Project

General

Profile

« Previous | Next » 

Revision 1385

Added by FrankH about 14 years ago

  1. Security fix to filter out droplets from user input in news and form modules

View differences:

branches/2.8.x/CHANGELOG
11 11 
! = Update/Change
12 12 

  		




  13
  13
  
    
------------------------------------- 2.8.2 -------------------------------------


  		




  
  14
  
    
16 Jan-2011 Build 1385 Frank Heyne (FrankH)


  		




  
  15
  
    
# Security fix to filter out droplets from user input in news and form modules


  		




  14
  16
  
    
16 Jan-2011 Build 1384 Dietmar Woellbrink (Luisehahne)


  		




  15
  17
  
    
! Security fix in admin/pages


  		




  16
  18
  
    
15 Jan-2011 Build 1383 Frank Heyne (FrankH)


  		












  

    
      branches/2.8.x/wb/admin/interface/version.php
    
  





  52
  52
  
    

  		




  53
  53
  
    
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)


  		




  54
  54
  
    
if(!defined('VERSION')) define('VERSION', '2.8.2.RC4');


  		




  55
  
  
    
if(!defined('REVISION')) define('REVISION', '1384');


  		




  
  55
  
    
if(!defined('REVISION')) define('REVISION', '1385');


  		




  56
  56
  
    

  		




  57
  57
  
    
?>


  		












  

    
      branches/2.8.x/wb/modules/form/view.php
    
  





  325
  325
  
    
				// Add to message body


  		




  326
  326
  
    
				if($field['type'] != '') {


  		




  327
  327
  
    
					if(!empty($_POST['field'.$field['field_id']])) {


  		




  
  328
  
    
						// do not allow droplets in user input!


  		




  328
  329
  
    
						if (is_array($_POST['field'.$field['field_id']])) {


  		




  329
  
  
    
							$_SESSION['field'.$field['field_id']] = $_POST['field'.$field['field_id']];


  		




  
  330
  
    
							$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("[[", "]]"), $_POST['field'.$field['field_id']]);


  		




  330
  331
  
    
						} else {


  		




  331
  
  
    
							$_SESSION['field'.$field['field_id']] = htmlspecialchars($_POST['field'.$field['field_id']]);


  		




  
  332
  
    
							$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("[[", "]]"), htmlspecialchars($_POST['field'.$field['field_id']]));


  		




  332
  333
  
    
						}


  		




  333
  334
  
    
						// if the output filter is active, we need to revert (dot) to . and (at) to @ (using current filter settings)


  		




  334
  335
  
    
						// otherwise the entered mail will not be accepted and the recipient would see (dot), (at) etc.


  		












  

    
      branches/2.8.x/wb/modules/news/save_comment.php
    
  





  51
  51
  
    
	$title = strip_tags($admin->get_post_escaped('title'));


  		




  52
  52
  
    
	$comment = strip_tags($admin->get_post_escaped('comment'));


  		




  53
  53
  
    
	$post_id = $admin->getIDKEY($admin->get_post('post_id'));


  		




  
  54
  
    
	


  		




  
  55
  
    
	// do not allow droplets in user input!


  		




  
  56
  
    
	$title = str_replace(array("[[", "]]"), array("[[", "]]"), $title);


  		




  
  57
  
    
	$comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment);


  		




  54
  58
  
    
}


  		




  55
  59
  
    

  		




  56
  60
  
    
// Update row


  		












Also available in:  Unified diff