chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r14070] Security fixes to avoid XSS attacks. This should fix issues defined in FS#2152

Browse Source
skala
Yannick Warnier 18 years ago
parent 2b7a40ee75
commit fa2ebcf2c1
12 changed files with 108 additions and 103 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      main/forum/editpost.php
  2. 61
      main/forum/forumfunction.inc.php
  3. 6
      main/forum/newthread.php
  4. 8
      main/forum/reply.php
  5. 12
      main/forum/viewforum.php
  6. 10
      main/forum/viewforumcategory.php
  7. 16
      main/forum/viewthread.php
  8. 12
      main/forum/viewthread_flat.inc.php
  9. 12
      main/forum/viewthread_nested.inc.php
  10. 16
      main/forum/viewthread_threaded.inc.php
  11. 18
      main/work/work.lib.php
  12. 34
      main/work/work.php

6
main/forum/editpost.php
Unescape View File

@ -117,9 +117,9 @@ $current_post=get_post_information($_GET['post']);
*/ */
$interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title'])); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$_GET['forum'],"name" => prepare4display($current_forum['forum_title'])); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => prepare4display($current_forum['forum_title']));
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".$_GET['forum']."&thread=".$_GET['thread'],"name" => prepare4display($current_thread['thread_title'])); $interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&thread=".$_GET['thread'],"name" => prepare4display($current_thread['thread_title']));
$interbreadcrumb[]=array("url" => "reply.php?forum=".$_GET['forum']."&thread=".$_GET['thread'],"name" => get_lang('EditPost')); $interbreadcrumb[]=array("url" => "reply.php?forum=".Security::remove_XSS($_GET['forum'])."&thread=".Security::remove_XSS($_GET['thread']),"name" => get_lang('EditPost'));
/* /*
----------------------------------------------------------- -----------------------------------------------------------

61
main/forum/forumfunction.inc.php
Unescape View File

@ -95,14 +95,14 @@ function handle_forum_and_forumcategories()
{ {
if ($_GET['action']=='edit' and isset($_GET['id']) OR $_POST['SubmitForum'] ) if ($_GET['action']=='edit' and isset($_GET['id']) OR $_POST['SubmitForum'] )
{ {
$inputvalues=get_forums($_GET['id']); // note: this has to be cleaned first $inputvalues=get_forums(strval(intval($_GET['id']))); // note: this has to be cleaned first
} }
show_add_forum_form($inputvalues); show_add_forum_form($inputvalues);
} }
// Edit a forum category // Edit a forum category
if (($_GET['action']=='edit' AND $_GET['content']=='forumcategory' AND isset($_GET['id'])) OR $_POST['SubmitEditForumCategory'] ) if (($_GET['action']=='edit' AND $_GET['content']=='forumcategory' AND isset($_GET['id'])) OR $_POST['SubmitEditForumCategory'] )
{ {
$forum_category=get_forum_categories($_GET['id']); // note: this has to be cleaned first $forum_category=get_forum_categories(strval(intval($_GET['id']))); // note: this has to be cleaned first
show_edit_forumcategory_form($forum_category); show_edit_forumcategory_form($forum_category);
} }
// Delete a forum category // Delete a forum category
@ -552,7 +552,7 @@ function delete_post($post_id)
$sql="DELETE FROM $table_posts WHERE post_id='".mysql_real_escape_string($post_id)."'"; // note: this has to be a recursive function that deletes all of the posts in this block. $sql="DELETE FROM $table_posts WHERE post_id='".mysql_real_escape_string($post_id)."'"; // note: this has to be a recursive function that deletes all of the posts in this block.
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
$last_post_of_thread=check_if_last_post_of_thread($_GET['thread']); // note: clean the $_GET['thread'] $last_post_of_thread=check_if_last_post_of_thread(strval(intval($_GET['thread'])));
if (is_array($last_post_of_thread)) if (is_array($last_post_of_thread))
{ {
@ -561,14 +561,14 @@ function delete_post($post_id)
thread_poster_id='".mysql_real_escape_string($last_post_of_thread['poster_id'])."', thread_poster_id='".mysql_real_escape_string($last_post_of_thread['poster_id'])."',
thread_last_post='".mysql_real_escape_string($last_post_of_thread['post_id'])."', thread_last_post='".mysql_real_escape_string($last_post_of_thread['post_id'])."',
thread_date='".mysql_real_escape_string($last_post_of_thread['post_date'])."' thread_date='".mysql_real_escape_string($last_post_of_thread['post_date'])."'
WHERE thread_id='".mysql_real_escape_string($_GET['thread'])."'"; // note: clean the $_GET['thread'] WHERE thread_id='".mysql_real_escape_string($_GET['thread'])."'";
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
return 'PostDeleted'; return 'PostDeleted';
} }
if ($last_post_of_thread==false) if ($last_post_of_thread==false)
{ {
// we deleted the very single post of the thread so we need to delete the entry in the thread table also. // we deleted the very single post of the thread so we need to delete the entry in the thread table also.
$sql="DELETE FROM $table_threads WHERE thread_id='".mysql_real_escape_string($_GET['thread'])."'"; // note: clean the $_GET['thread'] $sql="DELETE FROM $table_threads WHERE thread_id='".mysql_real_escape_string($_GET['thread'])."'";
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
return 'PostDeletedSpecial'; return 'PostDeletedSpecial';
} }
@ -617,6 +617,7 @@ function check_if_last_post_of_thread($thread_id)
*/ */
function display_visible_invisible_icon($content, $id, $current_visibility_status, $additional_url_parameters='') function display_visible_invisible_icon($content, $id, $current_visibility_status, $additional_url_parameters='')
{ {
$id = Security::remove_XSS($id);
if ($current_visibility_status=='1') if ($current_visibility_status=='1')
{ {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&'; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
@ -656,6 +657,7 @@ function display_visible_invisible_icon($content, $id, $current_visibility_statu
*/ */
function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters='') function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters='')
{ {
$id = Security::remove_XSS($id);
if ($current_lock_status=='1') if ($current_lock_status=='1')
{ {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&'; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&';
@ -697,6 +699,7 @@ function display_lock_unlock_icon($content, $id, $current_lock_status, $addition
*/ */
function display_up_down_icon($content, $id, $list) function display_up_down_icon($content, $id, $list)
{ {
$id = strval(intval($id));
$total_items=count($list); $total_items=count($list);
$position = 0; $position = 0;
$internal_counter=0; $internal_counter=0;
@ -1637,12 +1640,12 @@ function show_add_post_form($action='', $id='', $form_values='')
global $origin; global $origin;
// initiate the object // initiate the object
$form = new FormValidator('thread', 'post', api_get_self().'?forum='.$_GET['forum'].'&thread='.$_GET['thread'].'&post='.$_GET['post'].'&action='.$_GET['action'].'&origin='.$origin); $form = new FormValidator('thread', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin);
$form->setConstants(array('forum' => '5')); $form->setConstants(array('forum' => '5'));
// settting the form elements // settting the form elements
$form->addElement('hidden', 'forum_id', $_GET['forum']); $form->addElement('hidden', 'forum_id', strval(intval($_GET['forum'])));
$form->addElement('hidden', 'thread_id', $_GET['thread']); $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread'])));
// if anonymous posts are allowed we also display a form to allow the user to put his name or username in // if anonymous posts are allowed we also display a form to allow the user to put his name or username in
if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id'])) if ($current_forum['allow_anonymous']==1 AND !isset($_user['user_id']))
@ -1673,10 +1676,10 @@ function show_add_post_form($action='', $id='', $form_values='')
if (!empty($form_values)) if (!empty($form_values))
{ {
$defaults['post_title']=prepare4display($form_values['post_title']); $defaults['post_title']=prepare4display(Security::remove_XSS($form_values['post_title']));
$defaults['post_text']=prepare4display($form_values['post_text']); $defaults['post_text']=prepare4display(Security::remove_XSS($form_values['post_text']));
$defaults['post_notification']=$form_values['post_notification']; $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']);
$defaults['thread_sticky']=$form_values['thread_sticky']; $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']);
} }
// if we are quoting a message we have to retrieve the information of the post we are quoting so that // if we are quoting a message we have to retrieve the information of the post we are quoting so that
@ -1684,7 +1687,7 @@ function show_add_post_form($action='', $id='', $form_values='')
if (($action=='quote' OR $action=='replymessage') and isset($_GET['post'])) if (($action=='quote' OR $action=='replymessage') and isset($_GET['post']))
{ {
// we also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!) // we also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!)
$form->addElement('hidden', 'post_parent_id', $_GET['post']); // note this has to be cleaned first $form->addElement('hidden', 'post_parent_id', strval(intval($_GET['post']))); // note this has to be cleaned first
// if we are replying or are quoting then we display a default title. // if we are replying or are quoting then we display a default title.
$values=get_post_information($_GET['post']); // note: this has to be cleaned first $values=get_post_information($_GET['post']); // note: this has to be cleaned first
@ -1716,7 +1719,7 @@ function show_add_post_form($action='', $id='', $form_values='')
$form->display(); $form->display();
if ($forum_setting['show_thread_iframe_on_reply'] and $action<>'newthread') if ($forum_setting['show_thread_iframe_on_reply'] and $action<>'newthread')
{ {
echo "<iframe src=\"iframe_thread.php?forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."#".$_GET['post']."\" width=\"80%\"></iframe>"; echo "<iframe src=\"iframe_thread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."#".Security::remove_XSS($_GET['post'])."\" width=\"80%\"></iframe>";
} }
} }
} }
@ -1809,7 +1812,7 @@ function show_edit_post_form($current_post, $current_thread, $current_forum, $fo
global $_user; global $_user;
// initiate the object // initiate the object
$form = new FormValidator('edit_post', 'post', api_get_self().'?forum='.$_GET['forum'].'&thread='.$_GET['thread'].'&post='.$_GET['post']); $form = new FormValidator('edit_post', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']));
// settting the form elements // settting the form elements
$form->addElement('hidden', 'post_id', $current_post['post_id']); $form->addElement('hidden', 'post_id', $current_post['post_id']);
@ -1855,10 +1858,10 @@ function show_edit_post_form($current_post, $current_thread, $current_forum, $fo
if (!empty($form_values)) if (!empty($form_values))
{ {
$defaults['post_title']=$form_values['post_title']; $defaults['post_title']=Security::remove_XSS($form_values['post_title']);
$defaults['post_text']=$form_values['post_text']; $defaults['post_text']=Security::remove_XSS($form_values['post_text']);
$defaults['post_notification']=$form_values['post_notification']; $defaults['post_notification']=Security::remove_XSS($form_values['post_notification']);
$defaults['thread_sticky']=$form_values['thread_sticky']; $defaults['thread_sticky']=Security::remove_XSS($form_values['thread_sticky']);
} }
$form->setDefaults($defaults); $form->setDefaults($defaults);
@ -1913,8 +1916,8 @@ function store_edit_post($values)
//update_added_resources('forum_post',$values['post_id']); //update_added_resources('forum_post',$values['post_id']);
$message=get_lang('EditPostStored').'<br />'; $message=get_lang('EditPostStored').'<br />';
$message.=get_lang('ReturnTo').' <a href="viewforum.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'">'.get_lang('Forum').'</a><br />'; $message.=get_lang('ReturnTo').' <a href="viewforum.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'">'.get_lang('Forum').'</a><br />';
$message.=get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$values['thread_id'].'&amp;post='.$_GET['post'].'">'.get_lang('Message').'</a>'; $message.=get_lang('ReturnTo').' <a href="viewthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.$values['thread_id'].'&amp;post='.Security::remove_XSS($_GET['post']).'">'.get_lang('Message').'</a>';
session_unregister('formelements'); session_unregister('formelements');
session_unregister('origin'); session_unregister('origin');
@ -2383,11 +2386,11 @@ function move_thread_form()
global $origin; global $origin;
// initiate the object // initiate the object
$form = new FormValidator('movepost', 'post', api_get_self().'?forum='.$_GET['forum'].'&thread='.$_GET['thread'].'&action='.$_GET['action'].'&origin='.$origin); $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&action='.Security::remove_XSS($_GET['action']).'&origin='.$origin);
// the header for the form // the header for the form
$form->addElement('header', '', get_lang('MoveThread')); $form->addElement('header', '', get_lang('MoveThread'));
// invisible form: the thread_id // invisible form: the thread_id
$form->addElement('hidden', 'thread_id', $_GET['thread']); // note: this has to be cleaned first $form->addElement('hidden', 'thread_id', strval(intval($_GET['thread']))); // note: this has to be cleaned first
// the fora // the fora
$forum_categories=get_forum_categories(); $forum_categories=get_forum_categories();
@ -2440,15 +2443,15 @@ function move_thread_form()
function move_post_form() function move_post_form()
{ {
// initiate the object // initiate the object
$form = new FormValidator('movepost', 'post', api_get_self().'?forum='.$_GET['forum'].'&thread='.$_GET['thread'].'&post='.$_GET['post'].'&action='.$_GET['action'].'&post='.$_GET['post']); $form = new FormValidator('movepost', 'post', api_get_self().'?forum='.Security::remove_XSS($_GET['forum']).'&thread='.Security::remove_XSS($_GET['thread']).'&post='.Security::remove_XSS($_GET['post']).'&action='.Security::remove_XSS($_GET['action']).'&post='.Security::remove_XSS($_GET['post']));
// the header for the form // the header for the form
$form->addElement('header', '', get_lang('MovePost')); $form->addElement('header', '', get_lang('MovePost'));
// invisible form: the post_id // invisible form: the post_id
$form->addElement('hidden', 'post_id', $_GET['post']); // note: this has to be cleaned first $form->addElement('hidden', 'post_id', strval(intval($_GET['post']))); // note: this has to be cleaned first
// dropdown list: Threads of this forum // dropdown list: Threads of this forum
$threads=get_threads($_GET['forum']); // note: this has to be cleaned $threads=get_threads(strval(intval($_GET['forum']))); // note: this has to be cleaned
//my_print_r($threads); //my_print_r($threads);
$threads_list[0]=get_lang('ANewThread'); $threads_list[0]=get_lang('ANewThread');
foreach ($threads as $key=>$value) foreach ($threads as $key=>$value)
@ -2580,9 +2583,9 @@ function store_move_thread($values)
/** /**
* * Prepares a string or an array of strings for display by stripping slashes
* @param * @param mixed String or array of strings
* @return * @return mixed String or array of strings
* *
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version february 2006, dokeos 1.8 * @version february 2006, dokeos 1.8

6
main/forum/newthread.php
Unescape View File

@ -103,7 +103,7 @@ include('forumfunction.inc.php');
$origin = ''; $origin = '';
if(isset($_GET['origin'])) if(isset($_GET['origin']))
{ {
$origin = $_GET['origin']; $origin = Security::remove_XSS($_GET['origin']);
} }
@ -127,8 +127,8 @@ $current_forum_category=get_forumcategory_information($current_forum['forum_cate
*/ */
$interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => $current_forum_category['cat_title']); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => $current_forum_category['cat_title']);
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$_GET['forum'],"name" => $current_forum['forum_title']); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => $current_forum['forum_title']);
$interbreadcrumb[]=array("url" => "newthread.php?forum=".$_GET['forum'],"name" => get_lang('NewTopic')); $interbreadcrumb[]=array("url" => "newthread.php?forum=".Security::remove_XSS($_GET['forum']),"name" => get_lang('NewTopic'));
/* /*
----------------------------------------------------------- -----------------------------------------------------------

8
main/forum/reply.php
Unescape View File

@ -94,7 +94,7 @@ $nameTools=get_lang('Forum');
$origin = ''; $origin = '';
if(isset($_GET['origin'])) if(isset($_GET['origin']))
{ {
$origin = $_GET['origin']; $origin = Security::remove_XSS($_GET['origin']);
$origin_string = '&origin='.$origin; $origin_string = '&origin='.$origin;
} }
@ -130,9 +130,9 @@ $current_forum_category=get_forumcategory_information($current_forum['forum_cate
*/ */
$interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => $current_forum_category['cat_title']); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => $current_forum_category['cat_title']);
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$_GET['forum'],"name" => $current_forum['forum_title']); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => $current_forum['forum_title']);
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".$_GET['forum']."&amp;thread=".$_GET['thread'],"name" => $current_thread['thread_title']); $interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => $current_thread['thread_title']);
$interbreadcrumb[]=array("url" => "reply.php?forum=".$_GET['forum']."&amp;thread=".$_GET['thread'],"name" => get_lang('Reply')); $interbreadcrumb[]=array("url" => "reply.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => get_lang('Reply'));
/* /*
----------------------------------------------------------- -----------------------------------------------------------

12
main/forum/viewforum.php
Unescape View File

@ -83,7 +83,7 @@ $nameTools=get_lang('Forum');
$origin = ''; $origin = '';
if(isset($_GET['origin'])) if(isset($_GET['origin']))
{ {
$origin = $_GET['origin']; $origin = Security::remove_XSS($_GET['origin']);
$origin_string = '&origin='.$origin; $origin_string = '&origin='.$origin;
} }
@ -123,7 +123,7 @@ $current_forum_category=get_forumcategory_information($current_forum['forum_cate
*/ */
$interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title'])); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$_GET['forum'],"name" => prepare4display($current_forum['forum_title'])); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => prepare4display($current_forum['forum_title']));
if($origin=='learnpath') if($origin=='learnpath')
{ {
include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php'); include(api_get_path(INCLUDE_PATH).'reduced_header.inc.php');
@ -197,7 +197,7 @@ if (api_is_allowed_to_edit() OR ($current_forum['allow_new_threads']==1 AND isse
{ {
if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1) if ($current_forum['locked'] <> 1 AND $current_forum['locked'] <> 1)
{ {
echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.$_GET['forum'].$origin_string.'">'.Display::return_icon('forumthread_new.gif').' '.get_lang('NewTopic').'</a>'; echo '<a href="newthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).$origin_string.'">'.Display::return_icon('forumthread_new.gif').' '.get_lang('NewTopic').'</a>';
} }
else else
{ {
@ -280,7 +280,7 @@ if(is_array($threads))
echo icon('../img/exclamation.gif'); echo icon('../img/exclamation.gif');
} }
echo "</td>\n"; echo "</td>\n";
echo "\t\t<td><a href=\"viewthread.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$row['thread_id'].$origin_string."\" ".class_visible_invisible($row['visibility']).">".prepare4display($row['thread_title'])."</a></td>\n"; echo "\t\t<td><a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".$row['thread_id'].$origin_string."\" ".class_visible_invisible($row['visibility']).">".prepare4display($row['thread_title'])."</a></td>\n";
echo "\t\t<td>".$row['thread_replies']."</td>\n"; echo "\t\t<td>".$row['thread_replies']."</td>\n";
if ($row['user_id']=='0') if ($row['user_id']=='0')
{ {
@ -332,10 +332,10 @@ if(is_array($threads))
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "\t\t<td>"; echo "\t\t<td>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;action=delete&amp;content=thread&amp;id=".$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteCompleteThread"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;action=delete&amp;content=thread&amp;id=".$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteCompleteThread"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$_GET['forum'],'origin'=>$origin)); display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array("forum"=>$_GET['forum'],'origin'=>$origin));
display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$_GET['forum'],'origin'=>$origin)); display_lock_unlock_icon('thread',$row['thread_id'], $row['locked'], array("forum"=>$_GET['forum'],'origin'=>$origin));
echo "<a href=\"viewforum.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;action=move&amp;thread=".$row['thread_id'].$origin_string."\">".icon('../img/deplacer_fichier.gif',get_lang('MoveThread'))."</a>"; echo "<a href=\"viewforum.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;action=move&amp;thread=".$row['thread_id'].$origin_string."\">".icon('../img/deplacer_fichier.gif',get_lang('MoveThread'))."</a>";
echo "</td>\n"; echo "</td>\n";
} }
echo "\t</tr>\n"; echo "\t</tr>\n";

10
main/forum/viewforumcategory.php
Unescape View File

@ -176,7 +176,7 @@ $groups_of_user=GroupManager::get_group_ids($_course['dbName'], $_user['user_id'
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
//echo '<a href="'.api_get_self().'?forumcategory='.$_GET['forumcategory'].'&amp;action=add&amp;content=forumcategory">'.get_lang('AddForumCategory').'</a> | '; //echo '<a href="'.api_get_self().'?forumcategory='.$_GET['forumcategory'].'&amp;action=add&amp;content=forumcategory">'.get_lang('AddForumCategory').'</a> | ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&forumcategory='.$_GET['forumcategory'].'&amp;action=add&amp;content=forum">'.Display::return_icon('forum_new.gif').' '.get_lang('AddForum').'</a>'; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&forumcategory='.Security::remove_XSS($_GET['forumcategory']).'&amp;action=add&amp;content=forum">'.Display::return_icon('forum_new.gif').' '.get_lang('AddForum').'</a>';
} }
/* /*
@ -192,8 +192,8 @@ echo "</th>\n";
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "\t\t<th>"; echo "\t\t<th>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".$_GET['forumcategory']."&amp;action=edit&amp;content=forumcategory&amp;id=".$forum_category['cat_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=edit&amp;content=forumcategory&amp;id=".$forum_category['cat_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".$_GET['forumcategory']."&amp;action=delete&amp;content=forumcategory&amp;amp;id=".$forum_category['cat_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteForumCategory"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=delete&amp;content=forumcategory&amp;amp;id=".$forum_category['cat_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteForumCategory"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('forumcategory', $forum_category['cat_id'], $forum_category['visibility'], array("forumcategory"=>$_GET['forumcategory'])); display_visible_invisible_icon('forumcategory', $forum_category['cat_id'], $forum_category['visibility'], array("forumcategory"=>$_GET['forumcategory']));
display_lock_unlock_icon('forumcategory',$forum_category['cat_id'], $forum_category['locked'], array("forumcategory"=>$_GET['forumcategory'])); display_lock_unlock_icon('forumcategory',$forum_category['cat_id'], $forum_category['locked'], array("forumcategory"=>$_GET['forumcategory']));
display_up_down_icon('forumcategory',$forum_category['cat_id'], $forum_categories_list); display_up_down_icon('forumcategory',$forum_category['cat_id'], $forum_categories_list);
@ -332,8 +332,8 @@ foreach ($forum_list as $key=>$forum)
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "\t\t<td NOWRAP align='center'>"; echo "\t\t<td NOWRAP align='center'>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".$_GET['forumcategory']."&amp;action=edit&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=edit&amp;content=forum&amp;id=".$forum['forum_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>";
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".$_GET['forumcategory']."&amp;action=delete&amp;content=forum&amp;id=".$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteForum"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forumcategory=".Security::remove_XSS($_GET['forumcategory'])."&amp;action=delete&amp;content=forum&amp;id=".$forum['forum_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeleteForum"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>";
display_visible_invisible_icon('forum',$forum['forum_id'], $forum['visibility'], array("forumcategory"=>$_GET['forumcategory'])); display_visible_invisible_icon('forum',$forum['forum_id'], $forum['visibility'], array("forumcategory"=>$_GET['forumcategory']));
display_lock_unlock_icon('forum',$forum['forum_id'], $forum['locked'], array("forumcategory"=>$_GET['forumcategory'])); display_lock_unlock_icon('forum',$forum['forum_id'], $forum['locked'], array("forumcategory"=>$_GET['forumcategory']));
display_up_down_icon('forum',$forum['forum_id'], $forums_in_category); display_up_down_icon('forum',$forum['forum_id'], $forums_in_category);

16
main/forum/viewthread.php
Unescape View File

@ -91,7 +91,7 @@ include('forumfunction.inc.php');
$origin = ''; $origin = '';
if(isset($_GET['origin'])) if(isset($_GET['origin']))
{ {
$origin = $_GET['origin']; $origin = Security::remove_XSS($_GET['origin']);
} }
@ -127,10 +127,10 @@ if($origin=='learnpath')
$interbreadcrumb[]=array("url" => "index.php","name" => $nameTools); $interbreadcrumb[]=array("url" => "index.php","name" => $nameTools);
$interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title'])); $interbreadcrumb[]=array("url" => "viewforumcategory.php?forumcategory=".$current_forum_category['cat_id'],"name" => prepare4display($current_forum_category['cat_title']));
$interbreadcrumb[]=array("url" => "viewforum.php?forum=".$_GET['forum'],"name" => prepare4display($current_forum['forum_title'])); $interbreadcrumb[]=array("url" => "viewforum.php?forum=".Security::remove_XSS($_GET['forum']),"name" => prepare4display($current_forum['forum_title']));
if ($message<>'PostDeletedSpecial') if ($message<>'PostDeletedSpecial')
{ {
$interbreadcrumb[]=array("url" => "viewthread.php?forum=".$_GET['forum']."&amp;thread=".$_GET['thread'],"name" => prepare4display($current_thread['thread_title'])); $interbreadcrumb[]=array("url" => "viewthread.php?forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread']),"name" => prepare4display($current_thread['thread_title']));
} }
// the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string // the last element of the breadcrumb navigation is already set in interbreadcrumb, so give empty string
Display :: display_header(''); Display :: display_header('');
@ -194,9 +194,11 @@ if ($message<>'PostDeletedSpecial') // in this case the first and only post of t
----------------------------------------------------------- -----------------------------------------------------------
*/ */
echo '<div style="float:right;">'; echo '<div style="float:right;">';
echo '<a href="viewthread.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;view=flat&origin='.$origin.'">'.get_lang('FlatView').'</a> | '; $my_url = '<a href="viewthread.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']);
echo '<a href="viewthread.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;view=threaded&origin='.$origin.'">'.get_lang('ThreadedView').'</a> | '; echo $my_url.'&amp;view=flat&origin='.$origin.'">'.get_lang('FlatView').'</a> | ';
echo '<a href="viewthread.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;view=nested&origin='.$origin.'">'.get_lang('NestedView').'</a>'; echo $my_url.'&amp;view=threaded&origin='.$origin.'">'.get_lang('ThreadedView').'</a> | ';
echo $my_url.'&amp;view=nested&origin='.$origin.'">'.get_lang('NestedView').'</a>';
$my_url = null;
echo '</div>'; echo '</div>';
// the reply to thread link should only appear when the forum_category is not locked AND the forum is not locked AND the thread is not locked. // the reply to thread link should only appear when the forum_category is not locked AND the forum is not locked AND the thread is not locked.
// if one of the three levels is locked then the link should not be displayed // if one of the three levels is locked then the link should not be displayed
@ -205,7 +207,7 @@ if ($message<>'PostDeletedSpecial') // in this case the first and only post of t
// The link should only appear when the user is logged in or when anonymous posts are allowed. // The link should only appear when the user is logged in or when anonymous posts are allowed.
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{ {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;action=replythread&origin='.$origin.'">'.get_lang('ReplyToThread').'</a>'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;action=replythread&origin='.$origin.'">'.get_lang('ReplyToThread').'</a>';
} }
} }
// note: this is to prevent that some browsers display the links over the table (FF does it but Opera doesn't) // note: this is to prevent that some browsers display the links over the table (FF does it but Opera doesn't)

12
main/forum/viewthread_flat.inc.php
Unescape View File

@ -97,14 +97,14 @@ foreach ($rows as $row)
// The course admin him/herself can do this off course always // The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or api_is_allowed_to_edit()) if (($current_forum['allow_edit']==1 AND $row['user_id']==$_user['user_id']) or api_is_allowed_to_edit())
{ {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n"; echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
} }
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$row['post_id']."&origin=".$origin."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>$_GET['forum'],'thread'=>$_GET['thread'], 'origin'=>$origin )); display_visible_invisible_icon('post', $row['post_id'], $row['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']), 'origin'=>$origin ));
echo "\n"; echo "\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=move&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>"; echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;post=".$row['post_id']."&origin=".$origin."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>";
} }
echo '<br /><br />'; echo '<br /><br />';
//if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit()) //if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())
@ -112,8 +112,8 @@ foreach ($rows as $row)
{ {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{ {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.get_lang('ReplyToMessage').'</a><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=replymessage&origin='.$origin.'">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.get_lang('QuoteMessage').'</a><br /><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$row['post_id'].'&amp;action=quote&origin='.$origin.'">'.get_lang('QuoteMessage').'</a><br /><br />';
} }
} }
else else

12
main/forum/viewthread_nested.inc.php
Unescape View File

@ -95,14 +95,14 @@ foreach ($rows as $post)
// The course admin him/herself can do this off course always // The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $post['user_id']==$_user['user_id']) or api_is_allowed_to_edit()) if (($current_forum['allow_edit']==1 AND $post['user_id']==$_user['user_id']) or api_is_allowed_to_edit())
{ {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;post=".$post['post_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n"; echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
} }
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=delete&amp;content=post&amp;id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$post['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
display_visible_invisible_icon('post', $post['post_id'], $post['visible'],array('forum'=>$_GET['forum'],'thread'=>$_GET['thread'] )); display_visible_invisible_icon('post', $post['post_id'], $post['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']) ));
echo "\n"; echo "\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=move&amp;post=".$post['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>"; echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;post=".$post['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>";
} }
echo '<br /><br />'; echo '<br /><br />';
//if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit()) //if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())
@ -110,8 +110,8 @@ foreach ($rows as $post)
{ {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{ {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$post['post_id'].'&amp;action=replymessage">'.get_lang('ReplyToMessage').'</a><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=replymessage">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$post['post_id'].'&amp;action=quote">'.get_lang('QuoteMessage').'</a><br /><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$post['post_id'].'&amp;action=quote">'.get_lang('QuoteMessage').'</a><br /><br />';
} }
} }
else else

16
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -58,7 +58,7 @@ $rows=calculate_children($rows);
if ($_GET['post']) if ($_GET['post'])
{ {
$display_post_id=$_GET['post']; // note: this has to be cleaned first $display_post_id=Security::remove_XSS($_GET['post']); // note: this has to be cleaned first
} }
else else
{ {
@ -106,14 +106,14 @@ echo $rows[$display_post_id]['post_date'].'<br /><br />';
// The course admin him/herself can do this off course always // The course admin him/herself can do this off course always
if (($current_forum['allow_edit']==1 AND $rows[$display_post_id]['user_id']==$_user['user_id']) or api_is_allowed_to_edit()) if (($current_forum['allow_edit']==1 AND $rows[$display_post_id]['user_id']==$_user['user_id']) or api_is_allowed_to_edit())
{ {
echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n"; echo "<a href=\"editpost.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/edit.gif',get_lang('Edit'))."</a>\n";
} }
if (api_is_allowed_to_edit()) if (api_is_allowed_to_edit())
{ {
echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=delete&amp;content=post&amp;id=".$rows[$display_post_id]['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n"; echo "<a href=\"".api_get_self()."?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=delete&amp;content=post&amp;id=".$rows[$display_post_id]['post_id']."\" onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("DeletePost"),ENT_QUOTES,$charset))."')) return false;\">".icon('../img/delete.gif',get_lang('Delete'))."</a>\n";
display_visible_invisible_icon('post', $rows[$display_post_id]['post_id'], $rows[$display_post_id]['visible'],array('forum'=>$_GET['forum'],'thread'=>$_GET['thread'], 'post'=>$_GET['post'] )); display_visible_invisible_icon('post', $rows[$display_post_id]['post_id'], $rows[$display_post_id]['visible'],array('forum'=>Security::remove_XSS($_GET['forum']),'thread'=>Security::remove_XSS($_GET['thread']), 'post'=>Security::remove_XSS($_GET['post']) ));
echo "\n"; echo "\n";
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;action=move&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>\n"; echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=move&amp;post=".$rows[$display_post_id]['post_id']."\">".icon('../img/deplacer_fichier.gif',get_lang('Edit'))."</a>\n";
} }
echo '<br /><br />'; echo '<br /><br />';
//if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit()) //if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())
@ -121,8 +121,8 @@ if ($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $cu
{ {
if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id'])) if ($_user['user_id'] OR ($current_forum['allow_anonymous']==1 AND !$_user['user_id']))
{ {
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage">'.get_lang('ReplyToMessage').'</a><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=replymessage">'.get_lang('ReplyToMessage').'</a><br />';
echo '<a href="reply.php?'.api_get_cidreq().'&forum='.$_GET['forum'].'&amp;thread='.$_GET['thread'].'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote">'.get_lang('QuoteMessage').'</a><br /><br />'; echo '<a href="reply.php?'.api_get_cidreq().'&forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'&amp;post='.$rows[$display_post_id]['post_id'].'&amp;action=quote">'.get_lang('QuoteMessage').'</a><br /><br />';
} }
} }
else else
@ -219,7 +219,7 @@ foreach ($rows as $post)
{ {
$class=''; $class='';
} }
echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".$_GET['forum']."&amp;thread=".$_GET['thread']."&amp;post=".$post['post_id']."\" $class>".prepare4display($post['post_title'])."</a></div>\n"; echo "<a href=\"viewthread.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;post=".$post['post_id']."\" $class>".prepare4display($post['post_title'])."</a></div>\n";
} }
} }

18
main/work/work.lib.php
Unescape View File

@ -41,11 +41,11 @@ function display_action_links($cur_dir_path, $always_show_tool_options, $always_
} }
if (! $always_show_upload_form ) if (! $always_show_upload_form )
{ {
$display_output .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&curdirpath=".$cur_dir_path."&amp;display_upload_form=true&amp;origin=".$_GET['origin']."\">".Display::return_icon('submit_file.gif')." ". get_lang("UploadADocument") . "</a> "; $display_output .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&curdirpath=".$cur_dir_path."&amp;display_upload_form=true&amp;origin=".Security::remove_XSS($_GET['origin'])."\">".Display::return_icon('submit_file.gif')." ". get_lang("UploadADocument") . "</a> ";
} }
if (! $always_show_tool_options && api_is_allowed_to_edit() ) if (! $always_show_tool_options && api_is_allowed_to_edit() )
{ {
$display_output .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&curdirpath=".$cur_dir_path."&amp;display_tool_options=true&amp;origin=".$_GET['origin']."\">".Display::return_icon('acces_tool.gif').' ' . get_lang("EditToolOptions") . "</a> "; $display_output .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&curdirpath=".$cur_dir_path."&amp;display_tool_options=true&amp;origin=".Security::remove_XSS($_GET['origin'])."\">".Display::return_icon('acces_tool.gif').' ' . get_lang("EditToolOptions") . "</a> ";
} }
if ($display_output != "") if ($display_output != "")
@ -68,7 +68,7 @@ function display_action_links($cur_dir_path, $always_show_tool_options, $always_
*/ */
function display_tool_options($uploadvisibledisabled, $origin,$base_work_dir,$cur_dir_path,$cur_dir_path_url) function display_tool_options($uploadvisibledisabled, $origin,$base_work_dir,$cur_dir_path,$cur_dir_path_url)
{ {
global $charset; global $charset, $group_properties;
$is_allowed_to_edit = api_is_allowed_to_edit(); $is_allowed_to_edit = api_is_allowed_to_edit();
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION); $work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
@ -137,8 +137,8 @@ function display_tool_options($uploadvisibledisabled, $origin,$base_work_dir,$cu
get_lang("Up").'</a>&nbsp;'."\n"; get_lang("Up").'</a>&nbsp;'."\n";
} }
echo '<!-- create directory -->' . echo '<!-- create directory -->' .
'<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;curdirpath='.$cur_dir_path.'&amp;createdir=1"><img src="../img/folder_new.gif" border="0"alt ="" /></a>'. '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;curdirpath='.$cur_dir_path.'&amp;createdir=1"><img src="../img/folder_new.gif" border="0"alt ="'.get_lang('CreateDir').'" /></a>'.
'<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;curdirpath='.$cur_dir_path.'&amp;createdir=1">'.get_lang("CreateDir").'</a>&nbsp;'."\n"; '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;curdirpath='.$cur_dir_path.'&amp;createdir=1">'.get_lang('CreateDir').'</a>&nbsp;'."\n";
echo "</td></tr></table>"; echo "</td></tr></table>";
} }
@ -185,19 +185,19 @@ function display_student_publications_list($work_dir,$sub_course_dir,$currentCou
$sort_params = array(); $sort_params = array();
if( isset($_GET['column'])) if( isset($_GET['column']))
{ {
$sort_params[] = 'column='.$_GET['column']; $sort_params[] = 'column='.Security::remove_XSS($_GET['column']);
} }
if( isset($_GET['page_nr'])) if( isset($_GET['page_nr']))
{ {
$sort_params[] = 'page_nr='.$_GET['page_nr']; $sort_params[] = 'page_nr='.Security::remove_XSS($_GET['page_nr']);
} }
if( isset($_GET['per_page'])) if( isset($_GET['per_page']))
{ {
$sort_params[] = 'per_page='.$_GET['per_page']; $sort_params[] = 'per_page='.Security::remove_XSS($_GET['per_page']);
} }
if( isset($_GET['direction'])) if( isset($_GET['direction']))
{ {
$sort_params[] = 'direction='.$_GET['direction']; $sort_params[] = 'direction='.Security::remove_XSS($_GET['direction']);
} }
$sort_params = implode('&amp;',$sort_params); $sort_params = implode('&amp;',$sort_params);

34
main/work/work.php
Unescape View File

@ -23,7 +23,7 @@
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default. * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default.
* @author Roan Embrechts, code refactoring and virtual course support * @author Roan Embrechts, code refactoring and virtual course support
* @author Frederic Vauthier, directories management * @author Frederic Vauthier, directories management
* @version $Id: work.php 13804 2007-11-28 06:08:00Z yannoo $ * @version $Id: work.php 14070 2007-12-26 00:27:59Z yannoo $
* *
* @todo refactor more code into functions, use quickforms, coding standards, ... * @todo refactor more code into functions, use quickforms, coding standards, ...
*/ */
@ -147,19 +147,19 @@ $currentCourseRepositoryWeb = api_get_path(WEB_COURSE_PATH) . $_course["path"].
$currentUserFirstName = $_user['firstName']; $currentUserFirstName = $_user['firstName'];
$currentUserLastName = $_user['lastName']; $currentUserLastName = $_user['lastName'];
$authors = $_POST['authors']; $authors = Database::escape_string($_POST['authors']);
$delete = $_REQUEST['delete']; $delete = Database::escape_string($_REQUEST['delete']);
$description = $_REQUEST['description']; $description = Database::escape_string($_REQUEST['description']);
$display_tool_options = $_REQUEST['display_tool_options']; $display_tool_options = $_REQUEST['display_tool_options'];
$display_upload_form = $_REQUEST['display_upload_form']; $display_upload_form = $_REQUEST['display_upload_form'];
$edit = $_REQUEST['edit']; $edit = Database::escape_string($_REQUEST['edit']);
$make_invisible = $_REQUEST['make_invisible']; $make_invisible = Database::escape_string($_REQUEST['make_invisible']);
$make_visible = $_REQUEST['make_visible']; $make_visible = Database::escape_string($_REQUEST['make_visible']);
$origin = $_REQUEST['origin']; $origin = Security::remove_XSS($_REQUEST['origin']);
$submitGroupWorkUrl = $_REQUEST['submitGroupWorkUrl']; $submitGroupWorkUrl = Security::remove_XSS($_REQUEST['submitGroupWorkUrl']);
$title = $_REQUEST['title']; $title = Database::escape_string($_REQUEST['title']);
$uploadvisibledisabled = $_REQUEST['uploadvisibledisabled']; $uploadvisibledisabled = Database::escape_string($_REQUEST['uploadvisibledisabled']);
$id = (int) $_REQUEST['id']; $id = strval(intval($_REQUEST['id']));
//directories management //directories management
$sys_course_path = api_get_path(SYS_COURSE_PATH); $sys_course_path = api_get_path(SYS_COURSE_PATH);
@ -381,7 +381,7 @@ if (api_is_allowed_to_edit())
if ($edit) if ($edit)
{ {
$sql = "SELECT * FROM ".$work_table." WHERE id='".mysql_real_escape_string($edit)."'"; $sql = "SELECT * FROM ".$work_table." WHERE id='".$edit."'";
$result = api_sql_query($sql,__FILE__,__LINE__); $result = api_sql_query($sql,__FILE__,__LINE__);
if ($result) if ($result)
@ -587,7 +587,7 @@ else
if ($edit) if ($edit)
{ {
//Get the author ID for that document from the item_property table //Get the author ID for that document from the item_property table
$author_sql = "SELECT * FROM $iprop_table WHERE tool = 'work' AND insert_user_id='$user_id' AND ref=".mysql_real_escape_string($edit); $author_sql = "SELECT * FROM $iprop_table WHERE tool = 'work' AND insert_user_id='$user_id' AND ref=".$edit;
$author_qry = api_sql_query($author_sql,__FILE__,__LINE__); $author_qry = api_sql_query($author_sql,__FILE__,__LINE__);
if(Database::num_rows($author_qry)==1) if(Database::num_rows($author_qry)==1)
{ {
@ -872,7 +872,7 @@ if ($_POST['submitWork'] && $succeed &&!$id) //last value is to check this is no
if($edit){ if($edit){
//Get the author ID for that document from the item_property table //Get the author ID for that document from the item_property table
$is_author = false; $is_author = false;
$author_sql = "SELECT * FROM $iprop_table WHERE tool = 'work' AND insert_user_id='$user_id' AND ref=".mysql_real_escape_string($edit); $author_sql = "SELECT * FROM $iprop_table WHERE tool = 'work' AND insert_user_id='$user_id' AND ref=".$edit;
$author_qry = api_sql_query($author_sql,__FILE__,__LINE__); $author_qry = api_sql_query($author_sql,__FILE__,__LINE__);
if(Database::num_rows($author_qry)==1) if(Database::num_rows($author_qry)==1)
{ {
@ -883,7 +883,7 @@ if ($_POST['submitWork'] && $succeed &&!$id) //last value is to check this is no
require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
require_once (api_get_path(LIBRARY_PATH).'fileDisplay.lib.php'); require_once (api_get_path(LIBRARY_PATH).'fileDisplay.lib.php');
$form = new FormValidator('form','POST',api_get_self()."?curdirpath=$cur_dir_path&origin=$origin",'','enctype="multipart/form-data"'); $form = new FormValidator('form','POST',api_get_self()."?curdirpath=".Security::remove_XSS($cur_dir_path)."&origin=$origin",'','enctype="multipart/form-data"');
if(!empty($error_message)) Display::display_error_message($error_message); if(!empty($error_message)) Display::display_error_message($error_message);
@ -955,7 +955,7 @@ if ($_POST['submitWork'] && $succeed &&!$id) //last value is to check this is no
{ {
//create the form that asks for the directory name //create the form that asks for the directory name
$new_folder_text = '<form action="'.api_get_self().'" method="POST">'; $new_folder_text = '<form action="'.api_get_self().'" method="POST">';
$new_folder_text .= '<input type="hidden" name="curdirpath" value="'.$cur_dir_path.'"/>'; $new_folder_text .= '<input type="hidden" name="curdirpath" value="'.Security::remove_XSS($cur_dir_path).'"/>';
$new_folder_text .= get_lang('NewDir') .' '; $new_folder_text .= get_lang('NewDir') .' ';
$new_folder_text .= '<input type="text" name="new_dir"/>'; $new_folder_text .= '<input type="text" name="new_dir"/>';
$new_folder_text .= '<input type="submit" name="create_dir" value="'.get_lang('Ok').'"/>'; $new_folder_text .= '<input type="submit" name="create_dir" value="'.get_lang('Ok').'"/>';

Write Preview
Loading…
Cancel
Save