Page MenuHomePhabricator
Files F182331

T103391-2.patch
Grunny (Grunny)
Actions

Authored By
Grunny
Jun 23 2015, 2:14 AM
Size
2 KB
Referenced Files
None
Subscribers
None

T103391-2.patch
View Options

From b98bf01e34c05026f4a86dd3b5e9475fafba8c9a Mon Sep 17 00:00:00 2001
From: grunny <mwgrunny@gmail.com>
Date: Tue, 23 Jun 2015 12:12:23 +1000
Subject: [PATCH] SECURITY: Fix XSS in TemplateInForm
Bug: T103391
---
includes/SF_TemplateInForm.php | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/includes/SF_TemplateInForm.php b/includes/SF_TemplateInForm.php
index 4fa5e58..9fc63ed 100644
--- a/includes/SF_TemplateInForm.php
+++ b/includes/SF_TemplateInForm.php
@@ -222,19 +222,25 @@ class SFTemplateInForm {
}
function creationHTML( $template_num ) {
- $checked_str = ( $this->mAllowMultiple ) ? "checked" : "";
+ $checked_attribs = ( $this->mAllowMultiple ) ? array( 'checked' => 'checked' ) : array();
$template_str = wfMessage( 'sf_createform_template' )->escaped();
$template_label_input = wfMessage( 'sf_createform_templatelabelinput' )->escaped();
$allow_multiple_text = wfMessage( 'sf_createform_allowmultiple' )->escaped();
- $text = <<<END
- <input type="hidden" name="template_$template_num" value="$this->mTemplateName">
- <div class="templateForm">
- <h2>$template_str '$this->mTemplateName'</h2>
- <p>$template_label_input <input size=25 name="label_$template_num" value="$this->mLabel"></p>
- <p><input type="checkbox" name="allow_multiple_$template_num" $checked_str> $allow_multiple_text</p>
- <hr>
+ $text = Html::hidden( "template_$template_num", $this->mTemplateName );
+ $text .= '<div class="templateForm">';
+ $text .= Html::element( 'h2', array(), "$template_str '$this->mTemplateName'" );
+ $text .= Html::rawElement(
+ 'p',
+ array(),
+ $template_label_input . Html::input( "label_$template_num", $this->mLabel, 'text', array( 'size' => 25 ) )
+ );
+ $text .= Html::rawElement(
+ 'p',
+ array(),
+ Html::input( "allow_multiple_$template_num", '', 'checkbox', $checked_attribs ) . $allow_multiple_text
+ );
+ $text .= '<hr>';
-END;
foreach ( $this->mFields as $field ) {
$text .= $field->creationHTML( $template_num );
}
--
1.9.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
175245
Default Alt Text
T103391-2.patch (2 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL