Pached XSS

This commit is contained in:
pikami 2016-06-13 12:49:13 +00:00
parent 04a6be87a5
commit 3ca9efd71c
4 changed files with 7 additions and 7 deletions

View File

@ -21,9 +21,9 @@ if($stmt->rowCount()>0){
printf('<tbody>'); printf('<tbody>');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title']; $title = $row['title'];
printf('<tr><td style="text-align: left;">'.$row["title"].'</td>'); printf('<tr><td style="text-align: left;">'.htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8').'</td>');
printf('<td style="text-align: left;">'.date('Y-m-d',$row["created"]).'</td>'); printf('<td style="text-align: left;">'.date('Y-m-d',$row["created"]).'</td>');
printf('<td style="text-align: right;"><a href="'.$row["uid"].'">'.$row["uid"].'</a></td></tr>'); printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td></tr>');
} }
printf('</tbody></talbe>'); printf('</tbody></talbe>');
} else { } else {

View File

@ -6,9 +6,9 @@
include "config/config.php"; include "config/config.php";
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5'); $stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title']; $title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
if(strlen($title)>25)$title = substr($title,0,25)."..."; if(strlen($title)>25)$title = substr($title,0,25)."...";
echo "<a href=\"".$row['uid']."\" class=\"list-group-item\">".$title."</a>"; echo "<a href=\"".htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8')."\" class=\"list-group-item\">".$title."</a>";
} }
?> ?>
</div> </div>

View File

@ -12,8 +12,8 @@ if(isset($uid)){
echo "<h1>This paste is private</h1>"; echo "<h1>This paste is private</h1>";
die(); die();
} }
echo "<h1>".$result["title"]."</h1>"; echo "<h1>".htmlspecialchars($result["title"], ENT_QUOTES, 'UTF-8')."</h1>";
echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>"; echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8')."</textarea>";
} }
else echo "Paste does not exist"; else echo "Paste does not exist";
$conn = null; $conn = null;

View File

@ -37,7 +37,7 @@
$user = GetUserByID($userID); $user = GetUserByID($userID);
echo ' echo '
<li class="dropdown"> <li class="dropdown">
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.$user[1].'<span class="caret"></span></a> <a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.htmlspecialchars($user[1], ENT_QUOTES, 'UTF-8').'<span class="caret"></span></a>
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li><a href="mypastes">My pastes</a></li> <li><a href="mypastes">My pastes</a></li>
<li><a href="logout">Logout</a></li> <li><a href="logout">Logout</a></li>