mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

upport

Browse Source
This commit is contained in:
Garvin Hicking 2013-02-07 12:39:44 +01:00
parent 8c1adf2189
commit e50879f5a3
2 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/NEWS
View File

@ -12,6 +12,9 @@ Version 2.0 ()
Version 1.7 ()
------------------------------------------------------------------------
* Media database: Escape more Cookie values to prevent storing
possible XSS (http://board.s9y.org/viewtopic.php?f=3&t=19142)
* rc2: Alter entries.tpl to add the line:
{assign var="entry" value=$entry scope="parent"}
for proper propagation of $entry to sub-templates.

14
include/functions_images.inc.php
View File

@ -1447,28 +1447,28 @@ function serendipity_displayImageList($page = 0, $lineBreak = NULL, $manage = fa
foreach($importParams AS $importParam) {
if (isset($serendipity['GET'][$importParam])) {
$extraParems .= 'serendipity[' . $importParam . ']='. $serendipity['GET'][$importParam] .'&';
$extraParems .= 'serendipity[' . $importParam . ']='. htmlspecialchars($serendipity['GET'][$importParam]) .'&';
}
}
foreach($sortParams AS $sortParam) {
serendipity_restoreVar($serendipity['COOKIE']['sortorder_' . $sortParam], $serendipity['GET']['sortorder'][$sortParam]);
serendipity_JSsetCookie('sortorder_' . $sortParam, $serendipity['GET']['sortorder'][$sortParam]);
$extraParems .= 'serendipity[sortorder]['. $sortParam .']='. $serendipity['GET']['sortorder'][$sortParam] .'&';
serendipity_JSsetCookie('sortorder_' . $sortParam, htmlspecialchars($serendipity['GET']['sortorder'][$sortParam]));
$extraParems .= 'serendipity[sortorder]['. $sortParam .']='. htmlspecialchars($serendipity['GET']['sortorder'][$sortParam]) .'&';
}
foreach($filterParams AS $filterParam) {
serendipity_restoreVar($serendipity['COOKIE'][$filterParam], $serendipity['GET'][$filterParam]);
serendipity_JSsetCookie($filterParam, $serendipity['GET'][$filterParam]);
serendipity_JSsetCookie($filterParam, htmlspecialchars($serendipity['GET'][$filterParam]));
if (!empty($serendipity['GET'][$filterParam])) {
$extraParems .= 'serendipity[' . $filterParam . ']='. $serendipity['GET'][$filterParam] .'&';
$extraParems .= 'serendipity[' . $filterParam . ']='. htmlspecialchars($serendipity['GET'][$filterParam]) .'&';
}
}
$serendipity['GET']['only_path'] = serendipity_uploadSecure($limit_path . $serendipity['GET']['only_path'], true);
$serendipity['GET']['only_filename'] = str_replace(array('*', '?'), array('%', '_'), $serendipity['GET']['only_filename']);
$serendipity['GET']['only_filename'] = htmlspecialchars(str_replace(array('*', '?'), array('%', '_'), $serendipity['GET']['only_filename']));
$perPage = (!empty($serendipity['GET']['sortorder']['perpage']) ? $serendipity['GET']['sortorder']['perpage'] : 8);
$perPage = (!empty($serendipity['GET']['sortorder']['perpage']) ? (int)$serendipity['GET']['sortorder']['perpage'] : 8);
while ($perPage % $lineBreak !== 0) {
$perPage++;
}