Exemplo n.º 1
0
 public static void requestEnd(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
 {
     // Check no query has been injected
     const string REGEX_ANTI_INJECTION_TEST = @"(([a-zA-Z0-9]+).(password|\*)(?:.+)(bsa_users AS (\2(?:.+)|\2$)))|((.+[^.])(password|\*)(?:.+)FROM(?:.+)bsa_users)";
     if (!pageElements.containsFlag(FLAG_PASSWORD_ACCESSED))
     {
         foreach (string query in conn.Logging_Queries())
             if (query.Contains("bsa_users") && query.Contains("password") && Regex.IsMatch(query, REGEX_ANTI_INJECTION_TEST, RegexOptions.Multiline | RegexOptions.IgnoreCase))
             {
                 // Uh oh...injection occurred...SHUT DOWN EVERYTHING.
                 AdminPanel.addAlert(conn, "Following query has been detected as an injection:\n" + query);
                 conn.Disconnect();
                 response.Write("Your request has been terminated due to a security concern; please try again or contact the site administrator!");
                 response.End();
             }
     }
     // Check the users session is still valid
     if (HttpContext.Current.User.Identity.IsAuthenticated)
     {
         // Set base flag(s)
         pageElements.setFlag("AUTHENTICATED");
         // Select username and check for bans
         Result data = conn.Query_Read("SELECT u.userid, u.username, COUNT(b.banid) AS active_bans, g.title, g.access_login FROM bsa_users AS u LEFT OUTER JOIN bsa_user_bans AS b ON (b.userid=u.userid AND ((b.unban_date IS NULL) OR (b.unban_date > NOW()) )) LEFT OUTER JOIN bsa_user_groups AS g ON g.groupid=u.groupid WHERE u.userid='" + Utils.Escape(HttpContext.Current.User.Identity.Name) + "'");
         if (data.Rows.Count != 1 || int.Parse(data[0]["active_bans"]) > 0 || !data[0]["access_login"].Equals("1"))
         {
             // Dispose the current session - now invalid
             FormsAuthentication.SignOut();
             HttpContext.Current.Session.Abandon();
             // Redirect to logout page to inform the user -- this will cause a 404 but also ensure the session has been disposed because it's invalid
             response.Redirect(pageElements["URL"] + "/logout/banned", true);
         }
         else
         {
             pageElements["USERNAME"] = data[0]["username"];
             pageElements["USERID"] = data[0]["userid"];
         }
         // Set group flag
         pageElements.setFlag("GROUP_" + data[0]["title"]);
     }
 }