diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2007-08-29 22:15:38 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2007-08-29 22:15:38 +0200 |
| commit | 634d7150e59d03e4a4987164bfe9948fb8828c70 (patch) | |
| tree | 93357ea3c0c54840cf5ef040ecbc75ddbb3a5b66 /lib/plugins/usermanager/admin.php | |
| parent | 0e1a261ed103bc8f11934d76ec8c7ec412f02220 (diff) | |
| download | rpg-634d7150e59d03e4a4987164bfe9948fb8828c70.tar.gz rpg-634d7150e59d03e4a4987164bfe9948fb8828c70.tar.bz2 | |
CSRF prevention for admin plugins
This patch adds a session based token to all form in the default action plugins.
The validity of the token is checked before any administrative function is
executed aiming to protect DokuWiki's admin functions from Cross-site request
forgery (CSRF) attacks.
Another patch will follow to add the same functionality on other, less critical
functions.
More details on CSRF attacks can be found at
http://en.wikipedia.org/wiki/Cross-site_request_forgery
darcs-hash:20070829201538-7ad00-d0770224a3351fd8e38968e3a9d8e73520482445.gz
Diffstat (limited to 'lib/plugins/usermanager/admin.php')
| -rw-r--r-- | lib/plugins/usermanager/admin.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php index 4d9288116..b32e8daf6 100644 --- a/lib/plugins/usermanager/admin.php +++ b/lib/plugins/usermanager/admin.php @@ -170,6 +170,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { ptln("<p>".sprintf($this->lang['nonefound'],$this->_auth->getUserCount())."</p>"); } ptln("<form action=\"".wl($ID)."\" method=\"post\">"); + formSecurityToken(); ptln(" <table class=\"inline\">"); ptln(" <thead>"); ptln(" <tr>"); @@ -268,6 +269,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { } ptln("<form action=\"".wl($ID)."\" method=\"post\">",$indent); + formSecurityToken(); ptln(" <table class=\"inline\">",$indent); ptln(" <thead>",$indent); ptln(" <tr><th>".$this->lang["field"]."</th><th>".$this->lang["value"]."</th></tr>",$indent); @@ -334,7 +336,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { } function _addUser(){ - + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('addUser')) return false; list($user,$pass,$name,$mail,$grps) = $this->_retrieveUser(); @@ -362,7 +364,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Delete user */ function _deleteUser(){ - + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('delUser')) return false; $selected = $_REQUEST['delete']; @@ -386,6 +388,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Edit user (a user has been selected for editing) */ function _editUser($param) { + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('UserMod')) return false; $user = cleanID(preg_replace('/.*:/','',$param)); @@ -407,6 +410,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Modify user (modified user data has been recieved) */ function _modifyUser(){ + if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('UserMod')) return false; // get currently valid user data |