Changeset 704 for trunk/phpbms/modules/base/myaccount.php

Timestamp:

01/01/10 23:10:02 (2 years ago)

Author:

brieb

Message:

• Fixed several SQL injection vulnerabilities
• Fixed several XSS vulnerabilities due to PHP_SELF and REQUREST_URI
• Fixed severa path disclosure errors

Files:

• trunk/phpbms/modules/base/myaccount.php (modified) (6 diffs)

trunk/phpbms/modules/base/myaccount.php

@@ -1 @@
-<?php 
+<?php
 /*
  $Rev: 186 $ | $LastChangedBy: brieb $
@@ -43 +43 @@
 require_once("include/myaccount.php");
 
+$user = new myAccount($db, $_SESSION["userinfo"]["uuid"]);
+
+if(isset($_POST["command"])){
+
+    switch($_POST["command"]){
+
+        case "Change Password":
+
+            if($_POST["newPass"] === $_POST["confirmPass"])
+                $statusmessage = $user->changePassword($_POST["curPass"], $_POST["newPass"]);
+            else
+                $statusmessage = "New password not confirmed";
+            break;
+
+        case "Update Contact":
+
+            $statusmessage = $user->update($_POST);
+            break;
+
+    }//endswitch
+
+}//endif
+
 $pageTitle="My Account";
 
@@ -57 +80 @@
                 $theinput = new inputField("phone",$_SESSION["userinfo"]["phone"],"phone/extension",false,"phone",32,64);
                 $theform->addField($theinput);
-                                
+
                 $theform->jsMerge();
                 //==============================================================
-                //End Form Elements     
-        
+                //End Form Elements
+
         include("header.php");
 ?><div class="bodyline">
-        <form action="<?php echo $_SERVER["PHP_SELF"]?>" method="post" name="record" id="record" onsubmit="return false">
+        <form action="<?php echo htmlentities($_SERVER["PHP_SELF"])?>" method="post" name="record" id="record" onsubmit="return false">
         <input type="hidden" id="command" name="command" value=""/>
-        
+
         <h1><span><?php echo $pageTitle ?></span></h1>
 
@@ -73 +96 @@
                 <p id="nameP"><?php echo htmlQuotes($_SESSION["userinfo"]["firstname"]." ".$_SESSION["userinfo"]["lastname"])?></p>
         </fieldset>
-        
+
         <fieldset>
                 <legend>Change Password</legend>
@@ -80 +103 @@
                         <input type="password" id="curPass" name="curPass" maxlength="32"/>
                 </p>
-                
+
                 <p>
                         <label for="newPass">new password</label><br />
@@ -93 +116 @@
                 <button type="button" class="Buttons" onclick="changePass()">Change Password</button>
         </p>
-        
+
         <fieldset>
                 <legend>Contact Information</legend>
 
                         <p><?php $theform->showField("email")?></p>
-                        
+
                         <p><?php $theform->showField("phone")?></p>
 
         </fieldset>
         <p><button type="button" class="Buttons" onclick="changeContact()">Update Contact Information</button></p>
-        
+
         <fieldset>
                 <legend>Access / Assigned Roles</legend>
                 <ul>
-                <?php 
+                <?php
                         if($_SESSION["userinfo"]["admin"]) {?><li><strong>Administrator</strong></li><?php }
-                        displayRoles($db)
+                        $user->displayRoles();
                 ?></ul>
         </fieldset>