From 86d7c660c4582de4c7530aacbacbd47c013f80cc Mon Sep 17 00:00:00 2001
From: icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 30 May 2008 21:54:53 +0000
Subject: Marcus Povey <marcus@dushka.co.uk> * Bugfix on gatekeeper and forcing
 data functions to privileged only

git-svn-id: https://code.elgg.org/elgg/trunk@765 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/database.php | 25 ++++++++++++++++++++-----
 engine/lib/elgglib.php  |  6 ++++--
 2 files changed, 24 insertions(+), 7 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/database.php b/engine/lib/database.php
index 03770f4bf..41c514b69 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -670,7 +670,10 @@
     
         function get_data($query, $callback = "") {
             
-            global $CONFIG, $dbcalls;
+            global $CONFIG, $dbcalls;
+            
+            if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+            	throw new DatabaseException("Access to privileged function 'get_data()' is denied.");
             
             $dblink = get_db_link('read');
             
@@ -712,7 +715,10 @@
     
         function get_data_row($query) {
             
-            global $CONFIG, $dbcalls;
+            global $CONFIG, $dbcalls;
+            
+            if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+            	throw new DatabaseException("Access to privileged function 'get_data_row()' is denied.");
             
             $dblink = get_db_link('read');
             
@@ -748,7 +754,10 @@
     
         function insert_data($query) {
             
-            global $dbcalls;
+            global $dbcalls;
+            
+            if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+            	throw new DatabaseException("Access to privileged function 'insert_data()' is denied.");
             
             $dblink = get_db_link('write');
             
@@ -772,7 +781,10 @@
     
         function update_data($query) {
             
-            global $dbcalls;
+            global $dbcalls, $CONFIG;
+            
+            if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+            	throw new DatabaseException("Access to privileged function 'update_data()' is denied.");
             
             $dblink = get_db_link('write');
             
@@ -797,7 +809,10 @@
     
         function delete_data($query) {
             
-            global $dbcalls;
+            global $dbcalls, $CONFIG;
+            
+            if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+            	throw new DatabaseException("Access to privileged function 'delete_data()' is denied.");
             
             $dblink = get_db_link('write');
             
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 4a6c417bd..b5f4870bc 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -1066,12 +1066,14 @@
 			{
 				if ($include_subdirs)
 				{
-					if (strpos($call['file'], $path) === 0)
+					if (strpos($call['file'], $path) === 0) {
 						if ($strict_mode) {
-							if ($callstack[2] === $call) return true;
+							if ($callstack[1] === $call) return true;
 						}
 						else
 							return true;
+					}
+					else echo ":{$call['file']}:$path: FAIL\n";
 				}
 				else
 				{
-- 
cgit v1.2.3