Project

General

Profile

« Previous | Next » 

Revision 1353

Added by FrankH almost 14 years ago

Security fixes

View differences:

settings2.php
36 36
// Get values
37 37
$page_title = htmlspecialchars($admin->get_post_escaped('page_title') );
38 38
$menu_title = htmlspecialchars($admin->get_post_escaped('menu_title') );
39
$page_code = $admin->get_post_escaped('page_code');
39
$page_code = (int) $admin->get_post_escaped('page_code');
40 40
$description = htmlspecialchars($admin->add_slashes($admin->get_post('description')) );
41 41
$keywords = htmlspecialchars($admin->add_slashes($admin->get_post('keywords')) );
42
$parent = $admin->get_post_escaped('parent');
42
$parent = (int) $admin->get_post_escaped('parent'); // fix secunia 2010-91-3
43 43
$visibility = $admin->get_post_escaped('visibility');
44
$template = $admin->get_post_escaped('template');
45
$target = $admin->get_post_escaped('target');
44
if (!in_array($visibility, array('public', 'private', 'registered', 'hidden', 'none'))) $visibility = 'public'; // fix
45
$template = preg_replace("/\W/", "", $admin->get_post_escaped('template')); // fix secunia 2010-93-3
46
$target = preg_replace("/\W/", "", $admin->get_post_escaped('target'));
46 47
$admin_groups = $admin->get_post_escaped('admin_groups');
47 48
$viewing_groups = $admin->get_post_escaped('viewing_groups');
48 49
$searching = $admin->get_post_escaped('searching');
49
$language = $admin->get_post_escaped('language');
50
$menu = $admin->get_post_escaped('menu');
50
$language = strtoupper($admin->get_post('language'));
51
$language = (preg_match('/^[A-Z]{2}$/', $language) ? $language : DEFAULT_LANGUAGE);
52
$menu = (int) $admin->get_post_escaped('menu'); // fix secunia 2010-91-3
51 53

  
52 54
// Validate data
53 55
if($page_title == '' || substr($page_title,0,1)=='.')
......
95 97
//if(!in_array(1, $admin->get_groups_id())) {
96 98
//	$admin_groups[] = implode(",",$admin->get_groups_id());
97 99
//}
98
$admin_groups = implode(',', $admin_groups);
100
$admin_groups = preg_replace("/[^\d,]/", "", implode(',', $admin_groups));
99 101
// Setup viewing groups
100 102
$viewing_groups[] = 1;
101 103
//if(!in_array(1, $admin->get_groups_id())) {
102 104
//	$viewing_groups[] = implode(",",$admin->get_groups_id());
103 105
//}
104
$viewing_groups = implode(',', $viewing_groups);
106
$viewing_groups = preg_replace("/[^\d,]/", "", implode(',', $viewing_groups));
105 107

  
106 108
// If needed, get new order
107 109
if($parent != $old_parent)
......
193 195
$sql .= '`language` = "'.$language.'", ';
194 196
$sql .= '`admin_groups` = "'.$admin_groups.'", ';
195 197
$sql .= '`viewing_groups` = "'.$viewing_groups.'"';
196
$sql .= (defined('PAGE_LANGUAGES') && PAGE_LANGUAGES) && $field_set && (file_exists(WB_PATH.'/modules/mod_multilingual/update_keys.php')) ? ', `page_code` = '.(int)$page_code.' ' : ' ';
198
$sql .= (defined('PAGE_LANGUAGES') && PAGE_LANGUAGES) && $field_set && (file_exists(WB_PATH.'/modules/mod_multilingual/update_keys.php')) ? ', `page_code` = '.$page_code.' ' : ' ';
197 199
$sql .= 'WHERE `page_id` = '.$page_id;
198 200
$database->query($sql);
199 201

  

Also available in: Unified diff