fixed arbitrary file read and XSS vulnerabilities, fixed some issues with settings
This commit is contained in:
hnhx
parent
e9652789f5
commit
61240bcd79
|
|
@ -39,9 +39,13 @@
|
|||
// CURLOPT_PROXYTYPE => CURLPROXY_HTTP,
|
||||
CURLOPT_RETURNTRANSFER => true,
|
||||
CURLOPT_ENCODING => "",
|
||||
CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36",
|
||||
CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36",
|
||||
CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4,
|
||||
CURLOPT_CUSTOMREQUEST => "GET",
|
||||
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP,
|
||||
CURLOPT_REDIR_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP,
|
||||
CURLOPT_MAXREDIRS => 5,
|
||||
CURLOPT_TIMEOUT => 8,
|
||||
CURLOPT_VERBOSE => false
|
||||
)
|
||||
|
||||
|
|
|
|||
|
|
@ -20,11 +20,11 @@
|
|||
|
||||
array_push($results,
|
||||
array (
|
||||
"name" => $name,
|
||||
"name" => htmlspecialchars($name),
|
||||
"seeders" => (int) $seeders,
|
||||
"leechers" => (int) $leechers,
|
||||
"magnet" => $magnet,
|
||||
"size" => $size,
|
||||
"magnet" => htmlspecialchars($magnet),
|
||||
"size" => htmlspecialchars($size),
|
||||
"source" => "nyaa.si"
|
||||
)
|
||||
);
|
||||
|
|
@ -32,4 +32,4 @@
|
|||
|
||||
return $results;
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -21,11 +21,11 @@
|
|||
|
||||
array_push($results,
|
||||
array (
|
||||
"name" => $name,
|
||||
"name" => htmlspecialchars($name),
|
||||
"seeders" => (int) remove_special($seeders),
|
||||
"leechers" => (int) remove_special($leechers),
|
||||
"magnet" => $magnet,
|
||||
"size" => $size,
|
||||
"magnet" => htmlspecialchars($magnet),
|
||||
"size" => htmlspecialchars($size),
|
||||
"source" => "rutor.info"
|
||||
)
|
||||
);
|
||||
|
|
@ -33,4 +33,4 @@
|
|||
|
||||
return $results;
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -24,11 +24,11 @@
|
|||
|
||||
array_push($results,
|
||||
array (
|
||||
"size" => $size,
|
||||
"name" => $name,
|
||||
"seeders" => $seeders,
|
||||
"leechers" => $leechers,
|
||||
"magnet" => $magnet,
|
||||
"size" => htmlspecialchars($size),
|
||||
"name" => htmlspecialchars($name),
|
||||
"seeders" => htmlspecialchars($seeders),
|
||||
"leechers" => htmlspecialchars($leechers),
|
||||
"magnet" => htmlspecialchars($magnet),
|
||||
"source" => "thepiratebay.org"
|
||||
)
|
||||
);
|
||||
|
|
@ -37,4 +37,4 @@
|
|||
return $results;
|
||||
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -19,11 +19,11 @@
|
|||
|
||||
array_push($results,
|
||||
array (
|
||||
"name" => $name,
|
||||
"name" => htmlspecialchars($name),
|
||||
"seeders" => (int) $seeders,
|
||||
"leechers" => (int) $leechers,
|
||||
"magnet" => $magnet,
|
||||
"size" => $size,
|
||||
"magnet" => htmlspecialchars($magnet),
|
||||
"size" => htmlspecialchars($size),
|
||||
"source" => "torrentgalaxy.to"
|
||||
)
|
||||
);
|
||||
|
|
|
|||
|
|
@ -26,11 +26,11 @@
|
|||
|
||||
array_push($results,
|
||||
array (
|
||||
"size" => $size,
|
||||
"name" => $name,
|
||||
"seeders" => $seeders,
|
||||
"leechers" => $leechers,
|
||||
"magnet" => $magnet,
|
||||
"size" => htmlspecialchars($size),
|
||||
"name" => htmlspecialchars($name),
|
||||
"seeders" => htmlspecialchars($seeders),
|
||||
"leechers" => htmlspecialchars($leechers),
|
||||
"magnet" => htmlspecialchars($magnet),
|
||||
"source" => "yts.mx"
|
||||
)
|
||||
);
|
||||
|
|
@ -42,4 +42,4 @@
|
|||
return $results;
|
||||
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -61,4 +61,4 @@
|
|||
|
||||
echo "</div>";
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -22,10 +22,10 @@
|
|||
$source = "https://moneyconvert.net/";
|
||||
return array(
|
||||
"special_response" => array(
|
||||
"response" => $formatted_response,
|
||||
"response" => htmlspecialchars($formatted_response),
|
||||
"source" => $source
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -14,11 +14,11 @@
|
|||
$source = "https://dictionaryapi.dev";
|
||||
return array(
|
||||
"special_response" => array(
|
||||
"response" => $definition,
|
||||
"response" => htmlspecialchars($definition),
|
||||
"source" => $source
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
$source = check_for_privacy_frontend("https://wikipedia.org/wiki/$query");
|
||||
$response = array(
|
||||
"special_response" => array(
|
||||
"response" => $description,
|
||||
"response" => htmlspecialchars($description),
|
||||
"source" => $source
|
||||
)
|
||||
);
|
||||
|
|
@ -30,4 +30,4 @@
|
|||
return $response;
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -15,4 +15,4 @@
|
|||
</div>
|
||||
</form>
|
||||
|
||||
<?php require "misc/footer.php"; ?>
|
||||
<?php require "misc/footer.php"; ?>
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
<link rel="stylesheet" type="text/css" href="<?php
|
||||
echo "static/css/";
|
||||
if (isset($_COOKIE["theme"]) || isset($_REQUEST["theme"]))
|
||||
echo (isset($_COOKIE["theme"]) ? $_COOKIE["theme"] : $_REQUEST["theme"]) . ".css";
|
||||
echo htmlspecialchars((isset($_COOKIE["theme"]) ? $_COOKIE["theme"] : $_REQUEST["theme"]) . ".css");
|
||||
else
|
||||
echo "dark.css";
|
||||
?>"/>
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
<a href="./"><img class="logo" src="static/images/librex.png" alt="librex logo"></a>
|
||||
<input type="text" name="q"
|
||||
<?php
|
||||
$query = trim($_REQUEST["q"]);
|
||||
$query = htmlspecialchars(trim($_REQUEST["q"]));
|
||||
$query_encoded = urlencode($query);
|
||||
|
||||
if (1 > strlen($query) || strlen($query) > 256)
|
||||
|
|
@ -107,4 +107,4 @@
|
|||
}
|
||||
?>
|
||||
|
||||
<?php require "misc/footer.php"; ?>
|
||||
<?php require "misc/footer.php"; ?>
|
||||
|
|
|
|||
55
settings.php
55
settings.php
|
|
@ -1,20 +1,36 @@
|
|||
|
||||
<?php
|
||||
require "misc/header.php";
|
||||
$config = require "config.php";
|
||||
|
||||
|
||||
|
||||
if (isset($_REQUEST["save"]) || isset($_REQUEST["reset"]))
|
||||
{
|
||||
if (isset($_SERVER["HTTP_COOKIE"]))
|
||||
{
|
||||
$cookies = explode(";", $_SERVER["HTTP_COOKIE"]);
|
||||
foreach($cookies as $cookie)
|
||||
{
|
||||
$parts = explode("=", $cookie);
|
||||
$name = trim($parts[0]);
|
||||
setcookie($name, "", time() - 1000);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function better_setcookie($name)
|
||||
{
|
||||
if (!empty($_REQUEST[$name]))
|
||||
setcookie($name, $_REQUEST[$name], time() + (86400 * 90));
|
||||
else if (isset($_COOKIE[$name]))
|
||||
setcookie($name, "", time() - 1000);
|
||||
{
|
||||
setcookie($name, $_REQUEST[$name], time() + (86400 * 90), '/');
|
||||
$_COOKIE[$name] = $_REQUEST[$name];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (isset($_REQUEST["save"]))
|
||||
{
|
||||
|
||||
better_setcookie("theme");
|
||||
|
||||
|
||||
better_setcookie("disable_special");
|
||||
|
||||
better_setcookie("invidious");
|
||||
|
|
@ -23,25 +39,16 @@
|
|||
better_setcookie("libreddit");
|
||||
better_setcookie("proxitok");
|
||||
better_setcookie("wikiless");
|
||||
|
||||
}
|
||||
|
||||
if (isset($_REQUEST["save"]) || isset($_REQUEST["reset"]))
|
||||
{
|
||||
header("Location: ./settings.php");
|
||||
die();
|
||||
}
|
||||
else if (isset($_REQUEST["reset"]))
|
||||
{
|
||||
if (isset($_SERVER["HTTP_COOKIE"])) {
|
||||
$cookies = explode(";", $_SERVER["HTTP_COOKIE"]);
|
||||
foreach($cookies as $cookie) {
|
||||
$parts = explode("=", $cookie);
|
||||
$name = trim($parts[0]);
|
||||
setcookie($name, "", time() - 1000);
|
||||
}
|
||||
|
||||
header("Location: ./settings.php");
|
||||
die();
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
require "misc/header.php";
|
||||
?>
|
||||
|
||||
<title>LibreX - Settings</title>
|
||||
</head>
|
||||
|
|
|
|||
Loading…
Reference in New Issue