aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authornicosomb <nicolas@loeuillet.org>2013-04-15 14:09:58 +0200
committernicosomb <nicolas@loeuillet.org>2013-04-15 14:09:58 +0200
commitcf3180f6b8c552bbf7214d1ba72fbf1fc90ef861 (patch)
tree86d0cad24ed4891165d720a3bb19fffe6f55c73b
parent358ab47957de18183aa3d3f7a62b631cd131f41f (diff)
downloadwallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.tar.gz
wallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.tar.zst
wallabag-cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861.zip
vérificatio CSRF et mise en page
-rw-r--r--css/style.css50
-rw-r--r--inc/config.php10
-rwxr-xr-xinc/functions.php30
-rwxr-xr-xindex.php13
-rw-r--r--js/poche.js8
-rw-r--r--process.php45
-rw-r--r--tpl/home.html10
-rwxr-xr-xtpl/view.html8
-rwxr-xr-xview.php1
9 files changed, 125 insertions, 50 deletions
diff --git a/css/style.css b/css/style.css
index 959a411a..d77fb9e7 100644
--- a/css/style.css
+++ b/css/style.css
@@ -65,6 +65,16 @@ footer {
65 cursor: pointer; 65 cursor: pointer;
66} 66}
67 67
68input[type=submit].delete {
69 background : url('../img/delete.png') no-repeat center center;
70 width : 16px;
71 height :16px;
72 border : none;
73 color : transparent;
74 cursor: pointer;
75 font-size : 0;
76}
77
68#main #content { 78#main #content {
69 margin-top: 20px; 79 margin-top: 20px;
70} 80}
@@ -77,13 +87,15 @@ footer {
77 min-height: 8em; 87 min-height: 8em;
78 -webkit-border-radius: 2px; 88 -webkit-border-radius: 2px;
79 border-radius: 2px; 89 border-radius: 2px;
80 -webkit-box-shadow: 0px 0px 2px -1px #000; 90 -webkit-box-shadow: 0px 0px 6px -1px #000;
81 box-shadow: 0px 0px 2px -1px #000; 91 box-shadow: 0px 0px 6px -1px #000;
82 width: 30%; 92 width: 30%;
83 margin: 10px; 93 margin: 10px;
84 float: left; 94 float: left;
85} 95}
86 96#main .entrie h2 {
97 width: 95%;
98}
87#main .entrie h2 a { 99#main .entrie h2 a {
88 text-decoration: none; 100 text-decoration: none;
89} 101}
@@ -92,20 +104,38 @@ footer {
92 color: #F5BE00; 104 color: #F5BE00;
93} 105}
94 106
95#main .entrie .tools { 107.tools {
96 position:absolute; 108 position: absolute;
97 bottom: 0; 109 top: 20px;
98 width: 100%; 110 right: 20px;
111 width: 30px;
99 text-align: right; 112 text-align: right;
100 margin-left: -20px; 113}
114
115.tools ul {
116 padding: 0; margin: 0;
117 list-style-type: none;
118}
119
120.tools ul li {
121 line-height: 20px;
122}
123
124.tools a.tool {
125 cursor: pointer;
101} 126}
102 127
103#article .tools { 128#article .tools {
129 position: relative;
104 display: inline; 130 display: inline;
131 top: 0px;
132 right: 0px;
133 width: 100%;
134 text-align: left;
105} 135}
106 136
107#article .tools a.tool { 137#article.tools ul li{
108 cursor: pointer; 138 display: inline;
109} 139}
110 140
111#main .entrie .tools a.tool span, #article .tools a.tool span { 141#main .entrie .tools a.tool span, #article .tools a.tool span {
diff --git a/inc/config.php b/inc/config.php
index 29a22507..84b86998 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -22,4 +22,12 @@ raintpl::$cache_dir = './cache/';
22raintpl::$base_url = get_poche_url(); 22raintpl::$base_url = get_poche_url();
23raintpl::configure('path_replace', false); 23raintpl::configure('path_replace', false);
24raintpl::configure('debug', false); 24raintpl::configure('debug', false);
25$tpl = new raintpl(); \ No newline at end of file 25$tpl = new raintpl();
26
27session_start();
28
29if (!isset($_SESSION['token_poche'])) {
30 $token = md5(uniqid(rand(), TRUE));
31 $_SESSION['token_poche'] = $token;
32 $_SESSION['token_time_poche'] = time();
33} \ No newline at end of file
diff --git a/inc/functions.php b/inc/functions.php
index 45828bf2..30e00393 100755
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -125,7 +125,7 @@ function prepare_url($url)
125/** 125/**
126 * Appel d'une action (mark as fav, archive, delete) 126 * Appel d'une action (mark as fav, archive, delete)
127 */ 127 */
128function action_to_do($action, $id) 128function action_to_do($action, $id, $url, $token)
129{ 129{
130 global $db; 130 global $db;
131 131
@@ -140,8 +140,11 @@ function action_to_do($action, $id)
140 $params_action = array($url, $parametres_url['title'], $parametres_url['content']); 140 $params_action = array($url, $parametres_url['title'], $parametres_url['content']);
141 break; 141 break;
142 case 'delete': 142 case 'delete':
143 $sql_action = "DELETE FROM entries WHERE id=?"; 143 if (verif_token($token)) {
144 $params_action = array($id); 144 $sql_action = "DELETE FROM entries WHERE id=?";
145 $params_action = array($id);
146 }
147 else die('CSRF problem');
145 break; 148 break;
146 default: 149 default:
147 break; 150 break;
@@ -224,4 +227,25 @@ function get_article($id)
224 } 227 }
225 228
226 return $entry; 229 return $entry;
230}
231
232/**
233 * Vérifie si le jeton passé en $_POST correspond à celui en session
234 */
235function verif_token($token)
236{
237 if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token))
238 {
239 if($_SESSION['token_poche'] == $token)
240 {
241 $old_timestamp = time() - (15*60);
242 if($_SESSION['token_time_poche'] >= $old_timestamp)
243 {
244 return TRUE;
245 }
246 else return FALSE;
247 }
248 else return FALSE;
249 }
250 else return FALSE;
227} \ No newline at end of file 251} \ No newline at end of file
diff --git a/index.php b/index.php
index 1cb32f58..d477d699 100755
--- a/index.php
+++ b/index.php
@@ -10,12 +10,16 @@
10 10
11include dirname(__FILE__).'/inc/config.php'; 11include dirname(__FILE__).'/inc/config.php';
12 12
13$action = (isset ($_GET['action'])) ? htmlspecialchars($_GET['action']) : ''; 13$action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['action']) : '';
14$view = (isset ($_GET['view'])) ? htmlspecialchars($_GET['view']) : 'index'; 14$view = (isset ($_GET['view'])) ? htmlentities($_GET['view']) : 'index';
15$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : ''; 15$id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : '';
16$url = (isset ($_GET['url'])) ? $_GET['url'] : ''; 16$url = (isset ($_GET['url'])) ? $_GET['url'] : '';
17$token = (isset ($_POST['token'])) ? $_POST['token'] : '';
18
19if ($action != '') {
20 action_to_do($action, $id, $url, $token);
21}
17 22
18action_to_do($action, $id);
19$entries = display_view($view); 23$entries = display_view($view);
20 24
21$tpl->assign('title', 'poche, a read it later open source system'); 25$tpl->assign('title', 'poche, a read it later open source system');
@@ -23,4 +27,5 @@ $tpl->assign('view', $view);
23$tpl->assign('poche_url', get_poche_url()); 27$tpl->assign('poche_url', get_poche_url());
24$tpl->assign('entries', $entries); 28$tpl->assign('entries', $entries);
25$tpl->assign('load_all_js', 1); 29$tpl->assign('load_all_js', 1);
30$tpl->assign('token', $_SESSION['token_poche']);
26$tpl->draw('home'); \ No newline at end of file 31$tpl->draw('home'); \ No newline at end of file
diff --git a/js/poche.js b/js/poche.js
index 64df553c..0dcc0a35 100644
--- a/js/poche.js
+++ b/js/poche.js
@@ -1,16 +1,16 @@
1function toggle_favorite(element, id) { 1function toggle_favorite(element, id, token) {
2 $(element).toggleClass('fav-off'); 2 $(element).toggleClass('fav-off');
3 $.ajax ({ 3 $.ajax ({
4 url: "process.php?action=toggle_fav", 4 url: "process.php?action=toggle_fav",
5 data:{id:id} 5 data:{id:id, token:token}
6 }); 6 });
7} 7}
8 8
9function toggle_archive(element, id, view_article) { 9function toggle_archive(element, id, token, view_article) {
10 $(element).toggleClass('archive-off'); 10 $(element).toggleClass('archive-off');
11 $.ajax ({ 11 $.ajax ({
12 url: "process.php?action=toggle_archive", 12 url: "process.php?action=toggle_archive",
13 data:{id:id} 13 data:{id:id, token:token}
14 }); 14 });
15 var obj = $('#entry-'+id); 15 var obj = $('#entry-'+id);
16 16
diff --git a/process.php b/process.php
index 0bd20e5d..5a056caa 100644
--- a/process.php
+++ b/process.php
@@ -11,27 +11,30 @@
11include dirname(__FILE__).'/inc/config.php'; 11include dirname(__FILE__).'/inc/config.php';
12$db = new db(DB_PATH); 12$db = new db(DB_PATH);
13 13
14$action = (isset ($_GET['action'])) ? htmlspecialchars($_GET['action']) : ''; 14$action = (isset ($_GET['action'])) ? htmlentities($_GET['action']) : '';
15$id = (isset ($_GET['id'])) ? htmlspecialchars($_GET['id']) : ''; 15$id = (isset ($_GET['id'])) ? htmlentities($_GET['id']) : '';
16$token = (isset ($_GET['token'])) ? $_GET['token'] : '';
16 17
17switch ($action) 18if (verif_token($token)) {
18{ 19 switch ($action)
19 case 'toggle_fav' : 20 {
20 $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?"; 21 case 'toggle_fav' :
21 $params_action = array($id); 22 $sql_action = "UPDATE entries SET is_fav=~is_fav WHERE id=?";
22 break; 23 $params_action = array($id);
23 case 'toggle_archive' : 24 break;
24 $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?"; 25 case 'toggle_archive' :
25 $params_action = array($id); 26 $sql_action = "UPDATE entries SET is_read=~is_read WHERE id=?";
26 break; 27 $params_action = array($id);
27 default: 28 break;
28 break; 29 default:
29} 30 break;
31 }
30 32
31# action query 33 # action query
32if (isset($sql_action)) 34 if (isset($sql_action))
33{ 35 {
34 $query = $db->getHandle()->prepare($sql_action); 36 $query = $db->getHandle()->prepare($sql_action);
35 $query->execute($params_action); 37 $query->execute($params_action);
38 }
36} 39}
37?> \ No newline at end of file 40else die('CSRF problem'); \ No newline at end of file
diff --git a/tpl/home.html b/tpl/home.html
index 70a35a7f..0de8007b 100644
--- a/tpl/home.html
+++ b/tpl/home.html
@@ -8,7 +8,7 @@
8 <li><a href="index.php" {if="$view == 'index'"}class="current"{/if}>home</a></li> 8 <li><a href="index.php" {if="$view == 'index'"}class="current"{/if}>home</a></li>
9 <li><a href="?view=fav" {if="$view == 'fav'"}class="current"{/if}>favorites</a></li> 9 <li><a href="?view=fav" {if="$view == 'fav'"}class="current"{/if}>favorites</a></li>
10 <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li> 10 <li><a href="?view=archive" {if="$view == 'archive'"}class="current"{/if}>archive</a></li>
11 <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href;var%20title%20=%20document.title%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li> 11 <li><a style="cursor: move" title="i am a bookmarklet, use me !" href="javascript:(function(){var%20url%20=%20location.href%20||%20url;window.open('{$poche_url}?action=add&url='%20+%20encodeURIComponent(url),'_self');})();">poche it !</a></li>
12 </ul> 12 </ul>
13 <div id="content"> 13 <div id="content">
14 {loop="entries"} 14 {loop="entries"}
@@ -18,9 +18,11 @@
18 <a href="view.php?id={$value.id}">{$value.title}</a> 18 <a href="view.php?id={$value.id}">{$value.title}</a>
19 </h2> 19 </h2>
20 <div class="tools"> 20 <div class="tools">
21 <a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id})"><span></span></a> 21 <ul>
22 <a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id})"><span></span></a> 22 <li><a title="toggle mark as read" class="tool archive {if="$value.is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$value.id}, '{$token}')"><span></span></a></li>
23 <a href="?action=delete&id={$value.id}" title="toggle delete" onclick="return confirm('Are you sure?')" class="tool delete"><span></span></a> 23 <li><a title="toggle favorite" class="tool fav {if="$value.is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$value.id}, '{$token}')"><span></span></a></li>
24 <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$value.id}" /><input type="submit" class="delete" title="toggle delete" /></form></li>
25 </ul>
24 </div> 26 </div>
25 </span> 27 </span>
26 </div> 28 </div>
diff --git a/tpl/view.html b/tpl/view.html
index 1e057889..d24d26ed 100755
--- a/tpl/view.html
+++ b/tpl/view.html
@@ -5,9 +5,11 @@
5 <a href="index.php" title="back to home">&larr;</a> 5 <a href="index.php" title="back to home">&larr;</a>
6 </div> 6 </div>
7 <div class="tools"> 7 <div class="tools">
8 <a title="toggle mark as read" class="tool archive {if="$is_read == 0"}archive-off{/if}" onclick="toggle_archive(this, {$id}, 1)"><span></span></a> 8 <ul>
9 <a title="toggle favorite" class="tool fav {if="$is_fav == 0"}fav-off{/if}" onclick="toggle_favorite(this, {$id})"><span></span></a> 9 <li><a title="toggle mark as read" class="tool archive {if="$is_read == '0'"}archive-off{/if}" onclick="toggle_archive(this, {$id}, '{$token}')"><span></span></a></li>
10 <a href="index.php?action=delete&id={$id}" title="toggle delete" onclick="return confirm('Are you sure?')" class="tool delete"><span></span></a> 10 <li><a title="toggle favorite" class="tool fav {if="$is_fav == '0'"}fav-off{/if}" onclick="toggle_favorite(this, {$id}, '{$token}')"><span></span></a></li>
11 <li><form method="post" onsubmit="return confirm('Are you sure?')" style="display: inline;"><input type="hidden" name="token" id="token" value="{$token}" /><input type="hidden" id="action" name="action" value="delete" /><input type="hidden" id="id" name="id" value="{$id}" /><input type="submit" class="delete" title="toggle delete" /></form></li>
12 </ul>
11 </div> 13 </div>
12 <header class="mbm"> 14 <header class="mbm">
13 <h1><a href="{$url}">{$title}</a></h1> 15 <h1><a href="{$url}">{$title}</a></h1>
diff --git a/view.php b/view.php
index dfc26b9d..dbafec6b 100755
--- a/view.php
+++ b/view.php
@@ -24,6 +24,7 @@ if(!empty($id)) {
24 $tpl->assign('is_fav', $entry[0]['is_fav']); 24 $tpl->assign('is_fav', $entry[0]['is_fav']);
25 $tpl->assign('is_read', $entry[0]['is_read']); 25 $tpl->assign('is_read', $entry[0]['is_read']);
26 $tpl->assign('load_all_js', 0); 26 $tpl->assign('load_all_js', 0);
27 $tpl->assign('token', $_SESSION['token_poche']);
27 $tpl->draw('view'); 28 $tpl->draw('view');
28 } 29 }
29 else { 30 else {