diff options
| author | Dries Buytaert <dries@buytaert.net> | 2003-06-06 21:37:11 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2003-06-06 21:37:11 +0000 |
| commit | aa38097c07def6d31481dfeeb2bcba520d323b2d (patch) | |
| tree | d3c3d07dbd2886af2d38b1a4d175be32b4d0219c | |
| parent | 47ba929ce28e5bbc1d1aa3961da8bb08a8cb11f3 (diff) | |
| download | brdo-aa38097c07def6d31481dfeeb2bcba520d323b2d.tar.gz brdo-aa38097c07def6d31481dfeeb2bcba520d323b2d.tar.bz2 | |
- Dropped check_input(); use check_query() instead.
- Made the statistics module use referer_uri() for security's sake.
| -rw-r--r-- | includes/common.inc | 4 | ||||
| -rw-r--r-- | modules/statistics.module | 10 | ||||
| -rw-r--r-- | modules/statistics/statistics.module | 10 | ||||
| -rw-r--r-- | modules/user.module | 2 | ||||
| -rw-r--r-- | modules/user/user.module | 2 | ||||
| -rw-r--r-- | modules/watchdog.module | 2 | ||||
| -rw-r--r-- | modules/watchdog/watchdog.module | 2 | ||||
| -rw-r--r-- | scripts/code-style.pl | 10 |
8 files changed, 24 insertions, 18 deletions
diff --git a/includes/common.inc b/includes/common.inc index 963187096..9909da1a2 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -496,10 +496,6 @@ function check_query($text) { return addslashes($text); } -function check_input($text) { - return addslashes($text); -} - function filter($text) { $modules = module_list(); diff --git a/modules/statistics.module b/modules/statistics.module index 3b8d7d8ca..294b67135 100644 --- a/modules/statistics.module +++ b/modules/statistics.module @@ -53,7 +53,7 @@ function statistics_exit() { if ((variable_get("statistics_enable_access_log", 0)) && (throttle_status() < 5)) { // statistical logs are enabled - $referrer = getenv("HTTP_REFERER"); + $referrer = referer_uri(); $hostname = getenv("REMOTE_ADDR"); // log this page access if ((arg(0) == "node") && (arg(1) == "view") && arg(2)) { @@ -333,11 +333,11 @@ function statistics_recent_refer() { $query = "SELECT url,timestamp FROM accesslog WHERE url <> '' ORDER BY timestamp DESC"; } elseif ($view == "internal") { - $query = "SELECT url,timestamp FROM accesslog WHERE url LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' ORDER BY timestamp DESC"; + $query = "SELECT url,timestamp FROM accesslog WHERE url LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' ORDER BY timestamp DESC"; $describe = "internal "; } else { - $query = "SELECT url,timestamp FROM accesslog WHERE url NOT LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' AND url <> '' ORDER BY timestamp DESC"; + $query = "SELECT url,timestamp FROM accesslog WHERE url NOT LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' AND url <> '' ORDER BY timestamp DESC"; $describe = "external "; } @@ -363,12 +363,12 @@ function statistics_top_refer() { $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url <> '' GROUP BY url ORDER BY count DESC"; } elseif ($view == "internal") { - $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' GROUP BY url ORDER BY count DESC"; + $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' GROUP BY url ORDER BY count DESC"; $describe = "internal "; } else { /* default to external */ - $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url NOT LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' AND url <> '' GROUP BY url ORDER BY count DESC"; + $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url NOT LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' AND url <> '' GROUP BY url ORDER BY count DESC"; $describe = "external "; } diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module index 3b8d7d8ca..294b67135 100644 --- a/modules/statistics/statistics.module +++ b/modules/statistics/statistics.module @@ -53,7 +53,7 @@ function statistics_exit() { if ((variable_get("statistics_enable_access_log", 0)) && (throttle_status() < 5)) { // statistical logs are enabled - $referrer = getenv("HTTP_REFERER"); + $referrer = referer_uri(); $hostname = getenv("REMOTE_ADDR"); // log this page access if ((arg(0) == "node") && (arg(1) == "view") && arg(2)) { @@ -333,11 +333,11 @@ function statistics_recent_refer() { $query = "SELECT url,timestamp FROM accesslog WHERE url <> '' ORDER BY timestamp DESC"; } elseif ($view == "internal") { - $query = "SELECT url,timestamp FROM accesslog WHERE url LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' ORDER BY timestamp DESC"; + $query = "SELECT url,timestamp FROM accesslog WHERE url LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' ORDER BY timestamp DESC"; $describe = "internal "; } else { - $query = "SELECT url,timestamp FROM accesslog WHERE url NOT LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' AND url <> '' ORDER BY timestamp DESC"; + $query = "SELECT url,timestamp FROM accesslog WHERE url NOT LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' AND url <> '' ORDER BY timestamp DESC"; $describe = "external "; } @@ -363,12 +363,12 @@ function statistics_top_refer() { $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url <> '' GROUP BY url ORDER BY count DESC"; } elseif ($view == "internal") { - $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' GROUP BY url ORDER BY count DESC"; + $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' GROUP BY url ORDER BY count DESC"; $describe = "internal "; } else { /* default to external */ - $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url NOT LIKE '%". check_input($_SERVER["HTTP_HOST"]) ."%' AND url <> '' GROUP BY url ORDER BY count DESC"; + $query = "SELECT url, COUNT(url) AS count FROM accesslog WHERE url NOT LIKE '%". check_query($_SERVER["HTTP_HOST"]) ."%' AND url <> '' GROUP BY url ORDER BY count DESC"; $describe = "external "; } diff --git a/modules/user.module b/modules/user.module index 94fc94ff2..c9e645199 100644 --- a/modules/user.module +++ b/modules/user.module @@ -547,7 +547,7 @@ function user_login($edit = array(), $msg = "") { $server = substr($server, 1); $pass = $edit["pass"]; } - + /* ** When possible, determine corrosponding external auth source. Invoke source, and login user if successful: */ diff --git a/modules/user/user.module b/modules/user/user.module index 94fc94ff2..c9e645199 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -547,7 +547,7 @@ function user_login($edit = array(), $msg = "") { $server = substr($server, 1); $pass = $edit["pass"]; } - + /* ** When possible, determine corrosponding external auth source. Invoke source, and login user if successful: */ diff --git a/modules/watchdog.module b/modules/watchdog.module index 601363e0e..fec7bd867 100644 --- a/modules/watchdog.module +++ b/modules/watchdog.module @@ -96,7 +96,7 @@ function watchdog_admin() { watchdog_help(); break; case "view": - print watchdog_view(check_input(arg(3))); + print watchdog_view(arg(3)); break; default: print watchdog_overview(arg(2)); diff --git a/modules/watchdog/watchdog.module b/modules/watchdog/watchdog.module index 601363e0e..fec7bd867 100644 --- a/modules/watchdog/watchdog.module +++ b/modules/watchdog/watchdog.module @@ -96,7 +96,7 @@ function watchdog_admin() { watchdog_help(); break; case "view": - print watchdog_view(check_input(arg(3))); + print watchdog_view(arg(3)); break; default: print watchdog_overview(arg(2)); diff --git a/scripts/code-style.pl b/scripts/code-style.pl index cc1f159e7..f7d773e54 100644 --- a/scripts/code-style.pl +++ b/scripts/code-style.pl @@ -69,6 +69,16 @@ while (<>) { elsif (/<br>/i) { $msg = "'<br>' -> '<br />'"; } + elsif (/HTTP_REFERER/i) { + $msg = "the use of HTTP_REFERER is prone to XSS exploits; use referer_uri() instead"; + } + elsif (/QUERY_STRING/i) { + $msg = "the use of HTTP_REFERER is prone to XSS exploits; use referer_uri() instead"; + } + elsif (/REQUEST_URI/i) { + $msg = "the use of HTTP_REFERER is prone to XSS exploits and does not work on IIS; use request_uri() instead"; + } + # XHTML compatibility mode suggests a blank before / # i.e. <br /> elsif (/<[a-z][^>]*[^ >]\/>/i) { |