From: <gi...@ma...> - 2009-11-23 12:24:54
|
The branch, master has been updated via 0c9b5cd564309efb83fbcfe428ed0da56c3060fe (commit) from c154fafcabdc1226ec19985c9bb42331eadcd7ac (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0c9b5cd564309efb83fbcfe428ed0da56c3060fe Author: David Hicks <hic...@op...> Date: Mon Nov 23 23:00:02 2009 +1100 Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. ----------------------------------------------------------------------- Summary of changes: account_prefs_reset.php | 2 +- adm_config_report.php | 2 +- api/soap/mc_issue_api.php | 2 +- api/soap/mc_project_api.php | 2 +- bug_actiongroup_ext.php | 6 +--- bug_relationship_graph.php | 8 +++--- bug_view_inc.php | 4 +- bugnote_view_inc.php | 4 +- changelog_page.php | 2 +- core/ajax_api.php | 2 +- core/columns_api.php | 13 +++++---- core/file_api.php | 2 +- core/filter_api.php | 6 ++-- core/form_api.php | 2 +- core/html_api.php | 4 ++- core/print_api.php | 53 ++++++++++++++++++++++++-------------- core/relationship_api.php | 6 ++-- core/relationship_graph_api.php | 4 +- core/rss_api.php | 14 +++++----- core/string_api.php | 2 +- core/tag_api.php | 2 +- core/user_api.php | 2 +- excel_xml_export.php | 2 +- login.php | 6 ++-- login_anon.php | 11 +++++++- login_page.php | 10 +++--- login_select_proj_page.php | 5 ++- main_page.php | 6 +++- manage_proj_delete.php | 3 +- manage_proj_edit_page.php | 12 ++++---- manage_proj_page.php | 4 +- manage_user_delete.php | 6 +--- manage_user_page.php | 8 +++--- manage_user_prune.php | 4 +-- my_view_inc.php | 30 +++++++++------------ news_update.php | 2 +- print_all_bug_page.php | 2 +- print_all_bug_page_word.php | 2 +- print_bug_page.php | 2 +- project_page.php | 20 ++++++--------- query_view_page.php | 8 ++--- roadmap_page.php | 2 +- set_project.php | 2 +- tag_update_page.php | 2 +- verify.php | 2 +- view_filters_page.php | 2 +- 46 files changed, 154 insertions(+), 143 deletions(-) ----------------------------------------------------------------------- commit 0c9b5cd564309efb83fbcfe428ed0da56c3060fe Author: David Hicks <hic...@op...> Date: Mon Nov 23 23:00:02 2009 +1100 Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. diff --git a/account_prefs_reset.php b/account_prefs_reset.php index d3c0716..238e286 100644 --- a/account_prefs_reset.php +++ b/account_prefs_reset.php @@ -44,7 +44,7 @@ #============ Parameters ============ $f_user_id = gpc_get_int( 'user_id' ); - $f_redirect_url = gpc_get_string( 'redirect_url', 'account_prefs_page.php' ); + $f_redirect_url = string_sanitize_url( gpc_get_string( 'redirect_url', 'account_prefs_page.php' ) ); #============ Permissions ============ form_security_validate( 'account_prefs_reset' ); diff --git a/adm_config_report.php b/adm_config_report.php index 9e34894..4cba49e 100644 --- a/adm_config_report.php +++ b/adm_config_report.php @@ -153,7 +153,7 @@ <td class="center"> <?php if ( config_can_delete( $v_config_id ) ) { - print_button( 'adm_config_delete.php?user_id=' . $v_user_id . '&project_id=' . $v_project_id . '&config_option=' . $v_config_id, lang_get( 'delete_link' ) ); + print_button( "adm_config_delete.php?user_id=$v_user_id&project_id=$v_project_id&config_option=$v_config_id", lang_get( 'delete_link' ) ); } else { echo ' '; } diff --git a/api/soap/mc_issue_api.php b/api/soap/mc_issue_api.php index 6d05a07..a49c087 100644 --- a/api/soap/mc_issue_api.php +++ b/api/soap/mc_issue_api.php @@ -234,7 +234,7 @@ function mci_issue_get_attachments( $p_issue_id ) { $t_attachment['size'] = $t_attachment_row['filesize']; $t_attachment['content_type'] = $t_attachment_row['file_type']; $t_attachment['date_submitted'] = timestamp_to_iso8601( $t_attachment_row['date_added'] ); - $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $t_attachment_row['id'] . '&type=bug'; + $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $t_attachment_row['id'] . '&type=bug'; $t_result[] = $t_attachment; } diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php index 5431280..6bd7346 100644 --- a/api/soap/mc_project_api.php +++ b/api/soap/mc_project_api.php @@ -579,7 +579,7 @@ function mc_project_get_attachments( $p_username, $p_password, $p_project_id ) { $t_attachment['size'] = $row['filesize']; $t_attachment['content_type'] = $row['file_type']; $t_attachment['date_submitted'] = timestamp_to_iso8601( $row['date_added'] ); - $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $row['id'] . '&type=doc'; + $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $row['id'] . '&type=doc'; $t_result[] = $t_attachment; } diff --git a/bug_actiongroup_ext.php b/bug_actiongroup_ext.php index c3d64e4..f8e4cfb 100644 --- a/bug_actiongroup_ext.php +++ b/bug_actiongroup_ext.php @@ -101,8 +101,6 @@ form_security_purge( $t_form_name ); - $t_redirect_url = 'view_all_bug_page.php'; - if ( count( $t_failed_ids ) > 0 ) { html_page_top(); @@ -114,10 +112,10 @@ printf("<p>%s%s</p>\n", $label, $t_reason ); } - print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) ); + print_bracket_link( 'view_all_bug_page.php', lang_get( 'proceed' ) ); echo '</div>'; html_page_bottom(); } else { - print_header_redirect( $t_redirect_url ); + print_header_redirect( 'view_all_bug_page.php' ); } diff --git a/bug_relationship_graph.php b/bug_relationship_graph.php index 49db42e..079ca01 100644 --- a/bug_relationship_graph.php +++ b/bug_relationship_graph.php @@ -95,9 +95,9 @@ <span class="small"> <?php if ( $t_graph_relation ) - print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $f_bug_id . '&graph=dependency', lang_get( 'dependency_graph' ) ); + print_bracket_link( "bug_relationship_graph.php?bug_id=$f_bug_id&graph=dependency", lang_get( 'dependency_graph' ) ); else - print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $f_bug_id . '&graph=relation', lang_get( 'relation_graph' ) ); + print_bracket_link( "bug_relationship_graph.php?bug_id=$f_bug_id&graph=relation", lang_get( 'relation_graph' ) ); ?> </span> <?php @@ -107,9 +107,9 @@ <span class="small"> <?php if ( $t_graph_horizontal ) - print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $f_bug_id . '&graph=dependency&orientation=vertical', lang_get( 'vertical' ) ); + print_bracket_link( "bug_relationship_graph.php?bug_id=$f_bug_id&graph=dependency&orientation=vertical", lang_get( 'vertical' ) ); else - print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $f_bug_id . '&graph=dependency&orientation=horizontal', lang_get( 'horizontal' ) ); + print_bracket_link( "bug_relationship_graph.php?bug_id=$f_bug_id&graph=dependency&orientation=horizontal", lang_get( 'horizontal' ) ); ?> </span> <?php diff --git a/bug_view_inc.php b/bug_view_inc.php index 648ef71..73fa0a4 100644 --- a/bug_view_inc.php +++ b/bug_view_inc.php @@ -109,7 +109,7 @@ $tpl_wiki_link = config_get_global( 'wiki_enable' ) == ON ? 'wiki.php?id=' . $f_bug_id : ''; if ( access_has_bug_level( config_get( 'view_history_threshold' ), $f_bug_id ) ) { - $tpl_history_link = "view.php?id={$f_bug_id}&history=1#history"; + $tpl_history_link = "view.php?id=$f_bug_id&history=1#history"; } else { $tpl_history_link = ''; } @@ -207,7 +207,7 @@ echo $tpl_form_title; - echo '<span class="small">'; + echo ' <span class="small">'; # Jump to Bugnotes print_bracket_link( "#bugnotes", lang_get( 'jump_to_bugnotes' ) ); diff --git a/bugnote_view_inc.php b/bugnote_view_inc.php index 976fe7b..38bf8b3 100644 --- a/bugnote_view_inc.php +++ b/bugnote_view_inc.php @@ -162,10 +162,10 @@ $num_notes = count( $t_bugnotes ); access_has_bug_level( config_get( 'change_view_status_threshold' ), $f_bug_id ) ) ) { if ( VS_PRIVATE == $t_bugnote->view_state ) { echo " "; - print_button('bugnote_set_view_state.php?private=0&bugnote_id='.$t_bugnote->id, lang_get( 'make_public' )); + print_button( 'bugnote_set_view_state.php?private=0&bugnote_id=' . $t_bugnote->id, lang_get( 'make_public' ) ); } else { echo " "; - print_button('bugnote_set_view_state.php?private=1&bugnote_id='.$t_bugnote->id, lang_get( 'make_private' )); + print_button( 'bugnote_set_view_state.php?private=1&bugnote_id=' . $t_bugnote->id, lang_get( 'make_private' ) ); } } } diff --git a/changelog_page.php b/changelog_page.php index 68cbbd3..e7b7be7 100644 --- a/changelog_page.php +++ b/changelog_page.php @@ -56,7 +56,7 @@ function print_version_header( $p_version_id ) { $t_release_date = ''; } - echo '<br />', $t_release_title, $t_release_date, lang_get( 'word_separator' ), print_bracket_link( 'view_all_set.php?type=1&temporary=y&' . FILTER_PROPERTY_PROJECT_ID . '=' . $t_project_id . '&' . filter_encode_field_and_value( FILTER_PROPERTY_FIXED_IN_VERSION, $t_version_name ), lang_get( 'view_bugs_link' ) ), '<br />'; + echo '<br />', $t_release_title, $t_release_date, lang_get( 'word_separator' ), print_bracket_link( 'view_all_set.php?type=1&temporary=y&' . FILTER_PROPERTY_PROJECT_ID . '=' . $t_project_id . '&' . filter_encode_field_and_value( FILTER_PROPERTY_FIXED_IN_VERSION, $t_version_name ), lang_get( 'view_bugs_link' ) ), '<br />'; $t_release_title_without_hyperlinks .= $t_release_date; echo utf8_str_pad( '', utf8_strlen( $t_release_title_without_hyperlinks ), '=' ), '<br />'; diff --git a/core/ajax_api.php b/core/ajax_api.php index 472b78e..cb22b62 100644 --- a/core/ajax_api.php +++ b/core/ajax_api.php @@ -39,7 +39,7 @@ function ajax_click_to_edit( $p_initial_string, $p_element_id_prefix, $p_query_s $t_return = '<a id="' . $t_element_id_target . '">' . $p_initial_string . '</a> '; $t_return .= '<a id="' . $t_element_id_edit . '" onclick="'; - $t_return .= "AjaxLoad('" . $t_element_id_target . "', '" . $p_query_string . "', '" . $t_element_id_edit . "' )"; + $t_return .= "AjaxLoad('" . $t_element_id_target . "', '" . htmlspecialchars( $p_query_string ) . "', '" . $t_element_id_edit . "' )"; $t_return .= '"><small>[' . $t_edit . ']</small></a>'; return $t_return; diff --git a/core/columns_api.php b/core/columns_api.php index 1530f92..e82e7bf 100644 --- a/core/columns_api.php +++ b/core/columns_api.php @@ -975,12 +975,13 @@ function print_column_bugnotes_count( $p_bug, $p_columns_target = COLUMNS_TARGET echo '<td class="center">'; if( $bugnote_count > 0 ) { - $t_bugnote_link = '<a href="' . string_get_bug_view_url( $p_bug->id ) . '&nbn=' . $bugnote_count . '#bugnotes">' . $bugnote_count . '</a>'; - - if( $v_bugnote_updated > strtotime( '-' . $t_filter['highlight_changed'] . ' hours' ) ) { - printf( '<span class="bold">%s</span>', $t_bugnote_link ); - } else { - echo $t_bugnote_link; + $t_show_in_bold = $v_bugnote_updated > strtotime( '-' . $t_filter['highlight_changed'] . ' hours' ); + if( $t_show_in_bold ) { + echo '<span class="bold">'; + } + print_link( string_get_bug_view_url( $p_bug->id ) . "&nbn=$bugnote_count#bugnotes", $bugnote_count ); + if( $t_show_in_bold ) { + echo '</span>'; } } else { echo ' '; diff --git a/core/file_api.php b/core/file_api.php index 67ed094..9469e3c 100644 --- a/core/file_api.php +++ b/core/file_api.php @@ -289,7 +289,7 @@ function file_get_visible_attachments( $p_bug_id ) { $t_attachment['diskfile'] = $t_diskfile; if( $t_can_download ) { - $t_attachment['download_url'] = "file_download.php?file_id=$t_id&type=bug"; + $t_attachment['download_url'] = "file_download.php?file_id=$t_id&type=bug"; } if( $image_previewed ) { diff --git a/core/filter_api.php b/core/filter_api.php index 2848674..653c6a5 100644 --- a/core/filter_api.php +++ b/core/filter_api.php @@ -270,7 +270,7 @@ function filter_get_url( $p_custom_filter ) { } if( count( $t_query ) > 0 ) { - $t_query_str = implode( $t_query, '&' ); + $t_query_str = implode( $t_query, '&' ); $t_url = config_get( 'path' ) . 'search.php?' . $t_query_str; } else { $t_url = ''; @@ -302,7 +302,7 @@ function filter_encode_field_and_value( $p_field_name, $p_field_value, $p_field_ $t_query_array[] = urlencode( $p_field_name ) . '=' . urlencode( $p_field_value ); } - return implode( $t_query_array, '&' ); + return implode( $t_query_array, '&' ); } # ========================================================================== @@ -3325,7 +3325,7 @@ function filter_draw_selection_area2( $p_page_number, $p_for_screen = true, $p_e <td class="center" colspan="<?php echo( $t_filter_cols - 6 )?>"> <!-- use this label for padding --> <?php if( ON == config_get( 'dhtml_filters' ) ) { - $f_switch_view_link = 'view_all_set.php?type=6&view_type='; + $f_switch_view_link = 'view_all_set.php?type=6&view_type='; } else { $f_switch_view_link = 'view_filters_page.php?view_type='; } diff --git a/core/form_api.php b/core/form_api.php index e162c82..96dda56 100644 --- a/core/form_api.php +++ b/core/form_api.php @@ -98,7 +98,7 @@ function form_security_param( $p_form_name ) { # Create the GET parameter to be used in a URL for a secure link $t_form_token = $p_form_name . '_token'; - $t_param = '&%s=%s'; + $t_param = '&%s=%s'; $t_param = sprintf( $t_param, $t_form_token, $t_string ); return $t_param; diff --git a/core/html_api.php b/core/html_api.php index 62d5634..5c0d07e 100644 --- a/core/html_api.php +++ b/core/html_api.php @@ -382,6 +382,8 @@ function html_meta_redirect( $p_url, $p_time = null, $p_sanitize = true ) { $t_url .= $p_url; } + $t_url = htmlspecialchars( $t_url ); + echo "\t<meta http-equiv=\"Refresh\" content=\"$p_time;URL=$t_url\" />\n"; return true; @@ -547,7 +549,7 @@ function html_login_info() { if( OFF != config_get( 'rss_enabled' ) ) { # Link to RSS issues feed for the selected project, including authentication details. - echo '<a href="' . rss_get_issues_feed_url() . '">'; + echo '<a href="' . htmlspecialchars( rss_get_issues_feed_url() ) . '">'; echo '<img src="' . helper_mantis_url( 'images/rss.png' ) . '" alt="' . lang_get( 'rss' ) . '" style="border-style: none; margin: 5px; vertical-align: middle;" />'; echo '</a>'; } diff --git a/core/print_api.php b/core/print_api.php index e7440c8..e179dfc 100644 --- a/core/print_api.php +++ b/core/print_api.php @@ -83,6 +83,8 @@ function print_header_redirect( $p_url, $p_die = true, $p_sanitize = false, $p_a } } + $t_url = string_prepare_header( $t_url ); + # don't send more headers if they have already been sent (guideweb) if( !headers_sent() ) { header( 'Content-Type: text/html; charset=utf-8' ); @@ -147,7 +149,7 @@ function print_avatar( $p_user_id, $p_size = 80 ) { if( access_has_project_level( config_get( 'show_avatar_threshold' ), null, $p_user_id ) ) { $t_avatar = user_get_avatar( $p_user_id, $p_size ); if( false !== $t_avatar ) { - $t_avatar_url = $t_avatar[0]; + $t_avatar_url = htmlspecialchars( $t_avatar[0] ); $t_width = $t_avatar[1]; $t_height = $t_avatar[2]; echo '<a rel="nofollow" href="http://site.gravatar.com"><img class="avatar" src="' . $t_avatar_url . '" alt="User avatar" width="' . $t_width . '" height="' . $t_height . '" /></a>'; @@ -1161,7 +1163,7 @@ function print_custom_field_projects_list( $p_field_id ) { $t_project_name = project_get_field( $t_project_id, 'name' ); $t_sequence = custom_field_get_sequence( $p_field_id, $t_project_id ); echo '<b>', $t_project_name, '</b>: '; - print_bracket_link( "manage_proj_custom_field_remove.php?field_id=$c_field_id&project_id=$t_project_id&return=custom_field$t_security_token", lang_get( 'remove_link' ) ); + print_bracket_link( "manage_proj_custom_field_remove.php?field_id=$c_field_id&project_id=$t_project_id&return=custom_field$t_security_token", lang_get( 'remove_link' ) ); echo '<br />- '; $t_linked_field_ids = custom_field_get_linked_ids( $t_project_id ); @@ -1265,7 +1267,8 @@ function print_view_bug_sort_link( $p_string, $p_sort_field, $p_sort, $p_dir, $p $t_dir = 'ASC'; } - echo '<a href="view_all_set.php?sort=' . rawurlencode( $p_sort_field ) . '&dir=' . $p_dir . '&type=2&print=1">' . $p_string . '</a>'; + $t_sort_field = rawurlencode( $p_sort_field ); + print_link( "view_all_set.php?sort=$t_sort_field&dir=$p_dir&type=2&print=1", $p_string ); } else if( $p_columns_target == COLUMNS_TARGET_VIEW_PAGE ) { if( $p_sort_field == $p_sort ) { @@ -1281,7 +1284,8 @@ function print_view_bug_sort_link( $p_string, $p_sort_field, $p_sort, $p_dir, $p $t_dir = 'ASC'; } - echo '<a href="view_all_set.php?sort=' . rawurlencode( $p_sort_field ) . '&dir=' . $p_dir . '&type=2">' . $p_string . '</a>'; + $t_sort_field = rawurlencode( $p_sort_field ); + print_link( "view_all_set.php?sort=$t_sort_field&dir=$p_dir&type=2", $p_string ); } else { echo $p_string; } @@ -1301,7 +1305,8 @@ function print_manage_user_sort_link( $p_page, $p_string, $p_field, $p_dir, $p_s $t_dir = 'ASC'; } - echo '<a href="' . $p_page . '?sort=' . $p_field . '&dir=' . $t_dir . '&save=1&hide=' . $p_hide . '&filter=' . $p_filter . '">' . $p_string . '</a>'; + $t_field = rawurlencode( $p_field ); + print_link( "$p_page?sort=$t_field&dir=$t_dir&save=1&hide=$p_hide&filter=$p_filter", $p_string ); } function print_manage_project_sort_link( $p_page, $p_string, $p_field, $p_dir, $p_sort_by ) { @@ -1318,7 +1323,8 @@ function print_manage_project_sort_link( $p_page, $p_string, $p_field, $p_dir, $ $t_dir = 'ASC'; } - echo '<a href="' . $p_page . '?sort=' . $p_field . '&dir=' . $t_dir . '">' . $p_string . '</a>'; + $t_field = rawurlencode( $p_field ); + print_link( "$p_page?sort=$t_field&dir=$t_dir", $p_string ); } # print a button which presents a standalone form. @@ -1330,7 +1336,7 @@ function print_button( $p_action_page, $p_label, $p_args_to_post = null ) { # TODO: ensure all uses of print_button supply arguments via $p_args_to_post (POST) # instead of via $p_action_page (GET). Then only add the CSRF form token if # arguments are being sent via the POST method. - echo '<form method="post" action="', $p_action_page, '">'; + echo '<form method="post" action="', htmlspecialchars( $p_action_page ), '">'; echo form_security_field( $t_form_name[0] ); echo '<input type="submit" class="button-small" value="', $p_label, '" />'; @@ -1353,23 +1359,28 @@ function print_bracket_link_prepared( $p_link ) { # if $p_new_window is true, link will open in a new window, default false. function print_bracket_link( $p_link, $p_url_text, $p_new_window = false, $p_class = '' ) { echo '<span class="bracket-link">[ '; - print_link( $p_link, $p_url_text, $p_new_window, $p_class = '' ); + print_link( $p_link, $p_url_text, $p_new_window, $p_class ); echo ' ]</span> '; } # print a HTML link function print_link( $p_link, $p_url_text, $p_new_window = false, $p_class = '' ) { - $t_class = $p_class; - if( $p_class !== '' ) { - $t_class = "class='$p_class' "; - } if( is_blank( $p_link ) ) { - echo "$p_url_text"; + echo $p_url_text; } else { + $t_link = htmlspecialchars( $p_link ); if( $p_new_window === true ) { - echo "<a ${t_class}href=\"$p_link\" target=\"_blank\">$p_url_text</a>"; + if( $p_class !== '') { + echo "<a class=\"$p_class\" href=\"$t_link\" target=\"_blank\">$p_url_text</a>"; + } else { + echo "<a href=\"$t_link\" target=\"_blank\">$p_url_text</a>"; + } } else { - echo "<a ${t_class}href=\"$p_link\">$p_url_text</a>"; + if( $p_class !== '') { + echo "<a class=\"$p_class\" href=\"$t_link\">$p_url_text</a>"; + } else { + echo "<a href=\"$t_link\">$p_url_text</a>"; + } } } } @@ -1382,9 +1393,9 @@ function print_page_link( $p_page_url, $p_text = '', $p_page_no = 0, $p_page_cur if(( 0 < $p_page_no ) && ( $p_page_no != $p_page_cur ) ) { if( $p_temp_filter_id !== 0 ) { - echo " <a href=\"$p_page_url?filter=$p_temp_filter_id&page_number=$p_page_no\">$p_text</a> "; + print_link( "$p_page_url?filter=$p_temp_filter_id&page_number=$p_page_no", $p_text ); } else { - echo " <a href=\"$p_page_url?page_number=$p_page_no\">$p_text</a> "; + print_link( "$p_page_url?page_number=$p_page_no", $p_text ); } } else { echo " $p_text "; @@ -1435,7 +1446,7 @@ function print_page_links( $p_page, $p_start, $p_end, $p_current, $p_temp_filter array_push( $t_items, $i ); } else { if( $p_temp_filter_id !== 0 ) { - array_push( $t_items, "<a href=\"$p_page?filter=$p_temp_filter_id&page_number=$i\">$i</a>" ); + array_push( $t_items, "<a href=\"$p_page?filter=$p_temp_filter_id&page_number=$i\">$i</a>" ); } else { array_push( $t_items, "<a href=\"$p_page?page_number=$i\">$i</a>" ); } @@ -1605,7 +1616,7 @@ function print_file_icon( $p_filename ) { # Prints an RSS image that is hyperlinked to an RSS feed. function print_rss( $p_feed_url, $p_title = '' ) { $t_path = config_get( 'path' ); - echo '<a href="', $p_feed_url, '" title="', $p_title, '"><img src="', $t_path, '/images/', 'rss.png" width="16" height="16" border="0" alt="', $p_title, '" /></a>'; + echo '<a href="', htmlspecialchars( $p_feed_url ), '" title="', $p_title, '"><img src="', $t_path, '/images/', 'rss.png" width="16" height="16" border="0" alt="', $p_title, '" /></a>'; } # Prints the recently visited issues. @@ -1706,7 +1717,9 @@ function print_bug_attachments_list( $p_bug_id ) { echo $t_href_end . ' ' . $t_href_start . $t_file_display_name . $t_href_end . $t_href_clicket . ' (' . $t_filesize . ' ' . lang_get( 'bytes' ) . ') ' . '<span class=\"italic\">' . $t_date_added . '</span>'; if ( $t_attachment['can_delete'] ) { - echo " [<a class=\"small\" href=\"bug_file_delete.php?file_id={$t_attachment['id']}" . form_security_param( 'bug_file_delete' ) . "\">" . lang_get( 'delete_link' ) . '</a>]'; + echo ' ['; + print_link( 'bug_file_delete.php?file_id=' . $t_attachment['id'] . form_security_param( 'bug_file_delete' ), lang_get( 'delete_link' ), false, 'small' ); + echo ']'; } if ( ( FTP == config_get( 'file_upload_method' ) ) && $t_attachment['exists'] ) { diff --git a/core/relationship_api.php b/core/relationship_api.php index 171bda3..3b28619 100644 --- a/core/relationship_api.php +++ b/core/relationship_api.php @@ -669,7 +669,7 @@ function relationship_get_details( $p_bug_id, $p_relationship, $p_html = false, # add delete link if bug not read only and user has access level if( !bug_is_readonly( $p_bug_id ) && !current_user_is_anonymous() && ( $p_html_preview == false ) ) { if( access_has_bug_level( config_get( 'update_bug_threshold' ), $p_bug_id ) ) { - $t_relationship_info_html .= ' [<a class="small" href="bug_relationship_delete.php?bug_id=' . $p_bug_id . '&rel_id=' . $p_relationship->id . form_security_param( 'bug_relationship_delete' ) . '">' . lang_get( 'delete_link' ) . '</a>]'; + $t_relationship_info_html .= ' [<a class="small" href="bug_relationship_delete.php?bug_id=' . $p_bug_id . '&rel_id=' . $p_relationship->id . htmlspecialchars( form_security_param( 'bug_relationship_delete' ) ) . '">' . lang_get( 'delete_link' ) . '</a>]'; } } @@ -813,8 +813,8 @@ function relationship_view_box( $p_bug_id ) { echo lang_get( 'bug_relationships' ); if( ON == config_get( 'relationship_graph_enable' ) ) { ?> - <span class="small"><?php print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $p_bug_id . '&graph=relation', lang_get( 'relation_graph' ) )?></span> - <span class="small"><?php print_bracket_link( 'bug_relationship_graph.php?bug_id=' . $p_bug_id . '&graph=dependency', lang_get( 'dependency_graph' ) )?></span> + <span class="small"><?php print_bracket_link( "bug_relationship_graph.php?bug_id=$p_bug_id&graph=relation", lang_get( 'relation_graph' ) )?></span> + <span class="small"><?php print_bracket_link( "bug_relationship_graph.php?bug_id=$p_bug_id&graph=dependency", lang_get( 'dependency_graph' ) )?></span> <?php } ?> diff --git a/core/relationship_graph_api.php b/core/relationship_graph_api.php index baea1dc..bc1d77d 100644 --- a/core/relationship_graph_api.php +++ b/core/relationship_graph_api.php @@ -156,7 +156,7 @@ function relgraph_generate_rel_graph( $p_bug_id, $p_bug = null ) { if( $t_view_on_click ) { $t_url = string_get_bug_view_url( $t_id ); } else { - $t_url = 'bug_relationship_graph.php?bug_id=' . $t_id . '&graph=relation'; + $t_url = "bug_relationship_graph.php?bug_id=$t_id&graph=relation"; } relgraph_add_bug_to_graph( $t_graph, $t_id_string, $t_bug, $t_url, $t_id == $p_bug_id ); @@ -283,7 +283,7 @@ function relgraph_generate_dep_graph( $p_bug_id, $p_bug = null, $p_horizontal = if( $t_view_on_click ) { $t_url = string_get_bug_view_url( $t_related_bug_id ); } else { - $t_url = 'bug_relationship_graph.php?bug_id=' . $t_related_bug_id . '&graph=dependency&orientation=' . $t_graph_orientation; + $t_url = "bug_relationship_graph.php?bug_id=$t_related_bug_id&graph=dependency&orientation=$t_graph_orientation"; } relgraph_add_bug_to_graph( $t_graph, $t_id_string, $t_related_bug, $t_url, $t_related_bug_id == $p_bug_id ); diff --git a/core/rss_api.php b/core/rss_api.php index fd57bf5..befc0eb 100644 --- a/core/rss_api.php +++ b/core/rss_api.php @@ -111,15 +111,15 @@ function rss_get_issues_feed_url( $p_project_id = null, $p_username = null, $p_f $t_url .= 'project_id=' . $t_project_id; } } else { - $t_url .= 'issues_rss.php?username=' . $t_username . '&key=' . rss_calculate_key( $t_user_id ); + $t_url .= 'issues_rss.php?username=' . $t_username . '&key=' . rss_calculate_key( $t_user_id ); if( $t_project_id != ALL_PROJECTS ) { - $t_url .= '&project_id=' . $t_project_id; + $t_url .= '&project_id=' . $t_project_id; } } if( $p_filter_id !== null ) { - $t_url .= '&filter_id=' . $p_filter_id; + $t_url .= '&filter_id=' . $p_filter_id; } return $t_url; @@ -155,16 +155,16 @@ function rss_get_news_feed_url( $p_project_id = null, $p_username = null, $p_rel // If we have a logged in user then they can be given a 'proper' feed, complete with auth string. if( user_is_anonymous( $t_user_id ) ) { - $t_rss_link .= "news_rss.php?"; + $t_rss_link .= "news_rss.php"; if( $t_project_id != ALL_PROJECTS ) { - $t_rss_link .= "news_rss.php?project_id=" . $t_project_id; + $t_rss_link .= "?project_id=$t_project_id"; } } else { - $t_rss_link .= "news_rss.php?username=" . $t_username . "&key=" . rss_calculate_key( $t_user_id ); + $t_rss_link .= "news_rss.php?username=$t_username&key=" . rss_calculate_key( $t_user_id ); if( $t_project_id != ALL_PROJECTS ) { - $t_rss_link .= "&project_id=" . $t_project_id; + $t_rss_link .= "&project_id=$t_project_id"; } } diff --git a/core/string_api.php b/core/string_api.php index c7ef8c7..1ad2e12 100644 --- a/core/string_api.php +++ b/core/string_api.php @@ -277,7 +277,7 @@ function string_sanitize_url( $p_url, $p_return_absolute = false ) { } if ( !empty( $t_clean_pairs ) ) { - $t_query = '?' . join( '&', $t_clean_pairs ); + $t_query = '?' . join( '&', $t_clean_pairs ); } } diff --git a/core/tag_api.php b/core/tag_api.php index f73f94f..da6c7b0 100644 --- a/core/tag_api.php +++ b/core/tag_api.php @@ -657,7 +657,7 @@ function tag_bug_detach_all( $p_bug_id, $p_add_history = true, $p_user_id = null function tag_display_link( $p_tag_row, $p_bug_id = 0 ) { static $t_security_token = null; if( is_null( $t_security_token ) ) { - $t_security_token = form_security_param( 'tag_detach' ); + $t_security_token = htmlspecialchars( form_security_param( 'tag_detach' ) ); } if( auth_get_current_user_id() == $p_tag_row['user_attached'] || auth_get_current_user_id() == $p_tag_row['user_id'] ) { diff --git a/core/user_api.php b/core/user_api.php index 3d79050..a1c9fe7 100644 --- a/core/user_api.php +++ b/core/user_api.php @@ -815,7 +815,7 @@ function user_get_avatar( $p_user_id, $p_size = 80 ) { $t_gravatar_domain = 'https://secure.gravatar.com/'; } - $t_avatar_url = $t_gravatar_domain . 'avatar.php?gravatar_id=' . md5( $t_email ) . '&default=' . urlencode( $t_default_image ) . '&size=' . $t_size . '&rating=G'; + $t_avatar_url = $t_gravatar_domain . 'avatar.php?gravatar_id=' . md5( $t_email ) . '&default=' . urlencode( $t_default_image ) . '&size=' . $t_size . '&rating=G'; $t_result = array( $t_avatar_url, $t_size, diff --git a/excel_xml_export.php b/excel_xml_export.php index 440b815..fdfb8bc 100644 --- a/excel_xml_export.php +++ b/excel_xml_export.php @@ -53,7 +53,7 @@ $result = filter_get_bug_rows( $t_page_number, $t_per_page, $t_page_count, $t_bug_count ); if ( $result === false ) { - print_header_redirect( 'view_all_set.php?type=0&print=1' ); + print_header_redirect( 'view_all_set.php?type=0&print=1' ); } header( 'Content-Type: application/vnd.ms-excel; charset=UTF-8' ); diff --git a/login.php b/login.php index 4a967bb..301b4ff 100644 --- a/login.php +++ b/login.php @@ -29,7 +29,7 @@ $f_username = gpc_get_string( 'username', '' ); $f_password = gpc_get_string( 'password', '' ); $f_perm_login = gpc_get_bool( 'perm_login' ); - $f_return = gpc_get_string( 'return', config_get( 'default_home_page' ) ); + $t_return = string_url( string_sanitize_url( gpc_get_string( 'return', config_get( 'default_home_page' ) ) ) ); $f_from = gpc_get_string( 'from', '' ); $f_secure_session = gpc_get_bool( 'secure_session', false ); @@ -41,10 +41,10 @@ if ( auth_attempt_login( $f_username, $f_password, $f_perm_login ) ) { session_set( 'secure_session', $f_secure_session ); - $t_redirect_url = 'login_cookie_test.php?return=' . string_sanitize_url( $f_return ); + $t_redirect_url = 'login_cookie_test.php?return=' . $t_return; } else { - $t_redirect_url = 'login_page.php?return=' . string_sanitize_url( $f_return ) . + $t_redirect_url = 'login_page.php?return=' . $t_return . '&error=1&username=' . urlencode( $f_username ) . '&perm_login=' . ( $f_perm_login ? 1 : 0 ) . '&secure_session=' . ( $f_secure_session ? 1 : 0 ); diff --git a/login_anon.php b/login_anon.php index 2ea5b09..598095d 100644 --- a/login_anon.php +++ b/login_anon.php @@ -35,4 +35,13 @@ */ require_once( 'core.php' ); - print_header_redirect( 'login.php?username=' . config_get( 'anonymous_account' ) . '&perm_login=false' ); + $f_return = gpc_get_string( 'return', '' ); + + $t_anonymous_account = config_get( 'anonymous_account' ); + + if ( $f_return !== '' ) { + $t_return = string_url( string_sanitize_url( $f_return ) ); + print_header_redirect( "login.php?username=$t_anonymous_account&perm_login=false&return=$t_return" ); + } else { + print_header_redirect( "login.php?username=$t_anonymous_account&perm_login=false" ); + } diff --git a/login_page.php b/login_page.php index d867d9d..f361b7f 100644 --- a/login_page.php +++ b/login_page.php @@ -34,7 +34,7 @@ $f_error = gpc_get_bool( 'error' ); $f_cookie_error = gpc_get_bool( 'cookie_error' ); - $f_return = gpc_get_string( 'return', '' ); + $f_return = string_sanitize_url( gpc_get_string( 'return', '' ) ); $f_username = gpc_get_string( 'username', '' ); $f_perm_login = gpc_get_bool( 'perm_login', false ); $f_secure_session = gpc_get_bool( 'secure_session', false ); @@ -46,12 +46,12 @@ if ( auth_automatic_logon_bypass_form() ) { $t_uri = "login.php"; - if ( !$f_return && ON == config_get( 'allow_anonymous_login' ) ) { + if ( ON == config_get( 'allow_anonymous_login' ) ) { $t_uri = "login_anon.php"; } - if ( $f_return ) { - $t_uri .= "?return=" . urlencode( $f_return ); + if ( !is_blank( $f_return ) ) { + $t_uri .= "?return=" . string_url( $f_return ); } print_header_redirect( $t_uri ); @@ -111,7 +111,7 @@ <td class="right"> <?php if ( ON == config_get( 'allow_anonymous_login' ) ) { - print_bracket_link( 'login_anon.php', lang_get( 'login_anonymously' ) ); + print_bracket_link( 'login_anon.php?return=' . string_url( $f_return ), lang_get( 'login_anonymously' ) ); } ?> </td> diff --git a/login_select_proj_page.php b/login_select_proj_page.php index 5fc3ab1..0aa51fb 100644 --- a/login_select_proj_page.php +++ b/login_select_proj_page.php @@ -28,13 +28,14 @@ auth_ensure_user_authenticated(); - $f_ref = gpc_get_string( 'ref', '' ); + $f_ref = string_sanitize_url( gpc_get_string( 'ref', '' ) ); if ( count( current_user_get_accessible_projects() ) == 1) { $t_project_ids = current_user_get_accessible_projects(); $t_project_id = (int) $t_project_ids[0]; if ( count( current_user_get_accessible_subprojects( $t_project_id ) ) == 0 ) { - print_header_redirect( "set_project.php?project_id=" . $t_project_id . "&ref=" . string_html_specialchars( $f_ref ), true); + $t_ref_urlencoded = string_url( $f_ref ); + print_header_redirect( "set_project.php?project_id=$t_project_id&ref=$t_ref_urlencoded", true); /* print_header_redirect terminates script execution */ } } diff --git a/main_page.php b/main_page.php index 30f38fc..ed5fa7a 100644 --- a/main_page.php +++ b/main_page.php @@ -50,14 +50,16 @@ html_page_top( lang_get( 'main_link' ) ); if ( !current_user_is_anonymous() ) { + $t_current_user_id = auth_get_current_user_id(); + $t_hide_status = config_get( 'bug_resolved_status_threshold' ); echo '<div class="quick-summary-left">'; echo lang_get( 'open_and_assigned_to_me_label' ) . lang_get( 'word_separator' ); - echo '<a class="subtle" href="view_all_set.php?type=1&handler_id=' . auth_get_current_user_id() . '&hide_status=' . config_get( 'bug_resolved_status_threshold' ) . '">' . current_user_get_assigned_open_bug_count() . '</a>'; + print_link( "view_all_set.php?type=1&handler_id=$t_current_user_id&hide_status=$t_hide_status", current_user_get_assigned_open_bug_count(), false, 'subtle' ); echo '</div>'; echo '<div class="quick-summary-right">'; echo lang_get( 'open_and_reported_to_me_label' ) . lang_get( 'word_separator' ); - echo '<a class="subtle" href="view_all_set.php?type=1&reporter_id=' . auth_get_current_user_id() . '&hide_status=' . config_get( 'bug_resolved_status_threshold' ) . '">' . current_user_get_reported_open_bug_count() . '</a>'; + print_link( "view_all_set.php?type=1&reporter_id=$t_current_user_id&hide_status=$t_hide_status", current_user_get_reported_open_bug_count(), false, 'subtle' ); echo '</div>'; echo '<div class="quick-summary-left">'; diff --git a/manage_proj_delete.php b/manage_proj_delete.php index 51e273c..9de0591 100644 --- a/manage_proj_delete.php +++ b/manage_proj_delete.php @@ -49,5 +49,4 @@ helper_set_current_project( ALL_PROJECTS ); } - $t_redirect_url = 'manage_proj_page.php'; - print_header_redirect( $t_redirect_url ); + print_header_redirect( 'manage_proj_page.php' ); diff --git a/manage_proj_edit_page.php b/manage_proj_edit_page.php index 2a539a5..e0c8272 100644 --- a/manage_proj_edit_page.php +++ b/manage_proj_edit_page.php @@ -251,7 +251,7 @@ if ( access_has_global_level ( config_get( 'delete_project_threshold' ) ) ) { ?> <td class="center"> <?php print_bracket_link( 'manage_proj_edit_page.php?project_id=' . $t_subproject['id'], lang_get( 'edit_link' ) ); - print_bracket_link( 'manage_proj_subproj_delete.php?project_id=' . $f_project_id . '&subproject_id=' . $t_subproject['id'] . form_security_param( 'manage_proj_subproj_delete' ), lang_get( 'unlink_link' ) ); + print_bracket_link( "manage_proj_subproj_delete.php?project_id=$f_project_id&subproject_id=" . $t_subproject['id'] . form_security_param( 'manage_proj_subproj_delete' ), lang_get( 'unlink_link' ) ); ?> </td> </tr> @@ -583,7 +583,7 @@ if ( access_has_project_level( config_get( 'custom_field_link_threshold' ), $f_p <td class="center"> <?php # You need global permissions to edit custom field defs - print_button( "manage_proj_custom_field_remove.php?field_id={$t_field_id}&project_id={$f_project_id}", lang_get( 'remove_link' ) ); + print_button( "manage_proj_custom_field_remove.php?field_id=$t_field_id&project_id=$f_project_id", lang_get( 'remove_link' ) ); ?> </td> </tr> @@ -793,7 +793,7 @@ if ( $t_can_manage_users ) { # from this project if ( $t_can_manage_users ) { if ( project_includes_user( $f_project_id, $t_user['id'] ) ) { - print_button( 'manage_proj_user_remove.php?project_id=' . $f_project_id . '&user_id=' . $t_user['id'], lang_get( 'remove_link' ) ); + print_button( "manage_proj_user_remove.php?project_id=$f_project_id&user_id=" . $t_user['id'], lang_get( 'remove_link' ) ); $t_removable_users_exist = true; } } @@ -812,14 +812,14 @@ if ( $t_can_manage_users ) { # You need global or project-specific permissions to remove users # from this project if ( !$f_show_global_users ) { - print_button( 'manage_proj_edit_page.php?project_id=' . $f_project_id . '&show_global_users=true', lang_get( 'show_global_users' ) ); + print_button( "manage_proj_edit_page.php?project_id=$f_project_id&show_global_users=true", lang_get( 'show_global_users' ) ); } else { - print_button( 'manage_proj_edit_page.php?project_id=' . $f_project_id, lang_get( 'hide_global_users' ) ); + print_button( "manage_proj_edit_page.php?project_id=$f_project_id", lang_get( 'hide_global_users' ) ); } if ( $t_removable_users_exist ) { echo ' '; - print_button( 'manage_proj_user_remove.php?project_id=' . $f_project_id, lang_get( 'remove_all_link' ) ); + print_button( "manage_proj_user_remove.php?project_id=$f_project_id", lang_get( 'remove_all_link' ) ); } ?> </td> diff --git a/manage_proj_page.php b/manage_proj_page.php index dc10111..823e44b 100644 --- a/manage_proj_page.php +++ b/manage_proj_page.php @@ -208,9 +208,9 @@ $t_id = urlencode( $t_id ); $t_project_id = urlencode( ALL_PROJECTS ); - print_button( 'manage_proj_cat_edit_page.php?id=' . $t_id . '&project_id=' . $t_project_id, lang_get( 'edit_link' ) ); + print_button( "manage_proj_cat_edit_page.php?id=$t_id&project_id=$t_project_id", lang_get( 'edit_link' ) ); echo ' '; - print_button( 'manage_proj_cat_delete.php?id=' . $t_id . '&project_id=' . $t_project_id, lang_get( 'delete_link' ) ); + print_button( "manage_proj_cat_delete.php?id=$t_id&project_id=$t_project_id", lang_get( 'delete_link' ) ); ?> </td> </tr> diff --git a/manage_user_delete.php b/manage_user_delete.php index 85581fe..1d124d9 100644 --- a/manage_user_delete.php +++ b/manage_user_delete.php @@ -57,16 +57,14 @@ form_security_purge('manage_user_delete'); - $t_redirect_url = 'manage_user_page.php'; - - html_page_top( null, $t_redirect_url ); + html_page_top( null, 'manage_user_page.php' ); ?> <br /> <div align="center"> <?php echo lang_get( 'operation_successful' ) . '<br />'; - print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) ); + print_bracket_link( 'manage_user_page.php', lang_get( 'proceed' ) ); ?> </div> diff --git a/manage_user_page.php b/manage_user_page.php index 920a9fe..e2ebf9a 100644 --- a/manage_user_page.php +++ b/manage_user_page.php @@ -61,7 +61,7 @@ } else { # anything else (including 'on') will turn it on $c_hide = 1; } - $t_hide_filter = '&hide=' . $c_hide; + $t_hide_filter = '&hide=' . $c_hide; # set cookie values for hide, sort by, and dir if ( $f_save ) { @@ -130,14 +130,14 @@ $t_caption = $t_prefix; } + echo '<td>'; if ( $t_prefix == $f_filter ) { $c_filter = $f_filter; - $t_link = "<strong>$t_caption</strong>"; + echo "<strong>$t_caption</strong>"; } else { - $t_link = '<a href="manage_user_page.php?filter=' . $t_prefix . $t_hide_filter .'">' . $t_caption . '</a>'; + print_link( "manage_user_page.php?filter=$t_prefix$t_hide_filter", $t_caption ); } - echo '<td>' . $t_link; if ($t_prefix == 'UNUSED' ) { echo '[' . $unused_user_count . ']' . '<br />' . lang_get( 'never_logged_in_title' ) . '<br />'; echo print_button( 'manage_user_prune.php', lang_get( 'prune_accounts' ) ); diff --git a/manage_user_prune.php b/manage_user_prune.php index 724a3c1..7c172dd 100644 --- a/manage_user_prune.php +++ b/manage_user_prune.php @@ -59,6 +59,4 @@ form_security_purge( 'manage_user_prune' ); - $t_redirect_url = 'manage_user_page.php'; - - print_header_redirect( $t_redirect_url ); + print_header_redirect( 'manage_user_page.php' ); diff --git a/my_view_inc.php b/my_view_inc.php index f5071e0..c470b48 100644 --- a/my_view_inc.php +++ b/my_view_inc.php @@ -92,7 +92,7 @@ $c_filter['assigned'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['assigned'] = FILTER_PROPERTY_HANDLER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_bug_resolved_status_threshold; +$url_link_parameters['assigned'] = FILTER_PROPERTY_HANDLER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_bug_resolved_status_threshold; $c_filter['recent_mod'] = array( FILTER_PROPERTY_CATEGORY => Array( @@ -163,7 +163,7 @@ $c_filter['reported'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['reported'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; +$url_link_parameters['reported'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; $c_filter['resolved'] = array( FILTER_PROPERTY_CATEGORY => Array( @@ -198,7 +198,7 @@ $c_filter['resolved'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['resolved'] = FILTER_PROPERTY_STATUS_ID . '=' . $t_bug_resolved_status_threshold . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_bug_resolved_status_threshold; +$url_link_parameters['resolved'] = FILTER_PROPERTY_STATUS_ID . '=' . $t_bug_resolved_status_threshold . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_bug_resolved_status_threshold; $c_filter['unassigned'] = array( FILTER_PROPERTY_CATEGORY => Array( @@ -233,7 +233,7 @@ $c_filter['unassigned'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['unassigned'] = FILTER_PROPERTY_HANDLER_ID . '=[none]' . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; +$url_link_parameters['unassigned'] = FILTER_PROPERTY_HANDLER_ID . '=[none]' . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; # TODO: check. handler value looks wrong @@ -270,7 +270,7 @@ $c_filter['monitored'] = array( '0' => $t_current_user_id, ), ); -$url_link_parameters['monitored'] = FILTER_PROPERTY_MONITOR_USER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; +$url_link_parameters['monitored'] = FILTER_PROPERTY_MONITOR_USER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; $c_filter['feedback'] = array( @@ -306,7 +306,7 @@ $c_filter['feedback'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['feedback'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_STATUS_ID . '=' . config_get( 'bug_feedback_status' ) . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; +$url_link_parameters['feedback'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_STATUS_ID . '=' . config_get( 'bug_feedback_status' ) . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; $c_filter['verify'] = array( FILTER_PROPERTY_CATEGORY => Array( @@ -341,7 +341,7 @@ $c_filter['verify'] = array( '0' => META_FILTER_ANY, ), ); -$url_link_parameters['verify'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_STATUS_ID . '=' . $t_bug_resolved_status_threshold; +$url_link_parameters['verify'] = FILTER_PROPERTY_REPORTER_ID . '=' . $t_current_user_id . '&' . FILTER_PROPERTY_STATUS_ID . '=' . $t_bug_resolved_status_threshold; $c_filter['my_comments'] = array( FILTER_PROPERTY_CATEGORY => Array( @@ -380,7 +380,7 @@ $c_filter['my_comments'] = array( ), ); -$url_link_parameters['my_comments'] = FILTER_PROPERTY_NOTE_USER_ID. '=' . META_FILTER_MYSELF . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; +$url_link_parameters['my_comments'] = FILTER_PROPERTY_NOTE_USER_ID. '=' . META_FILTER_MYSELF . '&' . FILTER_PROPERTY_HIDE_STATUS_ID . '=' . $t_hide_status_default; $rows = filter_get_bug_rows( $f_page_number, $t_per_page, $t_page_count, $t_bug_count, $c_filter[$t_box_title] ); # Improve performance by caching category data in one pass @@ -404,17 +404,13 @@ $box_title = lang_get( 'my_view_title_' . $t_box_title ); <?php # -- Navigation header row --?> <tr> - <?php +<?php # -- Viewing range info --?> <td class="form-title" colspan="2"> - <?php - echo '<a class="subtle" href="view_all_set.php?type=1&temporary=y&' . $url_link_parameters[$t_box_title] . '">'; -echo $box_title; -echo '</a>'; -echo ' ['; -echo '<a class="subtle" href="view_all_set.php?type=1&temporary=y&' . $url_link_parameters[$t_box_title] . '" target="_blank">'; -echo '^'; -echo '</a>]'; +<?php +print_link( 'view_all_set.php?type=1&temporary=y&' . $url_link_parameters[$t_box_title], $box_title, false, 'subtle' ); +echo ' '; +print_bracket_link( 'view_all_set.php?type=1&temporary=y&' . $url_link_parameters[$t_box_title], '^', true, 'subtle' ); if( count( $rows ) > 0 ) { $v_start = $t_filter[FILTER_PROPERTY_ISSUES_PER_PAGE] * ( $f_page_number - 1 ) + 1; diff --git a/news_update.php b/news_update.php index 67f1440..1cec70d 100644 --- a/news_update.php +++ b/news_update.php @@ -57,7 +57,7 @@ <div align="center"> <?php echo lang_get( 'operation_successful' ) ?><br /> <?php - print_bracket_link( 'news_edit_page.php?news_id='.$f_news_id.'&action=edit', lang_get( 'edit_link' ) ); + print_bracket_link( "news_edit_page.php?news_id=$f_news_id&action=edit", lang_get( 'edit_link' ) ); print_bracket_link( 'news_menu_page.php', lang_get( 'proceed' ) ); echo '<br /><br />'; diff --git a/print_all_bug_page.php b/print_all_bug_page.php index 0865cb7..b1aae56 100644 --- a/print_all_bug_page.php +++ b/print_all_bug_page.php @@ -60,7 +60,7 @@ # check to see if new cookie is needed if ( !filter_is_cookie_valid() ) { - print_header_redirect( 'view_all_set.php?type=0&print=1' ); + print_header_redirect( 'view_all_set.php?type=0&print=1' ); } $t_setting_arr = explode( '#', $t_cookie_value, 2 ); diff --git a/print_all_bug_page_word.php b/print_all_bug_page_word.php index 9ddc7af..04c7938 100644 --- a/print_all_bug_page_word.php +++ b/print_all_bug_page_word.php @@ -432,7 +432,7 @@ foreach( $t_related_custom_field_ids as $t_custom_field_id ) { } $c_filename = string_display_line( $t_attachment['display_name'] ); - $c_download_url = $t_path . $t_attachment['download_url']; + $c_download_url = $t_path . htmlspecialchars( $t_attachment['download_url'] ); $c_filesize = number_format( $t_attachment['size'] ); $c_date_added = date( $t_date_format, $t_attachment['date_added'] ); echo "$c_filename ($c_filesize) <span class=\"italic\">$c_date_added</span><br />$c_download_url"; diff --git a/print_bug_page.php b/print_bug_page.php index 0793b50..e3c334d 100644 --- a/print_bug_page.php +++ b/print_bug_page.php @@ -476,7 +476,7 @@ } $c_filename = string_display_line( $t_attachment['display_name'] ); - $c_download_url = $t_path . $t_attachment['download_url']; + $c_download_url = $t_path . htmlspecialchars( $t_attachment['download_url'] ); $c_filesize = number_format( $t_attachment['size'] ); $c_date_added = date( config_get( 'normal_date_format' ), $t_attachment['date_added'] ); if ( isset( $t_attachment['icon'] ) ) { diff --git a/project_page.php b/project_page.php index 58e84a3..1b925ea 100644 --- a/project_page.php +++ b/project_page.php @@ -34,17 +34,13 @@ $t_view_issues_url = "set_project.php?project_id=$f_project_id&ref=view_all_bug_page.php"; if ( $f_project_id == ALL_PROJECTS ) { - $t_redirect_url = $t_view_issues_url; - print_header_redirect( $t_redirect_url ); + print_header_redirect( $t_view_issues_url ); exit; } # Override the current page to make sure we get the appropriate project-specific configuration $g_project_override = $f_project_id; - $t_changelog_url = "changelog_page.php?project_id=$f_project_id"; - $t_roadmap_url = "roadmap_page.php?project_id=$f_project_id"; - html_page_top( project_get_field( $f_project_id, 'name' ) ); print_recently_visited(); @@ -54,32 +50,32 @@ echo '<p>'; # View Issues - echo '<a href="', $t_view_issues_url, '">', lang_get( 'view_bugs_link' ), '</a>'; + print_bracket_link( $t_view_issues_url, lang_get( 'view_bugs_link' ) ); # Changelog - echo ' | <a href="', $t_changelog_url, '">', lang_get( 'changelog_link' ), '</a>'; + print_bracket_link( "changelog_page.php?project_id=$f_project_id", lang_get( 'changelog_link' ) ); # Roadmap - echo ' | <a href="', $t_roadmap_url, '">', lang_get( 'roadmap_link' ), '</a>'; + print_bracket_link( "roadmap_page.php?project_id=$f_project_id", lang_get( 'roadmap_link' ) ); # Documentation if ( config_get( 'enable_project_documentation' ) == ON ) { - echo ' | <a href="proj_doc_page.php?project_id=', $f_project_id, '">', lang_get( 'docs_link' ), '</a>'; + print_bracket_link( "proj_doc_page.php?project_id=$f_project_id", lang_get( 'docs_link' ) ); } # Wiki if ( config_get( 'wiki_enable' ) == ON ) { - echo ' | <a href="wiki.php?type=project&id=', $f_project_id, '">', lang_get( 'wiki' ), '</a>'; + print_bracket_link( "wiki.php?type=project&id=$f_project_id", lang_get( 'wiki' ) ); } # Summary Page for Project if ( access_has_project_level( config_get( 'view_summary_threshold' ), $f_project_id ) ) { - echo ' | <a href="summary_page.php?project_id=', $f_project_id, '">', lang_get( 'summary_link' ), '</a>'; + print_bracket_link( "summary_page.php?project_id=$f_project_id", lang_get( 'summary_link' ) ); } # Manage Project Page if ( access_has_project_level( config_get( 'manage_project_threshold' ), $f_project_id ) ) { - echo ' | <a href="manage_proj_edit_page.php?project_id=', $f_project_id, '">', lang_get( 'manage_link' ), '</a>'; + print_bracket_link( "manage_proj_edit_page.php?project_id=$f_project_id", lang_get( 'manage_link' ) ); } echo '</p>'; diff --git a/query_view_page.php b/query_view_page.php index 4f1e868..3ab68b2 100644 --- a/query_view_page.php +++ b/query_view_page.php @@ -46,9 +46,6 @@ html_page_top(); - $t_use_query_url = 'view_all_set.php?type=3&source_query_id='; - $t_delete_query_url = 'query_delete_page.php?source_query_id='; - $t_rss_enabled = config_get( 'rss_enabled' ); ?> <br /> @@ -71,11 +68,12 @@ echo ' '; } - print '<a href="' . $t_use_query_url . db_prepare_int( $t_id ) . '">' . string_display( $t_name ) . '</a>'; + $t_query_id = db_prepare_int( $t_id ); + print_link( "view_all_set.php?type=3&source_query_id=$t_query_id", $t_name ); if ( filter_db_can_delete_filter( $t_id ) ) { echo ' '; - print_button( $t_delete_query_url . db_prepare_int( $t_id ), lang_get( 'delete_query' ) ); + print_button( "query_delete_page.php?source_query_id=$t_query_id", lang_get( 'delete_query' ) ); } print '</td>'; diff --git a/roadmap_page.php b/roadmap_page.php index c028e21..a06aade 100644 --- a/roadmap_page.php +++ b/roadmap_page.php @@ -46,7 +46,7 @@ } echo '<tt>'; - echo '<br />', $t_release_title, $t_scheduled_release_date, lang_get( 'word_separator' ), print_bracket_link( 'view_all_set.php?type=1&temporary=y&' . FILTER_PROPERTY_PROJECT_ID . '=' . $t_project_id . '&' . filter_encode_field_and_value( FILTER_PROPERTY_TARGET_VERSION, $t_version_name ), lang_get( 'view_bugs_link' ) ), '<br />'; + echo '<br />', $t_release_title, $t_scheduled_release_date, lang_get( 'word_separator' ), print_bracket_link( 'view_all_set.php?type=1&temporary=y&' . FILTER_PROPERTY_PROJECT_ID . '=' . $t_project_id . '&' . filter_encode_field_and_value( FILTER_PROPERTY_TARGET_VERSION, $t_version_name ), lang_get( 'view_bugs_link' ) ), '<br />'; $t_release_title_without_hyperlinks .= $t_scheduled_release_date; echo utf8_str_pad( '', utf8_strlen( $t_release_title_without_hyperlinks ), '=' ), '<br />'; diff --git a/set_project.php b/set_project.php index 945cf99..fbd4f9d 100644 --- a/set_project.php +++ b/set_project.php @@ -70,7 +70,7 @@ $t_redirect_url = 'view_all_set.php?type=4'; if ( $t_source_filter_id !== null ) { - $t_redirect_url = 'view_all_set.php?type=3&source_query_id=' . $t_source_filter_id; + $t_redirect_url = 'view_all_set.php?type=3&source_query_id=' . $t_source_filter_id; } } else if ( stripos( $t_referrer_page, '_page.php' ) !== false ) { switch ( $t_referrer_page ) { diff --git a/tag_update_page.php b/tag_update_page.php index f98fdb0..c9c8416 100644 --- a/tag_update_page.php +++ b/tag_update_page.php @@ -80,7 +80,7 @@ if ( access_has_global_level( config_get( 'tag_edit_threshold' ) ) ) { if ( ON == config_get( 'use_javascript' ) ) { $t_username = prepare_user_name( $t_tag_row['user_id'] ); - echo ajax_click_to_edit( $t_username, 'user_id', 'entrypoint=user_combobox&user_id=' . $t_tag_row['user_id'] . '&access_level=' . config_get( 'tag_create_threshold' ) ); + echo ajax_click_to_edit( $t_username, 'user_id', 'entrypoint=user_combobox&user_id=' . $t_tag_row['user_id'] . '&access_level=' . config_get( 'tag_create_threshold' ) ); } else { echo '<select ', helper_get_tab_index(), ' name="user_id">'; print_user_option_list( $t_tag_row['user_id'], ALL_PROJECTS, config_get( 'tag_create_threshold' ) ); diff --git a/verify.php b/verify.php index a296bd5..d5ce9a0 100644 --- a/verify.php +++ b/verify.php @@ -41,7 +41,7 @@ auth_logout(); # reload the page after logout - print_header_redirect("verify.php?id=${f_user_id}&confirm_hash=${f_confirm_hash}"); + print_header_redirect( "verify.php?id=$f_user_id&confirm_hash=$f_confirm_hash" ); } $t_calculated_confirm_hash = auth_generate_confirm_hash( $f_user_id ); diff --git a/view_filters_page.php b/view_filters_page.php index 601a669..809cf1f 100644 --- a/view_filters_page.php +++ b/view_filters_page.php @@ -190,7 +190,7 @@ <tr> <td class="right" colspan="<?php echo ( 8 * $t_custom_cols ); ?>"> <?php - $f_switch_view_link = 'view_filters_page.php?target_field=' . $t_target_field . '&view_type='; + $f_switch_view_link = 'view_filters_page.php?target_field=' . $t_target_field . '&view_type='; if ( ( SIMPLE_ONLY != config_get( 'view_filters' ) ) && ( ADVANCED_ONLY != config_get( 'view_filters' ) ) ) { if ( 'advanced' == $f_view_type ) { ----------------------------------------------------------------------- -- Mantis Bug Tracker |