PageRenderTime 44ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/MantisBT/core/form_api.php

https://bitbucket.org/crypticrod/sr_wp_code
PHP | 203 lines | 87 code | 37 blank | 79 comment | 33 complexity | 41bf04892699d1fd3047ac7f8a625711 MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, LGPL-2.1, GPL-3.0, LGPL-2.0, AGPL-3.0 
    

  1. <?php
    2. 

  2. # MantisBT - a php based bugtracking system
    3. 

  3. 

  4. # MantisBT is free software: you can redistribute it and/or modify
    5. 

  5. # it under the terms of the GNU General Public License as published by
    6. 

  6. # the Free Software Foundation, either version 2 of the License, or
    7. 

  7. # (at your option) any later version.
    8. 

  8. #
    9. 

  9. # MantisBT is distributed in the hope that it will be useful,
    10. 

  10. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. # GNU General Public License for more details.
    13. 

  13. #
    14. 

  14. # You should have received a copy of the GNU General Public License
    15. 

  15. # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. /**
    18. 

  18.  * Form API for handling tasks necessary to form security and validation.
    19. 

  19.  * Security methods are targetted to work with both GET and POST form types,
    20. 

  20.  * and should allow multiple simultaneous edits of the form to be submitted.
    21. 

  21.  *
    22. 

  22.  * @package CoreAPI
    23. 

  23.  * @subpackage FormAPI
    24. 

  24.  * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
    25. 

  25.  * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
    26. 

  26.  * @link http://www.mantisbt.org
    27. 

  27.  *
    28. 

  28.  * @uses session_api.php
    29. 

  29.  */
    30. 

  30. 

  31. /**
    32. 

  32.  * Helper function to generate a form action value when forms are designed
    33. 

  33.  * to be submitted to the same url that's is currently being used, such as
    34. 

  34.  * helper_ensure_confirmed() or auth_reauthenticate().
    35. 

  35.  * @return string Form action value
    36. 

  36.  */
    37. 

  37. function form_action_self() {
    38. 

  38. 	$t_self = trim( str_replace( "\0", '', $_SERVER['SCRIPT_NAME'] ) );
    39. 

  39. 	return basename( $t_self );
    40. 

  40. }
    41. 

  41. 

  42. /**
    43. 

  43.  * Generate a random security token, prefixed by date, store it in the
    44. 

  44.  * user's session, and then return the string to be used as a form element
    45. 

  45.  * element with the security token as the value.
    46. 

  46.  * @param string Form name
    47. 

  47.  * @return string Security token string
    48. 

  48.  */
    49. 

  49. function form_security_token( $p_form_name ) {
    50. 

  50. 	if ( PHP_CLI == php_mode() || OFF == config_get_global( 'form_security_validation' ) ) {
    51. 

  51. 		return '';
    52. 

  52. 	}
    53. 

  53. 

  54. 	$t_tokens = session_get( 'form_security_tokens', array() );
    55. 

  55. 

  56. 	# Create a new array for the form name if necessary
    57. 

  57. 	if( !isset( $t_tokens[$p_form_name] ) || !is_array( $t_tokens[$p_form_name] ) ) {
    58. 

  58. 		$t_tokens[$p_form_name] = array();
    59. 

  59. 	}
    60. 

  60. 

  61. 	# Generate a random security token prefixed by date.
    62. 

  62. 	# mt_rand() returns an int between 0 and RAND_MAX as extra entropy
    63. 

  63. 	$t_date = date( 'Ymd' );
    64. 

  64. 	$t_string = $t_date . sha1( time() . mt_rand() );
    65. 

  65. 

  66. 	# Add the token to the user's session
    67. 

  67. 	if ( !isset( $t_tokens[$p_form_name][$t_date] ) ) {
    68. 

  68. 		$t_tokens[$p_form_name][$t_date] = array();
    69. 

  69. 	}
    70. 

  70. 

  71. 	$t_tokens[$p_form_name][$t_date][$t_string] = true;
    72. 

  72. 	session_set( 'form_security_tokens', $t_tokens );
    73. 

  73. 

  74. 	# The token string
    75. 

  75. 	return $t_string;
    76. 

  76. }
    77. 

  77. 

  78. /**
    79. 

  79.  * Get a hidden form element containing a generated form security token.
    80. 

  80.  * @param string Form name
    81. 

  81.  * @return string Hidden form element to output
    82. 

  82.  */
    83. 

  83. function form_security_field( $p_form_name ) {
    84. 

  84. 	if ( PHP_CLI == php_mode() || OFF == config_get_global( 'form_security_validation' ) ) {
    85. 

  85. 		return '';
    86. 

  86. 	}
    87. 

  87. 

  88. 	$t_string = form_security_token( $p_form_name );
    89. 

  89. 

  90. 	# Create the form element HTML string for the security token
    91. 

  91. 	$t_form_token = $p_form_name . '_token';
    92. 

  92. 	$t_element = '<input type="hidden" name="%s" value="%s"/>';
    93. 

  93. 	$t_element = sprintf( $t_element, $t_form_token, $t_string );
    94. 

  94. 

  95. 	return $t_element;
    96. 

  96. }
    97. 

  97. 

  98. /**
    99. 

  99.  * Get a URL parameter containing a generated form security token.
    100. 

  100.  * @param string Form name
    101. 

  101.  * @return string Hidden form element to output
    102. 

  102.  */
    103. 

  103. function form_security_param( $p_form_name ) {
    104. 

  104. 	if ( PHP_CLI == php_mode() || OFF == config_get_global( 'form_security_validation' ) ) {
    105. 

  105. 		return '';
    106. 

  106. 	}
    107. 

  107. 

  108. 	$t_string = form_security_token( $p_form_name );
    109. 

  109. 

  110. 	# Create the GET parameter to be used in a URL for a secure link
    111. 

  111. 	$t_form_token = $p_form_name . '_token';
    112. 

  112. 	$t_param = '&%s=%s';
    113. 

  113. 	$t_param = sprintf( $t_param, $t_form_token, $t_string );
    114. 

  114. 

  115. 	return $t_param;
    116. 

  116. }
    117. 

  117. 

  118. /**
    119. 

  119.  * Validate the security token for the given form name based on tokens
    120. 

  120.  * stored in the user's session.  While checking stored tokens, any that
    121. 

  121.  * are more than 3 days old will be purged.
    122. 

  122.  * @param string Form name
    123. 

  123.  * @return boolean Form is valid
    124. 

  124.  */
    125. 

  125. function form_security_validate( $p_form_name ) {
    126. 

  126. 	if ( PHP_CLI == php_mode() || OFF == config_get_global( 'form_security_validation' ) ) {
    127. 

  127. 		return true;
    128. 

  128. 	}
    129. 

  129. 

  130. 	$t_tokens = session_get( 'form_security_tokens', array() );
    131. 

  131. 

  132. 	# Short-circuit if we don't have any tokens for the given form name
    133. 

  133. 	if( !isset( $t_tokens[$p_form_name] ) || !is_array( $t_tokens[$p_form_name] ) || count( $t_tokens[$p_form_name] ) < 1 ) {
    134. 

  134. 

  135. 		trigger_error( ERROR_FORM_TOKEN_INVALID, ERROR );
    136. 

  136. 		return false;
    137. 

  137. 	}
    138. 

  138. 

  139. 	# Get the form input
    140. 

  140. 	$t_form_token = $p_form_name . '_token';
    141. 

  141. 	$t_input = gpc_get_string( $t_form_token, '' );
    142. 

  142. 

  143. 	# No form input
    144. 

  144. 	if( '' == $t_input ) {
    145. 

  145. 		trigger_error( ERROR_FORM_TOKEN_INVALID, ERROR );
    146. 

  146. 		return false;
    147. 

  147. 	}
    148. 

  148. 

  149. 	# Get the date claimed by the token
    150. 

  150. 	$t_date = utf8_substr( $t_input, 0, 8 );
    151. 

  151. 

  152. 	# Check if the token exists
    153. 

  153. 	if ( isset( $t_tokens[$p_form_name][$t_date][$t_input] ) ) {
    154. 

  154. 		return true;
    155. 

  155. 	}
    156. 

  156. 

  157. 	# Token does not exist
    158. 

  158. 	trigger_error( ERROR_FORM_TOKEN_INVALID, ERROR );
    159. 

  159. 	return false;
    160. 

  160. }
    161. 

  161. 

  162. /**
    163. 

  163.  * Purge form security tokens that are older than 3 days, or used
    164. 

  164.  * for form validation.
    165. 

  165.  * @param string Form name
    166. 

  166.  */
    167. 

  167. function form_security_purge( $p_form_name ) {
    168. 

  168. 	if ( PHP_CLI == php_mode() || OFF == config_get_global( 'form_security_validation' ) ) {
    169. 

  169. 		return;
    170. 

  170. 	}
    171. 

  171. 

  172. 	$t_tokens = session_get( 'form_security_tokens', array() );
    173. 

  173. 

  174. 	# Short-circuit if we don't have any tokens for the given form name
    175. 

  175. 	if( !isset( $t_tokens[$p_form_name] ) || !is_array( $t_tokens[$p_form_name] ) || count( $t_tokens[$p_form_name] ) < 1 ) {
    176. 

  176. 		return;
    177. 

  177. 	}
    178. 

  178. 

  179. 	# Get the form input
    180. 

  180. 	$t_form_token = $p_form_name . '_token';
    181. 

  181. 	$t_input = gpc_get_string( $t_form_token, '' );
    182. 

  182. 

  183. 	# Get the date claimed by the token
    184. 

  184. 	$t_date = utf8_substr( $t_input, 0, 8 );
    185. 

  185. 

  186. 	# Generate a date string of three days ago
    187. 

  187. 	$t_purge_date = date( 'Ymd', time() - ( 3 * 24 * 60 * 60 ) );
    188. 

  188. 

  189. 	# Purge old token data, and the currently-used token
    190. 

  190. 	unset( $t_tokens[$p_form_name][$t_date][$t_input] );
    191. 

  191. 

  192. 	foreach( $t_tokens as $t_form_name => $t_dates ) {
    193. 

  193. 		foreach( $t_dates as $t_date => $t_date_tokens ) {
    194. 

  194. 			if ( $t_date < $t_purge_date ) {
    195. 

  195. 				unset( $t_tokens[$t_form_name][$t_date] );
    196. 

  196. 			}
    197. 

  197. 		}
    198. 

  198. 	}
    199. 

  199. 

  200. 	session_set( 'form_security_tokens', $t_tokens );
    201. 

  201. 

  202. 	return;
    203. 

  203. }
    204. 

  204.