projects / busui.git / commitdiff
search:
summary | shortlog | log | commit | commitdiff | tree
side by side | plain
More security/sanitizing fixes
More security/sanitizing fixes

file:a/common.inc.php -> file:b/common.inc.php 
--- a/common.inc.php
+++ b/common.inc.php
@@ -23,8 +23,8 @@
  if (isset($_REQUEST['geolocate'])) {
    $geocoded = false;
    if (isset($_REQUEST['lat']) && isset($_REQUEST['lon'])) {
-      $_SESSION['lat'] = $_REQUEST['lat'];
-        $_SESSION['lon'] = $_REQUEST['lon'];
+      $_SESSION['lat'] = filter_var($_REQUEST['lat'],FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
+        $_SESSION['lon'] = filter_var($_REQUEST['lon'],FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
    } else {
     $contents = geocode(filter_var($_REQUEST['geolocate'],FILTER_SANITIZE_URL),true);
     if (isset($contents[0]->centroid)) {
file:a/layar_api.php -> file:b/layar_api.php 
--- a/layar_api.php
+++ b/layar_api.php
@@ -6,10 +6,14 @@
 
 $max_page = 10;
 $max_results = 50;
-$page_start = 0+$_REQUEST['pageKey'];
-$page_end = $max_page+$_REQUEST['pageKey'];
+$page_start = 0+filter_var($_REQUEST['pageKey'],FILTER_SANITIZE_NUMBER_INT);
+$page_end = $max_page+filter_var($_REQUEST['pageKey'],FILTER_SANITIZE_NUMBER_INT);
 
-$url = $APIurl."/json/neareststops?lat={$_REQUEST['lat']}&lon={$_REQUEST['lon']}&limit=50";
+$lat = filter_var($_REQUEST['lat'],FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
+$lon = filter_var($_REQUEST['lon'],FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
+if (isset($_REQUEST['radius'])) $radius = filter_var($_REQUEST['radius'],FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
+
+$url = $APIurl."/json/neareststops?lat=$lat&lon=$lon&limit=50";
 $contents = json_decode(getPage($url));
 debug(print_r($contents,true));
 $stopNum = 0;
@@ -24,7 +28,7 @@
         $hotspot['lat'] = floor($row[2]*1000000);
         $hotspot['lon'] = floor($row[3]*1000000);
         $hotspot['distance'] = distance($row[2], $row[3], $_REQUEST['lat'], $_REQUEST['lon']);
-        if (!isset($_REQUEST['radius']) || $hotspot['distance'] < $_REQUEST['radius']) {
+        if (!isset($_REQUEST['radius']) || $hotspot['distance'] < $radius) {
             $hotspot['actions'] = Array(Array("label" => 'View more trips/information', 'uri' => 'http://bus.lambdacomplex.org/'.'stop.php?stopid='.$row[0]));
             $url = $APIurl."/json/stoptrips?stop=".$row[0]."&time=".midnight_seconds()."&service_period=".service_period()."&limit=4&time_range=".str(90*60);
             $trips = json_decode(getPage($url));
file:a/stop.pdf.php -> file:b/stop.pdf.php 
--- a/stop.pdf.php
+++ b/stop.pdf.php
@@ -1,19 +1,20 @@
 <?php
 include('common.inc.php');
-$url = $APIurl."/json/stop?stop_id=".$_REQUEST['stopid'];
+$stopid = filter_var($_REQUEST['stopid'],FILTER_SANITIZE_NUMBER_INT);
+$url = $APIurl."/json/stop?stop_id=".$stopid;
 $stop = json_decode(getPage($url));
 
 $html .= '<div data-role="content" class="ui-content" role="main"><p>'.staticmap(Array(0 => Array($stop[2],$stop[3])), 0,"iconb", false).'</p>';
 $html .= '  <ul data-role="listview"  data-inset="true">';
-$url = $APIurl."/json/stoptrips?stop=".$_REQUEST['stopid']."&time=".midnight_seconds()."&service_period=".service_period();
+$url = $APIurl."/json/stoptrips?stop=".$stopid."&time=".midnight_seconds()."&service_period=".service_period();
 $trips = json_decode(getPage($url));
 debug(print_r($trips,true));
 foreach ($trips as $row)
 {
 $html .=  '<li>';
-$html .= '<h3><a href="trip.php?stopid='.$_REQUEST['stopid'].'&tripid='.$row[1][0].'">'.$row[1][1];
+$html .= '<h3><a href="trip.php?stopid='.$stopid.'&tripid='.$row[1][0].'">'.$row[1][1];
 if (isFastDevice()) {
-    $viaPoints = viaPointNames($row[1][0],$_REQUEST['stopid']);
+    $viaPoints = viaPointNames($row[1][0],$stopid);
     if ($viaPoints != "") $html .= '<br><small>Via: '.$viaPoints.'</small> </a></h3>';
 }
 $html .= '<p class="ui-li-aside"><strong>'.midnight_seconds_to_time($row[0]).'</strong></p>';
file:a/stop.php -> file:b/stop.php 
--- a/stop.php
+++ b/stop.php
@@ -1,6 +1,7 @@
 <?php
 include('common.inc.php');
-$url = $APIurl."/json/stop?stop_id=".$_REQUEST['stopid'];
+$stopid = filter_var($_REQUEST['stopid'],FILTER_SANITIZE_NUMBER_INT);
+$url = $APIurl."/json/stop?stop_id=".$stopid;
 $stop = json_decode(getPage($url));
 
 include_header($stop[1],"stop");
@@ -14,22 +15,22 @@
 // Set the Event Type, in this case a "video_play"
 $event->setEventType('view_stop');
 // Set a property
-$event->set('stop_id',$_REQUEST['stopid']);
+$event->set('stop_id',$stopid);
 // Track the event
 $owa->trackEvent($event);
     }
 timePlaceSettings();
 echo '<div data-role="content" class="ui-content" role="main"><p>'.staticmap(Array(0 => Array($stop[2],$stop[3]))).'</p>';
 echo '  <ul data-role="listview"  data-inset="true">';
-$url = $APIurl."/json/stoptrips?stop=".$_REQUEST['stopid']."&time=".midnight_seconds()."&service_period=".service_period();
+$url = $APIurl."/json/stoptrips?stop=".$stopid."&time=".midnight_seconds()."&service_period=".service_period();
 $trips = json_decode(getPage($url));
 debug(print_r($trips,true));
 foreach ($trips as $row)
 {
 echo  '<li>';
-echo '<h3><a href="trip.php?stopid='.$_REQUEST['stopid'].'&tripid='.$row[1][0].'">'.$row[1][1];
+echo '<h3><a href="trip.php?stopid='.$stopid.'&tripid='.$row[1][0].'">'.$row[1][1];
 if (isFastDevice()) {
-    $viaPoints = viaPointNames($row[1][0],$_REQUEST['stopid']);
+    $viaPoints = viaPointNames($row[1][0],$stopid);
     if ($viaPoints != "") echo '<br><small>Via: '.$viaPoints.'</small> </a></h3>';
 }
 echo '<p class="ui-li-aside"><strong>'.midnight_seconds_to_time($row[0]).'</strong></p>';
file:a/stopList.php -> file:b/stopList.php 
--- a/stopList.php
+++ b/stopList.php
@@ -36,8 +36,9 @@
    navbar();
    timePlaceSettings(true);
 } else if ($_REQUEST['suburb']) {
-   $url = $APIurl."/json/stopzonesearch?q=".filter_var($_REQUEST['suburb'], FILTER_SANITIZE_STRING);
-include_header("Stops in ".ucwords(filter_var($_REQUEST['suburb'], FILTER_SANITIZE_STRING)),"stopList");
+   $suburb = filter_var($_REQUEST['suburb'], FILTER_SANITIZE_STRING);
+   $url = $APIurl."/json/stopzonesearch?q=".$suburb;
+include_header("Stops in ".ucwords($suburb),"stopList");
 if (isMetricsOn()) {
 // Create a new Instance of the tracker
 $owa = new owa_php($config);
@@ -48,7 +49,7 @@
 // Set the Event Type, in this case a "video_play"
 $event->setEventType('view_stop_list_suburb');
 // Set a property
-$event->set('stop_list_suburb',$_REQUEST['suburb']);
+$event->set('stop_list_suburb',$suburb);
 // Track the event
 $owa->trackEvent($event);
     }
file:a/trip.php -> file:b/trip.php 
--- a/trip.php
+++ b/trip.php
@@ -2,8 +2,9 @@
 include('common.inc.php');
 $tripid = filter_var($_REQUEST['tripid'],FILTER_SANITIZE_NUMBER_INT);
 $stopid = filter_var($_REQUEST['stopid'],FILTER_SANITIZE_NUMBER_INT);
+$routeid = filter_var($_REQUEST['routeid'],FILTER_SANITIZE_NUMBER_INT);
 if ($_REQUEST['routeid']) {
-    $url = $APIurl."/json/routetrips?route_id=".filter_var($_REQUEST['routeid'],FILTER_SANITIZE_NUMBER_INT);
+    $url = $APIurl."/json/routetrips?route_id=".$routeid;
     $trips = json_decode(getPage($url));
     debug(print_r($trips,true));
     foreach ($trips as $trip)
@@ -31,6 +32,7 @@
 // Set a property
 $event->set('trip_id',$tripid);
 $event->set('route_id',$routeid);
+$event->set('stop_id',$stopid);
 // Track the event
 $owa->trackEvent($event);
     }
Unnamed repository; edit this file to name it for gitweb.
GitPHP by Chris Han