From d9707ae749df2770370dc4eeeeaddda28f092d4d Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sat, 27 Feb 2010 02:37:39 -0800
Subject: Fix for ticket #1036 - Don't echo any sensitive information such as
 passwords, hashes or personally identifiable information.

---
 modules/gallery/libraries/MY_Kohana_Exception.php | 57 +++++++++++++++++++++++
 1 file changed, 57 insertions(+)

(limited to 'modules/gallery/libraries')

diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php
index d6f1f467..1712d895 100644
--- a/modules/gallery/libraries/MY_Kohana_Exception.php
+++ b/modules/gallery/libraries/MY_Kohana_Exception.php
@@ -92,4 +92,61 @@ class Kohana_Exception extends Kohana_Exception_Core {
     }
     print $view;
   }
+
+  /**
+   * @see Kohana_Exception::dump()
+   */
+  public static function dump($value, $length=128, $max_level=5) {
+    return self::safe_dump($value, null, $length, $max_level);
+  }
+
+  /**
+   * A safer version of dump(), eliding sensitive information in the dumped
+   * data, such as session ids and passwords / hashes.
+   */
+  public static function safe_dump($value, $key, $length=128, $max_level=5) {
+    return parent::dump(self::_sanitize_for_dump($value, $key), $length, $max_level);
+  }
+
+  /**
+   * Elides sensitive data which shouldn't be echoed to the client,
+   * such as passwords, and other secrets.
+   */
+  /* Visible for testing*/ static function _sanitize_for_dump($value, $key=null) {
+    // Better elide too much than letting something through.
+    // Note: unanchored match is intended.
+    $sensitive_info_pattern =
+      '/(password|pass|email|hash|private_key|session_id|session|g3sid|csrf|secret)/i';
+    if (preg_match($sensitive_info_pattern, $key) ||
+        (is_string($value) && preg_match('/[a-f0-9]{20,}/i', $value))) {
+      return 'removed for display';
+    } else if (is_object($value)) {
+      if ($value instanceof Database) {
+        // Elide database password, host, name, user, etc.
+        return get_class($value) . ' object - details omitted for display';
+      } else if ($value instanceof User_Model) {
+        return get_class($value) . ' object for "' . $value->name . '" - details omitted for display';
+      }
+      return self::_sanitize_for_dump((array) $value, $key);
+    } else if (is_array($value)) {
+      $result = array();
+      foreach ($value as $k => $v) {
+        $actual_key = $k;
+        $key_for_display = $k;
+        if ($k[0] === "\x00") {
+          // Remove the access level from the variable name
+          $actual_key = substr($k, strrpos($k, "\x00") + 1);
+          $access = $k[1] === '*' ? 'protected' : 'private';
+          $key_for_display = "$access: $actual_key";
+        }
+        if (is_object($v)) {
+          $key_for_display .= ' (type: ' . get_class($v) . ')';
+        }
+        $result[$key_for_display] = self::_sanitize_for_dump($v, $actual_key);
+      }
+    } else {
+      $result = $value;
+    }
+    return $result;
+  }
 }
\ No newline at end of file
-- 
cgit v1.2.3


From a19b97f8d637ead3a4b038bdbd975be8a7583c59 Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sun, 28 Feb 2010 13:35:58 -0800
Subject: First step towards fixing ticket #1038: Allowing for custom page
 <title> in admin pages, just like in non-admin pages.

TODO: Set $view->page_title in the many admin controllers we have. I just set it for admin_maintenance.php to show how it's intended to be used. I copied the title from views/admin_maintenance.html.php to the controller.
---
 modules/gallery/controllers/admin_maintenance.php | 1 +
 modules/gallery/libraries/Admin_View.php          | 1 +
 themes/admin_wind/views/admin.html.php            | 8 +++++++-
 3 files changed, 9 insertions(+), 1 deletion(-)

(limited to 'modules/gallery/libraries')

diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php
index c16c5c41..6ef21d41 100644
--- a/modules/gallery/controllers/admin_maintenance.php
+++ b/modules/gallery/controllers/admin_maintenance.php
@@ -40,6 +40,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
     }
 
     $view = new Admin_View("admin.html");
+    $view->page_title = t("Maintenance tasks");
     $view->content = new View("admin_maintenance.html");
     $view->content->task_definitions = task::get_definitions();
     $view->content->running_tasks = ORM::factory("task")
diff --git a/modules/gallery/libraries/Admin_View.php b/modules/gallery/libraries/Admin_View.php
index e3f9dff0..f07bebf4 100644
--- a/modules/gallery/libraries/Admin_View.php
+++ b/modules/gallery/libraries/Admin_View.php
@@ -38,6 +38,7 @@ class Admin_View_Core extends Gallery_View {
     $this->set_global("user", identity::active_user());
     $this->set_global("page_type", "admin");
     $this->set_global("page_subtype", $name);
+    $this->set_global("page_title", null);
   }
 
   public function admin_menu() {
diff --git a/themes/admin_wind/views/admin.html.php b/themes/admin_wind/views/admin.html.php
index fa79119a..2f64c847 100644
--- a/themes/admin_wind/views/admin.html.php
+++ b/themes/admin_wind/views/admin.html.php
@@ -4,7 +4,13 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-    <title><?= t("Admin dashboard") ?></title>
+    <title>
+      <? if ($page_title): ?>
+        <?= $page_title ?>
+      <? else: ?>
+        <?= t("Admin dashboard") ?>
+      <? endif ?>
+    </title>
     <link rel="shortcut icon" href="<?= url::file("lib/images/favicon.ico") ?>" type="image/x-icon" />
 
     <?= $theme->css("yui/reset-fonts-grids.css") ?>
-- 
cgit v1.2.3