fix: Security bug in session env
This commit is contained in:
parent
63b22dc502
commit
a440cb5f41
10 changed files with 30 additions and 16 deletions
|
|
@ -532,7 +532,7 @@ sub hasRated {
|
|||
return 1 if $self->isPoster;
|
||||
my $flag = 0;
|
||||
if ($self->session->user->userId eq "1") {
|
||||
($flag) = $self->session->db->quickArray("select count(*) from Post_rating where assetId=? and ipAddress=?",[$self->getId, $self->session->env->get("REMOTE_ADDR")]);
|
||||
($flag) = $self->session->db->quickArray("select count(*) from Post_rating where assetId=? and ipAddress=?",[$self->getId, $self->session->env->getIp]);
|
||||
} else {
|
||||
($flag) = $self->session->db->quickArray("select count(*) from Post_rating where assetId=? and userId=?",[$self->getId, $self->session->user->userId]);
|
||||
}
|
||||
|
|
@ -776,7 +776,7 @@ sub rate {
|
|||
return undef unless ($rating == -1 || $rating == 1);
|
||||
unless ($self->hasRated) {
|
||||
$self->session->db->write("insert into Post_rating (assetId,userId,ipAddress,dateOfRating,rating) values ("
|
||||
.$self->session->db->quote($self->getId).", ".$self->session->db->quote($self->session->user->userId).", ".$self->session->db->quote($self->session->env->get("REMOTE_ADDR")).",
|
||||
.$self->session->db->quote($self->getId).", ".$self->session->db->quote($self->session->user->userId).", ".$self->session->db->quote($self->session->env->getIp).",
|
||||
".$self->session->datetime->time().", ".$self->session->db->quote($rating).")");
|
||||
my ($sum) = $self->session->db->quickArray("select sum(rating) from Post_rating where assetId=".$self->session->db->quote($self->getId));
|
||||
$self->update({rating=>$sum});
|
||||
|
|
|
|||
|
|
@ -553,7 +553,7 @@ sub rate {
|
|||
return undef unless ($rating == -1 || $rating == 1);
|
||||
unless ($self->hasRated) {
|
||||
$self->session->db->write("insert into Post_rating (assetId,userId,ipAddress,dateOfRating,rating) values ("
|
||||
.$self->session->db->quote($self->getId).", ".$self->session->db->quote($self->session->user->userId).", ".$self->session->db->quote($self->session->env->get("REMOTE_ADDR")).",
|
||||
.$self->session->db->quote($self->getId).", ".$self->session->db->quote($self->session->user->userId).", ".$self->session->db->quote($self->session->env->getIp).",
|
||||
".$self->session->datetime->time().", ".$self->session->db->quote($rating).")");
|
||||
my ($sum) = $self->session->db->quickArray("select sum(Post.rating) from Post left join asset on Post.assetId=asset.assetId where Post.threadId=".$self->session->db->quote($self->getId)." and Post.rating>0");
|
||||
$self->update({rating=>$sum});
|
||||
|
|
|
|||
|
|
@ -1091,7 +1091,7 @@ sub www_process {
|
|||
assetId=>$self->getId,
|
||||
userId=>$self->session->user->userId,
|
||||
username=>$self->session->user->username,
|
||||
ipAddress=>$self->session->env->get("REMOTE_ADDR"),
|
||||
ipAddress=>$self->session->env->getIp,
|
||||
submissionDate=>$self->session->datetime->time()
|
||||
},0);
|
||||
my ($var, %row, @errors, $updating, $hadErrors);
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ sub _hasVoted {
|
|||
my $self = shift;
|
||||
my ($hasVoted) = $self->session->db->quickArray("select count(*) from Poll_answer
|
||||
where assetId=".$self->session->db->quote($self->getId)." and ((userId=".$self->session->db->quote($self->session->user->userId)."
|
||||
and userId<>'1') or (userId=".$self->session->db->quote($self->session->user->userId)." and ipAddress='".$self->session->env->get("REMOTE_ADDR")."'))");
|
||||
and userId<>'1') or (userId=".$self->session->db->quote($self->session->user->userId)." and ipAddress='".$self->session->env->getIp."'))");
|
||||
return $hasVoted;
|
||||
}
|
||||
|
||||
|
|
@ -412,7 +412,7 @@ sub www_vote {
|
|||
my $self = shift;
|
||||
my $u;
|
||||
if ($self->session->form->process("answer") ne "" && $self->session->user->isInGroup($self->get("voteGroup")) && !($self->_hasVoted())) {
|
||||
$self->setVote($self->session->form->process("answer"),$self->session->user->userId,$self->session->env->get("REMOTE_ADDR"));
|
||||
$self->setVote($self->session->form->process("answer"),$self->session->user->userId,$self->session->env->getIp);
|
||||
if ($self->session->setting->get("useKarma")) {
|
||||
$self->session->user->karma($self->get("karmaPerVote"),"Poll (".$self->getId.")","Voted on this poll.");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -322,7 +322,7 @@ sub getEditForm {
|
|||
#-------------------------------------------------------------------
|
||||
sub getIp {
|
||||
my $self = shift;
|
||||
my $ip = ($self->get("anonymous")) ? substr(md5_hex($self->session->env->get("REMOTE_ADDR")),0,8) : $self->session->env->get("REMOTE_ADDR");
|
||||
my $ip = ($self->get("anonymous")) ? substr(md5_hex($self->session->env->getIp),0,8) : $self->session->env->getIp;
|
||||
return $ip;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue