From 70983040b258cba984176252eaec10c28d3f2fb6 Mon Sep 17 00:00:00 2001 From: jeff Date: Wed, 23 Jun 2010 19:32:33 +0000 Subject: [PATCH] backport RT8384 config input validation --- httemplate/config/config-process.cgi | 41 ++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/httemplate/config/config-process.cgi b/httemplate/config/config-process.cgi index 788d9016e..925240633 100644 --- a/httemplate/config/config-process.cgi +++ b/httemplate/config/config-process.cgi @@ -1,3 +1,30 @@ +%if ( scalar(@error) ) { +% +% my $url = popurl(1)."config.cgi"; +% if ( length($cgi->query_string) > 1920 ) { #stupid IE 2083 URL limit +% +% my $session = int(rand(4294967296)); #XXX +% my $pref = new FS::access_user_pref({ +% 'usernum' => $FS::CurrentUser::CurrentUser->usernum, +% 'prefname' => "redirect$session", +% 'prefvalue' => $cgi->query_string, +% 'expiration' => time + 3600, #1h? 1m? +% }); +% my $pref_error = $pref->insert; +% if ( $pref_error ) { +% die "FATAL: couldn't even set redirect cookie: $pref_error". +% " attempting to set redirect$session to ". $cgi->query_string."\n"; +% } +% +<% $cgi->redirect("$url?redirect=$session") %> +% +% } else { +% +<% $cgi->redirect("$url?". $cgi->query_string ) %> +% +% } +% +%} else { <% header('Configuration set') %> +%} <%once> #false laziness w/config-view.cgi my %namecol = ( @@ -83,6 +111,7 @@ my $agentnum = $cgi->param('agentnum'); my $key = $cgi->param('key'); my $i = $confitems{$key}; +my @error = (); my @touch = (); my @delete = (); my $n = 0; @@ -92,6 +121,8 @@ foreach my $type ( ref($i->type) ? @{$i->type} : $i->type ) { if ( $cgi->param($i->key.$n) ne '' ) { my $value = $cgi->param($i->key.$n); $value =~ s/\r\n/\n/g; #browsers? + my $error = &{$i->validate}($value, $n) if $i->validate; + push @error, $error if $error; $conf->set($i->key, $value, $agentnum); } else { $conf->delete($i->key, $agentnum); @@ -99,6 +130,8 @@ foreach my $type ( ref($i->type) ? @{$i->type} : $i->type ) { } elsif ( $type eq 'binary' || $type eq 'image' ) { if ( defined($cgi->param($i->key.$n)) && $cgi->param($i->key.$n) ) { my $fh = $cgi->upload($i->key.$n); + my $error = &{$i->validate}($fh, $n) if $i->validate; + push @error, $error if $error; if (defined($fh)) { local $/; $conf->set_binary($i->key, <$fh>, $agentnum); @@ -118,12 +151,16 @@ foreach my $type ( ref($i->type) ? @{$i->type} : $i->type ) { || $i->multiple ) ) { if ( scalar(@{[ $cgi->param($i->key.$n) ]}) ) { + my $error = &{$i->validate}([ $cgi->param($i->key.$n) ], $n) if $i->validate; + push @error, $error if $error; $conf->set($i->key, join("\n", @{[ $cgi->param($i->key.$n) ]} ), $agentnum); } else { $conf->delete($i->key, $agentnum); } } elsif ( $type =~ /^(text|select(-(sub|part_svc|part_pkg|pkg_class))?)$/ ) { if ( $cgi->param($i->key.$n) ne '' ) { + my $error = &{$i->validate}($cgi->param($i->key.$n), $n) if $i->validate; + push @error, $error if $error; $conf->set($i->key, $cgi->param($i->key.$n), $agentnum); } else { $conf->delete($i->key, $agentnum); @@ -135,4 +172,8 @@ foreach my $type ( ref($i->type) ? @{$i->type} : $i->type ) { $conf->touch($_, $agentnum) foreach @touch; $conf->delete($_, $agentnum) foreach @delete; +if (scalar(@error)) { + $cgi->param('error', join(' ', @error)); +} + -- 2.11.0