qbi/additional_plugins
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

fix XSS security vulnerability

Browse source 
(Thanks to Stefan Schurtz!)
This commit is contained in:
Ian 2014-09-19 15:50:08 +02:00
parent cd8311e6f1
commit 8ff9b85b9d
6 changed files with 64 additions and 121 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
serendipity_event_contactform/ChangeLog
View file

@ -1,6 +1,15 @@
1.16:
-----
fix XSS security vulnerability (Thanks to Stefan Schurtz!)
1.15:
-----
latest: Smarty3 forward compatibility
1.14:
Added check to circument adduser plugin's "registered only" option.
1.13:
@ -18,4 +27,4 @@ Fix XHTML validity of checked="checked"
1.10:
-----
Introcuce new "issue counter".
Introdcuce new "issue counter".

33
serendipity_event_contactform/UTF-8/documentation_cs.html
View file

@ -1,33 +0,0 @@
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="generator" content="PSPad editor, www.pspad.com">
<title>Dokumentace: Kontaktní formulář</title>
</head>
<body>
<h1>Dokumentace k pluginu 'Kontaktní formulář'</h1>
<p>Dokumentaci k tomuto pluginu přeložil do češtiny Vladimír Ajgl (vlada [zavinac] ajgl [tecka] cz) dne 22.11.2010. Od té doby mohl být plugin pozměněn nebo mohly být rozšířené jeho funkce. Zkontrolujte pro jistotu i <a href="../ChangeLog">aktuální anglický ChangeLog</a>.
<p>
<h2>Historie verzí (ChangeLog)</h2>
<ul>
<li>Verze 1.13</li>
<ul>
<li>V pluginu spamblock vynucení správené "doby životnosti" u kryptogramů. Doteď nezáleželo na tom, co uživatel zadal, přestože byly kryptogramy zobrazeny.</li>
</ul>
<li>Verze 1.11</li>
<ul>
<li>Oprava - validita XHTML kódu checked="checked"</li>
</ul>
<li>Verze 1.10</li>
<ul>
<li>Zavedeno nové "počítadlo použití"</li>
</ul>
</ul>
</body>
</html>

33
serendipity_event_contactform/UTF-8/documentation_cz.html
View file

@ -1,33 +0,0 @@
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="generator" content="PSPad editor, www.pspad.com">
<title>Dokumentace: Kontaktní formulář</title>
</head>
<body>
<h1>Dokumentace k pluginu 'Kontaktní formulář'</h1>
<p>Dokumentaci k tomuto pluginu přeložil do češtiny Vladimír Ajgl (vlada [zavinac] ajgl [tecka] cz) dne 22.11.2010. Od té doby mohl být plugin pozměněn nebo mohly být rozšířené jeho funkce. Zkontrolujte pro jistotu i <a href="../ChangeLog">aktuální anglický ChangeLog</a>.
<p>
<h2>Historie verzí (ChangeLog)</h2>
<ul>
<li>Verze 1.13</li>
<ul>
<li>V pluginu spamblock vynucení správené "doby životnosti" u kryptogramů. Doteď nezáleželo na tom, co uživatel zadal, přestože byly kryptogramy zobrazeny.</li>
</ul>
<li>Verze 1.11</li>
<ul>
<li>Oprava - validita XHTML kódu checked="checked"</li>
</ul>
<li>Verze 1.10</li>
<ul>
<li>Zavedeno nové "počítadlo použití"</li>
</ul>
</ul>
</body>
</html>

24
serendipity_event_contactform/plugin_contactform.tpl
View file

@ -10,36 +10,36 @@
{/if}
<div>
{$plugin_contactform_preface}
{$plugin_contactform_preface}
</div>
<br /><br />
{if $is_contactform_sent}
<div class="serendipity_center serendipity_msg_notice">
{$plugin_contactform_sent}
{$plugin_contactform_sent}
</div>
{else}
{if $is_contactform_error}
{if $is_contactform_error}
<div class="serendipity_center serendipity_msg_important">
{$plugin_contactform_error}
{$plugin_contactform_error}
</div>
<br /><br />
<!-- Needed for Captchas -->
{foreach from=$comments_messagestack item="message"}
<!-- Needed for Captchas -->
{foreach from=$comments_messagestack item="message"}
<div class="serendipity_center serendipity_msg_important">{$message}</div>
{/foreach}
{/if}
{/foreach}
{/if}
<!-- This whole commentform style, including field names is needed for Captchas. The spamblock plugin relies on the field names [name], [email], [url], [comment]! -->
<!-- This whole commentform style, including field names is needed for Captchas. The spamblock plugin relies on the field names [name], [email], [url], [comment]! -->
<div class="serendipityCommentForm">
<a id="serendipity_CommentForm"></a>
<form id="serendipity_comment" action="{$commentform_action}#feedback" method="post">
<div>
<input type="hidden" name="serendipity[subpage]" value="{$commentform_sname}" />
<input type="hidden" name="serendipity[commentform]" value="true" />
</div>
<input type="hidden" name="serendipity[subpage]" value="{$commentform_sname}" />
<input type="hidden" name="serendipity[commentform]" value="true" />
</div>
<table border="0" width="100%" cellpadding="3">
<tr>
<td class="serendipity_commentsLabel"><label for="serendipity_commentform_name">{$CONST.NAME}</label></td>

24
serendipity_event_contactform/plugin_dynamicform.tpl
View file

@ -10,41 +10,41 @@
{/if}
<div>
{$plugin_contactform_preface}
{$plugin_contactform_preface}
</div>
<br /><br />
{if $is_contactform_sent}
<div class="serendipity_center serendipity_msg_notice">
{$plugin_contactform_sent}
{$plugin_contactform_sent}
</div>
{else}
{if $is_contactform_error}
{if $is_contactform_error}
<div class="serendipity_center serendipity_msg_important">
{$plugin_contactform_error}
{$plugin_contactform_error}
</div>
<br /><br />
<!-- Needed for Captchas -->
{foreach from=$comments_messagestack item="message"}
<!-- Needed for Captchas -->
{foreach from=$comments_messagestack item="message"}
<div class="serendipity_center serendipity_msg_important">{$message}</div>
{/foreach}
{/if}
{/foreach}
{/if}
<!-- This whole commentform style, including field names is needed for Captchas. The spamblock plugin relies on the field names [name], [email], [url], [comment]! -->
<!-- This whole commentform style, including field names is needed for Captchas. The spamblock plugin relies on the field names [name], [email], [url], [comment]! -->
<div class="serendipityCommentForm">
<a id="serendipity_CommentForm"></a>
<form id="serendipity_comment" action="{$commentform_action}#feedback" method="post">
<div>
<input type="hidden" name="serendipity[subpage]" value="{$commentform_sname}" />
<input type="hidden" name="serendipity[commentform]" value="true" />
<input type="hidden" name="serendipity[subpage]" value="{$commentform_sname}" />
<input type="hidden" name="serendipity[commentform]" value="true" />
{foreach name="field" from=$commentform_dynamicfields item="field"}
{if $field.type == "hidden"}
<input type="hidden" name="serendipity[{$field.id}]" value="{$field.default}" />
{/if}
{/foreach}
</div>
</div>
<table border="0" width="100%" cellpadding="3">
{foreach name="field" from=$commentform_dynamicfields item="field"}
{if $field.type != "hidden"}

60
serendipity_event_contactform/serendipity_event_contactform.php
View file

@ -1,4 +1,4 @@
<?php #
<?php
if (IN_serendipity !== true) {
@ -18,11 +18,11 @@ class serendipity_event_contactform extends serendipity_event {
function introspect(&$propbag) {
global $serendipity;
$subtitle = $this->get_config('backend_title', '');
$subtitle = $this->get_config('backend_title', '');
if (!empty($subtitle)) {
$desc = '(' . $subtitle . ') ' . PLUGIN_CONTACTFORM_TITLE_BLAHBLAH;
$desc = '(' . $subtitle . ') ' . PLUGIN_CONTACTFORM_TITLE_BLAHBLAH;
} else {
$desc = PLUGIN_CONTACTFORM_TITLE_BLAHBLAH;
$desc = PLUGIN_CONTACTFORM_TITLE_BLAHBLAH;
}
$propbag->add('name', PLUGIN_CONTACTFORM_TITLE);
@ -30,7 +30,7 @@ class serendipity_event_contactform extends serendipity_event {
$propbag->add('event_hooks', array('entries_header' => true, 'entry_display' => true, 'genpage' => true));
$propbag->add('configuration', array('permalink', 'pagetitle', 'backend_title', 'email', 'subject', 'counter', 'intro', 'sent', 'articleformat','dynamic_tpl','dynamic_fields','dynamic_fields_tpl','dynamic_fields_desc'));
$propbag->add('author', 'Garvin Hicking');
$propbag->add('version', '1.15');
$propbag->add('version', '1.16');
$propbag->add('requirements', array(
'serendipity' => '0.7',
'smarty' => '2.6.7',
@ -164,7 +164,7 @@ class serendipity_event_contactform extends serendipity_event {
$title = $this->get_config('pagetitle');
$subject = sprintf($this->get_config('subject'), $title);
$text = '';
if (serendipity_db_bool($this->get_config('counter'))) {
@ -172,7 +172,7 @@ class serendipity_event_contactform extends serendipity_event {
$subject = '[' . $this->get_config('counternumber') . '] ' . $subject;
$text .= sprintf(PLUGIN_CONTACTFORM_MAIL_ISSUECOUNTER, $this->get_config('counternumber')) . "\n";
}
$text .= sprintf(A_NEW_COMMENT_BLAHBLAH, $serendipity['blogTitle'], $title)
. "\n"
. "\n" . USER . ' ' . IP_ADDRESS . ': ' . $_SERVER['REMOTE_ADDR'];
@ -220,12 +220,12 @@ class serendipity_event_contactform extends serendipity_event {
);
$commentInfo = array(
'type' => 'NORMAL',
'source' => 'commentform',
'name' => $serendipity['POST']['name'],
'url' => $serendipity['POST']['url'],
'comment' => $serendipity['POST']['comment'],
'email' => $serendipity['POST']['email'],
'type' => 'NORMAL',
'source' => 'commentform',
'name' => htmlspecialchars(strip_tags($serendipity['POST']['name'])),
'url' => htmlspecialchars(strip_tags($serendipity['POST']['url'])),
'comment' => htmlspecialchars(strip_tags($serendipity['POST']['comment'])),
'email' => htmlspecialchars(strip_tags($serendipity['POST']['email'])),
'source2' => 'adduser' // Allow the contactform to bypass "only registered users may post" option of the adduser-plugin
);
@ -245,10 +245,10 @@ class serendipity_event_contactform extends serendipity_event {
if ($this->sendComment(
$this->get_config('email'),
$serendipity['POST']['name'],
$serendipity['POST']['email'],
$serendipity['POST']['url'],
$serendipity['POST']['comment'])) {
htmlspecialchars(strip_tags($serendipity['POST']['name'])),
htmlspecialchars(strip_tags($serendipity['POST']['email'])),
htmlspecialchars(strip_tags($serendipity['POST']['url'])),
htmlspecialchars(strip_tags($serendipity['POST']['comment'])))) {
$serendipity['smarty']->assign('is_contactform_sent', true);
return true;
@ -316,12 +316,12 @@ class serendipity_event_contactform extends serendipity_event {
);
$commentInfo = array(
'type' => 'NORMAL',
'source' => 'commentform',
'name' => $serendipity['POST']['name'],
'url' => $serendipity['POST']['url'],
'comment' => $comment,
'email' => $serendipity['POST']['email'],
'type' => 'NORMAL',
'source' => 'commentform',
'name' => htmlspecialchars(strip_tags($serendipity['POST']['name'])),
'url' => htmlspecialchars(strip_tags($serendipity['POST']['url'])),
'comment' => htmlspecialchars(strip_tags($comment)),
'email' => htmlspecialchars(strip_tags($serendipity['POST']['email'])),
'source2' => 'adduser' // Allow the contactform to bypass "only registered users may post" option of the adduser-plugin
);
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
@ -340,10 +340,10 @@ class serendipity_event_contactform extends serendipity_event {
if ($this->sendComment(
$this->get_config('email'),
$serendipity['POST']['name'],
$serendipity['POST']['email'],
$serendipity['POST']['url'],
$comment,true)) {
htmlspecialchars(strip_tags($serendipity['POST']['name'])),
htmlspecialchars(strip_tags($serendipity['POST']['email'])),
htmlspecialchars(strip_tags($serendipity['POST']['url'])),
htmlspecialchars(strip_tags($comment,true)))) {
$serendipity['smarty']->assign('is_contactform_sent', true);
return true;
@ -397,7 +397,7 @@ class serendipity_event_contactform extends serendipity_event {
$form_fields[$item['name']]['default'] = 'checked="checked"';
break;
default:
$form_fields[$item['name']]['default'] = $item['value'];
$form_fields[$item['name']]['default'] = htmlspecialchars(strip_tags($item['value']));
break;
}
}
@ -437,7 +437,7 @@ class serendipity_event_contactform extends serendipity_event {
$filename = 'plugin_dynamicform.tpl';
}
$tfile = serendipity_getTemplateFile($filename, 'serendipityPath');
if (!$tfile) {
$tfile = dirname(__FILE__) . '/' . $filename;
}
@ -577,7 +577,7 @@ class serendipity_event_contactform extends serendipity_event {
$return_array[$field_array[0]]['message'] = $option;
}
}
}
}
break;
case 'radio':
$return_array[$field_array[0]]['type'] = 'radio';