Added csrf protection
This commit is contained in:
Lukas Metzger
parent
9b31f83f6d
commit
f628e147cd
|
|
@ -97,7 +97,7 @@ limitations under the License.
|
|||
</row>
|
||||
|
||||
</div>
|
||||
|
||||
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
|
|
|||
|
|
@ -23,6 +23,11 @@ require_once '../lib/soa-mail.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -22,6 +22,11 @@ require_once '../lib/session.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "getDomains") {
|
||||
|
||||
$sql = "
|
||||
|
|
|
|||
|
|
@ -24,6 +24,11 @@ require_once '../lib/update-serial.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
//Permission check
|
||||
if(isset($input->domain)) {
|
||||
$permquery = $db->prepare("SELECT * FROM permissions WHERE user=? AND domain=?");
|
||||
|
|
|
|||
|
|
@ -22,6 +22,11 @@ require_once '../lib/session.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -38,8 +38,10 @@ if (password_verify($input->password, $password)) {
|
|||
|
||||
$randomSecret = base64_encode(openssl_random_pseudo_bytes(32));
|
||||
$_SESSION['secret'] = $randomSecret;
|
||||
|
||||
setcookie("authSecret", $randomSecret, 0, "/", "", false, true);
|
||||
|
||||
$csrfToken = base64_encode(openssl_random_pseudo_bytes(32));
|
||||
$_SESSION['csrfToken'] = $csrfToken;
|
||||
} else {
|
||||
$retval['status'] = "fail";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,11 @@ if(file_exists("../config/config-user.php")) {
|
|||
//Get input
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
//Database command
|
||||
$sql = "
|
||||
CREATE TABLE IF NOT EXISTS domains (
|
||||
|
|
|
|||
|
|
@ -22,6 +22,11 @@ require_once '../lib/session.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "changePassword") {
|
||||
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||
|
||||
|
|
|
|||
|
|
@ -22,6 +22,11 @@ require_once '../lib/session.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
}
|
||||
|
||||
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
|
||||
echo "Permission denied!";
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -101,5 +101,6 @@ limitations under the License.
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
|
|
@ -160,6 +160,7 @@ limitations under the License.
|
|||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
|
|
@ -100,6 +100,7 @@ limitations under the License.
|
|||
</row>
|
||||
|
||||
</div>
|
||||
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
|
|
@ -62,7 +62,8 @@ function saveData(callback) {
|
|||
retry: $('#zone-retry').val(),
|
||||
expire: $('#zone-expire').val(),
|
||||
ttl: $('#zone-ttl').val(),
|
||||
action: "addDomain"
|
||||
action: "addDomain",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -54,7 +54,9 @@ $(document).ready(function() {
|
|||
});
|
||||
|
||||
function requestData() {
|
||||
var restrictions = {};
|
||||
var restrictions = {
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
restrictions.sort = sort;
|
||||
|
||||
|
|
@ -128,7 +130,8 @@ function deleteDomain() {
|
|||
function deleteDomainWithId(id, callback) {
|
||||
var data = {
|
||||
action: "deleteDomain",
|
||||
id: id
|
||||
id: id,
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -124,7 +124,9 @@ function recreateTable(data) {
|
|||
}
|
||||
|
||||
function requestRecordData() {
|
||||
var restrictions = {};
|
||||
var restrictions = {
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
restrictions.sort = sort;
|
||||
|
||||
|
|
@ -159,7 +161,8 @@ function requestRecordData() {
|
|||
|
||||
function requestSoaData() {
|
||||
var data = {
|
||||
action: "getSoa"
|
||||
action: "getSoa",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
data.domain = location.hash.substring(1);
|
||||
|
|
@ -181,7 +184,8 @@ function requestSoaData() {
|
|||
|
||||
function requestSerial() {
|
||||
var data = {
|
||||
action: "getSerial"
|
||||
action: "getSerial",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
data.domain = location.hash.substring(1);
|
||||
|
|
@ -198,7 +202,8 @@ function requestSerial() {
|
|||
|
||||
function saveSoaData() {
|
||||
var data = {
|
||||
action: "saveSoa"
|
||||
action: "saveSoa",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
data.domain = location.hash.substring(1);
|
||||
|
|
@ -268,7 +273,8 @@ function saveRecord() {
|
|||
prio: tableRow.children('td').eq(4).children('input').val(),
|
||||
ttl: tableRow.children('td').eq(5).children('input').val(),
|
||||
action: "saveRecord",
|
||||
domain: location.hash.substring(1)
|
||||
domain: location.hash.substring(1),
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
tableRow.children('td').eq(0).empty().text(data.id);
|
||||
|
|
@ -309,7 +315,8 @@ function addRecord() {
|
|||
prio: $('#addPrio').val(),
|
||||
ttl: $('#addTtl').val(),
|
||||
action: "addRecord",
|
||||
domain: location.hash.substring(1)
|
||||
domain: location.hash.substring(1),
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
@ -344,7 +351,8 @@ function trashClicked() {
|
|||
var data = {
|
||||
id: $(this).parent().parent().children().eq(0).text(),
|
||||
domain: location.hash.substring(1),
|
||||
action: "removeRecord"
|
||||
action: "removeRecord",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
var lineAffected = $(this).parent().parent();
|
||||
|
|
@ -363,7 +371,8 @@ function trashClicked() {
|
|||
function requestDomainName() {
|
||||
var data = {
|
||||
action: "getDomainName",
|
||||
domain: location.hash.substring(1)
|
||||
domain: location.hash.substring(1),
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -111,7 +111,8 @@ function addUser() {
|
|||
name: $('#user-name').val(),
|
||||
password: $('#user-password').val(),
|
||||
type: $('#user-type').val(),
|
||||
action: "addUser"
|
||||
action: "addUser",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
@ -128,7 +129,8 @@ function addUser() {
|
|||
function getUserData() {
|
||||
var data = {
|
||||
id: location.hash.substring(1),
|
||||
action: "getUserData"
|
||||
action: "getUserData",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
@ -147,7 +149,8 @@ function saveUserChanges() {
|
|||
id: location.hash.substring(1),
|
||||
name: $('#user-name').val(),
|
||||
type: $('#user-type').val(),
|
||||
action: "saveUserChanges"
|
||||
action: "saveUserChanges",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
if($('#user-password').val().length > 0) {
|
||||
|
|
@ -165,7 +168,8 @@ function saveUserChanges() {
|
|||
function requestPermissions() {
|
||||
var data = {
|
||||
id: location.hash.substring(1),
|
||||
action: "getPermissions"
|
||||
action: "getPermissions",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
@ -195,7 +199,8 @@ function removePermission() {
|
|||
var data = {
|
||||
domainId: $(this).parent().parent().data("id"),
|
||||
userId: location.hash.substring(1),
|
||||
action: "removePermission"
|
||||
action: "removePermission",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
var lineToRemove = $(this).parent().parent();
|
||||
|
|
@ -214,7 +219,8 @@ function addPermissions() {
|
|||
var data = {
|
||||
action: "addPermissions",
|
||||
userId: location.hash.substring(1),
|
||||
domains: $('#permissions select#selectAdd').val()
|
||||
domains: $('#permissions select#selectAdd').val(),
|
||||
csrfToken: $('#csrfToken').text()
|
||||
}
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -46,7 +46,8 @@ function savePassword() {
|
|||
|
||||
var data = {
|
||||
password: $('#user-password').val(),
|
||||
action: "changePassword"
|
||||
action: "changePassword",
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -54,7 +54,9 @@ $(document).ready(function() {
|
|||
});
|
||||
|
||||
function requestData() {
|
||||
var restrictions = {};
|
||||
var restrictions = {
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
restrictions.sort = sort;
|
||||
|
||||
|
|
@ -123,7 +125,8 @@ function deleteDomain() {
|
|||
function deleteUserWithId(id, callback) {
|
||||
var data = {
|
||||
action: "deleteUser",
|
||||
id: id
|
||||
id: id,
|
||||
csrfToken: $('#csrfToken').text()
|
||||
};
|
||||
|
||||
$.post(
|
||||
|
|
|
|||
|
|
@ -74,6 +74,7 @@ limitations under the License.
|
|||
</row>
|
||||
|
||||
</div>
|
||||
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Loading…
Reference in a new issue