From b4b54ec57cacb45cfb8268d5994a4989deb3a5be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gr=C3=A9gory=20Soutad=C3=A9?= <soutade@gmail.com>
Date: Mon, 17 Apr 2017 20:37:26 +0200
Subject: [PATCH] Checks for right shadow login when adding an entry Use exec()
 instead of query() when it's necessary for SQL queries

---
 server/functions.php | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/server/functions.php b/server/functions.php
index bff0b03..696b968 100755
--- a/server/functions.php
+++ b/server/functions.php
@@ -131,10 +131,10 @@ function migrate_database($user, $db)
     $migration_functions = ['_migrate_0', '_migrate_1'];
 
     $version = $db->querySingle("SELECT db_version FROM conf");
-    if ($version == false || $version == -1)
+    if ($version == NULL || $version == -1)
     {
         $version = $db->querySingle("SELECT version FROM db_version");
-        if ($version == false || $version == -1)
+        if ($version == NULL || $version == -1)
             $version = 0;
     }
 
@@ -172,6 +172,8 @@ function load_database($user)
 function add_entry($user, $login, $password,
                    $shadow_login, $salt, $access_token)
 {
+    global $USE_SHADOW_LOGINS;
+
     $db = load_database($user);
 
     if ($db == null)
@@ -180,22 +182,30 @@ function add_entry($user, $login, $password,
         return false;
     }
 
+    if ($USE_SHADOW_LOGINS && (strlen($shadow_login) != 32 ||
+    strlen($salt) != 32 || strlen($access_token) != 32))
+    {
+        $db->close();
+        echo "Shadow login not configured";
+        return false;
+    }
+
     $count = $db->querySingle("SELECT COUNT(*) FROM gpass WHERE login='" . $login . "'");
 
-    if ($count != 0)
+    if ($count != NULL && $count != 0)
     {
         echo "Entry already exists";
         return false;
     }
 
-    $result = $db->query("INSERT INTO gpass ('login', 'password', 'shadow_login', 'salt', 'access_token') VALUES
+    $result = $db->exec("INSERT INTO gpass ('login', 'password', 'shadow_login', 'salt', 'access_token') VALUES
  ('" . $login . "', '" . $password . "', '" . $shadow_login . "', '" . $salt . "', '" . $access_token . "')");
 
  /*    error_log("INSERT INTO gpass ('login', 'password', 'shadow_login', 'salt', 'access_token') VALUES */
  /* ('" . $login . "', '" . $password . "', '" . $shadow_login . "', '" . $salt . "', '" . $access_token . "')"); */
     $db->close();
 
-    if ($result == FALSE)
+    if (!$result)
     {
         echo "Error " . $db->lastErrorMsg();
         return false;
@@ -209,6 +219,8 @@ function add_entry($user, $login, $password,
 
 function delete_entry($user, $login, $access_token)
 {
+    global $USE_SHADOW_LOGINS;
+    
     $db = load_database($user);
 
     if ($db == null)
@@ -220,7 +232,7 @@ function delete_entry($user, $login, $access_token)
     if ($USE_SHADOW_LOGINS)
     {
         $db_ac = $db->querySingle("SELECT access_token FROM gpass WHERE login='" . $login . "'");
-        if (strlen($db_ac) != 0 && strcmp($db_ac, $access_token))
+        if ($db_ac != NULL && strcmp($db_ac, $access_token))
             {
                 $db->close();
                 echo "Bad access token";
@@ -228,10 +240,10 @@ function delete_entry($user, $login, $access_token)
             }
     }
 
-    $result = $db->query("DELETE FROM gpass WHERE login='" . $login . "'");
+    $result = $db->exec("DELETE FROM gpass WHERE login='" . $login . "'");
     $db->close();
 
-    if ($result == FALSE)
+    if (!$result)
     {
         echo "Error " . $db->lastErrorMsg();
         return false;