security audit fixes: task ID 12, 16: add XSS sanitizing for FAQ search, site search, CRM requests
This commit is contained in:
merelendor
parent
0e3fe5fd8a
commit
d8e78722e2
@ -10,7 +10,7 @@ use \Bitrix\Main\Context,
|
|||||||
\Bitrix\Main\Loader,
|
\Bitrix\Main\Loader,
|
||||||
\Bitrix\Iblock;
|
\Bitrix\Iblock;
|
||||||
|
|
||||||
|
$sanitizer = new CBXSanitizer;
|
||||||
$httpClient = new \Bitrix\Main\Web\HttpClient();
|
$httpClient = new \Bitrix\Main\Web\HttpClient();
|
||||||
|
|
||||||
$PARAM_1 = isset($_REQUEST["PARAM_1"]) ? $_REQUEST["PARAM_1"] : null;
|
$PARAM_1 = isset($_REQUEST["PARAM_1"]) ? $_REQUEST["PARAM_1"] : null;
|
||||||
@ -3208,10 +3208,10 @@ switch($PARAM_1)
|
|||||||
case "calculation":
|
case "calculation":
|
||||||
{
|
{
|
||||||
$payload = json_encode([
|
$payload = json_encode([
|
||||||
"car_price" => $REQ['car_price'],
|
"car_price" => sanitize_string($REQ['car_price'], false, false, true),
|
||||||
"initial_payment" => $REQ['initial_payment'],
|
"initial_payment" => sanitize_string($REQ['initial_payment'], false, false, true),
|
||||||
"lease_period" => $REQ['lease_period'],
|
"lease_period" => sanitize_string($REQ['lease_period'], false, false, true),
|
||||||
"redemption_payment" => $REQ['redemption_payment'],
|
"redemption_payment" => sanitize_string($REQ['redemption_payment'], false, false, true),
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$c = curl_init();
|
$c = curl_init();
|
||||||
@ -3237,7 +3237,7 @@ switch($PARAM_1)
|
|||||||
case "vizitka":
|
case "vizitka":
|
||||||
{
|
{
|
||||||
$c = curl_init();
|
$c = curl_init();
|
||||||
curl_setopt($c, CURLOPT_URL, API_HOST."/site/GetUserBusinessCard/?guid=".$_REQUEST['guid']);
|
curl_setopt($c, CURLOPT_URL, API_HOST."/site/GetUserBusinessCard/?guid=".sanitize_string($REQ['guid'], false, false, true));
|
||||||
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30);
|
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30);
|
||||||
curl_setopt($c, CURLOPT_TIMEOUT, 30);
|
curl_setopt($c, CURLOPT_TIMEOUT, 30);
|
||||||
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
|
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
|
||||||
@ -3257,13 +3257,13 @@ switch($PARAM_1)
|
|||||||
case "preapproval":
|
case "preapproval":
|
||||||
{
|
{
|
||||||
$payload = [
|
$payload = [
|
||||||
"inn" => $_REQUEST['vat'],
|
"inn" => sanitize_string($REQ['vat'], false, false, true),
|
||||||
];
|
];
|
||||||
|
|
||||||
$payload_json = json_encode($payload);
|
$payload_json = json_encode($payload);
|
||||||
|
|
||||||
$c = curl_init();
|
$c = curl_init();
|
||||||
curl_setopt($c, CURLOPT_URL, API_HOST."/site/FindClientInDatabase?inn=".$_REQUEST['vat']);
|
curl_setopt($c, CURLOPT_URL, API_HOST."/site/FindClientInDatabase?inn=".sanitize_string($REQ['vat'], false, false, true));
|
||||||
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30);
|
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30);
|
||||||
curl_setopt($c, CURLOPT_TIMEOUT, 30);
|
curl_setopt($c, CURLOPT_TIMEOUT, 30);
|
||||||
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
|
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
|
||||||
|
|||||||
@ -231,7 +231,10 @@ function zerof_request($path, $query, $timeout = 900)
|
|||||||
$check_file = file_get_contents($_SERVER['DOCUMENT_ROOT']."/zerof-500.txt");
|
$check_file = file_get_contents($_SERVER['DOCUMENT_ROOT']."/zerof-500.txt");
|
||||||
if(strpos($check_file, $check) < 0)
|
if(strpos($check_file, $check) < 0)
|
||||||
{
|
{
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/zerof-500.txt", $path."\n".var_export($query, true)."\n".$http_code." | ".$response."\n\n");
|
if(DEBUG_ZEROF_CYCLE)
|
||||||
|
{
|
||||||
|
file_put_contents($_SERVER['DOCUMENT_ROOT']."/zerof-500.txt", $path."\n".var_export($query, true)."\n".$http_code." | ".$response."\n\n");
|
||||||
|
}
|
||||||
print "response with error logged\n";
|
print "response with error logged\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -476,7 +479,10 @@ function OnBeforeIBlockElementAddHandler(&$arFields)
|
|||||||
|
|
||||||
if(isset($properties['ADVERTISING']))
|
if(isset($properties['ADVERTISING']))
|
||||||
{
|
{
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_add_before_adv_".$arFields['IBLOCK_ID'].".txt", var_export([ "CODE" => $arFields['CODE'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
if(DEBUG_IBLOCK_CYCLE)
|
||||||
|
{
|
||||||
|
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_add_before_adv_".$arFields['IBLOCK_ID'].".txt", var_export([ "CODE" => $arFields['CODE'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
||||||
|
}
|
||||||
|
|
||||||
if(!is_null($arFields['PROPERTY_VALUES']['ADVERTISING']))
|
if(!is_null($arFields['PROPERTY_VALUES']['ADVERTISING']))
|
||||||
{
|
{
|
||||||
@ -612,12 +618,18 @@ function OnBeforeIBlockElementUpdateHandler(&$arFields)
|
|||||||
|
|
||||||
if(isset($properties['ADVERTISING']))
|
if(isset($properties['ADVERTISING']))
|
||||||
{
|
{
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_1.txt", var_export([ "ID" => $arFields['ID'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
if(DEBUG_ADV_CYCLE)
|
||||||
|
{
|
||||||
|
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_1.txt", var_export([ "ID" => $arFields['ID'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
||||||
|
}
|
||||||
|
|
||||||
if(is_array($arFields['PROPERTY_VALUES'][$properties['ADVERTISING']]))
|
if(is_array($arFields['PROPERTY_VALUES'][$properties['ADVERTISING']]))
|
||||||
{
|
{
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_2.txt", var_export([ "ID" => $arFields['ID'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
if(DEBUG_ADV_CYCLE)
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_values_on_update.txt", var_export($arFields, true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
{
|
||||||
|
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_2.txt", var_export([ "ID" => $arFields['ID'], ], true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
||||||
|
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_adv_values_on_update.txt", var_export($arFields, true)."\n\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
||||||
|
}
|
||||||
|
|
||||||
if($arFields['PROPERTY_VALUES'][$properties['ADVERTISING_ERIR']][array_keys($arFields['PROPERTY_VALUES'][$properties['ADVERTISING_ERIR']])[0]]['VALUE'] === "")
|
if($arFields['PROPERTY_VALUES'][$properties['ADVERTISING_ERIR']][array_keys($arFields['PROPERTY_VALUES'][$properties['ADVERTISING_ERIR']])[0]]['VALUE'] === "")
|
||||||
{
|
{
|
||||||
@ -728,12 +740,6 @@ function OnBeforeIBlockElement($arFields)
|
|||||||
if(count($code_matches) == 0)
|
if(count($code_matches) == 0)
|
||||||
{
|
{
|
||||||
$arFields["BODY"] .= " ".$code;
|
$arFields["BODY"] .= " ".$code;
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_index_".$arFields['PARAM2'].".txt", "CODE = ".$code." INDEX\n", FILE_APPEND);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_index_".$arFields['PARAM2'].".txt", "CODE = ".$code." EXISTS\n", FILE_APPEND);
|
|
||||||
file_put_contents($_SERVER['DOCUMENT_ROOT']."/element_index_".$arFields['PARAM2']."_dump.txt", $arFields["BODY"]."\n".str_repeat("-", 150)."\n\n", FILE_APPEND);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -742,4 +748,9 @@ function OnBeforeIBlockElement($arFields)
|
|||||||
return $arFields;
|
return $arFields;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function sanitize_string($str, $punctuation = false, $space = false, $replace = false)
|
||||||
|
{
|
||||||
|
return preg_replace("/[^\d". ($space ? "\s" : "") ."\.\_\-@". ($punctuation ? "\"'=+,;«»()&!?%" : "") ."\p{Latin}\p{Cyrillic}]/ui", $replace ? " " : "", $str);
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
@ -19,10 +19,14 @@ if($this->StartResultCache(60*60*24, md5(var_export($_POST, true))))
|
|||||||
{
|
{
|
||||||
if(CModule::IncludeModule('iblock'))
|
if(CModule::IncludeModule('iblock'))
|
||||||
{
|
{
|
||||||
|
$sanitizer = new CBXSanitizer;
|
||||||
|
|
||||||
$arResult = [
|
$arResult = [
|
||||||
'SECTIONS' => [],
|
'SECTIONS' => [],
|
||||||
];
|
];
|
||||||
$arResult['SEARCH'] = $_REQUEST['search'];
|
|
||||||
|
$query = sanitize_string($sanitizer->SanitizeHtml($_REQUEST['search']), true, true, true);
|
||||||
|
$arResult['SEARCH'] = $query;
|
||||||
|
|
||||||
$sort = Array("SORT" => "ASC", "NAME" => "ASC");
|
$sort = Array("SORT" => "ASC", "NAME" => "ASC");
|
||||||
$filter = Array("ACTIVE" => "Y", "IBLOCK_ID" => 19);
|
$filter = Array("ACTIVE" => "Y", "IBLOCK_ID" => 19);
|
||||||
@ -33,9 +37,9 @@ if($this->StartResultCache(60*60*24, md5(var_export($_POST, true))))
|
|||||||
{
|
{
|
||||||
$section['ITEMS'] = [];
|
$section['ITEMS'] = [];
|
||||||
$filter = array_merge($filter, [ "SECTION_ID" => $section['ID'] ]);
|
$filter = array_merge($filter, [ "SECTION_ID" => $section['ID'] ]);
|
||||||
if(!empty($_REQUEST['search']))
|
if(!empty($query))
|
||||||
{
|
{
|
||||||
$filter = array_merge($filter, [ "SEARCHABLE_CONTENT" => "%".$_REQUEST['search']."%" ]);
|
$filter = array_merge($filter, [ "SEARCHABLE_CONTENT" => "%".$query."%" ]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$res = CIBlockElement::GetList($sort, $filter, false, $options);
|
$res = CIBlockElement::GetList($sort, $filter, false, $options);
|
||||||
|
|||||||
@ -12,6 +12,7 @@ $APPLICATION->SetTitle("Поиск");
|
|||||||
<div class="pageWithSide">
|
<div class="pageWithSide">
|
||||||
<div class="leftColumn">
|
<div class="leftColumn">
|
||||||
<?
|
<?
|
||||||
|
$_REQUEST['q'] = sanitize_string($_REQUEST['q'], true, true, true);
|
||||||
$APPLICATION->IncludeComponent("bitrix:search.page", "evolution", Array(
|
$APPLICATION->IncludeComponent("bitrix:search.page", "evolution", Array(
|
||||||
"TAGS_SORT" => "NAME",
|
"TAGS_SORT" => "NAME",
|
||||||
"TAGS_PAGE_ELEMENTS" => "150",
|
"TAGS_PAGE_ELEMENTS" => "150",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user