Security fix: unauthorized access (#10091)

* Security fix: unauthorized access Affects nginx users: Moved php files outside of public html directory (Apache was protected by .htaccess) Affects all users: Some files did not check for authentication and could disclose some info. Better checks before including files from user input * git mv html/includes/ includes/html git mv html/pages/ includes/html/
2024-10-07 16:52:45 +00:00 · 2019-04-11 23:26:42 -05:00
parent b81af32ed2
commit 36431dd296
1301 changed files with 1443 additions and 1439 deletions
--- a/html/ajax_form.php
+++ b/html/ajax_form.php
@@ -12,22 +12,19 @@
 * the source code distribution for details.
 */

-// FUA
-
 use LibreNMS\Authentication\LegacyAuth;

-$init_modules = array('web', 'auth', 'alerts', 'laravel');
+$init_modules = array('web', 'auth', 'alerts');
 require realpath(__DIR__ . '/..') . '/includes/init.php';

+if (!LegacyAuth::check()) {
+    die('Unauthorized');
+}
+
 set_debug(isset($_REQUEST['debug']) ? $_REQUEST['debug'] : false);

-if (!LegacyAuth::check()) {
-    echo 'unauthenticated';
-    exit;
-}
-
 if (preg_match('/^[a-zA-Z0-9\-]+$/', $_POST['type']) == 1) {
-    if (file_exists('includes/forms/'.$_POST['type'].'.inc.php')) {
-        include_once 'includes/forms/'.$_POST['type'].'.inc.php';
+    if (file_exists('includes/html/forms/'.$_POST['type'].'.inc.php')) {
+        include_once 'includes/html/forms/'.$_POST['type'].'.inc.php';
    }
 }