]> andersk Git - sql-web.git/blobdiff - main.php
andersk / sql-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix CSRF vulnerabilities
[sql-web.git] / main.php
diff --git a/main.php b/main.php
index 8d60aec421b523e70044a6fbdf3273941dde5622..b4935afc990c2eea56302ad1bae70b25dfc48356 100644 (file)
--- a/main.php
+++ b/main.php
@@ -1,4 +1,7 @@
 <?php
+/*
+       (c) 2005 Joe Presbrey
+*/
 
 require_once('mitsql.cfg.php');
 require_once('mitsql.lib.php');
@@ -6,19 +9,33 @@ require_once('proc.lib.php');
 
 if (!isLoggedIn()) redirect('index');
 
+if(!isset($_SESSION['csrf_token']))
+{
+       $n = rand(10e16, 10e20);
+       $_SESSION['csrf_token'] = base_convert($n, 10, 36);
+}
+
 $err1 = $msg1 = array();
 
 $User = new User($Login->getUserID());
 
 if (isPost()) {
-       if (isset($i_newdb)) {
-               list($msg1, $err1) = proc::newdb($User, $i_newdb);
-       }
-       if (isset($i_drop)) {
-               list($msg1, $err1) = proc::drop($User, $i_drop);
+       if($_SESSION['csrf_token'] != $_POST['csrf_token'])
+       {
+               $err1[] = "CSRF token incorrect or not found. Try submitting again.";
+       } else {
+               if (isset($i_newdb)) {
+                       list($msg1, $err1) = proc::newdb($User, $i_newdb);
+               }
+               if (isset($i_drop)) {
+                       list($msg1, $err1) = proc::drop($User, $i_drop);
+               }
        }
-       if (!count($err1))
-               $User->refresh();
+}
+
+if (!count($err1)) {//&& !isset($i_r))
+       checkQuotas($Login->getUserID());
+       $User->refresh();
 }
 
 $myDBs = $User->getDBList();
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.128187 seconds and 4 git commands to generate.