Files » chamilo-1.9.2-vuln-8.patch
main/announcements/announcements.php | ||
---|---|---|
109 | 109 |
$_SESSION['select_groupusers'] = "hide"; |
110 | 110 |
} |
111 |
$origin = empty($_GET['origin']) ? '' : Security::remove_XSS($_GET['origin']); |
|
112 | ||
111 | 113 |
/* Action handling */ |
112 | 114 |
// display the form |
... | ... | |
130 | 132 |
if(!empty($_GET['toolgroup'])){ |
131 | 133 |
if($_GET['toolgroup'] == strval(intval($_GET['toolgroup']))){ //check is integer |
132 |
$toolgroup = $_GET['toolgroup'];
|
|
134 |
$toolgroup = intval($_GET['toolgroup']);
|
|
133 | 135 |
$_SESSION['select_groupusers'] = 'hide'; |
134 | 136 |
} else { |
135 | 137 |
$toolgroup = 0; |
... | ... | |
538 | 540 |
if ((api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous())) and (empty($_GET['origin']) or $_GET['origin'] !== 'learnpath')) { |
539 | 541 |
echo '<div class="actions">'; |
540 | 542 |
if (isset($_GET['action']) && in_array($_GET['action'], array('add', 'modify','view'))) { |
541 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&origin=".(empty($_GET['origin'])?'':$_GET['origin'])."'>".Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
543 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&origin=".$origin."'>".Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
542 | 544 |
} else { |
543 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&action=add&origin=".(empty($_GET['origin'])?'':$_GET['origin'])."'>".Display::return_icon('new_announce.png',get_lang('AddAnnouncement'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
545 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&action=add&origin=".$origin."'>".Display::return_icon('new_announce.png',get_lang('AddAnnouncement'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
544 | 546 |
} |
545 | 547 |
$show_actions = true; |
546 | 548 |
} else { |
547 | 549 |
if (in_array($_GET['action'], array('view'))) { |
548 | 550 |
echo '<div class="actions">'; |
549 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&origin=".(empty($_GET['origin'])?'':$_GET['origin'])."'>".Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
551 |
echo "<a href='".api_get_self()."?".api_get_cidreq()."&origin=".$origin."'>".Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM)."</a>";
|
|
550 | 552 |
echo '</div>'; |
551 | 553 |
} |
552 | 554 |
} |
... | ... | |
941 | 943 |
echo '<h2>'.get_lang('Announcements').'</h2>'; |
942 | 944 |
echo Display::return_icon('valves.png', '', array(), 64); |
943 | 945 |
echo '<div class="controls">'; |
944 |
echo Display::url(get_lang('AddAnnouncement'), api_get_self()."?".api_get_cidreq()."&action=add&origin=".(empty($_GET['origin'])?'':$_GET['origin']) , array('class' => 'btn'));
|
|
946 |
echo Display::url(get_lang('AddAnnouncement'), api_get_self()."?".api_get_cidreq()."&action=add&origin=".$origin, array('class' => 'btn'));
|
|
945 | 947 |
echo '</div>'; |
946 | 948 |
echo '</div>'; |
947 | 949 |
} else { |
... | ... | |
1022 | 1024 |
$image_visibility="invisible"; |
1023 | 1025 |
$alt_visibility=get_lang('Visible'); |
1024 | 1026 |
} |
1025 |
$modify_icons .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&origin=".(!empty($_GET['origin'])?Security::remove_XSS($_GET['origin']):'')."&action=showhide&id=".$myrow['id']."&sec_token=".$stok."\">".
|
|
1027 |
$modify_icons .= "<a href=\"".api_get_self()."?".api_get_cidreq()."&origin=".$origin."&action=showhide&id=".$myrow['id']."&sec_token=".$stok."\">".
|
|
1026 | 1028 |
Display::return_icon($image_visibility.'.png', $alt_visibility,'',ICON_SIZE_SMALL)."</a>"; |
1027 | 1029 |
// DISPLAY MOVE UP COMMAND only if it is not the top announcement |
main/blog/blog.php | ||
---|---|---|
10 | 10 |
*/ |
11 | 11 |
// name of the language file that needs to be included |
12 | 12 |
$language_file = "blog"; |
13 |
require_once '../inc/global.inc.php'; |
|
14 | ||
13 | 15 |
$blog_id = intval($_GET['blog_id']); |
14 |
require_once '../inc/global.inc.php'; |
|
16 |
if (empty($blog_id)) { |
|
17 |
api_not_allowed(true); |
|
18 |
} |
|
19 | ||
15 | 20 |
$this_section = SECTION_COURSES; |
16 | 21 |
$current_course_tool = TOOL_BLOGS; |
... | ... | |
287 | 292 |
<form action="blog.php" method="get" enctype="multipart/form-data"> |
288 | 293 |
<input type="hidden" name="blog_id" value="<?php echo $blog_id ?>" /> |
289 | 294 |
<input type="hidden" name="action" value="view_search_result" /> |
290 |
<input type="text" size="20" name="q" value="<?php echo (isset($_GET['q']) ? $_GET['q'] : ''); ?>" /><button class="btn search" type="submit"><?php echo get_lang('Search'); ?></button>
|
|
295 |
<input type="text" size="20" name="q" value="<?php echo isset($_GET['q']) ? Security::remove_XSS($_GET['q']) : ''; ?>" /><button class="btn search" type="submit"><?php echo get_lang('Search'); ?></button>
|
|
291 | 296 |
</form> |
292 | 297 |
</td> |
293 | 298 |
</tr> |
main/chat/chat.php | ||
---|---|---|
21 | 21 |
} else { |
22 | 22 |
$origin = $_SESSION['origin']; |
23 | 23 |
$target = $_SESSION['target']; |
24 |
$_SESSION['origin']=$_GET["origin"];
|
|
25 |
$_SESSION['target']=$_GET["target"];
|
|
24 |
$_SESSION['origin']= Security::remove_XSS($_GET["origin"]);
|
|
25 |
$_SESSION['target']= Security::remove_XSS($_GET["target"]);
|
|
26 | 26 |
} |
27 | 27 |
/* TRACKING */ |
... | ... | |
71 | 71 |
$group_properties = GroupManager :: get_group_properties($_clean['group_id']); |
72 | 72 |
$interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups')); |
73 |
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.$_SESSION['_gid'], 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
|
|
73 |
$interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.api_get_group_id(), 'name' => get_lang('GroupSpace').' '.$group_properties['name']);
|
|
74 | 74 |
$noPHP_SELF = true; |
75 | 75 |
$shortBanner = false; |
76 | 76 |
$add_group_to_title = ' ('.$group_properties['name'].')'; |
main/chat/chat_chat.php | ||
---|---|---|
155 | 155 |
if ($isMaster || $is_courseCoach) { |
156 | 156 |
$rand = mt_rand(1, 1000); |
157 | 157 |
echo '<div style="margin-left: 5px;">'; |
158 |
echo '<a href="'.api_get_self().'?rand='.$rand.'&reset=1&cidReq='.$_GET['cidReq'].'#bottom" onclick="javascript: if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmReset'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('ClearList')).' '.get_lang('ClearList').'</a>';
|
|
158 |
echo '<a href="'.api_get_self().'?rand='.$rand.'&reset=1&'.api_get_cidreq().'#bottom" onclick="javascript: if(!confirm(\''.addslashes(api_htmlentities(get_lang('ConfirmReset'), ENT_QUOTES)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('ClearList')).' '.get_lang('ClearList').'</a>';
|
|
159 | 159 |
echo '</div>'; |
160 | 160 |
} |
161 | 161 |
} else { |
main/chat/chat_hidden.php | ||
---|---|---|
98 | 98 |
disconnect_user_of_chat (); |
99 | 99 |
require 'header_frame.inc.php'; |
100 | 100 |
?> |
101 |
<form name="formHidden" method="post" action="<?php echo api_get_self().'?cidReq='.$_GET['cidReq']; ?>">
|
|
101 |
<form name="formHidden" method="post" action="<?php echo api_get_self().'?'.api_get_cidreq(); ?>">
|
|
102 | 102 |
<input type="hidden" name="chat_size_old" value="<?php echo $chat_size_new; ?>"> |
103 | 103 |
<input type="hidden" name="connected_old" value="<?php echo $connected_new; ?>"> |
104 | 104 |
</form> |
main/chat/chat_message.php | ||
---|---|---|
155 | 155 |
$emoticon_img204 = '<img src="'.api_get_path(WEB_IMG_PATH).'smileys/flag_red_small.gif" alt="'.get_lang('Stop').'" title="'.get_lang('Stop').'" />'; |
156 | 156 |
if ($sent) { |
157 |
$message = trim(htmlspecialchars(stripslashes($_POST['message']), ENT_QUOTES, $charset));
|
|
157 |
$message = Security::remove_XSS(trim(htmlspecialchars(stripslashes($_POST['message']), ENT_QUOTES, $charset)));
|
|
158 | 158 |
$message = str_replace($emoticon_text1, $emoticon_img1, $message); |
159 | 159 |
$message = str_replace($emoticon_text2, $emoticon_img2, $message); |
160 | 160 |
$message = str_replace($emoticon_text3, $emoticon_img3, $message); |
main/chat/header_frame.inc.php | ||
---|---|---|
66 | 66 |
{ |
67 | 67 |
if ('<?php echo $chat_size_old; ?>' != '<?php echo $chat_size_new; ?>') |
68 | 68 |
{ |
69 |
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size_new.'&cidReq='.$_GET['cidReq']; ?>#bottom';
|
|
69 |
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size_new.'&'.api_get_cidreq(); ?>#bottom';
|
|
70 | 70 |
} |
71 | 71 |
} |
... | ... | |
87 | 87 |
{ |
88 | 88 |
<?php if($chat_size): ?> |
89 | 89 |
parent.chat_hidden.document.formHidden.chat_size_old.value='<?php echo $chat_size; ?>'; |
90 |
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size.'&cidReq='.$_GET['cidReq']; ?>#bottom';
|
|
90 |
parent.chat_chat.location.href='chat_chat.php?size=<?php echo $chat_size.'&'.api_get_cidreq(); ?>#bottom';
|
|
91 | 91 |
<?php endif; ?> |
92 | ||
93 | 92 |
document.formMessage.message.focus(); |
94 | 93 |
} |
- « Previous
- 1
- 2
- Next »