Skip to content
Permalink
Browse files Browse the repository at this point in the history
+ HTML Purify some fields to prevent XSS attacks
  • Loading branch information
NavigateCMS committed May 17, 2020
1 parent 4795c40 commit e690bb5
Show file tree
Hide file tree
Showing 5 changed files with 142 additions and 55 deletions.
66 changes: 53 additions & 13 deletions lib/packages/feeds/feed.class.php
Expand Up @@ -52,6 +52,8 @@ public function load_from_resultset($rs)

public function load_from_post()
{
global $purifier;

$this->permission = intval($_REQUEST['permission']);
$this->enabled = intval($_REQUEST['enabled']);
$this->format = $_REQUEST['format'];
Expand All @@ -67,31 +69,42 @@ public function load_from_post()

foreach($_REQUEST as $key => $value)
{
if(empty($value)) continue;
if(empty($value))
{
continue;
}

foreach($fields as $field)
{
if(substr($key, 0, strlen($field.'-'))==$field.'-')
$this->dictionary[substr($key, strlen($field.'-'))][$field] = $value;
{
$this->dictionary[substr($key, strlen($field.'-'))][$field] = $purifier->purify($value);
}
}

if(substr($key, 0, strlen('path-'))=='path-')
$this->paths[substr($key, strlen('path-'))] = $value;
{
$this->paths[substr($key, strlen('path-'))] = $purifier->purify($value);
}
}

$this->categories = '';
if($_REQUEST['categories']!='true')
$this->categories = explode(',', $_REQUEST['categories']);
{
$this->categories = explode(',', $_REQUEST['categories']);
}
}

public function save()
{
global $DB;

if(!empty($this->id))
return $this->update();
{
return $this->update();
}
else
return $this->insert();
{
return $this->insert();
}
}

public function delete()
Expand Down Expand Up @@ -159,7 +172,9 @@ public function insert()
);

if(!$ok)
{
throw new Exception($DB->get_last_error());
}

$this->id = $DB->get_last_id();

Expand Down Expand Up @@ -208,7 +223,9 @@ public function update()
);

if(!$ok)
throw new Exception($DB->get_last_error());
{
throw new Exception($DB->get_last_error());
}

webdictionary::save_element_strings('feed', $this->id, $this->dictionary);
path::saveElementPaths('feed', $this->id, $this->paths);
Expand Down Expand Up @@ -248,7 +265,9 @@ public function quicksearch($text)
$cols[] = 'i.id' . $like;

if(!empty($dict_ids))
$cols[] = 'i.id IN ('.implode(',', $dict_ids).')';
{
$cols[] = 'i.id IN ('.implode(',', $dict_ids).')';
}

$where = ' AND ( ';
$where.= implode( ' OR ', $cols);
Expand All @@ -264,15 +283,19 @@ public static function generate_feed($id = NULL)
global $DB;

if(empty($id))
$id = $current['id'];
{
$id = $current['id'];
}

$item = new feed();
$item->load($id);

$permission = nvweb_object_enabled($item);

if(!$permission)
{
return;
}

$feed = new UniversalFeedCreator();

Expand All @@ -296,7 +319,10 @@ public static function generate_feed($id = NULL)
if(!empty($item->categories[0]))
{
$limit = intval($item->entries);
if($limit <= 0) $limit = 10;
if($limit <= 0)
{
$limit = 10;
}

$DB->query(' SELECT SQL_CALC_FOUND_ROWS i.id, i.permission, i.date_published, i.date_unpublish,
i.date_to_display, COALESCE(NULLIF(i.date_to_display, 0), i.date_created) as pdate, d.text as title, i.position as position,
Expand Down Expand Up @@ -380,7 +406,9 @@ public static function generate_feed($id = NULL)
$galleries = mb_unserialize($rs[$x]->galleries);
$photo = @array_shift(array_keys($galleries[0]));
if(!empty($photo))
{
$image = $website->absolute_path(false) . '/object?type=image&id='.$photo;
}
}

if(empty($image))
Expand All @@ -393,9 +421,13 @@ public static function generate_feed($id = NULL)
if($properties[$p]->type=='image')
{
if(!empty($properties[$p]->value))
{
$image = $properties[$p]->value;
}
else if(!empty($properties[$p]->dvalue))
{
$image = $properties[$p]->dvalue;
}

if(is_array($image))
{
Expand All @@ -404,12 +436,16 @@ public static function generate_feed($id = NULL)
}

if(!empty($image))
{
$image = $website->absolute_path(false) . '/object?type=image&id='.$image;
}
}

// we only need the first image
if(!empty($image))
{
break;
}
}
}

Expand All @@ -418,7 +454,9 @@ public static function generate_feed($id = NULL)
$fitem->image = $image;
// feedly will only display images of >450px --> http://blog.feedly.com/2015/07/31/10-ways-to-optimize-your-feed-for-feedly/
if(strpos($item->format, 'RSS')!==false)
$fitem->description = '<img src="'.$image.'&width=640"><br />'.$fitem->description;
{
$fitem->description = '<img src="'.$image.'&width=640"><br />'.$fitem->description;
}
}

//$item->author = $contents->rows[$x]->author_name;
Expand Down Expand Up @@ -460,7 +498,9 @@ public function backup($type='json')
$out = $DB->result();

if($type='json')
{
$out = json_encode($out);
}

return $out;
}
Expand Down
32 changes: 22 additions & 10 deletions lib/packages/menus/menu.class.php
Expand Up @@ -42,7 +42,10 @@ public function load_from_resultset($rs)
$this->functions = $DB->result('function_id');
*/
$this->functions = json_decode($main->functions);
if(empty($this->functions)) $this->functions = array();
if(empty($this->functions))
{
$this->functions = array();
}
}

public function load_from_post()
Expand All @@ -59,19 +62,22 @@ public function load_from_post()
foreach($functions as $function)
{
if(!empty($function))
$this->functions[] = $function;
{
$this->functions[] = $function;
}
}
}

}

public function save()
{
global $DB;

if(!empty($this->id))
return $this->update();
{
return $this->update();
}
else
return $this->insert();
{
return $this->insert();
}
}

public function delete()
Expand Down Expand Up @@ -111,7 +117,9 @@ public function insert()
);

if(!$ok)
throw new Exception($DB->get_last_error());
{
throw new Exception($DB->get_last_error());
}

$this->id = $DB->get_last_id();

Expand Down Expand Up @@ -139,7 +147,9 @@ functions = :functions, enabled = :enabled
);

if(!$ok)
throw new Exception($DB->get_last_error());
{
throw new Exception($DB->get_last_error());
}

return true;
}
Expand Down Expand Up @@ -179,7 +189,9 @@ public function backup($type='json')
$out = $DB->result();

if($type='json')
{
$out = json_encode($out);
}

return $out;
}
Expand Down

0 comments on commit e690bb5

Please sign in to comment.