Add Security::remove_Xss

index.php

@@ -191,10 +191,16 @@ if (api_is_anonymous()) {
 }
 // direct login to course
 if (isset($_GET['firstpage'])) {
-    api_set_firstpage_parameter($_GET['firstpage']);
-    // if we are already logged, go directly to course
-    if (api_user_is_login()) {
-        echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";
+    $firstPage = $_GET['firstpage'];
+    $courseInfo = api_get_course_info($firstPage);
+
+    if (!empty($courseInfo)) {
+        api_set_firstpage_parameter($firstPage);
+
+        // if we are already logged, go directly to course
+        if (api_user_is_login()) {
+            echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($firstPage)."'</script>";
+        }
     }
 } else {
     api_delete_firstpage_parameter();

main/auth/profile.php

@@ -739,7 +739,7 @@ if ($allowSocialTool) {
             $actions .= '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php">'.
                 Display::return_icon('inbox.png', get_lang('Messages')).'</a>';
         }
-        $show = isset($_GET['show']) ? '&amp;show='.Security::remove_XSS($_GET['show']) : '';
+        $show = isset($_GET['show']) ? '&show='.(int) $_GET['show'] : '';
 
         if (isset($_GET['type']) && $_GET['type'] === 'extended') {
             $actions .= '<a href="profile.php?type=reduced'.$show.'">'.

main/session/add_users_to_session.php

@@ -15,7 +15,7 @@ $xajax->registerFunction('search_users');
 $this_section = SECTION_PLATFORM_ADMIN;
 
 $id_session = isset($_GET['id_session']) ? (int) $_GET['id_session'] : 0;
-$addProcess = isset($_GET['add']) ? Security::remove_XSS($_GET['add']) : null;
+$addProcess = isset($_GET['add']) && 'true' === $_GET['add'] ? 'true' : null;
 
 SessionManager::protectSession($id_session);