From: Roland Häder Date: Sun, 14 Feb 2010 12:55:45 +0000 (+0000) Subject: Rewrites on security functions (do not call them for your own) X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=779ff1561e004694c035949ea0b5c4b7a69a47f1 Rewrites on security functions (do not call them for your own) --- diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php index a3b5af0dd2..c7cc26c7fa 100644 --- a/inc/db/lib-mysql3.php +++ b/inc/db/lib-mysql3.php @@ -225,7 +225,7 @@ function SQL_CONNECT ($host, $login, $password, $F, $L) { SQL_SET_LINK($connect); // Destroy cache - unset($GLOBALS['sql_link_res']); + unset($GLOBALS['is_sql_link_up']); } // SQL select database @@ -252,7 +252,7 @@ function SQL_CLOSE ($F, $L) { SQL_SET_LINK(null); // Destroy cache - unset($GLOBALS['sql_link_res']); + unset($GLOBALS['is_sql_link_up']); // Return the result return $close; @@ -530,15 +530,15 @@ function SQL_IS_LINK_UP () { $linkUp = false; // Do we have cached this? - if (isset($GLOBALS['sql_link_res'])) { + if (isset($GLOBALS['is_sql_link_up'])) { // Then use this - $linkUp = $GLOBALS['sql_link_res']; + $linkUp = $GLOBALS['is_sql_link_up']; } else { // Get it $linkUp = is_resource(SQL_GET_LINK()); // And cache it - $GLOBALS['sql_link_res'] = $linkUp; + $GLOBALS['is_sql_link_up'] = $linkUp; } // Return the result diff --git a/inc/libs/security_functions.php b/inc/libs/security_functions.php index 1d1327364d..da415b965f 100644 --- a/inc/libs/security_functions.php +++ b/inc/libs/security_functions.php @@ -37,7 +37,7 @@ * MA 02110-1301 USA * ************************************************************************/ -// Run only once this security check/exchange +// Run only once this security check/replacement if (defined('__SECURITY')) return; // Some security stuff... @@ -69,6 +69,68 @@ function secureString ($str, $strip = true, $encode = false) { return $str; } +/** + * Secures $_SERVER['PHP_SELF'] against attacks + * + * @return void + */ +function securePhpSelf () { + // Did it run before? + if (isset($GLOBALS['php_self_secured'])) { + // Please do not call this twice! + die('PHP_SELF is already secured. Please do not call ' . __FUNCTION__ . ' for your self.'); + } // END - if + + // Secure the string + $_SERVER['PHP_SELF'] = secureString($_SERVER['PHP_SELF']); + + // Split it up into path and filename + $phpSelfDirectory = dirname($_SERVER['PHP_SELF']); + $phpSelfFile = basename($_SERVER['PHP_SELF']); + + // Check for a .php inside the $phpSelfDirectory... + while (ereg('.php', $phpSelfDirectory)) { + // Correct the dirname + $phpSelfDirectory = substr($phpSelfDirectory, 0, (strpos($phpSelfDirectory, '.php') + 4)); + // Rewrite filename... + $phpSelfFile = basename($phpSelfDirectory); + // ... and dirname + $phpSelfDirectory = dirname($phpSelfDirectory); + } // END - while + + // Put both together again and let's pray it is secured now... + $_SERVER['PHP_SELF'] = $phpSelfDirectory . '/' . $phpSelfFile; + + // Did run... + $GLOBALS['php_self_secured'] = true; + + // Remove uneccessary variables + unset($phpSelfDirectory); + unset($phpSelfFile); +} + +/** + * Detects caching in PHP + * + * @return void + */ +function detectPhpCaching () { + // Activate caching or transparent compressing when it is not already done + if (phpversion() >= '4.0.4pl1' && (strstr(getenv('HTTP_USER_AGENT'),'compatible') || (strstr(getenv('HTTP_USER_AGENT'), 'Mozilla')))) { + if ((extension_loaded('zlib')) && (function_exists('ob_start'))) { + // Start caching + $GLOBALS['php_caching'] = 'on'; + ob_start(); + } else { + // Extension not loaded or required function is missing + $GLOBALS['php_caching'] = '404'; + } + } else { + // Old PHP version + $GLOBALS['php_caching'] = 'old'; + } +} + // Runtime/GPC quoting is off now... set_magic_quotes_runtime(false); ini_set('magic_quotes_gpc', false); // This may not work on some systems @@ -149,44 +211,11 @@ if (is_array($_GET)) { } // END - foreach } // END - if -// Activate caching or transparent compressing when it is not already done -if (phpversion() >= '4.0.4pl1' && (strstr(getenv('HTTP_USER_AGENT'),'compatible') || (strstr(getenv('HTTP_USER_AGENT'), 'Mozilla')))) { - if ((extension_loaded('zlib')) && (function_exists('ob_start'))) { - // Start caching - $GLOBALS['php_caching'] = 'on'; - ob_start(); - } else { - // Extension not loaded or required function is missing - $GLOBALS['php_caching'] = '404'; - } -} else { - // Old PHP version - $GLOBALS['php_caching'] = 'old'; -} +// Detect PHP caching +detectPhpCaching(); // At last secure the $_SERVER['PHP_SELF'] element -$_SERVER['PHP_SELF'] = secureString($_SERVER['PHP_SELF']); - -// Split it up into path and filename -$phpSelfDirectory = dirname($_SERVER['PHP_SELF']); -$phpSelfFile = basename($_SERVER['PHP_SELF']); - -// Check for a .php inside the $phpSelfDirectory... -while (ereg('.php', $phpSelfDirectory)) { - // Correct the dirname - $phpSelfDirectory = substr($phpSelfDirectory, 0, (strpos($phpSelfDirectory, '.php') + 4)); - // Rewrite filename... - $phpSelfFile = basename($phpSelfDirectory); - // ... and dirname - $phpSelfDirectory = dirname($phpSelfDirectory); -} // END - while - -// Put both together again and let's pray it is secured now... -$_SERVER['PHP_SELF'] = $phpSelfDirectory . '/' . $phpSelfFile; - -// Remove uneccessary variables -unset($phpSelfDirectory); -unset($phpSelfFile); +securePhpSelf(); // Security system loaded... define('__SECURITY', 1);