From 59319cf61d7bb104ca0f3064c4d3f58e97f4ad54 Mon Sep 17 00:00:00 2001 From: Edmar Moretti Date: Sun, 7 Aug 2016 00:48:02 -0300 Subject: [PATCH] Revisão do código para uso de sanitização de variáveis --- admin/admin.db | Bin 340992 -> 0 bytes ajuda_usuario.php | 9 ++++----- classesphp/classe_selecao.php | 2 +- classesphp/parse_cgi.php | 30 ++++++++++++++++++++---------- classesphp/wscliente.php | 11 ++++++++++- exemplos/gm1.php | 5 +---- ferramentas/animagif/exec.php | 1 + ferramentas/carregamapa/upload.php | 1 + ferramentas/heatmap/funcoes.php | 2 +- ferramentas/imprimir/a4lpaisagempdf.php | 5 ++--- ferramentas/imprimir/aggpng.php | 2 +- ferramentas/imprimir/geotif.php | 1 + ferramentas/imprimir/geraimagens.php | 2 +- ferramentas/imprimir/jpeg.php | 2 +- ferramentas/imprimir/svg.php | 2 +- ferramentas/inicia.php | 21 ++------------------- ferramentas/markercluster/funcoes.php | 2 +- ferramentas/tabela/relatorio.php | 1 + ferramentas/teste.phtml | 256 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ferramentas/upload/upload.php | 16 +++++++++------- ferramentas/uploaddbf/upload.php | 15 +++++++-------- ferramentas/uploadgpx/upload.php | 13 ++++++------- ferramentas/uploadkml/upload.php | 13 +++++++------ ferramentas/uploadsimbolo/upload.php | 1 - fontetema.php | 6 ++++-- geraminiatura.php | 12 +++--------- json.php | 9 +++++---- 27 files changed, 91 insertions(+), 349 deletions(-) delete mode 100755 ferramentas/teste.phtml diff --git a/admin/admin.db b/admin/admin.db index 805c06f..83a27eb 100755 Binary files a/admin/admin.db and b/admin/admin.db differ diff --git a/ajuda_usuario.php b/ajuda_usuario.php index 4b811b5..8ad6c8e 100755 --- a/ajuda_usuario.php +++ b/ajuda_usuario.php @@ -42,7 +42,7 @@ idcategoria - id da categoria. Lista apenas uma categoria idajuda - id da funcionalidade. Lista apenas uma funcionalidade */ -include("classesphp/pega_variaveis.php"); +include_once (dirname(__FILE__)."/classesphp/sani_request.php"); include("ms_configura.php"); ?> @@ -153,9 +153,8 @@ A:hover {

Documentação do usuário.

-

Para ver toda a documentação, "; echo "clique aqui

"; @@ -175,8 +174,8 @@ i3GEO.configura.locaplic = i3GEO.util.protocolo() + "://" + window.location.host + "/i3geo"; i3GEO.idioma.IDSELETOR = "bandeiras"; i3GEO.idioma.mostraSeletor(); -var idcategoria = ""; -var idajuda = ""; +var idcategoria = ""; +var idajuda = ""; if(screen.availWidth > 700){ document.getElementById("divGeral").style.width = "700px"; } diff --git a/classesphp/classe_selecao.php b/classesphp/classe_selecao.php index b51c828..04a1f32 100755 --- a/classesphp/classe_selecao.php +++ b/classesphp/classe_selecao.php @@ -730,10 +730,10 @@ $shp_atual - Indices dos elementos já selecionados. $indxlayer = $this->layer->index; $shp = array_merge($shpi,$shp_atual); $shp = array_unique($shp); + $this->mapa->freequery($indxlayer); foreach ($shp as $indx) {@$this->mapa->querybyindex($indxlayer,-1,$indx,MS_TRUE);} - //echo $this->layer->getNumresults(); $this->mapa->savequery($this->qyfile); $this->serializeQ($this->qyfileTema,$shp); return("ok"); diff --git a/classesphp/parse_cgi.php b/classesphp/parse_cgi.php index 2e18bd2..95af226 100755 --- a/classesphp/parse_cgi.php +++ b/classesphp/parse_cgi.php @@ -51,25 +51,34 @@ Exemplo: http://localhost/i3geo/classesphp/parse_cgi.php?g_sid=dgge4877dhhhgrjjey&map_size=500 500 */ error_reporting(0); -include_once("pega_variaveis.php"); +include_once (dirname(__FILE__)."/classesphp/sani_request.php"); +$_GET = array_merge($_GET,$_POST); include_once ("carrega_ext.php"); include_once("funcoes_gerais.php"); -$temp = $mapext; +$temp = $_GET["mapext"]; session_name("i3GeoPHP"); -session_id($g_sid); +session_id($_GET["g_sid"]); session_start(); $mapext = $temp; $map_file = $_SESSION["map_file"]; - +$fingerprint = $_SESSION["fingerprint"]; include(dirname(__FILE__)."/../ms_configura.php"); if(isset($fingerprint)) { if (md5('I3GEOSEC' . $_SERVER['HTTP_USER_AGENT'] . session_id()) != $fingerprint) {exit;} } -if (!isset($map_imagecolor)) $map_imagecolor = "-1 -1 -1"; +if (!isset($_GET["map_imagecolor"])){ + $map_imagecolor = "-1 -1 -1"; +} else { + $map_imagecolor = $_GET["map_imagecolor"]; +} -if (!isset($map_transparent)) $map_transparent = "ON"; +if (!isset($map_transparent)){ + $map_transparent = "ON"; +} else { + $map_transparent = $_GET["map_transparent"]; +} // //faz uma c�pia do mapfile para poder manipular sem afetar omapfile atual usado pelo i3geo // @@ -80,6 +89,7 @@ $map_filen = str_replace(".map","",$map_filen).".map"; copy($map_file,$map_filen); substituiCon($map_filen,$postgis_mapa); $map = ms_newMapObj($map_filen); +restauraCon($map_filen,$postgis_mapa); $layersNames = $map->getalllayernames(); foreach ($layersNames as $layerName) { @@ -99,14 +109,14 @@ foreach ($layersNames as $layerName) } } } -if(isset($map_size)) +if(isset($_GET["map_size"])) { - $map_size = explode(",",$map_size); + $map_size = explode(",",$_GET["map_size"]); $map->setsize($map_size[0],$map_size[1]); } -if(isset($mapext)) +if(isset($_GET["mapext"])) { - $mapext = explode(" ",$mapext); + $mapext = explode(" ",$_GET["mapext"]); $map->setExtent($mapext[0],$mapext[1],$mapext[2],$mapext[3]); } //$map->save($map_file); diff --git a/classesphp/wscliente.php b/classesphp/wscliente.php index 71869d1..8d5614b 100755 --- a/classesphp/wscliente.php +++ b/classesphp/wscliente.php @@ -46,15 +46,24 @@ Exemplo: http://localhost/i3geo/classesphp/wscliente.php?funcao=listaRSSws&rss=http://localhost/i3geo/admin/xmlservicosws.php&g_sid=&cpaint_function=listaRSSws&cpaint_response_type=JSON */ -include_once("pega_variaveis.php"); +include_once (dirname(__FILE__)."/sani_request.php"); +$_GET = array_merge($_GET,$_POST); include_once("lews/wms_functions.php"); include_once(dirname(__FILE__)."/../pacotes/cpaint/cpaint2.inc.php"); include_once("carrega_ext.php"); include(dirname(__FILE__)."/../ms_configura.php"); $cp = new cpaint(); + +$onlineresource = $_GET["onlineresource"]; +$tipo = $_GET["tipo"]; +$servico = $_GET["servico"]; +$param = $_GET["param"]; +$funcaows = $_GET["funcaows"]; +$rss = $_GET["rss"]; // //busca o getcapabilities de um wms // +$funcao = $_GET["funcao"]; if ($funcao == "getcapabilities") { $cp->register('getcapabilities'); diff --git a/exemplos/gm1.php b/exemplos/gm1.php index 759d5e2..da0c259 100755 --- a/exemplos/gm1.php +++ b/exemplos/gm1.php @@ -1,6 +1,3 @@ - @@ -70,7 +67,7 @@ include_once(dirname(__FILE__)."/../classesphp/pega_variaveis.php"); - - - - - - -
- - - - - - - - - - - - - - - - - - - - - -
-
-

i3Geo - Software livre para criação de mapas interativos e geoprocessamento

-

Baseado no Mapserver, é licenciado sob GPL e integra o Portal do Software Público Brasileiro

-
- -
- -
- - - - - diff --git a/ferramentas/upload/upload.php b/ferramentas/upload/upload.php index 6926462..b92843e 100755 --- a/ferramentas/upload/upload.php +++ b/ferramentas/upload/upload.php @@ -3,16 +3,18 @@ //caso o usuário seja um administrador, ele pode enviar um nome de diretório onde os arquivos serão armazenados //na variável $dirDestino // -require_once(dirname(__FILE__)."/../../classesphp/pega_variaveis.php"); +include_once (dirname(__FILE__)."/../../classesphp/sani_request.php"); +$_GET = array_merge($_GET,$_POST); +if(isset($_GET["tipo"])){ + $tipo = $_GET["tipo"]; +} require_once(dirname(__FILE__)."/../../classesphp/funcoes_gerais.php"); include_once (dirname(__FILE__)."/../../classesphp/carrega_ext.php"); error_reporting(0); session_name("i3GeoPHP"); -if(isset($g_sid) && $g_sid != ""){ - session_id($g_sid); +if(isset($_GET["g_sid"]) && $_GET["g_sid"] != ""){ + session_id($_GET["g_sid"]); session_start(); - //foreach(array_keys($_SESSION) as $k) - //{eval("\$".$k."='".$_SESSION[$k]."';");} $map_file = $_SESSION["map_file"]; } if (ob_get_level() == 0) ob_start(); @@ -134,8 +136,8 @@ if (isset($_FILES['i3GEOuploadshp']['name'])) $novolayer->setmetadata("ITENSDESC",$its); $novolayer->set("template","none.htm"); } - if(isset($uploadEPSG) && $uploadEPSG != ""){ - $novolayer->setProjection("init=epsg:".$uploadEPSG); + if(isset($_GET["uploadEPSG"]) && $_GET["uploadEPSG"] != ""){ + $novolayer->setProjection("init=epsg:".$_GET["uploadEPSG"]); } if(file_exists($dirmap."/".$nomePrefixo.".prj")){ $novolayer->setProjection("AUTO"); diff --git a/ferramentas/uploaddbf/upload.php b/ferramentas/uploaddbf/upload.php index 7e54ed9..b9eae4e 100755 --- a/ferramentas/uploaddbf/upload.php +++ b/ferramentas/uploaddbf/upload.php @@ -1,13 +1,12 @@ data as $d){ diff --git a/ferramentas/uploadgpx/upload.php b/ferramentas/uploadgpx/upload.php index ebaadcb..3ebaf75 100755 --- a/ferramentas/uploadgpx/upload.php +++ b/ferramentas/uploadgpx/upload.php @@ -1,14 +1,13 @@ set("status",MS_DEFAULT); $novolayer->set("template","none.htm"); - if(isset($uploadgpxEPSG) && $uploadgpxEPSG != "") - {$novolayer->setProjection("init=epsg:".$uploadgpxEPSG);} + if(isset($_GET["uploadkmlEPSG"]) && $_GET["uploadkmlEPSG"] != "") + {$novolayer->setProjection("init=epsg:".$_GET["uploadkmlEPSG"]);} //$adiciona = ms_newLayerObj($mapa, $novolayer); } $salvo = $mapa->save($map_file); diff --git a/ferramentas/uploadkml/upload.php b/ferramentas/uploadkml/upload.php index 5eb096f..cc1a784 100755 --- a/ferramentas/uploadkml/upload.php +++ b/ferramentas/uploadkml/upload.php @@ -1,11 +1,12 @@ set("type",MS_LAYER_POLYGON);} $novolayer->set("type",$tipo); - $novolayer->set("data",$layerkml); + $novolayer->set("data",$_GET["layerkml"]); $novolayer->setmetadata("TEMALOCAL","SIM"); $novolayer->setfilter(""); $classe = ms_newClassObj($novolayer); @@ -87,8 +88,8 @@ if (isset($_FILES['i3GEOuploadkml']['name'])) // le os itens $novolayer->set("status",MS_DEFAULT); $novolayer->set("template","none.htm"); - if(isset($uploadkmlEPSG) && $uploadkmlEPSG != "") - {$novolayer->setProjection("init=epsg:".$uploadkmlEPSG);} + if(isset($_GET["uploadkmlEPSG"]) && $_GET["uploadkmlEPSG"] != "") + {$novolayer->setProjection("init=epsg:".$_GET["uploadkmlEPSG"]);} //$adiciona = ms_newLayerObj($mapa, $novolayer); } $salvo = $mapa->save($map_file); diff --git a/ferramentas/uploadsimbolo/upload.php b/ferramentas/uploadsimbolo/upload.php index b373139..dfdd2fc 100755 --- a/ferramentas/uploadsimbolo/upload.php +++ b/ferramentas/uploadsimbolo/upload.php @@ -3,7 +3,6 @@ //caso o usuário seja um administrador, ele pode enviar um nome de diretório onde os arquivos serão armazenados //na variável $dirDestino // -require_once(dirname(__FILE__)."/../../classesphp/pega_variaveis.php"); require_once(dirname(__FILE__)."/../../classesphp/funcoes_gerais.php"); include_once (dirname(__FILE__)."/../../classesphp/carrega_ext.php"); error_reporting(0); diff --git a/fontetema.php b/fontetema.php index bd55a65..abf305e 100755 --- a/fontetema.php +++ b/fontetema.php @@ -39,11 +39,13 @@ fontetema.php?tema=bioma */ include(dirname(__FILE__)."/ms_configura.php"); -include(dirname(__FILE__)."/classesphp/pega_variaveis.php"); include(dirname(__FILE__)."/admin/php/classe_arvore.php"); +include_once (dirname(__FILE__)."/classesphp/sani_request.php"); +$_GET = array_merge($_GET,$_POST); + $m = new Arvore($locaplic); -$retorno = $m->pegaTemaPorCodigo($tema); +$retorno = $m->pegaTemaPorCodigo($_GET["tema"]); $retorno = $retorno[0]["link_tema"]; if(!headers_sent()) {header("Location:".$retorno);} diff --git a/geraminiatura.php b/geraminiatura.php index 1631ecd..714f249 100755 --- a/geraminiatura.php +++ b/geraminiatura.php @@ -82,13 +82,7 @@ if (!function_exists('ms_GetVersion')) else {dl('php_mapscript.so');} } -/* -include($locaplic."/ms_configura.php"); -if(!function_exists("versao")) -{include($locaplic."/classesphp/funcoes_gerais.php");} -require_once($locaplic."/classesphp/pega_variaveis.php"); -include_once ($locaplic."/classesphp/carrega_ext.php"); -*/ + include_once (dirname(__FILE__)."/admin/php/admin.php"); $versao = versao(); $versao = $versao["principal"]; @@ -134,7 +128,7 @@ if($tipo == "mini" || $tipo == "todos" || $tipo == "grande" || $tipo == "") { $arq = str_replace(" ","xxxx",$arq); $temp = explode(".",$arq); - + if(file_exists($locaplic.'/temas/'.$arq) && $temp[(count($temp) - 1)] == "map" && !(strpos($temp[0],"_") === 0) ) { echo "$arq
"; @@ -253,7 +247,7 @@ function verificaMiniatura($map,$tipo,$admin=false) } } } - + zoomTemaMiniatura($pegarext,$mapa); } if($extensao == ".gvp"){ diff --git a/json.php b/json.php index 2edb89e..4fb4d83 100755 --- a/json.php +++ b/json.php @@ -37,9 +37,9 @@ format - storymap|gdocs No caso de storymap, o fornecimento dos dados depende dos parametros definidos no METADATA storymap existente no tema */ +include_once (dirname(__FILE__)."/classesphp/sani_request.php"); $_GET = array_merge($_GET,$_POST); include(dirname(__FILE__)."/ms_configura.php"); -include(dirname(__FILE__)."/classesphp/pega_variaveis.php"); include(dirname(__FILE__)."/classesphp/funcoes_gerais.php"); // //pega os enderecos para compor a url de chamada do gerador de web services @@ -50,7 +50,7 @@ $protocolo1 = strtolower($protocolo) . '://'.$_SERVER['SERVER_NAME']; $protocolo = strtolower($protocolo) . '://'.$_SERVER['SERVER_NAME'] .":". $_SERVER['SERVER_PORT']; $urli3geo = str_replace("/ogc.php","",$protocolo.$_SERVER["PHP_SELF"]); -$nomeArq = $dir_tmp."/ogc_".md5(implode("",$_GET))."_json_".$output; +$nomeArq = $dir_tmp."/ogc_".md5(implode("",$_GET))."_json_".$_GET["output"]; $nomeMapfileTmp = $nomeArq.".map"; $cache = carregaCacheArquivo(); @@ -95,7 +95,7 @@ if(!$testemap){ } copy($base,$nomeMapfileTmp); - +$tema = $_GET["tema"]; $oMap = ms_newMapobj($nomeMapfileTmp); $nmap = ms_newMapobj($locaplic."/temas/".$tema.".map"); $l = $nmap->getlayerbyname($tema); @@ -121,7 +121,6 @@ if (!empty($postgis_mapa)){ } } } - autoClasses($l,$oMap); ms_newLayerObj($oMap, $l); @@ -136,6 +135,8 @@ if($layer == ""){ exit; } $data = pegaDadosJ(); +$format = $_GET["format"]; +$jsonp = $_GET["jsonp"]; if($format == "storymap"){ //parametros via URL $storymap = $layer->getmetadata("storymap"); -- libgit2 0.21.2