Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
--- a/includes/comment.php Sat May 30 14:46:57 2009 -0400
+++ b/includes/comment.php Sun May 31 23:26:05 2009 -0400
@@ -65,7 +65,7 @@
/**
* Processes a command in JSON format.
- * @param string The JSON-encoded input, probably something sent from the Javascript/AJAX frontend
+ * @param mixed Either the JSON-encoded input string, probably something sent from the Javascript/AJAX frontend, or an equivalent array
*/
function process_json($json)
@@ -73,8 +73,17 @@
global $db, $session, $paths, $template, $plugins; // Common objects
global $lang;
- $data = enano_json_decode($json);
- $data = decode_unicode_array($data);
+ $is_json = !is_array($json);
+
+ if ( $is_json )
+ {
+ $data = enano_json_decode($json);
+ $data = decode_unicode_array($data);
+ }
+ else
+ {
+ $data =& $json;
+ }
if ( !isset($data['mode']) )
{
$ret = Array('mode'=>'error','error'=>'No mode defined!');
@@ -442,7 +451,9 @@
);
break;
}
- echo enano_json_encode($ret);
+ if ( $is_json )
+ echo enano_json_encode($ret);
+
return $ret;
}
--- a/includes/pageutils.php Sat May 30 14:46:57 2009 -0400
+++ b/includes/pageutils.php Sun May 31 23:26:05 2009 -0400
@@ -512,6 +512,7 @@
global $lang;
$pname = $paths->nslist[$namespace] . $page_id;
+ $template->init_vars();
ob_start();
@@ -742,7 +743,8 @@
</div>';
}
} else {
- $_ob .= '<h3>Got something to say?</h3><p>You need to be logged in to post comments. <a href="'.makeUrlNS('Special', 'Login/' . $pname . '%2523comments').'">Log in</a></p>';
+ // FIXME: l10n
+ $_ob .= '<h3>' . $lang->get('comment_postform_title') . '</h3><p>You need to be logged in to post comments. <a href="'.makeUrlNS('Special', 'Login/' . $pname . '%2523comments').'">Log in</a></p>';
}
$list .= '};';
echo 'document.getElementById(\'ajaxEditContainer\').innerHTML = unescape(\''. rawurlencode($_ob) .'\');
--- a/index.php Sat May 30 14:46:57 2009 -0400
+++ b/index.php Sun May 31 23:26:05 2009 -0400
@@ -82,7 +82,7 @@
$page_timestamp = $page->revision_time;
break;
case 'comments':
- $template->header();
+ $output->header();
require_once(ENANO_ROOT.'/includes/pageutils.php');
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
switch($sub)
@@ -100,7 +100,29 @@
) { echo 'Invalid request'; break; }
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
- PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+
+ require_once('includes/comment.php');
+ $comments = new Comments($paths->page_id, $paths->namespace);
+
+ $submission = array(
+ 'mode' => 'submit',
+ 'captcha_id' => $cid,
+ 'captcha_code' => $cin,
+ 'name' => $_POST['name'],
+ 'subj' => $_POST['subj'],
+ 'text' => $_POST['text'],
+ );
+
+ $result = $comments->process_json($submission);
+ if ( $result['mode'] == 'error' )
+ {
+ echo '<div class="error-box">' . htmlspecialchars($result['error']) . '</div>';
+ }
+ else
+ {
+ echo '<div class="info-box">' . $lang->get('comment_msg_comment_posted') . '</div>';
+ }
+
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
break;
case 'editcomment':
@@ -132,7 +154,7 @@
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
break;
}
- $template->footer();
+ $output->footer();
break;
case 'edit':
if(isset($_POST['_cancel']))