClean['iLimit']) && + in_array($aClean['sOrderBy'],array("email","realname","created")) ) { - $oUser = new User($_REQUEST['userId']); + $oUser = new User($aClean['userId']); } else { $oUser = &$_SESSION['current']; @@ -80,32 +93,32 @@ function show_user_fields() if($_POST) { - while(list($key, $value) = each($_REQUEST)) + while(list($key, $value) = each($aClean)) { if(!ereg("^pref_(.+)$", $key, $arr)) continue; $oUser->setPref($arr[1], $value); } - if ($_REQUEST['ext_password'] == $_REQUEST['ext_password2']) + if ($aClean['ext_password'] == $aClean['ext_password2']) { - $str_passwd = $_REQUEST['ext_password']; + $str_passwd = $aClean['ext_password']; } - else if ($_REQUEST['ext_password']) + else if ($aClean['ext_password']) { addmsg("The Passwords you entered did not match.", "red"); } - if ($oUser->update($_REQUEST['ext_email'], $str_passwd, $_REQUEST['ext_realname'], $_REQUEST['CVSrelease'])) + if ($oUser->update($aClean['ext_email'], $str_passwd, $aClean['ext_realname'], $aClean['CVSrelease'])) { addmsg("Preferences Updated", "green"); // we were managing an user, let's go back to the admin after updating tha admin status - if($oUser->iUserId == $_REQUEST['userId'] && $_SESSION['current']->hasPriv("admin")) + if($oUser->iUserId == $aClean['userId'] && $_SESSION['current']->hasPriv("admin")) { - if($_POST['ext_hasadmin']=="on") + if($aClean['ext_hasadmin']=="on") $oUser->addPriv("admin"); else $oUser->delPriv("admin"); - redirect(BASE."admin/adminUsers.php?userId=".$oUser->iUserId."&sSearch=".$_REQUEST['sSearch']."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."&sSubmit=true"); + redirect(BASE."admin/adminUsers.php?userId=".$oUser->iUserId."&sSearch=".$aClean['sSearch']."&iLimit=".$aClean['iLimit']."&sOrderBy=".$aClean['sOrderBy']."&sSubmit=true"); } } else @@ -119,12 +132,12 @@ apidb_header("User Preferences"); echo "\n"; // if we manage another user we give the parameters to go back to the admin -if($oUser->iUserId == $_REQUEST['userId']) +if($oUser->iUserId == $aClean['userId']) { - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; } echo html_frame_start("Preferences for ".$oUser->sRealname, "80%"); @@ -133,7 +146,7 @@ echo html_table_begin("width='100%' border=0 align=left cellspacing=0 class='box show_user_fields(); // if we don't manage another user -if($oUser->iUserId != $_REQUEST['userId']) build_prefs_list(); +if($oUser->iUserId != $aClean['userId']) build_prefs_list(); echo html_table_end(); echo html_frame_end(); diff --git a/screenshots.php b/screenshots.php index 85895de..c590cf2 100644 --- a/screenshots.php +++ b/screenshots.php @@ -14,14 +14,21 @@ require_once(BASE."include/screenshot.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['cmd'] = makeSafe($_REQUEST['cmd']); +$aClean['versionId'] = makeSafe($_REQUEST['versionId']); +$aClean['screenshot_desc'] = makeSafe($_REQUEST['screenshot_desc']); +$aClean['imageId'] = makeSafe($_REQUEST['imageId']); +$aClean['appId'] = makeSafe($_REQUEST['appId']); /* * We issued a command. */ -if($_REQUEST['cmd']) +if($aClean['cmd']) { // process screenshot upload - if($_REQUEST['cmd'] == "screenshot_upload") + if($aClean['cmd'] == "screenshot_upload") { if($_FILES['imagefile']['size']>600000) { @@ -29,26 +36,26 @@ if($_REQUEST['cmd']) } else { $oScreenshot = new Screenshot(); - $oScreenshot->create($_REQUEST['versionId'], $_REQUEST['screenshot_desc'], $_FILES['imagefile']); + $oScreenshot->create($aClean['versionId'], $aClean['screenshot_desc'], $_FILES['imagefile']); $oScreenshot->free(); } - } elseif($_REQUEST['cmd'] == "delete" && is_numeric($_REQUEST['imageId'])) // process screenshot deletion + } elseif($aClean['cmd'] == "delete" && is_numeric($aClean['imageId'])) // process screenshot deletion { - $oScreenshot = new Screenshot($_REQUEST['imageId']); + $oScreenshot = new Screenshot($aClean['imageId']); $oScreenshot->delete(); $oScreenshot->free(); } - redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); + redirect(apidb_fullurl("screenshots.php?appId=".$aClean['appId']."&versionId=".$aClean['versionId'])); } /* * We didn't issued any command. */ -$hResult = get_screenshots($_REQUEST['appId'], $_REQUEST['versionId']); +$hResult = get_screenshots($aClean['appId'], $aClean['versionId']); apidb_header("Screenshots"); -$oApp = new Application($_REQUEST['appId']); -$oVersion = new Version($_REQUEST['versionId']); +$oApp = new Application($aClean['appId']); +$oVersion = new Version($aClean['versionId']); if($hResult && mysql_num_rows($hResult)) { @@ -59,7 +66,7 @@ if($hResult && mysql_num_rows($hResult)) echo "
    Are you sure that you want to be removed as a super maintainer of this application?
    ', "\n"; diff --git a/maintainersubmit.php b/maintainersubmit.php index fc3ffd9..4b50d11 100644 --- a/maintainersubmit.php +++ b/maintainersubmit.php @@ -11,15 +11,23 @@ require(BASE."include/incl.php"); require(BASE."include/category.php"); require(BASE."include/application.php"); +$aClean = array(); //array of filtered user input + +$aClean['maintainReason'] = makeSafe($_REQUEST['maintainReason']); +$aClean['appId'] = makeSafe($_POST['appId']); +$aClean['versionId'] = makeSafe(strip_tags($_POST['versionId'])); +$aClean['superMaintainer'] = makeSafe($_POST['superMaintainer']); + + /** * Check the input of a submitted form. And output with a list * of errors. (
      ) */ -function checkAppMaintainerInput( $fields ) +function checkAppMaintainerInput( $maintainReason ) { $errors = ""; - if ( empty( $fields['maintainReason']) ) + if ( empty( $maintainReason ) ) { $errors .= "
    • Please enter why you would like to be an application maintainer.
      • \n"; } @@ -41,29 +49,26 @@ if(!$_SESSION['current']->isLoggedIn()) exit; } -$appId = strip_tags($_POST['appId']); -$versionId = strip_tags($_POST['versionId']); -$superMaintainer = strip_tags($_POST['superMaintainer']); /* if we have a versionId to check against see if */ /* the user is already a maintainer */ -if(!$superMaintainer && $_SESSION['current']->isMaintainer($versionId)) +if(!$aClean['superMaintainer'] && $_SESSION['current']->isMaintainer($aClean['versionId'])) { echo "You are already a maintainer of this app!"; exit; } /* if this user is a super maintainer they maintain all of the versionIds of this appId */ -if($_SESSION['current']->isSuperMaintainer($appId)) +if($_SESSION['current']->isSuperMaintainer($aClean['appId'])) { echo "You are already a supermaintainer of the whole application family!"; exit; } -if($_REQUEST['maintainReason']) +if( $aClean['maintainReason'] ) { // check the input for empty/invalid fields - $errors = checkAppMaintainerInput($_REQUEST); + $errors = checkAppMaintainerInput($aClean['maintainReason']); if(!empty($errors)) { errorpage("We found the following errors:","
        $errors

      Please go back and correct them."); @@ -71,18 +76,18 @@ if($_REQUEST['maintainReason']) } // header - if($superMaintainer) + if($aClean['superMaintainer']) apidb_header("Submit SuperMaintainer Request"); else apidb_header("Submit Maintainer Request"); // add to queue $query = "INSERT INTO appMaintainerQueue VALUES (null, '". - addslashes($_REQUEST['appId'])."', '". - addslashes($_REQUEST['versionId'])."', '". + $aClean['appId']."', '". + $aClean['versionId']."', '". addslashes($_SESSION['current']->iUserId)."', '". - addslashes($_REQUEST['maintainReason'])."', '". - addslashes($_REQUEST['superMaintainer'])."',". + $aClean['maintainReason']."', '". + $aClean['superMaintainer']."',". "NOW()".");"; if (query_appdb($query)) @@ -93,15 +98,15 @@ if($_REQUEST['maintainReason']) } else { // header - if($versionId) + if($aClean['versionId']) { - $oVersion = new Version($versionId); + $oVersion = new Version($aClean['versionId']); $oApp = new Application($oVersion->iAppId); apidb_header("Request to become an application maintainer of ".$oApp->sName." ".$oVersion->sName); } else { - $oApp = new Application($appId); + $oApp = new Application($aClean['appId']); apidb_header("Request to become an application super maintainer of ".$oApp->sName); } @@ -123,7 +128,7 @@ if($_REQUEST['maintainReason']) echo "don't have the experience with Wine that is necessary to help other users out.

      \n"; /* Special message for super maintainer applications */ - if($superMaintainer) + if($aClean['superMaintainer']) { echo "

      Super maintainers are just like normal maintainers but they can modify EVERY version of\n"; echo "this application (and the application itself). We don't expect you to run every version but at least to help keep\n"; @@ -131,7 +136,7 @@ if($_REQUEST['maintainReason']) } echo "

      "; - if($superMaintainer) + if($aClean['superMaintainer']) echo html_frame_start("New Super Maintainer Form",400,"",0); else echo html_frame_start("New Maintainer Form",400,"",0); @@ -140,17 +145,17 @@ if($_REQUEST['maintainReason']) echo "

      "; echo 'Application'.$oApp->sName; echo '
      "; echo 'Version'.$oVersion->sName; echo '
      Why you want to and should be an application super maintainer
      Why you want to and should be an application maintainer
      \n"; while($oRow = mysql_fetch_object($hResult)) { - if(!$_REQUEST['versionId'] && $oRow->versionId != $currentVersionId) + if(!$aClean['versionId'] && $oRow->versionId != $currentVersionId) { if($currentVersionId) { @@ -79,9 +86,9 @@ if($hResult && mysql_num_rows($hResult)) //show admin delete link if($_SESSION['current']->isLoggedIn() && ($_SESSION['current']->hasPriv("admin") || - $_SESSION['current']->isMaintainer($_REQUEST['versionId']))) + $_SESSION['current']->isMaintainer($aClean['versionId']))) { - echo "
      [Delete Image]"; + echo "
      [Delete Image]"; } echo "\n"; @@ -99,7 +106,7 @@ if($hResult && mysql_num_rows($hResult)) echo "
      Please consider submitting a screenshot for the selected version yourself.

      "; } -if($_REQUEST['versionId']) +if($aClean['versionId']) { //image upload box echo '',"\n"; @@ -114,7 +121,7 @@ if($_REQUEST['versionId']) echo html_frame_end(); echo '',"\n"; echo '',"\n"; - echo '',"\n"; + echo '',"\n"; } echo html_back_link(1); apidb_footer(); diff --git a/search.php b/search.php index 4031aee..1e758a8 100644 --- a/search.php +++ b/search.php @@ -10,8 +10,11 @@ include("path.php"); require(BASE."include/incl.php"); require(BASE."include/application.php"); +$aClean = array(); //array of filtered user input + +$aClean['q'] = makeSafe($_REQUEST['q']); apidb_header("Search Results"); -perform_search_and_output_results($_REQUEST['q']); +perform_search_and_output_results($aClean['q']); apidb_footer(); ?> diff --git a/testResults.php b/testResults.php index 217ee2a..3339b18 100644 --- a/testResults.php +++ b/testResults.php @@ -11,37 +11,44 @@ require(BASE."include/mail.php"); require_once(BASE."include/testResults.php"); require_once(BASE."include/distributions.php"); +$aClean = array(); //array of filtered user input + +$aClean['sub'] = makeSafe($_REQUEST['sub']); +$aClean['iTestingId'] = makeSafe($_REQUEST['iTestingId']); +$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']); +$aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); +$aClean['sDistribution'] = makeSafe($_REQUEST['sDistribution']); -if ($_REQUEST['sub']) + +if ($aClean['sub']) { - $oTest = new testData($_REQUEST['iTestingId']); - if($_REQUEST['iVersionId']) - $oTest->iVersionId = $_REQUEST['iVersionId']; + $oTest = new testData($aClean['iTestingId']); + if($aClean['iVersionId']) + $oTest->iVersionId = $aClean['iVersionId']; $errors = ""; // Submit or Resubmit the new testing results - if (($_REQUEST['sub'] == 'Submit') || ($_REQUEST['sub'] == 'Resubmit')) + if (($aClean['sub'] == 'Submit') || ($aClean['sub'] == 'Resubmit')) { $errors = $oTest->CheckOutputEditorInput(); $oTest->GetOutputEditorValues(); // retrieve the values from the current $_REQUEST if(empty($errors)) { - if(!$_REQUEST['iDistributionId']) + if(!$aClean['iDistributionId']) { - $sDistribution = trim($_REQUEST['sDistribution']); - if(!empty($sDistribution)) + if(!empty($aClean['sDistribution']) ) { $oDistribution = new distribution(); - $oDistribution->sName = $sDistribution; + $oDistribution->sName = $aClean['sDistribution']; $oDistribution->create(); $oTest->iDistributionId = $oDistribution->iDistributionId; } } - if($_REQUEST['sub'] == 'Submit') + if($aClean['sub'] == 'Submit') { $oTest->create(); - } else if($_REQUEST['sub'] == 'Resubmit') + } else if($aClean['sub'] == 'Resubmit') { $oTest->update(true); $oTest->ReQueue(); @@ -49,16 +56,16 @@ if ($_REQUEST['sub']) redirect($_SERVER['PHP_SELF']); } else { - $_REQUEST['sub'] = 'view'; + $aClean['sub'] = 'view'; } } // Delete testing results - if ($_REQUEST['sub'] == 'Delete') + if ($aClean['sub'] == 'Delete') { - if(is_numeric($_REQUEST['iTestingId'])) + if(is_numeric($aClean['iTestingId'])) { - $oTest = new testData($_REQUEST['iTestingId']); + $oTest = new testData($aClean['iTestingId']); $oTest->delete(); } @@ -66,7 +73,7 @@ if ($_REQUEST['sub']) } // is this an old test? - if(is_numeric($_REQUEST['iTestingId'])) + if(is_numeric($aClean['iTestingId'])) { // make sure the user has permission to view this testing result $oVersion = new Version($oTest->iVersionId); @@ -80,11 +87,11 @@ if ($_REQUEST['sub']) $oVersion = new version($oTest->iVersionId); } else { - $oTest->iVersionId = $_REQUEST['iVersionId']; - $oVersion = new version($_REQUEST['iVersionId']); + $oTest->iVersionId = $aClean['iVersionId']; + $oVersion = new version($aClean['iVersionId']); $oTest->sQueued = "new"; } - if ($_REQUEST['sub'] == 'view') + if ($aClean['sub'] == 'view') { $oApp = new application($oVersion->iAppId); $sVersionInfo = $oApp->sName." ".$oVersion->sName; @@ -126,7 +133,7 @@ if ($_REQUEST['sub']) } // View Testing Details - $oTest->OutputEditor($_REQUEST['sDistribution'],true); + $oTest->OutputEditor($aClean['sDistribution'],true); echo 'Back to Version'; @@ -158,7 +165,7 @@ if ($_REQUEST['sub']) redirect($_SERVER['PHP_SELF']); } } -else // if ($_REQUEST['sub']) is not defined, display the Testing results queue page +else // if ($aClean['sub']) is not defined, display the Testing results queue page { apidb_header("Testing Results"); diff --git a/vendorview.php b/vendorview.php index 9983b7c..df05e3b 100644 --- a/vendorview.php +++ b/vendorview.php @@ -11,9 +11,13 @@ require_once(BASE."include/incl.php"); require_once(BASE."include/application.php"); require_once(BASE."include/vendor.php"); -$oVendor = new Vendor($_REQUEST['vendorId']); +$aClean = array(); //array of filtered user input +$aClean['vendorId'] = makeSafe($_REQUEST['vendorId']); +$aClean['sub'] = makeSafe($_REQUEST['sub']); -if ($_REQUEST['sub']) +$oVendor = new Vendor($aClean['vendorId']); + +if ($aClean['sub']) { if(!$_SESSION['current']->hasPriv("admin")) { @@ -21,7 +25,7 @@ if ($_REQUEST['sub']) exit; } - if($_REQUEST['sub'] == 'delete') + if($aClean['sub'] == 'delete') { $oVendor->delete(); redirect($_SERVER['PHP_SELF']); @@ -55,7 +59,7 @@ if($oVendor->iVendorId) $oApp = new application($iAppId); echo '
    • '.$oApp->sName.'
      • ',"\n"; } - echo '.',"\n"; + echo '',"\n"; } diff --git a/viewScreenshots.php b/viewScreenshots.php index 3326d75..fc961cf 100644 --- a/viewScreenshots.php +++ b/viewScreenshots.php @@ -10,6 +10,12 @@ require_once(BASE."include/screenshot.php"); require(BASE."include/application.php"); require(BASE."include/mail.php"); +$aClean = array(); //array of filtered user input + +$aClean['ItemsPerPage'] = makeSafe($_REQUEST['ItemsPerPage']); +$aClean['page'] = makeSafe($_REQUEST['page']); + + apidb_header("View Screenshots"); /* display a range of 10 pages */ $pageRange = 10; @@ -17,10 +23,10 @@ $pageRange = 10; $ItemsPerPage = 6; $currentPage = 1; -if($_REQUEST['ItemsPerPage']) - $ItemsPerPage = $_REQUEST['ItemsPerPage']; -if($_REQUEST['page']) - $currentPage = $_REQUEST['page']; +if($aClean['ItemsPerPage']) + $ItemsPerPage = $aClean['ItemsPerPage']; +if($aClean['page']) + $currentPage = $aClean['page']; $ItemsPerPage = min($ItemsPerPage,100); $totalPages = ceil(getNumberOfImages()/$ItemsPerPage); diff --git a/viewbugs.php b/viewbugs.php index 0cebf10..eccde97 100644 --- a/viewbugs.php +++ b/viewbugs.php @@ -6,17 +6,20 @@ include("path.php"); require(BASE."include/incl.php"); -/* code to View versions affected by a Bug */ -$bug_id = $_REQUEST['bug_id']; +$aClean = array(); //array of filtered user input -if(!is_numeric($bug_id)) +$aClean['bug_id'] = makeSafe($_REQUEST['bug_id']); + +/* code to View versions affected by a Bug */ + +if( !is_numeric($aClean['bug_id'])) { errorpage("Something went wrong with the bug ID"); exit; } { - apidb_header("Applications affected by Bug #".$bug_id); - echo '',"\n"; + apidb_header("Applications affected by Bug #".$aClean['bug_id']); + echo '',"\n"; echo '
      ',"\n"; echo '',"\n"; @@ -32,7 +35,7 @@ if(!is_numeric($bug_id)) FROM appFamily, appVersion, buglinks WHERE appFamily.appId = appVersion.appId and buglinks.versionId = appVersion.versionId - AND buglinks.bug_id = ".$bug_id." + AND buglinks.bug_id = ".$aClean['bug_id']." ORDER BY versionName"; $c = 0; @@ -66,7 +69,7 @@ if(!is_numeric($bug_id)) echo '',"\n"; echo ' ',"\n"; + echo ' ',"\n"; echo ' ',"\n"; echo '',"\n"; diff --git a/votestats.php b/votestats.php index 74b9d37..30bc6c9 100644 --- a/votestats.php +++ b/votestats.php @@ -10,15 +10,21 @@ include("path.php"); include(BASE."include/incl.php"); require(BASE."include/category.php"); +$aClean = array(); //array of filtered user input + +$aClean['topNumber'] = makeSafe($_REQUEST['topNumber']); +$aClean['categoryId'] = makeSafe($_REQUEST['categoryId']); + + /* default to 25 apps, main categories */ $topNumber = 25; $categoryId = "any"; /* default to all categories */ /* process the post variables to override the default settings */ -if( isset($_REQUEST['topNumber']) AND is_numeric($_REQUEST['topNumber'])) - $topNumber = $_REQUEST['topNumber']; -if( isset($_REQUEST['categoryId']) AND is_numeric($_REQUEST['categoryId'])) - $categoryId = $_REQUEST['categoryId']; +if( !empty($aClean['topNumber']) AND is_numeric($aClean['topNumber'])) + $topNumber = $aClean['topNumber']; +if( !empty($aClean['categoryId']) AND is_numeric($aClean['categoryId'])) + $categoryId = $aClean['categoryId']; /* Check if the value makes sense */ if($topNumber > 200 || $topNumber < 1)
      ',"\n"; - echo '