diff --git a/model/TotpPf.php b/model/TotpPf.php index 74c98350..c2136967 100644 --- a/model/TotpPf.php +++ b/model/TotpPf.php @@ -347,25 +347,28 @@ class TotpPf $Exception_domain = $exception['username']; } + $admin = 0; if (authentication_has_role('global-admin')) { $admin = 2; } elseif (authentication_has_role('admin')) { $admin = 1; - } else { - $admin = 0; } - + /** + * @todo rewrite these checks so it's more obvious which is being applied for a global admin, a domain admin or a 'normal' user. + * having $admin = 0|1|2 isn't intuitive, is it? + */ if (!$admin && strpos($exception['username'], '@') !== false) { - $error += 1; throw new \Exception(Config::Lang('pException_user_entire_domain_error')); } if (!($admin == 2) && $exception['username'] == null) { - $error += 1; throw new \Exception(Config::Lang('pException_user_global_error')); } + /** + * @todo Check we are only allowing someone to delete their own exception, and not someone else's. + */ $result = db_delete('totp_exception_address', 'id', $exception['id']); if ($result != 1) { diff --git a/public/users/totp-exceptions.php b/public/users/totp-exceptions.php index 96c27ea8..0dbdb86d 100644 --- a/public/users/totp-exceptions.php +++ b/public/users/totp-exceptions.php @@ -71,7 +71,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $fUser = $_POST['fUser']; add_exception($username, $fPass, $fIp, $fDesc, $fUser, $totppf, $PALANG); } - if (isset($_POST['fId']) && $_POST['fId'] != '') { + if (isset($_POST['fId']) && $_POST['fId'] != '' && is_numeric($_POST['fId'])) { $fId = $_POST['fId']; revoke_exception($username, $fId, $totppf, $PALANG); } @@ -138,7 +138,7 @@ function add_exception(string $username, string $fPassword_current, string $fExc } } -function revoke_exception($username, $id, $totppf, $PALANG) +function revoke_exception(string $username, int $id, TotpPf $totppf, array $PALANG) { // No extra password check by design, user might be in a hurry $result = $totppf->deleteException($username, $id);