Index: /changelog =================================================================== --- /changelog (revision 7046) +++ /changelog (revision 7049) @@ -131,2 +131,3 @@ - Bugfix: PHP Warnung bei Produktbewertungen - Bugfix: Paypal-Schnittstellenanpassung +- Bugfix; Mögliche SicherheitslÃŒcke beim Upload von Widerrufsbelehrungen verhindert Index: /controller/wpsg_AdminController.class.php =================================================================== --- /controller/wpsg_AdminController.class.php (revision 7046) +++ /controller/wpsg_AdminController.class.php (revision 7049) @@ -1735,4 +1735,6 @@ { + \check_admin_referer('wpsg-save-revocation'); + $this->shop->update_option('wpsg_ps_mailwiderruf', $_REQUEST['wpsg_ps_mailwiderruf']); $this->shop->addTranslationString('wpsg_ps_mailwiderruf', $_REQUEST['wpsg_ps_mailwiderruf']); @@ -1740,16 +1742,28 @@ if (file_exists($_FILES['wpsg_widerrufsformular']['tmp_name'])) { - - if (!file_exists(WPSG_PATH_UPLOADS.'wpsg_revocation/')) mkdir(WPSG_PATH_UPLOADS.'wpsg_revocation/', 0775, true); - - $this->clearRevocationForm(); - - move_uploaded_file($_FILES['wpsg_widerrufsformular']['tmp_name'], WPSG_PATH_UPLOADS.'wpsg_revocation/'.$_FILES['wpsg_widerrufsformular']['name']); - $this->addBackendMessage(__('Widerrufsformular erfolgreich hochgeladen.', 'wpsg')); - - $this->shop->update_option('wpsg_revocationform', $_FILES['wpsg_widerrufsformular']['name']); - - } - + + if (mime_content_type($_FILES['wpsg_widerrufsformular']['tmp_name']) === 'application/pdf') { + + if (!file_exists(WPSG_PATH_UPLOADS.'wpsg_revocation/')) mkdir(WPSG_PATH_UPLOADS.'wpsg_revocation/', 0775, true); + + $this->clearRevocationForm(); + + move_uploaded_file($_FILES['wpsg_widerrufsformular']['tmp_name'], WPSG_PATH_UPLOADS.'wpsg_revocation/'.$_FILES['wpsg_widerrufsformular']['name']); + $this->addBackendMessage(__('Widerrufsformular erfolgreich hochgeladen.', 'wpsg')); + + $this->shop->update_option('wpsg_revocationform', $_FILES['wpsg_widerrufsformular']['name']); + + } else { + + $this->shop->addBackendError(__('Dateiformat muss vom Type PDF sein.', 'wpsg')); + + } + + } else if ($_FILES['wpsg_widerrufsformular']['error']) { + + $this->shop->addBackendError(__('Mit dem Upload gab es ein Problem, möglicherweise ist die Datei zu groß.', 'wpsg')); + + } + $this->shop->update_option('wpsg_widerrufsformular_kundenmail', $_REQUEST['wpsg_widerrufsformular_kundenmail']); @@ -1768,5 +1782,6 @@ } - $this->addBackendMessage(__('Widerruf erfolgreich gespeichert.', 'wpsg')); + if (!$this->shop->hasBackendError()) $this->shop->addBackendMessage(__('Widerruf erfolgreich gespeichert.', 'wpsg')); + $this->redirect(WPSG_URL_WP.'wp-admin/admin.php?page=wpsg-Admin&subaction=widerrufsbelehrung'); @@ -1932,4 +1947,6 @@ { + \check_admin_referer('wpsg-save-config'); + $this->update_option('wpsg_currency', $_REQUEST['wpsg_currency']); $this->update_option('wpsg_showincompleteorder', $_REQUEST['wpsg_showincompleteorder']); Index: /controller/wpsg_SystemController.class.php =================================================================== --- /controller/wpsg_SystemController.class.php (revision 7046) +++ /controller/wpsg_SystemController.class.php (revision 7049) @@ -371,4 +371,6 @@ public function hasFrontendError() { return wpsg_isSizedArray($_SESSION['wpsg']['frontendError']); } + + public function hasBackendError() { return wpsg_isSizedArray($_SESSION['wpsg']['backendError']); } /** Index: /views/admin/konfiguration.phtml =================================================================== --- /views/admin/konfiguration.phtml (revision 7046) +++ /views/admin/konfiguration.phtml (revision 7049) @@ -19,5 +19,7 @@
- + + +
Index: /views/admin/widerrufsbelehrung.phtml =================================================================== --- /views/admin/widerrufsbelehrung.phtml (revision 7046) +++ /views/admin/widerrufsbelehrung.phtml (revision 7049) @@ -19,5 +19,7 @@
- + + +