diff --git a/includes/ajaxHandler/account.class.php b/includes/ajaxHandler/account.class.php index e851f553..5a7c354e 100644 --- a/includes/ajaxHandler/account.class.php +++ b/includes/ajaxHandler/account.class.php @@ -171,7 +171,7 @@ class AjaxAccount extends AjaxHandler { $var = trim(urldecode($val)); - return filter_var($var, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_AOWOW); + return filter_var($var, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_STRIP_LOW); } } diff --git a/includes/ajaxHandler/admin.class.php b/includes/ajaxHandler/admin.class.php index ed14b572..c89eebec 100644 --- a/includes/ajaxHandler/admin.class.php +++ b/includes/ajaxHandler/admin.class.php @@ -7,25 +7,25 @@ class AjaxAdmin extends AjaxHandler { protected $validParams = ['screenshots', 'siteconfig', 'weight-presets', 'spawn-override', 'guide', 'comment']; protected $_get = array( - 'action' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], + 'action' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'], 'key' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ], - 'all' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], + 'all' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet' ], 'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkUser' ], - 'val' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], + 'val' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], 'guid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'area' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'floor' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ] ); protected $_post = array( - 'alt' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], - 'scale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkScale'], - '__icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ], - 'status' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], - 'msg' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW] + 'alt' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'], + 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], + 'scale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkScale' ], + '__icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ], + 'status' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], + 'msg' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'] ); public function __construct(array $params) diff --git a/includes/ajaxHandler/comment.class.php b/includes/ajaxHandler/comment.class.php index 18cc8c34..728a8e4f 100644 --- a/includes/ajaxHandler/comment.class.php +++ b/includes/ajaxHandler/comment.class.php @@ -12,22 +12,22 @@ class AjaxComment extends AjaxHandler protected $_post = array( 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'], - 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], - 'commentbody' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], - 'response' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], - 'reason' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], - 'remove' => ['filter' => FILTER_SANITIZE_NUMBER_INT], - 'commentId' => ['filter' => FILTER_SANITIZE_NUMBER_INT], - 'replyId' => ['filter' => FILTER_SANITIZE_NUMBER_INT], - 'sticky' => ['filter' => FILTER_SANITIZE_NUMBER_INT], - // 'username' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ] + 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], + 'commentbody' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], + 'response' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], + 'reason' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], + 'remove' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + 'commentId' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + 'replyId' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + 'sticky' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + // 'username' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ] ); protected $_get = array( 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], - 'rating' => ['filter' => FILTER_SANITIZE_NUMBER_INT] + 'rating' => ['filter' => FILTER_SANITIZE_NUMBER_INT ] ); public function __construct(array $params) diff --git a/includes/ajaxHandler/contactus.class.php b/includes/ajaxHandler/contactus.class.php index a15bfc49..072fc182 100644 --- a/includes/ajaxHandler/contactus.class.php +++ b/includes/ajaxHandler/contactus.class.php @@ -6,13 +6,13 @@ if (!defined('AOWOW_REVISION')) class AjaxContactus extends AjaxHandler { protected $_post = array( - 'mode' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], - 'reason' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], - 'ua' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'appname' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], + 'mode' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + 'reason' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], + 'ua' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], + 'appname' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], 'page' => ['filter' => FILTER_SANITIZE_URL ], - 'desc' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], + 'desc' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'], + 'id' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], 'relatedurl' => ['filter' => FILTER_SANITIZE_URL ], 'email' => ['filter' => FILTER_SANITIZE_EMAIL ] ); diff --git a/includes/ajaxHandler/cookie.class.php b/includes/ajaxHandler/cookie.class.php index ccc36166..066b742c 100644 --- a/includes/ajaxHandler/cookie.class.php +++ b/includes/ajaxHandler/cookie.class.php @@ -12,7 +12,7 @@ class AjaxCookie extends AjaxHandler return; $this->_get = array( - $params[0] => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], + $params[0] => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], ); // NOW we know, what to expect and sanitize diff --git a/includes/ajaxHandler/data.class.php b/includes/ajaxHandler/data.class.php index b114baa9..6b6c7b10 100644 --- a/includes/ajaxHandler/data.class.php +++ b/includes/ajaxHandler/data.class.php @@ -6,12 +6,12 @@ if (!defined('AOWOW_REVISION')) class AjaxData extends AjaxHandler { protected $_get = array( - 'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkLocale'], - 't' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], + 'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkLocale' ], + 't' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], 'catg' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], - 'skill' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkSkill' ], + 'skill' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkSkill' ], 'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], - 'callback' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkCallback' ] + 'callback' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkCallback' ] ); public function __construct(array $params) diff --git a/includes/ajaxHandler/edit.class.php b/includes/ajaxHandler/edit.class.php index f1b81400..e8f31539 100644 --- a/includes/ajaxHandler/edit.class.php +++ b/includes/ajaxHandler/edit.class.php @@ -6,8 +6,8 @@ if (!defined('AOWOW_REVISION')) class AjaxEdit extends AjaxHandler { protected $_get = array( - 'qqfile' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'guide' => ['filter' => FILTER_SANITIZE_NUMBER_INT] + 'qqfile' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], + 'guide' => ['filter' => FILTER_SANITIZE_NUMBER_INT ] ); public function __construct(array $params) diff --git a/includes/ajaxHandler/getdescription.class.php b/includes/ajaxHandler/getdescription.class.php index 3a88282c..5ba6ee1d 100644 --- a/includes/ajaxHandler/getdescription.class.php +++ b/includes/ajaxHandler/getdescription.class.php @@ -6,7 +6,7 @@ if (!defined('AOWOW_REVISION')) class AjaxGetdescription extends AjaxHandler { protected $_post = array( - 'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkFulltext']] + 'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkTextBlob']] ); public function __construct(array $params) diff --git a/includes/ajaxHandler/profile.class.php b/includes/ajaxHandler/profile.class.php index 163d13d6..94a4d63a 100644 --- a/includes/ajaxHandler/profile.class.php +++ b/includes/ajaxHandler/profile.class.php @@ -11,14 +11,14 @@ class AjaxProfile extends AjaxHandler protected $_get = array( 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdList' ], 'items' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkItemList'], - 'size' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], + 'size' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], 'guild' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'], 'arena-team' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'], 'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkUser' ] ); protected $_post = array( - 'name' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext'], + 'name' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'], 'level' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'race' => ['filter' => FILTER_SANITIZE_NUMBER_INT], @@ -28,12 +28,12 @@ class AjaxProfile extends AjaxHandler 'talenttree2' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'talenttree3' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'activespec' => ['filter' => FILTER_SANITIZE_NUMBER_INT], - 'talentbuild1' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'glyphs1' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'talentbuild2' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'glyphs2' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'icon' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'description' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext'], + 'talentbuild1' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkTalentString'], + 'glyphs1' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkGlyphString' ], + 'talentbuild2' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkTalentString'], + 'glyphs2' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkGlyphString' ], + 'icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ], + 'description' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ], 'source' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'copy' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'public' => ['filter' => FILTER_SANITIZE_NUMBER_INT], @@ -762,6 +762,22 @@ class AjaxProfile extends AjaxHandler return ''; } + + protected static function checkTalentString(string $val) : string + { + if (preg_match('/^\d+$/', $val)) + return $val; + + return ''; + } + + protected static function checkGlyphString(string $val) : string + { + if (preg_match('/^\d+(:\d+)*$/', $val)) + return $val; + + return ''; + } } ?> diff --git a/includes/utilities.php b/includes/utilities.php index 60d0cc99..49ee92f5 100644 --- a/includes/utilities.php +++ b/includes/utilities.php @@ -109,10 +109,16 @@ trait TrRequestData return []; } - private static function checkFulltext(string $val) : string + private static function checkTextLine(string $val) : string { // trim non-printable chars - return preg_replace('/[\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val); + return preg_replace('/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val); + } + + private static function checkTextBlob(string $val) : string + { + // trim non-printable chars + return preg_replace('/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val); } } diff --git a/pages/account.php b/pages/account.php index a910efc4..589fc067 100644 --- a/pages/account.php +++ b/pages/account.php @@ -34,9 +34,9 @@ class AccountPage extends GenericPage protected $_post = array( 'username' => ['filter' => FILTER_SANITIZE_SPECIAL_CHARS, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'password' => ['filter' => FILTER_UNSAFE_RAW], - 'c_password' => ['filter' => FILTER_UNSAFE_RAW], - 'token' => ['filter' => FILTER_UNSAFE_RAW], + 'password' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'], + 'c_password' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'], + 'token' => ['filter' => FILTER_SANITIZE_SPECIAL_CHARS, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'remember_me' => ['filter' => FILTER_CALLBACK, 'options' => 'AccountPage::rememberCallback'], 'email' => ['filter' => FILTER_SANITIZE_EMAIL] ); diff --git a/pages/guide.php b/pages/guide.php index 923ff653..ab3fb85a 100644 --- a/pages/guide.php +++ b/pages/guide.php @@ -42,11 +42,11 @@ class GuidePage extends GenericPage protected /* array */ $_post = array( 'save' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'], 'submit' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'], - 'title' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'name' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'description' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'changelog' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], - 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkFulltext'], + 'title' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'], + 'name' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'], + 'description' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'], + 'changelog' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'], + 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'], 'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], 'category' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], 'specId' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], diff --git a/pages/screenshot.php b/pages/screenshot.php index f31a3483..c58e6e64 100644 --- a/pages/screenshot.php +++ b/pages/screenshot.php @@ -29,7 +29,7 @@ class ScreenshotPage extends GenericPage protected $_post = array( 'coords' => ['filter' => FILTER_CALLBACK, 'options' => 'ScreenshotPage::checkCoords'], - 'screenshotalt' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW] + 'screenshotalt' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'] ); public function __construct($pageCall, $pageParam)