Skip to content
Permalink
Browse files

Security - Fix possible XSS attack vector using teacher role - report…

…ed by Javier Bloem
  • Loading branch information...
ywarnier committed May 7, 2014
1 parent 94706d7 commit dd9bcd64fee588637914eec529cb489a8e89f2df
Showing with 6 additions and 6 deletions.
  1. +4 −4 main/inc/lib/course.lib.php
  2. +2 −2 main/template/default/auth/courses_categories.php
@@ -3372,7 +3372,7 @@ public static function display_special_courses($user_id, $load_dirs = false)
$course['status'] = STUDENT;
}
$params['icon'] = Display::return_icon('blackboard.png', $course_info['title'], array(), ICON_SIZE_LARGE);
$params['icon'] = Display::return_icon('blackboard.png', api_htmlentities($course_info['title']), array(), ICON_SIZE_LARGE);
$params['right_actions'] = '';
if (api_is_platform_admin()) {
@@ -3448,7 +3448,7 @@ public static function display_courses($user_id, $load_dirs = false)
while ($row = Database::fetch_array($result)) {
// We simply display the title of the category.
$params = array(
'icon' => Display::return_icon('folder_yellow.png', $row['title'], array(), ICON_SIZE_LARGE),
'icon' => Display::return_icon('folder_yellow.png', api_htmlentities($row['title']), array(), ICON_SIZE_LARGE),
'title' => $row['title'],
'class' => 'table_user_course_category'
);
@@ -3542,7 +3542,7 @@ public static function display_courses_in_category($user_category_id, $load_dirs
$show_notification = Display::show_notification($course_info);
// New code displaying the user's status in respect to this course.
$status_icon = Display::return_icon('blackboard.png', $course_info['title'], array(), ICON_SIZE_LARGE);
$status_icon = Display::return_icon('blackboard.png', api_htmlentities($course_info['title']), array(), ICON_SIZE_LARGE);
$params = array();
$params['right_actions'] = '';
@@ -3741,7 +3741,7 @@ public static function get_logged_user_course_html($course, $session_id = 0, $cl
}
$params = array();
$params['icon'] = Display::return_icon('blackboard_blue.png', $course_info['name'], array(), ICON_SIZE_LARGE);
$params['icon'] = Display::return_icon('blackboard_blue.png', api_htmlentities($course_info['name']), array(), ICON_SIZE_LARGE);
$params['link'] = $session_url;
$params['title'] = $session_title;
@@ -251,10 +251,10 @@ function display_thumbnail($course, $icon_title)
echo '<div class="thumbnail">';
if (api_get_setting('show_courses_descriptions_in_catalog') == 'true') {
echo '<a class="ajax" href="'.api_get_path(WEB_CODE_PATH).'inc/ajax/course_home.ajax.php?a=show_course_information&amp;code='.$course['code'].'" title="'.$icon_title.'" rel="gb_page_center[778]">';
echo '<img src="'.$course_medium_image.'" alt="'.$title.'" />';
echo '<img src="'.$course_medium_image.'" alt="'.api_htmlentities($title).'" />';
echo '</a>';
} else {
echo '<img src="'.$course_medium_image.'" alt="'.$title.'"/>';
echo '<img src="'.$course_medium_image.'" alt="'.api_htmlentities($title).'"/>';
}
echo '</div>'; // thumbail
echo '</div>'; // span2

0 comments on commit dd9bcd6

Please sign in to comment.
You can’t perform that action at this time.