AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 08:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Recurring Invoice: Add missing CSRF checks and missing permissions in POST

Browse Source
This commit is contained in:
johnnyq
2026-03-01 22:37:51 -05:00
parent 4440581f14
commit f653752026
7 changed files with 59 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
agent/modals/recurring_invoice/recurring_invoice_add.php
View File

@@ -14,6 +14,7 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<div class="modal-body">

1
agent/modals/recurring_invoice/recurring_invoice_edit.php
View File

@@ -28,6 +28,7 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<div class="modal-body">

1
agent/modals/recurring_invoice/recurring_invoice_export.php
View File

@@ -8,6 +8,7 @@
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body">

5
agent/modals/recurring_invoice/recurring_invoice_note.php
View File

@@ -8,8 +8,9 @@
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<div class="modal-body">
<div class="modal-body">
<div class="form-group">
<textarea class="form-control" rows="8" name="note" placeholder="Enter some notes"><?php echo $recurring_invoice_note; ?></textarea>
</div>
@@ -21,4 +22,4 @@
</form>
</div>
</div>
</div>
</div>

44
agent/post/recurring_invoice.php
View File

@@ -8,6 +8,10 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_invoice_recurring'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$invoice_id = intval($_POST['invoice_id']);
$recurring_invoice_frequency = sanitizeInput($_POST['frequency']);
@@ -66,6 +70,10 @@ if (isset($_POST['add_invoice_recurring'])) {
if (isset($_POST['add_recurring_invoice'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$client_id = intval($_POST['client']);
$frequency = sanitizeInput($_POST['frequency']);
$start_date = sanitizeInput($_POST['start_date']);
@@ -99,6 +107,10 @@ if (isset($_POST['add_recurring_invoice'])) {
if (isset($_POST['edit_recurring_invoice'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
$frequency = sanitizeInput($_POST['frequency']);
$next_date = sanitizeInput($_POST['next_date']);
@@ -137,6 +149,10 @@ if (isset($_POST['edit_recurring_invoice'])) {
if (isset($_GET['delete_recurring_invoice'])) {
validateCSRFToken($_GET['csrf_token']);
enforceUserPermission('module_sales', 3);
$recurring_invoice_id = intval($_GET['delete_recurring_invoice']);
// Get Recurring Invoice Details and Client ID for Logging
@@ -173,6 +189,10 @@ if (isset($_GET['delete_recurring_invoice'])) {
if (isset($_POST['add_recurring_invoice_item'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
@@ -225,6 +245,10 @@ if (isset($_POST['add_recurring_invoice_item'])) {
if (isset($_POST['recurring_invoice_note'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
$note = sanitizeInput($_POST['note']);
@@ -247,6 +271,10 @@ if (isset($_POST['recurring_invoice_note'])) {
if (isset($_GET['delete_recurring_invoice_item'])) {
validateCSRFToken($_GET['csrf_token']);
enforceUserPermission('module_sales', 2);
$item_id = intval($_GET['delete_recurring_invoice_item']);
$sql = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_id = $item_id");
@@ -279,6 +307,10 @@ if (isset($_GET['delete_recurring_invoice_item'])) {
if (isset($_GET['force_recurring'])) {
validateCSRFToken($_GET['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_id = intval($_GET['force_recurring']);
$sql_recurring_invoices = mysqli_query($mysqli,"SELECT * FROM recurring_invoices, clients WHERE client_id = recurring_invoice_client_id AND recurring_invoice_id = $recurring_invoice_id");
@@ -440,6 +472,10 @@ if (isset($_GET['force_recurring'])) {
if (isset($_POST['set_recurring_payment'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_id = intval($_POST['recurring_invoice_id']);
$saved_payment_id = intval($_POST['saved_payment_id']);
@@ -491,6 +527,10 @@ if (isset($_POST['set_recurring_payment'])) {
if (isset($_POST['export_client_recurring_invoice_csv'])) {
validateCSRFToken($_POST['csrf_token']);
enforceUserPermission('module_sales');
$client_id = intval($_POST['client_id']);
//get records from database
@@ -539,6 +579,10 @@ if (isset($_POST['export_client_recurring_invoice_csv'])) {
if (isset($_GET['recurring_invoice_email_notify'])) {
validateCSRFToken($_GET['csrf_token']);
enforceUserPermission('module_sales', 2);
$recurring_invoice_email_notify = intval($_GET['recurring_invoice_email_notify']);
$recurring_invoice_id = intval($_GET['recurring_invoice_id']);

12
agent/recurring_invoice.php
View File

@@ -140,15 +140,16 @@ if (isset($_GET['recurring_invoice_id'])) {
<div class="col-2">
<?php if ($recurring_invoice_email_notify) { ?>
<a href="post.php?recurring_invoice_email_notify=0&recurring_invoice_id=<?php echo $recurring_invoice_id; ?>" class="btn btn-primary"><i class="fas fa-fw fa-bell mr-2"></i>Email Notify</a>
<a href="post.php?recurring_invoice_email_notify=0&recurring_invoice_id=<?= $recurring_invoice_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>" class="btn btn-primary"><i class="fas fa-fw fa-bell mr-2"></i>Email Notify</a>
<?php } else { ?>
<a href="post.php?recurring_invoice_email_notify=1&recurring_invoice_id=<?php echo $recurring_invoice_id; ?>" class="btn btn-outline-danger"><i class="fas fa-fw fa-bell-slash mr-2"></i>Email Notify</a>
<a href="post.php?recurring_invoice_email_notify=1&recurring_invoice_id=<?= $recurring_invoice_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>" class="btn btn-outline-danger"><i class="fas fa-fw fa-bell-slash mr-2"></i>Email Notify</a>
<?php } ?>
</div>
<div class="col-3">
<?php $sql_saved_payments = mysqli_query($mysqli, "SELECT * FROM client_saved_payment_methods WHERE saved_payment_client_id = $client_id");
if (mysqli_num_rows($sql_saved_payments) > 0) { ?>
<form class="form" action="post.php" method="post">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="set_recurring_payment" value="1">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<div class="input-group">
@@ -182,11 +183,11 @@ if (isset($_GET['recurring_invoice_id'])) {
<i class="fa fa-fw fa-edit text-secondary mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="post.php?force_recurring=<?php echo $recurring_invoice_id; ?>">
<a class="dropdown-item" href="post.php?force_recurring=<?= $recurring_invoice_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>">
<i class="fa fa-fw fa-paper-plane text-secondary mr-2"></i>Force Send
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice=<?= $recurring_invoice_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>">
<i class="fa fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
@@ -303,7 +304,7 @@ if (isset($_GET['recurring_invoice_id'])) {
<i class="fa fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice_item=<?php echo $item_id; ?>"><i class="fa fa-fw fa-trash mr-2"></i>Delete</a>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice_item=<?= $item_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>"><i class="fa fa-fw fa-trash mr-2"></i>Delete</a>
</div>
</div>
</div>
@@ -324,6 +325,7 @@ if (isset($_GET['recurring_invoice_id'])) {
<tr class="d-print-none">
<form action="post.php" method="post">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<input type="hidden" name="item_order" value="<?php
//find largest order number and add 1

3
agent/recurring_invoices.php
View File

@@ -206,6 +206,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php $sql_saved_payments = mysqli_query($mysqli, "SELECT * FROM client_saved_payment_methods WHERE saved_payment_client_id = $client_id");
if (mysqli_num_rows($sql_saved_payments) > 0) { ?>
<form class="form" action="post.php" method="post">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="set_recurring_payment" value="1">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<select class="form-control select2" name="saved_payment_id" onchange="this.form.submit()">
@@ -242,7 +243,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</a>
<?php if ($status !== 'Active') { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring_invoice=<?= $recurring_invoice_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>