Skip to content

Commit

Permalink
Fixed low risk XSS issue with user account address edit. Backported f…
Browse files Browse the repository at this point in the history 
…ix to 2.1.0.1 -> new version set to patch version 2.1.0.2
  • Loading branch information
@jamesallsup
jamesallsup committed Dec 30, 2015
1 parent 4abfcbe commit a030b9b
Show file tree
Hide file tree
Showing 12 changed files with 26 additions and 22 deletions.
8 changes: 6 additions & 2 deletions changelog.md
View file
@@ -1,8 +1,12 @@
# OpenCart 2.0 change log
# OpenCart change log

## v2.1.0.2 (06.10.2015)
#### Bugs fixed
* XSS issue resolved for zone_id. Thanks to www.netsparker.com for finding. (https://github.com/opencart/opencart/commit/33642ba18dc2645396dd35a0434964d7721d5eb3)

## v2.1.0.1 (06.10.2015)
#### Bugs fixed
* Use the ip address from data in Fraudlanbs module and update language strings
* Use the ip address from data in Fraudlabs module and update language strings
#### Changes
* Allow download of the error log

Expand Down
2 changes: 1 addition & 1 deletion upload/admin/index.php
View file
@@ -1,6 +1,6 @@
<?php
// Version
define('VERSION', '2.1.0.1');
define('VERSION', '2.1.0.2');

// Configuration
if (is_file('config.php')) {
Expand Down
8 changes: 4 additions & 4 deletions upload/catalog/controller/account/address.php
View file
Expand Up @@ -429,15 +429,15 @@ protected function getForm() {
}

if (isset($this->request->post['country_id'])) {
$data['country_id'] = $this->request->post['country_id'];
$data['country_id'] = (int)$this->request->post['country_id'];
} elseif (!empty($address_info)) {
$data['country_id'] = $address_info['country_id'];
} else {
$data['country_id'] = $this->config->get('config_country_id');
}

if (isset($this->request->post['zone_id'])) {
$data['zone_id'] = $this->request->post['zone_id'];
$data['zone_id'] = (int)$this->request->post['zone_id'];
} elseif (!empty($address_info)) {
$data['zone_id'] = $address_info['zone_id'];
} else {
Expand Down Expand Up @@ -510,11 +510,11 @@ protected function validateForm() {
$this->error['postcode'] = $this->language->get('error_postcode');
}

if ($this->request->post['country_id'] == '') {
if ($this->request->post['country_id'] == '' || !is_numeric($this->request->post['country_id'])) {
$this->error['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$this->error['zone'] = $this->language->get('error_zone');
}

Expand Down
6 changes: 3 additions & 3 deletions upload/catalog/controller/account/register.php
View file
Expand Up @@ -253,15 +253,15 @@ public function index() {
}

if (isset($this->request->post['country_id'])) {
$data['country_id'] = $this->request->post['country_id'];
$data['country_id'] = (int)$this->request->post['country_id'];
} elseif (isset($this->session->data['shipping_address']['country_id'])) {
$data['country_id'] = $this->session->data['shipping_address']['country_id'];
} else {
$data['country_id'] = $this->config->get('config_country_id');
}

if (isset($this->request->post['zone_id'])) {
$data['zone_id'] = $this->request->post['zone_id'];
$data['zone_id'] = (int)$this->request->post['zone_id'];
} elseif (isset($this->session->data['shipping_address']['zone_id'])) {
$data['zone_id'] = $this->session->data['shipping_address']['zone_id'];
} else {
Expand Down Expand Up @@ -395,7 +395,7 @@ private function validate() {
$this->error['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$this->error['zone'] = $this->language->get('error_zone');
}

Expand Down
6 changes: 3 additions & 3 deletions upload/catalog/controller/affiliate/edit.php
View file
Expand Up @@ -228,15 +228,15 @@ public function index() {
}

if (isset($this->request->post['country_id'])) {
$data['country_id'] = $this->request->post['country_id'];
$data['country_id'] = (int)$this->request->post['country_id'];
} elseif (!empty($affiliate_info)) {
$data['country_id'] = $affiliate_info['country_id'];
} else {
$data['country_id'] = $this->config->get('config_country_id');
}

if (isset($this->request->post['zone_id'])) {
$data['zone_id'] = $this->request->post['zone_id'];
$data['zone_id'] = (int)$this->request->post['zone_id'];
} elseif (!empty($affiliate_info)) {
$data['zone_id'] = $affiliate_info['zone_id'];
} else {
Expand Down Expand Up @@ -303,7 +303,7 @@ protected function validate() {
$this->error['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$this->error['zone'] = $this->language->get('error_zone');
}

Expand Down
6 changes: 3 additions & 3 deletions upload/catalog/controller/affiliate/register.php
View file
Expand Up @@ -234,13 +234,13 @@ public function index() {
}

if (isset($this->request->post['country_id'])) {
$data['country_id'] = $this->request->post['country_id'];
$data['country_id'] = (int)$this->request->post['country_id'];
} else {
$data['country_id'] = $this->config->get('config_country_id');
}

if (isset($this->request->post['zone_id'])) {
$data['zone_id'] = $this->request->post['zone_id'];
$data['zone_id'] = (int)$this->request->post['zone_id'];
} else {
$data['zone_id'] = '';
}
Expand Down Expand Up @@ -397,7 +397,7 @@ protected function validate() {
$this->error['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$this->error['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/catalog/controller/checkout/guest.php
View file
Expand Up @@ -232,7 +232,7 @@ public function save() {
$json['error']['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$json['error']['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/catalog/controller/checkout/guest_shipping.php
View file
Expand Up @@ -145,7 +145,7 @@ public function save() {
$json['error']['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$json['error']['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/catalog/controller/checkout/payment_address.php
View file
Expand Up @@ -148,7 +148,7 @@ public function save() {
$json['error']['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$json['error']['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/catalog/controller/checkout/register.php
View file
Expand Up @@ -182,7 +182,7 @@ public function save() {
$json['error']['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$json['error']['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/catalog/controller/checkout/shipping_address.php
View file
Expand Up @@ -159,7 +159,7 @@ public function save() {
$json['error']['country'] = $this->language->get('error_country');
}

if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '' || !is_numeric($this->request->post['zone_id'])) {
$json['error']['zone'] = $this->language->get('error_zone');
}

Expand Down
2 changes: 1 addition & 1 deletion upload/index.php
View file
@@ -1,6 +1,6 @@
<?php
// Version
define('VERSION', '2.1.0.1');
define('VERSION', '2.1.0.2');

// Configuration
if (is_file('config.php')) {
Expand Down

2 comments on commit a030b9b

@apmuthu
Copy link

@apmuthu apmuthu commented on a030b9b Jan 6, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line 36 of file upload/admin/controller/tool/backup.php:
$data['entry_export'] = $this->language->get('entry_export');
should be
$data['entry_export'] = $this->language->get('entry_backup');

backup export translation

@her63
Copy link

@her63 her63 commented on a030b9b Jan 17, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you, keep the spirit on

Please sign in to comment.