trinkey/qna
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

fix html injection; thanks to ⬡-49016 for its report

Browse source
This commit is contained in:
Luke 2025-01-18 15:40:32 +01:00
parent 3d0725135c
commit f5312187e9
4 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
admin/all.php
View file

@ -38,7 +38,7 @@ foreach (array_reverse($rows) as $i){
if ($i["isrespondedto"] === "f" && $i["ispublic"] == "t") {
echo("<div class=\"question\">");
if ($i["iscwed"] === "t") {
echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
}
echo(htmlspecialchars($i["text"]));
echo("<div class=\"time\">" . $i["time"] . "</div>");
@ -51,7 +51,7 @@ foreach (array_reverse($rows) as $i){
if ($i["ispublic"] === "f") {
echo("<div class=\"question\">");
if ($i["iscwed"] === "t") {
echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
}
echo(htmlspecialchars($i["text"]));
echo("<div class=\"time\">" . $i["time"] . "</div>");
@ -64,7 +64,7 @@ foreach (array_reverse($rows) as $i){
if ($i["ispublic"] === "t" && $i["isrespondedto"] === "t") {
echo("<div class=\"question\">");
if ($i["iscwed"] === "t") {
echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
}
echo(htmlspecialchars($i["text"]));
echo("<div class=\"time\">" . $i["time"] . "</div>");
@ -74,4 +74,4 @@ foreach (array_reverse($rows) as $i){
}
}
?>
?>

4
admin/respond.php
View file

@ -46,7 +46,7 @@ if ($arr["ispublic"] === "f") {
echo("<a class=\"goback\" href=\"index.php?pw={$adminPassword}\">(go back?)</a>");
echo("<div class=\"question\">");
if ($arr["iscwed"] === "t") {
echo("<h3>cw: " . $arr["cw"] . "</h3>");
echo("<h3>cw: " . htmlspecialchars($arr["cw"]) . "</h3>");
}
echo(htmlspecialchars($arr["text"]));
echo("<div class=\"time\">" . $arr["time"] . "</div>");
@ -60,4 +60,4 @@ if ($arr["ispublic"] === "f") {
echo("<form class=\"frm\" action=\"index.php\"><input hidden name=\"id\" value=\"{$id}\"><input hidden name=\"page\" value=\"respond\"><input hidden name=\"pw\" value=\"{$adminPassword}\"><input id=\"passinput\" name=\"text\" required=\"\"><br><button class=\"submitbutton\" type=\"submit\">send</button></form>");
}
?>
?>

4
fetch.php
View file

@ -28,7 +28,7 @@ if (pg_num_rows($qresp) === 0 || $arr["ispublic"] === "f" || $arr["isrespondedto
echo("<a class=\"goback\" href=\"index.php\">(go back?)</a>");
echo("<div class=\"question\">");
if ($arr["iscwed"] === "t") {
echo("<details><summary>cw: " . $arr["cw"] . "</summary><span class=\"cwfiller\"></span>");
echo("<details><summary>cw: " . htmlspecialchars($arr["cw"]) . "</summary><span class=\"cwfiller\"></span>");
}
echo(htmlspecialchars($arr["text"]));
echo("<div class=\"time\">" . $arr["time"] . "</div>");
@ -36,4 +36,4 @@ if (pg_num_rows($qresp) === 0 || $arr["ispublic"] === "f" || $arr["isrespondedto
echo("<div class=\"time\">" . $arr["responsetime"] . "</div></div></div>");
}
?>
?>

4
index.php
View file

@ -36,7 +36,7 @@ foreach (array_reverse($rows) as $i){
if ($i["ispublic"] === "t" && $i["isrespondedto"] === "t") {
echo("<div class=\"question\">");
if ($i["iscwed"] === "t") {
echo("<details><summary>cw: " . $i["cw"] . "</summary><span class=\"cwfiller\"></span>");
echo("<details><summary>cw: " . htmlspecialchars($i["cw"]) . "</summary><span class=\"cwfiller\"></span>");
}
echo(htmlspecialchars($i["text"]));
echo("<div class=\"time\">" . $i["time"] . "</div>");
@ -46,4 +46,4 @@ foreach (array_reverse($rows) as $i){
}
}
?>
?>