yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Userdata

Browse Source 
* replace input filter FILTER_UNSAFE_RAW (+ STRIP flags) with regex checks to preserve \n and utf8 chars
This commit is contained in:
Sarjuuk
2023-03-16 17:59:09 +01:00
parent ffa4cf5b29
commit 0c47f262ea
13 changed files with 75 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
includes/ajaxHandler/account.class.php
View File

@@ -171,7 +171,7 @@ class AjaxAccount extends AjaxHandler
{ {
$var = trim(urldecode($val)); $var = trim(urldecode($val));
return filter_var($var, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_AOWOW); return filter_var($var, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_STRIP_LOW);
} }
} }

16
includes/ajaxHandler/admin.class.php
View File

@@ -7,25 +7,25 @@ class AjaxAdmin extends AjaxHandler
{ {
protected $validParams = ['screenshots', 'siteconfig', 'weight-presets', 'spawn-override', 'guide', 'comment']; protected $validParams = ['screenshots', 'siteconfig', 'weight-presets', 'spawn-override', 'guide', 'comment'];
protected $_get = array( protected $_get = array(
'action' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], 'action' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ],
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'],
'key' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ], 'key' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ],
'all' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], 'all' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet' ],
'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkUser' ], 'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkUser' ],
'val' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], 'val' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'guid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'guid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'area' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ], 'area' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'floor' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ] 'floor' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ]
); );
protected $_post = array( protected $_post = array(
'alt' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'alt' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'],
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'scale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkScale'], 'scale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkScale' ],
'__icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ], '__icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxAdmin::checkKey' ],
'status' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'status' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt' ],
'msg' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW] 'msg' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob']
); );
public function __construct(array $params) public function __construct(array $params)

20
includes/ajaxHandler/comment.class.php
View File

@@ -12,22 +12,22 @@ class AjaxComment extends AjaxHandler
protected $_post = array( protected $_post = array(
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdListUnsigned'],
'body' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'commentbody' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext' ], 'commentbody' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'response' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], 'response' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'reason' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], 'reason' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'remove' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'remove' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'commentId' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'commentId' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'replyId' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'replyId' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'sticky' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'sticky' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
// 'username' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ] // 'username' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ]
); );
protected $_get = array( protected $_get = array(
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'type' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'typeid' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'rating' => ['filter' => FILTER_SANITIZE_NUMBER_INT] 'rating' => ['filter' => FILTER_SANITIZE_NUMBER_INT ]
); );
public function __construct(array $params) public function __construct(array $params)

12
includes/ajaxHandler/contactus.class.php
View File

@@ -6,13 +6,13 @@ if (!defined('AOWOW_REVISION'))
class AjaxContactus extends AjaxHandler class AjaxContactus extends AjaxHandler
{ {
protected $_post = array( protected $_post = array(
'mode' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'mode' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'reason' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'reason' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'ua' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'ua' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'appname' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'appname' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'page' => ['filter' => FILTER_SANITIZE_URL ], 'page' => ['filter' => FILTER_SANITIZE_URL ],
'desc' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'desc' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'],
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'], 'id' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'relatedurl' => ['filter' => FILTER_SANITIZE_URL ], 'relatedurl' => ['filter' => FILTER_SANITIZE_URL ],
'email' => ['filter' => FILTER_SANITIZE_EMAIL ] 'email' => ['filter' => FILTER_SANITIZE_EMAIL ]
); );

2
includes/ajaxHandler/cookie.class.php
View File

@@ -12,7 +12,7 @@ class AjaxCookie extends AjaxHandler
return; return;
$this->_get = array( $this->_get = array(
$params[0] => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], $params[0] => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
); );
// NOW we know, what to expect and sanitize // NOW we know, what to expect and sanitize

4
includes/ajaxHandler/data.class.php
View File

@@ -6,8 +6,8 @@ if (!defined('AOWOW_REVISION'))
class AjaxData extends AjaxHandler class AjaxData extends AjaxHandler
{ {
protected $_get = array( protected $_get = array(
'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkLocale'], 'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkLocale' ],
't' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], 't' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'catg' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], 'catg' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'skill' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkSkill' ], 'skill' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxData::checkSkill' ],
'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT ], 'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],

4
includes/ajaxHandler/edit.class.php
View File

@@ -6,8 +6,8 @@ if (!defined('AOWOW_REVISION'))
class AjaxEdit extends AjaxHandler class AjaxEdit extends AjaxHandler
{ {
protected $_get = array( protected $_get = array(
'qqfile' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'qqfile' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'guide' => ['filter' => FILTER_SANITIZE_NUMBER_INT] 'guide' => ['filter' => FILTER_SANITIZE_NUMBER_INT ]
); );
public function __construct(array $params) public function __construct(array $params)

2
includes/ajaxHandler/getdescription.class.php
View File

@@ -6,7 +6,7 @@ if (!defined('AOWOW_REVISION'))
class AjaxGetdescription extends AjaxHandler class AjaxGetdescription extends AjaxHandler
{ {
protected $_post = array( protected $_post = array(
'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkFulltext']] 'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkTextBlob']]
); );
public function __construct(array $params) public function __construct(array $params)

32
includes/ajaxHandler/profile.class.php
View File

@@ -11,14 +11,14 @@ class AjaxProfile extends AjaxHandler
protected $_get = array( protected $_get = array(
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdList' ], 'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkIdList' ],
'items' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkItemList'], 'items' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkItemList'],
'size' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW ], 'size' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'guild' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'], 'guild' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'],
'arena-team' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'], 'arena-team' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkEmptySet'],
'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkUser' ] 'user' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkUser' ]
); );
protected $_post = array( protected $_post = array(
'name' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext'], 'name' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'level' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'level' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'class' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'race' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'race' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
@@ -28,12 +28,12 @@ class AjaxProfile extends AjaxHandler
'talenttree2' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'talenttree2' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'talenttree3' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'talenttree3' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'activespec' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'activespec' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'talentbuild1' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'talentbuild1' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkTalentString'],
'glyphs1' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'glyphs1' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkGlyphString' ],
'talentbuild2' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'talentbuild2' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkTalentString'],
'glyphs2' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'glyphs2' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxProfile::checkGlyphString' ],
'icon' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'icon' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine' ],
'description' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkFulltext'], 'description' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob' ],
'source' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'source' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'copy' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'copy' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
'public' => ['filter' => FILTER_SANITIZE_NUMBER_INT], 'public' => ['filter' => FILTER_SANITIZE_NUMBER_INT],
@@ -762,6 +762,22 @@ class AjaxProfile extends AjaxHandler
return ''; return '';
} }
protected static function checkTalentString(string $val) : string
{
if (preg_match('/^\d+$/', $val))
return $val;
return '';
}
protected static function checkGlyphString(string $val) : string
{
if (preg_match('/^\d+(:\d+)*$/', $val))
return $val;
return '';
}
} }
?> ?>

10
includes/utilities.php
View File

@@ -109,10 +109,16 @@ trait TrRequestData
return []; return [];
} }
private static function checkFulltext(string $val) : string private static function checkTextLine(string $val) : string
{ {
// trim non-printable chars // trim non-printable chars
return preg_replace('/[\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val); return preg_replace('/[\p{Cc}\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val);
}
private static function checkTextBlob(string $val) : string
{
// trim non-printable chars
return preg_replace('/[\x00-\x09\x0B-\x1F\p{Cf}\p{Co}\p{Cs}\p{Cn}]/ui', '', $val);
} }
} }

6
pages/account.php
View File

@@ -34,9 +34,9 @@ class AccountPage extends GenericPage
protected $_post = array( protected $_post = array(
'username' => ['filter' => FILTER_SANITIZE_SPECIAL_CHARS, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'username' => ['filter' => FILTER_SANITIZE_SPECIAL_CHARS, 'flags' => FILTER_FLAG_STRIP_AOWOW],
'password' => ['filter' => FILTER_UNSAFE_RAW], 'password' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'],
'c_password' => ['filter' => FILTER_UNSAFE_RAW], 'c_password' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'],
'token' => ['filter' => FILTER_UNSAFE_RAW], 'token' => ['filter' => FILTER_SANITIZE_SPECIAL_CHARS, 'flags' => FILTER_FLAG_STRIP_AOWOW],
'remember_me' => ['filter' => FILTER_CALLBACK, 'options' => 'AccountPage::rememberCallback'], 'remember_me' => ['filter' => FILTER_CALLBACK, 'options' => 'AccountPage::rememberCallback'],
'email' => ['filter' => FILTER_SANITIZE_EMAIL] 'email' => ['filter' => FILTER_SANITIZE_EMAIL]
); );

10
pages/guide.php
View File

@@ -42,11 +42,11 @@ class GuidePage extends GenericPage
protected /* array */ $_post = array( protected /* array */ $_post = array(
'save' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'], 'save' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'],
'submit' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'], 'submit' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkEmptySet'],
'title' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'title' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'],
'name' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'name' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextLine'],
'description' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'description' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'],
'changelog' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW], 'changelog' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'],
'body' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkFulltext'], 'body' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob'],
'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], 'locale' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'],
'category' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], 'category' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'],
'specId' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'], 'specId' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkInt'],

2
pages/screenshot.php
View File

@@ -29,7 +29,7 @@ class ScreenshotPage extends GenericPage
protected $_post = array( protected $_post = array(
'coords' => ['filter' => FILTER_CALLBACK, 'options' => 'ScreenshotPage::checkCoords'], 'coords' => ['filter' => FILTER_CALLBACK, 'options' => 'ScreenshotPage::checkCoords'],
'screenshotalt' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW] 'screenshotalt' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkTextBlob']
); );
public function __construct($pageCall, $pageParam) public function __construct($pageCall, $pageParam)