Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-05-25 15:04:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Protect against csrf in more places (accounts & guilds pages)

Browse Source
This commit is contained in:
slawkens 2025-05-24 09:52:56 +02:00
parent 72cdd290da
commit 6eda38603c
21 changed files with 43 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
system/pages/account/change-email.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$email_new_time = $account_logged->getCustomField("email_new_time"); $email_new_time = $account_logged->getCustomField("email_new_time");
if($email_new_time > 10) { if($email_new_time > 10) {

2
system/pages/account/change-info.php
View File

@ -20,6 +20,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
if(setting('core.account_country')) if(setting('core.account_country'))
require SYSTEM . 'countries.conf.php'; require SYSTEM . 'countries.conf.php';

2
system/pages/account/change-password.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$new_password = $_POST['newpassword'] ?? NULL; $new_password = $_POST['newpassword'] ?? NULL;
$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL; $new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
$old_password = $_POST['oldpassword'] ?? NULL; $old_password = $_POST['oldpassword'] ?? NULL;

2
system/pages/account/characters/change-comment.php
View File

@ -20,6 +20,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$player = null; $player = null;
$player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null; $player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
$new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL; $new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;

2
system/pages/account/characters/change-name.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; $name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL;
if((!setting('core.account_change_character_name'))) if((!setting('core.account_change_character_name')))

2
system/pages/account/characters/change-sex.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$sex_changed = false; $sex_changed = false;
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL; $new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;

2
system/pages/account/characters/create.php
View File

@ -20,6 +20,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null; $character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null;
$character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null; $character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
$character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null; $character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;

2
system/pages/account/characters/delete.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null; $player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
$password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null; $password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
$password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify); $password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);

2
system/pages/account/create.php
View File

@ -23,6 +23,8 @@ if($logged)
return; return;
} }
csrfProtect();
if(setting('core.account_create_character_create')) { if(setting('core.account_create_character_create')) {
$createCharacter = new CreateCharacter(); $createCharacter = new CreateCharacter();
} }

2
system/pages/account/login.php
View File

@ -18,6 +18,8 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
return; return;
} }
csrfProtect();
$login_account = $_POST['account_login']; $login_account = $_POST['account_login'];
$login_password = $_POST['password_login']; $login_password = $_POST['password_login'];
$remember_me = isset($_POST['remember_me']); $remember_me = isset($_POST['remember_me']);

2
system/pages/account/manage.php
View File

@ -34,6 +34,8 @@ if(isset($_REQUEST['redirect']))
return; return;
} }
csrfProtect();
$groups = new OTS_Groups_List(); $groups = new OTS_Groups_List();
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS; $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;

2
system/pages/account/register-new.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
if(isset($_POST['reg_password'])) if(isset($_POST['reg_password']))
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); $reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);

2
system/pages/account/register.php
View File

@ -17,6 +17,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
$_POST['reg_password'] = $_POST['reg_password'] ?? ''; $_POST['reg_password'] = $_POST['reg_password'] ?? '';
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); $reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$old_key = $account_logged->getCustomField("key"); $old_key = $account_logged->getCustomField("key");

2
system/pages/forum/edit_post.php
View File

@ -18,6 +18,8 @@ if ($ret === false) {
return; return;
} }
csrfProtect();
if(!$logged) { if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />'; echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return; return;

2
system/pages/forum/move_thread.php
View File

@ -18,6 +18,8 @@ if ($ret === false) {
return; return;
} }
csrfProtect();
if(!$logged) { if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />'; echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return; return;

2
system/pages/forum/new_post.php
View File

@ -28,6 +28,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
if(Forum::canPost($account_logged)) { if(Forum::canPost($account_logged)) {
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll(); $players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
$thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0; $thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0;

2
system/pages/forum/new_thread.php
View File

@ -28,6 +28,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
if(Forum::canPost($account_logged)) { if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll(); $players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null; $section_id = $_REQUEST['section_id'] ?? null;

2
system/pages/forum/remove_post.php
View File

@ -23,6 +23,8 @@ if(!$logged) {
return; return;
} }
csrfProtect();
if(Forum::isModerator()) { if(Forum::isModerator()) {
$id = (int) $_REQUEST['id']; $id = (int) $_REQUEST['id'];
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch(); $post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();

2
system/pages/guilds/base.php
View File

@ -15,3 +15,5 @@ else
define('GUILD_MEMBERS_TABLE', 'guild_membership'); define('GUILD_MEMBERS_TABLE', 'guild_membership');
define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd')); define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd'));
csrfProtect();

5
system/src/CsrfToken.php
View File

@ -25,8 +25,9 @@ class CsrfToken
* *
* @access public * @access public
* @static true * @static true
* @param bool $return
* @return string * @return string
**/ */
public static function create(bool $return = false): string { public static function create(bool $return = false): string {
$input = '<input type="hidden" name="csrf_token" value="' . self::get() . '" />'; $input = '<input type="hidden" name="csrf_token" value="' . self::get() . '" />';
if ($return) { if ($return) {
@ -58,7 +59,7 @@ class CsrfToken
* @static true * @static true
* @return boolean * @return boolean
**/ **/
public static function isValid($post): bool public static function isValid(string|null $post): bool
{ {
if (!setting('core.csrf_protection')) { if (!setting('core.csrf_protection')) {
return true; return true;

4
system/templates/forum.move_thread.html.twig
View File

@ -8,7 +8,8 @@
<table border="0" cellpadding="3" cellspacing="1" width="100%"> <table border="0" cellpadding="3" cellspacing="1" width="100%">
<tr bgcolor="{{ config.lightborder }}"> <tr bgcolor="{{ config.lightborder }}">
<td> <td>
<form action="" method="get"> <form method="post">
{{ csrf() }}
<input type="hidden" name="subtopic" value="forum" /> <input type="hidden" name="subtopic" value="forum" />
<input type="hidden" name="action" value="move_thread" /> <input type="hidden" name="action" value="move_thread" />
<input type="hidden" name="save" value="1" /> <input type="hidden" name="save" value="1" />
@ -25,7 +26,6 @@
<input type="submit" value="Move Thread"> <input type="submit" value="Move Thread">
</form> </form>
<form action="{{ section_link }}"> <form action="{{ section_link }}">
{{ csrf() }}
<input type="submit" value="Cancel"> <input type="submit" value="Cancel">
</form> </form>
</td> </td>