From 6c2a94cb4ec73ecbd148b74cbd6c82fb2e171715 Mon Sep 17 00:00:00 2001
From: tetragon <tetragon@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Mon, 2 Oct 2006 04:36:31 +0000
Subject: Adding file location checks to the template editor

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@175 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB/AM.pm   | 44 ++++++++++++++++++++++++++++----------------
 bin/mozilla/am.pl |  6 +++---
 2 files changed, 31 insertions(+), 19 deletions(-)

diff --git a/LedgerSMB/AM.pm b/LedgerSMB/AM.pm
index adae27b8..142111c1 100755
--- a/LedgerSMB/AM.pm
+++ b/LedgerSMB/AM.pm
@@ -1230,10 +1230,35 @@ sub update_recurring {
 }
 
 
+sub check_template_name {
+
+	my ($self, $myconfig, $form) = @_;
+
+	my @allowedsuff = qw(css tex txt html xml);
+	if ($form->{file} =~ /\.\./){
+		$form->error("Directory transversal not allowed.");
+	}
+	my $whitelisted = 0;
+	for (@allowedsuff){
+		if ($form->{file} =~ /$_$/){
+			$whitelisted = 1;
+		}
+	}
+	if (!$whitelisted){
+		$form->error("Error:  File is of type that is not allowed.");
+	}
+
+	if ($form->{file} !~ /^$myconfig->{templates}/){
+		$form->error("$!: $form->{file}") unless $form->{file} =~ /^css/;
+	}
+}
+
+
 sub load_template {
 
-	my ($self, $form) = @_;
+	my ($self, $myconfig, $form) = @_;
 
+	$self->check_template_name(\%$myconfig, \%$form);
 	open(TEMPLATE, "$form->{file}") or $form->error("$form->{file} : $!");
 
 	while (<TEMPLATE>) {
@@ -1247,22 +1272,9 @@ sub load_template {
 
 sub save_template {
 
-	my ($self, $form) = @_;
-
-	my @allowedsuff = qw(css tex txt html xml);
-	if ($form->{file} =~ /\.\./){
-		$form->error("Directory transversal not allowed.");
-	}
-	my $whitelisted = 0;
-	for (@allowedsuff){
-		if ($form->{file} =~ /$_$/){
-			$whitelisted = 1;
-		}
-	}
-	if (!$whitelisted){
-		$form->error("Error:  File is of type that is not allowed.");
-	}
+	my ($self, $myconfig, $form) = @_;
 
+	$self->check_template_name(\%$myconfig, \%$form);
 	open(TEMPLATE, ">$form->{file}") or $form->error("$form->{file} : $!");
 
 	# strip 
diff --git a/bin/mozilla/am.pl b/bin/mozilla/am.pl
index 5a9967e9..9be1c020 100755
--- a/bin/mozilla/am.pl
+++ b/bin/mozilla/am.pl
@@ -1598,7 +1598,7 @@ sub display_form {
 
   $form->error("$!: $form->{file}") unless -f $form->{file};
 
-  AM->load_template(\%$form);
+  AM->load_template(\%myconfig, \%$form);
 
   $form->{title} = $form->{file};
 
@@ -1643,7 +1643,7 @@ $form->{body}
 
 sub edit_template {
 
-  AM->load_template(\%$form);
+  AM->load_template(\%myconfig, \%$form);
 
   $form->{title} = $locale->text('Edit Template');
   # convert &nbsp to &amp;nbsp;
@@ -1691,7 +1691,7 @@ $form->{body}
 
 sub save_template {
 
-  AM->save_template(\%$form);
+  AM->save_template(\%myconfig, \%$form);
   $form->redirect($locale->text('Template saved!'));
   
 }
-- 
cgit v1.2.3