r95005 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r95004‎ \| r95005 \| r95006 >
Date:	15:03, 19 August 2011
Author:	yuvipanda
Status:	deferred
Tags:
Comment:	Entity Encoding to fix up XSS attack vector
Modified paths:	/trunk/extensions/GPoC/templates/FilterRatingsTemplate.php (modified) (history) /trunk/extensions/GPoC/templates/SelectionTemplate.php (modified) (history)

Diff [purge]

Index: trunk/extensions/GPoC/templates/FilterRatingsTemplate.php
—	—	@@ -11,11 +11,11 @@
12	12
13	13	<form method="GET" id="filterForm">
14	14	<p>
15		~~-Project Name: <input type="text" name="project" value="<?php echo $filters['r_project']?>" />~~
16		~~-Importance: <input type="text" name="importance" value="<?php echo $filters['r_importance']?>" />~~
17		~~-Quality: <input type="text" name="quality" value="<?php echo $filters['r_quality']?>" />~~
	15	+Project Name: <input type="text" name="project" value="<?php echo htmlentities( $filters['r_project'] ); ?>" />
	16	+Importance: <input type="text" name="importance" value="<?php echo htmlentities( $filters['r_importance'] ); ?>" />
	17	+Quality: <input type="text" name="quality" value="<?php echo htmlentities( $filters['r_quality'] ); ?>" />
18	18	<br />
19		~~-Categories (comma separated): <input type="text" name="categories" value="<?php echo $filters['categories']?>" />~~
	19	+Categories (comma separated): <input type="text" name="categories" value="<?php echo htmlentities( $filters['categories'] ); ?>" />
20	20	<input type="submit" id="submit-query" />
21	21	</p>
22	22	</form>
—	—	@@ -38,10 +38,10 @@
39	39	</tr>
40	40	<?php foreach( $articles as $article ) { ?>
41	41	<tr>
42		~~- <td><?php echo $article['r_project'] ?></td>~~
43		~~- <td><a href="<?php echo $article['title']->getLinkURL(); ?>"><?php echo $article['r_article']; ?></a></td>~~
44		~~- <td><?php echo $article['r_importance']; ?></td>~~
45		~~- <td><?php echo $article['r_quality']; ?></td>~~
	42	+ <td><?php echo htmlentities( $article['r_project'] ); ?></td>
	43	+ <td><a href="<?php echo htmlentities( $article['title']->getLinkURL() ); ?>"><?php echo htmlentities( $article['r_article'] ); ?></a></td>
	44	+ <td><?php echo htmlentities( $article['r_importance'] ); ?></td>
	45	+ <td><?php echo htmlentities( $article['r_quality'] ); ?></td>
46	46	</tr>
47	47	<?php } ?>
48	48	</table>
Index: trunk/extensions/GPoC/templates/SelectionTemplate.php
—	—	@@ -12,7 +12,7 @@
13	13
14	14	<div id="">
15	15	<?php if( count($articles) > 0 ) { ?>
16		~~-<h3>Articles in Selection <?php echo $name; ?></h3> <small><a href="<?php echo $csv_link; ?>">Export CSV</a></small>~~
	16	+<h3>Articles in Selection <?php echo htmlentities( $name ); ?></h3> <small><a href="<?php echo htmlentities( $csv_link ); ?>">Export CSV</a></small>
17	17	<table>
18	18	<tr>
19	19	<th style="width:150px">Article</th>
—	—	@@ -21,17 +21,17 @@
22	22	<th style="width:300px">Actions</th>
23	23	</tr>
24	24	<?php foreach( $articles as $article ) { ?>
25		~~- <tr class="article-row" data-namespace="<?php echo $article['s_namespace']; ?>" data-article="<?php echo $article['s_article']; ?>">~~
26		~~- <td><a href="<?php echo $article['title']->getLinkURL(); ?>"><?php echo $article['s_article']; ?></a></td>~~
	25	+ <tr class="article-row" data-namespace="<?php echo htmlentities( $article['s_namespace'] ); ?>" data-article="<?php echo htmlentities( $article['s_article'] ); ?>">
	26	+ <td><a href="<?php echo $article['title']->getLinkURL(); ?>"><?php echo htmlentities( $article['s_article'] ); ?></a></td>
27	27	<td><?php echo wfTimeStamp( TS_ISO_8601, $article['s_timestamp'] ); ?></td>
28	28	<td><?php if($article['s_revision'] != null) { ?>
29		~~- <a href="<?php echo $article['title']->getLinkUrl(array('oldid' => $article['s_revision'])); ?>" class="revision-link"><?php echo $article['s_revision']; ?></a>~~
	29	+ <a href="<?php echo htmlentities( $article['title']->getLinkUrl( array( 'oldid' => $article['s_revision'] ) ) ); ?>" class="revision-link"><?php echo htmlentities( $article['s_revision'] ); ?></a>
30	30	<?php } ?>
31	31	</td>
32	32	<td>
33	33	<div class="item-actions">
34	34	<div class="revision-input" style="display:none">
35		~~- <input type="text" class="revision-id" placeholder="Enter revision id" value="<?php echo $article['s_revision']; ?>" />~~
	35	+ <input type="text" class="revision-id" placeholder="Enter revision id" value="<?php echo htmlentities( $article['s_revision'] ); ?>" />
36	36	(<a href="#" class="revision-save">Save</a> \| <a href="#" class="revision-cancel">Cancel</a>)
37	37	</div>
38	38	<a href="#" class="change-revision">Set Revision</a> \|

Status & tagging log

15:24, 25 November 2011 Hashar (talk | contribs) changed the status of r95005 [removed: new added: deferred]