Implemented Basic Input Validation
This commit is contained in:
parent
69b481d06d
commit
f73f34e775
3 changed files with 61 additions and 8 deletions
37
index.php
37
index.php
|
@ -26,7 +26,19 @@ $gslice = $_GET['gs'] ?? $conf['defslice'];
|
|||
$dir = $_GET['d'] ?? $conf['defdir'];
|
||||
$sort = $_GET['so'] ?? 1;
|
||||
|
||||
// Input Validation and Sanitazion
|
||||
$page = Helpers::validate_int($page, 1, PHP_INT_MAX) ? $page : $conf['defpage'];
|
||||
$slice = Helpers::validate_int($slice, 1, 100) ? $slice : $conf['defslice'];
|
||||
$gslice = Helpers::validate_int($gslice, 1, 100) ? $gslice : $conf['defslice'];
|
||||
$sort = Helpers::validate_int($sort, 0, 1) ? $sort : $conf['defslice'];
|
||||
|
||||
// Set Some Variables
|
||||
$host = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
|
||||
$proto = isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ? $_SERVER['HTTP_X_FORWARDED_PROTO'] : $_SERVER['REQUEST_SCHEME'];
|
||||
$secure = ($proto == 'https');
|
||||
|
||||
// Create or Load Session
|
||||
session_set_cookie_params([ 'lifetime' => 3600, 'path' => '/', 'domain' => $host, 'secure' => $secure, 'httponly' => true, 'samesite' => 'lax' ]);
|
||||
session_start();
|
||||
|
||||
// Initialize Thumbnail Handler
|
||||
|
@ -46,7 +58,9 @@ if (isset($_SESSION[$cdir])
|
|||
} else {
|
||||
$r_imagedir = realpath($imagedir.$dir);
|
||||
if ($r_imagedir === false || strpos(Helpers::end_dir($r_imagedir), $r_basedir.DIRECTORY_SEPARATOR) !== 0) {
|
||||
print "Path Traversal Detected!";
|
||||
$data['script'] = $_SERVER['PHP_SELF'];
|
||||
$data['errormsg'] = 'A Path Traversal was Detected';
|
||||
Template::view('tpl/error.html', $data);
|
||||
exit();
|
||||
}
|
||||
$tmpdirs = glob(Helpers::end_dir($imagedir.$dir).'*' , GLOB_ONLYDIR);
|
||||
|
@ -69,13 +83,20 @@ if (isset($_SESSION[$cdir])
|
|||
$filter='';
|
||||
if (isset($_GET['f'])) {
|
||||
if ($_GET['f'] != '') {
|
||||
$tr = array('(' => '\(', ')' => '\)');
|
||||
$f = strtr($_GET['f'], $tr);
|
||||
if (!empty($files))
|
||||
$files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
|
||||
if (!empty($dirs))
|
||||
$dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
|
||||
$filter='&f='.$_GET['f'];
|
||||
if (Helpers::validate_search($_GET['f'])) {
|
||||
$tr = array('(' => '\(', ')' => '\)');
|
||||
$f = strtr($_GET['f'], $tr);
|
||||
if (!empty($files))
|
||||
$files = array_values(preg_grep('/.*'.$f.'.*/i', $files));
|
||||
if (!empty($dirs))
|
||||
$dirs = array_values(preg_grep('/.*'.$f.'.*/i', $dirs));
|
||||
$filter='&f='.$_GET['f'];
|
||||
} else {
|
||||
$data['script'] = $_SERVER['PHP_SELF'];
|
||||
$data['errormsg'] = 'An Invalid Search String was detected';
|
||||
Template::view('tpl/error.html', $data);
|
||||
exit();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -11,6 +11,26 @@ class Helpers {
|
|||
}
|
||||
}
|
||||
|
||||
// Check if a Variable is an Integer and in the defined Range
|
||||
public static function validate_int($int, $min, $max) {
|
||||
if (is_string($int) && !ctype_digit($int)) {
|
||||
return false; // contains non digit characters
|
||||
}
|
||||
if (!is_int((int) $int)) {
|
||||
return false; // other non-integer value or exceeds PHP_MAX_INT
|
||||
}
|
||||
return ($int >= $min && $int <= $max);
|
||||
}
|
||||
|
||||
// Check Search String for Valid Characters
|
||||
public static function validate_search($search) {
|
||||
if (!preg_match("#^[a-zA-Z0-9äöüÄÖÜ _\-\.\*\?]+$#", $search)) {
|
||||
return false;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
12
tpl/error.html
Normal file
12
tpl/error.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
{% extends tpl/layout.html %}
|
||||
|
||||
{% block title %}An Error Occured{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
|
||||
<div class="container">
|
||||
<p class="error">{{ $errormsg }}</p>
|
||||
<p class="error">Return to <a href="{{ $script }}">Homepage</a></p>
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
Loading…
Reference in a new issue