pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
Browse Source

replaced strip_tags() by htmlspecialchars() in most of POST variables 

added stripslashes() to POST variables while form is not sent
master
Piotr Dergun 9 years ago
parent
9bae4628a0
commit
5899fffb29
4 changed files with 49 additions and 54 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +20
    -22
      inc/controllers/AdminController.class.php
  2. +27
    -30
      inc/controllers/MainController.class.php
  3. +1
    -1
      inc/views/MainView.class.php
  4. +1
    -1
      templates/posting.tpl.php

+ 20
- 22
inc/controllers/AdminController.class.php View File

@ -26,7 +26,7 @@ class AdminController extends Controller
$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
if ($_SERVER['REQUEST_SCHEME'] == 'http')
$this->forward('https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
$this->forward(buildURL($_SERVER['REQUEST_URI']));
if (!$this->getModel('SessionModel')->isLogged())
{
@ -73,11 +73,11 @@ class AdminController extends Controller
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['passwd'] = trim($_POST['passwd']);
$_POST['passwd_confirm'] = trim($_POST['passwd_confirm']);
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
$_POST['location'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['signature'])));
$_POST['user_rank'] = trim(strip_tags($this->db->real_escape_string($_POST['user_rank'])));
if ($_POST['passwd'] != '')
@ -154,10 +154,10 @@ class AdminController extends Controller
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
$_POST['nick'] = (isset($_POST['nick'])) ? stripslashes($_POST['nick']) : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? stripslashes($_POST['email']) : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? stripslashes($_POST['location']) : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? stripslashes($_POST['signature']) : $user_info['signature'];
$_POST['user_rank'] = (isset($_POST['user_rank'])) ? $_POST['user_rank'] : $user_info['rank'];
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
@ -259,7 +259,7 @@ class AdminController extends Controller
if (isset($_POST['forum_name'], $_POST['forum_desc']))
{
$_POST['forum_name'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['forum_name'])));
$_POST['forum_desc'] = trim(htmlspecialchars($_POST['forum_desc']));
$_POST['forum_desc'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['forum_desc'])));
if (strlen($_POST['forum_name']) < 3)
{
@ -278,7 +278,6 @@ class AdminController extends Controller
if ($msg == '')
{
$what = '';
if ($_POST['forum_name'] != $this->getModel('ConfigModel')->getConf('forum_name'))
$this->getModel('ConfigModel')->updateConf('forum_name', $_POST['forum_name']);
@ -290,8 +289,8 @@ class AdminController extends Controller
}
}
$_POST['forum_name'] = (isset($_POST['forum_name'])) ? $_POST['forum_name'] : $this->getModel('ConfigModel')->getConf('forum_name');
$_POST['forum_desc'] = (isset($_POST['forum_desc'])) ? $_POST['forum_desc'] : $this->getModel('ConfigModel')->getConf('forum_desc');
$_POST['forum_name'] = (isset($_POST['forum_name'])) ? stripslashes($_POST['forum_name']) : $this->getModel('ConfigModel')->getConf('forum_name');
$_POST['forum_desc'] = (isset($_POST['forum_desc'])) ? stripslashes($_POST['forum_desc']) : $this->getModel('ConfigModel')->getConf('forum_desc');
if (!isset($lockv))
{
$this->getView('MainView')->admin_config($msg);
@ -448,9 +447,9 @@ class AdminController extends Controller
if (!isset($lockv))
{
if ($m == 'add')
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
$_POST['name'] = (isset($_POST['name'])) ? stripslashes($_POST['name']) : '';
else
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $cat_info['name'];
$_POST['name'] = (isset($_POST['name'])) ? stripslashes($_POST['name']) : $cat_info['name'];
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
$this->getView('MainView')->admin_cat_form($msg, $m);
@ -513,15 +512,15 @@ class AdminController extends Controller
{
if ($m == 'add')
{
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : '';
$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : '';
$_POST['name'] = (isset($_POST['name'])) ? stripslashes($_POST['name']) : '';
$_POST['desc'] = (isset($_POST['desc'])) ? stripslashes($_POST['desc']) : '';
$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : '';
$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : '';
}
else
{
$_POST['name'] = (isset($_POST['name'])) ? $_POST['name'] : $forum_info['name'];
$_POST['desc'] = (isset($_POST['desc'])) ? $_POST['desc'] : $forum_info['desc'];
$_POST['name'] = (isset($_POST['name'])) ? stripslashes($_POST['name']) : $forum_info['name'];
$_POST['desc'] = (isset($_POST['desc'])) ? stripslashes($_POST['desc']) : $forum_info['desc'];
$_POST['category_id'] = (isset($_POST['category_id'])) ? $_POST['category_id'] : $forum_info['category_id'];
$_POST['locked'] = (isset($_POST['locked'])) ? $_POST['locked'] : $forum_info['locked'];
}
@ -581,7 +580,7 @@ class AdminController extends Controller
if (isset($_POST['user_id'], $_POST['reason']))
{
$_POST['user_id'] = trim(strip_tags($this->db->real_escape_string($_POST['user_id'])));
$_POST['reason'] = trim(strip_tags($this->db->real_escape_string($_POST['reason'])));
$_POST['reason'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['reason'])));
if ($_POST['user_id'] == $this->getModel('SessionModel')->getID())
$msg .= 'You cannot ban your profile!<br>';
@ -603,12 +602,11 @@ class AdminController extends Controller
if (!isset($lockv))
{
$_POST['user_id'] = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
$_POST['reason'] = (isset($_POST['reason'])) ? $_POST['reason'] : '';
$_POST['reason'] = (isset($_POST['reason'])) ? stripslashes($_POST['reason']) : '';
$this->getView('MainView')->admin_ban_form($msg);
}
}
}
}
?>

+ 27
- 30
inc/controllers/MainController.class.php View File

@ -19,8 +19,8 @@ class MainController extends Controller
private function loadDependencies() // zależności (sesje itp)
{
$this->loadModel('SessionModel'); //aktywacja sesji
$this->loadModel('ConfigModel'); //konfiguracja ogólna skryptu
$this->loadModel('SessionModel'); //initalizing session
$this->loadModel('ConfigModel'); //overall forum configuration
$this->loadView('MainView');
$this->getView('MainView')->putExistingModel('SessionModel', $this->getModel('SessionModel'));
$this->getView('MainView')->putExistingModel('ConfigModel', $this->getModel('ConfigModel'));
@ -94,7 +94,6 @@ class MainController extends Controller
$_POST['sort_desc'] = (isset($_POST['sort_desc'])) ? 'DESC' : 'ASC';
$this->getView('MainView')->userlist();
}
public function viewtopic()
@ -423,14 +422,14 @@ class MainController extends Controller
break;
}
//przesłanie formularza --------------------------------------------------------------------------------
//posting a HTML form --------------------------------------------------------------------------------
if (isset($_POST['post']) && !isset($_POST['preview']) && !isset($lockv))
{
$_POST['post'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['post'])));
if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC) //walidacja tytułu tematu (add, edit)
{
$_POST['topic'] = trim(strip_tags($this->db->real_escape_string($_POST['topic'])));
$_POST['topic'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['topic'])));
if (strlen($_POST['topic']) < 3)
$msg .= 'Topic title is too short (min 3 characters)<br>';
@ -482,24 +481,23 @@ class MainController extends Controller
{
case POSTING_NEWTOPIC:
case POSTING_REPLY:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '';
$_POST['post'] = (isset($_POST['post'])) ? stripslashes($_POST['post']) : '';
break;
case POSTING_EDITTOPIC:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : $t['topic_title'];
$_POST['post'] = (isset($_POST['post'])) ? stripslashes($_POST['post']) : $p['content'];
$_POST['topic'] = (isset($_POST['topic'])) ? stripslashes($_POST['topic']) : $t['topic_title'];
break;
case POSTING_EDIT:
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : $p['content'];
$_POST['post'] = (isset($_POST['post'])) ? stripslashes($_POST['post']) : $p['content'];
break;
case POSTING_QUOTE:
$quote = ($qp['nick'] != null) ? '='.$qp['nick'] : '';
$_POST['post'] = (isset($_POST['post'])) ? $_POST['post'] : '[quote'.$quote.']'.$qp['content'].'[/quote]';
break;
$_POST['post'] = (isset($_POST['post'])) ? stripslashes($_POST['post']) : '[quote'.$quote.']'.$qp['content'].'[/quote]';
break;
}
if ($type == POSTING_NEWTOPIC)
$_POST['topic'] = (isset($_POST['topic'])) ? $_POST['topic'] : ''; //tylko edycja/tworzenie tematu
$_POST['topic'] = (isset($_POST['topic'])) ? stripslashes($_POST['topic']) : '';
$this->getView('MainView')->putExistingModel('PostsModel', $this->getModel('PostsModel'));
$this->getView('MainView')->putExistingModel('ForumsModel', $this->getModel('ForumsModel'));
@ -550,13 +548,13 @@ class MainController extends Controller
if (isset($_POST['nick'], $_POST['passwd'], $_POST['passwd_confirm'], $_POST['email']))
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd_old'] = trim(strip_tags($_POST['passwd_old']));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['nick'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd_old'] = trim($_POST['passwd_old']);
$_POST['passwd'] = trim($_POST['passwd']);
$_POST['passwd_confirm'] = trim($_POST['passwd_confirm']);
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
$_POST['location'] = trim(strip_tags($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(strip_tags($this->db->real_escape_string($_POST['signature'])));
$_POST['location'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['location'])));
$_POST['signature'] = trim(htmlspecialchars($this->db->real_escape_string($_POST['signature'])));
if ($_POST['email'] != $user_info['email'] || $_POST['passwd'] != '')
{
@ -621,10 +619,10 @@ class MainController extends Controller
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? $_POST['location'] : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? $_POST['signature'] : $user_info['signature'];
$_POST['nick'] = (isset($_POST['nick'])) ? stripslashes($_POST['nick']) : $user_info['nick'];
$_POST['email'] = (isset($_POST['email'])) ? stripslashes($_POST['email']) : $user_info['email'];
$_POST['location'] = (isset($_POST['location'])) ? stripslashes($_POST['location']) : $user_info['location'];
$_POST['signature'] = (isset($_POST['signature'])) ? stripslashes($_POST['signature']) : $user_info['signature'];
$this->getView('MainView')->putExistingModel('UsersModel', $this->getModel('UsersModel'));
@ -659,7 +657,7 @@ class MainController extends Controller
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim(strip_tags($this->db->real_escape_string($_POST['passwd']))));
$_POST['passwd'] = $this->getModel('UsersModel')->generatePasswordHash($_POST['nick'], trim($this->db->real_escape_string($_POST['passwd'])));
$userinfo = $this->getModel('SessionModel')->tryGetUser($_POST['nick'], $_POST['passwd']);
@ -684,7 +682,7 @@ class MainController extends Controller
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
$_POST['nick'] = (isset($_POST['nick'])) ? stripslashes($_POST['nick']) : '';
if (!isset($lockv))
$this->getView('MainView')->login_form($msg);
}
@ -702,8 +700,8 @@ class MainController extends Controller
{
//secure pools
$_POST['nick'] = trim(strip_tags($this->db->real_escape_string($_POST['nick'])));
$_POST['passwd'] = trim(strip_tags($_POST['passwd']));
$_POST['passwd_confirm'] = trim(strip_tags($_POST['passwd_confirm']));
$_POST['passwd'] = trim($_POST['passwd']);
$_POST['passwd_confirm'] = trim($_POST['passwd_confirm']);
$_POST['email'] = trim(strip_tags($this->db->real_escape_string($_POST['email'])));
if (strlen($_POST['nick']) < 3)
@ -729,8 +727,8 @@ class MainController extends Controller
}
}
$_POST['nick'] = (isset($_POST['nick'])) ? $_POST['nick'] : '';
$_POST['email'] = (isset($_POST['email'])) ? $_POST['email'] : '';
$_POST['nick'] = (isset($_POST['nick'])) ? stripslashes($_POST['nick']) : '';
$_POST['email'] = (isset($_POST['email'])) ? stripslashes($_POST['email']) : '';
if (!isset($lockv))
$this->getView('MainView')->register_form($msg);
@ -750,5 +748,4 @@ class MainController extends Controller
echo 'false';
}
}
?>

+ 1
- 1
inc/views/MainView.class.php View File

@ -265,7 +265,7 @@ class MainView extends View
$this->assign('post', $_POST['post']);
if (isset($_POST['preview']))
$this->assign('preview', addslashes(htmlspecialchars($_POST['post'])));
$this->assign('preview', true);
if ($type == POSTING_NEWTOPIC || $type == POSTING_EDITTOPIC)
$this->assign('topic', $_POST['topic']);

+ 1
- 1
templates/posting.tpl.php View File

@ -16,7 +16,7 @@
<div class="row">
<div class="tc1 post_content tc4" style="height: 150px">
<?= BBCode($this->TPL['preview']); ?>
<?= BBCode($this->TPL['post']); ?>
</div>
</div>
</div>

Write Preview
Loading…
Cancel
Save