diff options
author | Mike Macgirvin <mike@macgirvin.com> | 2010-09-01 17:26:02 -0700 |
---|---|---|
committer | Mike Macgirvin <mike@macgirvin.com> | 2010-09-01 17:26:02 -0700 |
commit | 19a28434c46864f525f106bbe1ace933584290fb (patch) | |
tree | ace44ef6581377e708f0ceac671933443122b711 | |
parent | 2c1a27b2ae49e03ef348510bcaa08eff509ca6c7 (diff) | |
download | volse-hubzilla-19a28434c46864f525f106bbe1ace933584290fb.tar.gz volse-hubzilla-19a28434c46864f525f106bbe1ace933584290fb.tar.bz2 volse-hubzilla-19a28434c46864f525f106bbe1ace933584290fb.zip |
potential xss exploit
-rw-r--r-- | mod/dfrn_request.php | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 43a7fc389..0fb718ab6 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -158,7 +158,7 @@ function dfrn_request_post(&$a) { // in $a->argv[1] and we should have their complete info in $a->profile. if(! (is_array($a->profile) && count($a->profile))) { - notice(t("Profile unavailable.") . EOL); + notice( t('Profile unavailable.') . EOL); return; } @@ -179,29 +179,9 @@ function dfrn_request_post(&$a) { return; } - // Is this an email-style DFRN locator? + // Canonicalise email-style profile locator - if(strstr($url,'@')) { - $username = substr($url,0,strpos($url,'@')); - $hostname = substr($url,strpos($url,'@') + 1); - require_once('Scrape.php'); - - - $parms = scrape_meta('https://' . $url); - if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) { - $url = sprintf($parms['dfrn-template'],$username); - } - else { - $parms = scrape_meta('http://' . $url); - if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) { - $url = sprintf($parms['dfrn-template'],$username); - } - else { - $url = ''; - } - } - - } + $url = webfinger($url); if(! strlen($url)) { notice( t("Unable to resolve your name at the provided location.") . EOL); @@ -306,7 +286,7 @@ function dfrn_request_post(&$a) { intval($uid), intval($contact_record['id']), ((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0), - dbesc(trim($_POST['dfrn-request-message'])), + dbesc(notags(trim($_POST['dfrn-request-message']))), dbesc($hash), dbesc(datetime_convert()) ); @@ -404,7 +384,10 @@ function dfrn_request_content(&$a) { '$siteurl' => $a->get_baseurl(), '$sitename' => $a->config['sitename'] )); - $res = mail($r[0]['email'],t("Introduction received at ") . $a->config['sitename'],$email,t('From: Administrator@') . $_SERVER[SERVER_NAME] ); + $res = mail($r[0]['email'], + t("Introduction received at ") . $a->config['sitename'], + $email, + t('From: Administrator@') . $_SERVER[SERVER_NAME] ); // This is a redundant notification - no point throwing errors if it fails. } } |