Fix a serious security issue.
This commit is contained in:
parent
47496a93e1
commit
e67379dd68
|
|
@ -85,7 +85,7 @@ $html .= "\t\t\t\t<p>This is where you can change account options.</p>\n";
|
|||
if ($allowPasswordChange || $IsCurrentUser) {
|
||||
$html .= "\t\t\t\t<h2>Change password</h2>\n";
|
||||
$html .= "\t\t\t\t\t<p>If you need to change your password, you can do so here:</p>\n";
|
||||
$html .= "\t\t\t\t\t<form action=\"change.php\" method=\"post\" class=\"changePass\">\n";
|
||||
$html .= "\t\t\t\t\t<form method=\"POST\" action=\"change.php\" method=\"post\" class=\"changePass\">\n";
|
||||
|
||||
if ($IsCurrentUser) {
|
||||
$html .= "\t\t\t\t\t\t<label for=\"curpass\">Current password</label>\n";
|
||||
|
|
@ -116,7 +116,7 @@ if ($allowPasswordChange || $IsCurrentUser) {
|
|||
if ($allowUsernameChange || !$IsCurrentUser) {
|
||||
$html .= "\t\t\t\t<h2>Change username</h2>\n";
|
||||
$html .= "\t\t\t\t\t<p>If you need to change your username, you can do so here:</p>\n";
|
||||
$html .= "\t\t\t\t\t<form action=\"change.php\" method=\"post\" class=\"changeUser\">\n";
|
||||
$html .= "\t\t\t\t\t<form method=\"POST\" action=\"change.php\" method=\"post\" class=\"changeUser\">\n";
|
||||
|
||||
if ($IsCurrentUser) {
|
||||
$html .= "\t\t\t\t\t\t<label for=\"curusername\">Current username</label>\n";
|
||||
|
|
@ -147,7 +147,7 @@ if (!$IsCurrentUser) {
|
|||
$html .= "\t\t\t\t<h2>Administrator: Change type</h2>\n";
|
||||
$html .= "\t\t\t\t\t<p>If you need to change the type, you can do so here:</p>\n";
|
||||
|
||||
$html .= "\t\t\t\t\t<form action=\"change.php\" method=\"post\" class=\"changeType\">\n";
|
||||
$html .= "\t\t\t\t\t<form method=\"POST\" action=\"change.php\" method=\"post\" class=\"changeType\">\n";
|
||||
$html .= "\t\t\t\t\t\t<label for=\"type\">New type</label>\n";
|
||||
$html .= "\t\t\t\t\t\t<select name=\"type\" required>\n";
|
||||
if ($Primary == 1) $html .= "\t\t\t\t\t\t\t<option value=\"2\">Administrator</option>\n";
|
||||
|
|
@ -162,7 +162,7 @@ if (!$IsCurrentUser) {
|
|||
$html .= "\t\t\t\t<h2>Administrator: Change uploads left</h2>\n";
|
||||
$html .= "\t\t\t\t\t<p>If you need to change the number of uploads left, you can do so here:</p>\n";
|
||||
|
||||
$html .= "\t\t\t\t\t<form action=\"change.php\" method=\"post\" class=\"changeUploads\">\n";
|
||||
$html .= "\t\t\t\t\t<form method=\"POST\" action=\"change.php\" method=\"post\" class=\"changeUploads\">\n";
|
||||
$html .= "\t\t\t\t\t\t<label for=\"uploads\">New uploads</label>\n";
|
||||
$html .= "\t\t\t\t\t\t<input type=\"number\" name=\"uploads\" value=\"1\">\n";
|
||||
$html .= "\t\t\t\t\t\t<label for=\"user\">No limit</label>\n";
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ if ($Action == "files") {
|
|||
|
||||
$html .= "\t\t\t\t</table>\n";
|
||||
} else if ($Action == "create") {
|
||||
$html .= "\t\t\t\t<form class=\"adminCreateForm\" action=\"create.php?redir=admin\" method=\"post\">\n";
|
||||
$html .= "\t\t\t\t<form method=\"POST\" class=\"adminCreateForm\" action=\"create.php?redir=admin\" method=\"post\">\n";
|
||||
$html .= "\t\t\t\t\t<label for=\"type\">User type</label>\n";
|
||||
$html .= "\t\t\t\t\t<select name=\"type\" required>\n";
|
||||
|
||||
|
|
|
|||
2
core.php
2
core.php
|
|
@ -169,7 +169,7 @@ function printFileUploadForm($html, $Error) {
|
|||
|
||||
// print the form
|
||||
if (isset($_SESSION['type']) || ($publicUploading || $publicUploading == "true")) {
|
||||
$html .= "\t\t\t<form action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
|
||||
$html .= "\t\t\t<form method=\"POST\" action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
|
||||
$html .= "\t\t\t\t<input type=\"file\" name=\"file\" id=\"file\">\n";
|
||||
$html .= "\t\t\t\t<input type=\"submit\" value=\"Upload selected file\" id='web' name=\"web\">\n";
|
||||
$html .= "\t\t\t</form>\n";
|
||||
|
|
|
|||
2
file.php
2
file.php
|
|
@ -56,7 +56,7 @@ while ($line = $DatabaseQuery->fetchArray()) {
|
|||
|
||||
$html .= "\t\t\t\t<h2 class=\"fileName\">$BaseFilename</h2>\n";
|
||||
$html .= "\t\t\t\t\t<p>This file was uploaded by $Uploader on $UploadDate</p><br>\n";
|
||||
$html .= "\t\t\t\t<form class=\"fileForm\" action=\"file.php\">\n";
|
||||
$html .= "\t\t\t\t<form method=\"POST\" class=\"fileForm\" action=\"file.php\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"hidden\" name=\"a\" value=\"dl\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"hidden\" name=\"f\" value=\"$ID\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"submit\" value=\"Download '$BaseFilename'\">\n";
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
|
|||
|
||||
$html .= "\t\t\t<h1 id='loginHeader'>Login</h1>\n";
|
||||
$html .= "\t\t\t\t<p>Enter your username and password to continue.</p>\n";
|
||||
$html .= "\t\t\t\t<form action=\"login.php\">\n";
|
||||
$html .= "\t\t\t\t<form method=\"POST\" action=\"login.php\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"text\" name=\"username\" placeholder=\"Username\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"password\" name=\"password\" placeholder=\"Password\">\n";
|
||||
if (isset($Redirect)) $html .= "\t\t\t\t\t<input type=\"hidden\" name=\"redir\" value=\"$Redirect\">\n";
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
|
|||
|
||||
$html .= "\t\t\t<h1 id='registerHeader'>Welcome to $instanceName</h1>\n";
|
||||
$html .= "\t\t\t\t<p>To create an account, enter your desired user name and password.</p>\n";
|
||||
$html .= "\t\t\t\t<form action=\"register.php\">\n";
|
||||
$html .= "\t\t\t\t<form method=\"POST\" action=\"register.php\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"text\" name=\"username\" placeholder=\"Username\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"password\" name=\"password\" placeholder=\"Password\">\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"password\" name=\"cpassword\" placeholder=\"Confirm password\">\n";
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ $html = printHeader($html);
|
|||
$html .= "\t\t\t<h1>Welcome</h1>\n";
|
||||
$html .= "\t\t\t\t<p>Before curload can be used, a primary administrator user must be created.</p>\n";
|
||||
|
||||
$html .= "\t\t\t\t<form class=\"adminCreateForm\" action=\"create.php?redir=setup\" method=\"post\">\n";
|
||||
$html .= "\t\t\t\t<form method=\"POST\" class=\"adminCreateForm\" action=\"create.php?redir=setup\" method=\"post\">\n";
|
||||
$html .= "\t\t\t\t\t<label for=\"username\">Username</label>\n";
|
||||
$html .= "\t\t\t\t\t<input type=\"text\" name=\"username\" placeholder=\"Username\">\n";
|
||||
$html .= "\t\t\t\t\t<label for=\"password\">Password</label>\n";
|
||||
|
|
|
|||
Loading…
Reference in a new issue