diff options
| author | Thomas Steur <tsteur@users.noreply.github.com> | 2019-01-28 03:24:02 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-28 03:24:02 +0300 |
| commit | 0cdfff7d3d33415dc303ba9e4a2adf41cc3fb230 (patch) | |
| tree | d0e609b5be4e20d0cc6359e7f08a2d21026af6a6 /plugins | |
| parent | 60adbbc9f65c4bb1f6228e508bd23f2937310788 (diff) | |
Make sure to compare password with unsanitized password (#14033)
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/Login/Controller.php | 3 | ||||
| -rw-r--r-- | plugins/UsersManager/API.php | 2 | ||||
| -rw-r--r-- | plugins/UsersManager/Controller.php | 2 |
3 files changed, 6 insertions, 1 deletions
diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php index 2d820d5e9f..1f2fa7d68d 100644 --- a/plugins/Login/Controller.php +++ b/plugins/Login/Controller.php @@ -201,6 +201,9 @@ class Controller extends \Piwik\Plugin\ControllerAdmin if (!empty($_POST)) { $nonce = Common::getRequestVar('nonce', null, 'string', $_POST); $password = Common::getRequestVar('password', null, 'string', $_POST); + if ($password) { + $password = Common::unsanitizeInputValue($password); + } if (!Nonce::verifyNonce($nonceKey, $nonce)) { $messageNoAccess = $this->getMessageExceptionNoAccess(); } elseif ($this->passwordVerify->isPasswordCorrect(Piwik::getCurrentUserLogin(), $password)) { diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php index a3680c4d05..be3ea0d103 100644 --- a/plugins/UsersManager/API.php +++ b/plugins/UsersManager/API.php @@ -901,6 +901,8 @@ class API extends \Piwik\Plugin\API throw new Exception(Piwik::translate('UsersManager_ConfirmWithPassword')); } + $passwordConfirmation = Common::unsanitizeInputValue($passwordConfirmation); + $loginCurrentUser = Piwik::getCurrentUserLogin(); if (!$this->passwordVerifier->isPasswordCorrect($loginCurrentUser, $passwordConfirmation)) { throw new Exception(Piwik::translate('UsersManager_CurrentPasswordNotCorrect')); diff --git a/plugins/UsersManager/Controller.php b/plugins/UsersManager/Controller.php index 183d9f4a78..439e4cb6e5 100644 --- a/plugins/UsersManager/Controller.php +++ b/plugins/UsersManager/Controller.php @@ -435,7 +435,7 @@ class Controller extends ControllerAdmin if ($newPassword !== false && !Url::isValidHost()) { throw new Exception("Cannot change password or email with untrusted hostname!"); } - + // UI disables password change on invalid host, but check here anyway Request::processRequest('UsersManager.updateUser', [ 'userLogin' => $userLogin, |