From cdb71f7474fe51af852b3266e26ad01cb97f50cc Mon Sep 17 00:00:00 2001 From: Harris Wong Date: Tue, 20 Sep 2011 17:23:33 +0000 Subject: [PATCH] 4525: Sanitize all input fields to disallow XSS. All the input field that most likely would introduce a problem is not wrapped around AT_print. --- docs/file_manager/edit.php | 12 +++++----- docs/file_manager/move.php | 16 ++++++------- docs/file_manager/new.php | 2 +- docs/file_manager/rename.php | 10 ++++---- docs/file_manager/zip.php | 10 ++++---- docs/home/editor/edit_content.php | 14 +++++------ docs/include/constants.inc.php | 23 +++++++++++++++++++ docs/include/vitals.inc.php | 9 ++++++++ docs/tests/form_editor.php | 2 +- docs/tests/import_test.php | 2 +- docs/tests/question_import.php | 2 +- .../default/tests/create_edit_test.tmpl.php | 2 +- docs/translation/index.php | 10 ++++---- 13 files changed, 73 insertions(+), 41 deletions(-) diff --git a/docs/file_manager/edit.php b/docs/file_manager/edit.php index 01a2147..95e6240 100644 --- a/docs/file_manager/edit.php +++ b/docs/file_manager/edit.php @@ -97,15 +97,15 @@ if (!isset($_POST['extension'])) { ?>
- - - - - + + + + +
-

+

*
diff --git a/docs/file_manager/move.php b/docs/file_manager/move.php index d9983fc..8ce3ca8 100644 --- a/docs/file_manager/move.php +++ b/docs/file_manager/move.php @@ -187,14 +187,14 @@ else {
- - - - - - - - + + + + + + + + printAll();
*
- /> + />
diff --git a/docs/file_manager/rename.php b/docs/file_manager/rename.php index 950abe1..ae403b7 100644 --- a/docs/file_manager/rename.php +++ b/docs/file_manager/rename.php @@ -76,17 +76,17 @@ if (isset($_POST['rename_action'])) { require(TR_INCLUDE_PATH.'header.inc.php'); ?> - - - - + + + +
*
- +
diff --git a/docs/file_manager/zip.php b/docs/file_manager/zip.php index 78a33d0..a424654 100644 --- a/docs/file_manager/zip.php +++ b/docs/file_manager/zip.php @@ -198,10 +198,10 @@ if (isset($_POST['cancel'])) { } else { ?> - - - - + + + +
@@ -211,7 +211,7 @@ if (isset($_POST['cancel'])) {
*
- +
diff --git a/docs/home/editor/edit_content.php b/docs/home/editor/edit_content.php index e2bccc3..30218e4 100644 --- a/docs/home/editor/edit_content.php +++ b/docs/home/editor/edit_content.php @@ -256,12 +256,12 @@ $pid = intval($_REQUEST['pid']); echo ''; echo ''; echo ''; - echo ''; - echo ''; - echo ''; + echo ''; + echo ''; + echo ''; } - echo ''; + echo ''; echo ''; // echo ''; @@ -271,7 +271,7 @@ $pid = intval($_REQUEST['pid']); // echo ''; // echo ''; - echo ''; + echo ''; echo ''; @@ -283,7 +283,7 @@ $pid = intval($_REQUEST['pid']); echo ''; //content test association - echo ''; + echo ''; /* get glossary terms */ // $matches = find_terms(stripslashes($_POST['body_text'])); @@ -353,7 +353,7 @@ $pid = intval($_REQUEST['pid']); echo ''."\n"; if (is_array($_POST['tid'])) { foreach ($_POST['tid'] as $i=>$tid){ - echo ''; + echo ''; } } } else { diff --git a/docs/include/constants.inc.php b/docs/include/constants.inc.php index 3f02f8b..0d08d53 100644 --- a/docs/include/constants.inc.php +++ b/docs/include/constants.inc.php @@ -147,4 +147,27 @@ define('TR_ACHECKER_WEB_SERVICE_ID', '2f4149673d93b7f37eb27506905f19d63fbdfe2d') /* relative uri */ $_rel_url = '/'.implode('/', array_slice($url_parts, count($url_parts) - $dir_deep-1)); +/* control how user inputs get formatted on output: */ +/* note: v131 not all formatting options are available on each section. */ + +define('TR_FORMAT_NONE', 0); /* LEQ to ~AT_FORMAT_ALL */ +define('TR_FORMAT_EMOTICONS', 1); +define('TR_FORMAT_LINKS', 2); +define('TR_FORMAT_IMAGES', 4); +define('TR_FORMAT_HTML', 8); +define('TR_FORMAT_GLOSSARY', 16); +define('TR_FORMAT_ATCODES', 32); +define('TR_FORMAT_CONTENT_DIR', 64); /* remove CONTENT_DIR */ +define('TR_FORMAT_QUOTES', 128); /* remove double quotes (does this get used?) */ +define('TR_FORMAT_ALL', TR_FORMAT_EMOTICONS + + TR_FORMAT_LINKS + + TR_FORMAT_IMAGES + + TR_FORMAT_HTML + + TR_FORMAT_GLOSSARY + + TR_FORMAT_ATCODES + + TR_FORMAT_CONTENT_DIR); + +$_field_formatting = array(); +$_field_formatting['input.*'] = TR_FORMAT_QUOTES; /* All input should have '<' and quotes escaped.*/ + ?> diff --git a/docs/include/vitals.inc.php b/docs/include/vitals.inc.php index 85c9f39..b252699 100644 --- a/docs/include/vitals.inc.php +++ b/docs/include/vitals.inc.php @@ -428,4 +428,13 @@ function convertAmp($input){ return str_replace('&', '&', $input); } +function query_bit( $bitfield, $bit ) { + if (!is_int($bitfield)) { + $bitfield = intval($bitfield); + } + if (!is_int($bit)) { + $bit = intval($bit); + } + return ( $bitfield & $bit ) ? true : false; +} ?> diff --git a/docs/tests/form_editor.php b/docs/tests/form_editor.php index 55b53a0..3d9c0da 100644 --- a/docs/tests/form_editor.php +++ b/docs/tests/form_editor.php @@ -94,7 +94,7 @@ function init() { - + diff --git a/docs/tests/import_test.php b/docs/tests/import_test.php index 973b528..5e9d215 100644 --- a/docs/tests/import_test.php +++ b/docs/tests/import_test.php @@ -301,7 +301,7 @@ if (!$overwrite && !empty($existing_files)){ echo ''; echo ''; echo ''; - ECHO ''; + ECHO ''; echo '
'; echo ''; require (TR_INCLUDE_PATH.'footer.inc.php'); diff --git a/docs/tests/question_import.php b/docs/tests/question_import.php index 48952fc..f1b8292 100644 --- a/docs/tests/question_import.php +++ b/docs/tests/question_import.php @@ -281,7 +281,7 @@ if (!$overwrite && !empty($existing_files)){ echo ''; echo ''; echo ''; - ECHO ''; + echo ''; echo '
'; echo ''; require (TR_INCLUDE_PATH.'footer.inc.php'); diff --git a/docs/themes/default/tests/create_edit_test.tmpl.php b/docs/themes/default/tests/create_edit_test.tmpl.php index a8d3bd8..0bee40a 100644 --- a/docs/themes/default/tests/create_edit_test.tmpl.php +++ b/docs/themes/default/tests/create_edit_test.tmpl.php @@ -19,7 +19,7 @@
*
- +
diff --git a/docs/translation/index.php b/docs/translation/index.php index c795b18..f108621 100644 --- a/docs/translation/index.php +++ b/docs/translation/index.php @@ -187,13 +187,13 @@ function trans_form() { ?>
- - - - + + + + - + -- 2.17.1