浏览代码

Avoid XSS silliness in the calendar plugin

tassium 22 年之前
父节点
当前提交
c691b263f5
共有 2 个文件被更改,包括 4 次插入4 次删除
  1. 2 2
      plugins/calendar/calendar_data.php
  2. 2 2
      plugins/calendar/event_create.php

+ 2 - 2
plugins/calendar/calendar_data.php

@@ -35,8 +35,8 @@ function readcalendardata() {
             while ($fdata = fgetcsv ($fp, 4096, '|')) {
             while ($fdata = fgetcsv ($fp, 4096, '|')) {
                 $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
                 $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
                                                             'priority' => $fdata[3],
                                                             'priority' => $fdata[3],
-                                                            'title' => $fdata[4],
-                                                            'message' => $fdata[5],
+                                                            'title' => htmlentities($fdata[4],ENT_NOQUOTES),
+                                                            'message' => htmlentities($fdata[5],ENT_NOQUOTES),
                                                             'reminder' => $fdata[6] );
                                                             'reminder' => $fdata[6] );
             }
             }
             fclose ($fp);
             fclose ($fp);

+ 2 - 2
plugins/calendar/event_create.php

@@ -186,11 +186,11 @@ if(!isset($event_text)){
                 ) .
                 ) .
                 html_tag( 'tr',
                 html_tag( 'tr',
                     html_tag( 'td', _("Title:"), 'right', $color[4] ) . "\n" .
                     html_tag( 'td', _("Title:"), 'right', $color[4] ) . "\n" .
-                    html_tag( 'td', $event_title, 'left', $color[4] ) . "\n"
+                    html_tag( 'td', htmlentities($event_title,ENT_NOQUOTES), 'left', $color[4] ) . "\n"
                 ) .
                 ) .
                 html_tag( 'tr',
                 html_tag( 'tr',
                     html_tag( 'td', _("Message:"), 'right', $color[4] ) . "\n" .
                     html_tag( 'td', _("Message:"), 'right', $color[4] ) . "\n" .
-                    html_tag( 'td', $event_text, 'left', $color[4] ) . "\n"
+                    html_tag( 'td', htmlentities($event_text,ENT_NOQUOTES), 'left', $color[4] ) . "\n"
                 ) .
                 ) .
                 html_tag( 'tr',
                 html_tag( 'tr',
                     html_tag( 'td',
                     html_tag( 'td',