From 6372e454198ed7a1a792b5bfd286af1178ae7d63 Mon Sep 17 00:00:00 2001 From: yehudah Date: Tue, 27 Aug 2019 21:23:41 +0000 Subject: Security and bugs --- .../PostmanConfigurationController.php | 2 +- .../Postman-Email-Log/PostmanEmailLogController.php | 20 ++++++++++---------- Postman/Postman-Email-Log/PostmanEmailLogService.php | 2 +- Postman/Postman-Email-Log/PostmanEmailLogView.php | 17 ++++++++--------- Postman/Postman.php | 6 +++--- Postman/PostmanAdminController.php | 2 +- Postman/PostmanAjaxController.php | 2 +- Postman/PostmanLogFields.php | 5 +++++ Postman/PostmanPluginFeedback.php | 4 ++-- Postman/PostmanViewController.php | 2 +- Postman/PostmanWpMail.php | 3 ++- postman-smtp.php | 10 +++++----- 12 files changed, 40 insertions(+), 35 deletions(-) diff --git a/Postman/Postman-Configuration/PostmanConfigurationController.php b/Postman/Postman-Configuration/PostmanConfigurationController.php index 4cade58..ee14ad8 100644 --- a/Postman/Postman-Configuration/PostmanConfigurationController.php +++ b/Postman/Postman-Configuration/PostmanConfigurationController.php @@ -608,7 +608,7 @@ class PostmanConfigurationController { Postman::getMailerTypeRecommend(); $in_wizard = true; - include_once POST_PATH . '/Postman/extra/donation.php'; + include_once POST_SMTP_PATH . '/Postman/extra/donation.php'; print ''; print ''; diff --git a/Postman/Postman-Email-Log/PostmanEmailLogController.php b/Postman/Postman-Email-Log/PostmanEmailLogController.php index 2df2377..49f226b 100644 --- a/Postman/Postman-Email-Log/PostmanEmailLogController.php +++ b/Postman/Postman-Email-Log/PostmanEmailLogController.php @@ -91,7 +91,7 @@ class PostmanEmailLogController { $to = $meta_values ['original_to'] [0]; } - $success = wp_mail( $to, $meta_values ['original_subject'] [0], maybe_unserialize( $meta_values ['original_message'] [0] ), $meta_values ['original_headers'] [0] ); + $success = wp_mail( $to, $meta_values ['original_subject'] [0], $meta_values ['original_message'] [0], $meta_values ['original_headers'] [0] ); // Postman API: retrieve the result of sending this message from Postman $result = apply_filters( 'postman_wp_mail_result', null ); @@ -158,21 +158,21 @@ class PostmanEmailLogController { if ( PostmanUtils::isAdmin() && isset( $_REQUEST ['email_log_entry'] ) ) { $this->logger->trace( 'handling bulk action' ); if ( wp_verify_nonce( $_REQUEST ['_wpnonce'], 'bulk-email_log_entries' ) ) { - $this->logger->trace( sprintf( 'nonce "%s" passed validation', $_REQUEST ['_wpnonce'] ) ); + $this->logger->trace( sprintf( 'nonce "%s" passed validation', sanitize_text_field($_REQUEST ['_wpnonce']) ) ); if ( isset( $_REQUEST ['action'] ) && ($_REQUEST ['action'] == 'bulk_delete' || $_REQUEST ['action2'] == 'bulk_delete') ) { $this->logger->trace( sprintf( 'handling bulk delete' ) ); $purger = new PostmanEmailLogPurger(); - $postids = $_REQUEST ['email_log_entry']; + $postids = array_map( 'absint', $_REQUEST ['email_log_entry'] ); foreach ( $postids as $postid ) { $purger->verifyLogItemExistsAndRemove( $postid ); } $mh = new PostmanMessageHandler(); $mh->addMessage( __( 'Mail Log Entries were deleted.', 'post-smtp' ) ); } else { - $this->logger->warn( sprintf( 'action "%s" not recognized', $_REQUEST ['action'] ) ); + $this->logger->warn( sprintf( 'action "%s" not recognized', sanitize_text_field($_REQUEST ['action']) ) ); } } else { - $this->logger->warn( sprintf( 'nonce "%s" failed validation', $_REQUEST ['_wpnonce'] ) ); + $this->logger->warn( sprintf( 'nonce "%s" failed validation', sanitize_text_field($_REQUEST ['_wpnonce']) ) ); } $this->redirectToLogPage(); } @@ -184,15 +184,15 @@ class PostmanEmailLogController { // only do this for administrators if ( PostmanUtils::isAdmin() ) { $this->logger->trace( 'handling delete item' ); - $postid = $_REQUEST ['email']; + $postid = absint($_REQUEST ['email']); if ( wp_verify_nonce( $_REQUEST ['_wpnonce'], 'delete_email_log_item_' . $postid ) ) { - $this->logger->trace( sprintf( 'nonce "%s" passed validation', $_REQUEST ['_wpnonce'] ) ); + $this->logger->trace( sprintf( 'nonce "%s" passed validation', sanitize_text_field($_REQUEST ['_wpnonce']) ) ); $purger = new PostmanEmailLogPurger(); $purger->verifyLogItemExistsAndRemove( $postid ); $mh = new PostmanMessageHandler(); $mh->addMessage( __( 'Mail Log Entry was deleted.', 'post-smtp' ) ); } else { - $this->logger->warn( sprintf( 'nonce "%s" failed validation', $_REQUEST ['_wpnonce'] ) ); + $this->logger->warn( sprintf( 'nonce "%s" failed validation', sanitize_text_field($_REQUEST ['_wpnonce']) ) ); } $this->redirectToLogPage(); } @@ -267,7 +267,7 @@ class PostmanEmailLogController { // only do this for administrators if ( PostmanUtils::isAdmin() ) { $this->logger->trace( 'handling view transcript item' ); - $postid = $_REQUEST ['email']; + $postid = absint($_REQUEST ['email']); $post = get_post( $postid ); $meta_values = PostmanLogFields::get_instance()->get( $postid ); // https://css-tricks.com/examples/hrs/ @@ -360,7 +360,7 @@ class PostmanEmailLogController { /* Translators where (%s) is the name of the plugin */ echo sprintf( __( '%s Email Log', 'post-smtp' ), __( 'Post SMTP', 'post-smtp' ) )?> - +
diff --git a/Postman/Postman-Email-Log/PostmanEmailLogService.php b/Postman/Postman-Email-Log/PostmanEmailLogService.php index eeb25c6..1afb4fc 100644 --- a/Postman/Postman-Email-Log/PostmanEmailLogService.php +++ b/Postman/Postman-Email-Log/PostmanEmailLogService.php @@ -193,7 +193,7 @@ if ( ! class_exists( 'PostmanEmailLogService' ) ) { $message .= "\r\n" . __( 'The log to paste when you open a support issue:', 'post-smtp' ) . "\r\n"; if ( $log->statusMessage && ! empty( $log->statusMessage ) ) { - require_once POST_PATH . '/Postman/notifications/PostmanNotify.php'; + require_once POST_SMTP_PATH . '/Postman/notifications/PostmanNotify.php'; $message = $message . $log->statusMessage; diff --git a/Postman/Postman-Email-Log/PostmanEmailLogView.php b/Postman/Postman-Email-Log/PostmanEmailLogView.php index 2f78ec0..2860690 100644 --- a/Postman/Postman-Email-Log/PostmanEmailLogView.php +++ b/Postman/Postman-Email-Log/PostmanEmailLogView.php @@ -110,9 +110,10 @@ class PostmanEmailLogView extends WP_List_Table { } if ( ! (empty( $meta_values ['original_to'] [0] ) && empty( $meta_values ['originalHeaders'] [0] )) ) { // $actions ['resend'] = sprintf ( '%s', $resendUrl, __ ( 'Resend', 'post-smtp' ) ); - $emails = maybe_unserialize( $meta_values ['original_to'] [0] ); - $to = is_array( $emails ) ? implode( ',', $emails ) : $emails; - $actions ['resend'] = sprintf( '%2$s
%5$s
', $item ['ID'], __( 'Resend', 'post-smtp' ), 'resend-' . $item ['ID'], esc_attr( $to ), __( 'comma-separated for multiple emails', 'post-smtp' ), wp_create_nonce( 'resend' ) ); + $emails = $meta_values ['original_to'] [0]; + $to = is_array( $emails ) ? implode( ',', array_walk($emails, 'sanitize_email') ) : sanitize_email( $emails ); + + $actions ['resend'] = sprintf( '%2$s
%5$s
', $item ['ID'], __( 'Resend', 'post-smtp' ), 'resend-' . $item ['ID'], esc_attr( $to ), __( 'comma-separated for multiple emails', 'post-smtp' ), wp_create_nonce( 'resend' ) ); } else { $actions ['resend'] = sprintf( '%2$s', $resendUrl, __( 'Resend', 'post-smtp' ) ); } @@ -262,10 +263,8 @@ class PostmanEmailLogView extends WP_List_Table { * ************************************************************************ */ function prepare_items() { - if ( isset( $_POST['action'] ) && $_POST['action'] == 'post-smtp-filter' ) { - if ( ! wp_verify_nonce( $_REQUEST['post-smtp-log'], 'post-smtp' ) ) - die( 'Security check' ); - } + if ( ! wp_verify_nonce( $_REQUEST['post-smtp-log'], 'post-smtp' ) ) + die( 'Security check' ); /** * First, lets decide how many records per page to show @@ -396,8 +395,8 @@ class PostmanEmailLogView extends WP_List_Table { * sorting technique would be unnecessary. */ function usort_reorder( $a, $b ) { - $orderby = ( ! empty( $_REQUEST ['orderby'] )) ? $_REQUEST ['orderby'] : 'title'; // If no sort, default to title - $order = ( ! empty( $_REQUEST ['order'] )) ? $_REQUEST ['order'] : 'asc'; // If no order, default to asc + $orderby = ( ! empty( $_REQUEST ['orderby'] )) ? sanitize_text_field($_REQUEST ['orderby']) : 'title'; // If no sort, default to title + $order = ( ! empty( $_REQUEST ['order'] )) ? sanitize_text_field($_REQUEST ['order']) : 'asc'; // If no order, default to asc $result = strcmp( $a [ $orderby ], $b [ $orderby ] ); // Determine sort order return ($order === 'asc') ? $result : - $result; // Send final sort direction to usort } diff --git a/Postman/Postman.php b/Postman/Postman.php index 0f36edf..51b2ab1 100644 --- a/Postman/Postman.php +++ b/Postman/Postman.php @@ -91,7 +91,7 @@ class Postman { } if ( isset( $_REQUEST ['page'] ) && $this->logger->isTrace() ) { - $this->logger->trace( 'Current page: ' . $_REQUEST ['page'] ); + $this->logger->trace( 'Current page: ' . sanitize_text_field($_REQUEST ['page']) ); } // register the email transports @@ -369,9 +369,9 @@ class Postman { Mailer Type.', 'post-smtp' ); ?>
TEST Post SMTP with the value PHPMailer.', 'post-smtp' ); ?>
PostSMTP.', 'post-smtp' ); ?>
- +
- how to set mailer type + how to set mailer type
diff --git a/Postman/PostmanAdminController.php b/Postman/PostmanAdminController.php index e871821..3d0486f 100644 --- a/Postman/PostmanAdminController.php +++ b/Postman/PostmanAdminController.php @@ -328,7 +328,7 @@ if ( ! class_exists( 'PostmanAdminController' ) ) { $this->logger->debug( 'is wpnonce import-settings?' ); $success = true; if ( wp_verify_nonce( $_REQUEST ['_wpnonce'], PostmanAdminController::IMPORT_SETTINGS_SLUG ) ) { - $success = PostmanOptions::getInstance()->import( $_POST ['settings'] ); + $success = PostmanOptions::getInstance()->import( sanitize_textarea_field($_POST ['settings']) ); } else { $success = false; } diff --git a/Postman/PostmanAjaxController.php b/Postman/PostmanAjaxController.php index e8e54b6..16d70cc 100644 --- a/Postman/PostmanAjaxController.php +++ b/Postman/PostmanAjaxController.php @@ -49,7 +49,7 @@ if (! class_exists ( 'PostmanAbstractAjaxHandler' )) { */ protected function getRequestParameter($parameterName) { if (isset ( $_POST [$parameterName] )) { - $value = $_POST[$parameterName]; + $value = sanitize_text_field($_POST[$parameterName]); $this->logger->trace ( sprintf ( 'Found parameter "%s"', $parameterName ) ); $this->logger->trace ( $value ); return $value; diff --git a/Postman/PostmanLogFields.php b/Postman/PostmanLogFields.php index e1f9c90..9299586 100644 --- a/Postman/PostmanLogFields.php +++ b/Postman/PostmanLogFields.php @@ -49,6 +49,11 @@ class PostmanLogFields { } private function maybe_json( $json ) { + + if ( is_array( $json ) ) { + return implode( ',', $json ); + } + if ( $this->isJson( $json ) ) { return implode( ',', json_decode( $json, true ) ); } diff --git a/Postman/PostmanPluginFeedback.php b/Postman/PostmanPluginFeedback.php index 7465377..95ea06f 100644 --- a/Postman/PostmanPluginFeedback.php +++ b/Postman/PostmanPluginFeedback.php @@ -4,7 +4,7 @@ if ( ! defined( 'ABSPATH' ) ) { } class PostmanPluginFeedback { function __construct() { - add_filter( 'plugin_action_links_' . plugin_basename( POST_BASE ), array( $this, 'insert_deactivate_link_id' ) ); + add_filter( 'plugin_action_links_' . plugin_basename( POST_SMTP_BASE ), array( $this, 'insert_deactivate_link_id' ) ); add_action( 'wp_ajax_post_user_feedback', array( $this, 'post_user_feedback' ) ); global $pagenow; if ( 'plugins.php' === $pagenow ) { @@ -16,7 +16,7 @@ class PostmanPluginFeedback { function load_scripts() { wp_enqueue_style( 'wp-jquery-ui-dialog' ); - wp_register_script( 'post-feedback', plugins_url( 'script/feedback/feedback.js', POST_BASE ), array( 'jquery', 'jquery-ui-core', 'jquery-ui-dialog' ), false, true ); + wp_register_script( 'post-feedback', plugins_url( 'script/feedback/feedback.js', POST_SMTP_BASE ), array( 'jquery', 'jquery-ui-core', 'jquery-ui-dialog' ), false, true ); wp_localize_script( 'post-feedback', 'post_feedback', array( 'admin_ajax' => admin_url( 'admin-ajax.php' ) ) ); wp_enqueue_script( 'post-feedback' ); } diff --git a/Postman/PostmanViewController.php b/Postman/PostmanViewController.php index e41234c..9082d35 100644 --- a/Postman/PostmanViewController.php +++ b/Postman/PostmanViewController.php @@ -331,7 +331,7 @@ if ( ! class_exists( 'PostmanViewController' ) ) {
'; } - include_once POST_PATH . '/Postman/extra/donation.php'; + include_once POST_SMTP_PATH . '/Postman/extra/donation.php'; echo '
'; print '
'; diff --git a/Postman/PostmanWpMail.php b/Postman/PostmanWpMail.php index 85f3ebd..3a2b508 100644 --- a/Postman/PostmanWpMail.php +++ b/Postman/PostmanWpMail.php @@ -82,7 +82,8 @@ if ( ! class_exists( 'PostmanWpMail' ) ) { $hostName = php_uname('n'); } - return $id . '@' . $hostName; + return $id . '@' . str_replace('www.', '', $hostName); + } /** diff --git a/postman-smtp.php b/postman-smtp.php index 674392d..07454ed 100644 --- a/postman-smtp.php +++ b/postman-smtp.php @@ -41,9 +41,9 @@ if ( ! defined( 'ABSPATH' ) ) { * DO some check and Start Postman */ -define( 'POST_BASE', __FILE__ ); -define( 'POST_PATH', __DIR__ ); -define( 'POST_URL', plugins_url('', POST_BASE ) ); +define( 'POST_SMTP_BASE', __FILE__ ); +define( 'POST_SMTP_PATH', __DIR__ ); +define( 'POST_SMTP_URL', plugins_url('', POST_SMTP_BASE ) ); define( 'POST_SMTP_VER', '2.0.4' ); $postman_smtp_exist = in_array( 'postman-smtp/postman-smtp.php', (array) get_option( 'active_plugins', array() ) ); @@ -60,7 +60,7 @@ if ( $postman_smtp_exist || $required_php_version ) { add_action( 'admin_notices', 'post_smtp_plugin_admin_notice_version' ); } } else { - post_start( memory_get_usage() ); + post_smtp_start( memory_get_usage() ); } @@ -121,7 +121,7 @@ add_action( 'admin_footer', 'post_dismiss_not_configured' ); * * @param mixed $startingMemory */ -function post_start( $startingMemory ) { +function post_smtp_start( $startingMemory ) { post_setupPostman(); PostmanUtils::logMemoryUse( $startingMemory, 'Postman' ); } -- cgit v1.2.3