diff --git a/glpi-0.71.5.patch b/glpi-0.71.5.patch new file mode 100644 index 0000000..a312948 --- /dev/null +++ b/glpi-0.71.5.patch @@ -0,0 +1,421 @@ +Commits in branches/0.71-bugfixes after 0.71.5 released + + 7917 Cache clean when rule is deleted see #1227 + 7938 More security test + 7963 correct styles + 7978 restore problem + 7985 Remove space when trying to build a user's dn + 7994 fix memory_limit = -1 detection + 7997 fix externalImportDropdown for phone + 8060 fix cartridge time in stock / used computation - Fixed #1243 + 8100 don't delete dropdown ID=0 + 8186 Error when making an ldap request and login field is not present + 8202 default profil with CAS - fixed #1259 + 8236 fix type in SQL request + +Index: branches/0.71-bugfixes/ajax/dropdownValue.php +=================================================================== +--- branches/0.71-bugfixes/ajax/dropdownValue.php (revision 7882) ++++ branches/0.71-bugfixes/ajax/dropdownValue.php (revision 7938) +@@ -52,4 +52,8 @@ + checkLoginUser(); + ++// Security ++if (! TableExists($_POST['table']) ){ ++ exit(); ++} + + if (isset($_POST["entity_restrict"])&&!is_numeric($_POST["entity_restrict"])&&!is_array($_POST["entity_restrict"])){ +Index: branches/0.71-bugfixes/ajax/dropdownUsersTracking.php +=================================================================== +--- branches/0.71-bugfixes/ajax/dropdownUsersTracking.php (revision 7763) ++++ branches/0.71-bugfixes/ajax/dropdownUsersTracking.php (revision 7938) +@@ -47,4 +47,9 @@ + + checkCentralAccess(); ++ ++// Security ++if ( ! FieldExists("glpi_tracking",$_POST['field']) ){ ++ exit(); ++} + + // Make a select box with all glpi users +Index: branches/0.71-bugfixes/ajax/autocompletion.php +=================================================================== +--- branches/0.71-bugfixes/ajax/autocompletion.php (revision 7882) ++++ branches/0.71-bugfixes/ajax/autocompletion.php (revision 7938) +@@ -45,4 +45,10 @@ + + checkLoginUser(); ++ ++// Security ++if (! TableExists($_POST['table']) || ! FieldExists($_POST['table'],$_POST['field']) ){ ++ exit(); ++} ++ + $entity=""; + if (isset($_POST['entity_restrict'])&&$_POST['entity_restrict']>=0&&in_array($_POST['table'],$CFG_GLPI["specif_entities_tables"])){ +Index: branches/0.71-bugfixes/ajax/dropdownFindNum.php +=================================================================== +--- branches/0.71-bugfixes/ajax/dropdownFindNum.php (revision 7882) ++++ branches/0.71-bugfixes/ajax/dropdownFindNum.php (revision 7938) +@@ -41,4 +41,9 @@ + + checkRight("create_ticket","1"); ++ ++// Security ++if (! TableExists($_POST['table']) ){ ++ exit(); ++} + + $where=""; +Index: branches/0.71-bugfixes/ajax/comments.php +=================================================================== +--- branches/0.71-bugfixes/ajax/comments.php (revision 7763) ++++ branches/0.71-bugfixes/ajax/comments.php (revision 7938) +@@ -44,4 +44,9 @@ + checkLoginUser(); + ++// Security ++if (! TableExists($_POST['table']) ){ ++ exit(); ++} ++ + if (isset($_POST["table"])&&isset($_POST["value"])){ + switch ($_POST["table"]){ +Index: branches/0.71-bugfixes/front/backup.php +=================================================================== +--- branches/0.71-bugfixes/front/backup.php (revision 7883) ++++ branches/0.71-bugfixes/front/backup.php (revision 7978) +@@ -288,5 +288,6 @@ + $buffer=fgets($fileHandle,102400); + +- if(substr($buffer, 0, 1) != "#") ++ // do not strip comments due to problems when # in begin of a data line ++ //if(substr($buffer, 0, 1) != "#") + { + $formattedQuery .= $buffer; +@@ -295,5 +296,5 @@ + + // Do not use the $DB->query +- if ($DB->query($formattedQuery)) //r�ssie sinon continue �conca&t�er ++ if ($DB->query($formattedQuery)) //if no success continue to concatenate + { + +Index: branches/0.71-bugfixes/front/setup.dropdowns.php +=================================================================== +--- branches/0.71-bugfixes/front/setup.dropdowns.php (revision 7763) ++++ branches/0.71-bugfixes/front/setup.dropdowns.php (revision 8100) +@@ -52,4 +52,15 @@ + elseif (isset($_GET["which"]))$which=$_GET["which"]; + else $which=""; ++ ++ ++// Security ++if (!empty($which) && ! TableExists($which) ){ ++ exit(); ++} ++ ++// Security ++if (isset($_POST["tablename"]) && ! TableExists($_POST["tablename"]) ){ ++ exit(); ++} + + if (isset($_GET["where"]))$where=$_GET["where"]; +@@ -104,5 +115,5 @@ + glpi_header($_SERVER['PHP_SELF']."?which=$which&value2=$value2&tomove=$tomove&where=$where&type=$type&FK_entities=$FK_entities"); + +-} else if (isset($_POST["delete"])) { ++} else if (isset($_POST["delete"]) && $_POST["ID"]>0) { + if(dropdownUsed($_POST["tablename"], $_POST["ID"]) && empty($_POST["forcedelete"])) { + if (!ereg("popup",$_SERVER['PHP_SELF'])){ +Index: branches/0.71-bugfixes/front/entity.tree.php +=================================================================== +--- branches/0.71-bugfixes/front/entity.tree.php (revision 7763) ++++ branches/0.71-bugfixes/front/entity.tree.php (revision 7938) +@@ -46,4 +46,10 @@ + + $which=ENTITY_TYPE; ++ ++// Security ++if (isset($_POST["tablename"]) && ! TableExists($_POST["tablename"]) ){ ++ exit(); ++} ++ + + if (isset($_GET["where"]))$where=$_GET["where"]; +Index: branches/0.71-bugfixes/css/styles.css +=================================================================== +--- branches/0.71-bugfixes/css/styles.css (revision 7763) ++++ branches/0.71-bugfixes/css/styles.css (revision 7963) +@@ -39,4 +39,5 @@ + margin: 0; + padding: 0; ++ background: white; + } + +@@ -156,11 +157,14 @@ + font-size: 11px; + border: 1px solid #888888; ++ color: black; ++ background-color: white; + } + + + textarea, input { +-background-color:#FAFAFA; +-border: 1px solid #888888; +-font-size: 11px; ++ background-color:#FAFAFA; ++ color: black; ++ border: 1px solid #888888; ++ font-size: 11px; + } + +Index: branches/0.71-bugfixes/inc/search.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/search.function.php (revision 7763) ++++ branches/0.71-bugfixes/inc/search.function.php (revision 7929) +@@ -1473,4 +1473,9 @@ + function addOrderBy($type,$ID,$order,$key=0){ + global $SEARCH_OPTION,$CFG_GLPI,$PLUGIN_HOOKS; ++ ++ // Security test for order ++ if ($order!="ASC"){ ++ $order="DESC"; ++ } + + $table=$SEARCH_OPTION[$type][$ID]["table"]; +Index: branches/0.71-bugfixes/inc/ldap.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/ldap.function.php (revision 7875) ++++ branches/0.71-bugfixes/inc/ldap.function.php (revision 8186) +@@ -433,12 +433,18 @@ + if (!$sync) + { +- $ldap_users[$info[$ligne][$config_ldap->fields['ldap_login']][0]] = $info[$ligne][$config_ldap->fields['ldap_login']][0]; +- $user_infos[$info[$ligne][$config_ldap->fields['ldap_login']][0]]["timestamp"]=ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); ++ if (in_array($config_ldap->fields['ldap_login'],$info[$ligne])) ++ { ++ $ldap_users[$info[$ligne][$config_ldap->fields['ldap_login']][0]] = $info[$ligne][$config_ldap->fields['ldap_login']][0]; ++ $user_infos[$info[$ligne][$config_ldap->fields['ldap_login']][0]]["timestamp"]=ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); ++ } + } + else + { + //If ldap synchronisation +- $ldap_users[$info[$ligne][$config_ldap->fields['ldap_login']][0]] = ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); +- $user_infos[$info[$ligne][$config_ldap->fields['ldap_login']][0]]["timestamp"]=ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); ++ if (in_array($config_ldap->fields['ldap_login'],$info[$ligne])) ++ { ++ $ldap_users[$info[$ligne][$config_ldap->fields['ldap_login']][0]] = ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); ++ $user_infos[$info[$ligne][$config_ldap->fields['ldap_login']][0]]["timestamp"]=ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],$config_ldap->fields['timezone'],true); ++ } + } + } +Index: branches/0.71-bugfixes/inc/user.class.php +=================================================================== +--- branches/0.71-bugfixes/inc/user.class.php (revision 7875) ++++ branches/0.71-bugfixes/inc/user.class.php (revision 8202) +@@ -239,8 +239,8 @@ + + $this->syncLdapGroups($input); +- $this->applyRightRules($input); ++ $rulesplayed = $this->applyRightRules($input); + + // Add default profile +- if ($input['auth_method']==AUTH_DB_GLPI || (isAlternateAuthWithLdap($input['auth_method']))){ ++ if (!$rulesplayed){ + $sql_default_profile = "SELECT ID FROM glpi_profiles WHERE is_default=1"; + $result = $DB->query($sql_default_profile); +@@ -322,4 +322,6 @@ + * + *@param $input data used to apply rules ++ * ++ *@return boolean : true if we play the Rule Engine + **/ + function applyRightRules($input){ +@@ -388,6 +390,9 @@ + //Unset all the temporary tables + unset($input["_ldap_rules"]); +- } +- ++ ++ return true; ++ } ++ return false; ++ + } + /** +Index: branches/0.71-bugfixes/inc/tracking.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/tracking.function.php (revision 7899) ++++ branches/0.71-bugfixes/inc/tracking.function.php (revision 7946) +@@ -834,5 +834,5 @@ + dropdownValue("glpi_groups", "assign_group", $assign_group,1,$_SESSION["glpiactive_entity"]); + +- } else if (haveRight("steal_ticket","1")) { ++ } else { // steal active + echo $LANG["job"][6].": "; + dropdownUsers("assign",$assign,"ID",0,1,$_SESSION["glpiactive_entity"]); +Index: branches/0.71-bugfixes/inc/cartridge.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/cartridge.function.php (revision 7763) ++++ branches/0.71-bugfixes/inc/cartridge.function.php (revision 8060) +@@ -345,6 +345,6 @@ + echo $date_use; + +- $tmp_dbeg=split("-",$date_in); +- $tmp_dend=split("-",$date_use); ++ $tmp_dbeg=split("-",$data["date_in"]); ++ $tmp_dend=split("-",$data["date_use"]); + + $stock_time_tmp= mktime(0,0,0,$tmp_dend[1],$tmp_dend[2],$tmp_dend[0]) +@@ -356,6 +356,6 @@ + + if ($old!=0){ +- $tmp_dbeg=split("-",$date_use); +- $tmp_dend=split("-",$date_out); ++ $tmp_dbeg=split("-",$data["date_use"]); ++ $tmp_dend=split("-",$data["date_out"]); + + $use_time_tmp= mktime(0,0,0,$tmp_dend[1],$tmp_dend[2],$tmp_dend[0]) +Index: branches/0.71-bugfixes/inc/reminder.class.php +=================================================================== +--- branches/0.71-bugfixes/inc/reminder.class.php (revision 7763) ++++ branches/0.71-bugfixes/inc/reminder.class.php (revision 7926) +@@ -56,5 +56,9 @@ + global $LANG; + +- if(empty($input["name"])) $input["name"]=$LANG["reminder"][15]; ++ ++ $input["name"] = trim($input["name"]); ++ if(empty($input["name"])) { ++ $input["name"]=$LANG["reminder"][15]; ++ } + + $input["begin"] = $input["end"] = "0000-00-00 00:00:00"; +@@ -84,5 +88,8 @@ + global $LANG; + +- if(empty($input["name"])) $input["name"]=$LANG["reminder"][15]; ++ $input["name"] = trim($input["name"]); ++ if(empty($input["name"])) { ++ $input["name"]=$LANG["reminder"][15]; ++ } + + +Index: branches/0.71-bugfixes/inc/common.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/common.function.php (revision 7882) ++++ branches/0.71-bugfixes/inc/common.function.php (revision 7994) +@@ -563,5 +563,5 @@ + //if(empty($mem)) {$mem=get_cfg_var("memory_limit");} // Sous Win l'ini_get ne retourne rien..... + +- preg_match("/([0-9]+)([KMG]*)/",$mem,$matches); ++ preg_match("/([-0-9]+)([KMG]*)/",$mem,$matches); + + // no K M or G +@@ -666,5 +666,5 @@ + $value = is_array($value) ? + array_map('addslashes_deep', $value) : +- (is_null($value) ? NULL : addslashes($value)); ++ (is_null($value) ? NULL : mysql_real_escape_string($value)); + return $value; + } +@@ -680,6 +680,6 @@ + */ + function clean_cross_side_scripting_deep($value) { +- $in=array("<",">"); +- $out=array("<",">"); ++ $in=array('<','>'); ++ $out=array("<",">"); + $value = is_array($value) ? + array_map('clean_cross_side_scripting_deep', $value) : +@@ -695,8 +695,8 @@ + */ + function unclean_cross_side_scripting_deep($value) { +- $in=array("<",">"); +- $out=array("<",">"); ++ $in=array('<','>'); ++ $out=array("<",">"); + $value = is_array($value) ? +- array_map('clean_cross_side_scripting_deep', $value) : ++ array_map('unclean_cross_side_scripting_deep', $value) : + (is_null($value) ? NULL : str_replace($out,$in,$value)); + return $value; +Index: branches/0.71-bugfixes/inc/software.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/software.function.php (revision 7875) ++++ branches/0.71-bugfixes/inc/software.function.php (revision 8236) +@@ -1173,5 +1173,5 @@ + $query .= " AND expire IS NULL"; + } else { +- $query .= " AND .expire = '" . addslashes($lic->fields['expire']) . "'"; ++ $query .= " AND expire = '" . addslashes($lic->fields['expire']) . "'"; + } + +Index: branches/0.71-bugfixes/inc/rulesengine.class.php +=================================================================== +--- branches/0.71-bugfixes/inc/rulesengine.class.php (revision 7901) ++++ branches/0.71-bugfixes/inc/rulesengine.class.php (revision 7917) +@@ -2093,4 +2093,9 @@ + } + ++ function cleanDBonPurge($ID){ ++ parent::cleanDBonPurge($ID); ++ $this->deleteCacheByRuleId($ID); ++ } ++ + function post_updateItem($input,$updates,$history=1) { + if(isset($updates['match'])) +Index: branches/0.71-bugfixes/inc/auth.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/auth.function.php (revision 7882) ++++ branches/0.71-bugfixes/inc/auth.function.php (revision 7985) +@@ -993,5 +993,5 @@ + return $info[0]['dn']; + } else { // Si echec, essayer de deviner le DN / Flat LDAP +- $dn = "$login_attr=$login, " . $basedn; ++ $dn = "$login_attr=$login," . $basedn; + return $dn; + } +Index: branches/0.71-bugfixes/inc/includes.php +=================================================================== +--- branches/0.71-bugfixes/inc/includes.php (revision 7763) ++++ branches/0.71-bugfixes/inc/includes.php (revision 7934) +@@ -95,16 +95,18 @@ + // Security system + if (isset($_POST)){ +- if (!get_magic_quotes_gpc()){ +- $_POST = array_map('addslashes_deep', $_POST); ++ if (get_magic_quotes_gpc()){ ++ $_POST = array_map('stripslashes_deep', $_POST); + } ++ ++ $_POST = array_map('addslashes_deep', $_POST); + $_POST = array_map('clean_cross_side_scripting_deep', $_POST); + } + if (isset($_GET)){ +- if (!get_magic_quotes_gpc()){ +- $_GET = array_map('addslashes_deep', $_GET); ++ if (get_magic_quotes_gpc()){ ++ $_GET = array_map('stripslashes_deep', $_GET); + } ++ $_GET = array_map('addslashes_deep', $_GET); + $_GET = array_map('clean_cross_side_scripting_deep', $_GET); + } +- + + +Index: branches/0.71-bugfixes/inc/rulesengine.function.php +=================================================================== +--- branches/0.71-bugfixes/inc/rulesengine.function.php (revision 7875) ++++ branches/0.71-bugfixes/inc/rulesengine.function.php (revision 7997) +@@ -367,5 +367,5 @@ + case "glpi_type_networking": + return getRuleCollectionClass(RULE_DICTIONNARY_TYPE_NETWORKING); +- case "glpi_dropdown_type_phone": ++ case "glpi_type_phones": + return getRuleCollectionClass(RULE_DICTIONNARY_TYPE_PHONE); + case "glpi_dropdown_os": diff --git a/glpi.spec b/glpi.spec index cd55b30..348024d 100644 --- a/glpi.spec +++ b/glpi.spec @@ -6,7 +6,7 @@ Name: glpi Version: 0.71.5 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Free IT asset management software Summary(fr): Gestion Libre de Parc Informatique @@ -23,6 +23,9 @@ Source3: glpi-logrotate # backport from 0.72 (Changeset 7208) Patch0: glpi-check.patch +# Post 0.71.5 patches from SVN +# https://dev.indepnet.net/glpi/changeset?format=diff&new=8236&old=7910&new_path=branches/0.71-bugfixes&old_path=branches/0.71-bugfixes +Patch1: glpi-0.71.5.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -67,6 +70,7 @@ techniciens grâce à une maintenance plus cohérente. %setup -q -n glpi %patch0 -p0 +%patch1 -p2 %if 0%{?rhel} == 4 @@ -230,6 +234,9 @@ fi %changelog +* Sun Apr 26 2009 Remi Collet - 0.71.5-3 +- post 0.71.5 patches + * Tue Feb 24 2009 Fedora Release Engineering - 0.71.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild