Fix for a security vulnerability with the Error Log module

This patch prevents an XSS attack, where an attacker with hacking tools could enter
<script> tags and JavaScript code as their referer URL and then navigate to a page on
your site that did not exist, and their JavaScript code would be executed when an
admin next visited the error log page in Organizer.

This commit also includes some various other miscellaneous fixes.

zenario/admin/db_updates/latest_revision_no.inc.php

@@ -37,6 +37,6 @@
 define('ZENARIO_MAJOR_VERSION', '8');
 define('ZENARIO_MINOR_VERSION', '5');
 define('ZENARIO_IS_BUILD', true);
-define('ZENARIO_REVISION', '50977');
+define('ZENARIO_REVISION', '51340');
 
 define('TINYMCE_DIR', 'zenario/libs/manually_maintained/lgpl/tinymce_4_7_3/');

zenario/autoload/welcome.php

@@ -2620,7 +2620,9 @@ public static function diagnosticsAJAX(&$source, &$tags, &$fields, &$values, $ch
 				}
 			} else {
 				$fields['0/htaccess_unavailable']['row_class'] = 'warning';
-				$fields['0/htaccess_unavailable']['snippet']['html'] = \ze\admin::phrase('The .htaccess file cannot be read or is missing. (This message needs revising.)');
+				$fields['0/htaccess_unavailable']['snippet']['html'] = \ze\admin::phrase('The .htaccess file cannot be read or is missing.');
+
+				$fields['0/friendly_urls_disabled']['hidden'] = true;
 			}
 
 			//Check to see if there are spare domains without a primary domain

zenario/js/admin_organizer.js

@@ -4723,10 +4723,10 @@ zenarioO.columnValue = function(i, c, dontHTMLEscape) {
 					href = ' style="cursor: default;"';
 
 					if (item_link == 'menu_item') {
-						href += ' title="' + htmlspecialchars(item.name) + '|"';
+						href += ' title="' + htmlspecialchars(htmlspecialchars(item.name)) + '|"';
 
 					} else if (item_link == 'content_item' || item_link == 'content_item_or_url') {
-						href += ' title="' + htmlspecialchars(item.name) + '|"';
+						href += ' title="' + htmlspecialchars(htmlspecialchars(item.name)) + '|"';
 					}
 
 				} else {
@@ -4774,22 +4774,22 @@ zenarioO.columnValue = function(i, c, dontHTMLEscape) {
 
 					if (isSKLink) {
 						if (item_link == 'menu_item') {
-							href += ' title="' + htmlspecialchars(item.name) + '|' + phrase.clkToViewLinkedMenuNode + '"';
+							href += ' title="' + htmlspecialchars(htmlspecialchars(item.name)) + '|' + phrase.clkToViewLinkedMenuNode + '"';
 
 						} else if (item_link == 'content_item' || item_link == 'content_item_or_url') {
-							href += ' title="' + htmlspecialchars(item.name) + '|' + phrase.clkToViewLinkedCItem + '"';
+							href += ' title="' + htmlspecialchars(htmlspecialchars(item.name)) + '|' + phrase.clkToViewLinkedCItem + '"';
 						}
 
 					} else if (isURL) {
-						href += ' title="' + htmlspecialchars(item.name) + '|' + phrase.clkToViewLinkInNewWindow + '"';
+						href += ' title="' + htmlspecialchars(htmlspecialchars(item.name)) + '|' + phrase.clkToViewLinkInNewWindow + '"';
 					}
 				}
 
 
 				switch (item_link) {
 					case 'content_item':
 					case 'content_item_or_url':
-						itemName = item.name;
+						itemName = htmlspecialchars(item.name);
 						break;
 
 					case 'menu_item':

zenario/modules/zenario_forum/module_code.php

@@ -466,7 +466,9 @@ protected function manageUploads($postId){
 				$filesToUpload = &$_FILES['filesToUpload'];
 				$files_count = count($filesToUpload['name']);
 				for($i=0; $i < $files_count; ++$i){
-					$this->manageOneUpload($postId, $filesToUpload['tmp_name'][$i], $filesToUpload['name'][$i]);
+					if (empty($filesToUpload['error'][$i])) {
+						$this->manageOneUpload($postId, $filesToUpload['tmp_name'][$i], $filesToUpload['name'][$i]);
+					}
 				}
 			}
 

zenario/styles/admin_organizer.css

@@ -2358,6 +2358,8 @@ div.organizer_pageSize {
 	left:0;
 	margin: 0px auto;
 	padding:0 0 5px;
+	max-height:70vh;
+	overflow-y:auto;
 }
 
 #organizer_quickFilter ul ul li {