Skip to content

Commit 7c3c32d

Browse files
committed
xss fixes
1 parent 6fbedb6 commit 7c3c32d

File tree

12 files changed

+75
-75
lines changed

12 files changed

+75
-75
lines changed

Diff for: application/modules/admin/views/advanced_settings/adminUsers.php

+4-4
Original file line numberDiff line numberDiff line change
@@ -73,22 +73,22 @@
7373
<h4 class="modal-title" id="myModalLabel">Add Administrator</h4>
7474
</div>
7575
<div class="modal-body">
76-
<input type="hidden" name="edit" value="<?= isset($_GET['edit']) ? $_GET['edit'] : '0' ?>">
76+
<input type="hidden" name="edit" value="<?= isset($_GET['edit']) ? (int)$_GET['edit'] : '0' ?>">
7777
<div class="form-group">
7878
<label for="username">Username</label>
79-
<input type="text" name="username" value="<?= isset($_POST['username']) ? $_POST['username'] : '' ?>" class="form-control" id="username">
79+
<input type="text" name="username" value="<?= isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>" class="form-control" id="username">
8080
</div>
8181
<div class="form-group">
8282
<label for="password">Password</label>
8383
<input type="password" name="password" class="form-control" value="" id="password">
8484
</div>
8585
<div class="form-group">
8686
<label for="email">Email</label>
87-
<input type="text" name="email" class="form-control" value="<?= isset($_POST['email']) ? $_POST['email'] : '' ?>" id="email">
87+
<input type="text" name="email" class="form-control" value="<?= isset($_POST['email']) ? htmlspecialchars($_POST['email']) : '' ?>" id="email">
8888
</div>
8989
<div class="form-group">
9090
<label for="notify">Notifications</label>
91-
<input type="text" name="notify" class="form-control" value="<?= isset($_POST['notify']) ? $_POST['notify'] : '' ?>" placeholder="Get notifications by email: 1 / 0 (yes or no)" id="notify">
91+
<input type="text" name="notify" class="form-control" value="<?= isset($_POST['notify']) ? htmlspecialchars($_POST['notify']) : '' ?>" placeholder="Get notifications by email: 1 / 0 (yes or no)" id="notify">
9292
</div>
9393
</div>
9494
<div class="modal-footer">

Diff for: application/modules/admin/views/advanced_settings/languages.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,7 @@
8383
?>
8484
<form method="POST" id="saveLang">
8585
<input type="hidden" name="goDaddyGo" value="">
86-
<div class="alert alert-info"><span class="glyphicon glyphicon-alert"></span> Now you edit language: <b><?= ucfirst($_GET['editLang']) ?></b></div>
86+
<div class="alert alert-info"><span class="glyphicon glyphicon-alert"></span> Now you edit language: <b><?= ucfirst(htmlspecialchars($_GET['editLang'])) ?></b></div>
8787
<?php
8888
$o = 1;
8989
$countValuesForEdit = 0;

Diff for: application/modules/admin/views/blog/blogpublish.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141
?>
4242
<div class="form-group">
4343
<?php if (isset($_POST['image'])) { ?>
44-
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
44+
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
4545
<div><img class="img-responsive" src="<?= base_url('attachments/blog_images/' . $_POST['image']) ?>"></div>
4646
<label for="userfile">Choose another image:</label>
4747
<?php } else { ?>

Diff for: application/modules/admin/views/ecommerce/discounts.php

+10-10
Original file line numberDiff line numberDiff line change
@@ -42,17 +42,17 @@
4242
}
4343
?>
4444
<tr>
45-
<td><?= $code['code'] ?></td>
46-
<td><?= $code['type'] == 'float' ? '-' . $code['amount'] : '-' . $code['amount'] . '%' ?></td>
45+
<td><?= htmlspecialchars($code['code']) ?></td>
46+
<td><?= $code['type'] == 'float' ? '-' . htmlspecialchars($code['amount']) : '-' . htmlspecialchars($code['amount']) . '%' ?></td>
4747
<td><?= date('d.m.Y', $code['valid_from_date']) ?></td>
4848
<td <?= time() > $code['valid_to_date'] ? 'class="text-danger"' : '' ?>><?= date('d.m.Y', $code['valid_to_date']) ?></td>
4949
<td class="text-center">
50-
<a href="<?= base_url('admin/discounts?codeid=' . $code['id'] . '&tostatus=' . $tostatus) ?>">
51-
<?= $code['status'] == 1 ? '<span class="label label-success">Enabled</span>' : '<span class="label label-danger">Disabled</span>' ?>
50+
<a href="<?= base_url('admin/discounts?codeid=' . (int)$code['id'] . '&tostatus=' . (int)$tostatus) ?>">
51+
<?= (int)$code['status'] == 1 ? '<span class="label label-success">Enabled</span>' : '<span class="label label-danger">Disabled</span>' ?>
5252
</a>
5353
</td>
5454
<td class="text-center">
55-
<a href="<?= base_url('admin/discounts?edit=' . $code['id']) ?>" class="btn btn-primary btn-xs">Edit</a>
55+
<a href="<?= base_url('admin/discounts?edit=' . (int)$code['id']) ?>" class="btn btn-primary btn-xs">Edit</a>
5656
</td>
5757
</tr>
5858
<?php
@@ -72,7 +72,7 @@
7272
<div class="modal-dialog" role="document">
7373
<div class="modal-content">
7474
<form action="" method="POST">
75-
<input type="hidden" name="update" value="<?= isset($_POST['update']) ? $_POST['update'] : '0' ?>">
75+
<input type="hidden" name="update" value="<?= isset($_POST['update']) ? (int)$_POST['update'] : '0' ?>">
7676
<div class="modal-header">
7777
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
7878
<h4 class="modal-title" id="myModalLabel">Add discount code</h4>
@@ -90,23 +90,23 @@
9090
</div>
9191
<div class="form-group">
9292
<label>Discount value</label>
93-
<input class="form-control" name="amount" value="<?= isset($_POST['amount']) ? $_POST['amount'] : '' ?>" type="text">
93+
<input class="form-control" name="amount" value="<?= isset($_POST['amount']) ? htmlspecialchars($_POST['amount']) : '' ?>" type="text">
9494
</div>
9595
<div class="form-group" style="position: relative;">
9696
<label>Discount code</label>
97-
<input class="form-control" name="code" value="<?= isset($_POST['code']) ? $_POST['code'] : '' ?>" type="text">
97+
<input class="form-control" name="code" value="<?= isset($_POST['code']) ? htmlspecialchars($_POST['code']) : '' ?>" type="text">
9898
<div style="position: absolute; right:5px; top:30px;">
9999
<input type="text" data-toggle="tooltip" title="Set length of code" data-placement="top" class="codeLength" value="6" style="border: 1px solid #dadada;float: left;height: 20px; margin-right: 4px; text-align: center; margin-top: 1px; width: 20px;">
100100
<a href="javascript:void(0);" onclick="generateDiscountCode()" class="btn btn-xs btn-default">Generate</a>
101101
</div>
102102
</div>
103103
<div class="form-group">
104104
<label>Valid from date</label>
105-
<input class="form-control datepicker" name="valid_from_date" value="<?= isset($_POST['valid_from_date']) ? $_POST['valid_from_date'] : '' ?>" type="text">
105+
<input class="form-control datepicker" name="valid_from_date" value="<?= isset($_POST['valid_from_date']) ? htmlspecialchars($_POST['valid_from_date']) : '' ?>" type="text">
106106
</div>
107107
<div class="form-group">
108108
<label>Valid to date</label>
109-
<input class="form-control datepicker" name="valid_to_date" value="<?= isset($_POST['valid_to_date']) ? $_POST['valid_to_date'] : '' ?>" type="text">
109+
<input class="form-control datepicker" name="valid_to_date" value="<?= isset($_POST['valid_to_date']) ? htmlspecialchars($_POST['valid_to_date']) : '' ?>" type="text">
110110
</div>
111111
</div>
112112
<div class="modal-footer">

Diff for: application/modules/admin/views/ecommerce/publish.php

+8-8
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
}
2020
?>
2121
<form method="POST" action="" enctype="multipart/form-data">
22-
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
22+
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
2323
<div class="form-group available-translations">
2424
<b>Languages</b>
2525
<?php foreach ($languages as $language) { ?>
@@ -77,7 +77,7 @@
7777
<div class="form-group bordered-group">
7878
<?php
7979
if (isset($_POST['image']) && $_POST['image'] != null) {
80-
$image = 'attachments/shop_images/' . $_POST['image'];
80+
$image = 'attachments/shop_images/' . htmlspecialchars($_POST['image']);
8181
if (!file_exists($image)) {
8282
$image = 'attachments/no-image.png';
8383
}
@@ -86,9 +86,9 @@
8686
<div>
8787
<img src="<?= base_url($image) ?>" class="img-responsive img-thumbnail" style="max-width:300px; margin-bottom: 5px;">
8888
</div>
89-
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
89+
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
9090
<?php if (isset($_GET['to_lang'])) { ?>
91-
<input type="hidden" name="image" value="<?= $_POST['image'] ?>">
91+
<input type="hidden" name="image" value="<?= htmlspecialchars($_POST['image']) ?>">
9292
<?php
9393
}
9494
}
@@ -120,7 +120,7 @@
120120
</div>
121121
<div class="form-group for-shop">
122122
<label>Quantity</label>
123-
<input type="text" placeholder="number" name="quantity" value="<?= @$_POST['quantity'] ?>" class="form-control" id="quantity">
123+
<input type="text" placeholder="number" name="quantity" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['quantity']) : '' ?>" class="form-control" id="quantity">
124124
</div>
125125
<?php if ($showBrands == 1) { ?>
126126
<div class="form-group for-shop">
@@ -134,7 +134,7 @@
134134
<?php } if ($virtualProducts == 1) { ?>
135135
<div class="form-group for-shop">
136136
<label>Virtual Products <a href="javascript:void(0);" data-toggle="modal" data-target="#virtualProductsHelp"><i class="fa fa-question-circle" aria-hidden="true"></i></a></label>
137-
<textarea class="form-control" name="virtual_products"><?= @$_POST['virtual_products'] ?></textarea>
137+
<textarea class="form-control" name="virtual_products"><?= isset($_POST['virtual_products']) ? htmlspecialchars($_POST['virtual_products']) : '' ?></textarea>
138138
</div>
139139
<?php } ?>
140140
<div class="form-group for-shop">
@@ -146,7 +146,7 @@
146146
</div>
147147
<div class="form-group for-shop">
148148
<label>Position</label>
149-
<input type="text" placeholder="Position number" name="position" value="<?= @$_POST['position'] ?>" class="form-control">
149+
<input type="text" placeholder="Position number" name="position" value="<?= isset($_POST['position']) ? htmlspecialchars($_POST['position']) : '' ?>" class="form-control">
150150
</div>
151151
<button type="submit" name="submit" class="btn btn-lg btn-default btn-publish">Publish</button>
152152
<?php if ($this->uri->segment(3) !== null) { ?>
@@ -163,7 +163,7 @@
163163
</div>
164164
<div class="modal-body">
165165
<form id="uploadImagesForm">
166-
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
166+
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
167167
<label for="others">Select images</label>
168168
<input type="file" name="others[]" id="others" multiple />
169169
</form>

Diff for: application/modules/vendor/views/add_product.php

+7-7
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
?>
1515
<div class="content">
1616
<form class="form-box" action="" method="POST" enctype="multipart/form-data">
17-
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
17+
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
1818
<div class="form-group available-translations">
1919
<b>Languages</b>
2020
<?php foreach ($languages as $language) { ?>
@@ -58,7 +58,7 @@
5858
<div class="form-group bordered-group">
5959
<?php
6060
if (isset($_POST['image']) && $_POST['image'] != null) {
61-
$image = 'attachments/shop_images/' . $_POST['image'];
61+
$image = 'attachments/shop_images/' . htmlspecialchars($_POST['image']);
6262
if (!file_exists($image)) {
6363
$image = 'attachments/no-image.png';
6464
}
@@ -67,9 +67,9 @@
6767
<div>
6868
<img src="<?= base_url($image) ?>" class="img-responsive img-thumbnail" style="max-width:300px; margin-bottom: 5px;">
6969
</div>
70-
<input type="hidden" name="old_image" value="<?= $_POST['image'] ?>">
70+
<input type="hidden" name="old_image" value="<?= htmlspecialchars($_POST['image']) ?>">
7171
<?php if (isset($_GET['to_lang'])) { ?>
72-
<input type="hidden" name="image" value="<?= $_POST['image'] ?>">
72+
<input type="hidden" name="image" value="<?= htmlspecialchars($_POST['image']) ?>">
7373
<?php
7474
}
7575
}
@@ -110,10 +110,10 @@
110110
</div>
111111
<?php } ?>
112112
<div class="form-group">
113-
<input type="text" placeholder="<?= lang('vendor_quantity') ?>" name="quantity" value="<?= @$_POST['quantity'] ?>" class="form-control">
113+
<input type="text" placeholder="<?= lang('vendor_quantity') ?>" name="quantity" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['quantity']) : '' ?>" class="form-control">
114114
</div>
115115
<div class="form-group">
116-
<input type="text" placeholder="<?= lang('vendor_position') ?>" name="position" value="<?= @$_POST['position'] ?>" class="form-control">
116+
<input type="text" placeholder="<?= lang('vendor_position') ?>" name="position" value="<?= isset($_POST['quantity']) ? htmlspecialchars($_POST['position']) : '' ?>" class="form-control">
117117
</div>
118118
<button type="submit" name="setProduct" class="btn btn-green"><?= lang('vendor_submit_product') ?></button>
119119
</form>
@@ -130,7 +130,7 @@
130130
</div>
131131
<div class="modal-body">
132132
<form id="uploadImagesForm">
133-
<input type="hidden" value="<?= isset($_POST['folder']) ? $_POST['folder'] : $timeNow ?>" name="folder">
133+
<input type="hidden" value="<?= isset($_POST['folder']) ? htmlspecialchars($_POST['folder']) : $timeNow ?>" name="folder">
134134
<label for="others"><?= lang('vendor_select_images') ?></label>
135135
<input type="file" name="others[]" id="others" multiple />
136136
</form>

0 commit comments

Comments
 (0)