When deleting the group delete the group user and group permissions. Increase the security by validating the uuid.

2025-12-30 09:03:49 +00:00 · 2015-03-05 09:37:37 +00:00
parent 1c4a197b7c
commit 1fbb5febbf
2 changed files with 83 additions and 54 deletions
--- a/core/users/groupdelete.php
+++ b/core/users/groupdelete.php
@@ -17,7 +17,7 @@

 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2014
+	Portions created by the Initial Developer are Copyright (C) 2008-2015
 	the Initial Developer. All Rights Reserved.

 	Contributor(s):
@@ -37,18 +37,50 @@ require_once "resources/require.php";
 	}

 //get the http value and set as a variable
-	$id = check_str($_GET["id"]);
+	$group_uuid = check_str($_GET["id"]);

-//delete the group
-	$sql = "delete from v_groups ";
-	$sql .= "where group_uuid = '$id' ";
-	if (!$db->exec($sql)) {
-		//echo $db->errorCode() . "<br>";
-		$info = $db->errorInfo();
-		print_r($info);
-		// $info[0] == $db->errorCode() unified error code
-		// $info[1] is the driver specific error code
-		// $info[2] is the driver specific error string
+//validate the uuid
+	if (is_uuid($group_uuid)) {
+		//get the group from v_groups
+			$sql = "select * from v_groups ";
+			$sql .= "where group_uuid = '".$group_uuid."' ";
+			$sql .= "and (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null) ";
+			$prep_statement = $db->prepare(check_sql($sql));
+			$prep_statement->execute();
+			$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+			foreach ($result as &$row) {
+				$group_name = $row["group_name"];
+			}
+			unset ($prep_statement);
+
+		//delete the group users
+			$sql = "delete from v_group_users ";
+			$sql .= "where group_uuid = '".$group_uuid."' ";
+			$sql .= "and (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null) ";
+			if (!$db->exec($sql)) {
+				$error = $db->errorInfo();
+				print_r($error);
+			}
+
+		//delete the group permissions
+			if (strlen($group_name) > 0) {
+				$sql = "delete from v_group_permissions ";
+				$sql .= "where group_name = '".$group_name."' ";
+				$sql .= "and (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null) ";
+				if (!$db->exec($sql)) {
+					$error = $db->errorInfo();
+					print_r($error);
+				}
+			}
+
+		//delete the group
+			$sql = "delete from v_groups ";
+			$sql .= "where group_uuid = '".$group_uuid."' ";
+			$sql .= "and (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null) ";
+			if (!$db->exec($sql)) {
+				$error = $db->errorInfo();
+				print_r($error);
+			}
 	}

 //redirect the user
--- a/core/users/userdelete.php
+++ b/core/users/userdelete.php
@@ -17,7 +17,7 @@

 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2015
 	the Initial Developer. All Rights Reserved.

 	Contributor(s):
@@ -41,50 +41,47 @@ else {
 //get the id
 	$user_uuid = check_str($_GET["id"]);

-//get the username from v_users
-	$sql = "select * from v_users ";
-	$sql .= "where domain_uuid = '$domain_uuid' ";
-	$sql .= "and user_uuid = '$user_uuid' ";
-	$sql .= "and user_enabled = 'true' ";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	foreach ($result as &$row) {
-		$username = $row["username"];
-		break; //limit to 1 row
-	}
-	unset ($prep_statement);
+//validate the uuid
+	if (is_uuid($user_uuid)) {
+		//get the username from v_users
+			$sql = "select * from v_users ";
+			$sql .= "where user_uuid = '$user_uuid' ";
+			$sql .= "and domain_uuid = '$domain_uuid' ";
+			$prep_statement = $db->prepare(check_sql($sql));
+			$prep_statement->execute();
+			$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+			foreach ($result as &$row) {
+				$username = $row["username"];
+			}
+			unset ($prep_statement);

-//required to be a superadmin to delete a member of the superadmin group
-	$superadmin_list = superadmin_list($db);
-	if (if_superadmin($superadmin_list, $user_uuid)) {
-		if (!if_group("superadmin")) {
-			//access denied - do not delete the user
-			header("Location: index.php");
-			return;
-		}
-	}
+		//required to be a superadmin to delete a member of the superadmin group
+			$superadmin_list = superadmin_list($db);
+			if (if_superadmin($superadmin_list, $user_uuid)) {
+				if (!if_group("superadmin")) {
+					//access denied - do not delete the user
+					header("Location: index.php");
+					return;
+				}
+			}

-//delete the user
-	$sql_delete = "delete from v_users ";
-	$sql_delete .= "where domain_uuid = '$domain_uuid' ";
-	$sql_delete .= "and user_uuid = '$user_uuid' ";
-	if (!$db->exec($sql_delete)) {
-		//echo $db->errorCode() . "<br>";
-		$info = $db->errorInfo();
-		print_r($info);
-		// $info[0] == $db->errorCode() unified error code
-		// $info[1] is the driver specific error code
-		// $info[2] is the driver specific error string
-	}
+		//delete the groups the user is assigned to
+			$sql = "delete from v_group_users ";
+			$sql .= "where user_uuid = '$user_uuid' ";
+			$sql .= "and domain_uuid = '$domain_uuid' ";
+			if (!$db->exec($sql)) {
+				$info = $db->errorInfo();
+				print_r($info);
+			}

-//delete the groups the user is assigned to
-	$sql_delete = "delete from v_group_users ";
-	$sql_delete .= "where domain_uuid = '$domain_uuid' ";
-	$sql_delete .= "and user_uuid = '$user_uuid' ";
-	if (!$db->exec($sql_delete)) {
-		$info = $db->errorInfo();
-		print_r($info);
+		//delete the user
+			$sql = "delete from v_users ";
+			$sql .= "where user_uuid = '$user_uuid' ";
+			$sql .= "and domain_uuid = '$domain_uuid' ";
+			if (!$db->exec($sql)) {
+				$info = $db->errorInfo();
+				print_r($info);
+			}
 	}

 //redirect the user