Ignore:
Timestamp:
Jan 17, 2016, 10:07:13 PM (9 years ago)
Author:
chronos
Message:
  • Fixed: Use htmlspecialchars function for user inserted content to avoid breaking page HTML structure. Added for forum, teams, dictionary and profile text.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Modules/User/Profile.php

    r850 r851  
    6464      if($this->System->User->Id != null) $Action .= ' <a href="'.$this->System->Link('/export/?Action=Clone&amp;ExportId='.$Export['Id']).'" onclick="return confirmAction(\''.T('Really clone item?').'\');">'.T('Clone').'</a>';
    6565      $Output .= '<tr><td>'.HumanDate($Export['TimeCreate']).'</td>'.
    66         '<td>'.$Export['Title'].'</td>'.
     66        '<td>'.htmlspecialchars($Export['Title']).'</td>'.
    6767        '<td>'.$Export['OutputType'].'</td>'.
    6868        '<td><a href="'.$this->System->Link('/client-version/?action=item&amp;id='.$Export['ClientVersionId']).'">'.$Export['ClientVersion'].'</a></td>'.
     
    109109      {
    110110        $Output .= '<tr><td>'.HumanDate($DbRow['ModifyTime']).'</td>'.
    111             '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&amp;ID='.$DbRow['ID']).'">'.$DbRow['ID'].'</a></td>'.
    112             '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&amp;ID='.$DbRow['Take']).'">'.$DbRow['Take'].'</a></td>'.
    113             '<td><a href="'.$this->System->Link('/TranslationList.php?group='.$DbRow['Group'].'&amp;action=filter').'">'.T($DbRow['GroupName']).'</a></td></tr>';
     111          '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&amp;ID='.$DbRow['ID']).'">'.$DbRow['ID'].'</a></td>'.
     112          '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&amp;ID='.$DbRow['Take']).'">'.$DbRow['Take'].'</a></td>'.
     113          '<td><a href="'.$this->System->Link('/TranslationList.php?group='.$DbRow['Group'].'&amp;action=filter').'">'.T($DbRow['GroupName']).'</a></td></tr>';
    114114      }
    115115      $Output .= '</table>';
     
    125125
    126126    $Output .= '<div class="shoutbox">';
    127     $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, `ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` as `ThreadName`,`ForumText`.`Thread` FROM `ForumText` JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count);
     127    $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, '.
     128      '`ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` AS `ThreadName`, '.
     129      '`ForumText`.`Thread` FROM `ForumText` '.
     130      'JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` '.
     131      'WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count);
    128132    while($Line = $DbResult->fetch_assoc())
    129       $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.$Line['ThreadName'].'</a><br /><strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse($Line['Text']).'</div> ';
     133      $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.htmlspecialchars($Line['ThreadName']).'</a><br />'.
     134        '<strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.htmlspecialchars($parser->qparse($Line['Text'])).'</div> ';
    130135    $Output .= '</div>';
    131136    return($Output);
     
    159164        T('Level:').' <strong>'.$XP['Level'].'</strong> '.T('experience:').' '.ProgressBar(150, round($XP['XP'] / $XP['MaxXP'] * 100, 2), $XP['XP'].' / '.$XP['MaxXP']).'<br/>';
    160165      if($UserLine['TeamName'] != '')
    161         $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&amp;id='.$UserLine['Team']).'"><strong>'.$UserLine['TeamName'].'</strong></a><br />';
     166        $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&amp;id='.$UserLine['Team']).'"><strong>'.htmlspecialchars($UserLine['TeamName']).'</strong></a><br />';
    162167
    163168      // User tags
     
    175180      }
    176181
    177     $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'.str_replace("\n", '<br/>', $UserLine['Info']).'</fieldset><br/>';
     182    $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'.htmlspecialchars(str_replace("\n", '<br/>', $UserLine['Info'])).'</fieldset><br/>';
    178183
    179184    $Output .= '<table class="Home"><tr>'.
     
    183188    $Output .= '<br />'.$this->ShowLastForum().'<br />';
    184189    if($this->System->User->Licence(LICENCE_MODERATOR))
    185    {
     190    {
    186191      $Output .= '<fieldset><legend>Moderování</legend>';
    187192
    188193      $Output .= '<form action="?user='.($_GET['user'] * 1).'" method="post">Přidání tagu uživateli:<br />';
    189       $Query = 'SELECT * FROM UserTagType';
     194      $Query = 'SELECT * FROM `UserTagType`';
    190195      $DbResult = $this->Database->query($Query);
    191196      while ($UserTag = $DbResult->fetch_array()) {
Note: See TracChangeset for help on using the changeset viewer.