fix: vulnerabilità minori

Pek5892 · Pek5892 · commit 6d371d00ce53 · 2026-02-11T17:29:14.000+01:00
diff --git a/modules/anagrafiche/src/Anagrafica.php b/modules/anagrafiche/src/Anagrafica.php
@@ -489,6 +489,12 @@ protected function geolocalizzazione()
                 $apiKey = setting('Google Maps API key per Tecnici');
                 $url = 'https://maps.googleapis.com/maps/api/geocode/json?address='.$indirizzo.'&key='.$apiKey;
 
+                // Validazione URL per prevenire SSRF
+                $parsed_url = parse_url($url);
+                if (!isset($parsed_url['host']) || $parsed_url['host'] !== 'maps.googleapis.com') {
+                    return false;
+                }
+
                 $response = file_get_contents($url);
                 $data = json_decode($response, true);
 
diff --git a/modules/anagrafiche/src/Sede.php b/modules/anagrafiche/src/Sede.php
@@ -131,6 +131,12 @@ protected function geolocalizzazione()
                 $apiKey = setting('Google Maps API key per Tecnici');
                 $url = 'https://maps.googleapis.com/maps/api/geocode/json?address='.$indirizzo.'&key='.$apiKey;
 
+                // Validazione URL per prevenire SSRF
+                $parsed_url = parse_url($url);
+                if (!isset($parsed_url['host']) || $parsed_url['host'] !== 'maps.googleapis.com') {
+                    return false;
+                }
+
                 $response = file_get_contents($url);
                 $data = json_decode($response, true);
 
diff --git a/modules/custom_fields/actions.php b/modules/custom_fields/actions.php
@@ -30,7 +30,7 @@
             'id_plugin' => $plugin,
             'name' => post('name'),
             'html_name' => post('html_name'),
-            'content' => $_POST['content'],
+            'content' => post('content'),
             'on_add' => post('on_add'),
             'top' => post('top'),
         ], ['id' => $id_record]);
@@ -47,7 +47,7 @@
             'id_module' => $module,
             'id_plugin' => $plugin,
             'name' => post('name_add'),
-            'content' => $_POST['content_add'],
+            'content' => post('content_add'),
             'html_name' => secure_random_string(8),
         ]);
         $id_record = $dbo->lastInsertedID();
diff --git a/modules/emails/ajax/complete.php b/modules/emails/ajax/complete.php
@@ -25,13 +25,15 @@
 switch ($resource) {
     // Elenco e-mail
     case 'get_email':
-        $indirizzi_proposti = $_GET['indirizzi_proposti'];
+        $indirizzi_proposti = filter('indirizzi_proposti');
         $where = '';
 
         if ($indirizzi_proposti == 1) {
             $where .= 'AND an_tipianagrafiche_lang.title = "Cliente"';
         } elseif ($indirizzi_proposti == 2) {
             $where .= 'AND an_tipianagrafiche_lang.title = "Fornitore"';
+        } else {
+            $indirizzi_proposti = null;
         }
 
         $results = [];
diff --git a/modules/newsletter/actions.php b/modules/newsletter/actions.php
@@ -45,7 +45,7 @@
         $newsletter->completed_at = filter('completed_at');
 
         $newsletter->subject = filter('subject');
-        $newsletter->content = $_POST['content']; // post('content', true);
+        $newsletter->content = post('content');
 
         $newsletter->save();
 
