From fe7618f1baf08fe8f579b2efdbb7e5200b60e6d4 Mon Sep 17 00:00:00 2001
From: till <till@php.net>
Date: Wed, 22 Oct 2008 14:18:47 +0000
Subject:  * checking if a user session is active in quotaimg.php   * this is
 an expensive operation   * but it fixes a possible DoS  * implement max-width
 and -height for the image (subject to change)

---
 bin/quotaimg.php | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'bin/quotaimg.php')

diff --git a/bin/quotaimg.php b/bin/quotaimg.php
index ddd9b728a..74a3d994a 100644
--- a/bin/quotaimg.php
+++ b/bin/quotaimg.php
@@ -18,11 +18,30 @@
 
 */
 
+// define INSTALL_PATH since it's sort of custom from /bin/quotaimg.php
+define('INSTALL_PATH', str_replace('bin', '', dirname(__FILE__)));
+
+// include environment
+require_once INSTALL_PATH . 'program/include/iniset.php';
+
+// init application and start session with requested task
+$RCMAIL = rcmail::get_instance();
+if (empty($RCMAIL->user->ID)) {
+    die('You are not logged in, there is no need you are allowed to render the quota image.');
+}
+
 $used   = ((isset($_GET['u']) && !empty($_GET['u'])) || $_GET['u']=='0')?(int)$_GET['u']:'??';
 $quota  = ((isset($_GET['q']) && !empty($_GET['q'])) || $_GET['q']=='0')?(int)$_GET['q']:'??';
 $width  = empty($_GET['w']) ? 100 : (int)$_GET['w'];
 $height = empty($_GET['h']) ? 14 : (int)$_GET['h'];
 
+// let's apply some sanity
+// @todo Maybe a config option?
+if ($width > 200 || $height > 50) {
+    $width = 100;
+    $height = 14;
+}
+
 /**
  * Quota display
  * 
@@ -180,4 +199,4 @@ function genQuota($used, $total, $width, $height)
 
 genQuota($used, $quota, $width, $height);
 exit;
-?>
\ No newline at end of file
+?>
-- 
cgit v1.2.3