chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Security fixes

Browse Source
pull/4101/head
Julio Montoya 5 years ago
parent 2f5c17cc0c
commit a95c440837
2 changed files with 36 additions and 16 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      main/inc/lib/usermanager.lib.php
  2. 44
      main/webservices/registration.soap.php

8
main/inc/lib/usermanager.lib.php
Unescape View File

@ -2260,6 +2260,14 @@ class UserManager
$filename = $user_id.'_'.$filename; $filename = $user_id.'_'.$filename;
} }
if (!file_exists($source_file)) {
return false;
}
$mimeContentType = mime_content_type($source_file);
if (false === strpos($mimeContentType, 'image')) {
return false;
}
//Crop the image to adjust 1:1 ratio //Crop the image to adjust 1:1 ratio
$image = new Image($source_file); $image = new Image($source_file);
$image->crop($cropParameters); $image->crop($cropParameters);

44
main/webservices/registration.soap.php
Unescape View File

@ -2078,6 +2078,13 @@ $server->register(
// Define the method WSEditUserWithPicture // Define the method WSEditUserWithPicture
function WSEditUserWithPicture($params) function WSEditUserWithPicture($params)
{ {
if (ini_get('allow_url_fopen')) {
return new soap_fault(
'Server',
'',
'WSEditUserWithPicture is disabled because allow_url_fopen is enabled in the server.'
);
}
if (!WSHelperVerifyKey($params)) { if (!WSHelperVerifyKey($params)) {
return returnError(WS_ERROR_SECRET_KEY); return returnError(WS_ERROR_SECRET_KEY);
} }
@ -2118,24 +2125,15 @@ function WSEditUserWithPicture($params)
$original_user_id_name $original_user_id_name
); );
// Get picture and generate uri. if (empty($user_id)) {
$filename = basename($picture_url); return 0;
$tempDir = api_get_path(SYS_ARCHIVE_PATH);
// Make sure the file download was OK by checking the HTTP headers for OK
if (strpos(get_headers($picture_url)[0], "OK")) {
file_put_contents($tempDir.$filename, file_get_contents($picture_url));
$pictureUri = UserManager::update_user_picture($user_id, $filename, $tempDir.$filename);
} }
if ($user_id == 0) { $sql = "SELECT id FROM $table_user WHERE id =$user_id AND active= 0";
$resu = Database::query($sql);
$r_check_user = Database::fetch_row($resu);
if (!empty($r_check_user[0])) {
return 0; return 0;
} else {
$sql = "SELECT id FROM $table_user WHERE id =$user_id AND active= 0";
$resu = Database::query($sql);
$r_check_user = Database::fetch_row($resu);
if (!empty($r_check_user[0])) {
return 0;
}
} }
// Check whether username already exits. // Check whether username already exits.
@ -2148,6 +2146,19 @@ function WSEditUserWithPicture($params)
return 0; return 0;
} }
// Get picture and generate uri.
$filename = basename($picture_url);
$tempDir = api_get_path(SYS_ARCHIVE_PATH);
// Make sure the file download was OK by checking the HTTP headers for OK
if (strpos(get_headers($picture_url)[0], "OK")) {
$tempFile = $tempDir.uniqid('user_image', true);
file_put_contents($tempFile, file_get_contents($picture_url));
$pictureUri = UserManager::update_user_picture($user_id, $filename, $tempFile);
if (file_exists($tempFile)) {
unlink($tempFile);
}
}
/** @var User $user */ /** @var User $user */
$user = $userRepository->find($user_id); $user = $userRepository->find($user_id);
@ -2190,7 +2201,8 @@ function WSEditUserWithPicture($params)
->setExpirationDate($expiration_date) ->setExpirationDate($expiration_date)
->setHrDeptId($hr_dept_id) ->setHrDeptId($hr_dept_id)
->setActive(true) ->setActive(true)
->setPictureUri($pictureUri); ->setPictureUri($pictureUri)
;
if (!is_null($creator_id)) { if (!is_null($creator_id)) {
$user->setCreatorId($creator_id); $user->setCreatorId($creator_id);

Write Preview
Loading…
Cancel
Save