Steffen Joeris
2008-May-16 14:41 UTC
[Secure-testing-team] Bug#481504: CVE-2008-2276: Cross-site request forgery (CSRF) vulnerability
Package: mantis
Severity: grave
Tags: security
Justification: user security hole
Hi
The following CVE(0) id has been issued against mantis.
CVE-2008-2276:
Cross-site request forgery (CSRF) vulnerability in Mantis 1.1.1 allows
remote attackers to create new administrative users via user_create.
Please mention the CVE id in your changelog, if you happen to fix it
via an upload.
I attached the upstream commit for this issue. Please have a look, I
will also try and take a deep look tomorrow.
Cheers
Steffen
(0): http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2276
-------------- next part --------------
Index: mantisbt/news_delete.php
==================================================================---
mantisbt/news_delete.php (revision 5131)
+++ mantisbt/news_delete.php (revision 5132)
@@ -20,15 +20,15 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''news_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_news_id = gpc_get_int( ''news_id'' );
$row = news_get_row( $f_news_id );
Index: mantisbt/print_all_bug_options_reset.php
==================================================================---
mantisbt/print_all_bug_options_reset.php (revision 5131)
+++ mantisbt/print_all_bug_options_reset.php (revision 5132)
@@ -30,6 +30,8 @@
require_once( $t_core_path.''current_user_api.php'' );
require( ''print_all_bug_options_inc.php'' );
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
# protected account check
Index: mantisbt/print_all_bug_options_update.php
==================================================================---
mantisbt/print_all_bug_options_update.php (revision 5131)
+++ mantisbt/print_all_bug_options_update.php (revision 5132)
@@ -20,15 +20,16 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Updates printing prefs then redirect to print_all_bug_page_page.php
-?>
-<?php require_once( ''core.php'' ) ?>
-<?php require( ''print_all_bug_options_inc.php'' ) ?>
-<?php auth_ensure_user_authenticated() ?>
-<?php
+ require_once( ''core.php'' );
+ require( ''print_all_bug_options_inc.php'' );
+
+ helper_ensure_post();
+
+ auth_ensure_user_authenticated();
+
$f_user_id = gpc_get_int( ''user_id'' );
$f_redirect_url = gpc_get_string( ''redirect_url'' );
Index: mantisbt/bug_reminder.php
==================================================================---
mantisbt/bug_reminder.php (revision 5131)
+++ mantisbt/bug_reminder.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,11 +20,9 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# This page allows an authorized user to send a reminder by email to another
user
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
@@ -32,8 +30,9 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''email_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$f_to = gpc_get_int_array( ''to'' );
$f_body = gpc_get_string( ''body'' );
Index: mantisbt/manage_proj_cat_copy.php
==================================================================---
mantisbt/manage_proj_cat_copy.php (revision 5131)
+++ mantisbt/manage_proj_cat_copy.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''category_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/bug_relationship_add.php
==================================================================---
mantisbt/bug_relationship_add.php (revision 5131)
+++ mantisbt/bug_relationship_add.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -29,6 +29,8 @@
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path . ''relationship_api.php'' );
+ helper_ensure_post();
+
$f_rel_type = gpc_get_int( ''rel_type'' );
$f_src_bug_id = gpc_get_int( ''src_bug_id'' );
$f_dest_bug_id_string = gpc_get_string( ''dest_bug_id'' );
Index: mantisbt/manage_plugin_update.php
==================================================================---
mantisbt/manage_plugin_update.php (revision 5131)
+++ mantisbt/manage_plugin_update.php (revision 5132)
@@ -24,6 +24,8 @@
define( ''PLUGINS_DISABLED'', true );
require_once( ''core.php'' );
+helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_plugin_threshold'' ) );
Index: mantisbt/manage_custom_field_create.php
==================================================================---
mantisbt/manage_custom_field_create.php (revision 5131)
+++ mantisbt/manage_custom_field_create.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_custom_fields_threshold'' ) );
Index: mantisbt/manage_proj_custom_field_copy.php
==================================================================---
mantisbt/manage_proj_custom_field_copy.php (revision 5131)
+++ mantisbt/manage_proj_custom_field_copy.php (revision 5132)
@@ -23,6 +23,8 @@
require_once(''core.php'');
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_proj_user_copy.php
==================================================================---
mantisbt/manage_proj_user_copy.php (revision 5131)
+++ mantisbt/manage_proj_user_copy.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_plugin_upgrade.php
==================================================================---
mantisbt/manage_plugin_upgrade.php (revision 5131)
+++ mantisbt/manage_plugin_upgrade.php (revision 5132)
@@ -24,6 +24,8 @@
define( ''PLUGINS_DISABLED'', true );
require_once( ''core.php'' );
+helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_plugin_threshold'' ) );
Index: mantisbt/tag_update.php
==================================================================---
mantisbt/tag_update.php (revision 5131)
+++ mantisbt/tag_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path . ''tag_api.php'' );
+ helper_ensure_post();
+
compress_enable();
$f_tag_id = gpc_get_int( ''tag_id'' );
Index: mantisbt/bug_relationship_delete.php
==================================================================---
mantisbt/bug_relationship_delete.php (revision 5131)
+++ mantisbt/bug_relationship_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -36,6 +36,8 @@
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path . ''relationship_api.php'' );
+ helper_ensure_post();
+
$f_rel_id = gpc_get_int( ''rel_id'' );
$f_bug_id = gpc_get_int( ''bug_id'' );
Index: mantisbt/account_sponsor_update.php
==================================================================---
mantisbt/account_sponsor_update.php (revision 5131)
+++ mantisbt/account_sponsor_update.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,23 +20,21 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
- # This page updates a user''s information
+
+ # This page updates a user''s sponsorships
# If an account is protected then changes are forbidden
# The page gets redirected back to account_page.php
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''email_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
-?>
-<?php
+
$f_bug_list = gpc_get_string( ''buglist'',
'''' );
$t_bug_list = explode( '','', $f_bug_list );
Index: mantisbt/manage_proj_custom_field_update.php
==================================================================---
mantisbt/manage_proj_custom_field_update.php (revision 5131)
+++ mantisbt/manage_proj_custom_field_update.php (revision 5132)
@@ -20,15 +20,15 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''custom_field_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_field_id = gpc_get_int( ''field_id'' );
$f_project_id = gpc_get_int( ''project_id'' );
$f_sequence = gpc_get_int( ''sequence'' );
Index: mantisbt/account_prof_update.php
==================================================================---
mantisbt/account_prof_update.php (revision 5131)
+++ mantisbt/account_prof_update.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -30,6 +30,8 @@
require_once( $t_core_path.''profile_api.php'' );
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
Index: mantisbt/bugnote_delete.php
==================================================================---
mantisbt/bugnote_delete.php (revision 5131)
+++ mantisbt/bugnote_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,12 +20,10 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Remove the bugnote and bugnote text and redirect back to
# the viewing page
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
@@ -33,10 +31,11 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
require_once( $t_core_path.''current_user_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bugnote_id = gpc_get_int( ''bugnote_id'' );
-
+
$t_bug_id = bugnote_get_field( $f_bugnote_id, ''bug_id'' );
$t_bug = bug_get( $t_bug_id, true );
Index: mantisbt/lang/strings_english.txt
==================================================================---
mantisbt/lang/strings_english.txt (revision 5131)
+++ mantisbt/lang/strings_english.txt (revision 5132)
@@ -313,6 +313,7 @@
$MANTIS_ERROR[ERROR_PLUGIN_PAGE_NOT_FOUND] = ''Plugin page not
found.'';
$MANTIS_ERROR[ERROR_COLUMNS_DUPLICATE] = ''Field
\''%s\'' contains duplcate column
\''%s\''.'';
$MANTIS_ERROR[ERROR_COLUMNS_INVALID] = ''Field \''%s\''
contains invalid field \''%s\'''';
+$MANTIS_ERROR[ERROR_INVALID_REQUEST_METHOD] = ''This page cannot be
accessed using this method.'';
$s_login_error = ''Your account may be disabled or blocked or the
username/password you entered is incorrect.'';
$s_login_cookies_disabled = ''Your browser either doesn\''t
know how to handle cookies, or refuses to handle them.'';
Index: mantisbt/manage_plugin_install.php
==================================================================---
mantisbt/manage_plugin_install.php (revision 5131)
+++ mantisbt/manage_plugin_install.php (revision 5132)
@@ -24,6 +24,8 @@
define( ''PLUGINS_DISABLED'', true );
require_once( ''core.php'' );
+helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_plugin_threshold'' ) );
Index: mantisbt/manage_proj_delete.php
==================================================================---
mantisbt/manage_proj_delete.php (revision 5131)
+++ mantisbt/manage_proj_delete.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/bugnote_add.php
==================================================================---
mantisbt/bugnote_add.php (revision 5131)
+++ mantisbt/bugnote_add.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,8 +20,7 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Insert the bugnote into the database then redirect to the bug page
require_once( ''core.php'' );
@@ -31,6 +30,8 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$f_private = gpc_get_bool( ''private'' );
$f_time_tracking = gpc_get_string( ''time_tracking'',
''0:00'' );
Index: mantisbt/news_update.php
==================================================================---
mantisbt/news_update.php (revision 5131)
+++ mantisbt/news_update.php (revision 5132)
@@ -20,8 +20,7 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
@@ -29,8 +28,9 @@
require_once( $t_core_path.''news_api.php'' );
require_once( $t_core_path.''string_api.php'' );
require_once( $t_core_path.''print_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_news_id = gpc_get_int( ''news_id'' );
$f_project_id = gpc_get_int( ''project_id'' );
$f_view_state = gpc_get_int( ''view_state'' );
Index: mantisbt/manage_proj_cat_add.php
==================================================================---
mantisbt/manage_proj_cat_add.php (revision 5131)
+++ mantisbt/manage_proj_cat_add.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''category_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/query_store.php
==================================================================---
mantisbt/query_store.php (revision 5131)
+++ mantisbt/query_store.php (revision 5132)
@@ -28,6 +28,8 @@
require_once( $t_core_path.''string_api.php'' );
require_once( $t_core_path.''date_api.php'' );
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
compress_enable();
Index: mantisbt/bug_file_add.php
==================================================================---
mantisbt/bug_file_add.php (revision 5131)
+++ mantisbt/bug_file_add.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,18 +20,17 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Add file to a bug and then view the bug
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''file_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'', -1 );
$f_file = gpc_get_file( ''file'', -1 );
Index: mantisbt/lost_pwd.php
==================================================================---
mantisbt/lost_pwd.php (revision 5131)
+++ mantisbt/lost_pwd.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -27,6 +27,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
# lost password feature disabled or reset password via email disabled ->
stop here!
if( OFF == config_get( ''lost_password_feature'' ) ||
OFF == config_get( ''send_reset_password'' ) ||
Index: mantisbt/manage_plugin_uninstall.php
==================================================================---
mantisbt/manage_plugin_uninstall.php (revision 5131)
+++ mantisbt/manage_plugin_uninstall.php (revision 5132)
@@ -24,6 +24,8 @@
define( ''PLUGINS_DISABLED'', true );
require_once( ''core.php'' );
+helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_plugin_threshold'' ) );
Index: mantisbt/manage_proj_custom_field_add_existing.php
==================================================================---
mantisbt/manage_proj_custom_field_add_existing.php (revision 5131)
+++ mantisbt/manage_proj_custom_field_add_existing.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_field_id = gpc_get_int( ''field_id'' );
Index: mantisbt/bug_assign_reporter.php
==================================================================---
mantisbt/bug_assign_reporter.php (revision 5131)
+++ mantisbt/bug_assign_reporter.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,18 +20,17 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Assign bug to user then redirect to viewing page
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''bug_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
access_ensure_bug_level( config_get( ''update_bug_threshold''
), $f_bug_id );
Index: mantisbt/bugnote_update.php
==================================================================---
mantisbt/bugnote_update.php (revision 5131)
+++ mantisbt/bugnote_update.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,11 +20,9 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Update bugnote data then redirect to the appropriate viewing page
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
@@ -32,8 +30,9 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
require_once( $t_core_path.''current_user_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bugnote_id = gpc_get_int( ''bugnote_id'' );
$f_bugnote_text = gpc_get_string( ''bugnote_text'',
'''' );
$f_time_tracking = gpc_get_string( ''time_tracking'',
''0:00'' );
Index: mantisbt/manage_custom_field_delete.php
==================================================================---
mantisbt/manage_custom_field_delete.php (revision 5131)
+++ mantisbt/manage_custom_field_delete.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_custom_fields_threshold'' ) );
Index: mantisbt/proj_doc_add.php
==================================================================---
mantisbt/proj_doc_add.php (revision 5131)
+++ mantisbt/proj_doc_add.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''file_api.php'' );
+ helper_ensure_post();
+
# Check if project documentation feature is enabled.
if ( OFF == config_get( ''enable_project_documentation'' ) ) {
access_denied();
Index: mantisbt/manage_user_create.php
==================================================================---
mantisbt/manage_user_create.php (revision 5131)
+++ mantisbt/manage_user_create.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''email_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_user_threshold'' ) );
Index: mantisbt/manage_config_workflow_set.php
==================================================================---
mantisbt/manage_config_workflow_set.php (revision 5131)
+++ mantisbt/manage_config_workflow_set.php (revision 5132)
@@ -26,6 +26,8 @@
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''email_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$t_can_change_level = min( config_get_access( ''notify_flags''
), config_get_access( ''default_notify_flags'' ) );
Index: mantisbt/manage_proj_update.php
==================================================================---
mantisbt/manage_proj_update.php (revision 5131)
+++ mantisbt/manage_proj_update.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_custom_field_proj_add.php
==================================================================---
mantisbt/manage_custom_field_proj_add.php (revision 5131)
+++ mantisbt/manage_custom_field_proj_add.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_field_id = gpc_get_int( ''field_id'' );
Index: mantisbt/query_delete.php
==================================================================---
mantisbt/query_delete.php (revision 5131)
+++ mantisbt/query_delete.php (revision 5132)
@@ -28,6 +28,8 @@
require_once( $t_core_path.''string_api.php'' );
require_once( $t_core_path.''date_api.php'' );
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
compress_enable();
Index: mantisbt/manage_proj_user_add.php
==================================================================---
mantisbt/manage_proj_user_add.php (revision 5131)
+++ mantisbt/manage_proj_user_add.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/account_prof_add.php
==================================================================---
mantisbt/account_prof_add.php (revision 5131)
+++ mantisbt/account_prof_add.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,23 +20,21 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# This file adds a new profile and redirects to account_proj_menu_page.php
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''profile_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
-?>
-<?php
+
$f_platform = gpc_get_string( ''platform'' );
$f_os = gpc_get_string( ''os'' );
$f_os_build = gpc_get_string( ''os_build'' );
Index: mantisbt/manage_proj_cat_delete.php
==================================================================---
mantisbt/manage_proj_cat_delete.php (revision 5131)
+++ mantisbt/manage_proj_cat_delete.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''category_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_category_id = gpc_get_string( ''id'' );
Index: mantisbt/manage_proj_custom_field_remove.php
==================================================================---
mantisbt/manage_proj_custom_field_remove.php (revision 5131)
+++ mantisbt/manage_proj_custom_field_remove.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_field_id = gpc_get_int( ''field_id'' );
Index: mantisbt/tag_attach.php
==================================================================---
mantisbt/tag_attach.php (revision 5131)
+++ mantisbt/tag_attach.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path . ''tag_api.php'' );
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$f_tag_select = gpc_get_int( ''tag_select'' );
$f_tag_string = gpc_get_string( ''tag_string'' );
Index: mantisbt/signup.php
==================================================================---
mantisbt/signup.php (revision 5131)
+++ mantisbt/signup.php (revision 5132)
@@ -28,6 +28,8 @@
require_once( $t_core_path.''email_api.php'' );
require_once( $t_core_path . ''disposable'' .
DIRECTORY_SEPARATOR . ''disposable.php'' );
+ helper_ensure_post();
+
$f_username = strip_tags( gpc_get_string( ''username'' ) );
$f_email = strip_tags( gpc_get_string( ''email'' ) );
$f_captcha = gpc_get_string( ''captcha'',
'''' );
Index: mantisbt/bug_actiongroup_ext.php
==================================================================---
mantisbt/bug_actiongroup_ext.php (revision 5131)
+++ mantisbt/bug_actiongroup_ext.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -28,19 +28,21 @@
require_once( $t_core_path . ''bug_api.php'' );
require_once( $t_core_path . ''bug_group_action_api.php'' );
- auth_ensure_user_authenticated();
+ helper_ensure_post();
+ auth_ensure_user_authenticated();
+
helper_begin_long_process();
- $f_action = gpc_get_string( ''action'' );
+ $f_action = gpc_get_string( ''action'' );
$f_bug_arr = gpc_get_int_array( ''bug_arr'', array() );
- $t_action_include_file = ''bug_actiongroup_'' . $f_action .
''_inc.php'';
+ $t_action_include_file = ''bug_actiongroup_'' . $f_action .
''_inc.php'';
- require_once( dirname( __FILE__ ) . DIRECTORY_SEPARATOR .
$t_action_include_file );
-
- # group bugs by project
- $t_projects_bugs = array();
+ require_once( dirname( __FILE__ ) . DIRECTORY_SEPARATOR .
$t_action_include_file );
+
+ # group bugs by project
+ $t_projects_bugs = array();
foreach( $f_bug_arr as $t_bug_id ) {
bug_ensure_exists( $t_bug_id );
$t_bug = bug_get( $t_bug_id, true );
Index: mantisbt/bug_monitor.php
==================================================================---
mantisbt/bug_monitor.php (revision 5131)
+++ mantisbt/bug_monitor.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,18 +20,17 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# This file turns monitoring on or off for a bug for the current user
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''bug_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$t_bug = bug_get( $f_bug_id, true );
Index: mantisbt/manage_custom_field_update.php
==================================================================---
mantisbt/manage_custom_field_update.php (revision 5131)
+++ mantisbt/manage_custom_field_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_custom_fields_threshold'' ) );
Index: mantisbt/manage_config_columns_set.php
==================================================================---
mantisbt/manage_config_columns_set.php (revision 5131)
+++ mantisbt/manage_config_columns_set.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -28,6 +28,8 @@
require_once( $t_core_path . ''columns_api.php'' );
require_once( $t_core_path . ''gpc_api.php'' );
+ helper_ensure_post();
+
# @@@ access_ensure_project_level( config_get(
''manage_project_threshold'' ) );
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_user_reset.php
==================================================================---
mantisbt/manage_user_reset.php (revision 5131)
+++ mantisbt/manage_user_reset.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_user_threshold'' ) );
Index: mantisbt/manage_proj_update_children.php
==================================================================---
mantisbt/manage_proj_update_children.php (revision 5131)
+++ mantisbt/manage_proj_update_children.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( $t_core_path.''project_hierarchy_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/bug_file_delete.php
==================================================================---
mantisbt/bug_file_delete.php (revision 5131)
+++ mantisbt/bug_file_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -29,6 +29,8 @@
require_once( $t_core_path.''file_api.php'' );
+ helper_ensure_post();
+
$f_file_id = gpc_get_int( ''file_id'' );
$t_bug_id = file_get_field( $f_file_id, ''bug_id'' );
Index: mantisbt/manage_config_email_set.php
==================================================================---
mantisbt/manage_config_email_set.php (revision 5131)
+++ mantisbt/manage_config_email_set.php (revision 5132)
@@ -26,6 +26,8 @@
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''email_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$t_can_change_level = min( config_get_access( ''notify_flags''
), config_get_access( ''default_notify_flags'' ) );
Index: mantisbt/manage_user_prune.php
==================================================================---
mantisbt/manage_user_prune.php (revision 5131)
+++ mantisbt/manage_user_prune.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_user_threshold'' ) );
Index: mantisbt/manage_proj_ver_add.php
==================================================================---
mantisbt/manage_proj_ver_add.php (revision 5131)
+++ mantisbt/manage_proj_ver_add.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''version_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_user_delete.php
==================================================================---
mantisbt/manage_user_delete.php (revision 5131)
+++ mantisbt/manage_user_delete.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_user_threshold'' ) );
Index: mantisbt/manage_proj_cat_update.php
==================================================================---
mantisbt/manage_proj_cat_update.php (revision 5131)
+++ mantisbt/manage_proj_cat_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''category_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_category_id = gpc_get_int( ''category_id'' );
Index: mantisbt/account_delete.php
==================================================================---
mantisbt/account_delete.php (revision 5131)
+++ mantisbt/account_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -43,6 +43,8 @@
# (none)
#============ Permissions ===========+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
Index: mantisbt/manage_proj_ver_delete.php
==================================================================---
mantisbt/manage_proj_ver_delete.php (revision 5131)
+++ mantisbt/manage_proj_ver_delete.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''version_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_version_id = gpc_get_int( ''version_id'' );
Index: mantisbt/manage_proj_user_remove.php
==================================================================---
mantisbt/manage_proj_user_remove.php (revision 5131)
+++ mantisbt/manage_proj_user_remove.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/bug_delete.php
==================================================================---
mantisbt/bug_delete.php (revision 5131)
+++ mantisbt/bug_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -29,6 +29,8 @@
$f_bug_id = gpc_get_int( ''bug_id'' );
+ helper_ensure_post();
+
access_ensure_bug_level( config_get( ''delete_bug_threshold''
), $f_bug_id );
$t_bug = bug_get( $f_bug_id, true );
Index: mantisbt/manage_user_proj_delete.php
==================================================================---
mantisbt/manage_user_proj_delete.php (revision 5131)
+++ mantisbt/manage_user_proj_delete.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/adm_config_delete.php
==================================================================---
mantisbt/adm_config_delete.php (revision 5131)
+++ mantisbt/adm_config_delete.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
$f_user_id = gpc_get_int( ''user_id'' );
$f_project_id = gpc_get_int( ''project_id'' );
$f_config_option = gpc_get_string( ''config_option'' );
Index: mantisbt/proj_doc_delete.php
==================================================================---
mantisbt/proj_doc_delete.php (revision 5131)
+++ mantisbt/proj_doc_delete.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
# Check if project documentation feature is enabled.
if ( OFF == config_get( ''enable_project_documentation'' ) ) {
access_denied();
Index: mantisbt/tag_detach.php
==================================================================---
mantisbt/tag_detach.php (revision 5131)
+++ mantisbt/tag_detach.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path . ''tag_api.php'' );
+ helper_ensure_post();
+
$f_tag_id = gpc_get_int( ''tag_id'' );
$f_bug_id = gpc_get_int( ''bug_id'' );
Index: mantisbt/news_add.php
==================================================================---
mantisbt/news_add.php (revision 5131)
+++ mantisbt/news_add.php (revision 5132)
@@ -20,16 +20,16 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''news_api.php'' );
require_once( $t_core_path.''print_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
access_ensure_project_level( config_get(
''manage_news_threshold'' ) );
$f_view_state = gpc_get_int( ''view_state'' );
Index: mantisbt/manage_user_update.php
==================================================================---
mantisbt/manage_user_update.php (revision 5131)
+++ mantisbt/manage_user_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''email_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''manage_user_threshold'' ) );
Index: mantisbt/account_prefs_update.php
==================================================================---
mantisbt/account_prefs_update.php (revision 5131)
+++ mantisbt/account_prefs_update.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,21 +20,19 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Updates prefs then redirect to account_prefs_page.php3
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''user_pref_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
-?>
-<?php
+
$f_user_id = gpc_get_int( ''user_id'' );
$f_redirect_url = gpc_get_string( ''redirect_url'' );
Index: mantisbt/account_update.php
==================================================================---
mantisbt/account_update.php (revision 5131)
+++ mantisbt/account_update.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,25 +20,23 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# This page updates a user''s information
# If an account is protected then changes are forbidden
# The page gets redirected back to account_page.php
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''email_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
-?>
-<?php
+
$f_email = gpc_get_string( ''email'',
'''' );
$f_realname = gpc_get_string( ''realname'',
'''' );
$f_password = gpc_get_string( ''password'',
'''' );
Index: mantisbt/manage_proj_ver_update.php
==================================================================---
mantisbt/manage_proj_ver_update.php (revision 5131)
+++ mantisbt/manage_proj_ver_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''version_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_version_id = gpc_get_int( ''version_id'' );
Index: mantisbt/core/helper_api.php
==================================================================---
mantisbt/core/helper_api.php (revision 5131)
+++ mantisbt/core/helper_api.php (revision 5132)
@@ -502,4 +502,16 @@
return (int)$t_min;
}
+
+ #
+ #-------------------------------------------------
+ # check access method is POST, return if true, else call error handler
+ function helper_ensure_post()
+ {
+ if ( isset( $_SERVER[''REQUEST_METHOD''] ) && (
strtoupper( $_SERVER[''REQUEST_METHOD''] ) !=
''POST'' ) ) {
+ trigger_error( ERROR_INVALID_REQUEST_METHOD, ERROR );
+ }
+
+ }
+
?>
Index: mantisbt/core/constant_inc.php
==================================================================---
mantisbt/core/constant_inc.php (revision 5131)
+++ mantisbt/core/constant_inc.php (revision 5132)
@@ -194,6 +194,7 @@
define( ''ERROR_FTP_CONNECT_ERROR'', 16 );
define( ''ERROR_HANDLER_ACCESS_TOO_LOW'', 17 );
define( ''ERROR_PAGE_REDIRECTION'', 18 );
+ define( ''ERROR_INVALID_REQUEST_METHOD'', 19 );
# ERROR_CONFIG_*
define( ''ERROR_CONFIG_OPT_NOT_FOUND'', 100 );
Index: mantisbt/manage_config_revert.php
==================================================================---
mantisbt/manage_config_revert.php (revision 5131)
+++ mantisbt/manage_config_revert.php (revision 5132)
@@ -25,6 +25,8 @@
$t_core_path = config_get( ''core_path'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project'', 0 );
Index: mantisbt/bug_report.php
==================================================================---
mantisbt/bug_report.php (revision 5131)
+++ mantisbt/bug_report.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -32,6 +32,8 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''custom_field_api.php'' );
+ helper_ensure_post();
+
access_ensure_project_level(
config_get(''report_bug_threshold'' ) );
$t_bug_data = new BugData;
Index: mantisbt/bug_update.php
==================================================================---
mantisbt/bug_update.php (revision 5131)
+++ mantisbt/bug_update.php (revision 5132)
@@ -20,11 +20,9 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Update bug data then redirect to the appropriate viewing page
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
@@ -32,8 +30,9 @@
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
require_once( $t_core_path.''custom_field_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$f_update_mode = gpc_get_bool( ''update_mode'', FALSE ); # set
if called from generic update page
$f_new_status = gpc_get_int( ''status'', bug_get_field(
$f_bug_id, ''status'' ) );
Index: mantisbt/bug_assign.php
==================================================================---
mantisbt/bug_assign.php (revision 5131)
+++ mantisbt/bug_assign.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,18 +20,16 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Assign bug to user then redirect to viewing page
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''bug_api.php'' );
-?>
-<?php
+ helper_ensure_post();
+
$f_bug_id = gpc_get_int( ''bug_id'' );
$t_bug = bug_get( $f_bug_id );
Index: mantisbt/bug_actiongroup.php
==================================================================---
mantisbt/bug_actiongroup.php (revision 5131)
+++ mantisbt/bug_actiongroup.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,19 +20,18 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# This page allows actions to be performed an an array of bugs
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''bug_api.php'' );
-?>
-<?php auth_ensure_user_authenticated() ?>
-<?php
+
+ helper_ensure_post();
+
+ auth_ensure_user_authenticated();
helper_begin_long_process();
$f_action = gpc_get_string( ''action'' );
Index: mantisbt/manage_user_proj_add.php
==================================================================---
mantisbt/manage_user_proj_add.php (revision 5131)
+++ mantisbt/manage_user_proj_add.php (revision 5132)
@@ -23,6 +23,8 @@
require_once( ''core.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_user_id = gpc_get_int( ''user_id'' );
Index: mantisbt/account_prefs_reset.php
==================================================================---
mantisbt/account_prefs_reset.php (revision 5131)
+++ mantisbt/account_prefs_reset.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -47,6 +47,8 @@
$f_redirect_url = gpc_get_string( ''redirect_url'',
''account_prefs_page.php'' );
#============ Permissions ===========+ helper_ensure_post();
+
auth_ensure_user_authenticated();
user_ensure_unprotected( $f_user_id );
Index: mantisbt/tag_delete.php
==================================================================---
mantisbt/tag_delete.php (revision 5131)
+++ mantisbt/tag_delete.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path . ''tag_api.php'' );
+ helper_ensure_post();
+
access_ensure_global_level( config_get( ''tag_edit_threshold''
) );
$f_tag_id = gpc_get_int( ''tag_id'' );
Index: mantisbt/manage_proj_subproj_add.php
==================================================================---
mantisbt/manage_proj_subproj_add.php (revision 5131)
+++ mantisbt/manage_proj_subproj_add.php (revision 5132)
@@ -25,6 +25,8 @@
$t_core_path = config_get( ''core_path'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/bug_set_sponsorship.php
==================================================================---
mantisbt/bug_set_sponsorship.php (revision 5131)
+++ mantisbt/bug_set_sponsorship.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,14 +20,15 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path . ''sponsorship_api.php'' );
+ helper_ensure_post();
+
if ( config_get( ''enable_sponsorship'' ) == OFF ) {
trigger_error( ERROR_SPONSORSHIP_NOT_ENABLED, ERROR );
}
Index: mantisbt/adm_config_set.php
==================================================================---
mantisbt/adm_config_set.php (revision 5131)
+++ mantisbt/adm_config_set.php (revision 5132)
@@ -26,6 +26,7 @@
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
+ helper_ensure_post();
$f_user_id = gpc_get_int( ''user_id'' );
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/proj_doc_update.php
==================================================================---
mantisbt/proj_doc_update.php (revision 5131)
+++ mantisbt/proj_doc_update.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''file_api.php'' );
+ helper_ensure_post();
+
# Check if project documentation feature is enabled.
if ( OFF == config_get( ''enable_project_documentation'' ) ||
!file_is_uploading_enabled() ||
Index: mantisbt/account_prof_delete.php
==================================================================---
mantisbt/account_prof_delete.php (revision 5131)
+++ mantisbt/account_prof_delete.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,24 +20,22 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# The specified profile is deleted and the user is redirected to
# account_prof_menu_page.php3
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''profile_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
-?>
-<?php
+
$f_profile_id = gpc_get_int( ''profile_id'' );
if ( profile_is_global( $f_profile_id ) ) {
Index: mantisbt/manage_proj_create.php
==================================================================---
mantisbt/manage_proj_create.php (revision 5131)
+++ mantisbt/manage_proj_create.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''project_hierarchy_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
access_ensure_global_level( config_get(
''create_project_threshold'' ) );
Index: mantisbt/manage_config_work_threshold_set.php
==================================================================---
mantisbt/manage_config_work_threshold_set.php (revision 5131)
+++ mantisbt/manage_config_work_threshold_set.php (revision 5132)
@@ -26,6 +26,8 @@
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''email_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$t_redirect_url = ''manage_config_work_threshold_page.php'';
Index: mantisbt/bugnote_set_view_state.php
==================================================================---
mantisbt/bugnote_set_view_state.php (revision 5131)
+++ mantisbt/bugnote_set_view_state.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,19 +20,18 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Set an existing bugnote private or public.
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''bug_api.php'' );
require_once( $t_core_path.''bugnote_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_bugnote_id = gpc_get_int( ''bugnote_id'' );
$f_private = gpc_get_bool( ''private'' );
Index: mantisbt/manage_proj_subproj_delete.php
==================================================================---
mantisbt/manage_proj_subproj_delete.php (revision 5131)
+++ mantisbt/manage_proj_subproj_delete.php (revision 5132)
@@ -25,6 +25,8 @@
$t_core_path = config_get( ''core_path'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );
Index: mantisbt/manage_config_columns_reset.php
==================================================================---
mantisbt/manage_config_columns_reset.php (revision 5131)
+++ mantisbt/manage_config_columns_reset.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -27,6 +27,8 @@
require_once( $t_core_path . ''config_api.php'' );
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
auth_reauthenticate();
Index: mantisbt/set_project.php
==================================================================---
mantisbt/set_project.php (revision 5131)
+++ mantisbt/set_project.php (revision 5132)
@@ -20,15 +20,15 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''current_user_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
$f_project_id = gpc_get_string( ''project_id'' );
$f_make_default = gpc_get_bool ( ''make_default'' );
$f_ref = gpc_get_string( ''ref'', '''' );
Index: mantisbt/account_prof_make_default.php
==================================================================---
mantisbt/account_prof_make_default.php (revision 5131)
+++ mantisbt/account_prof_make_default.php (revision 5132)
@@ -2,7 +2,7 @@
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito at 300baud.org
-# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev at
lists.sourceforge.net
+# Copyright (C) 2002 - 2008 Mantis Team - mantisbt-dev at
lists.sourceforge.net
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,24 +20,22 @@
# --------------------------------------------------------
# $Id$
# --------------------------------------------------------
-?>
-<?php
+
# Make the specified profile the default
# Redirect to account_prof_menu_page.php
-?>
-<?php
+
require_once( ''core.php'' );
$t_core_path = config_get( ''core_path'' );
require_once( $t_core_path.''current_user_api.php'' );
-?>
-<?php
+
+ helper_ensure_post();
+
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
-?>
-<?php
+
$f_profile_id = gpc_get_int( ''profile_id'' );
current_user_set_pref( ''default_profile'', $f_profile_id );
Index: mantisbt/manage_proj_ver_copy.php
==================================================================---
mantisbt/manage_proj_ver_copy.php (revision 5131)
+++ mantisbt/manage_proj_ver_copy.php (revision 5132)
@@ -27,6 +27,8 @@
require_once( $t_core_path.''version_api.php'' );
+ helper_ensure_post();
+
auth_reauthenticate();
$f_project_id = gpc_get_int( ''project_id'' );