|
From: Garvin H. <gar...@us...> - 2004-12-01 14:52:11
|
Update of /cvsroot/php-blog/serendipity In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3568 Modified Files: Tag: branch-0-7 compat.php serendipity_layout.inc.php serendipity_layout_table.inc.php Log Message: * fix random seeding of spamblock captcha plugin (even though it should work without) * different fix for XSS: We can'T fix it in layout.php because we have no controler over users templates. So we need to do escaping on an earlier step. * Needs to be ported to HEAD as well, please! Index: serendipity_layout.inc.php =================================================================== RCS file: /cvsroot/php-blog/serendipity/Attic/serendipity_layout.inc.php,v retrieving revision 1.9.8.1 retrieving revision 1.9.8.2 diff -u -d -r1.9.8.1 -r1.9.8.2 --- serendipity_layout.inc.php 1 Dec 2004 13:56:29 -0000 1.9.8.1 +++ serendipity_layout.inc.php 1 Dec 2004 14:52:03 -0000 1.9.8.2 @@ -23,7 +23,7 @@ if($serendipity['blogSubTitle']) { ?> <h2><?php echo $serendipity['blogSubTitle'] ; ?></h2> -<?php +<?php } else { ?> <h2><?php echo $serendipity['blogDescription'] ; ?></h2> @@ -59,17 +59,17 @@ // User searches case "search": $r = serendipity_searchEntries($serendipity["GET"]["searchTerm"]); - + if ( strlen($serendipity["GET"]["searchTerm"]) <= 3 ) { - echo SEARCH_TOO_SHORT; + echo SEARCH_TOO_SHORT; break; } - + if ($r === true) { - echo sprintf(NO_ENTRIES_BLAHBLAH, strip_tags($serendipity['GET']['searchTerm'])); + echo sprintf(NO_ENTRIES_BLAHBLAH, $serendipity['GET']['searchTerm']); break; } - echo sprintf(YOUR_SEARCH_RETURNED_BLAHBLAH, strip_tags($serendipity["GET"]["searchTerm"]), count($r)); + echo sprintf(YOUR_SEARCH_RETURNED_BLAHBLAH, $serendipity["GET"]["searchTerm"], count($r)); serendipity_printEntries($r); break; Index: compat.php =================================================================== RCS file: /cvsroot/php-blog/serendipity/Attic/compat.php,v retrieving revision 1.19 retrieving revision 1.19.2.1 diff -u -d -r1.19 -r1.19.2.1 --- compat.php 22 Sep 2004 11:34:22 -0000 1.19 +++ compat.php 1 Dec 2004 14:52:03 -0000 1.19.2.1 @@ -102,6 +102,10 @@ $serendipity['POST'] = &$_POST['serendipity']; $serendipity['COOKIE'] = &$_COOKIE['serendipity']; +// Some security issues +if (isset($serendipity['GET']['searchTerm'])) { + $serendipity['GET']['searchTerm'] = htmlspecialchars(strip_tags($serendipity['GET']['searchTerm'])); +} function serendipity_get_bool($item) { $translation = array('true' => true, Index: serendipity_layout_table.inc.php =================================================================== RCS file: /cvsroot/php-blog/serendipity/Attic/serendipity_layout_table.inc.php,v retrieving revision 1.12.4.1 retrieving revision 1.12.4.2 diff -u -d -r1.12.4.1 -r1.12.4.2 --- serendipity_layout_table.inc.php 1 Dec 2004 13:56:29 -0000 1.12.4.1 +++ serendipity_layout_table.inc.php 1 Dec 2004 14:52:03 -0000 1.12.4.2 @@ -55,7 +55,7 @@ } if ($r === true) { - echo sprintf(NO_ENTRIES_BLAHBLAH, strip_tags($serendipity['GET']['searchTerm'])); + echo sprintf(NO_ENTRIES_BLAHBLAH, $serendipity['GET']['searchTerm']); break; } echo sprintf(YOUR_SEARCH_RETURNED_BLAHBLAH, $serendipity["GET"]["searchTerm"], count($r)); |
