fix: added missing conversion to HTML entities

thorsten · Jan 9, 2023 · 1815dae · 1815dae
1 parent cd65a96
commit 1815dae
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 7 deletions.
diff --git a/phpmyfaq/admin/record.edit.php b/phpmyfaq/admin/record.edit.php
@@ -652,7 +652,7 @@ class="form-check-input"
                                                     );
                                                     ?>
                                                     <br>
-                                                    <?= $entry['changelog'] ?>
+                                                    <?= Strings::htmlentities($entry['changelog']) ?>
                                                 </li>
                                             <?php } ?>
                                         </ul>

diff --git a/phpmyfaq/admin/record.show.php b/phpmyfaq/admin/record.show.php
@@ -28,6 +28,7 @@
 use phpMyFAQ\Language;
 use phpMyFAQ\LinkVerifier;
 use phpMyFAQ\Search\SearchFactory;
+use phpMyFAQ\Strings;
 use phpMyFAQ\Visits;
 
 if (!defined('IS_VALID_PHPMYFAQ')) {
@@ -456,8 +457,9 @@ function verifyEntryURL_failure(XmlRequest)
                       </td>
                       <td>
                         <a href="?action=editentry&id=<?= $record['id'] ?>&lang=<?= $record['lang'] ?>"
-                           title="<?= $PMF_LANG['ad_user_edit'] ?> '<?= str_replace('"', '´', $record['title']) ?>'">
-                        <?= $record['title'] ?>
+                           title="<?= $PMF_LANG['ad_user_edit'] ?> '
+                           <?= str_replace('"', '´', Strings::htmlentities($record['title'])) ?>'">
+                        <?= Strings::htmlentities($record['title']) ?>
                         </a>
             <?php
             if (isset($numCommentsByFaq[$record['id']])) {

diff --git a/phpmyfaq/src/phpMyFAQ/Faq.php b/phpmyfaq/src/phpMyFAQ/Faq.php
@@ -2010,8 +2010,8 @@ public function getLatest(): array
         if (count($result) > 0) {
             foreach ($result as $row) {
                 $output['url'][] = Strings::htmlentities($row['url']);
-                $output['title'][] = Utils::makeShorterText($row['question'], 8);
-                $output['preview'][] = $row['question'];
+                $output['title'][] = Strings::htmlentities(Utils::makeShorterText($row['question'], 8));
+                $output['preview'][] = Strings::htmlentities($row['question']);
                 $output['date'][] = $date->format($row['date']);
             }
         } else {

diff --git a/phpmyfaq/src/phpMyFAQ/Tags.php b/phpmyfaq/src/phpMyFAQ/Tags.php
@@ -368,7 +368,7 @@ public function renderTagCloud(): string
             $totFaqByTag = count($this->getFaqsByTagName($tagName));
             if ($totFaqByTag > 0) {
                 $tags[$tagName]['id'] = $tagId;
-                $tags[$tagName]['name'] = $tagName;
+                $tags[$tagName]['name'] = Strings::htmlentities($tagName);
                 $tags[$tagName]['count'] = $totFaqByTag;
             }
         }
@@ -483,7 +483,7 @@ public function renderPopularTags(int $limit = 0): string
                 '<a class="btn btn-primary m-1" href="?action=search&tagging_id=%d">%s ' .
                 '<span class="badge badge-info">%d</span></a>',
                 $tagId,
-                $tagName,
+                Strings::htmlentities($tagName),
                 $tagFreq
             );
         }