EuskadiTech/Axia4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance security and input sanitization across multiple files

Browse Source 
- Added a new tools.security.php file containing functions for sanitizing filenames, paths, and user inputs to prevent directory traversal and XSS attacks.
- Updated various files to utilize the new sanitization functions (Sf, Si) for user inputs and file operations, ensuring safer handling of data.
- Improved HTML output safety by applying htmlspecialchars to user-generated content in pre-body.php, cal.php, and other relevant files.
- Refactored user authentication and data retrieval processes in tools.auth.php and _login.php to enhance security and maintainability.
- Ensured consistent use of sanitization functions in API endpoints and admin functionalities to mitigate potential security vulnerabilities.
This commit is contained in:
naielv
2026-02-18 23:22:58 +01:00
parent a6ebede883
commit 98f430188c
17 changed files with 214 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
public_html/_login.php
View File

@@ -1,12 +1,13 @@
<?php
session_start();
require_once "_incl/tools.session.php";
require_once "_incl/tools.security.php";
if (!isset($AuthConfig)) {
$AuthConfig = json_decode(file_get_contents("/DATA/AuthConfig.json"), true);
}
$DOMAIN = $_SERVER["HTTP_X_FORWARDED_HOST"] ?? $_SERVER["HTTP_HOST"];
if ($_GET["reload_user"] == "1") {
$user = str_replace("@", "__", $_SESSION["auth_user"]);
$userdata = json_decode(file_get_contents("/DATA/Usuarios/$user.json"), true);
$userdata = json_decode(file_get_contents("/DATA/Usuarios/" . Sf($user) . ".json"), true);
$_SESSION['auth_data'] = $userdata;
$redir = $_GET["redir"] ?? "/";
header("Location: $redir");
@@ -55,7 +56,7 @@ if ($_GET["google_callback"] == "1") {
$email = $user_info["email"];
$name = $user_info["name"] ?? explode("@", $email)[0];
$userfile = "/DATA/Usuarios/" . strtolower(str_replace("@", "__", $email)) . ".json";
$userfile = "/DATA/Usuarios/" . Sf(strtolower(str_replace("@", "__", $email))) . ".json";
$password = bin2hex(random_bytes(16)); // Generar una contraseña aleatoria para el usuario, aunque no se usará para iniciar sesión
if (file_exists($userfile)) {
$userdata = json_decode(file_get_contents($userfile), true);
@@ -123,7 +124,7 @@ if (isset($_POST["user"])) {
$valid = "";
$user = trim(strtolower($_POST["user"]));
$password = $_POST["password"];
$userdata = json_decode(file_get_contents("/DATA/Usuarios/$user.json"), true);
$userdata = json_decode(file_get_contents("/DATA/Usuarios/" . Sf($user) . ".json"), true);
if (!isset($userdata["password_hash"])) {
$_GET["_result"] = "El usuario no existe.";
}