Permalink
Browse files

SECURITY Removed various PHP files from sapphire/thirdparty to reduce…

… XSS attack surface (see r98027 and r98028)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98029 467b73ca-7a2a-4603-9d3b-597d59a354a9
  • Loading branch information...
1 parent bbd9f2a commit 67517144d684c59570ee2e730235575d6a6cb3ae @chillu chillu committed Feb 3, 2010
Showing with 0 additions and 44,908 deletions.
  1. +0 −86 thirdparty/jquery-validate/demo/ajaxSubmit-intergration-demo.html
  2. +0 −27 thirdparty/jquery-validate/demo/captcha/captcha.js
  3. BIN thirdparty/jquery-validate/demo/captcha/fonts/Anorexia.ttf
  4. +0 −6 thirdparty/jquery-validate/demo/captcha/image_req.php
  5. +0 −1 thirdparty/jquery-validate/demo/captcha/images/.htaccess
  6. BIN thirdparty/jquery-validate/demo/captcha/images/button.png
  7. BIN thirdparty/jquery-validate/demo/captcha/images/button.psd
  8. +0 −35 thirdparty/jquery-validate/demo/captcha/images/image.php
  9. +0 −66 thirdparty/jquery-validate/demo/captcha/index.php
  10. +0 −12 thirdparty/jquery-validate/demo/captcha/newsession.php
  11. +0 −14 thirdparty/jquery-validate/demo/captcha/process.php
  12. +0 −11 thirdparty/jquery-validate/demo/captcha/rand.php
  13. +0 −140 thirdparty/jquery-validate/demo/captcha/style.css
  14. +0 −15 thirdparty/jquery-validate/demo/css/chili.css
  15. +0 −46 thirdparty/jquery-validate/demo/css/cmxform.css
  16. +0 −55 thirdparty/jquery-validate/demo/css/cmxformTemplate.css
  17. +0 −21 thirdparty/jquery-validate/demo/css/core.css
  18. +0 −61 thirdparty/jquery-validate/demo/css/reset.css
  19. +0 −11 thirdparty/jquery-validate/demo/css/screen.css
  20. +0 −95 thirdparty/jquery-validate/demo/custom-messages-metadata-demo.html
  21. +0 −123 thirdparty/jquery-validate/demo/custom-methods-demo.html
  22. +0 −151 thirdparty/jquery-validate/demo/dynamic-totals.html
  23. +0 −162 thirdparty/jquery-validate/demo/errorcontainer-demo.html
  24. +0 −55 thirdparty/jquery-validate/demo/example.html
  25. +0 −10 thirdparty/jquery-validate/demo/form.php
  26. +0 −10 thirdparty/jquery-validate/demo/form.phps
  27. BIN thirdparty/jquery-validate/demo/images/bg.gif
  28. BIN thirdparty/jquery-validate/demo/images/checked.gif
  29. BIN thirdparty/jquery-validate/demo/images/cmxform-divider.gif
  30. BIN thirdparty/jquery-validate/demo/images/cmxform-fieldset.gif
  31. BIN thirdparty/jquery-validate/demo/images/loading.gif
  32. BIN thirdparty/jquery-validate/demo/images/unchecked.gif
  33. +0 −235 thirdparty/jquery-validate/demo/index.html
  34. +0 −1 thirdparty/jquery-validate/demo/js/chili-1.7.pack.js
  35. +0 −24 thirdparty/jquery-validate/demo/js/cmxforms.js
  36. BIN thirdparty/jquery-validate/demo/login/images/bg.gif
  37. BIN thirdparty/jquery-validate/demo/login/images/header1.jpg
  38. BIN thirdparty/jquery-validate/demo/login/images/page.gif
  39. BIN thirdparty/jquery-validate/demo/login/images/required_star.gif
  40. +0 −76 thirdparty/jquery-validate/demo/login/index.html
  41. +0 −457 thirdparty/jquery-validate/demo/login/screen.css
  42. +0 −10 thirdparty/jquery-validate/demo/marketo/emails.php
  43. +0 −10 thirdparty/jquery-validate/demo/marketo/emails.phps
  44. +0 −35 thirdparty/jquery-validate/demo/marketo/ie6.css
  45. BIN thirdparty/jquery-validate/demo/marketo/images/backRequiredGray.gif
  46. BIN thirdparty/jquery-validate/demo/marketo/images/back_green-fade.gif
  47. BIN thirdparty/jquery-validate/demo/marketo/images/back_nav_blue.gif
  48. BIN thirdparty/jquery-validate/demo/marketo/images/blank.gif
  49. BIN thirdparty/jquery-validate/demo/marketo/images/button-submit.gif
  50. BIN thirdparty/jquery-validate/demo/marketo/images/favicon.ico
  51. BIN thirdparty/jquery-validate/demo/marketo/images/help.png
  52. BIN thirdparty/jquery-validate/demo/marketo/images/left-nav-callout-long.png
  53. BIN thirdparty/jquery-validate/demo/marketo/images/login-sprite.gif
  54. BIN thirdparty/jquery-validate/demo/marketo/images/logo_marketo.gif
  55. BIN thirdparty/jquery-validate/demo/marketo/images/sf.png
  56. BIN thirdparty/jquery-validate/demo/marketo/images/step1-24.gif
  57. BIN thirdparty/jquery-validate/demo/marketo/images/step2-24.gif
  58. BIN thirdparty/jquery-validate/demo/marketo/images/step3-24.gif
  59. BIN thirdparty/jquery-validate/demo/marketo/images/tab-sprite.gif
  60. BIN thirdparty/jquery-validate/demo/marketo/images/tab_green.gif
  61. BIN thirdparty/jquery-validate/demo/marketo/images/time.png
  62. BIN thirdparty/jquery-validate/demo/marketo/images/toggle.gif
  63. BIN thirdparty/jquery-validate/demo/marketo/images/warning.gif
  64. +0 −247 thirdparty/jquery-validate/demo/marketo/index.html
  65. +0 −267 thirdparty/jquery-validate/demo/marketo/jquery.maskedinput.js
  66. +0 −125 thirdparty/jquery-validate/demo/marketo/mktSignup.js
  67. +0 −291 thirdparty/jquery-validate/demo/marketo/step2.htm
  68. +0 −1,179 thirdparty/jquery-validate/demo/marketo/stylesheet.css
  69. BIN thirdparty/jquery-validate/demo/milk/bg.gif
  70. +0 −10 thirdparty/jquery-validate/demo/milk/emails.php
  71. +0 −10 thirdparty/jquery-validate/demo/milk/emails.phps
  72. +0 −235 thirdparty/jquery-validate/demo/milk/index.html
  73. BIN thirdparty/jquery-validate/demo/milk/left_white.png
  74. +0 −236 thirdparty/jquery-validate/demo/milk/milk.css
  75. BIN thirdparty/jquery-validate/demo/milk/milk.png
  76. BIN thirdparty/jquery-validate/demo/milk/right_white.png
  77. +0 −12 thirdparty/jquery-validate/demo/milk/users.php
  78. +0 −10 thirdparty/jquery-validate/demo/milk/users.phps
  79. +0 −412 thirdparty/jquery-validate/demo/multipart/index.html
  80. +0 −246 thirdparty/jquery-validate/demo/multipart/js/jquery.maskedinput-1.0.js
  81. +0 −477 thirdparty/jquery-validate/demo/multipart/js/ui.accordion.js
  82. +0 −519 thirdparty/jquery-validate/demo/multipart/js/ui.core.js
  83. +0 −705 thirdparty/jquery-validate/demo/multipart/style.css
  84. +0 −160 thirdparty/jquery-validate/demo/radio-checkbox-select-demo.html
  85. +0 −157 thirdparty/jquery-validate/demo/tabs/index.html
  86. +0 −75 thirdparty/jquery-validate/demo/tinymce/index.html
  87. +0 −1 thirdparty/jquery-validate/demo/tinymce/themes/simple/editor_template.js
  88. BIN thirdparty/jquery-validate/demo/tinymce/themes/simple/img/icons.gif
  89. +0 −11 thirdparty/jquery-validate/demo/tinymce/themes/simple/langs/en.js
  90. +0 −32 thirdparty/jquery-validate/demo/tinymce/themes/simple/skins/default/ui.css
  91. +0 −1 thirdparty/jquery-validate/demo/tinymce/tiny_mce.js
  92. +0 −71 thirdparty/jquery-validate/test/events.html
  93. BIN thirdparty/jquery-validate/test/firebug/errorIcon.png
  94. +0 −209 thirdparty/jquery-validate/test/firebug/firebug.css
  95. +0 −23 thirdparty/jquery-validate/test/firebug/firebug.html
  96. +0 −672 thirdparty/jquery-validate/test/firebug/firebug.js
  97. +0 −10 thirdparty/jquery-validate/test/firebug/firebugx.js
  98. BIN thirdparty/jquery-validate/test/firebug/infoIcon.png
  99. BIN thirdparty/jquery-validate/test/firebug/warningIcon.png
  100. +0 −261 thirdparty/jquery-validate/test/index.html
  101. +0 −188 thirdparty/jquery-validate/test/large.html
  102. +0 −62 thirdparty/jquery-validate/test/messages.js
  103. +0 −553 thirdparty/jquery-validate/test/methods.js
  104. +0 −267 thirdparty/jquery-validate/test/rules.js
  105. +0 −444 thirdparty/jquery-validate/test/selects/index.html
  106. +0 −78 thirdparty/jquery-validate/test/tabs.html
  107. +0 −1,071 thirdparty/jquery-validate/test/test.js
  108. +0 −11 thirdparty/jquery-validate/test/users.php
  109. +0 −11 thirdparty/jquery-validate/test/users2.php
  110. +0 −30,217 thirdparty/jsmin/test/ext-all-debug.js
  111. +0 −3,271 thirdparty/jsmin/test/prototype.js
  112. +0 −10 thirdparty/jsmin/test/test.php
@@ -1,86 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
-<title>Test for jQuery validate() plugin</title>
-<link rel="stylesheet" type="text/css" media="screen" href="css/screen.css" />
-<style type="text/css">
-.warning { color: red; }
-</style>
-<script src="../lib/jquery.js" type="text/javascript"></script>
-<script src="../lib/jquery.form.js" type="text/javascript"></script>
-<script src="../jquery.validate.js" type="text/javascript"></script>
-
-<script src="js/cmxforms.js" type="text/javascript"></script>
-<script type="text/javascript">
- jQuery(function() {
- // show a simple loading indicator
- var loader = jQuery('<div id="loader"><img src="images/loading.gif" alt="loading..." /></div>')
- .css({position: "relative", top: "1em", left: "25em"})
- .appendTo("body")
- .hide();
- jQuery().ajaxStart(function() {
- loader.show();
- }).ajaxStop(function() {
- loader.hide();
- }).ajaxError(function(a, b, e) {
- throw e;
- });
-
- var v = jQuery("#form").validate({
- submitHandler: function(form) {
- jQuery(form).ajaxSubmit({
- target: "#result"
- });
- }
- });
-
- jQuery("#reset").click(function() {
- v.resetForm();
- });
- });
-</script>
-
-</head>
-<body>
-
-<h1 id="banner"><a href="http://bassistance.de/jquery-plugins/jquery-plugin-validation/">jQuery Validation Plugin</a> Demo</h1>
-<div id="main">
-
-<form method="post" class="cmxform" id="form" action="form.php">
- <fieldset>
- <legend>Login Form (Enter "foobar" as password)</legend>
- <p>
- <label for="user">Username</label>
- <input id="user" name="user" title="Please enter your username (at least 3 characters)" class="required" minlength="3" />
- </p>
- <p>
- <label for="pass">Password</label>
- <input type="password" name="password" id="password" class="required" minlength"5" />
- </p>
- <p>
- <input class="submit" type="submit" value="Login"/>
- </p>
- </fieldset>
-</form>
-
-<div id="result">Please login!</div>
-
-<br/>
-
-<button id="reset">Programmatically reset above form!</button>
-
-<p>Backend file: <a href="form.php">form.phps</a></p>
-
-<a href="index.html">Back to main page</a>
-
-</div>
-
-<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
-</script>
-<script type="text/javascript">
-_uacct = "UA-2623402-1";
-urchinTracker();
-</script>
-</body>
-</html>
@@ -1,27 +0,0 @@
-$(function(){
- $("#refreshimg").click(function(){
- $.post('newsession.php');
- $("#captchaimage").load('image_req.php');
- return false;
- });
-
- $("#captchaform").validate({
- rules: {
- captcha: {
- required: true,
- remote: "process.php"
- }
- },
- messages: {
- captcha: "Correct captcha is required. Click the captcha to generate a new one"
- },
- submitHandler: function() {
- alert("Correct captcha!");
- },
- success: function(label) {
- label.addClass("valid").text("Valid captcha!")
- },
- onkeyup: false
- });
-
-});
Binary file not shown.
@@ -1,6 +0,0 @@
-<?php
-
-// Echo the image - timestamp appended to prevent caching
-echo '<a href="index.php" onclick="refreshimg(); return false;" title="Click to refresh image"><img src="images/image.jpg?' . time() . '" width="132" height="46" alt="Captcha image" /></a>';
-
-?>
@@ -1 +0,0 @@
-AddType application/x-httpd-php .jpg
Deleted file not rendered
Deleted file not rendered
@@ -1,35 +0,0 @@
-<?php
-
-// Begin the session
-session_start();
-
-// If the session is not present, set the variable to an error message
-if(!isset($_SESSION['captcha_id']))
- $str = 'ERROR!';
-// Else if it is present, set the variable to the session contents
-else
- $str = $_SESSION['captcha_id'];
-
-// Set the content type
-//header('Content-type: image/png');
-header('Cache-control: no-cache');
-
-// Create an image from button.png
-$image = imagecreatefrompng('button.png');
-
-// Set the font colour
-$colour = imagecolorallocate($image, 183, 178, 152);
-
-// Set the font
-$font = '../fonts/Anorexia.ttf';
-
-// Set a random integer for the rotation between -15 and 15 degrees
-$rotate = rand(-15, 15);
-
-// Create an image using our original image and adding the detail
-imagettftext($image, 14, $rotate, 18, 30, $colour, $font, $str);
-
-// Output the image as a png
-imagepng($image);
-
-?>
@@ -1,66 +0,0 @@
-<?php
-
-// Make the page validate
-ini_set('session.use_trans_sid', '0');
-
-// Include the random string file
-require 'rand.php';
-
-// Begin the session
-session_start();
-
-// Set the session contents
-$_SESSION['captcha_id'] = $str;
-
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-
-<head>
- <title>AJAX CAPTCHA</title>
- <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
- <meta name="keywords" content="AJAX,JHR,PHP,CAPTCHA,download,PHP CAPTCHA,AJAX CAPTCHA,AJAX PHP CAPTCHA,download AJAX CAPTCHA,download AJAX PHP CAPTCHA" />
- <meta name="description" content="An AJAX CAPTCHA script, written in PHP" />
-
- <script type="text/javascript" src="../../lib/jquery.js"></script>
- <script type="text/javascript" src="../../jquery.validate.js"></script>
- <script type="text/javascript" src="captcha.js"></script>
-
- <link rel="stylesheet" type="text/css" href="style.css" />
- <style type="text/css">
- img { border: 1px solid #eee; }
- p#statusgreen { font-size: 1.2em; background-color: #fff; color: #0a0; }
- p#statusred { font-size: 1.2em; background-color: #fff; color: #a00; }
- fieldset label { display: block; }
- fieldset div#captchaimage { float: left; margin-right: 15px; }
- fieldset input#captcha { width: 25%; border: 1px solid #ddd; padding: 2px; }
- fieldset input#submit { display: block; margin: 2% 0% 0% 0%; }
- #captcha.success {
- border: 1px solid #49c24f;
- background: #bcffbf;
- }
- #captcha.error {
- border: 1px solid #c24949;
- background: #ffbcbc;
- }
- </style>
-</head>
-
-<body>
-
-<h1><acronym title="Asynchronous JavaScript And XML">AJAX</acronym> <acronym title="Completely Automated Public Turing test to tell Computers and Humans Apart">CAPTCHA</acronym>, based on <a href="http://psyrens.com/captcha/">http://psyrens.com/captcha/</a></h1>
-
-<form id="captchaform" action="">
-<fieldset>
- <div id="captchaimage"><a href="<?php echo $_SERVER['PHP_SELF']; ?>" id="refreshimg" title="Click to refresh image"><img src="images/image.php?<?php echo time(); ?>" width="132" height="46" alt="Captcha image" /></a></div>
- <label for="captcha">Enter the characters as seen on the image above (case insensitive):</label>
- <input type="text" maxlength="6" name="captcha" id="captcha" />
- <input type="submit" name="submit" id="submit" value="Check" />
-</fieldset>
-</form>
-
-<p>If you can&#39;t decipher the text on the image, click it to dynamically generate a new one.</p>
-
-</body>
-
-</html>
@@ -1,12 +0,0 @@
-<?php
-
-// Include the random string file
-require 'rand.php';
-
-// Begin a new session
-session_start();
-
-// Set the session contents
-$_SESSION['captcha_id'] = $str;
-
-?>
@@ -1,14 +0,0 @@
-<?php
-
-// Begin the session
-session_start();
-
-// To avoid case conflicts, make the input uppercase and check against the session value
-// If it's correct, echo '1' as a string
-if(strtoupper($_GET['captcha']) == $_SESSION['captcha_id'])
- echo 'true';
-// Else echo '0' as a string
-else
- echo 'false';
-
-?>
@@ -1,11 +0,0 @@
-<?php
-
-// Create a random string, leaving out 'o' to avoid confusion with '0'
-$char = strtoupper(substr(str_shuffle('abcdefghjkmnpqrstuvwxyz'), 0, 4));
-
-// Concatenate the random string onto the random numbers
-// The font 'Anorexia' doesn't have a character for '8', so the numbers will only go up to 7
-// '0' is left out to avoid confusion with 'O'
-$str = rand(1, 7) . rand(1, 7) . $char;
-
-?>
Oops, something went wrong.

0 comments on commit 6751714

Please sign in to comment.