Mixed CSRF checks

jaapmarcus · jaapmarcus · commit e0ace97cb567 · 2021-09-29T09:56:23.000+02:00
diff --git a/web/bulk/web/index.php b/web/bulk/web/index.php
@@ -1,16 +1,14 @@
 <?php
+
 // Init
-error_reporting(NULL);
+error_reporting(null);
 ob_start();
 session_start();
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check token
-if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
-    header('location: /login/');
-    exit();
-}
+verify_csrf($_POST);
 
 $domain = $_POST['domain'];
 $action = $_POST['action'];
@@ -37,15 +35,15 @@
 
 foreach ($domain as $value) {
     $value = escapeshellarg($value);
-    exec (HESTIA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
+    exec(HESTIA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
     $restart='yes';
 }
 
 if (isset($restart)) {
-    exec (HESTIA_CMD."v-restart-web", $output, $return_var);
-    exec (HESTIA_CMD."v-restart-proxy", $output, $return_var);
-    exec (HESTIA_CMD."v-restart-dns", $output, $return_var);
-    exec (HESTIA_CMD."v-restart-web-backend", $output, $return_var);
+    exec(HESTIA_CMD."v-restart-web", $output, $return_var);
+    exec(HESTIA_CMD."v-restart-proxy", $output, $return_var);
+    exec(HESTIA_CMD."v-restart-dns", $output, $return_var);
+    exec(HESTIA_CMD."v-restart-web-backend", $output, $return_var);
 }
 
 header("Location: /list/web/");
diff --git a/web/edit/dns/index.php b/web/edit/dns/index.php
@@ -150,10 +150,7 @@
 if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['record_id']))) {
 
     // Check token
-    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
-        header('location: /login/');
-        exit();
-    }
+    verify_csrf($_POST);
 
     // Protect input
     $v_domain = escapeshellarg($_POST['v_domain']);
diff --git a/web/edit/user/index.php b/web/edit/user/index.php
@@ -29,11 +29,8 @@
     exit;
 }
 
-// Ensure token is passed before loading page
-if ((!$_GET['token']) || ($_SESSION['token'] != $_GET['token'])) {
-    header('location: /login/');
-    exit();
-}
+// Check token
+verify_csrf($_GET);
 
 // List user
 exec(HESTIA_CMD."v-list-user ".escapeshellarg($v_username)." json", $output, $return_var);
@@ -111,10 +108,6 @@
 $php_versions = json_decode(implode('', $output), true);
 unset($output);
 
-
-
-// Are you admin?
-
 // Check POST request
 if (!empty($_POST['save'])) {
 
diff --git a/web/list/log/index.php b/web/list/log/index.php
@@ -1,5 +1,6 @@
 <?php
-error_reporting(NULL);
+
+error_reporting(null);
 if ($_GET['user'] === 'system') {
     $TAB = 'SERVER';
 } else {
@@ -18,14 +19,11 @@
 // Data
 if (($_SESSION['userContext'] === "admin") && (!empty($_GET['user']))) {
     // Check token
-    if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
-        header('location: /login/');
-        exit();
-    }
+    verify_csrf($_GET);
     $user=escapeshellarg($_GET['user']);
 }
 
-exec (HESTIA_CMD."v-list-user-log $user json", $output, $return_var);
+exec(HESTIA_CMD."v-list-user-log $user json", $output, $return_var);
 check_error($return_var);
 $data = json_decode(implode('', $output), true);
 $data = array_reverse($data);
