[PATCH 1/2] Fix invalid session ID check
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org> --- web/lib/aur.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index dbcc23a..f4ad6b4 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -50,7 +50,7 @@ function check_sid() { $result = $dbh->query($q); $row = $result->fetch(PDO::FETCH_NUM); - if (!$row[0]) { + if (!$row) { # Invalid SessionID - hacker alert! # $failed = 1; -- 2.26.0
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org> --- web/html/account.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/web/html/account.php b/web/html/account.php index c05d136..d70f4ce 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -25,7 +25,7 @@ if ($action == "UpdateAccount") { $update_account_message = ''; /* Details for account being updated */ /* Verify user permissions and that the request is a valid POST */ - if (can_edit_account($row) && check_token()) { + if ($row && can_edit_account($row) && check_token()) { /* Update the details for the existing account */ list($success, $update_account_message) = process_account_form( "edit", "UpdateAccount", @@ -55,7 +55,7 @@ if ($action == "UpdateAccount") { } } -if ($action == "AccountInfo") { +if ($row && $action == "AccountInfo") { html_header(__('Account') . ' ' . $row['Username']); } else { html_header(__('Accounts')); @@ -122,7 +122,7 @@ if (isset($_COOKIE["AURSID"])) { } elseif ($action == "DeleteAccount") { /* Details for account being deleted. */ - if (can_edit_account($row)) { + if ($row && can_edit_account($row)) { $uid_removal = $row['ID']; $uid_session = uid_from_sid($_COOKIE['AURSID']); $username = $row['Username']; @@ -155,7 +155,7 @@ if (isset($_COOKIE["AURSID"])) { } elseif ($action == "UpdateAccount") { print $update_account_message; - if (!$success) { + if ($row && !$success) { display_account_form("UpdateAccount", in_request("U"), in_request("T"), @@ -181,7 +181,7 @@ if (isset($_COOKIE["AURSID"])) { } } elseif ($action == "ListComments") { - if (has_credential(CRED_ACCOUNT_LIST_COMMENTS, array($row["ID"]))) { + if ($row && has_credential(CRED_ACCOUNT_LIST_COMMENTS, array($row["ID"]))) { # display the comment list if they're a TU/dev $total_comment_count = account_comments_count($row["ID"]); -- 2.26.0
participants (1)
-
Lukas Fleischer