From 9d528aeaa02079d6dafd0b369678ec718a7b7308 Mon Sep 17 00:00:00 2001
From: Gregory Soutade <gregory@soutade.fr>
Date: Wed, 26 Feb 2020 16:00:24 +0100
Subject: [PATCH] Update server: 	* Check that $db variable is OK before
 processing database requests 	* Don't close $db before calling
 lastErrorMsg() 	* Add support for user & url parameters from gPass
 popup

---
 server/_user              | 39 ++++++++++++++++++++-------------------
 server/functions.php      | 13 ++++++++-----
 server/index.php          | 18 +++++++++---------
 server/resources/gpass.js |  2 +-
 4 files changed, 38 insertions(+), 34 deletions(-)

diff --git a/server/_user b/server/_user
index 10a1288..70d25c9 100644
--- a/server/_user
+++ b/server/_user
@@ -1,6 +1,6 @@
 <?php
 /*
-  Copyright (C) 2013-2015 Grégory Soutadé
+  Copyright (C) 2013-2020 Grégory Soutadé
   
   This file is part of gPass.
   
@@ -63,30 +63,31 @@ $PROTOCOL_VERSION = 4;
 
 $db = load_database();
 
-$res = "";
-
-$statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
-
 echo "protocol=gpass-$PROTOCOL_VERSION\n";
 if ($PBKDF2_LEVEL != 1000)
     echo "pbkdf2_level=$PBKDF2_LEVEL\n";
 
-for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
+if ($db)
 {
-    $statement->bindValue(":login", addslashes($_POST["k$i"]));
-    $result = $statement->execute();
-    $row = $result->fetchArray(SQLITE3_ASSOC);
-    $result->finalize();
-    if (isset($row["password"]))
-    {
-        echo "matched_key=" . $i . "\n";
-        echo "pass=" . $row["password"] . "\n";
-        break;
-    }
-}
+    $statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
 
-$statement->close();
+    for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
+    {
+        $statement->bindValue(":login", addslashes($_POST["k$i"]));
+        $result = $statement->execute();
+        $row = $result->fetchArray(SQLITE3_ASSOC);
+        $result->finalize();
+        if (isset($row["password"]))
+        {
+            echo "matched_key=" . $i . "\n";
+            echo "pass=" . $row["password"] . "\n";
+            break;
+        }
+    }
+
+    $statement->close();
+}
 
 echo "<end>";
 
-?>
\ No newline at end of file
+?>
diff --git a/server/functions.php b/server/functions.php
index cc70774..ef02e13 100755
--- a/server/functions.php
+++ b/server/functions.php
@@ -1,6 +1,6 @@
 <?php
 /*
-  Copyright (C) 2013-2017 Grégory Soutadé
+  Copyright (C) 2013-2019 Grégory Soutadé
   
   This file is part of gPass.
   
@@ -241,18 +241,21 @@ function delete_entry($user, $login, $access_token)
     }
 
     $result = $db->exec("DELETE FROM gpass WHERE login='" . $login . "'");
-    $db->close();
 
     if (!$result)
     {
         echo "Error " . $db->lastErrorMsg();
-        return false;
+        $ret = false;
     }
     else
     {
         echo "OK";
-        return true;
+        $ret = true;
     }
+
+    
+    $db->close();
+    return $ret;
 }
 
 function update_entry($user, $mkey, $old_login, $url, $login, $password, $shadow_login, $salt, $old_access_token, $new_access_token)
@@ -329,4 +332,4 @@ function get_secure_entries($user, $access_tokens)
     $db->close();
 }
 
-?>
\ No newline at end of file
+?>
diff --git a/server/index.php b/server/index.php
index 870af7a..4e215cf 100644
--- a/server/index.php
+++ b/server/index.php
@@ -1,19 +1,19 @@
 <?php
 /*
   Copyright (C) 2013-2017 Grégory Soutadé
-  
+
   This file is part of gPass.
-  
+
   gPass is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.
-  
+
   gPass is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  
+
   You should have received a copy of the GNU General Public License
   along with gPass.  If not, see <http://www.gnu.org/licenses/>.
 */
@@ -50,7 +50,7 @@ else
     if (isset($_POST['get_passwords']) && isset($_POST['user']))
         return list_entries($user);
 
-    if (isset($_POST['add_entry']) && isset($_POST['user']) && 
+    if (isset($_POST['add_entry']) && isset($_POST['user']) &&
         isset($_POST['login']) && isset($_POST['password']) &&
         isset($_POST['shadow_login']) && isset($_POST['salt']) &&
         isset($_POST['access_token']) )
@@ -61,7 +61,7 @@ else
                          $salt,
                          $access_token);
 
-    if (isset($_POST['delete_entry']) && isset($_POST['user']) && 
+    if (isset($_POST['delete_entry']) && isset($_POST['user']) &&
         isset($_POST['login']) && isset($_POST['access_token']))
         return delete_entry($user,
                             $login,
@@ -69,7 +69,7 @@ else
 }
 
 ?>
-<!DOCTYPE html> 
+<!DOCTYPE html>
 <html>
   <head>
     <meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
@@ -158,8 +158,8 @@ if ($user != "")
 {
     echo "<b>Add a new password</b><br/>\n";
 
-    echo 'URL <input type="text" name="url"/>';
-    echo 'login <input type="text" name="login" />';
+    echo 'URL <input type="text" name="url" value="' . (filter_input(INPUT_GET, "url", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
+    echo 'login <input type="text" name="login" value="' . (filter_input(INPUT_GET, "user", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
     echo 'password <input id="new_password" type="text" name="password"/>';
     echo 'master key <input type="text" name="mkey" onkeypress="if (event.keyCode == 13) add_password();" onkeyup="chkPass(this.value);"/>';
     echo '<input type="button" value="Generate password" onClick="generate_password();"/>';
diff --git a/server/resources/gpass.js b/server/resources/gpass.js
index 6d98d2c..6106ef7 100755
--- a/server/resources/gpass.js
+++ b/server/resources/gpass.js
@@ -145,7 +145,7 @@ var current_user = "";
 var current_mkey = "";
 var clearTimer = null;
 var global_iv = null;
-var server_url = document.documentURI;
+var server_url = window.location.href.split('?')[0];
 
 function PasswordEntry (ciphered_login, ciphered_password, salt, shadow_login) {
     this.ciphered_login = ciphered_login;