Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix error and set by default to preventXSS
  • Loading branch information
nayo committed Jul 31, 2019
1 parent cb9c0cc commit c87571f
Showing 1 changed file with 16 additions and 6 deletions.
22 changes: 16 additions & 6 deletions lib/functions.php
Expand Up @@ -651,7 +651,7 @@ function error($msg,$type='note',$redirect=null,$fatal=false,$backtrace=false) {
*
* @return The form GET/REQUEST/SESSION/POST variable value or its default
*/
function get_request($attr,$type='POST',$die=false,$default=null,$preventXSS=false) {
function get_request($attr,$type='POST',$die=false,$default=null,$preventXSS=true) {
switch($type) {
case 'GET':
$value = isset($_GET[$attr]) ? (is_array($_GET[$attr]) ? $_GET[$attr] : (empty($_GET['nodecode'][$attr]) ? rawurldecode($_GET[$attr]) : $_GET[$attr])) : $default;
Expand All @@ -675,7 +675,7 @@ function get_request($attr,$type='POST',$die=false,$default=null,$preventXSS=fal
system_message(array(
'title'=>_('Generic Error'),
'body'=>sprintf('%s: Called "%s" without "%s" using "%s"',
basename($_SERVER['PHP_SELF']),get_request('cmd','REQUEST',false,null,true),preventXSS($attr),preventXSS($type)),
basename($_SERVER['PHP_SELF']),get_request('cmd','REQUEST'),preventXSS($attr),preventXSS($type)),
'type'=>'error'),
'index.php');
if($preventXSS && !is_null($value))
Expand All @@ -686,10 +686,20 @@ function get_request($attr,$type='POST',$die=false,$default=null,$preventXSS=fal
* Prevent XSS function. This function can usage has preventXSS(get_request('cmd','REQUEST'))
* Return valor escape XSS.
*/
function preventXSS($value){
return htmlspecialchars(addslashes($value), ENT_QUOTES, 'UTF-8');
}

function preventXSS($data){
if (gettype($data) == 'array') {
foreach ($data as $key => $value) {
if (gettype($value) == 'array')
$data[$key] = preventXSS($value);
else
$data[$key] = htmlspecialchars($value);
}
return $data;
}
return htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
}

/*
* Record a system message.
* This function can be used as an alternative to generate a system message, if page hasnt yet been defined.
*/
Expand Down

2 comments on commit c87571f

@setharnold
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Has a CVE already been assigned for this change?

Thanks

@alexmurray
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was assigned CVE-2020-35132 by MITRE.

Please sign in to comment.