jacob.eva/monerowp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #33 from cryptochangements34/master

Browse Source 
Sanatize $payment_id cookie
This commit is contained in:
serhack 2017-11-24 06:48:42 +01:00 committed by GitHub
commit 0768921287
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
monero/include/monero_payments.php
View File

@ -2,8 +2,7 @@
/* /*
* Main Gateway of Monero using a daemon online * Main Gateway of Monero using a daemon online
* This code isn't for Dark Net Markets, please report them to Authority! * Authors: Serhack and cryptochangements
* Authors: Serhack and cryptochangements34
*/ */
@ -315,17 +314,19 @@ class Monero_Gateway extends WC_Payment_Gateway
if (!isset($_COOKIE['payment_id'])) { if (!isset($_COOKIE['payment_id'])) {
$payment_id = bin2hex(openssl_random_pseudo_bytes(8)); $payment_id = bin2hex(openssl_random_pseudo_bytes(8));
setcookie('payment_id', $payment_id, time() + 2700); setcookie('payment_id', $payment_id, time() + 2700);
} else{ }
// Please fix this SQLI injection! TODO: Fix me! else{
$payment_id = $this->protect_payment(sanitize_text_field($_COOKIE['payment_id'])); $payment_id = $this->sanatize_id($_COOKIE['payment_id']);
} }
return $payment_id; return $payment_id;
} }
public function protect_payment($payment_id){ public function sanatize_id($payment_id)
$payment_id = str_replace("'", "\n", $payment_id); {
return $payment_id; // Limit payment id to alphanumeric characters
} $sanatized_id = preg_replace("/[^a-zA-Z0-9]+/", "", $payment_id);
return $sanatized_id;
}
public function changeto($amount, $currency, $payment_id) public function changeto($amount, $currency, $payment_id)
{ {