oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix - xss vulnerability in webgui usernames

Browse source
This commit is contained in:
Roy Johnson 2007-01-16 16:06:08 +00:00
parent d24f25c751
commit 61adb7d962
2 changed files with 8 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/7.x.x.txt
View file

@ -9,6 +9,7 @@
- fix: Media Folder (perlDreamer Consulting, LLC) - fix: Media Folder (perlDreamer Consulting, LLC)
- fix: Cannot save new content filters. - fix: Cannot save new content filters.
- fix: Cannot delete content filter. - fix: Cannot delete content filter.
- fix: XSS Vulnerability in WebGUI usernames
- change: adapted WebGUI::Commerce::ShoppingCart to make it capable of - change: adapted WebGUI::Commerce::ShoppingCart to make it capable of
handling dynamic item plugins. (Martin Kamerbeek / Oqapi) handling dynamic item plugins. (Martin Kamerbeek / Oqapi)

10
lib/WebGUI/Operation/User.pm
View file

@ -423,8 +423,12 @@ sub www_editUserSave {
# #
# Also verify that the posted username is not blank (we need a username) # Also verify that the posted username is not blank (we need a username)
# #
my $postedUsername = $session->form->process("username");
$postedUsername = WebGUI::HTML::filter($postedUsername, "all");
if (($existingUserId eq $postedUserId || ($postedUserId eq "new" && !$existingUserId) || $existingUserId eq '') if (($existingUserId eq $postedUserId || ($postedUserId eq "new" && !$existingUserId) || $existingUserId eq '')
&& $session->form->process("username") ne '') && $postedUsername ne '')
{ {
# Create a user object with the id passed in. If the Id is 'new', the new method will return a new user, # Create a user object with the id passed in. If the Id is 'new', the new method will return a new user,
# otherwise return the existing users properties # otherwise return the existing users properties
@ -432,7 +436,7 @@ sub www_editUserSave {
$actualUserId = $u->userId; $actualUserId = $u->userId;
# Update the user properties with passed in values. These methods will save changes to the db. # Update the user properties with passed in values. These methods will save changes to the db.
$u->username($session->form->process("username")); $u->username($postedUsername);
$u->authMethod($session->form->process("authMethod")); $u->authMethod($session->form->process("authMethod"));
$u->status($session->form->process("status")); $u->status($session->form->process("status"));
@ -460,7 +464,7 @@ sub www_editUserSave {
# Display an error telling them the username they are trying to use is not available and suggest alternatives # Display an error telling them the username they are trying to use is not available and suggest alternatives
} else { } else {
my $username = $session->form->process("username"); my $username = $session->form->process("username");
$error = '<ul>' . sprintf($i18n->get(77), $username, $username, $username, $session->datetime->epochToHuman($session->datetime->time(),"%y")).'</ul>'; $error = '<ul>' . sprintf($i18n->get(77), $postedUsername, $postedUsername, $postedUsername, $session->datetime->epochToHuman($session->datetime->time(),"%y")).'</ul>';
} }
if ($isSecondary) { if ($isSecondary) {
return _submenu($session,{workarea => $i18n->get(978)}); return _submenu($session,{workarea => $i18n->get(978)});