From 95eaef592cee08dbba4f5bab5f44878fb53ce102 Mon Sep 17 00:00:00 2001 From: Isaac Flores Date: Thu, 30 Apr 2009 19:18:18 +0200 Subject: [PATCH] [svn r20230] logic changes - added filter html and Security::remove_XSS in learning path - (partial FS#4130) --- main/inc/lib/fileUpload.lib.php | 4 ++-- main/newscorm/learnpath.class.php | 30 ++++++++++++++++-------------- main/newscorm/lp_controller.php | 15 ++++++++------- main/newscorm/lp_edit.php | 5 ++--- 4 files changed, 28 insertions(+), 26 deletions(-) diff --git a/main/inc/lib/fileUpload.lib.php b/main/inc/lib/fileUpload.lib.php index a3d8493a58..11924e77c5 100644 --- a/main/inc/lib/fileUpload.lib.php +++ b/main/inc/lib/fileUpload.lib.php @@ -1172,11 +1172,11 @@ function add_document($_course,$path,$filetype,$filesize,$title,$comment=NULL, $ $sql="INSERT INTO $table_document (`path`,`filetype`,`size`,`title`, `comment`, readonly) VALUES ('$path','$filetype','$filesize','". - Database::escape_string($title)."', '$comment',$readonly)"; + Database::escape_string(htmlspecialchars($title),ENT_QUOTES)."', '$comment',$readonly)"; if(api_sql_query($sql,__FILE__,__LINE__)) { //display_message("Added to database (id ".mysql_insert_id().")!"); - return mysql_insert_id(); + return Database::insert_id(); } else { diff --git a/main/newscorm/learnpath.class.php b/main/newscorm/learnpath.class.php index a72ed57e45..58f1a3063f 100644 --- a/main/newscorm/learnpath.class.php +++ b/main/newscorm/learnpath.class.php @@ -371,9 +371,9 @@ class learnpath { $max_time_allowed = $this->escape_string(htmlentities($max_time_allowed)); if (empty($max_time_allowed)) { $max_time_allowed = 0; } + $title=htmlspecialchars($title,ENT_QUOTES); $title = $this->escape_string(mb_convert_encoding($title,$this->encoding,$charset)); $description = $this->escape_string(mb_convert_encoding($description,$this->encoding,$charset)); - $sql_count = " SELECT COUNT(id) AS num FROM " . $tbl_lp_item . " @@ -997,7 +997,7 @@ class learnpath { $sql_update = " UPDATE " . $tbl_lp_item . " SET - title = '" . $this->escape_string(htmlentities($title)) . "', + title = '" . $this->escape_string(htmlspecialchars($title,ENT_QUOTES)) . "', prerequisite = '".$prerequisites."', description = '" . $this->escape_string(htmlentities($description)) . "' ". $audio_update_sql . ", @@ -1113,7 +1113,7 @@ class learnpath { $sql_update = " UPDATE " . $tbl_lp_item . " SET - title = '" . $this->escape_string(htmlentities($title)) . "', + title = '" . $this->escape_string(htmlspecialchars($title,ENT_QUOTES)) . "', description = '" . $this->escape_string(htmlentities($description)) . "', parent_item_id = " . $parent . ", previous_item_id = " . $previous . ", @@ -4783,7 +4783,7 @@ class learnpath { $ct .= ", comment='" . $new_comment . "'"; if($new_title) - $ct .= ", title='" . $new_title . ".html '"; + $ct .= ", title='" . Database::escape_string(htmlspecialchars($new_title,ENT_QUOTES)) . ".html '"; $sql_update = " UPDATE " . $tbl_doc . " @@ -6270,6 +6270,7 @@ class learnpath { if($action != 'move') { $form->addElement('text','title', get_lang('Title'),'id="idTitle" class="learnpath_chapter_form" size="40%"'); + $form->applyFilter('title', 'html_filter'); //$form->addElement('textarea','description',get_lang("Description").' :', 'id="idDescription"'); } else @@ -6525,6 +6526,7 @@ class learnpath { if($action != 'move') { $form->addElement('text','title', get_lang('Title'),'id="idTitle" class="learnpath_item_form" size=44%'); + $form->applyFilter('title', 'html_filter'); } //$arrHide = array($id); @@ -7359,14 +7361,14 @@ class learnpath { //commented ":" for message in step //$return .= $lang.': '; - $return .= 'Edit the current item '.get_lang("Edit").''; - $return .= 'Move the current item '.get_lang("Move").''; + $return .= 'Edit the current item '.get_lang("Edit").''; + $return .= 'Move the current item '.get_lang("Move").''; // commented for now as prerequisites cannot be added to chapters if($item_type != 'dokeos_chapter' && $item_type != 'chapter') { - $return .= ''.get_lang('Prerequisites').' '.get_lang('Prerequisites').''; + $return .= ''.get_lang('Prerequisites').' '.get_lang('Prerequisites').''; } - $return .= 'Delete the current item '.get_lang("Delete").''; + $return .= 'Delete the current item '.get_lang("Delete").''; //$return .= '

' . ((trim($s_description) == '') ? ''.get_lang("NoDescription").'' : stripslashes(nl2br($s_description))) . '

'; @@ -7880,7 +7882,7 @@ class learnpath { $return .= '
'; //display quizhotpotatoes $return .= ''; - $return .= '' . $row_hot['title'] . ''; + $return .= '' . $row_hot['title'] . ''; //$return .= $row_quiz['title']; $return .= '
'; } @@ -7888,7 +7890,7 @@ class learnpath { while($row_quiz = Database::fetch_array($res_quiz)) { $return .= '
'; $return .= ''; - $return .= '' . $row_quiz['title'] . ''; + $return .= '' . $row_quiz['title'] . ''; //$return .= $row_quiz['title']; $return .= '
'; } @@ -7931,7 +7933,7 @@ class learnpath { $return .= '
'; $return .= ''; - $return .= '' . $row_link['title'] . ''; + $return .= '' . $row_link['title'] . ''; $return .= '
'; } @@ -7967,7 +7969,7 @@ class learnpath { $return .= '
'; $return .= '
'; $return .= ''; - $return .= '' . get_lang('AddAssignmentPage') . ''; + $return .= '' . get_lang('AddAssignmentPage') . ''; $return .= '
'; $return .= '
'; @@ -8012,12 +8014,12 @@ class learnpath { '; $return .= ''; $return .= ' - ' . $forum['forum_title'] . '