aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorThomas Citharel <tcit@tcit.fr>2015-07-30 12:14:55 +0200
committerThomas Citharel <tcit@tcit.fr>2015-07-30 12:14:55 +0200
commit392a37e56a17ef2cc1e1bc02fe9991a56c5a0a97 (patch)
tree2c912f4dfb752ad726d21731a1a369d54871c7cc
parentef16095d626dd5c7fe74db86327452b4fac83e5f (diff)
parenta506f5b3481c00949db7bf72903f272a6b8c2954 (diff)
downloadwallabag-392a37e56a17ef2cc1e1bc02fe9991a56c5a0a97.tar.gz
wallabag-392a37e56a17ef2cc1e1bc02fe9991a56c5a0a97.tar.zst
wallabag-392a37e56a17ef2cc1e1bc02fe9991a56c5a0a97.zip
Merge pull request #1252 from wallabag/securityfix
fix security bug with PHP_AUTH_USER
-rwxr-xr-xinc/poche/Poche.class.php5
-rwxr-xr-xinc/poche/Routing.class.php9
2 files changed, 1 insertions, 13 deletions
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index ea196ce2..9014f455 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -448,7 +448,7 @@ class Poche
448 $themes = $this->tpl->getInstalledThemes(); 448 $themes = $this->tpl->getInstalledThemes();
449 $languages = $this->language->getInstalledLanguages(); 449 $languages = $this->language->getInstalledLanguages();
450 $token = $this->user->getConfigValue('token'); 450 $token = $this->user->getConfigValue('token');
451 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; 451 $http_auth = isset($_SERVER['REMOTE_USER']);
452 $only_user = ($this->store->listUsers() > 1) ? false : true; 452 $only_user = ($this->store->listUsers() > 1) ? false : true;
453 $https = substr(Tools::getPocheUrl(), 0, 5) == 'https'; 453 $https = substr(Tools::getPocheUrl(), 0, 5) == 'https';
454 $tpl_vars = array( 454 $tpl_vars = array(
@@ -655,9 +655,6 @@ class Poche
655 */ 655 */
656 private function credentials() 656 private function credentials()
657 { 657 {
658 if (isset($_SERVER['PHP_AUTH_USER'])) {
659 return array($_SERVER['PHP_AUTH_USER'], 'php_auth', true);
660 }
661 if (!empty($_POST['login']) && !empty($_POST['password'])) { 658 if (!empty($_POST['login']) && !empty($_POST['password'])) {
662 return array($_POST['login'], $_POST['password'], false); 659 return array($_POST['login'], $_POST['password'], false);
663 } 660 }
diff --git a/inc/poche/Routing.class.php b/inc/poche/Routing.class.php
index 33a81435..fb37a838 100755
--- a/inc/poche/Routing.class.php
+++ b/inc/poche/Routing.class.php
@@ -75,15 +75,6 @@ class Routing
75 } elseif (ALLOW_REGISTER && isset($_GET['register'])){ 75 } elseif (ALLOW_REGISTER && isset($_GET['register'])){
76 $this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser'], $_POST['newuseremail']); 76 $this->wallabag->createNewUser($_POST['newusername'], $_POST['password4newuser'], $_POST['newuseremail']);
77 Tools::redirect(); 77 Tools::redirect();
78 } elseif(isset($_SERVER['PHP_AUTH_USER'])) {
79 if($this->wallabag->store->userExists($_SERVER['PHP_AUTH_USER'])) {
80 $this->wallabag->login($this->referer);
81 } else {
82 $this->wallabag->messages->add('e', _('login failed: user doesn\'t exist'));
83 Tools::logm('user doesn\'t exist');
84 $tplFile = Tools::getTplFile('login');
85 $tplVars['http_auth'] = 1;
86 }
87 } elseif(isset($_SERVER['REMOTE_USER'])) { 78 } elseif(isset($_SERVER['REMOTE_USER'])) {
88 if($this->wallabag->store->userExists($_SERVER['REMOTE_USER'])) { 79 if($this->wallabag->store->userExists($_SERVER['REMOTE_USER'])) {
89 $this->wallabag->login($this->referer); 80 $this->wallabag->login($this->referer);