HOT FIX: security breach

750af75e · PavelBegunkov · ebbc9538 · 750af75e · 750af75e · 750af75e
Commit 750af75e authored 10 years ago by PavelBegunkov
--- a/~dev_rating/application/classes/Controller/Handler/Settings.php
+++ b/~dev_rating/application/classes/Controller/Handler/Settings.php
@@ -100,7 +100,9 @@ class Controller_Handler_Settings extends Controller_Handler {
            $this->post
                ->rule('semesterID', 'not_empty')
                ->rule('semesterID', 'digit');
-            $semesterID = $this->post->offsetGet('semesterID');
+            if($this->post->check()) {
-            User::instance()->SetSemester($semesterID);
+                $semesterID = $this->post->offsetGet('semesterID');
+                User::instance()->SetSemester($semesterID);
+            }
        }
 }
\ No newline at end of file
--- a/~dev_rating/modules/account/classes/Kohana/User.php
+++ b/~dev_rating/modules/account/classes/Kohana/User.php
@@ -57,8 +57,9 @@ class Kohana_User implements ArrayAccess {
    }
    public function SetSemester($semesterID) {
-        $this->_model->SetSemesterID($semesterID);
+        $res = $this->_model->SetSemesterID($semesterID);
-        $this->_session->set("SemesterID", $semesterID);
+        if ($res >= 0)
+            $this->_session->set("SemesterID", "$semesterID");
    }

--- a/~dev_rating/modules/account/classes/Model/Kohana/Account.php
+++ b/~dev_rating/modules/account/classes/Model/Kohana/Account.php
@@ -175,6 +175,7 @@ class Model_Kohana_Account extends Model
    {
        $sql = "SELECT `SetSemesterID`('$semesterID') AS `Num`; ";
        $res = DB::query(Database::SELECT, $sql)->execute();
+        $id = 0;
        foreach ($res as $value) {
            $id = $value['Num'];
        }