lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '9.0' of git@github.com:Dolibarr/dolibarr.git into 10.0

Browse Source 
Conflicts:
	htdocs/admin/mails_templates.php
	htdocs/main.inc.php
	htdocs/user/card.php
This commit is contained in:
Laurent Destailleur 2019-09-18 15:12:38 +02:00
commit 9bf387d43c
3 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
htdocs/admin/mails_templates.php
View File

@ -50,7 +50,7 @@ $confirm = GETPOST('confirm', 'alpha'); // Result of a confirmatio
$id = GETPOST('id', 'int');
$rowid = GETPOST('rowid', 'alpha');
$search_label=GETPOST('search_label', 'alpha');
$search_label=GETPOST('search_label', 'alphanohtml'); // Must allow value like 'Abc Def' or '(MyTemplateName)'
$search_type_template=GETPOST('search_type_template', 'alpha');
$search_lang=GETPOST('search_lang', 'alpha');
$search_fk_user=GETPOST('search_fk_user', 'intcomma');
@ -263,6 +263,7 @@ if (empty($reshook))
{
//var_dump($i.' - '.$listfieldvalue[$i].' - '.$_POST[$listfieldvalue[$i]].' - '.$value);
$keycode=$listfieldvalue[$i];
if ($value == 'label') $_POST[$keycode] = dol_escape_htmltag($_POST[$keycode]);
if ($value == 'lang') $keycode='langcode';
if ($value == 'entity') $_POST[$keycode] = $conf->entity;
if ($i) $sql.=",";
@ -667,8 +668,6 @@ if ($resql)
print '<tr class="liste_titre">';
foreach ($fieldlist as $field => $value)
{
// Determine le nom du champ par rapport aux noms possibles
// dans les dictionnaires de donnees
$showfield=1; // By defaut
$align="left";
$sortable=1;
@ -695,7 +694,7 @@ if ($resql)
if ($fieldlist[$field]=='content') { $valuetoshow=$langs->trans("Content"); $showfield=0;}
if ($fieldlist[$field]=='content_lines') { $valuetoshow=$langs->trans("ContentLines"); $showfield=0; }
// Affiche nom du champ
// Show fields
if ($showfield)
{
if (! empty($tabhelp[$id][$value]))
@ -813,6 +812,10 @@ if ($resql)
$showfield=1;
$align="left";
$valuetoshow=$obj->{$fieldlist[$field]};
if ($value == 'label' || $value == 'topic')
{
$valuetoshow = dol_escape_htmltag($valuetoshow);
}
if ($value == 'type_template')
{
$valuetoshow = isset($elementList[$valuetoshow])?$elementList[$valuetoshow]:$valuetoshow;

2
htdocs/main.inc.php
View File

@ -100,6 +100,8 @@ function testSqlAndScriptInject($val, $type)
$inj += preg_match('/union.+select/i', $val);
$inj += preg_match('/(\.\.%2f)+/i', $val);
}
// For XSS Injection done by closing textarea to exucute content into a textarea field
$inj += preg_match('/<\/textarea/i', $val);
// For XSS Injection done by adding javascript with script
// This is all cases a browser consider text is javascript:
// When it found '<script', 'javascript:', '<style', 'onload\s=' on body tag, '="&' on a tag size with old browsers

6
htdocs/user/card.php
View File

@ -218,7 +218,7 @@ if (empty($reshook)) {
$object->linkedin = GETPOST("linkedin", 'alphanohtml');
$object->email = preg_replace('/\s+/', '', GETPOST("email", 'alpha'));
$object->job = GETPOST("job", 'alpha');
$object->job = GETPOST("job", 'nohtml');
$object->signature = GETPOST("signature", 'none');
$object->accountancy_code = GETPOST("accountancy_code", 'alphanohtml');
$object->note = GETPOST("note", 'none');
@ -370,7 +370,7 @@ if (empty($reshook)) {
$object->facebook = GETPOST("facebook", 'alpha');
$object->linkedin = GETPOST("linkedin", 'alpha');
$object->email = preg_replace('/\s+/', '', GETPOST("email", 'alpha'));
$object->job = GETPOST("job", 'alpha');
$object->job = GETPOST("job", 'nohtml');
$object->signature = GETPOST("signature", 'none');
$object->accountancy_code = GETPOST("accountancy_code", 'alpha');
$object->openid = GETPOST("openid", 'alpha');
@ -1203,7 +1203,7 @@ if ($action == 'create' || $action == 'adduserldap')
// Position/Job
print '<tr><td class="titlefieldcreate">'.$langs->trans("PostOrFunction").'</td>';
print '<td>';
print '<input class="maxwidth200" type="text" name="job" value="'.GETPOST('job').'">';
print '<input class="maxwidth200" type="text" name="job" value="'.GETPOST('job', 'nohtml').'">';
print '</td></tr>';
// Default warehouse