Skip to content
Permalink
Browse files
CVE-2019-8349 XSS vulnerabilities fix
  • Loading branch information
danpros committed May 6, 2020
1 parent fb6fac0 commit ec1cf1d303598679536ec0934190e0d63731c4e6
Showing 19 changed files with 31 additions and 190 deletions.

This file was deleted.

@@ -4,6 +4,9 @@ site.url = ""
; Your timezone
timezone = "Asia/Jakarta"

; Time format. See: https://www.php.net/manual/en/function.date.php
time.format = "d F Y"

; Your language (currently only "en" for English or "de" for German)
language = "en"

@@ -25,7 +28,6 @@ blog.enable = "false"
; Social account
social.twitter = "https://twitter.com"
social.facebook = "https://www.facebook.com"
social.google = "https://plus.google.com"
social.tumblr = "http://www.tumblr.com"

; Custom menu link.

This file was deleted.

@@ -695,7 +695,7 @@ function get_user_posts()
$i++;
echo '<tr class="' . $class . '">';
echo '<td><a target="_blank" href="' . $p->url . '">' . $p->title . '</a></td>';
echo '<td>' . date('d F Y', $p->date) . '</td>';
echo '<td>' . format_date($p->date) . '</td>';
if (config("views.counter") == "true")
echo '<td>' . $p->views . '</td>';
echo '<td>' . $p->tag . '</td>';
@@ -1,7 +1,7 @@
<?php
if (login()) {
if (isset($_GET['file'])) {
$file = $_GET['file'];
$file = _h($_GET['file']);

if (!empty($file)) {
unlink($file);
@@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;

@@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;

@@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;
$oldurl = explode('_', $url);
@@ -30,7 +30,7 @@
$oldmd = str_replace('.md', '', $oldurl[2]);

if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
} else {
$destination = 'admin';
}
@@ -41,7 +41,7 @@
$oldcontent = remove_html_comments($content);

if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
} else {
$destination = 'admin';
}
@@ -24,7 +24,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td><?php endif; ?>
<td><a target="_blank" href="<?php echo $p->authorUrl ?>"><?php echo $p->author ?></a></td>
@@ -24,7 +24,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td><?php endif; ?>
<td><a target="_blank" href="<?php echo $p->authorUrl ?>"><?php echo $p->author ?></a></td>
@@ -22,7 +22,7 @@
?>
<tr class="<?php echo $class ?>">
<td><?php echo $p->title ?></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<td><?php echo strip_tags($p->tag) ?></td>
<td><a href="<?php echo $p->url ?>/edit?destination=admin/draft"><?php echo i18n('Edit');?></a> <a href="<?php echo $p->url ?>/delete?destination=admin/draft"><?php echo i18n('Delete');?></a></td>
</tr>
@@ -25,7 +25,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td>
<?php endif; ?>
@@ -17,7 +17,7 @@
get('/index', function () {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -186,7 +186,7 @@
get('/author/:name', function ($name) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -397,7 +397,7 @@
// Show the "Add content" page
get('/add/content', function () {

$req = $_GET['type'];
$req = _h($_GET['type']);

$type = 'is_' . $req;

@@ -1401,7 +1401,7 @@
get('/category/:category', function ($category) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -1597,7 +1597,7 @@
get('/type/:type', function ($type) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -1666,7 +1666,7 @@
get('/tag/:tag', function ($tag) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -1731,7 +1731,7 @@
get('/archive/:req', function ($req) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -1806,7 +1806,7 @@
get('/search/:keyword', function ($keyword) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -1904,7 +1904,7 @@
get('/post/:name', function ($name) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -2288,7 +2288,7 @@
get('/:static', function ($static) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -2683,7 +2683,7 @@
get('/:static/:sub', function ($static, $sub) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@@ -2890,7 +2890,7 @@
get('/:year/:month/:name', function ($year, $month, $name) {

if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}

0 comments on commit ec1cf1d

Please sign in to comment.