From scoop at lithium.sabren.com  Tue Oct  3 12:36:32 2006
From: scoop at lithium.sabren.com (scoop@lithium.sabren.com)
Date: Tue Oct  3 13:34:47 2006
Subject: [Scoop-checkins] scoop/lib/Scoop/Admin EditUser.pm
Message-ID: <200610031936.k93JaWxB025618@lithium.sabren.com>

Update of /cvs/scoop/scoop/lib/Scoop/Admin
In directory lithium.sabren.com:/tmp/cvs-serv25566/lib/Scoop/Admin

Modified Files:
	EditUser.pm 
Log Message:
File delete fix. Stop any user with file upload permission being able to
delete admin files.



Index: EditUser.pm
===================================================================
RCS file: /cvs/scoop/scoop/lib/Scoop/Admin/EditUser.pm,v
retrieving revision 1.137
retrieving revision 1.138
diff -C2 -d -r1.137 -r1.138
*** EditUser.pm	14 Oct 2005 20:07:09 -0000	1.137
--- EditUser.pm	3 Oct 2006 19:36:29 -0000	1.138
***************
*** 37,49 ****
  	# check for delete activity
  	if ( $S->{CGI}->param('confirm_delete') && $S->{CGI}->param('delete') && $file_name ) {
- 		my $path;
- 		return 'Permission Denied' if ($uid ne $S->{UID}) || !$S->var('upload_delete');
  		if ( $S->{CGI}->param('list_type') eq 'user' ) {
! 			$path = $S->var('upload_path_user') . "$uid/";
  		} else {
! 			$path = $S->var('upload_path_admin');
  		};
  
- 		unlink "$path$file_name";
  
  		$page .= qq{<tr><td>%%norm_font%%<b><font color="red">$file_name deleted.</font></b>%%norm_font_end%%<br/>&nbsp;</td></tr>};
--- 37,48 ----
  	# check for delete activity
  	if ( $S->{CGI}->param('confirm_delete') && $S->{CGI}->param('delete') && $file_name ) {
  		if ( $S->{CGI}->param('list_type') eq 'user' ) {
! 			return 'Permission Denied' if ($uid ne $S->{UID}) || !$S->var('upload_delete');
! 			$S->delete_user_file($file_name);
  		} else {
! 			return 'Permission Denied' if !($S->var('upload_admin') && $S->var('upload_delete'));
! 			$S->delete_admin_file($file_name);
  		};
  
  
  		$page .= qq{<tr><td>%%norm_font%%<b><font color="red">$file_name deleted.</font></b>%%norm_font_end%%<br/>&nbsp;</td></tr>};
***************
*** 55,62 ****
  		my $file_name_new = $S->clean_filename($S->{CGI}->param('rename_filename'));
  
- 		return 'Permission Denied' if ($uid ne $S->{UID}) || !$S->var('upload_rename');
  		if ( $S->{CGI}->param('list_type') eq 'user' ) {
  			$path = $S->var('upload_path_user') . "$uid/";
  		} else {
  			$path = $S->var('upload_path_admin');
  		};
--- 54,62 ----
  		my $file_name_new = $S->clean_filename($S->{CGI}->param('rename_filename'));
  
  		if ( $S->{CGI}->param('list_type') eq 'user' ) {
+ 			return 'Permission Denied' if ($uid ne $S->{UID}) || !$S->var('upload_rename');
  			$path = $S->var('upload_path_user') . "$uid/";
  		} else {
+ 			return 'Permission Denied' if !($S->var('upload_admin') && $S->var('upload_rename'));
  			$path = $S->var('upload_path_admin');
  		};
***************
*** 112,116 ****
  	my $file_list = qq{
  		<tr>
! 			<TD BGCOLOR="%%title_bgcolor%%">%%title_font%%<B>$title</B>%%title_font_end%%</TD>
  		</tr>
  		<tr>
--- 112,116 ----
  	my $file_list = qq{
  		<tr>
! 			<td bgcolor="%%title_bgcolor%%">%%title_font%%<b>$title</b>%%title_font_end%%</td>
  		</tr>
  		<tr>

From scoop at lithium.sabren.com  Tue Oct  3 12:36:32 2006
From: scoop at lithium.sabren.com (scoop@lithium.sabren.com)
Date: Tue Oct  3 13:34:48 2006
Subject: [Scoop-checkins] scoop/lib/Scoop Utility.pm
Message-ID: <200610031936.k93JaWxr025617@lithium.sabren.com>

Update of /cvs/scoop/scoop/lib/Scoop
In directory lithium.sabren.com:/tmp/cvs-serv25566/lib/Scoop

Modified Files:
	Utility.pm 
Log Message:
File delete fix. Stop any user with file upload permission being able to
delete admin files.



Index: Utility.pm
===================================================================
RCS file: /cvs/scoop/scoop/lib/Scoop/Utility.pm,v
retrieving revision 1.38
retrieving revision 1.39
diff -C2 -d -r1.38 -r1.39
*** Utility.pm	16 Aug 2006 23:44:06 -0000	1.38
--- Utility.pm	3 Oct 2006 19:36:29 -0000	1.39
***************
*** 55,58 ****
--- 55,91 ----
  }
  
+ =item * delete_user_file($file_name, $uid)
+ 
+ Deletes a specified file from $uid's files.
+ 
+ =cut
+ sub delete_user_file {
+  	my $S = shift;
+ 	my $file_name = shift;
+ 	my $uid = shift || $S->{UID};
+ 
+ 	$file_name = $S->clean_filename($file_name);
+ 
+ 	my $path = $S->var('upload_path_user') . "$uid/";
+ 
+ 	unlink "$path$file_name";
+ }
+ 
+ =item * delete_admin_file($file_name)
+ 
+ Deletes a specified admin file.
+ 
+ =cut
+ sub delete_admin_file {
+  	my $S = shift;
+ 	my $file_name = shift;
+ 
+ 	$file_name = $S->clean_filename($file_name);
+ 
+ 	my $path = $S->var('upload_path_admin');
+ 
+ 	unlink "$path$file_name";
+ }
+ 
  =item * display_upload_form()