diff options
author | Erik Dubbelboer <erik@dubbelboer.com> | 2021-08-26 21:19:02 +0300 |
---|---|---|
committer | Erik Dubbelboer <erik@dubbelboer.com> | 2021-08-26 21:19:02 +0300 |
commit | b9039adbb264c81333328faa9575ecf8e0d2be94 (patch) | |
tree | 1e618954382f0d696a5257ee8c8861b5b0a7e72d | |
parent | 51c5425d3bf6e96b4820fb23e3a50a26f0d78290 (diff) |
Prevent Cross-Site Request Forgery
-rw-r--r-- | edit.php | 1 | ||||
-rw-r--r-- | export.php | 1 | ||||
-rw-r--r-- | import.php | 1 | ||||
-rw-r--r-- | includes/common.inc.php | 18 | ||||
-rw-r--r-- | login.php | 1 | ||||
-rw-r--r-- | rename.php | 1 | ||||
-rw-r--r-- | ttl.php | 1 |
7 files changed, 24 insertions, 0 deletions
@@ -145,6 +145,7 @@ require 'includes/header.inc.php'; ?> <h2><?php echo $edit ? 'Edit' : 'Add'?></h2> <form action="<?php echo format_html(getRelativePath('edit.php'))?>" method="post"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <p> <label for="type">Type:</label> @@ -187,6 +187,7 @@ require 'includes/header.inc.php'; <h2>Export <?php echo isset($_GET['key']) ? format_html($_GET['key']) : ''?></h2> <form action="<?php echo format_html(getRelativePath('export.php'))?>" method="post"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <p> <label for="type">Type:</label> @@ -92,6 +92,7 @@ require 'includes/header.inc.php'; ?> <h2>Import</h2> <form action="<?php echo format_html(getRelativePath('import.php'))?>" method="post"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <p> <label for="commands">Commands:<br> diff --git a/includes/common.inc.php b/includes/common.inc.php index 85dfe76..cfa5059 100644 --- a/includes/common.inc.php +++ b/includes/common.inc.php @@ -4,6 +4,24 @@ require dirname(__FILE__) . '/../vendor/autoload.php'; define('PHPREDIS_ADMIN_PATH', dirname(__DIR__)); +if (session_status() !== PHP_SESSION_DISABLED) { + session_start(); + + if (isset($_SESSION['phpredisadmin_csrf'])) { + $csrfToken = $_SESSION['phpredisadmin_csrf']; + } else { + $csrfToken = bin2hex(random_bytes(16)); + $_SESSION['phpredisadmin_csrf'] = $csrfToken; + } +} else { + $csrfToken = 'nosession'; +} + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + if ($_POST['csrf'] !== $csrfToken) { + die('bad csrf token'); + } +} // These includes are needed by each script. @@ -13,6 +13,7 @@ require 'includes/header.inc.php'; <h1 class="logo">phpRedisAdmin</h1> <form class="form-signin" method="post" action="login.php"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <h2 class="form-signin-heading">Please log in</h2> <?php if (isset($_POST['username']) || isset($_POST['password'])): ?> @@ -36,6 +36,7 @@ require 'includes/header.inc.php'; ?> <h2>Edit Name of <?php echo format_html($_GET['key'])?></h2> <form action="<?php echo format_html(getRelativePath('rename.php'))?>" method="post"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <input type="hidden" name="old" value="<?php echo format_html($_GET['key'])?>"> @@ -27,6 +27,7 @@ require 'includes/header.inc.php'; ?> <h2>Edit TTL</h2> <form action="<?php echo format_html(getRelativePath('ttl.php'))?>" method="post"> +<input type="hidden" name="csrf" value="<?php echo $csrfToken; ?>" /> <p> <label for="key">Key:</label> |