Peter M. Groen / knowledgetree

Commit 6b139854f4ba358c05537a7f3abb89248024fe75

Authored by kevin_fourie
1 parent 9445dfcd

Merged in from DEV trunk... 

KTC-165
"Input validation required on file names."
Fixed. Added some sanitize checks to KTBulkExportPlugin.php

Committed By: Jalaloedien Abrahams
Reviewed By: Conrad Vermeulen

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/trunk@7046 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 6 additions and 5 deletions
plugins/ktstandard/KTBulkExportPlugin.php
  View file @6b13985
@@ -144,20 +144,20 @@ class KTBulkExportAction extends KTFolderAction { @@ -144,20 +144,20 @@ class KTBulkExportAction extends KTFolderAction {
144 $oDocumentTransaction->create(); 144 $oDocumentTransaction->create();
145 } 145 }
146 146
147 - $sParentFolder = sprintf('%s/%s', $sTmpPath, $oDocument->getFullPath()); 147 + $sParentFolder = str_replace('<', '', str_replace('</', '', str_replace('>', '', sprintf('%s/%s', $sTmpPath, $oDocument->getFullPath()))));
148 $newDir = $this->sTmpPath; 148 $newDir = $this->sTmpPath;
149 - $sFullPath = $this->_convertEncoding($oDocument->getFullPath(), true); 149 + $sFullPath = str_replace('<', '', str_replace('</', '', str_replace('>', '', $this->_convertEncoding($oDocument->getFullPath(), true))));
150 foreach (split('/', $sFullPath) as $dirPart) { 150 foreach (split('/', $sFullPath) as $dirPart) {
151 $newDir = sprintf("%s/%s", $newDir, $dirPart); 151 $newDir = sprintf("%s/%s", $newDir, $dirPart);
152 if (!file_exists($newDir)) { 152 if (!file_exists($newDir)) {
153 mkdir($newDir, 0700); 153 mkdir($newDir, 0700);
154 } 154 }
155 } 155 }
156 - $sOrigFile = $oStorage->temporaryFile($oDocument);  
157 - $sFilename = sprintf("%s/%s", $sParentFolder, $oDocument->getFileName()); 156 + $sOrigFile = str_replace('<', '', str_replace('</', '', str_replace('>', '', $oStorage->temporaryFile($oDocument))));
  157 + $sFilename = sprintf("%s/%s", $sParentFolder, str_replace('<', '', str_replace('</', '', str_replace('>', '', $oDocument->getFileName()))));
158 $sFilename = $this->_convertEncoding($sFilename, true); 158 $sFilename = $this->_convertEncoding($sFilename, true);
159 copy($sOrigFile, $sFilename); 159 copy($sOrigFile, $sFilename);
160 - $sPath = sprintf("%s/%s", $oDocument->getFullPath(), $oDocument->getFileName()); 160 + $sPath = str_replace('<', '', str_replace('</', '', str_replace('>', '', sprintf("%s/%s", $oDocument->getFullPath(), $oDocument->getFileName()))));
161 $sPath = str_replace($aReplaceKeys, $aReplaceValues, $sPath); 161 $sPath = str_replace($aReplaceKeys, $aReplaceValues, $sPath);
162 $sPath = $this->_convertEncoding($sPath, true); 162 $sPath = $this->_convertEncoding($sPath, true);
163 $aPaths[] = $sPath; 163 $aPaths[] = $sPath;
@@ -165,6 +165,7 @@ class KTBulkExportAction extends KTFolderAction { @@ -165,6 +165,7 @@ class KTBulkExportAction extends KTFolderAction {
165 $sManifest = sprintf("%s/%s", $this->sTmpPath, "MANIFEST"); 165 $sManifest = sprintf("%s/%s", $this->sTmpPath, "MANIFEST");
166 file_put_contents($sManifest, join("\n", $aPaths)); 166 file_put_contents($sManifest, join("\n", $aPaths));
167 $sZipFile = sprintf("%s/%s.zip", $this->sTmpPath, $this->oFolder->getName()); 167 $sZipFile = sprintf("%s/%s.zip", $this->sTmpPath, $this->oFolder->getName());
  168 + $sZipFile = str_replace('<', '', str_replace('</', '', str_replace('>', '', $sZipFile)));
168 $_SESSION['bulkexport'] = KTUtil::arrayGet($_SESSION, 'bulkexport', array()); 169 $_SESSION['bulkexport'] = KTUtil::arrayGet($_SESSION, 'bulkexport', array());
169 $sExportCode = KTUtil::randomString(); 170 $sExportCode = KTUtil::randomString();
170 $_SESSION['bulkexport'][$sExportCode] = array( 171 $_SESSION['bulkexport'][$sExportCode] = array(