Permalink
Browse files

Security: Remove "Security::remove_XSS", fix htmleditor get value

Related:

099ec41
  • Loading branch information...
jmontoyaa committed Nov 20, 2018
1 parent b3fa8b0 commit d9c37bf1f3e43b67b4f5b54938af2c45a51db309
@@ -1,8 +1,10 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
$type = isset($_REQUEST['type']) && in_array($_REQUEST['type'], ['personal', 'course', 'admin']) ? $_REQUEST['type'] : 'personal';
if ($type == 'personal') {
@@ -28,9 +30,9 @@
break;
}
$add_as_announcement = isset($_REQUEST['add_as_annonuncement']) ? $_REQUEST['add_as_annonuncement'] : null;
$title = isset($_REQUEST['title']) ? Security::remove_XSS($_REQUEST['title']) : null;
$content = isset($_REQUEST['content']) ? Security::remove_XSS($_REQUEST['content']) : null;
$comment = isset($_REQUEST['comment']) ? Security::remove_XSS($_REQUEST['comment']) : null;
$title = isset($_REQUEST['title']) ? $_REQUEST['title'] : null;
$content = isset($_REQUEST['content']) ? $_REQUEST['content'] : null;
$comment = isset($_REQUEST['comment']) ? $_REQUEST['comment'] : null;
$userToSend = isset($_REQUEST['users_to_send']) ? $_REQUEST['users_to_send'] : [];
echo $agenda->addEvent(
@@ -31,7 +31,7 @@ public function __construct(
$config = []
) {
if (empty($name)) {
return false;
throw new \Exception('Name is required');
}
parent::__construct($name, $elementLabel, $attributes);
@@ -54,9 +54,9 @@ public function __construct(
*/
public function toHtml()
{
$value = Security::remove_XSS($this->getValue());
if ($this->editor) {
if ($this->editor->getConfigAttribute('fullPage')) {
$value = $this->getValue();
if (strlen(trim($value)) == 0) {
// TODO: To be considered whether here to add
// language and character set declarations.
@@ -70,10 +70,9 @@ public function toHtml()
return $this->getFrozenHtml();
} else {
$styleCss = $this->editor->getConfigAttribute('style');
$style = false;
if ($styleCss) {
$style = true;
} else {
$style = false;
}
return $this->buildEditor($style);
@@ -87,7 +86,7 @@ public function toHtml()
*/
public function getFrozenHtml()
{
return $this->getValue();
return $this->getCleanValue();
}
/**
@@ -99,9 +98,9 @@ public function buildEditor($style = false)
{
$result = '';
if ($this->editor) {
$this->editor->value = Security::remove_XSS($this->getValue());
$this->editor->value = $this->getCleanValue();
$this->editor->setName($this->getName());
if ($style == true) {
if ($style === true) {
$result = $this->editor->createHtmlStyle();
} else {
$result = $this->editor->createHtml();
@@ -253,12 +253,30 @@ public function setValue($value)
*/
public function getValue()
{
// interface
return null;
} // end func getValue
}
// }}}
// {{{ freeze()
/**
* @return string
*/
public function getCleanValue()
{
$value = $this->cleanValueFromParameter($this->getValue());
return $value;
}
/**
* @param string $value
*
* @return string
*/
public function cleanValueFromParameter($value)
{
$value = @htmlspecialchars($value, ENT_COMPAT, HTML_Common::charset());

This comment has been minimized.

@aragonc

aragonc Nov 20, 2018

Member

Esto rompe todos los contenidos de documento html subidos por documentos y adjuntado dentro de un scorm chamilo ya no se puede editar o dar formato de correciónes desde el mismo chamilo. 😑

Todos los cursos CHAPA y CHACOBU del campus chamilo fueron afectados despues de este cambio.

Adjunto captura.

contenido_curso_chapa

This comment has been minimized.

@jmontoyaa

jmontoyaa Nov 21, 2018

Member

campus chamilo está actualizado a 1.11.x??

This comment has been minimized.

@jmontoyaa

jmontoyaa Nov 21, 2018

Member

Acabo de enviar unas correciones ahora debería de funcionar

This comment has been minimized.

@jmontoyaa

jmontoyaa Nov 21, 2018

Member

Acabo de actualizar campus.chamilo y ahora funciona el html se ve correctamente

return $value;
}
/**
* Freeze the element so that only its value is returned
@@ -302,12 +320,16 @@ public function getFrozenHtml()
// Modified by Ivan Tcholakov, 16-MAR-2010.
//return ('' != $value? htmlspecialchars($value): '&nbsp;') .
// $this->_getPersistantData();
if (!empty($value)) {
$value = $this->getCleanValue();
} else {
$value = '&nbsp;';
}
$value .= $this->_getPersistantData();
$value = ('' != $value ? @htmlspecialchars($value, ENT_COMPAT, HTML_Common::charset()): '&nbsp;') .
$this->_getPersistantData();
return '<span class="freeze">'.$value.'</span>';
//
} //end func getFrozenHtml
}
/**
* Used by getFrozenHtml() to pass the element's value if _persistantFreeze is on

0 comments on commit d9c37bf

Please sign in to comment.