From 6dd7401da795200e7fb41b1a99a38f1186d3e923 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Thu, 18 Feb 2010 22:33:26 +0000 Subject: [PATCH] - various components: fix inconsistencies in how user names and team names are represented. In particular, edit_user_info_action.php was using htmlentities() on names; this led to double-encoding. The new rules: 1) no HTML tags allowed in either one. This is enforced silently, using strip_tags() 2) names are stored in the DB exactly as entered. They may contain chars like & and >. They may contain non-ASCII characters (use UTF-8 if you want them displayed correctly). None of these are not escaped. 3) When the names are put in XML (e.g. in scheduler reply or db_dump output) they are XML-escaped. This escapes <, &, and non-ASCII chars 4) The client leaves them in this form, and writes them that way in GUI RPCs and init_data.xml files. 5) The parsing of GUI RPC replies and init_data.xml files XML-unescapes them. svn path=/trunk/boinc/; revision=20647 --- checkin_notes | 33 +++++++++++++++++++++++++++++ html/inc/user.inc | 1 + html/user/edit_user_info_action.php | 4 ++-- lib/app_ipc.cpp | 10 +++++++-- lib/gui_rpc_client_ops.cpp | 10 +++++++-- 5 files changed, 52 insertions(+), 6 deletions(-) diff --git a/checkin_notes b/checkin_notes index db963507f44..e61dc4f891b 100644 --- a/checkin_notes +++ b/checkin_notes @@ -1280,3 +1280,36 @@ Rom 18 Feb 2010 locale/ updatetrans.sh + +David 18 Feb 2010 + - various components: fix inconsistencies in how user names + and team names are represented. + In particular, edit_user_info_action.php was using + htmlentities() on names; this led to double-encoding. + + The new rules: + 1) no HTML tags allowed in either one. + This is enforced silently, using strip_tags() + 2) names are stored in the DB exactly as entered. + They may contain chars like & and >. + They may contain non-ASCII characters + (use UTF-8 if you want them displayed correctly). + None of these are not escaped. + 3) When the names are put in XML + (e.g. in scheduler reply or db_dump output) + they are XML-escaped. + This escapes <, &, and non-ASCII chars + 4) The client leaves them in this form, + and writes them that way in GUI RPCs + and init_data.xml files. + 5) The parsing of GUI RPC replies and init_data.xml files + XML-unescapes them. + + html/ + inc/ + user.inc + user/ + edit_user_info_action.php + lib/ + app_ipc.cpp + gui_rpc_client_ops.cpp diff --git a/html/inc/user.inc b/html/inc/user.inc index 33c0ac70529..57fb6981675 100644 --- a/html/inc/user.inc +++ b/html/inc/user.inc @@ -446,6 +446,7 @@ function make_user( if (!is_valid_country($country)) return null; $email_addr = BoincDb::escape_string($email_addr); + $name = strip_tags($name); $name = BoincDb::escape_string($name); $passwd_hash = BoincDb::escape_string($passwd_hash); diff --git a/html/user/edit_user_info_action.php b/html/user/edit_user_info_action.php index c25bb07e200..70441f30279 100644 --- a/html/user/edit_user_info_action.php +++ b/html/user/edit_user_info_action.php @@ -24,12 +24,12 @@ $user = get_logged_in_user(); check_tokens($user->authenticator); -$name = boinc_htmlentities(post_str("user_name")); +$name = post_str("user_name"); if ($name != strip_tags($name)) { error_page(tra("HTML tags are not allowed in your name.")); } if (strlen($name) == 0) { - error_page(tra("You must supply a name for your account.")); + error_page(tra("You must supply a name for your account.")); } $url = post_str("url", true); $url = strip_tags($url); diff --git a/lib/app_ipc.cpp b/lib/app_ipc.cpp index 66c59520116..8388ac60687 100644 --- a/lib/app_ipc.cpp +++ b/lib/app_ipc.cpp @@ -310,8 +310,14 @@ int parse_init_data_file(FILE* f, APP_INIT_DATA& ai) { if (xp.parse_str(tag, "symstore", ai.symstore, sizeof(ai.symstore))) continue; if (xp.parse_str(tag, "acct_mgr_url", ai.acct_mgr_url, sizeof(ai.acct_mgr_url))) continue; if (xp.parse_int(tag, "hostid", ai.hostid)) continue; - if (xp.parse_str(tag, "user_name", ai.user_name, sizeof(ai.user_name))) continue; - if (xp.parse_str(tag, "team_name", ai.team_name, sizeof(ai.team_name))) continue; + if (xp.parse_str(tag, "user_name", ai.user_name, sizeof(ai.user_name))) { + xml_unescape(ai.user_name); + continue; + } + if (xp.parse_str(tag, "team_name", ai.team_name, sizeof(ai.team_name))) { + xml_unescape(ai.team_name); + continue; + } if (xp.parse_str(tag, "project_dir", ai.project_dir, sizeof(ai.project_dir))) continue; if (xp.parse_str(tag, "boinc_dir", ai.boinc_dir, sizeof(ai.boinc_dir))) continue; if (xp.parse_str(tag, "authenticator", ai.authenticator, sizeof(ai.authenticator))) continue; diff --git a/lib/gui_rpc_client_ops.cpp b/lib/gui_rpc_client_ops.cpp index 4a2cba0ba85..e2f74443dd7 100644 --- a/lib/gui_rpc_client_ops.cpp +++ b/lib/gui_rpc_client_ops.cpp @@ -225,8 +225,14 @@ int PROJECT::parse(MIOFILE& in) { if (parse_str(buf, "", master_url)) continue; if (parse_double(buf, "", resource_share)) continue; if (parse_str(buf, "", project_name)) continue; - if (parse_str(buf, "", user_name)) continue; - if (parse_str(buf, "", team_name)) continue; + if (parse_str(buf, "", user_name)) { + xml_unescape(user_name); + continue; + } + if (parse_str(buf, "", team_name)) { + xml_unescape(team_name); + continue; + } if (parse_int(buf, "", hostid)) continue; if (parse_double(buf, "", user_total_credit)) continue; if (parse_double(buf, "", user_expavg_credit)) continue;