fix of XSS on login screen #489

microweber · Dec 27, 2018 · 5b29bc8 · 5b29bc8
1 parent 7ac1018
commit 5b29bc8
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 5 deletions.
diff --git a/userfiles/modules/users/login/index.php b/userfiles/modules/users/login/index.php
@@ -77,6 +77,9 @@
     </script>
     <?php
 
+    $input = mw()->format->clean_xss(\Input::all());
+
+
     $login_captcha_enabled = get_option('login_captcha_enabled', 'users') == 'y';
 
     # Login Providers

diff --git a/userfiles/modules/users/login/templates/admin.php b/userfiles/modules/users/login/templates/admin.php
@@ -111,11 +111,10 @@
 
             <form autocomplete="on" method="post" id="user_login_<?php print $params['id'] ?>" action="<?php print api_link('user_login') ?>">
                 <div class="mw-ui-field-holder">
-                    <input class="mw-ui-field mw-ui-field-big silver-field" autofocus="" tabindex="1" required name="username" type="text" placeholder="<?php _e("Username or Email"); ?>" <?php if (isset($_REQUEST['username']) != false): ?> value="<?php print $_REQUEST['username'] ?>"  <?php endif;
-                    ?> />
+                    <input class="mw-ui-field mw-ui-field-big silver-field" autofocus="" tabindex="1" required name="username" type="text" placeholder="<?php _e("Username or Email"); ?>" <?php if (isset($input['username']) != false): ?> value="<?php print $input['username'] ?>"  <?php endif;  ?> />
                 </div>
                 <div class="mw-ui-field-holder">
-                    <input class="mw-ui-field mw-ui-field-big silver-field" name="password" tabindex="2" required type="password" <?php if (isset($_REQUEST['password']) != false): ?> value="<?php print $_REQUEST['password'] ?>"  <?php endif; ?> placeholder="<?php _e("Password"); ?>"/>
+                    <input class="mw-ui-field mw-ui-field-big silver-field" name="password" tabindex="2" required type="password" <?php if (isset($input['password']) != false): ?> value="<?php print $input['password'] ?>"  <?php endif; ?> placeholder="<?php _e("Password"); ?>"/>
                 </div>
 
 

diff --git a/userfiles/modules/users/login/templates/default.php b/userfiles/modules/users/login/templates/default.php
@@ -31,10 +31,10 @@
         <div id="user_login_holder_<?php print $params['id'] ?>">
             <form method="post" id="user_login_<?php print $params['id'] ?>" class="clearfix" action="#">
                 <div class="control-group form-group">
-                    <input class="large-field form-control" name="username" type="text" placeholder="<?php _e("Email or username"); ?>"/>
+                    <input class="large-field form-control" name="username" <?php if (isset($input['username']) != false): ?> value="<?php print $input['username'] ?>"  <?php endif;  ?> type="text" placeholder="<?php _e("Email or username"); ?>"/>
                 </div>
                 <div class="control-group form-group">
-                    <input class="large-field form-control" name="password" type="password" placeholder="<?php _e("Password"); ?>"/>
+                    <input class="large-field form-control" name="password" <?php if (isset($input['password']) != false): ?> value="<?php print $input['password'] ?>"  <?php endif;  ?> type="password" placeholder="<?php _e("Password"); ?>"/>
                 </div>
                 <?php if (isset($login_captcha_enabled) and $login_captcha_enabled): ?>
                     <module type="captcha" />