Skip to content
Permalink
Browse files Browse the repository at this point in the history
xss fixes
  • Loading branch information
kirilkirkov committed Aug 3, 2020
1 parent 6fbedb6 commit 7c3c32d
Show file tree
Hide file tree
Showing 12 changed files with 75 additions and 75 deletions.
Expand Up @@ -73,22 +73,22 @@
<h4 class="modal-title" id="myModalLabel">Add Administrator</h4>
</div>
<div class="modal-body">
<input type="hidden" name="edit" value="<?= isset($_GET['edit']) ? $_GET['edit'] : '0' ?>">
<input type="hidden" name="edit" value="<?= isset($_GET['edit']) ? (int)$_GET['edit'] : '0' ?>">
<div class="form-group">
<label for="username">Username</label>
<input type="text" name="username" value="<?= isset($_POST['username']) ? $_POST['username'] : '' ?>" class="form-control" id="username">
<input type="text" name="username" value="<?= isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>" class="form-control" id="username">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" class="form-control" value="" id="password">
</div>
<div class="form-group">
<label for="email">Email</label>
<input type="text" name="email" class="form-control" value="<?= isset($_POST['email']) ? $_POST['email'] : '' ?>" id="email">
<input type="text" name="email" class="form-control" value="<?= isset($_POST['email']) ? htmlspecialchars($_POST['email']) : '' ?>" id="email">
</div>
<div class="form-group">
<label for="notify">Notifications</label>
<input type="text" name="notify" class="form-control" value="<?= isset($_POST['notify']) ? $_POST['notify'] : '' ?>" placeholder="Get notifications by email: 1 / 0 (yes or no)" id="notify">
<input type="text" name="notify" class="form-control" value="<?= isset($_POST['notify']) ? htmlspecialchars($_POST['notify']) : '' ?>" placeholder="Get notifications by email: 1 / 0 (yes or no)" id="notify">
</div>
</div>
<div class="modal-footer">
Expand Down
Expand Up @@ -83,7 +83,7 @@
?>
<form method="POST" id="saveLang">
<input type="hidden" name="goDaddyGo" value="">
<div class="alert alert-info"><span class="glyphicon glyphicon-alert"></span> Now you edit language: <b><?= ucfirst($_GET['editLang']) ?></b></div>
<div class="alert alert-info"><span class="glyphicon glyphicon-alert"></span> Now you edit language: <b><?= ucfirst(htmlspecialchars($_GET['editLang'])) ?></b></div>
<?php
$o = 1;
$countValuesForEdit = 0;
Expand Down
2 changes: 1 addition & 1 deletion application/modules/admin/views/blog/blogpublish.php
Expand Up @@ -41,7 +41,7 @@
?>
<div class="form-group">
<?php if (isset($_POST['image'])) { ?>
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
<div><img class="img-responsive" src="<?= base_url('attachments/blog_images/' . $_POST['image']) ?>"></div>
<label for="userfile">Choose another image:</label>
<?php } else { ?>
Expand Down
20 changes: 10 additions & 10 deletions application/modules/admin/views/ecommerce/discounts.php
Expand Up @@ -42,17 +42,17 @@
}
?>
<tr>
<td><?= $code['code'] ?></td>
<td><?= $code['type'] == 'float' ? '-' . $code['amount'] : '-' . $code['amount'] . '%' ?></td>
<td><?= htmlspecialchars($code['code']) ?></td>
<td><?= $code['type'] == 'float' ? '-' . htmlspecialchars($code['amount']) : '-' . htmlspecialchars($code['amount']) . '%' ?></td>
<td><?= date('d.m.Y', $code['valid_from_date']) ?></td>
<td <?= time() > $code['valid_to_date'] ? 'class="text-danger"' : '' ?>><?= date('d.m.Y', $code['valid_to_date']) ?></td>
<td class="text-center">
<a href="<?= base_url('admin/discounts?codeid=' . $code['id'] . '&tostatus=' . $tostatus) ?>">
<?= $code['status'] == 1 ? '<span class="label label-success">Enabled</span>' : '<span class="label label-danger">Disabled</span>' ?>
<a href="<?= base_url('admin/discounts?codeid=' . (int)$code['id'] . '&tostatus=' . (int)$tostatus) ?>">
<?= (int)$code['status'] == 1 ? '<span class="label label-success">Enabled</span>' : '<span class="label label-danger">Disabled</span>' ?>
</a>
</td>
<td class="text-center">
<a href="<?= base_url('admin/discounts?edit=' . $code['id']) ?>" class="btn btn-primary btn-xs">Edit</a>
<a href="<?= base_url('admin/discounts?edit=' . (int)$code['id']) ?>" class="btn btn-primary btn-xs">Edit</a>
</td>
</tr>
<?php
Expand All @@ -72,7 +72,7 @@
<div class="modal-dialog" role="document">
<div class="modal-content">
<form action="" method="POST">
<input type="hidden" name="update" value="<?= isset($_POST['update']) ? $_POST['update'] : '0' ?>">
<input type="hidden" name="update" value="<?= isset($_POST['update']) ? (int)$_POST['update'] : '0' ?>">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="myModalLabel">Add discount code</h4>
Expand All @@ -90,23 +90,23 @@
</div>
<div class="form-group">
<label>Discount value</label>
<input class="form-control" name="amount" value="<?= isset($_POST['amount']) ? $_POST['amount'] : '' ?>" type="text">
<input class="form-control" name="amount" value="<?= isset($_POST['amount']) ? htmlspecialchars($_POST['amount']) : '' ?>" type="text">
</div>
<div class="form-group" style="position: relative;">
<label>Discount code</label>
<input class="form-control" name="code" value="<?= isset($_POST['code']) ? $_POST['code'] : '' ?>" type="text">
<input class="form-control" name="code" value="<?= isset($_POST['code']) ? htmlspecialchars($_POST['code']) : '' ?>" type="text">
<div style="position: absolute; right:5px; top:30px;">
<input type="text" data-toggle="tooltip" title="Set length of code" data-placement="top" class="codeLength" value="6" style="border: 1px solid #dadada;float: left;height: 20px; margin-right: 4px; text-align: center; margin-top: 1px; width: 20px;">
<a href="javascript:void(0);" onclick="generateDiscountCode()" class="btn btn-xs btn-default">Generate</a>
</div>
</div>
<div class="form-group">
<label>Valid from date</label>
<input class="form-control datepicker" name="valid_from_date" value="<?= isset($_POST['valid_from_date']) ? $_POST['valid_from_date'] : '' ?>" type="text">
<input class="form-control datepicker" name="valid_from_date" value="<?= isset($_POST['valid_from_date']) ? htmlspecialchars($_POST['valid_from_date']) : '' ?>" type="text">
</div>
<div class="form-group">
<label>Valid to date</label>
<input class="form-control datepicker" name="valid_to_date" value="<?= isset($_POST['valid_to_date']) ? $_POST['valid_to_date'] : '' ?>" type="text">
<input class="form-control datepicker" name="valid_to_date" value="<?= isset($_POST['valid_to_date']) ? htmlspecialchars($_POST['valid_to_date']) : '' ?>" type="text">
</div>
</div>
<div class="modal-footer">
Expand Down
16 changes: 8 additions & 8 deletions application/modules/admin/views/ecommerce/publish.php
Expand Up @@ -19,7 +19,7 @@
}
?>
<form method="POST" action="" enctype="multipart/form-data">
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
<div class="form-group available-translations">
<b>Languages</b>
<?php foreach ($languages as $language) { ?>
Expand Down Expand Up @@ -77,7 +77,7 @@
<div class="form-group bordered-group">
<?php
if (isset($_POST['image']) && $_POST['image'] != null) {
$image = 'attachments/shop_images/' . $_POST['image'];
$image = 'attachments/shop_images/' . htmlspecialchars($_POST['image']);
if (!file_exists($image)) {
$image = 'attachments/no-image.png';
}
Expand All @@ -86,9 +86,9 @@
<div>
<img src="<?= base_url($image) ?>" class="img-responsive img-thumbnail" style="max-width:300px; margin-bottom: 5px;">
</div>
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
<?php if (isset($_GET['to_lang'])) { ?>
<input type="hidden" name="image" value="<?= $_POST['image'] ?>">
<input type="hidden" name="image" value="<?= htmlspecialchars($_POST['image']) ?>">
<?php
}
}
Expand Down Expand Up @@ -120,7 +120,7 @@
</div>
<div class="form-group for-shop">
<label>Quantity</label>
<input type="text" placeholder="number" name="quantity" value="<?= @$_POST['quantity'] ?>" class="form-control" id="quantity">
<input type="text" placeholder="number" name="quantity" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['quantity']) : '' ?>" class="form-control" id="quantity">
</div>
<?php if ($showBrands == 1) { ?>
<div class="form-group for-shop">
Expand All @@ -134,7 +134,7 @@
<?php } if ($virtualProducts == 1) { ?>
<div class="form-group for-shop">
<label>Virtual Products <a href="javascript:void(0);" data-toggle="modal" data-target="#virtualProductsHelp"><i class="fa fa-question-circle" aria-hidden="true"></i></a></label>
<textarea class="form-control" name="virtual_products"><?= @$_POST['virtual_products'] ?></textarea>
<textarea class="form-control" name="virtual_products"><?= isset($_POST['virtual_products']) ? htmlspecialchars($_POST['virtual_products']) : '' ?></textarea>
</div>
<?php } ?>
<div class="form-group for-shop">
Expand All @@ -146,7 +146,7 @@
</div>
<div class="form-group for-shop">
<label>Position</label>
<input type="text" placeholder="Position number" name="position" value="<?= @$_POST['position'] ?>" class="form-control">
<input type="text" placeholder="Position number" name="position" value="<?= isset($_POST['position']) ? htmlspecialchars($_POST['position']) : '' ?>" class="form-control">
</div>
<button type="submit" name="submit" class="btn btn-lg btn-default btn-publish">Publish</button>
<?php if ($this->uri->segment(3) !== null) { ?>
Expand All @@ -163,7 +163,7 @@
</div>
<div class="modal-body">
<form id="uploadImagesForm">
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
<label for="others">Select images</label>
<input type="file" name="others[]" id="others" multiple />
</form>
Expand Down
14 changes: 7 additions & 7 deletions application/modules/vendor/views/add_product.php
Expand Up @@ -14,7 +14,7 @@
?>
<div class="content">
<form class="form-box" action="" method="POST" enctype="multipart/form-data">
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
<div class="form-group available-translations">
<b>Languages</b>
<?php foreach ($languages as $language) { ?>
Expand Down Expand Up @@ -58,7 +58,7 @@
<div class="form-group bordered-group">
<?php
if (isset($_POST['image']) && $_POST['image'] != null) {
$image = 'attachments/shop_images/' . $_POST['image'];
$image = 'attachments/shop_images/' . htmlspecialchars($_POST['image']);
if (!file_exists($image)) {
$image = 'attachments/no-image.png';
}
Expand All @@ -67,9 +67,9 @@
<div>
<img src="<?= base_url($image) ?>" class="img-responsive img-thumbnail" style="max-width:300px; margin-bottom: 5px;">
</div>
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
<?php if (isset($_GET['to_lang'])) { ?>
<input type="hidden" name="image" value="<?= $_POST['image'] ?>">
<input type="hidden" name="image" value="<?= htmlspecialchars($_POST['image']) ?>">
<?php
}
}
Expand Down Expand Up @@ -110,10 +110,10 @@
</div>
<?php } ?>
<div class="form-group">
<input type="text" placeholder="<?= lang('vendor_quantity') ?>" name="quantity" value="<?= @$_POST['quantity'] ?>" class="form-control">
<input type="text" placeholder="<?= lang('vendor_quantity') ?>" name="quantity" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['quantity']) : '' ?>" class="form-control">
</div>
<div class="form-group">
<input type="text" placeholder="<?= lang('vendor_position') ?>" name="position" value="<?= @$_POST['position'] ?>" class="form-control">
<input type="text" placeholder="<?= lang('vendor_position') ?>" name="position" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['position']) : '' ?>" class="form-control">
</div>
<button type="submit" name="setProduct" class="btn btn-green"><?= lang('vendor_submit_product') ?></button>
</form>
Expand All @@ -130,7 +130,7 @@
</div>
<div class="modal-body">
<form id="uploadImagesForm">
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
<label for="others"><?= lang('vendor_select_images') ?></label>
<input type="file" name="others[]" id="others" multiple />
</form>
Expand Down

0 comments on commit 7c3c32d

Please sign in to comment.