WordPress.org
Get WordPress

Plugin Directory

Changeset 1724289


Ignore:
Timestamp:
09/04/2017 01:29:41 PM (9 years ago)
Author:
manafactory
Message:

security issue

Location:
ginger/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • ginger/trunk/addon/exporter/index.php

    r1620188 r1724289  
    1515    }
    1616    if(isset($_POST["action"]) && $_POST["action"] == "import"){
     17        $nonce = $_REQUEST['_wpnonce'];
     18        if ( ! wp_verify_nonce( $nonce, 'save_ginger_export_options' ) ) {
     19            exit; // Get out of here, the nonce is rotten!
     20        }
    1721        if($newconf = @unserialize(stripslashes($_POST["data"]))) {
     22            $newconf = json_decode(json_encode($newconf));
    1823            foreach($newconf as $key => $val){
    1924                update_option($key, $val);
     
    5661        <p><?php _e("Upload here the export file to overwrite existing settings!", "ginger"); ?></p>
    5762        <form method="post" action="admin.php?page=<?php echo $_GET["page"]; ?>">
    58             <?php wp_nonce_field('save_ginger_export_options', 'ginger_export_options'); ?>
     63            <?php wp_nonce_field('save_ginger_export_options'); ?>
    5964            <input type="hidden" name="action" value="import" >
    6065            <textarea name="data" style="width:100%;" rows="10" ></textarea>

  • ginger/trunk/addon/logger/ginger.logger.php

    r1620188 r1724289  
    125125        var ginger_logger = "Y";
    126126        var ginger_logger_url = "<?php bloginfo("url"); ?>";
    127         var current_url = "<?php echo (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; ?>";
     127        var current_url = "<?php
     128            $curl = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
     129            if(filter_var($url, FILTER_VALIDATE_URL) === FALSE){
     130                $curl = get_bloginfo("url");
     131            }else{
     132                $curl = $curl;
     133            }
     134            echo $curl;
     135            ?>";
    128136
    129137        function gingerAjaxLogTime(status) {
     
    151159            var parameters = "ginger_action=log&time=" + ginger_logtime + "&url=" + current_url + "&status=" + status;
    152160            var url= ginger_logger_url + "?" + parameters;
    153             console.log(url);
     161            //console.log(url);
    154162            xmlHttp.open("GET", url, true);
    155163
     
    170178    if($url == "")
    171179        $url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
     180    if(filter_var($url, FILTER_VALIDATE_URL) === FALSE){
     181        $url = get_bloginfo("url");
     182    }
    172183    $table_name = $wpdb->prefix . 'logger_ginger';
    173184    $ipuser = ginger_get_ip_address();

  • ginger/trunk/readme.txt

    r1711396 r1724289  
    55Requires at least: 3.0.1
    66Tested up to: 4.7.3
    7 Stable tag: 4.1.3
     7Stable tag: 4.1.4
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    9292
    9393
    94 = 4.1.3 =
    95 * Dutch language
    96 
    9794= 4.1.2 =
    9895* bug fixing from github
Note: See TracChangeset for help on using the changeset viewer.