Permalink
Browse files

FIX CVE-2018-19995 and CVE-2018-19998

  • Loading branch information...
eldy committed Dec 22, 2018
1 parent 850b939 commit bacd5110fbdc81a35030fdc322775fa15ea85924
Showing with 28 additions and 28 deletions.
  1. +28 −28 htdocs/user/card.php
@@ -191,31 +191,31 @@
$birth = dol_mktime(0, 0, 0, GETPOST('birthmonth'), GETPOST('birthday'), GETPOST('birthyear'));
$object->birth = $birth;
$object->admin = GETPOST("admin", 'alpha');
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
$object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype", 'alpha');
$object->office_phone = GETPOST("office_phone", 'alphanohtml');
$object->office_fax = GETPOST("office_fax", 'alphanohtml');
$object->user_mobile = GETPOST("user_mobile", 'alphanohtml');
$object->skype = GETPOST("skype", 'alphanohtml');
$object->email = preg_replace('/\s+/', '', GETPOST("email", 'alpha'));
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->note = GETPOST("note");
$object->ldap_sid = GETPOST("ldap_sid");
$object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0;
$object->employee = GETPOST('employee');
$object->thm = GETPOST("thm") != '' ? GETPOST("thm") : '';
$object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : '';
$object->salary = GETPOST("salary") != '' ? GETPOST("salary") : '';
$object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : '';
$object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : '';
$object->color = GETPOST("color") != '' ? GETPOST("color") : '';
$object->signature = GETPOST("signature", 'none');
$object->accountancy_code = GETPOST("accountancy_code", 'alphanohtml');
$object->note = GETPOST("note", 'none');
$object->ldap_sid = GETPOST("ldap_sid", 'alphanohtml');
$object->fk_user = GETPOST("fk_user", 'int') > 0 ? GETPOST("fk_user", 'int') : 0;
$object->employee = GETPOST('employee', 'alphanohtml');
$object->thm = GETPOST("thm", 'alphanohtml') != '' ? GETPOST("thm", 'alphanohtml') : '';
$object->tjm = GETPOST("tjm", 'alphanohtml') != '' ? GETPOST("tjm", 'alphanohtml') : '';
$object->salary = GETPOST("salary", 'alphanohtml') != '' ? GETPOST("salary", 'alphanohtml') : '';
$object->salaryextra = GETPOST("salaryextra", 'alphanohtml') != '' ? GETPOST("salaryextra", 'alphanohtml') : '';
$object->weeklyhours = GETPOST("weeklyhours", 'alphanohtml') != '' ? GETPOST("weeklyhours", 'alphanohtml') : '';
$object->color = GETPOST("color", 'alphanohtml') != '' ? GETPOST("color", 'alphanohtml') : '';
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth'), GETPOST('dateemploymentday'), GETPOST('dateemploymentyear'));
$object->dateemployment = $dateemployment;
@@ -335,22 +335,22 @@
$object->pass = GETPOST("password",'none');
$object->api_key = (GETPOST("api_key", 'alpha')) ? GETPOST("api_key", 'alpha') : $object->api_key;
if (! empty($user->admin)) $object->admin = GETPOST("admin"); // admin flag can only be set/unset by an admin user. A test is also done later when forging sql request
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
$object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->office_phone = GETPOST("office_phone", 'alphanohtml');
$object->office_fax = GETPOST("office_fax", 'alphanohtml');
$object->user_mobile = GETPOST("user_mobile", 'alphanohtml');
$object->skype = GETPOST("skype", 'alpha');
$object->email = preg_replace('/\s+/', '', GETPOST("email", 'alpha'));
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature",'none');
$object->accountancy_code = GETPOST("accountancy_code",'alpha');
$object->openid = GETPOST("openid",'alpha');
$object->fk_user = GETPOST("fk_user",'int') > 0 ? GETPOST("fk_user",'int') : 0;
$object->employee = GETPOST('employee');
$object->employee = GETPOST('employee','alphanothtml');
$object->thm = GETPOST("thm",'alphanohtml') != '' ? GETPOST("thm",'alphanohtml') : '';
$object->tjm = GETPOST("tjm",'alphanohtml') != '' ? GETPOST("tjm",'alphanohtml') : '';

0 comments on commit bacd511

Please sign in to comment.