github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-21 05:43:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Security measures (#1098)

Browse source
This commit is contained in:
Cønstantine Kovalensky 2023-11-14 16:42:14 +04:00 committed by GitHub
commit c8cb908c0b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 7 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

7
feed.php
View file

@ -16,17 +16,18 @@ $user->session_start(['req_login' => true]);
$mode = $_REQUEST['mode'] ?? ''; $mode = $_REQUEST['mode'] ?? '';
$type = $_POST['type'] ?? ''; $type = $_POST['type'] ?? '';
$id = $_POST['id'] ?? 0; $id = isset($_POST['id']) ? (int)$_POST['id'] : 0;
$timecheck = TIMENOW - 600; $timecheck = TIMENOW - 600;
if (!$mode) { if (!$mode) {
bb_simple_die($lang['ATOM_NO_MODE']); bb_simple_die($lang['ATOM_NO_MODE']);
} }
if ($mode == 'get_feed_url' && ($type == 'f' || $type == 'u') && $id >= 0) { if ($mode === 'get_feed_url' && ($type === 'f' || $type === 'u') && $id >= 0) {
if ($type == 'f') { if ($type == 'f') {
// Check if the user has actually sent a forum ID // Check if the user has actually sent a forum ID
$sql = "SELECT allow_reg_tracker, forum_name FROM " . BB_FORUMS . " WHERE forum_id = $id LIMIT 1"; $sql = "SELECT allow_reg_tracker, forum_name FROM " . BB_FORUMS . " WHERE forum_id = $id LIMIT 1";
//DIE($sql);
if (!$forum_data = DB()->fetch_row($sql)) { if (!$forum_data = DB()->fetch_row($sql)) {
if ($id == 0) { if ($id == 0) {
$forum_data = []; $forum_data = [];
@ -44,7 +45,7 @@ if ($mode == 'get_feed_url' && ($type == 'f' || $type == 'u') && $id >= 0) {
} }
} }
} }
if ($type == 'u') { if ($type === 'u') {
// Check if the user has actually sent a user ID // Check if the user has actually sent a user ID
if ($id < 1) { if ($id < 1) {
bb_simple_die($lang['ATOM_ERROR'] . ' #2'); bb_simple_die($lang['ATOM_ERROR'] . ' #2');

2
info.php
View file

@ -18,7 +18,7 @@ global $lang;
$info = []; $info = [];
$html_dir = LANG_DIR . 'html/'; $html_dir = LANG_DIR . 'html/';
$req_mode = (string)$_REQUEST['show']; $req_mode = (string)($_REQUEST['show'] ?? '');
switch ($req_mode) { switch ($req_mode) {
case 'advert': case 'advert':

2
library/includes/functions.php
View file

@ -2062,7 +2062,7 @@ function hash_search($hash)
$hash = htmlCHR(trim($hash)); $hash = htmlCHR(trim($hash));
$info_hash_where = null; $info_hash_where = null;
if (!isset($hash)) { if (!isset($hash) || !ctype_xdigit($hash)) {
bb_die(sprintf($lang['HASH_INVALID'], $hash)); bb_die(sprintf($lang['HASH_INVALID'], $hash));
} }

2
privmsg.php
View file

@ -40,7 +40,7 @@ $confirmed = (isset($_POST['confirm'])) ? true : 0;
$delete = (isset($_POST['delete'])) ? true : 0; $delete = (isset($_POST['delete'])) ? true : 0;
$delete_all = (isset($_POST['deleteall'])) ? true : 0; $delete_all = (isset($_POST['deleteall'])) ? true : 0;
$save = (isset($_POST['save'])) ? true : 0; $save = (isset($_POST['save'])) ? true : 0;
$mode = isset($_REQUEST['mode']) ? (string)$_REQUEST['mode'] : ''; $mode = isset($_REQUEST['mode']) ? htmlCHR($_REQUEST['mode']) : '';
$refresh = $preview || $submit_search; $refresh = $preview || $submit_search;