Development

#2935 (security issue - admin generator handles plain fields in update_XXX_FromRequest)

You must first sign up to be able to contribute.

Ticket #2935 (closed defect: fixed)

Opened 10 months ago

Last modified 9 months ago

security issue - admin generator handles plain fields in update_XXX_FromRequest

Reported by: pihentagy Assigned to: fabien
Priority: major Milestone: 1.0.12
Component: generator Version: 1.0.11
Keywords: admin generator Cc:
Qualification: Unreviewed

Description

Having the following in generator.yml 

generator:
  default_culture: hu
  class: sfPropelAdminGenerator
  param:
    model_class: Cmspage
    fields:
      updated_at: { type: plain, name: xxx }

I get the following generated (note the handling of updated_at) 

  protected function updateCmspageFromRequest()
  {
    $cmspage = $this->getRequestParameter('cmspage');

    if (isset($cmspage['title']))
    {
      $this->cmspage->setTitle($cmspage['title']);
    }
    if (isset($cmspage['slug']))
    {
      $this->cmspage->setSlug($cmspage['slug']);
    }
    if (isset($cmspage['body']))
    {
      $this->cmspage->setBody($cmspage['body']);
    }
    if (isset($cmspage['updated_at']))
    {
      if ($cmspage['updated_at'])
      {
        try
        {
          $dateFormat = new sfDateFormat($this->getUser()->getCulture());
                              if (!is_array($cmspage['updated_at']))
          {
            $value = $dateFormat->format($cmspage['updated_at'], 'I', $dateFormat->getInputPattern('g'));
          }
          else
          {
            $value_array = $cmspage['updated_at'];
            $value = $value_array['year'].'-'.$value_array['month'].'-'.$value_array['day'].(isset($value_array['hour']) ? ' '.$value_array['hour'].':'.$value_array['minute'].(isset($value_array['second']) ? ':'.$value_array['second'] : '') : '');
          }
          $this->cmspage->setUpdatedAt($value);
        }
        catch (sfException $e)
        {
          // not a date
        }
      }
      else
      {
        $this->cmspage->setUpdatedAt(null);
      }
    }
  }

Change History

(in reply to: ↑ description ) 02/14/08 14:24:13 changed by pihentagy

  • summary changed from security issue - admin generator handles plain fields in create_xxx_FromRequest to security issue - admin generator handles plain fields in update_XXX_FromRequest.

03/19/08 18:58:58 changed by fabien

  • milestone set to 1.0.12.

03/20/08 13:29:34 changed by noel

  • status changed from new to closed.
  • resolution set to fixed.

(In [7997]) admin generator handles plain fields (closes #2935)