From af92765798574598edc29651fa306d8b2eb67004 Mon Sep 17 00:00:00 2001
From: Benjamin Kellermann <Benjamin.Kellermann@gmx.de>
Date: Fri, 14 Oct 2016 01:34:13 +0200
Subject: catch poll_type manipulation

---
 index.cgi | 41 ++++++++++++++++++++++++-----------------
 poll.rb   |  6 +++++-
 2 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/index.cgi b/index.cgi
index e0e1464..5146b0b 100755
--- a/index.cgi
+++ b/index.cgi
@@ -50,23 +50,30 @@ if $cgi.include?("create_poll") && $cgi.include?("poll_url")
 			createnotice = _("A Poll with this address already exists.")
 		else Dir.mkdir(POLLURL)
 			Dir.chdir(POLLURL)
-			VCS.init
-			File.symlink("../participate.rb","index.cgi")
-			VCS.add("index.cgi")
-			["atom","customize", "history", "overview", "edit_columns","access_control", "delete_poll", "invite_participants"].each{|f|
-				File.symlink("../#{f}.rb","#{f}.cgi")
-				VCS.add("#{f}.cgi")
-			}
-			["data.yaml",".htaccess",".htdigest"].each{|f|
-				File.open(f,"w").close
-				VCS.add(f)
-			}
-			Poll.new(CGI.escapeHTML(POLLTITLE),$cgi["poll_type"])
-			Dir.chdir("..")
-			$d.html.header["status"] = "REDIRECT"
-			$d.html.header["Cache-Control"] = "no-cache"
-			$d.html.header["Location"] = $conf.siteurl + POLLURL + "/edit_columns.cgi"
-			$d << _("The poll was created successfully. The link to your new poll is: %{link}") % {:link => "<br /><a href=\"#{POLLURL}\">#{POLLURL}</a>"}
+			begin
+				Poll.new(CGI.escapeHTML(POLLTITLE),$cgi["poll_type"])
+				VCS.init
+				File.symlink("../participate.rb","index.cgi")
+				VCS.add("index.cgi")
+				["atom","customize", "history", "overview", "edit_columns","access_control", "delete_poll", "invite_participants"].each{|f|
+					File.symlink("../#{f}.rb","#{f}.cgi")
+					VCS.add("#{f}.cgi")
+				}
+				["data.yaml",".htaccess",".htdigest"].each{|f|
+					File.open(f,"w").close
+					VCS.add(f)
+				}
+				Dir.chdir("..")
+				$d.html.header["status"] = "REDIRECT"
+				$d.html.header["Cache-Control"] = "no-cache"
+				$d.html.header["Location"] = $conf.siteurl + POLLURL + "/edit_columns.cgi"
+				$d << _("The poll was created successfully. The link to your new poll is: %{link}") % {:link => "<br /><a href=\"#{POLLURL}\">#{POLLURL}</a>"}
+			rescue WrongPollTypeError # should only happen in case of hacking
+				$d.html.header["status"] = "REDIRECT"
+				$d.html.header["Cache-Control"] = "no-cache"
+				$d.html.header["Location"] = "http://localhost/"
+				$d << _("Go away.")
+			end
 		end
 	end
 end
diff --git a/poll.rb b/poll.rb
index c98bf22..aef966a 100644
--- a/poll.rb
+++ b/poll.rb
@@ -44,6 +44,10 @@ class String
 		return id
 	end
 end
+
+class WrongPollTypeError < StandardError
+end
+
 class Poll
 	attr_reader :head, :name
 	YESVAL   = "a_yes__"
@@ -64,7 +68,7 @@ class Poll
 		when "time"
 			@head = TimePollHead.new
 		else
-			raise("unknown poll type: #{type}")
+			raise(WrongPollTypeError, "unknown poll type: #{type}")
 		end
 		@data = {}
 		@comment = []
-- 
cgit v1.2.3