From 45feef9f6bdae1f2ed9c386ace5f47f012526a4a Mon Sep 17 00:00:00 2001 From: cweiske Date: Thu, 29 Oct 2009 09:05:37 +0000 Subject: fix several XSS injection problems with page variable git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@468 b3834d28-1941-0410-a4f8-b48e95affb8f --- www/ajax/getadminlinkedtags.php | 2 +- www/ajax/getlinkedtags.php | 2 +- www/bookmarks.php | 4 ++-- www/history.php | 2 +- www/index.php | 2 +- www/search.php | 2 +- www/tags.php | 2 +- www/watchlist.php | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/www/ajax/getadminlinkedtags.php b/www/ajax/getadminlinkedtags.php index 0a5d813..2b1c3ac 100644 --- a/www/ajax/getadminlinkedtags.php +++ b/www/ajax/getadminlinkedtags.php @@ -57,7 +57,7 @@ function displayTag($tag, $uId) { { label: 'name', identifier: 'id', items: [ diff --git a/www/ajax/getlinkedtags.php b/www/ajax/getlinkedtags.php index 9415f87..621d1c4 100644 --- a/www/ajax/getlinkedtags.php +++ b/www/ajax/getlinkedtags.php @@ -57,7 +57,7 @@ function displayTag($tag, $uId) { { label: 'name', identifier: 'id', items: [ diff --git a/www/bookmarks.php b/www/bookmarks.php index 4a36a39..8424edb 100644 --- a/www/bookmarks.php +++ b/www/bookmarks.php @@ -190,7 +190,7 @@ if ($templatename == 'editbookmark.tpl') { $tplVars['tags'] = POST_TAGS; } else { if(GET_COPYOF != '') { //copy from bookmarks page - $tplVars['row'] = $bookmarkservice->getBookmark(GET_COPYOF, true); + $tplVars['row'] = $bookmarkservice->getBookmark(intval(GET_COPYOF), true); if(!$currentUser->isAdmin()) { $tplVars['row']['bPrivateNote'] = ''; //only admin can copy private note } @@ -249,7 +249,7 @@ if ($templatename == 'editbookmark.tpl') { // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; diff --git a/www/history.php b/www/history.php index fa1c535..42688a0 100644 --- a/www/history.php +++ b/www/history.php @@ -48,7 +48,7 @@ if ($usecache) { // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; diff --git a/www/index.php b/www/index.php index bc1b354..6d6f5cb 100644 --- a/www/index.php +++ b/www/index.php @@ -60,7 +60,7 @@ if ($usecache) { // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; diff --git a/www/search.php b/www/search.php index 2b65b2f..9a19883 100644 --- a/www/search.php +++ b/www/search.php @@ -60,7 +60,7 @@ if (POST_TERMS != '') { // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; diff --git a/www/tags.php b/www/tags.php index e3fd6d2..fed4510 100644 --- a/www/tags.php +++ b/www/tags.php @@ -73,7 +73,7 @@ array(filter($sitename .': '. $pagetitle), createURL('rss', 'all/'. filter($cat, // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; diff --git a/www/watchlist.php b/www/watchlist.php index 6198781..b92fb9c 100644 --- a/www/watchlist.php +++ b/www/watchlist.php @@ -78,7 +78,7 @@ if ($user) { // Pagination $perpage = getPerPageCount($currentUser); if (intval(GET_PAGE) > 1) { - $page = GET_PAGE; + $page = intval(GET_PAGE); $start = ($page - 1) * $perpage; } else { $page = 0; -- cgit v1.2.3