Implemented Basic Input Validation

2022-02-18 10:08:22 +01:00 · 2022-02-18 10:08:22 +01:00 · f73f34e775
parent 69b481d06d
commit f73f34e775
3 changed files with 61 additions and 8 deletions
--- a/index.php
+++ b/index.php
@ -26,7 +26,19 @@ $gslice = $_GET['gs'] ?? $conf['defslice'];
 $dir    = $_GET['d'] ?? $conf['defdir'];
 $sort   = $_GET['so'] ?? 1;

+// Input Validation and Sanitazion
+$page   =  Helpers::validate_int($page, 1, PHP_INT_MAX) ? $page : $conf['defpage'];
+$slice  =  Helpers::validate_int($slice, 1, 100) ? $slice : $conf['defslice'];
+$gslice =  Helpers::validate_int($gslice, 1, 100) ? $gslice : $conf['defslice'];
+$sort   =  Helpers::validate_int($sort, 0, 1) ? $sort : $conf['defslice'];
+
+// Set Some Variables
+$host   = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
+$proto  = isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ? $_SERVER['HTTP_X_FORWARDED_PROTO'] : $_SERVER['REQUEST_SCHEME'];
+$secure = ($proto == 'https');
+
 // Create or Load Session
+session_set_cookie_params([ 'lifetime' => 3600, 'path' => '/', 'domain' => $host, 'secure' => $secure, 'httponly' => true, 'samesite' => 'lax' ]);
 session_start();

 // Initialize Thumbnail Handler
@ -46,7 +58,9 @@ if (isset($_SESSION[$cdir])
 } else {
  $r_imagedir = realpath($imagedir.$dir);
  if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
-    print "Path Traversal Detected!";
+    $data['script'] = $_SERVER['PHP_SELF'];
+    $data['errormsg'] = 'A Path Traversal was Detected';
+    Template::view('tpl/error.html', $data);
    exit();
  }
  $tmpdirs = glob(Helpers::end_dir($imagedir.$dir).'*' , GLOB_ONLYDIR);
@ -69,13 +83,20 @@ if (isset($_SESSION[$cdir])
 $filter='';
 if (isset($_GET['f'])) {
  if ($_GET['f'] != '') {
-    $tr = array('(' => '\(', ')' => '\)');
-    $f = strtr($_GET['f'], $tr);
-    if (!empty($files))
-      $files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
-    if (!empty($dirs))
-      $dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
-    $filter='&f='.$_GET['f'];
+    if (Helpers::validate_search($_GET['f'])) {
+      $tr = array('(' => '\(', ')' => '\)');
+      $f = strtr($_GET['f'], $tr);
+      if (!empty($files))
+        $files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
+      if (!empty($dirs))
+        $dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
+      $filter='&f='.$_GET['f'];
+    } else {
+      $data['script'] = $_SERVER['PHP_SELF'];
+      $data['errormsg'] = 'An Invalid Search String was detected';
+      Template::view('tpl/error.html', $data);
+      exit();
+    }
  }
 }

--- a/lib/helpers.class.php
+++ b/lib/helpers.class.php
@ -11,6 +11,26 @@ class Helpers {
    }
  }

+  // Check if a Variable is an Integer and in the defined Range
+  public static function validate_int($int, $min, $max) {
+    if (is_string($int) && !ctype_digit($int)) {
+      return false; // contains non digit characters
+    }
+    if (!is_int((int) $int)) {
+      return false; // other non-integer value or exceeds PHP_MAX_INT
+    }
+    return ($int >= $min && $int <= $max);
+  }
+
+  // Check Search String for Valid Characters
+  public static function validate_search($search) {
+    if (!preg_match("#^[a-zA-Z0-9äöüÄÖÜ _\-\.\*\?]+$#", $search)) {
+      return false;
+    } else {
+      return true;
+    }
+  }
+
 }

 ?>
--- a/tpl/error.html
+++ b/tpl/error.html
@ -0,0 +1,12 @@
+{% extends tpl/layout.html %}
+
+{% block title %}An Error Occured{% endblock %}
+
+{% block content %}
+
+<div class="container">
+  <p class="error">{{ $errormsg }}</p>
+  <p class="error">Return to <a href="{{ $script }}">Homepage</a></p>
+</div>
+
+{% endblock %}