From 8f7c4cd1529c853632509acefa7e0fbb80dfa276 Mon Sep 17 00:00:00 2001 From: hecht Date: Mon, 18 Aug 2014 10:21:51 +0000 Subject: [PATCH] Fixed some XSS issues --- ag/include/parse.inc.php | 4 ++-- ag/info/attacken.php | 26 ++++++++++++++------------ 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/ag/include/parse.inc.php b/ag/include/parse.inc.php index 222d350..9e008a8 100644 --- a/ag/include/parse.inc.php +++ b/ag/include/parse.inc.php @@ -260,7 +260,7 @@ function debbcode($messagetext){ return $messagetext; } -function validateInteger($value, $default){ +function validateInteger($value, $default=null){ return is_numeric($value)?$value:$default; } @@ -274,7 +274,7 @@ function validateIntegerArray($value, $default){ return $value; } -function validateUnsignedInteger($value, $default){ +function validateUnsignedInteger($value, $default=null){ return !is_numeric($value)||$value<0?$default:$value; } diff --git a/ag/info/attacken.php b/ag/info/attacken.php index 771ed98..373be6a 100644 --- a/ag/info/attacken.php +++ b/ag/info/attacken.php @@ -9,6 +9,8 @@ include_once (ROOT_PATH . '//include/config.inc.php'); include_once (ROOT_PATH . '//include/sqlwrapper.inc.php'); include_once (ROOT_PATH . '//include/rassen.inc.php'); include_once (ROOT_PATH . '//include/designfunctions.inc.php'); +include_once(ROOT_PATH.'/include/parse.inc.php'); + // TODO: Muss noch angepasst werden! @@ -388,18 +390,18 @@ function getFruchtCondition($fruchttyp) { } } -$type= $_GET['type']; -$fruchttyp= $_GET['fruchttyp']; -$rassen = $_GET['rassen']; -$tf = $_GET['tf']; -$search = $_GET['search']; -$order = $_GET['order']; -$order_art = $_GET['order_art']; -$pagenum = $_GET['pagenum']; -$seiten = $_GET['seiten']; -$last_klick1 = $_GET['last_klick1']; -$p = $_GET['p']; -$at_id = $_GET['at_id']; +$type= validateInteger($_GET['type']); +$fruchttyp= validateString($_GET['fruchttyp']); +$rassen = validateUnsignedInteger($_GET['rassen']); +$tf = validateUnsignedInteger($_GET['tf']); +$search = validateString($_GET['search']); +$order = validateString($_GET['order']); +$order_art = validateString($_GET['order_art']); +$pagenum = validateUnsignedInteger($_GET['pagenum']); +$seiten = validateUnsignedInteger($_GET['seiten']); +$last_klick1 = validateString($_GET['last_klick1']); +$p = validateUnsignedInteger($_GET['p']); +$at_id = validateUnsignedInteger($_GET['at_id']); if (!isset($pagenum)) { $pagenum= 0;