Add security token to course copy tool - refs #7275

10 years ago · 587961662a
parent 02aae00da0
commit 587961662a
5 changed files with 133 additions and 20 deletions
--- a/main/coursecopy/copy_course.php
+++ b/main/coursecopy/copy_course.php
@ -45,7 +45,18 @@ echo Display::page_header(get_lang('CopyCourse'));
 /*	MAIN CODE */

 // If a CourseSelectForm is posted or we should copy all resources, then copy them
-if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (isset($_POST['copy_option']) && $_POST['copy_option'] == 'full_copy')) {
+if (
+    Security::check_token('post') && (
+        (
+            isset($_POST['action']) &&
+            $_POST['action'] == 'course_select_form') || (
+                isset($_POST['copy_option']) && $_POST['copy_option'] == 'full_copy'
+        )
+    )
+) {
+    // Clear token
+    Security::clear_token();
+
    if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') {
        $course = CourseSelectForm :: get_posted_course('copy_course');
    } else {
@ -56,7 +67,15 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (is
    $cr->set_file_option($_POST['same_file_name_option']);
    $cr->restore($_POST['destination_course']);
    Display::display_normal_message(get_lang('CopyFinished').': <a href="'.api_get_course_url($_POST['destination_course']).'">'.$_POST['destination_course'].'</a>', false);
-} elseif (isset ($_POST['copy_option']) && $_POST['copy_option'] == 'select_items') {
+} elseif (
+    Security::check_token('post') && (
+        isset ($_POST['copy_option']) &&
+        $_POST['copy_option'] == 'select_items'
+    )
+) {
+    // Clear token
+    Security::clear_token();
+
    $cb = new CourseBuilder();
    $course = $cb->build();
    $hidden_fields = array();
@ -104,6 +123,12 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') || (is
        $form->add_progress_bar();
        $form->addElement('style_submit_button', 'submit', get_lang('CopyCourse'), 'class="save"');
        $form->setDefaults(array('copy_option' =>'select_items','same_file_name_option' => FILE_OVERWRITE));
+
+        // Add Security token
+        $token = Security::get_token();
+        $form->addElement('hidden', 'sec_token');
+        $form->setConstants(array('sec_token' => $token));
+
        $form->display();
 	}
 }
--- a/main/coursecopy/copy_course_session.php
+++ b/main/coursecopy/copy_course_session.php
@ -131,6 +131,10 @@ function display_form()
    $html .= '<label class="checkbox"><input type="checkbox" id="copy_base_content_id" name="copy_only_session_items" />'.get_lang('CopyOnlySessionItems').'</label><br /><br/>';

    $html .= '<button class="save" type="submit" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES))."'".')) return false;">'.get_lang('CopyCourse').'</button>';
+
+    // Add Security token
+    $html .= '<input type="hidden" value="' . Security::get_token() . '" name="sec_token">';
+
    $html .= '</form>';

    echo $html;
@ -271,9 +275,19 @@ if (isset($_POST['copy_only_session_items']) && $_POST['copy_only_session_items'
 }

 /*  MAIN CODE  */
-if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') ||
-    (isset($_POST['copy_option']) && $_POST['copy_option'] == 'full_copy')
+if (
+    Security::check_token('post') && (
+        (
+            isset($_POST['action']) &&
+            $_POST['action'] == 'course_select_form'
+        ) || (
+            isset($_POST['copy_option']) &&
+            $_POST['copy_option'] == 'full_copy'
+        )
+    )
 ) {
+    // Clear token
+    Security::clear_token();

 	$destination_course = $origin_course = $destination_session = $origin_session = '';

@ -339,7 +353,14 @@ if ((isset($_POST['action']) && $_POST['action'] == 'course_select_form') ||
 			display_form();
 		}
 	}
-} elseif (isset($_POST['copy_option']) && $_POST['copy_option'] == 'select_items') {
+} elseif (
+    Security::check_token('post') && (
+        isset($_POST['copy_option']) &&
+        $_POST['copy_option'] == 'select_items'
+    )
+) {
+    // Clear token
+    Security::clear_token();

 	// Else, if a CourseSelectForm is requested, show it
 	if (api_get_setting('show_glossary_in_documents') != 'none') {
--- a/main/coursecopy/create_backup.php
+++ b/main/coursecopy/create_backup.php
@ -53,11 +53,20 @@ echo Display::page_header($nameTools);

 /*	MAIN CODE */

-if ((isset($_POST['action']) &&
-    $_POST['action'] == 'course_select_form') ||
-    (isset($_POST['backup_option']) &&
-    $_POST['backup_option'] == 'full_backup')
+if (
+    Security::check_token('post') && (
+        (
+            isset($_POST['action']) &&
+            $_POST['action'] == 'course_select_form'
+        ) || (
+            isset($_POST['backup_option']) &&
+            $_POST['backup_option'] == 'full_backup'
+        )
+    )
 ) {
+    // Clear token
+    Security::clear_token();
+
 	if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') {
 		$course = CourseSelectForm::get_posted_course();
 	} else {
@ -70,7 +79,15 @@ if ((isset($_POST['action']) &&
 	echo '<br /><a class="btn btn-primary btn-large" href="'.api_get_path(WEB_CODE_PATH).'course_info/download.php?archive='.$zip_file.'&'.api_get_cidreq().'">
 	'.get_lang('Download').'</a>';

-} elseif (isset($_POST['backup_option']) && $_POST['backup_option'] == 'select_items') {
+} elseif (
+    Security::check_token('post') && (
+        isset($_POST['backup_option']) &&
+        $_POST['backup_option'] == 'select_items'
+    )
+) {
+    // Clear token
+    Security::clear_token();
+
 	$cb = new CourseBuilder('partial');
 	$course = $cb->build();
 	CourseSelectForm::display_form($course);
@ -97,6 +114,12 @@ if ((isset($_POST['action']) &&
        );
 		$values['backup_option'] = 'full_backup';
 		$form->setDefaults($values);
+
+        // Add Security token
+        $token = Security::get_token();
+        $form->addElement('hidden', 'sec_token');
+        $form->setConstants(array('sec_token' => $token));
+
 		$form->display();
 	}
 }
--- a/main/coursecopy/import_backup.php
+++ b/main/coursecopy/import_backup.php
@ -48,11 +48,20 @@ echo Display::page_header($nameTools);

 /*	MAIN CODE */

-if ((isset($_POST['action']) &&
-    $_POST['action'] == 'course_select_form') ||
-    (isset($_POST['import_option']) &&
-    $_POST['import_option'] == 'full_backup')
+if (
+    Security::check_token('post') && (
+        (
+            isset($_POST['action']) &&
+            $_POST['action'] == 'course_select_form'
+        ) || (
+            isset($_POST['import_option']) &&
+            $_POST['import_option'] == 'full_backup'
+        )
+    )
 ) {
+    // Clear token
+    Security::clear_token();
+
 	$error = false;
 	if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') {
 		// Partial backup here we recover the documents posted
@ -106,7 +115,15 @@ if ((isset($_POST['action']) &&
 	}
 	CourseArchiver::clean_backup_dir();

-} elseif (isset($_POST['import_option']) && $_POST['import_option'] == 'select_items') {
+} elseif (
+    Security::check_token('post') && (
+        isset($_POST['import_option']) &&
+        $_POST['import_option'] == 'select_items'
+    )
+) {
+    // Clear token
+    Security::clear_token();
+
 	if ($_POST['backup_type'] == 'server') {
 		$filename = $_POST['backup_server'];
 		$delete_file = false;
@ -186,6 +203,11 @@ if ((isset($_POST['action']) &&
        )
    ));

+    // Add Security token
+    $token = Security::get_token();
+    $form->addElement('hidden', 'sec_token');
+    $form->setConstants(array('sec_token' => $token));
+
 	$form->display();
 }

--- a/main/coursecopy/recycle_course.php
+++ b/main/coursecopy/recycle_course.php
@ -46,11 +46,19 @@ echo Display::page_header($nameTools);

 /*		MAIN CODE	*/

-if ((isset($_POST['action']) &&
-    $_POST['action'] == 'course_select_form') ||
-    (isset($_POST['recycle_option']) &&
-    $_POST['recycle_option'] == 'full_backup')
+if (
+    Security::check_token('post') && (
+        isset($_POST['action']) &&
+        $_POST['action'] == 'course_select_form' ||
+        (
+            isset($_POST['recycle_option']) &&
+            $_POST['recycle_option'] == 'full_backup'
+        )
+    )
 ) {
+    // Clear token
+    Security::clear_token();
+
 	if (isset($_POST['action']) && $_POST['action'] == 'course_select_form') {
 		$course = CourseSelectForm::get_posted_course();
 	} else {
@ -67,7 +75,16 @@ if ((isset($_POST['action']) &&
 	$cr->recycle($recycle_type);

 	Display::display_confirmation_message(get_lang('RecycleFinished'));
-} elseif (isset($_POST['recycle_option']) && $_POST['recycle_option'] == 'select_items') {
+
+} elseif (
+    Security::check_token('post') && (
+        isset($_POST['recycle_option']) &&
+        $_POST['recycle_option'] == 'select_items'
+    )
+) {
+    // Clear token
+    Security::clear_token();
+
 	$cb = new CourseBuilder();
 	$course = $cb->build();
 	CourseSelectForm::display_form($course);
@ -84,6 +101,11 @@ if ((isset($_POST['action']) &&
        $form->addElement('radio', 'recycle_option', null, get_lang('LetMeSelectItems'), 'select_items');
        $form->addElement('style_submit_button', 'submit', get_lang('RecycleCourse'), 'class="save"');
        $form->setDefaults(array('recycle_option' => 'select_items'));
+        // Add Security token
+        $token = Security::get_token();
+        $form->addElement('hidden', 'sec_token');
+        $form->setConstants(array('sec_token' => $token));
+
        $form->display();
 	}
 }