[php-blog-cvs] serendipity NEWS,1.221,1.222 serendipity_functions.inc.php,1.425,1.426 serendipity_admin_comments.inc.php,1.19,1.20

[Garvin H. <gar...@us...>]

Update of /cvsroot/php-blog/serendipity
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24024

Modified Files:
	NEWS serendipity_functions.inc.php 
	serendipity_admin_comments.inc.php 
Log Message:
use strip_tags/htmlspecialchars where appropriate


Index: NEWS
===================================================================
RCS file: /cvsroot/php-blog/serendipity/NEWS,v
retrieving revision 1.221
retrieving revision 1.222
diff -u -d -r1.221 -r1.222
--- NEWS	15 Sep 2004 17:09:31 -0000	1.221
+++ NEWS	16 Sep 2004 10:29:08 -0000	1.222
@@ -3,12 +3,19 @@
 Version 0.7 ()
 ------------------------------------------------------------------------
 
+    * Use htmlspecialchars/strip_tags for escaping user input on comment
+      moderation/viewing. (garvinhicking)
+
     * Fixed warning message from emoticon plugin when emoticons.inc.php
       does not exist (garvinhicking)
 
-    * Fixed entries pagination for special cases where quickump calendar 
+    * Fixed entries pagination for special cases where quickump calendar
       was displayed on the left sidebar (garvinhicking)
 
+
+Version 0.7-beta2 (September 15th, 2004)
+------------------------------------------------------------------------
+
     * Added Italian translations, thanks to Alessandro Pellizzari
 
     * Fixed missing CSS-class for BBCode Event-Plugin (Jez Hancock)
@@ -35,6 +42,9 @@
     * Fix several postgreSQL update errors. Thanks to daFool from the
       forums! (garvinhicking)
 
+Version 0.7-beta1 (September 6th, 2004)
+------------------------------------------------------------------------
+
     * Disable the use of popups by default (tomsommer)
 
     * BBCode plugin can now pretty print code/php style blocks.

Index: serendipity_admin_comments.inc.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/serendipity_admin_comments.inc.php,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20
--- serendipity_admin_comments.inc.php	14 Sep 2004 12:56:08 -0000	1.19
+++ serendipity_admin_comments.inc.php	16 Sep 2004 10:29:08 -0000	1.20
@@ -255,17 +255,17 @@
         <table width="100%" cellspacing="0" cellpadding="2" border="0">
             <tr>
                 <td rowspan="2" width="20" align="center"><input type="checkbox" name="serendipity[delete][<?php echo $rs['id'] ?>]" value="<?php echo $rs['entry_id'] ?>" onclick="highlightComment('comment_<?php echo $rs['id'] ?>', this.checked)" tabindex="<?php echo $i ?>" /></td>
-                <td width="250"><strong><?php echo AUTHOR ?></strong>: <?php echo $rs['author'] ?></td>
-                <td><strong><?php echo EMAIL ?></strong>: <?php echo $rs['email'] ?></td>
+                <td width="250"><strong><?php echo AUTHOR ?></strong>: <?php echo htmlspecialchars($rs['author']) ?></td>
+                <td><strong><?php echo EMAIL ?></strong>: <?php echo htmlspecialchars($rs['email']) ?></td>
             </tr>
             <tr>
-                <td><strong>IP</strong>: <?php echo $rs['ip'] ?></td>
-                <td><strong>URL</strong>: <?php echo $rs['url'] ?></td>
+                <td><strong>IP</strong>: <?php echo htmlspecialchars($rs['ip']) ?></td>
+                <td><strong>URL</strong>: <?php echo htmlspecialchars($rs['url']) ?></td>
             </tr>
             <tr>
                 <td style="border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC" colspan="3">
                     <div id="<?php echo $rs['id'] ?>_summary"><?php echo $summary ?></div>
-                    <div id="<?php echo $rs['id'] ?>_full" style="display: none"><?php echo nl2br(strip_tags($rs['body'])) ?></div>
+                    <div id="<?php echo $rs['id'] ?>_full" style="display: none"><?php echo $fullBody ?></div>
                 </td>
             </tr>
         </table>

Index: serendipity_functions.inc.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/serendipity_functions.inc.php,v
retrieving revision 1.425
retrieving revision 1.426
diff -u -d -r1.425 -r1.426
--- serendipity_functions.inc.php	14 Sep 2004 16:24:57 -0000	1.425
+++ serendipity_functions.inc.php	16 Sep 2004 10:29:08 -0000	1.426
@@ -1434,16 +1434,16 @@
             $admin = " AND authorid = " . (int)$_SESSION['serendipityAuthorid'] ."'";
         }
 
-        /* We have to figure out if the comment we are about to delete, is awaiting approval, 
+        /* We have to figure out if the comment we are about to delete, is awaiting approval,
            if so - we should *not* subtract it from the entries table */
-        $sql = serendipity_db_query("SELECT status FROM {$serendipity['dbPrefix']}comments 
-                                            WHERE entry_id = '". (int)$entry_id ."' 
+        $sql = serendipity_db_query("SELECT status FROM {$serendipity['dbPrefix']}comments
+                                            WHERE entry_id = '". (int)$entry_id ."'
                                                     AND id = '". (int)$id ."'
                                                     $admin");
-        
-        serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}comments 
-                                    WHERE entry_id = '". (int)$entry_id ."' 
-                                            AND id = '". (int)$id ."' 
+
+        serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}comments
+                                    WHERE entry_id = '". (int)$entry_id ."'
+                                            AND id = '". (int)$id ."'
                                             $admin");
 
         if ( $sql['status'] !== 'pending' ) {
@@ -1564,7 +1564,7 @@
     foreach ($comments as $comment) {
         if ($comment['parent_id'] == $parent) {
             $i++;
-            $retval .= '<option value="' . $comment['id'] . '"'. ($selected == $comment['id'] || (isset($serendipity['POST']['replyTo']) && $comment['id'] == $serendipity['POST']['replyTo']) ? ' selected="selected"' : '') .'>' . str_repeat('&nbsp;', $level * 2) . '#' . $indent . $i . ': ' . (empty($comment['username']) ? ANONYMOUS : $comment['username']) . ' ' . ON . ' ' . ucfirst(strftime('%b %e %Y, %H:%M', $comment['timestamp'])) . "</option>\n";
+            $retval .= '<option value="' . $comment['id'] . '"'. ($selected == $comment['id'] || (isset($serendipity['POST']['replyTo']) && $comment['id'] == $serendipity['POST']['replyTo']) ? ' selected="selected"' : '') .'>' . str_repeat('&nbsp;', $level * 2) . '#' . $indent . $i . ': ' . (empty($comment['username']) ? ANONYMOUS : htmlspecialchars($comment['username'])) . ' ' . ON . ' ' . ucfirst(strftime('%b %e %Y, %H:%M', $comment['timestamp'])) . "</option>\n";
             $retval .= serendipity_generateCommentList($id, $comments, $selected, $comment['id'], $level + 1, $indent . $i . '.');
         }
     }
@@ -1594,6 +1594,7 @@
             $i++;
 
             $comment['comment'] = htmlspecialchars(strip_tags($comment['body']));
+            $comment['url']     = strip_tags($comment['url']);
             if (!empty($comment['url']) && substr($comment['url'], 0, 7) != 'http://' && substr($comment['url'], 0, 8) != 'https://') {
                 $comment['url'] = 'http://' . $comment['url'];
             }
@@ -1617,7 +1618,7 @@
 <?php
         /* Link to the user's email */
             if (!empty($comment['email'])) {
-                echo  '<a href="mailto:' . htmlspecialchars($comment['email']) . '"  title="' . SEND_MAIL_TO . ' ' . htmlspecialchars($name) . ' (' . $comment['email'] . ')">' . htmlspecialchars($name) . '</a>';
+                echo  '<a href="mailto:' . htmlspecialchars($comment['email']) . '"  title="' . SEND_MAIL_TO . ' ' . htmlspecialchars($name) . ' (' . htmlspecialchars(strip_tags($comment['email'])) . ')">' . htmlspecialchars($name) . '</a>';
             } else {
                 echo htmlspecialchars($name);
             }