chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r20230] logic changes - added filter html and Security::remove_XSS in learning path - (partial FS#4130)

Browse Source
skala
Isaac Flores 17 years ago
parent 764ea75295
commit 95eaef592c
4 changed files with 28 additions and 26 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/inc/lib/fileUpload.lib.php
  2. 30
      main/newscorm/learnpath.class.php
  3. 15
      main/newscorm/lp_controller.php
  4. 5
      main/newscorm/lp_edit.php

4
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -1172,11 +1172,11 @@ function add_document($_course,$path,$filetype,$filesize,$title,$comment=NULL, $
$sql="INSERT INTO $table_document
(`path`,`filetype`,`size`,`title`, `comment`, readonly)
VALUES ('$path','$filetype','$filesize','".
Database::escape_string($title)."', '$comment',$readonly)";
Database::escape_string(htmlspecialchars($title),ENT_QUOTES)."', '$comment',$readonly)";
if(api_sql_query($sql,__FILE__,__LINE__))
{
//display_message("Added to database (id ".mysql_insert_id().")!");
return mysql_insert_id();
return Database::insert_id();
}
else
{

30
main/newscorm/learnpath.class.php
Unescape View File

@ -371,9 +371,9 @@ class learnpath {
$max_time_allowed = $this->escape_string(htmlentities($max_time_allowed));
if (empty($max_time_allowed)) { $max_time_allowed = 0; }
$title=htmlspecialchars($title,ENT_QUOTES);
$title = $this->escape_string(mb_convert_encoding($title,$this->encoding,$charset));
$description = $this->escape_string(mb_convert_encoding($description,$this->encoding,$charset));
$sql_count = "
SELECT COUNT(id) AS num
FROM " . $tbl_lp_item . "
@ -997,7 +997,7 @@ class learnpath {
$sql_update = "
UPDATE " . $tbl_lp_item . "
SET
title = '" . $this->escape_string(htmlentities($title)) . "',
title = '" . $this->escape_string(htmlspecialchars($title,ENT_QUOTES)) . "',
prerequisite = '".$prerequisites."',
description = '" . $this->escape_string(htmlentities($description)) . "'
". $audio_update_sql . ",
@ -1113,7 +1113,7 @@ class learnpath {
$sql_update = "
UPDATE " . $tbl_lp_item . "
SET
title = '" . $this->escape_string(htmlentities($title)) . "',
title = '" . $this->escape_string(htmlspecialchars($title,ENT_QUOTES)) . "',
description = '" . $this->escape_string(htmlentities($description)) . "',
parent_item_id = " . $parent . ",
previous_item_id = " . $previous . ",
@ -4783,7 +4783,7 @@ class learnpath {
$ct .= ", comment='" . $new_comment . "'";
if($new_title)
$ct .= ", title='" . $new_title . ".html '";
$ct .= ", title='" . Database::escape_string(htmlspecialchars($new_title,ENT_QUOTES)) . ".html '";
$sql_update = "
UPDATE " . $tbl_doc . "
@ -6270,6 +6270,7 @@ class learnpath {
if($action != 'move')
{
$form->addElement('text','title', get_lang('Title'),'id="idTitle" class="learnpath_chapter_form" size="40%"');
$form->applyFilter('title', 'html_filter');
//$form->addElement('textarea','description',get_lang("Description").' :', 'id="idDescription"');
}
else
@ -6525,6 +6526,7 @@ class learnpath {
if($action != 'move')
{
$form->addElement('text','title', get_lang('Title'),'id="idTitle" class="learnpath_item_form" size=44%');
$form->applyFilter('title', 'html_filter');
}
//$arrHide = array($id);
@ -7359,14 +7361,14 @@ class learnpath {
//commented ":" for message in step
//$return .= $lang.': ';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=edit_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '&path_item='.$row['path'].'" title="'.get_lang('Edit').'"><img align="absbottom" alt="Edit the current item" src="../img/edit.gif" title="'.get_lang("Edit").'" /> '.get_lang("Edit").'</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=move_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" title="Move the current item"><img align="absbottom" alt="Move the current item" src="../img/deplacer_fichier.gif" title="'.get_lang("Move").'" /> '.get_lang("Move").'</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=edit_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '&path_item='.$row['path'].'" title="'.get_lang('Edit').'"><img align="absbottom" alt="Edit the current item" src="../img/edit.gif" title="'.get_lang("Edit").'" /> '.get_lang("Edit").'</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=move_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" title="Move the current item"><img align="absbottom" alt="Move the current item" src="../img/deplacer_fichier.gif" title="'.get_lang("Move").'" /> '.get_lang("Move").'</a>';
// commented for now as prerequisites cannot be added to chapters
if($item_type != 'dokeos_chapter' && $item_type != 'chapter')
{
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=edit_item_prereq&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" title="'.get_lang('Prerequisites').'"><img align="absbottom" alt="'.get_lang('Prerequisites').'" src="../img/right.gif" title="'.get_lang('Prerequisites').'" /> '.get_lang('Prerequisites').'</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=edit_item_prereq&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" title="'.get_lang('Prerequisites').'"><img align="absbottom" alt="'.get_lang('Prerequisites').'" src="../img/right.gif" title="'.get_lang('Prerequisites').'" /> '.get_lang('Prerequisites').'</a>';
}
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=delete_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" onclick="return confirmation(\'' .addslashes($s_title). '\');" title="Delete the current item"><img alt="Delete the current item" align="absbottom" src="../img/delete.gif" title="'.get_lang("Delete").'" /> '.get_lang("Delete").'</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=delete_item&amp;view=build&amp;id=' . $item_id . '&amp;lp_id=' . $this->lp_id . '" onclick="return confirmation(\'' .addslashes($s_title). '\');" title="Delete the current item"><img alt="Delete the current item" align="absbottom" src="../img/delete.gif" title="'.get_lang("Delete").'" /> '.get_lang("Delete").'</a>';
//$return .= '<br><br><p class="lp_text">' . ((trim($s_description) == '') ? ''.get_lang("NoDescription").'' : stripslashes(nl2br($s_description))) . '</p>';
@ -7880,7 +7882,7 @@ class learnpath {
$return .= '<div class="lp_resource_element">';
//display quizhotpotatoes
$return .= '<img alt="" src="../img/jqz.gif" style="margin-right:5px;" title="" />';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_HOTPOTATOES . '&amp;file=' . $row_hot['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_hot['title'] . '</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_HOTPOTATOES . '&amp;file=' . $row_hot['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_hot['title'] . '</a>';
//$return .= $row_quiz['title'];
$return .= '</div>';
}
@ -7888,7 +7890,7 @@ class learnpath {
while($row_quiz = Database::fetch_array($res_quiz)) {
$return .= '<div class="lp_resource_element">';
$return .= '<img alt="" src="../img/quizz_small.gif" style="margin-right:5px;" title="" />';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_QUIZ . '&amp;file=' . $row_quiz['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_quiz['title'] . '</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_QUIZ . '&amp;file=' . $row_quiz['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_quiz['title'] . '</a>';
//$return .= $row_quiz['title'];
$return .= '</div>';
}
@ -7931,7 +7933,7 @@ class learnpath {
$return .= '<div class="lp_resource_element">';
$return .= '<img alt="" src="../img/file_html_small.gif" style="margin-right:5px;" title="" />';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_LINK . '&amp;file=' . $row_link['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_link['title'] . '</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_LINK . '&amp;file=' . $row_link['id'] . '&amp;lp_id=' . $this->lp_id . '">' . $row_link['title'] . '</a>';
$return .= '</div>';
}
@ -7967,7 +7969,7 @@ class learnpath {
$return .= '<div class="lp_resource_elements" id="resStudent">';
$return .= '<div class="lp_resource_element">';
$return .= '<img align="left" alt="" src="../img/works_small.gif" style="margin-right:5px;" title="" />';
$return .= '<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_STUDENTPUBLICATION . '&amp;lp_id=' . $this->lp_id . '">' . get_lang('AddAssignmentPage') . '</a>';
$return .= '<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_STUDENTPUBLICATION . '&amp;lp_id=' . $this->lp_id . '">' . get_lang('AddAssignmentPage') . '</a>';
$return .= '</div>';
$return .= '</div>';
@ -8012,12 +8014,12 @@ class learnpath {
';
$return .= '<img alt="" src="../img/lp_forum.gif" style="margin-right:5px;" title="" />';
$return .= '<a style="cursor:hand" onclick="toggle_forum('.$forum['forum_id'].')" style="vertical-align:middle"><img src="'.api_get_path(WEB_IMG_PATH).'add.gif" id="forum_'.$forum['forum_id'].'_opener" align="absbottom" /></a>
<a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_FORUM . '&amp;forum_id=' . $forum['forum_id'] . '&amp;lp_id=' . $this->lp_id . '" style="vertical-align:middle">' . $forum['forum_title'] . '</a><ul style="display:none" id="forum_'.$forum['forum_id'].'_content">';
<a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_FORUM . '&amp;forum_id=' . $forum['forum_id'] . '&amp;lp_id=' . $this->lp_id . '" style="vertical-align:middle">' . $forum['forum_title'] . '</a><ul style="display:none" id="forum_'.$forum['forum_id'].'_content">';
$a_threads = get_threads($forum['forum_id']);
if(is_array($a_threads)){
foreach($a_threads as $thread)
{
$return .= '<li><a href="' .api_get_self(). '?cidReq=' . $_GET['cidReq'] . '&amp;action=add_item&amp;type=' . TOOL_THREAD . '&amp;thread_id=' . $thread['thread_id'] . '&amp;lp_id=' . $this->lp_id . '">' . $thread['thread_title'] . '</a></li>';
$return .= '<li><a href="' .api_get_self(). '?cidReq=' . Security::remove_XSS($_GET['cidReq']) . '&amp;action=add_item&amp;type=' . TOOL_THREAD . '&amp;thread_id=' . $thread['thread_id'] . '&amp;lp_id=' . $this->lp_id . '">' . $thread['thread_title'] . '</a></li>';
}
}
$return .= '</ul></div>';

15
main/newscorm/lp_controller.php
Unescape View File

@ -214,10 +214,10 @@ switch($action)
$document_id = $_SESSION['oLP']->create_document($_course);
}
$new_item_id = $_SESSION['oLP']->add_item($_POST['parent'], $_POST['previous'], $_POST['type'], $document_id, $_POST['title'], $_POST['description'], $_POST['prerequisites']);
$new_item_id = $_SESSION['oLP']->add_item($_POST['parent'], $_POST['previous'], $_POST['type'], $document_id, Security::remove_XSS($_POST['title']), $_POST['description'], $_POST['prerequisites']);
} else {
//for all other item types than documents, load the item using the item type and path rather than its ID
$new_item_id = $_SESSION['oLP']->add_item($_POST['parent'], $_POST['previous'], $_POST['type'], $_POST['path'], $_POST['title'], $_POST['description'], $_POST['prerequisites'],$_POST['maxTimeAllowed']);
$new_item_id = $_SESSION['oLP']->add_item($_POST['parent'], $_POST['previous'], $_POST['type'], $_POST['path'], Security::remove_XSS($_POST['title']), $_POST['description'], $_POST['prerequisites'],$_POST['maxTimeAllowed']);
}
//display
@ -254,7 +254,7 @@ switch($action)
//Kevin Van Den Haute: changed $_REQUEST['learnpath_description'] by '' because it's not used
//old->$new_lp_id = learnpath::add_lp(api_get_course_id(), $_REQUEST['learnpath_name'], $_REQUEST['learnpath_description'], 'dokeos', 'manual', '');
$new_lp_id = learnpath::add_lp(api_get_course_id(), $_REQUEST['learnpath_name'], '', 'dokeos', 'manual', '');
$new_lp_id = learnpath::add_lp(api_get_course_id(), Security::remove_XSS($_REQUEST['learnpath_name']), '', 'dokeos', 'manual', '');
//learnpath::toggle_visibility($new_lp_id,'v');
//Kevin Van Den Haute: only go further if learnpath::add_lp has returned an id
if(is_numeric($new_lp_id))
@ -359,7 +359,7 @@ switch($action)
//todo mp3 edit
$audio = array();
if (isset($_FILES['mp3'])) $audio = $_FILES['mp3'];
$_SESSION['oLP']->edit_item($_GET['id'], $_POST['parent'], $_POST['previous'], $_POST['title'], $_POST['description'], $_POST['prerequisites'],$audio, $_POST['maxTimeAllowed']);
$_SESSION['oLP']->edit_item($_GET['id'], $_POST['parent'], $_POST['previous'], Security::remove_XSS($_POST['title']), $_POST['description'], $_POST['prerequisites'],$audio, $_POST['maxTimeAllowed']);
if(isset($_POST['content_lp'])) {
$_SESSION['oLP']->edit_document($_course);
@ -417,7 +417,7 @@ switch($action)
if(isset($_POST['submit_button']))
{
$_SESSION['oLP']->edit_item($_GET['id'], $_POST['parent'], $_POST['previous'], $_POST['title'], $_POST['description']);
$_SESSION['oLP']->edit_item($_GET['id'], $_POST['parent'], $_POST['previous'], Security::remove_XSS($_POST['title']), $_POST['description']);
$is_success = true;
}
@ -561,8 +561,9 @@ switch($action)
if(!$lp_found){ error_log('New LP - No learnpath given for edit',0); require('lp_list.php'); }
else{
$_SESSION['refresh'] = 1;
$_SESSION['oLP']->set_name($_REQUEST['lp_name']);
$author= $_REQUEST['lp_author'];
$lp_name=Security::remove_XSS($_REQUEST['lp_name']);
$_SESSION['oLP']->set_name($lp_name);
$author=$_REQUEST['lp_author'];
//fixing the author name (no body or html tags)
$auth_init = stripos($author,'<p>');
if ( $auth_init === false ) {

5
main/newscorm/lp_edit.php
Unescape View File

@ -40,7 +40,7 @@ $form = new FormValidator('form1', 'post', 'lp_controller.php');
//Title
$form -> addElement('text', 'lp_name', ucfirst(get_lang('_title')),array('size'=>43));
$form-> applyFilter('lp_name', 'html_filter');
//Encoding
$encoding_select = &$form->addElement('select', 'lp_encoding', get_lang('Charset'));
$encodings = array('UTF-8','ISO-8859-1','ISO-8859-15','cp1251','cp1252','KOI8-R','BIG5','GB2312','Shift_JIS','EUC-JP');
@ -96,7 +96,7 @@ if (api_get_setting('allow_course_theme') == 'true')
//$form->add_html_editor('lp_author', get_lang('Author'));
$form->addElement('html_editor','lp_author',get_lang('Author'),array('size'=>80) );
$form->applyFilter('lp_author', 'html_filter');
// LP image
$form->add_progress_bar();
if( strlen($_SESSION['oLP']->get_preview_image() ) > 0)
@ -132,7 +132,6 @@ if (api_get_setting('search_enabled') === 'true')
$specific_fields = get_specific_field_list();
foreach ($specific_fields as $specific_field) {
$form -> addElement ('text', $specific_field['code'], $specific_field['name']);
$filter = array('course_code'=> "'". api_get_course_id() ."'", 'field_id' => $specific_field['id'], 'ref_id' => $_SESSION['oLP']->lp_id, 'tool_id' => '\''. TOOL_LEARNPATH .'\'');
$values = get_specific_field_values_list($filter, array('value'));
if ( !empty($values) ) {

Write Preview
Loading…
Cancel
Save