Add some security with strip_tags + Don't encode quotes
This commit is contained in:
parent
2495a8002f
commit
c67a4c7c14
@ -46,7 +46,7 @@ $inputService = new InputService();
|
|||||||
/* ---- */
|
/* ---- */
|
||||||
|
|
||||||
if (!empty($_GET['poll']) && strlen($_GET['poll']) === 24) {
|
if (!empty($_GET['poll']) && strlen($_GET['poll']) === 24) {
|
||||||
$admin_poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^[a-z0-9]+$/']]);
|
$admin_poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
||||||
$poll_id = substr($admin_poll_id, 0, 16);
|
$poll_id = substr($admin_poll_id, 0, 16);
|
||||||
$poll = $pollService->findById($poll_id);
|
$poll = $pollService->findById($poll_id);
|
||||||
}
|
}
|
||||||
@ -67,7 +67,7 @@ if (isset($_POST['update_poll_info'])) {
|
|||||||
|
|
||||||
// Update the right poll field
|
// Update the right poll field
|
||||||
if ($field == 'title') {
|
if ($field == 'title') {
|
||||||
$title = filter_input(INPUT_POST, 'title', FILTER_DEFAULT);
|
$title = strip_tags($_POST['title']);
|
||||||
if ($title) {
|
if ($title) {
|
||||||
$poll->title = $title;
|
$poll->title = $title;
|
||||||
$updated = true;
|
$updated = true;
|
||||||
@ -79,13 +79,13 @@ if (isset($_POST['update_poll_info'])) {
|
|||||||
$updated = true;
|
$updated = true;
|
||||||
}
|
}
|
||||||
} elseif ($field == 'comment') {
|
} elseif ($field == 'comment') {
|
||||||
$comment = filter_input(INPUT_POST, 'comment', FILTER_DEFAULT);
|
$comment = strip_tags($_POST['comment']);
|
||||||
if ($comment) {
|
if ($comment) {
|
||||||
$poll->comment = $comment;
|
$poll->comment = $comment;
|
||||||
$updated = true;
|
$updated = true;
|
||||||
}
|
}
|
||||||
} elseif ($field == 'rules') {
|
} elseif ($field == 'rules') {
|
||||||
$rules = filter_input(INPUT_POST, 'rules', FILTER_DEFAULT);
|
$rules = strip_tags($_POST['rules']);
|
||||||
switch ($rules) {
|
switch ($rules) {
|
||||||
case 0:
|
case 0:
|
||||||
$poll->active = false;
|
$poll->active = false;
|
||||||
@ -127,7 +127,7 @@ if (!empty($_POST['edit_vote'])) {
|
|||||||
|
|
||||||
if (!empty($_POST['save'])) { // Save edition of an old vote
|
if (!empty($_POST['save'])) { // Save edition of an old vote
|
||||||
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[012]$/']]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($editedVote)) {
|
if (empty($editedVote)) {
|
||||||
$message = new Message('danger', _('Something is going wrong...'));
|
$message = new Message('danger', _('Something is going wrong...'));
|
||||||
@ -146,8 +146,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} elseif (isset($_POST['save'])) { // Add a new vote
|
} elseif (isset($_POST['save'])) { // Add a new vote
|
||||||
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[a-z0-9_ -]+$/i']]);
|
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[012]$/']]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($name)) {
|
if (empty($name)) {
|
||||||
$message = new Message('danger', _('Name is incorrect.'));
|
$message = new Message('danger', _('Name is incorrect.'));
|
||||||
@ -204,8 +204,8 @@ if (isset($_POST['confirm_remove_all_votes'])) {
|
|||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (isset($_POST['add_comment'])) {
|
if (isset($_POST['add_comment'])) {
|
||||||
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[a-z0-9_ -]+$/i']]);
|
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
||||||
$comment = filter_input(INPUT_POST, 'comment', FILTER_DEFAULT);
|
$comment = strip_tags($_POST['comment']);
|
||||||
|
|
||||||
if (empty($name)) {
|
if (empty($name)) {
|
||||||
$message = new Message('danger', _('Name is incorrect.'));
|
$message = new Message('danger', _('Name is incorrect.'));
|
||||||
@ -308,7 +308,7 @@ if (!empty($_POST['delete_column'])) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
// Delete a slot
|
// Add a slot
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (isset($_POST['add_slot'])) {
|
if (isset($_POST['add_slot'])) {
|
||||||
@ -321,13 +321,13 @@ if (isset($_POST['add_slot'])) {
|
|||||||
}
|
}
|
||||||
if (isset($_POST['confirm_add_slot'])) {
|
if (isset($_POST['confirm_add_slot'])) {
|
||||||
if ($poll->format === 'D') {
|
if ($poll->format === 'D') {
|
||||||
$newdate = filter_input(INPUT_POST, 'newdate', FILTER_DEFAULT);
|
$newdate = strip_tags($_POST['newdate']);
|
||||||
$newmoment = filter_input(INPUT_POST, 'newmoment', FILTER_DEFAULT);
|
$newmoment = strip_tags($_POST['newmoment']);
|
||||||
|
|
||||||
$ex = explode('/', $newdate);
|
$ex = explode('/', $newdate);
|
||||||
$result = $adminPollService->addSlot($poll_id, mktime(0, 0, 0, $ex[1], $ex[0], $ex[2]), $newmoment);
|
$result = $adminPollService->addSlot($poll_id, mktime(0, 0, 0, $ex[1], $ex[0], $ex[2]), $newmoment);
|
||||||
} else {
|
} else {
|
||||||
$newslot = filter_input(INPUT_POST, 'choice', FILTER_DEFAULT);
|
$newslot = strip_tags($_POST['choice']);
|
||||||
$result = $adminPollService->addSlot($poll_id, $newslot, null);
|
$result = $adminPollService->addSlot($poll_id, $newslot, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -55,6 +55,11 @@ $ALLOWED_LANGUAGES = [
|
|||||||
'de_DE' => 'Deutsch',
|
'de_DE' => 'Deutsch',
|
||||||
];
|
];
|
||||||
|
|
||||||
|
// Regex
|
||||||
|
const POLL_REGEX = '/^[a-z0-9]+$/';
|
||||||
|
const CHOICE_REGEX = '/^[012]$/';
|
||||||
|
const NAME_REGEX = '/^[ a-z0-9_ -]+$/i';
|
||||||
|
|
||||||
// Path to logo
|
// Path to logo
|
||||||
const LOGOBANDEAU = '<relative path to the logo file>';
|
const LOGOBANDEAU = '<relative path to the logo file>';
|
||||||
|
|
||||||
|
@ -134,7 +134,7 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
|
|||||||
$_SESSION['form']->clearChoices();
|
$_SESSION['form']->clearChoices();
|
||||||
foreach ($_POST['choices'] as $c) {
|
foreach ($_POST['choices'] as $c) {
|
||||||
if (!empty($c)) {
|
if (!empty($c)) {
|
||||||
$c = filter_var($c, FILTER_SANITIZE_STRING);
|
$c = strip_tags($c);
|
||||||
$choice = new Choice($c);
|
$choice = new Choice($c);
|
||||||
$_SESSION['form']->addChoice($choice);
|
$_SESSION['form']->addChoice($choice);
|
||||||
}
|
}
|
||||||
|
@ -140,7 +140,7 @@ if (!isset($_SESSION['form']->title) || !isset($_SESSION['form']->admin_name) ||
|
|||||||
$schedules = $inputService->filterArray($_POST['horaires'.$i], FILTER_DEFAULT);
|
$schedules = $inputService->filterArray($_POST['horaires'.$i], FILTER_DEFAULT);
|
||||||
for($j = 0; $j < count($schedules); $j++) {
|
for($j = 0; $j < count($schedules); $j++) {
|
||||||
if (!empty($schedules[$j])) {
|
if (!empty($schedules[$j])) {
|
||||||
$choice->addSlot($schedules[$j]);
|
$choice->addSlot(strip_tags($schedules[$j]));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
14
studs.php
14
studs.php
@ -53,7 +53,7 @@ $mailService = new MailService($config['use_smtp']);
|
|||||||
function sendUpdateNotification($poll, $mailService) {
|
function sendUpdateNotification($poll, $mailService) {
|
||||||
if ($poll->receiveNewVotes && !isset($_SESSION['mail_sent'][$poll->id])) {
|
if ($poll->receiveNewVotes && !isset($_SESSION['mail_sent'][$poll->id])) {
|
||||||
|
|
||||||
$subject = '[' . NOMAPPLICATION . '] ' . _('Poll\'s participation') . ' : ' . html_entity_decode($poll->title, ENT_QUOTES, 'UTF-8');
|
$subject = '[' . NOMAPPLICATION . '] ' . _('Poll\'s participation') . ' : ' . $poll->title;
|
||||||
$message = html_entity_decode('"$nom" ', ENT_QUOTES, 'UTF-8') .
|
$message = html_entity_decode('"$nom" ', ENT_QUOTES, 'UTF-8') .
|
||||||
_('has filled a line.\nYou can find your poll at the link') . " :\n\n" .
|
_('has filled a line.\nYou can find your poll at the link') . " :\n\n" .
|
||||||
Utils::getUrlSondage($poll->admin_poll_id, true) . " \n\n" .
|
Utils::getUrlSondage($poll->admin_poll_id, true) . " \n\n" .
|
||||||
@ -69,7 +69,7 @@ function sendUpdateNotification($poll, $mailService) {
|
|||||||
/* ---- */
|
/* ---- */
|
||||||
|
|
||||||
if (!empty($_GET['poll'])) {
|
if (!empty($_GET['poll'])) {
|
||||||
$poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[a-z0-9]+$/']]);
|
$poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
||||||
$poll = $pollService->findById($poll_id);
|
$poll = $pollService->findById($poll_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -94,7 +94,7 @@ if (!empty($_POST['edit_vote'])) {
|
|||||||
|
|
||||||
if (!empty($_POST['save'])) { // Save edition of an old vote
|
if (!empty($_POST['save'])) { // Save edition of an old vote
|
||||||
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[012]$/']]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($editedVote)) {
|
if (empty($editedVote)) {
|
||||||
$message = new Message('danger', _('Something is going wrong...'));
|
$message = new Message('danger', _('Something is going wrong...'));
|
||||||
@ -114,8 +114,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} elseif (isset($_POST['save'])) { // Add a new vote
|
} elseif (isset($_POST['save'])) { // Add a new vote
|
||||||
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[a-z0-9_ -]+$/i']]);
|
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[012]$/']]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($name)) {
|
if (empty($name)) {
|
||||||
$message = new Message('danger', _('Name is incorrect.'));
|
$message = new Message('danger', _('Name is incorrect.'));
|
||||||
@ -141,8 +141,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (isset($_POST['add_comment'])) {
|
if (isset($_POST['add_comment'])) {
|
||||||
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options'=>['regexp'=>'/^[a-z0-9_ -]+$/i']]);
|
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
||||||
$comment = filter_input(INPUT_POST, 'comment', FILTER_DEFAULT);
|
$comment = strip_tags($_POST['comment']);
|
||||||
|
|
||||||
if (empty($name)) {
|
if (empty($name)) {
|
||||||
$message = new Message('danger', _('Name is incorrect.'));
|
$message = new Message('danger', _('Name is incorrect.'));
|
||||||
|
Loading…
Reference in New Issue
Block a user