james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #598 from jgen/develop

Browse Source 
#597: Fix for XSS issue in chatbox extension.
This commit is contained in:
Shish 2017-03-08 10:30:54 +00:00 committed by GitHub
commit 72de620b42
2 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ext/chatbox/history/index.php
View File

@ -10,15 +10,23 @@
$admin = loggedIn(); $admin = loggedIn();
$log = 1;
if (isset($_GET['log'])) if (isset($_GET['log']))
{
$log = $_GET['log']; $log = $_GET['log'];
}
if (isset($_POST['log'])) if (isset($_POST['log']))
{
$log = $_POST['log']; $log = $_POST['log'];
}
if (!isset($log)) if (filter_var($log, FILTER_VALIDATE_INT) === false)
{
$log = 1; $log = 1;
}
$ys = ys($log); $ys = ys($log);
$posts = $ys->posts(); $posts = $ys->posts();
@ -132,4 +140,4 @@ if (isset($_POST['p'])) {
<a id="to-top" href="#top">Back to top</a> <a id="to-top" href="#top">Back to top</a>
</div> </div>
</body> </body>
</html> </html>

5
ext/chatbox/php/functions.php
View File

@ -89,7 +89,10 @@
global $yShout, $prefs; global $yShout, $prefs;
if ($yShout) return $yShout; if ($yShout) return $yShout;
if ($log > $prefs['logs'] || $log < 0 || !is_numeric($log)) $log = 1; if (filter_var($log, FILTER_VALIDATE_INT, array("options" => array("min_range" => 0, "max_range" => $prefs['logs']))) === false)
{
$log = 1;
}
$log = 'log.' . $log; $log = 'log.' . $log;
return new YShout($log, loggedIn()); return new YShout($log, loggedIn());