cuongpv/faveo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prevents RCE via unserialize()

Browse Source
This commit is contained in:
Manish Verma
2021-02-03 16:03:04 +05:30
parent 929d4a8b40
commit b3302b8466
3 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/views/themes/default1/client/helpdesk/ckeckticket.blade.php
View File

@@ -1,8 +1,8 @@
@extends('themes.default1.client.layout.client')
@section('content')
<?php
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id', '=', \Crypt::decrypt($id))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', \Crypt::decrypt($id))->first();
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id', '=', \Crypt::decrypt($id, false))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', \Crypt::decrypt($id, false))->first();
//$user = App\User::where('id','=',$id1)->first();
?>
<!-- Main content -->
@@ -461,7 +461,7 @@ $thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', \Cryp
</div>
@endif
<?php $id2 = Crypt::decrypt($id); ?>
<?php $id2 = Crypt::decrypt($id, false); ?>
<div id="respond" class="comment-respond form-border">

6
resources/views/themes/default1/client/helpdesk/ckeckticket2.blade.php
View File

@@ -16,8 +16,8 @@
@section('content')
<?php
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id','=',\Crypt::decrypt($id))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id','=',\Crypt::decrypt($id))->first();
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id','=',\Crypt::decrypt($id, false))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id','=',\Crypt::decrypt($id, false))->first();
//$user = App\User::where('id','=',$id1)->first();?>
<!-- Main content -->
@@ -350,7 +350,7 @@ foreach ($conversations as $conversation) {
{{Session::get('fails1')}}
</div>
@endif
<?php $id2 = Crypt::decrypt($id); ?>
<?php $id2 = Crypt::decrypt($id, false); ?>
<div id="respond" class="comment-respond form-border">
<h3 id="reply-title" class="comment-reply-title section-title"><i class="line"></i>{!! Lang::get('lang.leave_a_reply') !!}</h3>
@if(Auth::user())

6
resources/views/themes/default1/client/helpdesk/ckeckticketOld.blade.php
View File

@@ -2,8 +2,8 @@
@section('content')
<?php
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id', '=', \Crypt::decrypt($id))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', \Crypt::decrypt($id))->first();
$tickets = App\Model\helpdesk\Ticket\Tickets::where('id', '=', \Crypt::decrypt($id,false))->first();
$thread = App\Model\helpdesk\Ticket\Ticket_Thread::where('ticket_id', '=', \Crypt::decrypt($id,false))->first();
//$user = App\User::where('id','=',$id1)->first();
?>
<!-- Main content -->
@@ -345,7 +345,7 @@ foreach ($conversations as $conversation) {
{{Session::get('fails1')}}
</div>
@endif
<?php $id2 = Crypt::decrypt($id); ?>
<?php $id2 = Crypt::decrypt($id,false); ?>
<div id="respond" class="comment-respond form-border">
<h3 id="reply-title" class="comment-reply-title section-title"><i class="line"></i>{!! Lang::get('lang.leave_a_reply') !!}</h3>
@if(Auth::user())