Ignore:
Timestamp:
Jan 17, 2016, 10:07:13 PM (8 years ago)
Author:
chronos
Message:
  • Fixed: Use htmlspecialchars function for user inserted content to avoid breaking page HTML structure. Added for forum, teams, dictionary and profile text.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Modules/Forum/Forum.php

    r850 r851  
    2626    if(array_key_exists('Search', $this->System->ModuleManager->Modules))
    2727      $this->System->ModuleManager->Modules['Search']->RegisterSearch('forumthread',
    28       T('Name of thread forum'), array('UserName', 'Text'), '`ForumThread`', $this->System->Link('/forum/?search='));
     28      T('Name of thread forum'), array('UserName', 'Text'), '`ForumThread`',
     29      $this->System->Link('/forum/?search='));
    2930
    3031    $this->System->RegisterMenuItem(array(
     
    5657        '<td><a href="'.$this->System->Link('/forum/?Thread='.$DbRow['Thread']).'">'.HumanDate($DbRow['Date']).'</a></td>'.
    5758        '<td><a href="'.$this->System->Link('/user/?user='.$DbRow['UserId']).'">'.$DbRow['UserName'].'</a></td>'.
    58         '<td>'.$Parser->qparse($DbRow['Text']).'</td>'.
     59        '<td>'.htmlspecialchars($Parser->qparse($DbRow['Text'])).'</td>'.
    5960        '</tr>';
    6061    }
     
    7273    if(array_key_exists('a', $_POST)) $Action = $_POST['a'];
    7374      else if(array_key_exists('a', $_GET)) $Action = $_GET['a'];
    74            else $Action = '';
     75       else $Action = '';
    7576    if (array_key_exists('Edit', $_GET)) {
    7677      if (array_key_exists('text', $_POST))
     
    117118            T('User').': ';
    118119        if($this->System->User->Licence(LICENCE_USER)) $Output .= '<b>'.$this->System->User->Name.'</b><br />';
    119         else $Output .= '<input type="text" name="user" /><br />';
     120          else $Output .= '<input type="text" name="user" /><br />';
    120121        $Output .= T('Message text').': ('.T('You can use').' <a href="http://www.bbcode.org/reference.php">'.T('BB code').'</a>)<br/>'.
    121         '<textarea onkeydown="ResizeTextArea(this)" rows="8" name="text" cols="80">'.$DbRow['Text'].'</textarea> <br/>'.
     122        '<textarea onkeydown="ResizeTextArea(this)" rows="8" name="text" cols="80">'.htmlspecialchars($DbRow['Text']).'</textarea> <br/>'.
    122123        '<input type="hidden" name="a" value="add2"/>'.
    123124        '<input type="submit" value="'.T('Send').'" /><br /></fieldset>'.
     
    149150    '`ForumThread`.`Text` as `ThreadName`,`ForumText`.`Thread` FROM `ForumText` '.$join.' WHERE '.$where.' ORDER BY `ForumText`.`Date` DESC '.$PageList['SQLLimit']);
    150151    while($Line = $DbResult->fetch_assoc())
    151       $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.$Line['ThreadName'].'</a><br /><strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse($Line['Text']).'</div> ';
     152      $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.
     153      htmlspecialchars($Line['ThreadName']).'</a><br /><strong>'.$Line['UserName'].
     154      '</strong> ('.HumanDate($Line['Date']).'): '.htmlspecialchars($parser->qparse($Line['Text'])).'</div> ';
    152155    $Output .= '</div>'.$PageList['Output'];
    153156    return($Output);
     
    166169    $DbResult = $this->System->Database->query('SELECT * FROM `ForumThread` WHERE 1 ORDER BY `ID` DESC '.$PageList['SQLLimit']);
    167170    while($Line = $DbResult->fetch_assoc())
    168       $Output .= '<div><span style="float:right;"><strong>'.$Line['UserName'].'</strong> - ('.HumanDate($Line['Date']).')</span> <a href="?Thread='.$Line['ID'].'">'.str_replace("\n", '',$Line['Text']).'</a> </div>';
     171      $Output .= '<div><span style="float:right;"><strong>'.$Line['UserName'].
     172    '</strong> - ('.HumanDate($Line['Date']).')</span> <a href="?Thread='.$Line['ID'].'">'.
     173    str_replace("\n", '', htmlspecialchars($Line['Text'])).'</a></div>';
    169174    $Output .= '</div>'.$PageList['Output'];
    170175    return($Output);
     
    191196    {
    192197    $Thread = $DbResult->fetch_assoc();
    193     $Output .= '<h3>'.$Thread['Text'].'</h3>';
     198    $Output .= '<h3>'.htmlspecialchars($Thread['Text']).'</h3>';
    194199
    195200    $DbResult = $this->System->Database->query('SELECT COUNT(*) FROM `ForumText` WHERE `Thread` = '.($_GET['Thread']*1).' '.$SearchQuery);
     
    206211      else $edit = '';
    207212      $Output .= '<div><span style="float:right;">'.$edit.' ('.HumanDate($Line['Date']).
    208         ')</span><strong>'.$Line['UserName'].'</strong>: '.str_replace("\n", '<br />',$parser->qparse($Line['Text'])).'  </div> ';
     213        ')</span><strong>'.$Line['UserName'].'</strong>: '.str_replace("\n", '<br />',
     214        htmlspecialchars($parser->qparse($Line['Text']))).'  </div> ';
    209215    }
    210216    $Output .= '</div>'.$PageList['Output'];
     
    313319      $Items[] = array
    314320      (
    315         'Title' =>  $DbRow['ThreadText'].' - '.$DbRow['UserName'].': ',
    316         'Link' =>  'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/forum/?Thread='.$DbRow['Thread']),
    317         'Description' => $parser->qparse($DbRow['Text']),
     321        'Title' => htmlspecialchars($DbRow['ThreadText']).' - '.$DbRow['UserName'].': ',
     322        'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/forum/?Thread='.$DbRow['Thread']),
     323        'Description' => htmlspecialchars($parser->qparse($DbRow['Text'])),
    318324        'Time' => $DbRow['UnixDate'],
    319325      );
Note: See TracChangeset for help on using the changeset viewer.