From: Michael J Rubinsky <mrubinsk@horde.org>
Date: Mon, 2 Nov 2015 07:55:52 +0100
Subject: Add session token checking to various admin pages.

Origin: https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
---
 horde-5.2.1/admin/cmdshell.php                | 3 ++-
 horde-5.2.1/admin/phpshell.php                | 2 ++
 horde-5.2.1/admin/sqlshell.php                | 5 ++++-
 horde-5.2.1/templates/admin/cmdshell.html.php | 2 ++
 horde-5.2.1/templates/admin/phpshell.html.php | 2 ++
 horde-5.2.1/templates/admin/sqlshell.html.php | 2 ++
 6 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/horde-5.2.1/admin/cmdshell.php b/horde-5.2.1/admin/cmdshell.php
index 9e454b0..4d63e90 100644
--- a/horde-5.2.1/admin/cmdshell.php
+++ b/horde-5.2.1/admin/cmdshell.php
@@ -27,8 +27,9 @@ $view->addHelper('Text');
 $view->action = Horde::url('admin/cmdshell.php');
 $view->command = trim(Horde_Util::getFormData('cmd'));
 $view->title = $title;
-
+$view->session = $session;
 if ($view->command) {
+    $session->checkToken(Horde_Util::getPost('token'));
     $cmds = explode("\n", $view->command);
     $out = array();
 
diff --git a/horde-5.2.1/admin/phpshell.php b/horde-5.2.1/admin/phpshell.php
index 6d9eae2..9f64bbc 100644
--- a/horde-5.2.1/admin/phpshell.php
+++ b/horde-5.2.1/admin/phpshell.php
@@ -48,8 +48,10 @@ $view->application = $application;
 $view->apps = $apps;
 $view->command = $command;
 $view->title = $title;
+$view->session = $session;
 
 if ($command) {
+    $session->checkToken($vars->token);
     $pushed = $registry->pushApp($application);
 
     $part = new Horde_Mime_Part();
diff --git a/horde-5.2.1/admin/sqlshell.php b/horde-5.2.1/admin/sqlshell.php
index f7972c2..1ee4512 100644
--- a/horde-5.2.1/admin/sqlshell.php
+++ b/horde-5.2.1/admin/sqlshell.php
@@ -22,7 +22,9 @@ $db = $injector->getInstance('Horde_Db_Adapter');
 $q_cache = $session->get('horde', 'sql_query_cache', Horde_Session::TYPE_ARRAY);
 $title = _("SQL Shell");
 $vars = $injector->getInstance('Horde_Variables');
-
+if ($vars->get('list-tables') || ($command = trim($vars->sql))) {
+    $session->checkToken($vars->token);
+}
 if ($vars->get('list-tables')) {
     $description = 'LIST TABLES';
     $result = $db->tables();
@@ -48,6 +50,7 @@ if ($vars->get('list-tables')) {
 $view = new Horde_View(array(
     'templatePath' => HORDE_TEMPLATES . '/admin'
 ));
+$view->session = $session;
 $view->addHelper('Horde_Core_View_Helper_Help');
 $view->addHelper('Text');
 
diff --git a/horde-5.2.1/templates/admin/cmdshell.html.php b/horde-5.2.1/templates/admin/cmdshell.html.php
index 5ae18ea..8dcce42 100644
--- a/horde-5.2.1/templates/admin/cmdshell.html.php
+++ b/horde-5.2.1/templates/admin/cmdshell.html.php
@@ -11,6 +11,8 @@
 <?php endif; ?>
 
 <form action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <h1 class="header"><?php echo $this->title ?></h1>
 
  <div class="horde-content">
diff --git a/horde-5.2.1/templates/admin/phpshell.html.php b/horde-5.2.1/templates/admin/phpshell.html.php
index 1860d5e..47c4ff3 100644
--- a/horde-5.2.1/templates/admin/phpshell.html.php
+++ b/horde-5.2.1/templates/admin/phpshell.html.php
@@ -1,4 +1,6 @@
 <form action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <h1 class="header"><?php echo $this->h($this->title) ?></h1>
 
  <div class="horde-content">
diff --git a/horde-5.2.1/templates/admin/sqlshell.html.php b/horde-5.2.1/templates/admin/sqlshell.html.php
index aae6684..e72c5f9 100644
--- a/horde-5.2.1/templates/admin/sqlshell.html.php
+++ b/horde-5.2.1/templates/admin/sqlshell.html.php
@@ -1,6 +1,8 @@
 <h1 class="header"><?php echo $this->title ?></h1>
 
 <form name="sqlshell" action="<?php echo $this->action ?>" method="post">
+ <?php Horde_Util::pformInput() ?>
+ <input type="hidden" name="token" value="<?php echo $this->session->getToken() ?>" />
  <div class="horde-content">
 <?php if ($this->results): ?>
 <?php if ($this->command): ?>
