wprintf(_("Select access level for this user:"));
wprintf("<br />\n");
for (a = 0; a <= 6; ++a) {
- wprintf("<a href=\"validate&user=");
+ wprintf("<a href=\"validate?nonce=%ld?user=", WC->nonce);
urlescputs(user);
wprintf("&axlevel=%d\">%s</A> \n",
a, axdefs[a]);
}
wprintf("<form name=\"changepwform\" action=\"changepw\" method=\"post\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<CENTER>"
"<table border=\"0\" cellspacing=\"5\" cellpadding=\"5\" "
"BGCOLOR=\"#EEEEEE\">"
"<table class=\"calendar_background\"><tr><td>");
wprintf("<FORM METHOD=\"POST\" action=\"save_task\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"hidden\" NAME=\"msgnum\" VALUE=\"%ld\">\n",
msgnum);
strcpy(TheSession->httpauth_pass, httpauth_pass);
pthread_mutex_init(&TheSession->SessionMutex, NULL);
pthread_mutex_lock(&SessionListMutex);
+ TheSession->nonce = rand();
TheSession->next = SessionList;
SessionList = TheSession;
pthread_mutex_unlock(&SessionListMutex);
/*
- * $Id: downloads.c 4849 2007-01-08 20:05:56Z ajc $
+ * $Id$
*/
#include "webcit.h"
"name=\"upload_file_form\""
">\n"
);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("Upload a file:"));
wprintf(" <input NAME=\"filename\" SIZE=16 TYPE=\"file\"> \n");
*************************************************************/
wprintf("<FORM NAME=\"EventForm\" METHOD=\"POST\" action=\"save_event\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"hidden\" NAME=\"msgnum\" VALUE=\"%ld\">\n",
msgnum);
"<INPUT TYPE=\"text\" NAME=\"floorname\" "
"VALUE=\"%s\" MAXLENGTH=\"250\">\n",
floornum, floorname);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"SUBMIT\" NAME=\"sc\" "
"VALUE=\"%s\">"
"</FORM></TD>", _("Change name"));
"<INPUT TYPE=\"text\" NAME=\"floorcss\" "
"VALUE=\"%s\" MAXLENGTH=\"250\">\n",
floornum, floorname);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"SUBMIT\" NAME=\"sc\" "
"VALUE=\"%s\">"
"</FORM></TD>", _("Change CSS"));
wprintf("<FORM ENCTYPE=\"multipart/form-data\" action=\"%s\" "
"METHOD=\"POST\" NAME=\"graphicsupload\">\n", uplurl);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"hidden\" NAME=\"which_room\" VALUE=\"");
urlescputs(bstr("which_room"));
wprintf("\">\n");
"<table class=\"iconbar_background\"><tr><td>");
wprintf("<FORM METHOD=\"POST\" action=\"commit_iconbar\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<CENTER>");
wprintf(_("Display icons as:"));
wprintf("</font></a></TD></TR>\n");
}
}
- wprintf("<FORM METHOD=\"POST\" action=\"save_inetconf\">\n"
- "<TR><TD>"
+ wprintf("<FORM METHOD=\"POST\" action=\"save_inetconf\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
+ wprintf("<TR><TD>"
"<INPUT TYPE=\"text\" NAME=\"ename\" MAXLENGTH=\"64\">"
"<INPUT TYPE=\"hidden\" NAME=\"etype\" VALUE=\"%s\">", ic_keyword[which]);
wprintf("</TD><TD ALIGN=RIGHT>"
* Any other (invalid) command causes the form to be displayed
*/
else {
-FORM: wprintf("<FORM METHOD=\"POST\" action=\"listsub\">\n"
- "<TABLE BORDER=0>\n"
- );
+FORM: wprintf("<FORM METHOD=\"POST\" action=\"listsub\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
+ wprintf("<TABLE BORDER=0>\n");
wprintf("<TR><TD>Name of list</TD><TD>"
"<SELECT NAME=\"room\" SIZE=1>\n");
wprintf("<br />\n");
wprintf("<form method=\"post\" action=\"do_generic\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("Enter command:"));
wprintf("<br /><input type=\"text\" name=\"g_cmd\" size=80 maxlength=\"250\"><br />\n");
wprintf("<input type=\"hidden\" name=\"wikipage\" value=\"%s\">\n", bstr("wikipage"));
}
wprintf("<input type=\"hidden\" name=\"return_to\" value=\"%s\">\n", bstr("return_to"));
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
/** header bar */
wprintf("<br />\n");
wprintf("<form METHOD=\"POST\" action=\"move_msg\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"hidden\" NAME=\"msgid\" VALUE=\"%s\">\n", bstr("msgid"));
wprintf("<SELECT NAME=\"target_room\" SIZE=5>\n");
wprintf("</div>\n<div id=\"content\">\n");
wprintf("<FORM METHOD=\"POST\" action=\"edit_node\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<CENTER><TABLE border=0>\n");
wprintf("<TR><TD>%s</TD>", _("Node name"));
wprintf("<TD><INPUT TYPE=\"text\" NAME=\"node\" MAXLENGTH=\"16\"></TD></TR>\n");
if (!strcasecmp(node, cnode)) {
wprintf("<FORM METHOD=\"POST\" action=\"edit_node\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<CENTER><TABLE border=0>\n");
wprintf("<TR><TD>");
wprintf(_("Node name"));
wprintf("<br>\n");
wprintf("<FORM METHOD=\"POST\" action=\"page_user\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<TABLE border=0 width=100%%><TR><TD>\n");
WC->chat_sock = i;
wprintf("<FORM METHOD=\"POST\" action=\"chat_send\" NAME=\"chatsendform\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"text\" SIZE=\"80\" MAXLENGTH=\"%d\" "
"NAME=\"send_this\">\n", SIZ-10);
wprintf("<br />");
"<form name=\"prefform\" action=\"set_preferences\" "
"method=\"post\">\n"
"<table border=0 cellspacing=5 cellpadding=5>\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
/**
* Room list view
if (!strcmp(tab, "config")) {
wprintf("<FORM METHOD=\"POST\" action=\"editroom\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<UL><LI>");
wprintf(_("Name of room: "));
extract_token(node, buf, 0, '|', sizeof node);
extract_token(remote_room, buf, 1, '|', sizeof remote_room);
if (strlen(node) > 0) {
- wprintf("<FORM METHOD=\"POST\" "
- "action=\"netedit\">"
- "<TR><TD>%s</TD>\n", node);
+ wprintf("<FORM METHOD=\"POST\" action=\"netedit\">");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
+ wprintf("<TR><TD>%s</TD>\n", node);
wprintf("<TD>");
if (strlen(remote_room) > 0) {
for (i=0; i<num_tokens(not_shared_with, '\n'); ++i) {
extract_token(node, not_shared_with, i, '\n', sizeof node);
if (strlen(node) > 0) {
- wprintf("<FORM METHOD=\"POST\" "
- "action=\"netedit\">"
- "<TR><TD>");
+ wprintf("<FORM METHOD=\"POST\" action=\"netedit\">");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
+ wprintf("<TR><TD>");
escputs(node);
wprintf("</TD><TD>"
"<INPUT TYPE=\"INPUT\" "
wprintf("<br /><FORM METHOD=\"POST\" action=\"netedit\">\n"
"<INPUT TYPE=\"hidden\" NAME=\"tab\" VALUE=\"listserv\">\n"
"<INPUT TYPE=\"hidden\" NAME=\"prefix\" VALUE=\"listrecp|\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"text\" id=\"add_as_listrecp\" NAME=\"line\">\n");
wprintf("<INPUT TYPE=\"submit\" NAME=\"add_button\" VALUE=\"%s\">", _("Add"));
wprintf("</FORM>\n");
wprintf("<br /><FORM METHOD=\"POST\" action=\"netedit\">\n"
"<INPUT TYPE=\"hidden\" NAME=\"tab\" VALUE=\"listserv\">\n"
"<INPUT TYPE=\"hidden\" NAME=\"prefix\" VALUE=\"digestrecp|\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"text\" id=\"add_as_digestrecp\" NAME=\"line\">\n");
wprintf("<INPUT TYPE=\"submit\" NAME=\"add_button\" VALUE=\"%s\">", _("Add"));
wprintf("</FORM>\n");
}
wprintf("<br /><FORM METHOD=\"POST\" action=\"set_room_policy\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<TABLE border=0 cellspacing=5>\n");
wprintf("<TR><TD>");
wprintf(_("Message expire policy for this room"));
wprintf("<br /><br />");
wprintf("<CENTER><FORM METHOD=\"POST\" action=\"do_invt_kick\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"hidden\" NAME=\"tab\" VALUE=\"access\">\n");
wprintf("<SELECT NAME=\"username\" SIZE=\"10\" style=\"width:100%%\">\n");
serv_puts("WHOK");
wprintf("<CENTER><FORM METHOD=\"POST\" action=\"do_invt_kick\">\n");
wprintf("<INPUT TYPE=\"hidden\" NAME=\"tab\" VALUE=\"access\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("Invite:"));
wprintf(" ");
wprintf("<input type=\"text\" name=\"username\" style=\"width:100%%\"><br />\n"
"<table class=\"roomops_background\"><tr><td>\n");
wprintf("<form name=\"create_room_form\" method=\"POST\" action=\"entroom\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<UL><LI>");
wprintf(_("Name of room: "));
wprintf("\n<br /><br />");
wprintf("<FORM METHOD=\"POST\" action=\"goto_private\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<table border=\"0\" cellspacing=\"5\" "
"cellpadding=\"5\" class=\"roomops_background_alt\">\n"
"to do?<br />\n"), WC->wc_roomname);
wprintf("<FORM METHOD=\"POST\" action=\"zap\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<INPUT TYPE=\"submit\" NAME=\"ok_button\" VALUE=\"%s\">", _("Zap this room"));
wprintf(" ");
wprintf("<INPUT TYPE=\"submit\" NAME=\"cancel_button\" VALUE=\"%s\">", _("Cancel"));
wprintf("<div class=\"fix_scrollbar_bug\">"
"<form method=\"post\" action=\"setup_wizard\">\n"
);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<div align=center>"
"This is where the setup wizard will be placed.<br>\n"
/*
- * $Id: $
+ * $Id$
*/
/**
* \defgroup Sieve view/edit sieve config
wprintf("<form id=\"sieveform\" method=\"post\" action=\"save_sieve\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("When new mail arrives: "));
wprintf("<select name=\"bigaction\" size=1 onChange=\"ToggleSievePanels();\">\n");
wprintf("<br /><br />");
wprintf("<center><form method=\"POST\" action=\"create_script\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("Script name: "));
wprintf("<input type=\"text\" name=\"script_name\"><br />\n"
"<input type=\"submit\" name=\"create_button\" value=\"%s\">"
wprintf("<center>"
"<form method=\"POST\" action=\"delete_script\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<select name=\"script_name\" size=10 style=\"width:100%%\">\n");
serv_puts("MSIV listscripts");
);
wprintf("<form method=\"post\" action=\"siteconfig\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
i = 0;
while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
wprintf("<br />");
wprintf("<FORM METHOD=\"POST\" action=\"%s\">\n", save_cmd);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<TEXTAREA NAME=\"msgtext\" wrap=soft "
"ROWS=10 COLS=80 WIDTH=80>\n");
serv_puts(read_cmd);
wprintf("<br /><br />");
wprintf("<center><form method=\"POST\" action=\"create_user\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf(_("New user: "));
wprintf("<input type=\"text\" name=\"username\"><br />\n"
"<input type=\"submit\" name=\"create_button\" value=\"%s\">"
wprintf("<center>"
"<form method=\"POST\" action=\"display_edituser\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<select name=\"username\" size=10 style=\"width:100%%\">\n");
serv_puts("LIST");
serv_getln(buf, sizeof buf);
wprintf("<input type=\"hidden\" name=\"is_new\" value=\"%d\">\n"
"<input type=\"hidden\" name=\"usernum\" value=\"%ld\">\n",
is_new, usernum);
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<input type=\"hidden\" name=\"flags\" value=\"%d\">\n", flags);
);
wprintf("<form method=\"POST\" action=\"submit_vcard\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<div class=\"fix_scrollbar_bug\">"
"<table class=\"vcard_edit_background\"><tr><td>\n");
else
{
lprintf(9, "Suspicious request. Ignoring.");
- wprintf("HTTP/1.1 404 Not found. Don't try to Trick me DUDE!\r\n");
+ wprintf("HTTP/1.1 404 Security check failed\r\n");
wprintf("Content-Type: text/plain\r\n");
wprintf("\r\n");
- wprintf("Not found. Don't play games on me!\r\n");
+ wprintf("Security check failed.\r\n");
}
goto SKIP_ALL_THIS_CRAP; /* Don't try to connect */
}
+ /* If the client sent a nonce that is incorrect, kill the request. */
+ if (strlen(bstr("nonce")) > 0) {
+ if (atoi(bstr("nonce")) != WC->nonce) {
+ lprintf(9, "Ignoring request with mismatched nonce.\n");
+ wprintf("HTTP/1.1 404 Security check failed\r\n");
+ wprintf("Content-Type: text/plain\r\n");
+ wprintf("\r\n");
+ wprintf("Security check failed.\r\n");
+ goto SKIP_ALL_THIS_CRAP;
+ }
+ }
+
/**
* If we're not connected to a Citadel server, try to hook up the
* connection now.
char floordiv_expanded[32]; /**< which floordiv currently expanded */
int selected_language; /**< Language selected by user */
time_t last_pager_check; /**< last time we polled for instant msgs */
+ int nonce; /**< session nonce (to prevent session riding) */
};
/** values for WC->current_iconbar */
wprintf("<br />\n");
wprintf("<form method=\"POST\" action=\"edit_me\">\n");
+ wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
wprintf("<table border=0 width=100%%>\n");