OSDN Git Service

added NP_0TicketForPlugin code
[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / libs / globalfunctions.php
index d0c2d81..98598a5 100755 (executable)
@@ -13,8 +13,8 @@
 /**
  * @license http://nucleuscms.org/license.txt GNU General Public License
  * @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: globalfunctions.php,v 1.12 2007-02-04 06:28:46 kimitake Exp $
- * $NucleusJP: globalfunctions.php,v 1.11 2007/02/03 06:03:57 kimitake Exp $
+ * @version $Id: globalfunctions.php,v 1.13 2007-02-06 09:00:24 kimitake Exp $
+ * $NucleusJP: globalfunctions.php,v 1.12 2007/02/04 06:28:46 kimitake Exp $
  */
 
 // needed if we include globalfunctions from install.php
@@ -238,6 +238,7 @@ Backed out for now: See http://forum.nucleuscms.org/viewtopic.php?t=3684 for det
 }
 
 // login completed
+ticketForPlugin();
 $manager->notify('PostAuthentication', array('loggedIn' => $member->isLoggedIn() ) );
 
 // first, let's see if the site is disabled or not. always allow admin area access.
@@ -1488,6 +1489,140 @@ function sanitizeParams()
 }
 
 /** 
+ * Check ticket when not checked in plugin's admin page
+ * to avoid CSRF.
+ * Also avoid the access to plugin/index.php by guest user.
+ */
+function ticketForPlugin(){
+       global $CONF,$DIR_PLUGINS,$member,$ticketforplugin;
+       
+       /* initialize */
+       $ticketforplugin=array();
+       $ticketforplugin['ticket']=false;
+       
+       /* Check if using plugin's php file. */
+       if ($p_translated=serverVar('PATH_TRANSLATED')) {
+               if (!file_exists($p_translated)) $p_translated='';
+       }
+       if (!$p_translated) {
+               $p_translated=serverVar('SCRIPT_FILENAME');
+               if (!file_exists($p_translated)) {
+                       header("HTTP/1.0 404 Not Found");
+                       exit('');
+               }
+       }
+       $p_translated=str_replace('\\','/',$p_translated);
+       $d_plugins=str_replace('\\','/',$DIR_PLUGINS);
+       if (strpos($p_translated,$d_plugins)!==0) return;// This isn't plugin php file.
+       
+       /* Solve the plugin php file or admin directory */
+       $phppath=substr($p_translated,strlen($d_plugins));
+       $phppath=preg_replace('!^/!','',$phppath);// Remove the first "/" if exists.
+       $path=preg_replace('/^NP_([.]*)\.php$/','$1',$phppath); // Remove the first "NP_" and the last ".php" if exists.
+       $path=preg_replace('!^([^/]*)/(.*)$!','$1',$path); // Remove the "/" and beyond.
+       
+       /* Solve the plugin name. */
+       $plugins=array();
+       $query='SELECT pfile FROM '.sql_table('plugin');
+       $res=sql_query($query);
+       while($row=mysql_fetch_row($res)) {
+               $name=substr($row[0],3);
+               $plugins[strtolower($name)]=$name;
+       }
+       mysql_free_result($res);
+       if ($plugins[$path]) $plugin_name=$plugins[$path];
+       else if (array_key_exists($path,$plugins)) $plugin_name=$path;
+       else {
+               header("HTTP/1.0 404 Not Found");
+               exit('');
+       }
+       
+       /* Return if not index.php */
+       if ( $phppath!=strtolower($plugin_name).'/'
+               && $phppath!=strtolower($plugin_name).'/index.php' ) return;
+       
+       /* Exit if not logged in. */
+       if ( !$member->isLoggedIn() ) exit("You aren't logged in.");
+       
+       global $manager,$DIR_LIBS,$DIR_LANG,$HTTP_GET_VARS,$HTTP_POST_VARS;
+       
+       /* Check if this feature is needed (ie, if "$manager->checkTicket()" is not included in the script). */
+       if (!($p_translated=serverVar('PATH_TRANSLATED'))) $p_translated=serverVar('SCRIPT_FILENAME');
+       if ($file=@file($p_translated)) {
+               $prevline='';
+               foreach($file as $line) {
+                       if (preg_match('/[\$]manager([\s]*)[\-]>([\s]*)checkTicket([\s]*)[\(]/i',$prevline.$line)) return;
+                       $prevline=$line;
+               }
+       }
+       
+       /* Show a form if not valid ticket */
+       if ( ( strstr(serverVar('REQUEST_URI'),'?') || serverVar('QUERY_STRING')
+                       || strtoupper(serverVar('REQUEST_METHOD'))=='POST' )
+                               && (!$manager->checkTicket()) ){
+               if (!class_exists('PluginAdmin')) {
+                       $language = getLanguageName();
+                       include($DIR_LANG . ereg_replace( '[\\|/]', '', $language) . '.php');
+                       include($DIR_LIBS . 'PLUGINADMIN.php');
+               }
+               $oPluginAdmin = new PluginAdmin($plugin_name);
+               $oPluginAdmin->start();
+               echo '<p>' . _ERROR_BADTICKET . "</p>\n";
+               
+               /* Show the form to confirm action */
+               // PHP 4.0.x support
+               $get=  (isset($_GET))  ? $_GET  : $HTTP_GET_VARS;
+               $post= (isset($_POST)) ? $_POST : $HTTP_POST_VARS;
+               // Resolve URI and QUERY_STRING
+               if ($uri=serverVar('REQUEST_URI')) {
+                       list($uri,$qstring)=explode('?',$uri);
+               } else {
+                       if ( !($uri=serverVar('PHP_SELF')) ) $uri=serverVar('SCRIPT_NAME');
+                       $qstring=serverVar('QUERY_STRING');
+               }
+               if ($qstring) $qstring='?'.$qstring;
+               echo '<p>'._SETTINGS_UPDATE.' : '._QMENU_PLUGINS.' <span style="color:red;">'.
+                       htmlspecialchars($plugin_name)."</span> ?</p>\n";
+               switch(strtoupper(serverVar('REQUEST_METHOD'))){
+               case 'POST':
+                       echo '<form method="POST" action="'.htmlspecialchars($uri.$qstring).'">';
+                       $manager->addTicketHidden();
+                       _addInputTags($post);
+                       break;
+               case 'GET':
+                       echo '<form method="GET" action="'.htmlspecialchars($uri).'">';
+                       $manager->addTicketHidden();
+                       _addInputTags($get);
+               default:
+                       break;
+               }
+               echo '<input type="submit" value="'._YES.'" />&nbsp;&nbsp;&nbsp;&nbsp;';
+               echo '<input type="button" value="'._NO.'" onclick="history.back(); return false;" />';
+               echo "</form>\n";
+               
+               $oPluginAdmin->end();
+               exit;
+       }
+       
+       /* Create new ticket */
+       $ticket=$manager->addTicketToUrl('');
+       $ticketforplugin['ticket']=substr($ticket,strpos($ticket,'ticket=')+7);
+}
+function _addInputTags(&$keys,$prefix=''){
+       foreach($keys as $key=>$value){
+               if ($prefix) $key=$prefix.'['.$key.']';
+               if (is_array($value)) _addInputTags($value,$key);
+               else {
+                       if (get_magic_quotes_gpc()) $value=stripslashes($value);
+                       if ($key=='ticket') continue;
+                       echo '<input type="hidden" name="'.htmlspecialchars($key).
+                               '" value="'.htmlspecialchars($value).'" />'."\n";
+               }
+       }
+}
+
+/** 
  * Convert the server string such as $_SERVER['REQUEST_URI']
  * to arry like arry['blogid']=1 and array['page']=2 etc.
  */