Fix vulnerable.

app/controllers/admin/personal_plugin_fields_controller.rb

@@ -16,7 +16,7 @@ class Admin::PersonalPluginFieldsController < OrbitMemberController
 		FileUtils.mkdir_p(zip_path) if !Dir.exist?(zip_path)
 		personal_plugin_field = PersonalPluginField.find(params[:personal_plugin_field_id]) rescue nil
 		if personal_plugin_field
-			zip_file_path = zip_path + "#{personal_plugin_field.module_name}.zip"
+			zip_file_path = zip_path + "#{personal_plugin_field.module_name.split('/').last}.zip"
 			zip_file= ZipFileGenerator.new(zip_path + personal_plugin_field.module_name ,zip_file_path)
 			begin
 				zip_file.write
@@ -900,10 +900,12 @@ class Admin::PersonalPluginFieldsController < OrbitMemberController
 		end
 	end
 	def check_modal_name
-		primary_modal_names = PersonalPluginField.where(:id.ne=>params[:id]).pluck(:primary_modal_name)
-		related_modal_names = PersonalPluginField.where(:id.ne=>params[:id]).pluck(:related_modal_name).flatten.uniq
+		id = params[:id].to_s
+		other_personal_plugin_fields = PersonalPluginField.where(:id.ne=>id)
+		primary_modal_names = other_personal_plugin_fields.pluck(:primary_modal_name)
+		related_modal_names = other_personal_plugin_fields.pluck(:related_modal_name).flatten.uniq
 		other_modal_names = primary_modal_names + related_modal_names
-		personal_plugin_field = PersonalPluginField.where(:id=>params[:id]).first
+		personal_plugin_field = PersonalPluginField.where(:id=>id).first
 		all_modal_names = PersonalPluginField.get_modal_names_cache
 		if personal_plugin_field.present?
 			except_modals = Dir.glob("tmp/#{personal_plugin_field.module_name}/app/models/*.rb").map{|f| 

template_generator/app/controllers/admin/plugin_templates_controller.rb

@@ -26,7 +26,7 @@ class Admin::PluginTemplatesController < OrbitMemberController
 			@sort = {:category_id=>params[:order]}.merge({:id=>params[:order]})
 		else
 			if params[:sort].present?
-				s = Sanitize.clean(params[:sort]).to_sym
+				s = params[:sort].to_s
 				@sort = {s=>params[:order]}.merge({:id=>params[:order]})
 			else
 				@sort = {}
@@ -35,7 +35,7 @@ class Admin::PluginTemplatesController < OrbitMemberController
 		@sort
 	end
 	def new
-		@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
+		@member = MemberProfile.find_by(:uid=>params[:uid].to_s) rescue nil
 		@plugin_template = PluginTemplate.new
 	end
 
@@ -91,7 +91,7 @@ class Admin::PluginTemplatesController < OrbitMemberController
 	end
 
 	def frontend_setting
-		@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
+		@member = MemberProfile.find_by(:uid=>params[:uid].to_s) rescue nil
 		@intro = PluginTemplateIntro.find_by(:member_profile_id=>@member.id) rescue nil
 		@intro = @intro.nil? ? PluginTemplateIntro.new({:member_profile_id=>@member.id}) : @intro
 	end

template_generator/app/controllers/personal_plugin_templates_controller.rb

@@ -55,11 +55,13 @@ class PersonalPluginTemplatesController < ApplicationController
 		choice = choice.map { |value| value.inject :merge }
 		select_text = t('personal_plugin_template.extend_translate.search_class')
 		search_text = t('personal_plugin_template.extend_translate.word_to_search')
-
+		@_request = OrbitHelper.request
+		csrf_value = form_authenticity_token
 		extras = extras.merge({ 'url' => '/' + I18n.locale.to_s + params[:url],
 							'select_text' => select_text,
 							'search_text' => search_text,
-							'search_value' => params[:keywords].to_s.gsub(/\"/,'')
+							'search_value' => params[:keywords].to_s.gsub(/\"/,''),
+							'csrf_value' => csrf_value
 						})
 		extras["widget-title"] = I18n.t("module_name.personal_plugin_template")
 		{
@@ -73,7 +75,7 @@ class PersonalPluginTemplatesController < ApplicationController
 
 	def show
 		params = OrbitHelper.params
-		plugin = PluginTemplate.where(:is_hidden=>false).find_by(uid: params[:uid])
+		plugin = PluginTemplate.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
 		fields_to_show = col_name_to_show_in_show_page
 		{"plugin_datas"=>plugin.get_plugin_data(fields_to_show)}
 	end
@@ -119,8 +121,8 @@ class PersonalPluginTemplatesController < ApplicationController
 			relate_name = select_field.split(".").first
 			field_name = select_field.split(".").last
 			relate = relate_name.classify.constantize
-			relate_ids = relate.where(field_name.to_sym=>/#{gsub_invalid_character(keywords)}/).pluck(:id)	
-			plugin_templates = plugin_templates.where("#{relate_name.singularize}_id".to_sym.in=>relate_ids)
+			relate_ids = relate.where(field_name=>/#{gsub_invalid_character(keywords)}/).pluck(:id)	
+			plugin_templates = plugin_templates.where("#{relate_name.singularize}_id"=>{'$in'=>relate_ids})
 		elsif (PluginTemplate.fields[select_field].options[:type] == Date rescue false)
 			keywords = keywords.split(/[\/\-]/)
 			if keywords.count > 1
@@ -128,7 +130,7 @@ class PersonalPluginTemplatesController < ApplicationController
 			else
 				start_time = Date.parse(keywords[0] + "/1/1")
 				end_time = Date.parse(keywords[0] + "/12/31")
-				plugin_templates = plugin_templates.where(select_field.to_sym.gte=>start_time,select_field.to_sym.lte=>end_time)
+				plugin_templates = plugin_templates.where(select_field=>{'$gte'=>start_time,'$lte'=>end_time})
 			end
 		elsif (PluginTemplate.fields[select_field].options[:type] == DateTime rescue false)
 			keywords = keywords.split(/[\/\-]/)
@@ -140,7 +142,7 @@ class PersonalPluginTemplatesController < ApplicationController
 			else
 				start_time = DateTime.parse(keywords[0] + "/1/1 00:00")
 				end_time = DateTime.parse(keywords[0] + "/12/31 23:59")
-				plugin_templates = plugin_templates.where(select_field.to_sym.gte=>start_time,select_field.to_sym.lte=>end_time)
+				plugin_templates = plugin_templates.where(select_field=>{'$gte'=>start_time,'$lte'=>end_time})
 			end
 		elsif (PluginTemplate.fields[select_field].options[:type] == Integer rescue false)
 			tmp_plugin_templates = plugin_templates.select{|p| p.send(select_field).to_s.include?(keywords)}
@@ -160,7 +162,7 @@ class PersonalPluginTemplatesController < ApplicationController
 			tmp_plugin_templates = plugin_templates.select{|p| (p.send("#{select_field}_ids") & ids).count != 0}
 			plugin_templates = plugin_templates.where(:id.in=>tmp_plugin_templates.map{|p| p.id})
 		else
-			plugin_templates = plugin_templates.where(select_field.to_sym=>/#{gsub_invalid_character(keywords)}/)
+			plugin_templates = plugin_templates.where(select_field=>/#{gsub_invalid_character(keywords)}/)
 		end
 		return plugin_templates
 	end