Feature #2099 - Shallow corrections for the file main/link/linkfunctions.php. This file needs to be reworked.

15 years ago · 5bbe551d83
parent 0d5dd2caae
commit 5bbe551d83
3 changed files with 49 additions and 18 deletions
--- a/main/lang/bulgarian/link.inc.php
+++ b/main/lang/bulgarian/link.inc.php
@ -20,7 +20,7 @@ $langCategoryDel = "Изтриване на категория";
 $langCategoryDeleted = "Категорията, заедно с всички нейни връзки е изтрита.";
 $langCategoryDelconfirm = "Когато изтривате категория, всички връзки в нея също ще бъдат изтрити. Наистина ли искате да изтриете категорията, както и нейните връзки?";
 $langAllCategoryDel = "Изтриване на всичките категории и връзки";
-$langGiveURL = "Моля, дайте адрес на връзката.";
+$langGiveURL = "Моля, дайте валиден адрес на връзката.";
 $langGiveCategoryName = "Моля, дайте наименование на категорията.";
 $langNoCategory = "Некатегоризирани връзки";
 $showall = "Показване на категоризираните връзки";
--- a/main/lang/english/link.inc.php
+++ b/main/lang/english/link.inc.php
@ -20,7 +20,7 @@ $langCategoryDel = "Delete category";
 $langCategoryDeleted = "The category and all its links have been deleted.";
 $langCategoryDelconfirm = "When deleting a category, all links of this category are also deleted.\nDo you really want to delete this category and its links ?";
 $langAllCategoryDel = "Delete all categories and all links";
-$langGiveURL = "Please give the link URL";
+$langGiveURL = "Please give the link URL, it should be valid.";
 $langGiveCategoryName = "Please give the category name";
 $langNoCategory = "General";
 $showall = "Open all categories";
--- a/main/link/linkfunctions.php
+++ b/main/link/linkfunctions.php
@ -52,23 +52,25 @@ function addlinkcategory($type) {
        $title = trim($title);
        $description = trim($description);

-        // If title is empty, an error occurs.
-        if (!filter_var($urllink, FILTER_VALIDATE_URL)) {
-            $msgErr = get_lang('GiveURL');
-            Display::display_error_message(get_lang('GiveURL'));
-            $ok = false;
+        // We ensure URL to be absolute.
+        if (strpos($urllink, '://') === false) {
+            $urllink = 'http://'.$urllink;
        }
-        // If the title is empty, we use the url as the title.
-        else {
-            if (empty($title)) {
-                $title = $urllink;
-            }

-            // We check weither the $url starts with http://, if not we add this.
-            if (strpos($urllink, '://') === false) {
-                $urllink = 'http://'.$urllink;
-            }
+        // If the title is empty, we use the URL as title.
+        if ($title == '') {
+            $title = $urllink;
+        }

+        // If the URL is invalid, an error occurs.
+        // Ivan, 13-OCT-2010, Chamilo 1.8.8: Let us still tolerate PHP 5.1.x and avoid a specific bug in filter_var(), see http://bugs.php.net/51192
+        //if (!filter_var($urllink, FILTER_VALIDATE_URL)) {
+        if (!api_valid_url($urllink, true)) { // A check against an absolute URL.
+        //
+            $msgErr = get_lang('GiveURL');
+            Display::display_error_message(get_lang('GiveURL'));
+            $ok = false;
+        } else {
            // Looking for the largest order number for this category.
            $result = Database::query("SELECT MAX(display_order) FROM  ".$tbl_link." WHERE category_id='".Database::escape_string($_POST['selectcategory'])."'");
            list($orderMax) = Database::fetch_row($result);
@ -315,9 +317,36 @@ function editlinkcategory($type) {
                $target_link = $myrow['target'];
            }
        }
+
        // This is used to put the modified info of the link-form into the database.
        if ($_POST['submitLink']) {

+            // Ivan, 13-OCT-2010: It is a litle bit messy code below, just in case I added some extra-security checks here.
+            $_POST['urllink'] = trim(Security::remove_XSS($_POST['urllink']));
+            $_POST['title'] = trim(Security::remove_XSS($_POST['title']));
+            $_POST['description'] = trim(Security::remove_XSS($_POST['description']));
+            $_POST['selectcategory'] = intval($_POST['selectcategory']);
+            $_POST['id'] = intval($_POST['id']);
+
+            // We ensure URL to be absolute.
+            if (strpos($_POST['urllink'], '://') === false) {
+                $_POST['urllink'] = 'http://'.$_POST['urllink'];
+            }
+
+            // If the title is empty, we use the URL as title.
+            if ($_POST['title'] == '') {
+                $_POST['title'] = $_POST['urllink'];
+            }
+
+            // If the URL is invalid, an error occurs.
+            // Ivan, 13-OCT-2010, Chamilo 1.8.8: Let us still tolerate PHP 5.1.x and avoid a specific bug in filter_var(), see http://bugs.php.net/51192
+            //if (!filter_var($urllink, FILTER_VALIDATE_URL)) {
+            if (!api_valid_url($urllink, true)) { // A check against an absolute URL.
+                $msgErr = get_lang('GiveURL');
+                Display::display_error_message(get_lang('GiveURL'));
+                return false;
+            }
+
            $onhomepage = Security::remove_XSS($_POST['onhomepage']);
            $target = Security::remove_XSS($_POST['target_link']);
            if (empty($mytarget)) { $mytarget = '_self'; }
@ -449,8 +478,8 @@ function editlinkcategory($type) {
            $sql = "SELECT * FROM ".$tbl_categories." WHERE id='".intval($_GET['id'])."'";
            $result = Database::query($sql);
            if ($myrow = Database::fetch_array($result)) {
-                $category_title = $myrow["category_title"];
-                $description = $myrow["description"];
+                $category_title = $myrow['category_title'];
+                $description = $myrow['description'];
            }
        }

@ -462,6 +491,8 @@ function editlinkcategory($type) {
        }

    }
+
+    return true; // On errors before this statement, exit from this function by returning false value.
 }

 /**