Don't allow path in HTTP servers

diff --git a/plugins/drivers/clickhouse.php b/plugins/drivers/clickhouse.php
index 86f3464d3a93052a737a84484e5e6225ffd84d95..30305400cbc285895cfa664ecfb1ec609b3aba06 100644 (file)
--- a/plugins/drivers/clickhouse.php
+++ b/plugins/drivers/clickhouse.php
@@ -59,7 +59,7 @@ if (isset($_GET["clickhouse"])) {
 
                function connect($server, $username, $password) {
                        preg_match('~^(https?://)?(.*)~', $server, $match);
-                       $this->_url = ($match[1] ? $match[1] : "http://") . "$username:$password@$match[2]";
+                       $this->_url = ($match[1] ? $match[1] : "http://") . urlencode($username) . ":" . urlencode($password) . "@$match[2]";
                        $return = $this->query('SELECT 1');
                        return (bool) $return;
                }
@@ -217,8 +217,11 @@ if (isset($_GET["clickhouse"])) {
        function connect() {
                global $adminer;
                $connection = new Min_DB;
-               $credentials = $adminer->credentials();
-               if ($connection->connect($credentials[0], $credentials[1], $credentials[2])) {
+               list($server, $username, $password) = $adminer->credentials();
+               if (!preg_match('~^(https?://)?[-a-z\d.]+(:\d+)?$~', $server)) {
+                       return lang('Invalid server.');
+               }
+               if ($connection->connect($server, $username, $password)) {
                        return $connection;
                }
                return $connection->error;

diff --git a/plugins/drivers/elastic.php b/plugins/drivers/elastic.php
index 399d7ccab152ae0cf5ccaef4d103fcd391b3b6e6..351c8531261cdc03d90e9b0927f83899dd8d62a0 100644 (file)
--- a/plugins/drivers/elastic.php
+++ b/plugins/drivers/elastic.php
@@ -78,20 +78,13 @@ if (isset($_GET["elastic"])) {
                         * @return bool
                         */
                        function connect($server, $username, $password) {
-                               $this->_url = build_http_url($server, $username, $password, "localhost", 9200);
-
+                               preg_match('~^(https?://)?(.*)~', $server, $match);
+                               $this->_url = ($match[1] ? $match[1] : "http://") . urlencode($username) . ":" . urlencode($password) . "@$match[2]";
                                $return = $this->query('');
-                               if (!$return) {
-                                       return false;
+                               if ($return) {
+                                       $this->server_info = $return['version']['number'];
                                }
-
-                               if (!isset($return['version']['number'])) {
-                                       $this->error = lang('Invalid server or credentials.');
-                                       return false;
-                               }
-
-                               $this->server_info = $return['version']['number'];
-                               return true;
+                               return (bool) $return;
                        }
 
                        function select_db($database) {
@@ -275,6 +268,9 @@ if (isset($_GET["elastic"])) {
                $connection = new Min_DB;
 
                list($server, $username, $password) = adminer()->credentials();
+               if (!preg_match('~^(https?://)?[-a-z\d.]+(:\d+)?$~', $server)) {
+                       return lang('Invalid server.');
+               }
                if ($password != "" && $connection->connect($server, $username, "")) {
                        return lang('Database does not support password.');
                }

diff --git a/plugins/drivers/elastic5.php b/plugins/drivers/elastic5.php
index a2fec6bafb87ccbb5f27db2a26679629c3a0ae23..ceb6abfe2288de509ba81b9449154b52984ba4c7 100644 (file)
--- a/plugins/drivers/elastic5.php
+++ b/plugins/drivers/elastic5.php
@@ -72,7 +72,7 @@ if (isset($_GET["elastic5"])) {
 
                        function connect($server, $username, $password) {
                                preg_match('~^(https?://)?(.*)~', $server, $match);
-                               $this->_url = ($match[1] ? $match[1] : "http://") . "$username:$password@$match[2]";
+                               $this->_url = ($match[1] ? $match[1] : "http://") . urlencode($username) . ":" . urlencode($password) . "@$match[2]";
                                $return = $this->query('');
                                if ($return) {
                                        $this->server_info = $return['version']['number'];
@@ -266,6 +266,9 @@ if (isset($_GET["elastic5"])) {
                $connection = new Min_DB;
 
                list($server, $username, $password) = adminer()->credentials();
+               if (!preg_match('~^(https?://)?[-a-z\d.]+(:\d+)?$~', $server)) {
+                       return lang('Invalid server.');
+               }
                if ($password != "" && $connection->connect($server, $username, "")) {
                        return lang('Database does not support password.');
                }

diff --git a/plugins/drivers/simpledb.php b/plugins/drivers/simpledb.php
index 226625f143d8ef4d0d3e21c42c684238d18ba80e..64628fcd3595894ee45a516f7173c444348796dc 100644 (file)
--- a/plugins/drivers/simpledb.php
+++ b/plugins/drivers/simpledb.php
@@ -248,7 +248,10 @@ if (isset($_GET["simpledb"])) {
 
        function connect() {
                global $adminer;
-               list(, , $password) = $adminer->credentials();
+               list($host, , $password) = $adminer->credentials();
+               if (!preg_match('~^(https?://)?[-a-z\d.]+(:\d+)?$~', $host)) {
+                       return lang('Invalid server.');
+               }
                if ($password != "") {
                        return lang('Database does not support password.');
                }