- various components: fix inconsistencies in how user names

and team names are represented. In particular, edit_user_info_action.php was using htmlentities() on names; this led to double-encoding. The new rules: 1) no HTML tags allowed in either one. This is enforced silently, using strip_tags() 2) names are stored in the DB exactly as entered. They may contain chars like & and >. They may contain non-ASCII characters (use UTF-8 if you want them displayed correctly). None of these are not escaped. 3) When the names are put in XML (e.g. in scheduler reply or db_dump output) they are XML-escaped. This escapes <, &, and non-ASCII chars 4) The client leaves them in this form, and writes them that way in GUI RPCs and init_data.xml files. 5) The parsing of GUI RPC replies and init_data.xml files XML-unescapes them. svn path=/trunk/boinc/; revision=20647
BOINC · Feb 18, 2010 · 6dd7401 · 6dd7401
1 parent b94bc24
commit 6dd7401
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 6 deletions.
diff --git a/checkin_notes b/checkin_notes
@@ -1280,3 +1280,36 @@ Rom    18 Feb 2010
 
     locale/
         updatetrans.sh
+
+David  18 Feb 2010
+    - various components: fix inconsistencies in how user names
+        and team names are represented.
+        In particular, edit_user_info_action.php was using
+        htmlentities() on names; this led to double-encoding.
+
+        The new rules:
+        1) no HTML tags allowed in either one.
+            This is enforced silently, using strip_tags()
+        2) names are stored in the DB exactly as entered.
+            They may contain chars like & and >.
+            They may contain non-ASCII characters
+            (use UTF-8 if you want them displayed correctly).
+            None of these are not escaped.
+        3) When the names are put in XML
+            (e.g. in scheduler reply or db_dump output)
+            they are XML-escaped.
+            This escapes <, &, and non-ASCII chars
+        4) The client leaves them in this form,
+            and writes them that way in GUI RPCs
+            and init_data.xml files.
+        5) The parsing of GUI RPC replies and init_data.xml files
+            XML-unescapes them.
+
+    html/
+        inc/
+            user.inc
+        user/
+            edit_user_info_action.php
+    lib/
+        app_ipc.cpp
+        gui_rpc_client_ops.cpp
diff --git a/html/inc/user.inc b/html/inc/user.inc
@@ -446,6 +446,7 @@ function make_user(
     if (!is_valid_country($country)) return null;
 
     $email_addr = BoincDb::escape_string($email_addr);
+    $name = strip_tags($name);
     $name = BoincDb::escape_string($name);
     $passwd_hash = BoincDb::escape_string($passwd_hash);
 

diff --git a/html/user/edit_user_info_action.php b/html/user/edit_user_info_action.php
@@ -24,12 +24,12 @@
 $user = get_logged_in_user();
 check_tokens($user->authenticator);
 
-$name = boinc_htmlentities(post_str("user_name"));
+$name = post_str("user_name");
 if ($name != strip_tags($name)) {
     error_page(tra("HTML tags are not allowed in your name."));
 }
 if (strlen($name) == 0) {
-   error_page(tra("You must supply a name for your account."));
+    error_page(tra("You must supply a name for your account."));
 }
 $url = post_str("url", true);
 $url = strip_tags($url);

diff --git a/lib/app_ipc.cpp b/lib/app_ipc.cpp
@@ -310,8 +310,14 @@ int parse_init_data_file(FILE* f, APP_INIT_DATA& ai) {
         if (xp.parse_str(tag, "symstore", ai.symstore, sizeof(ai.symstore))) continue;
         if (xp.parse_str(tag, "acct_mgr_url", ai.acct_mgr_url, sizeof(ai.acct_mgr_url))) continue;
         if (xp.parse_int(tag, "hostid", ai.hostid)) continue;
-        if (xp.parse_str(tag, "user_name", ai.user_name, sizeof(ai.user_name))) continue;
-        if (xp.parse_str(tag, "team_name", ai.team_name, sizeof(ai.team_name))) continue;
+        if (xp.parse_str(tag, "user_name", ai.user_name, sizeof(ai.user_name))) {
+            xml_unescape(ai.user_name);
+            continue;
+        }
+        if (xp.parse_str(tag, "team_name", ai.team_name, sizeof(ai.team_name))) {
+            xml_unescape(ai.team_name);
+            continue;
+        }
         if (xp.parse_str(tag, "project_dir", ai.project_dir, sizeof(ai.project_dir))) continue;
         if (xp.parse_str(tag, "boinc_dir", ai.boinc_dir, sizeof(ai.boinc_dir))) continue;
         if (xp.parse_str(tag, "authenticator", ai.authenticator, sizeof(ai.authenticator))) continue;

diff --git a/lib/gui_rpc_client_ops.cpp b/lib/gui_rpc_client_ops.cpp
@@ -225,8 +225,14 @@ int PROJECT::parse(MIOFILE& in) {
         if (parse_str(buf, "<master_url>", master_url)) continue;
         if (parse_double(buf, "<resource_share>", resource_share)) continue;
         if (parse_str(buf, "<project_name>", project_name)) continue;
-        if (parse_str(buf, "<user_name>", user_name)) continue;
-        if (parse_str(buf, "<team_name>", team_name)) continue;
+        if (parse_str(buf, "<user_name>", user_name)) {
+            xml_unescape(user_name);
+            continue;
+        }
+        if (parse_str(buf, "<team_name>", team_name)) {
+            xml_unescape(team_name);
+            continue;
+        }
         if (parse_int(buf, "<hostid>", hostid)) continue;
         if (parse_double(buf, "<user_total_credit>", user_total_credit)) continue;
         if (parse_double(buf, "<user_expavg_credit>", user_expavg_credit)) continue;