This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | //------------------------------------------------------------------------------ |
||
4 | // |
||
5 | // eTraxis - Records tracking web-based system |
||
6 | // Copyright (C) 2011 Artem Rodygin |
||
7 | // |
||
8 | // This program is free software: you can redistribute it and/or modify |
||
9 | // it under the terms of the GNU General Public License as published by |
||
10 | // the Free Software Foundation, either version 3 of the License, or |
||
11 | // (at your option) any later version. |
||
12 | // |
||
13 | // This program is distributed in the hope that it will be useful, |
||
14 | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
15 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
16 | // GNU General Public License for more details. |
||
17 | // |
||
18 | // You should have received a copy of the GNU General Public License |
||
19 | // along with this program. If not, see <http://www.gnu.org/licenses/>. |
||
20 | // |
||
21 | //------------------------------------------------------------------------------ |
||
22 | |||
23 | /** |
||
24 | * @package eTraxis |
||
25 | * @ignore |
||
26 | */ |
||
27 | |||
28 | /**#@+ |
||
29 | * Dependency. |
||
30 | */ |
||
31 | require_once('../engine/engine.php'); |
||
32 | require_once('../dbo/accounts.php'); |
||
33 | require_once('../dbo/events.php'); |
||
34 | require_once('../dbo/records.php'); |
||
35 | require_once('../dbo/values.php'); |
||
36 | /**#@-*/ |
||
37 | |||
38 | // log user in via HTTP Basic Authentication |
||
39 | |||
40 | @session_start(); |
||
0 ignored issues
–
show
|
|||
41 | |||
42 | if (isset($_SERVER['PHP_AUTH_USER'])) |
||
43 | { |
||
44 | if (login_user($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) != NO_ERROR) |
||
45 | { |
||
46 | header('HTTP/1.0 401 Unauthorized'); |
||
47 | exit; |
||
48 | } |
||
49 | } |
||
50 | |||
51 | init_page(LOAD_RSS); |
||
52 | |||
53 | // check that requested record exists |
||
54 | |||
55 | $id = ustr2int(try_request('id')); |
||
56 | $record = record_find($id); |
||
57 | |||
58 | if (!$record) |
||
59 | { |
||
60 | debug_write_log(DEBUG_NOTICE, 'Record cannot be found.'); |
||
61 | header('HTTP/1.0 404 Not Found'); |
||
62 | exit; |
||
63 | } |
||
64 | |||
65 | // get current user's permissions and verify them |
||
66 | |||
67 | $permissions = record_get_permissions($record['template_id'], $record['creator_id'], $record['responsible_id']); |
||
68 | |||
69 | if (!can_record_be_displayed($permissions)) |
||
70 | { |
||
71 | debug_write_log(DEBUG_NOTICE, 'Record cannot be displayed.'); |
||
72 | header('HTTP/1.0 403 Forbidden'); |
||
73 | exit; |
||
74 | } |
||
75 | |||
76 | // generate RSS feed |
||
77 | |||
78 | global $locale_info; |
||
79 | |||
80 | $feed_link = WEBROOT . 'records/view.php?id=' . $id; |
||
81 | $language = $locale_info[$_SESSION[VAR_LOCALE]][LOCALE_CODE]; |
||
82 | $record_id = record_id($record['record_id'], $record['template_prefix']); |
||
83 | |||
84 | $description = '<table border="0" cellspacing="0" cellpadding="5">' |
||
85 | . '<tr valign="top">' |
||
86 | . '<td><b>' . get_html_resource(RES_SUBJECT_ID) . ':</b></td>' |
||
87 | . '<td>' . update_references($record['subject'], BBCODE_MINIMUM) . '</td>' |
||
88 | . '</tr>' |
||
89 | . '<tr valign="top">' |
||
90 | . '<td><b>' . get_html_resource(RES_PROJECT_ID) . ':</b></td>' |
||
91 | . '<td>' . ustr2html($record['project_name']) . '</td>' |
||
92 | . '</tr>' |
||
93 | . '<tr valign="top">' |
||
94 | . '<td><b>' . get_html_resource(RES_TEMPLATE_ID) . ':</b></td>' |
||
95 | . '<td>' . ustr2html($record['template_name']) . '</td>' |
||
96 | . '</tr>' |
||
97 | . '</table>'; |
||
98 | |||
99 | $rss = <<<RSS |
||
100 | <?xml version="1.0" encoding="UTF-8"?> |
||
101 | <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/"> |
||
102 | <channel> |
||
103 | <title>{$record_id}</title> |
||
104 | <link>{$feed_link}</link> |
||
105 | <description><![CDATA[{$description}]]></description> |
||
106 | <language>{$language}</language> |
||
107 | <ttl>120</ttl> |
||
108 | <atom:link href="{$feed_link}" rel="self" type="application/rss+xml" /> |
||
109 | RSS; |
||
110 | |||
111 | $responsible = FALSE; |
||
112 | |||
113 | $events = dal_query('records/elist2.sql', $id); |
||
114 | |||
115 | while (($event = $events->fetch())) |
||
116 | { |
||
117 | View Code Duplication | if ($event['event_type'] == EVENT_RECORD_ASSIGNED) |
|
118 | { |
||
119 | $responsible = account_find($event['event_param']); |
||
120 | } |
||
121 | elseif ($event['event_type'] == EVENT_RECORD_CREATED || |
||
122 | $event['event_type'] == EVENT_RECORD_STATE_CHANGED) |
||
123 | { |
||
124 | if ($event['responsible'] == STATE_RESPONSIBLE_REMOVE) |
||
125 | { |
||
126 | $responsible = FALSE; |
||
127 | } |
||
128 | elseif ($event['responsible'] == STATE_RESPONSIBLE_ASSIGN) |
||
129 | { |
||
130 | $responsible = account_find($events->fetch('event_param')); |
||
131 | } |
||
132 | } |
||
133 | |||
134 | $content_keys = array(get_html_resource(RES_ORIGINATOR_ID), |
||
135 | get_html_resource(RES_RESPONSIBLE_ID)); |
||
136 | |||
137 | $content_values = array(ustr2html(sprintf('%s (%s)', $event['fullname'], account_get_username($event['username']))), |
||
138 | $responsible ? ustr2html(sprintf('%s (%s)', $responsible['fullname'], account_get_username($responsible['username']))) |
||
139 | : get_html_resource(RES_NONE_ID)); |
||
140 | |||
141 | switch ($event['event_type']) |
||
142 | { |
||
143 | case EVENT_RECORD_CREATED: |
||
144 | case EVENT_RECORD_STATE_CHANGED: |
||
145 | case EVENT_RECORD_REOPENED: |
||
146 | |||
147 | $fields = dal_query('records/flist2.sql', |
||
148 | $id, |
||
149 | $event['event_id'], |
||
150 | $event['state_id'], |
||
151 | $record['creator_id'], |
||
152 | is_null($record['responsible_id']) ? 0 : $record['responsible_id'], |
||
153 | $_SESSION[VAR_USERID], |
||
154 | FIELD_ALLOW_TO_READ); |
||
155 | |||
156 | while (($field = $fields->fetch())) |
||
157 | { |
||
158 | $value = value_find($field['field_type'], $field['value_id']); |
||
159 | |||
160 | if ($field['field_type'] == FIELD_TYPE_CHECKBOX) |
||
161 | { |
||
162 | $value = get_html_resource($value ? RES_YES_ID : RES_NO_ID); |
||
163 | } |
||
164 | elseif ($field['field_type'] == FIELD_TYPE_LIST) |
||
165 | { |
||
166 | $value = (is_null($value) ? NULL : value_find_listvalue($field['field_id'], $value)); |
||
167 | } |
||
168 | elseif ($field['field_type'] == FIELD_TYPE_RECORD) |
||
169 | { |
||
170 | $value = (is_null($value) ? NULL : 'rec#' . $value); |
||
171 | } |
||
172 | |||
173 | if (is_null($value)) |
||
174 | { |
||
175 | $value = get_html_resource(RES_NONE_ID); |
||
176 | } |
||
177 | else |
||
178 | { |
||
179 | $value = str_replace('%br;', '<br/>', update_references($value, BBCODE_ALL, $field['regex_search'], $field['regex_replace'])); |
||
180 | $value = mb_eregi_replace('%([A-Za-z]+);', '&\1;', $value); |
||
181 | $value = mb_eregi_replace('%(#[0-9]{1,4});', '&\1;', $value); |
||
182 | $value = mb_eregi_replace('%(#x[0-9A-Fa-f]{1,4});', '&\1;', $value); |
||
183 | } |
||
184 | |||
185 | array_push($content_keys, ustr2html($field['field_name'])); |
||
186 | array_push($content_values, $value); |
||
187 | } |
||
188 | |||
189 | break; |
||
190 | |||
191 | case EVENT_RECORD_MODIFIED: |
||
192 | |||
193 | $rs = dal_query('changes/list2.sql', |
||
194 | $event['event_id'], |
||
195 | $record['creator_id'], |
||
196 | is_null($record['responsible_id']) ? 0 : $record['responsible_id'], |
||
197 | $_SESSION[VAR_USERID]); |
||
198 | |||
199 | while (($row = $rs->fetch())) |
||
200 | { |
||
201 | $value = value_find($row['field_type'], $row['new_value_id']); |
||
202 | |||
203 | if ($row['field_type'] == FIELD_TYPE_CHECKBOX) |
||
204 | { |
||
205 | $value = get_html_resource($value ? RES_YES_ID : RES_NO_ID); |
||
206 | } |
||
207 | elseif ($row['field_type'] == FIELD_TYPE_LIST) |
||
208 | { |
||
209 | $value = (is_null($value) ? NULL : value_find_listvalue($row['field_id'], $value)); |
||
210 | } |
||
211 | elseif ($row['field_type'] == FIELD_TYPE_RECORD) |
||
212 | { |
||
213 | $value = (is_null($value) ? NULL : 'rec#' . $value); |
||
214 | } |
||
215 | elseif ($row['field_type'] == FIELD_TYPE_DATE) |
||
216 | { |
||
217 | $value = (is_null($value) ? NULL : get_date(ustr2date($value))); |
||
218 | } |
||
219 | |||
220 | if (!is_null($value)) |
||
221 | { |
||
222 | $value = str_replace('%br;', '<br/>', update_references($value)); |
||
223 | $value = mb_eregi_replace('%([A-Za-z]+);', '&\1;', $value); |
||
224 | $value = mb_eregi_replace('%(#[0-9]{1,4});', '&\1;', $value); |
||
225 | $value = mb_eregi_replace('%(#x[0-9A-Fa-f]{1,4});', '&\1;', $value); |
||
226 | } |
||
227 | |||
228 | array_push($content_keys, is_null($row['field_name']) ? get_html_resource(RES_SUBJECT_ID) : ustr2html($row['field_name'])); |
||
229 | array_push($content_values, is_null($value) ? get_html_resource(RES_NONE_ID) : $value); |
||
230 | } |
||
231 | |||
232 | break; |
||
233 | |||
234 | case EVENT_COMMENT_ADDED: |
||
235 | case EVENT_CONFIDENTIAL_COMMENT: |
||
236 | |||
237 | $comment = comment_find($event['event_id'], $permissions); |
||
238 | |||
239 | if (!$comment) |
||
240 | { |
||
241 | continue; |
||
242 | } |
||
243 | |||
244 | if ($comment['is_confidential']) |
||
245 | { |
||
246 | array_push($content_keys, NULL); |
||
247 | array_push($content_values, sprintf('<em>(%s)</em>', get_html_resource(RES_CONFIDENTIAL_ID))); |
||
248 | } |
||
249 | |||
250 | $value = str_replace('%br;', '<br/>', update_references($comment['comment_body'])); |
||
251 | $value = mb_eregi_replace('%([A-Za-z]+);', '&\1;', $value); |
||
252 | $value = mb_eregi_replace('%(#[0-9]{1,4});', '&\1;', $value); |
||
253 | $value = mb_eregi_replace('%(#x[0-9A-Fa-f]{1,4});', '&\1;', $value); |
||
254 | |||
255 | array_push($content_keys, NULL); |
||
256 | array_push($content_values, $value); |
||
257 | |||
258 | break; |
||
259 | |||
260 | case EVENT_FILE_ATTACHED: |
||
261 | case EVENT_FILE_REMOVED: |
||
262 | |||
263 | if ($event['event_type'] == EVENT_FILE_ATTACHED) |
||
264 | { |
||
265 | $rs = dal_query('attachs/fndk.sql', $event['event_id']); |
||
266 | } |
||
267 | elseif ($event['event_type'] == EVENT_FILE_REMOVED) |
||
268 | { |
||
269 | $rs = dal_query('attachs/fndid.sql', $event['event_param']); |
||
270 | } |
||
271 | |||
272 | if ($rs->rows != 0) |
||
273 | { |
||
274 | $attachment = $rs->fetch(); |
||
275 | |||
276 | array_push($content_keys, get_html_resource(RES_ATTACHMENT_NAME_ID)); |
||
277 | array_push($content_values, ustr2html($attachment['attachment_name'])); |
||
278 | |||
279 | array_push($content_keys, get_html_resource(RES_SIZE_ID)); |
||
280 | array_push($content_values, ustrprocess(get_html_resource(RES_KB_ID), sprintf('%01.2f', $attachment['attachment_size'] / 1024))); |
||
281 | } |
||
282 | |||
283 | break; |
||
284 | |||
285 | case EVENT_RECORD_CLONED: |
||
286 | case EVENT_SUBRECORD_ADDED: |
||
287 | case EVENT_SUBRECORD_REMOVED: |
||
288 | |||
289 | $record2 = record_find($event['event_param']); |
||
290 | |||
291 | if ($record2) |
||
292 | { |
||
293 | $permissions2 = record_get_permissions($record2['template_id'], $record2['creator_id'], $record2['responsible_id']); |
||
294 | |||
295 | if (can_record_be_displayed($permissions2)) |
||
296 | { |
||
297 | array_push($content_keys, record_id($record2['record_id'], $record2['template_prefix'])); |
||
298 | array_push($content_values, update_references($record2['subject'], BBCODE_MINIMUM)); |
||
299 | } |
||
300 | } |
||
301 | |||
302 | break; |
||
303 | |||
304 | case EVENT_RECORD_ASSIGNED: |
||
305 | case EVENT_RECORD_POSTPONED: |
||
306 | case EVENT_RECORD_RESUMED: |
||
307 | |||
308 | // nop |
||
309 | |||
310 | break; |
||
311 | |||
312 | default: |
||
313 | |||
314 | continue; |
||
315 | } |
||
316 | |||
317 | $guid = md5($event['event_id']); |
||
318 | $date = date(DATE_RFC2822, $event['event_time']); |
||
319 | $title = get_event_string($event['event_id'], $event['event_type'], $event['event_param']); |
||
320 | |||
321 | $content = '<table border="0" cellspacing="0" cellpadding="5">'; |
||
322 | |||
323 | foreach ($content_keys as $i => $key) |
||
324 | { |
||
325 | $content .= '<tr valign="top">'; |
||
326 | |||
327 | if (is_null($key)) |
||
328 | { |
||
329 | $content .= '<td colspan="2">' . $content_values[$i] . '</td>'; |
||
330 | } |
||
331 | else |
||
332 | { |
||
333 | $content .= '<td><b>' . $key . ':</b></td>'; |
||
334 | $content .= '<td>' . $content_values[$i] . '</td>'; |
||
335 | } |
||
336 | |||
337 | $content .= '</tr>'; |
||
338 | } |
||
339 | |||
340 | $content .= '</table>'; |
||
341 | |||
342 | $rss .= <<<RSS |
||
343 | <item> |
||
344 | <guid isPermaLink="false">{$guid}</guid> |
||
345 | <link>{$feed_link}</link> |
||
346 | <pubDate>{$date}</pubDate> |
||
347 | <title>{$title}</title> |
||
348 | <description><![CDATA[{$content}]]></description> |
||
349 | </item> |
||
350 | RSS; |
||
351 | } |
||
352 | |||
353 | $rss .= <<<RSS |
||
354 | </channel> |
||
355 | </rss> |
||
356 | RSS; |
||
357 | |||
358 | header('Content-Type: application/rss+xml; charset=UTF-8'); |
||
359 | echo($rss); |
||
360 | |||
361 | ?> |
||
362 |
If you suppress an error, we recommend checking for the error condition explicitly: