Commit 11a7a552 authored by Clemens John's avatar Clemens John

Merge branch 'master' into 'master'

SQL Injections

Hi,

habe diverse SQL Injections gefixed und Hostname Validierung vereinheitlicht.
Bitte reviewen, da nicht getestet! (Test Version läuft noch nicht rund aber die Fehler müssen dringend raus!)

See merge request !2
parents 1d3bb40e be9057e2
......@@ -39,19 +39,24 @@ if($_GET['section']=="router_auto_assign") {
if (empty($router)) {
//Make DB Insert
try {
DB::getInstance()->exec("INSERT INTO routers_not_assigned (create_date, update_date, hostname, router_auto_assign_login_string, interface)
VALUES (NOW(), NOW(), '$_GET[hostname]', '$_GET[router_auto_assign_login_string]', '$_GET[interface]');");
$stmt = DB::getInstance()->prepare("INSERT INTO routers_not_assigned (create_date, update_date, hostname, router_auto_assign_login_string, interface)
VALUES (NOW(), NOW(), :hostname, :router_auto_assign_login_string, :interface);");
$stmt->execute(array(
':hostname' => $_GET['hostname'],
':router_auto_assign_login_string' => $_GET['router_auto_assign_login_string'],
':interface' => $_GET['interface']
));
}
catch(PDOException $e) {
echo $e->getMessage();
}
$not_assigned_id = DB::getInstance()->lastInsertId();
//Make history
$actual_crawl_cycle = Crawling::getActualCrawlCycle();
$event = new Event(false, (int)$actual_crawl_cycle['id'], 'not_assigned_router', (int)$not_assigned_id, 'new', array('router_auto_assign_login_string'=>$_GET['router_auto_assign_login_string']));
$event->store();
echo "error;new_not_assigned;;$_GET[router_auto_assign_login_string]";
} else {
try {
......@@ -112,7 +117,7 @@ if($_GET['section']=="autoadd_ipv6_address") {
} else {
$networkinterface_id = $networkinterface->getNetworkinterfaceId();
}
//then we can create the ip
$ip = new Ip(false, (int)$networkinterface_id, (int)$network->getNetworkId(), $_GET['ip']);
if($ip->store()) {
......
This diff is collapsed.
......@@ -4,13 +4,13 @@
if(!empty($_SERVER['REMOTE_ADDR'])) {
die("This script can only be run by the server directly.");
}
//set include paths
if (empty($_SERVER["REQUEST_URI"])) {
$path = dirname(__FILE__)."/";
set_include_path(get_include_path() . PATH_SEPARATOR . $path);
}
//get depencies
$crawler = true;
require_once('runtime.php');
......@@ -22,11 +22,11 @@
require_once(ROOT_DIR.'/lib/core/ConfigLine.class.php');
require_once(ROOT_DIR.'/lib/core/OriginatorStatus.class.php');
require_once(ROOT_DIR.'/lib/extern/pstools.inc');
//get offset and limit options (script parameters)
$router_offset = getopt("o:l:")['o'];
$router_limit = getopt("o:l:")['l'];
// get configuration values
$ping_count = 3; // ping a node X times before fetching data
$ping_timeout = 500; // set the timout for each ping to X ms
......@@ -34,9 +34,9 @@
$crawl_timeout = 18; // timeout after X seconds on fetching crawldata
$network_connection_ipv6_interface = ConfigLine::configByName("network_connection_ipv6_interface"); //use this interface to connect to ipv6 linc local hosts
$interfaces_used_for_crawling = array("br-mesh", "br-client", "floh_fix", "tata_fix"); //use the ip adresses of these interfaces for crawling
$actual_crawl_cycle = Crawling::getActualCrawlCycle()['id'];
echo "Crawling routers $router_offset-$router_limit (offset-limit) with the following options:\n";
echo " ping_count: $ping_count\n";
echo " ping_timeout: $ping_timeout\n";
......@@ -44,7 +44,7 @@
echo " network_connection_ipv6_interface: $network_connection_ipv6_interface\n";
echo " interfaces_used_for_crawling: "; foreach($interfaces_used_for_crawling as $iface) echo $iface; echo "\n";
echo " actual_crawl_cycle: ".$actual_crawl_cycle."\n";
//fetch all routers that need to be crawled by a crawler. Respect offset and limit!
$routerlist = new Routerlist(false, false, "crawler", false, false, false, false, false,
(int)$router_offset, (int)$router_limit, "router_id", "asc");
......@@ -60,7 +60,7 @@
$xml_array = array();
$ping=false;
$return = array();
if($ip->getNetwork()->getIpv()==6)
$command = "ping6 -c $ping_count -w ".($ping_count+1)*$ping_timeout." -W $ping_timeout -I $network_connection_ipv6_interface ".$ip->getIp();
elseif($ip->getNetwork()->getIpv()==4)
......@@ -68,7 +68,7 @@
echo " ".$command."\n";
PsExecute($command, $ping_hard_timeout, 1);
//fetch crawl data from router
$return = array();
if($ip->getNetwork()->getIpv()==6)
......@@ -81,7 +81,7 @@
foreach($return as $string) {
$return_string .= $string;
}
//store the crawl data into the database if the router is not offline
if(!empty($return_string)) {
echo " Craw was successfull, online\n";
......@@ -97,34 +97,40 @@
$data['router_id'] = $router->getRouterId();
$data['system_data']['status'] = "unknown";
}
/**Insert Router System Data*/
echo " Inserting RouterStatus into DB\n";
$router_status = New RouterStatus(false, (int)$actual_crawl_cycle, $router->getRouterId(),
$data['system_data']['status'], false, $data['system_data']['hostname'], (int)$data['client_count'], $data['system_data']['chipset'],
$data['system_data']['cpu'], (int)$data['system_data']['memory_total'], (int)$data['system_data']['memory_caching'], (int)$data['system_data']['memory_buffering'],
(int)$data['system_data']['memory_free'], $data['system_data']['loadavg'], $data['system_data']['processes'], $data['system_data']['uptime'],
$data['system_data']['idletime'], $data['system_data']['local_time'], $data['system_data']['distname'], $data['system_data']['distversion'], $data['system_data']['openwrt_core_revision'],
$data['system_data']['idletime'], $data['system_data']['local_time'], $data['system_data']['distname'], $data['system_data']['distversion'], $data['system_data']['openwrt_core_revision'],
$data['system_data']['openwrt_feeds_packages_revision'], $data['system_data']['firmware_version'],
$data['system_data']['firmware_revision'], $data['system_data']['kernel_version'], $data['system_data']['configurator_version'],
$data['system_data']['firmware_revision'], $data['system_data']['kernel_version'], $data['system_data']['configurator_version'],
$data['system_data']['nodewatcher_version'], $data['system_data']['fastd_version'], $data['system_data']['batman_advanced_version']);
if($router_status->store()) {
echo " Inserting Batman advanced interfaces into DB\n";
/**Insert Batman advanced Interfaces*/
foreach($data['batman_adv_interfaces'] as $bat_adv_int) {
try {
DB::getInstance()->exec("INSERT INTO crawl_batman_advanced_interfaces (router_id, crawl_cycle_id, name, status, crawl_date)
VALUES ('$data[router_id]', '$actual_crawl_cycle', '$bat_adv_int[name]', '$bat_adv_int[status]', NOW());");
$stmt = DB::getInstance()->prepare("INSERT INTO crawl_batman_advanced_interfaces (router_id, crawl_cycle_id, name, status, crawl_date)
VALUES (:router_id, :actual_crawl_cycle, :name, :status, NOW());");
$stmt->execute(array(
':router_id' => $data['router_id'],
':actual_crawl_cycle' => $actual_crawl_cycle,
':name' => $bat_adv_int['name'],
':status' => $bat_adv_int['status']
));
} catch(PDOException $e) {
echo $e->getMessage();
}
}
echo " Inserting Batman advanced originators into DB\n";
/**Insert Batman Advanced Originators*/
$originator_count=count($data['batman_adv_originators']);
RrdTool::updateRouterBatmanAdvOriginatorsCountHistory($data['router_id'], $originator_count);
$average_link_quality = 0;
if(!empty($data['batman_adv_originators'])) {
foreach($data['batman_adv_originators'] as $originator) {
......@@ -141,8 +147,8 @@
}
$average_link_quality=($average_link_quality/$originator_count);
RrdTool::updateRouterBatmanAdvOriginatorLinkQuality($data['router_id'], "average", $average_link_quality, time());
echo " Inserting all other Data into DB\n";
Crawl::insertCrawlData($data);
} else {
......@@ -156,7 +162,7 @@
}
}
}
echo "The process took ".(time()-$starttime)." seconds\n";
function simplexml2array($xml) {
......
......@@ -9,7 +9,8 @@
require_once(ROOT_DIR.'/lib/core/Chipset.class.php');
require_once(ROOT_DIR.'/lib/core/Event.class.php');
require_once(ROOT_DIR.'/lib/core/ApiKeyList.class.php');
require_once(ROOT_DIR.'/lib/core/Validation.class.php');
class Router extends Object {
private $router_id = 0;
private $user_id = 0;
......@@ -21,11 +22,11 @@
private $chipset_id = 0;
private $crawl_method = "";
private $mac = "";
private $user = null;
private $statusdata = null;
private $chipset = null;
public function __construct($router_id=false, $user_id=false, $hostname=false, $description=false,
$location=false, $latitude=false, $longitude=false, $chipset_id=false,
$crawl_method=false, $create_date=false, $update_date=false, $mac=false) {
......@@ -42,7 +43,7 @@
$this->setUpdateDate($update_date);
$this->setMac($mac);
}
public function fetch() {
$result = array();
try {
......@@ -79,7 +80,7 @@
echo $e->getMessage();
echo $e->getTraceAsString();
}
if(!empty($result)) {
$this->setRouterId((int)$result['router_id']);
$this->setUserId((int)$result['user_id']);
......@@ -100,12 +101,12 @@
}
return false;
}
public function store() {
if($this->getUserId() != 0 AND $this->getHostname() != "" AND $this->getCrawlMethod() != "" AND $this->getChipsetId() != 0) {
$router_test = new Router(false, false, $this->getHostname());
$router_test->fetch();
if($this->getRouterId() != 0 AND !($router_test->getRouterId()!=$this->getRouterId() AND $router_test->getHostname()==$this->getHostname())) {
try {
$stmt = DB::getInstance()->prepare("UPDATE routers SET
......@@ -129,18 +130,18 @@
}
} elseif($router_test->getRouterId()==0) {
try {
$stmt = DB::getInstance()->prepare("INSERT INTO routers (user_id, hostname, description, location,
$stmt = DB::getInstance()->prepare("INSERT INTO routers (user_id, hostname, description, location,
latitude, longitude, chipset_id, crawl_method,
create_date, update_date)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, NOW(), NOW())");
$stmt->execute(array($this->getUserId(), $this->getHostname(), $this->getDescription(), $this->getLocation(),
$this->getLatitude(), $this->getLongitude(), $this->getChipsetId(), $this->getCrawlMethod()));
$this->setRouterId((int)DB::getInstance()->lastInsertId());
//create event for new router
$event = new Event(false, false, 'router', $this->getRouterId(), 'new', array('hostname'=>$router->getHostname()));
$event->store();
return $this->getRouterId();
} catch(PDOException $e) {
echo $e->getMessage();
......@@ -150,17 +151,17 @@
}
return false;
}
public function delete() {
if($this->getRouterId() != 0) {
//delete all interfaces
$networkinterfacelist = new Networkinterfacelist(false, $this->getRouterId());
$networkinterfacelist->delete();
//delete originator statusses
$originator_status_list = new OriginatorStatusList($this->getRouterId());
$originator_status_list->delete();
//delete batman advanced interfaces
try {
$stmt = DB::getInstance()->prepare("DELETE FROM crawl_batman_advanced_interfaces WHERE router_id=?");
......@@ -169,20 +170,20 @@
echo $e->getMessage();
echo $e->getTraceAsString();
}
//delete router statusses
$router_status_list = new RouterStatusList($this->getRouterId());
$router_status_list->delete();
//delete event notifications (we need to delete all notifications that users created for this router
//thats why we need a list here)
$event_notification_list = new EventNotificationList(false, "router_offline", $this->getRouterId());
$event_notification_list->delete();
//Delete api keys
$api_key_list = new ApiKeyList($this->getRouterId(), 'router');
$api_key_list->delete();
//delete router
try {
$stmt = DB::getInstance()->prepare("DELETE FROM routers WHERE id=?");
......@@ -195,7 +196,7 @@
}
return false;
}
public function setRouterId($router_id) {
if(is_int($router_id)) {
$this->router_id = $router_id;
......@@ -203,7 +204,7 @@
}
return false;
}
public function setUserId($user_id) {
if(is_int($user_id)) {
$this->user_id = $user_id;
......@@ -211,18 +212,15 @@
}
return false;
}
public function setHostname($hostname) {
//check for valid hostname as specified in rfc 1123
//see http://stackoverflow.com/a/3824105
$regex = "/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$/";
if(is_string($hostname) AND strlen($hostname)<=255 AND preg_match($regex, $hostname)) {
if(Validation::isValidHostname($hostname)) {
$this->hostname = $hostname;
return true;
}
return false;
}
public function setDescription($description) {
if(is_string($description)) {
$this->description = $description;
......@@ -230,7 +228,7 @@
}
return false;
}
public function setLocation($location) {
if(is_string($location)) {
$this->location = $location;
......@@ -238,7 +236,7 @@
}
return false;
}
public function setLatitude($latitude) {
if(is_string($latitude)) {
$this->latitude = $latitude;
......@@ -246,7 +244,7 @@
}
return false;
}
public function setLongitude($longitude) {
if(is_string($longitude)) {
$this->longitude = $longitude;
......@@ -254,7 +252,7 @@
}
return false;
}
public function setChipsetId($chipset_id) {
if(is_int($chipset_id)) {
$this->chipset_id = $chipset_id;
......@@ -262,7 +260,7 @@
}
return false;
}
public function setCrawlMethod($crawl_method) {
if($crawl_method=="router" OR $crawl_method=="crawler") {
$this->crawl_method = $crawl_method;
......@@ -270,7 +268,7 @@
}
return false;
}
public function setUser($user) {
if($user instanceof User) {
$this->user = $user;
......@@ -284,7 +282,7 @@
}
return false;
}
public function setChipset($chipset) {
if($chipset instanceof Chipset) {
$this->chipset = $chipset;
......@@ -298,7 +296,7 @@
}
return false;
}
public function setStatusdata($routerstatus) {
if($routerstatus instanceof RouterStatus) {
$this->statusdata = $routerstatus;
......@@ -312,7 +310,7 @@
}
return false;
}
public function setMac($mac) {
if(is_string($mac)) {
$this->mac = $mac;
......@@ -320,59 +318,59 @@
}
return false;
}
public function getRouterId() {
return $this->router_id;
}
public function getUserId() {
return $this->user_id;
}
public function getHostname() {
return $this->hostname;
}
public function getDescription() {
return $this->description;
}
public function getLocation() {
return $this->location;
}
public function getLatitude() {
return $this->latitude;
}
public function getLongitude() {
return $this->longitude;
}
public function getChipsetId() {
return $this->chipset_id;
}
public function getCrawlMethod() {
return $this->crawl_method;
}
public function getUser() {
return $this->user;
}
public function getChipset() {
return $this->chipset;
}
public function getStatusdata() {
return $this->statusdata;
}
public function getMac() {
return $this->mac;
}
public function getDomXMLElement($domdocument) {
$domxmlelement = $domdocument->createElement('router');
$domxmlelement->appendChild($domdocument->createElement("router_id", $this->getRouterId()));
......@@ -386,7 +384,7 @@
$domxmlelement->appendChild($domdocument->createElement("crawl_method", $this->getCrawlMethod()));
$domxmlelement->appendChild($domdocument->createElement("create_date", $this->getCreateDate()));
$domxmlelement->appendChild($domdocument->createElement("update_date", $this->getUpdateDate()));
$domxmlelement->appendChild($this->getUser()->getDomXMLElement($domdocument));
$domxmlelement->appendChild($this->getChipset()->getDomXMLElement($domdocument));
$domxmlelement->appendChild($this->getStatusdata()->getDomXMLElement($domdocument));
......
<?php
class Validation {
public static function isValidHostname($hostname) {
//check for valid hostname as specified in rfc 1123
//see http://stackoverflow.com/a/3824105
$regex = "/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$/";
return (is_string($hostname) AND strlen($hostname)<=255 AND preg_match($regex, $hostname));
}
}
\ No newline at end of file
......@@ -7,6 +7,7 @@ require_once(ROOT_DIR.'/lib/core/routersnotassigned.class.php');
require_once(ROOT_DIR.'/lib/core/config.class.php');
require_once(ROOT_DIR.'/lib/core/RouterStatus.class.php');
require_once(ROOT_DIR.'/lib/core/ApiKey.class.php');
require_once(ROOT_DIR.'/lib/core/Validation.class.php');
class RouterEditor {
public function insertNewRouter() {
......@@ -15,11 +16,11 @@ class RouterEditor {
$_POST['allow_router_auto_assign'] = 0;
$_POST['router_auto_assign_login_string'] = '';
}
if($_POST['allow_router_auto_assign'] == '1' AND !empty($_POST['router_auto_assign_login_string'])) {
$check_router_auto_assign_login_string = Router_old::getRouterByAutoAssignLoginString($_POST['router_auto_assign_login_string']);
}
if(empty($_POST['hostname'])) {
$message[] = array("Bitte geben Sie einen Hostname an.", 2);
Message::setMessage($message);
......@@ -28,7 +29,7 @@ class RouterEditor {
$message[] = array("Ein Router mit dem Hostnamen $_POST[hostname] existiert bereits, bitte wählen Sie einen anderen Hostnamen.", 2);
Message::setMessage($message);
return array("result"=>false, "router_id"=>$router_id);
} elseif (!(is_string($_POST['hostname']) AND strlen($_POST['hostname'])<=255 AND preg_match("/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$/", $_POST['hostname']))) {
} elseif (!Validation::isValidHostname($_POST['hostname'])) {
//check for valid hostname as specified in rfc 1123
//see http://stackoverflow.com/a/3824105
$message[] = array("Der Hostname ist ungültig. Erlaubt sind Hostnames nach RFC 1123.", 2);
......@@ -58,27 +59,27 @@ class RouterEditor {
echo $e->getMessage();
echo $e->getTraceAsString();
}
$crawl_cycle_id = Crawling::getLastEndedCrawlCycle();
$router_status = New RouterStatus(false, (int)$crawl_cycle_id['id'], (int)$router_id, "offline");
$router_status->store();
//add new api key
do {
$api_key = new ApiKey(false, ApiKey::generateApiKey(), (int)$router_id, "router", "Initial key");
$api_key_id = $api_key->store();
} while(!$api_key_id);
if($_POST['allow_router_auto_assign']=='1' AND !empty($_POST['router_auto_assign_login_string'])) {
RoutersNotAssigned::deleteByAutoAssignLoginString($_POST['router_auto_assign_login_string']);
}
$message[] = array("Der Router $_POST[hostname] wurde angelegt.", 1);
//Add event for new router
//TODO: add Router Object to data array
$event = new Event(false, 'router', (int)$router_id, 'new', array());
$event->store();
//Send Message to twitter
if($_POST['twitter_notification']=='1') {
Message::postTwitterMessage(Config::getConfigValueByName('community_name')." hat einen neuen #Freifunk Knoten! Wo? Schau nach: ".Config::getConfigValueByName('url_to_netmon')."/router.php?router_id=$router_id");
......@@ -124,7 +125,7 @@ class RouterEditor {
$message[] = array("Ein Router mit dem Hostnamen $_POST[hostname] existiert bereits, bitte wählen Sie einen anderen Hostnamen.", 2);
Message::setMessage($message);
return false;
} elseif (!(is_string($_POST['hostname']) AND strlen($_POST['hostname'])<=255 AND preg_match("/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$/", $_POST['hostname']))) {
} elseif (!Validation::isValidHostname($_POST['hostname'])) {
//check for valid hostname as specified in rfc 1123
//see http://stackoverflow.com/a/3824105
$message[] = array("Der Hostname ist ungültig. Erlaubt sind Hostnames nach RFC 1123.", 2);
......@@ -139,7 +140,7 @@ class RouterEditor {
$_POST['latitude'] = 0;
$_POST['longitude'] = 0;
}
try {
$stmt = DB::getInstance()->prepare("UPDATE routers SET
update_date=NOW(),
......@@ -159,11 +160,11 @@ class RouterEditor {
echo $e->getMessage();
echo $e->getTraceAsString();
}
if($_POST['allow_router_auto_assign']=='1' AND !empty($_POST['router_auto_assign_login_string'])) {
RoutersNotAssigned::deleteByAutoAssignLoginString($_POST['router_auto_assign_login_string']);
}
if ($result>0) {
$message[] = array("Die Änderungen am Router $_POST[hostname] wurden gespeichert.", 1);
Message::setMessage($message);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment