sanitize params

author: nachoparker <nacho@ownyourbits.com> 2019-01-05 01:22:56 +0300
committer: nachoparker <nacho@ownyourbits.com> 2019-01-05 04:14:53 +0300
commit: c842e00399cb298667fe177dbab825e17b4b21a0 (patch)
tree: 55a80c3a09b9c4151fad10966d301b314dbec37d /ncp-web
parent: 7dd482893854079cbaf62671166a75330e3141dd (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/ncp-web/ncp-launcher.php b/ncp-web/ncp-launcher.php
index 8590b066..6f103f6b 100644
--- a/ncp-web/ncp-launcher.php
+++ b/ncp-web/ncp-launcher.php
@@ -58,7 +58,15 @@ if ( $_POST['action'] == "launch" && $_POST['config'] )
       or exit('{ "output": "Invalid request" }');
 
     foreach ($cfg['params'] as $index => $param)
-      $cfg['params'][$index]['value'] = $new_params[$cfg['params'][$index]['id']];
+    {
+      // sanitize
+      $val = trim(escapeshellarg($new_params[$cfg['params'][$index]['id']]),"'");
+      preg_match( '/ /' , $val , $matches )
+        and exit( '{ "output": "Invalid parameters" , "token": "' . getCSRFToken() . '" }' );
+
+      // save
+      $cfg['params'][$index]['value'] = $val;
+    }
 
     $cfg_str = json_encode($cfg)
       or exit('{ "output": "' . $ncp_app . ' internal error" }');
author	nachoparker <nacho@ownyourbits.com>	2019-01-05 01:22:56 +0300
committer	nachoparker <nacho@ownyourbits.com>	2019-01-05 04:14:53 +0300
commit	c842e00399cb298667fe177dbab825e17b4b21a0 (patch)
tree	55a80c3a09b9c4151fad10966d301b314dbec37d /ncp-web
parent	7dd482893854079cbaf62671166a75330e3141dd (diff)