Commit 7229edd3 authored by Thomas Bella's avatar Thomas Bella

Add CSRF tokens

parent f4574181
Pipeline #322 passed with stage
in 17 seconds
......@@ -3,8 +3,12 @@ session_start();
header('Content-Type: text/html; Charset=UTF-8');
header('Content-Security-Policy: default-src \'self\' \'unsafe-inline\' ururl.tk maxcdn.bootstrapcdn.com code.jquery.com;');
if (!empty($_SESSION['active']) && empty($_SESSION['token'])) {
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(8));
}
// logout
if( isset($_GET["logout"]) && !empty($_SESSION["active"]) ){
if(isset($_GET["logout"], $_GET["t"]) && !empty($_SESSION["active"]) && $_GET["t"] == $_SESSION["token"]){
session_destroy();
header("Location: index.php");
exit;
......@@ -188,7 +192,7 @@ if (isset($_GET["manage"])) {
<?php if(empty($_SESSION["active"])) { ?>
&bull; <a href="?manage">Login</a>
<?php }else{ ?>
&bull; <a href="?logout">Logout</a>
&bull; <a href="?logout&t=<?php echo $_SESSION['token']; ?>">Logout</a>
<?php } ?>
</p>
</footer>
......
......@@ -13,7 +13,7 @@ $error = "";
$sqlInsert = "";
// add domain
if (isset($_POST["add"], $_POST["type"]) && $_POST["type"] == "domain") {
if (isset($_POST["add"], $_POST["type"], $_POST["token"]) && $_POST["type"] == "domain" && $_POST["token"] == $_SESSION["token"]) {
// check port
if (empty($_POST["port"])) {
......@@ -49,11 +49,11 @@ if (isset($_POST["add"], $_POST["type"]) && $_POST["type"] == "domain") {
$error = "Field 'Domain' empty";
}
} else if (isset($_POST["del"])) {
} else if (isset($_POST["del"], $_POST["token"]) && $_POST["token"] == $_SESSION["token"]) {
$SQL->query("DELETE FROM domain WHERE id = :id", [ "id" => (int)$_POST["id"] ]);
// add certificate authority
} else if (isset($_POST["add"], $_POST["type"]) && $_POST["type"] == "cacert") {
} else if (isset($_POST["add"], $_POST["type"], $_POST["token"]) && $_POST["type"] == "cacert" && $_POST["token"] == $_SESSION["token"]) {
$certificateAuthorityCertificate = openssl_x509_parse($_POST["cacertificate"]);
if ($certificateAuthorityCertificate === false) {
......@@ -73,11 +73,11 @@ if (isset($_POST["add"], $_POST["type"]) && $_POST["type"] == "domain") {
$sqlInsertCA = $SQL->query("INSERT INTO custom_ca (name, certificate) VALUES (:name, :cert)",
[ 'name' => $caName, 'cert' => $_POST["cacertificate"] ]);
}
} else if (isset($_POST["cadel"])) {
} else if (isset($_POST["cadel"], $_POST["token"]) && $_POST["token"] == $_SESSION["token"]) {
$SQL->query("DELETE FROM custom_ca WHERE id = :id", [ "id" => (int)$_POST["id"] ]);
// add custom email notifications
} else if (isset($_POST["sdesav"], $_POST["emailList"])) {
} else if (isset($_POST["sdesav"], $_POST["emailList"], $_POST["token"]) && $_POST["token"] == $_SESSION["token"]) {
// Empty list
if (strlen($_POST["emailList"]) == 0) {
$SQL->query("UPDATE domain SET email = NULL WHERE id = :domainid", [
......@@ -120,6 +120,7 @@ if (!empty($sqlInsertCA)) {
</div>
<form class="form-horizontal" method="POST" action="index.php?manage">
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
<input type="hidden" name="type" value="domain" />
<div class="form-group">
<label class="col-md-2 control-label" for="domain">Domain</label>
......@@ -194,7 +195,7 @@ foreach ($records as $row) {
<td class="minwidth"><?php echo $row["port"]; ?></td>
<td class="minwidth"><?php if ($row["last_check"] == 0){ echo "Never"; } else { echo date("d.m. H:i", $row["last_check"]); } ?></td>
<?php if (EMAIL) { ?><td class="minwidth"><i class="fa fa-fw fa-envelope<?php if (strlen($row["email"]) == 0) { echo "-o"; } ?> email-click" eid="<?php echo $row["id"]; ?>" uem="<?php echo $row["email"]; ?>" aria-hidden="true"></i></td><?php } ?>
<td class="minwidth"><form method="POST"><input type="hidden" name="id" value="<?php echo $row["id"]; ?>" /><button type="submit" name="del" class="btn btn-xs btn-danger">Delete</button></form></td>
<td class="minwidth"><form method="POST"><input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" /><input type="hidden" name="id" value="<?php echo $row["id"]; ?>" /><button type="submit" name="del" class="btn btn-xs btn-danger">Delete</button></form></td>
</tr>
<?php
}
......@@ -222,7 +223,7 @@ foreach ($records as $row) {
<tr>
<td class="minwidth"><?php echo $row["id"]; ?></td>
<td><?php echo $row["name"]; ?></td>
<td class="minwidth"><form method="POST"><input type="hidden" name="id" value="<?php echo $row["id"]; ?>" /><button type="submit" name="cadel" class="btn btn-xs btn-danger">Delete</button></form></td>
<td class="minwidth"><form method="POST"><input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" /><input type="hidden" name="id" value="<?php echo $row["id"]; ?>" /><button type="submit" name="cadel" class="btn btn-xs btn-danger">Delete</button></form></td>
</tr>
<?php
}
......@@ -232,6 +233,7 @@ foreach ($records as $row) {
</div>
<form class="form-horizontal" method="POST" action="index.php?manage">
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
<input type="hidden" name="type" value="cacert" />
<div class="form-group">
......@@ -271,7 +273,7 @@ if ($filesize < 1000) {
echo round($filesize/(1000*1000),2) . " MB";
}
if (EXPORT) {
?> (Export: <a href="index.php?export=csv">CSV <small>[Domains]</small></a> | <a href="index.php?export=sqlite">SQLite</a>)<?php
?> (Export: <a href="index.php?export=csv&t=<?php echo $_SESSION['token']; ?>">CSV <small>[Domains]</small></a> | <a href="index.php?export=sqlite&t=<?php echo $_SESSION['token']; ?>">SQLite</a>)<?php
}
?></div>
<div class="col-xs-5 col-sm-3">Software update</div>
......@@ -326,6 +328,7 @@ if (EXPORT) {
<div class="row">
<div class="col-sm-12 text-center">
<form method="POST" class="sdesav">
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
<input type="hidden" name="emailList" value="" />
<input type="hidden" name="domain_id" value="" />
<button type="submit" name="sdesav" class="btn btn-success">Save</button>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment