From e01de9329087c3874f13e3df07f1b50364dab38b Mon Sep 17 00:00:00 2001 From: themohooks <81331307+themohooks@users.noreply.github.com> Date: Wed, 10 Jul 2024 13:23:05 +0300 Subject: [PATCH] fix xss --- app/Models/Comment.php | 6 +- views/pages/About.php | 2 +- views/pages/Main.php | 6 +- views/pages/Photo.php | 411 +++++++++++++++-------------- views/pages/Profile/Index.php | 32 +-- views/pages/Profile/LK/History.php | 4 +- views/pages/Profile/LK/Index.php | 2 +- views/pages/Search.php | 6 +- 8 files changed, 240 insertions(+), 229 deletions(-) diff --git a/app/Models/Comment.php b/app/Models/Comment.php index 98f9158..7822148 100644 --- a/app/Models/Comment.php +++ b/app/Models/Comment.php @@ -17,13 +17,13 @@ class Comment { '.Date::zmdate($this->c['posted_at']).'
-
'.$user->i('username').' · +
'.htmlspecialchars($user->i('username')).' · '; if (json_decode($user->i('content'), true)['aboutrid']['value'] != null) { echo ''; } if (json_decode($user->i('content'), true)['aboutlive']['value'] != null) { - echo ' '.json_decode($user->i('content'), true)['aboutlive']['value']; + echo ' '.htmlspecialchars(json_decode($user->i('content'), true)['aboutlive']['value']); } if ((int)Vote::countcommrates($this->c['id'], -1) >= 1) { $commclass = 'pro'; @@ -36,7 +36,7 @@ class Comment { } echo '
Фото: '.Photo::fetchAll($this->c['user_id']).'
-
'.$this->c['body'].'
+
'.htmlspecialchars($this->c['body']).'
+ diff --git a/views/pages/About.php b/views/pages/About.php index 180cced..052de55 100644 --- a/views/pages/About.php +++ b/views/pages/About.php @@ -36,7 +36,7 @@ use \App\Models\User; '.$a['username'].''; + echo '
  • '.htmlspecialchars($a['username']).'
    • '; } ?> diff --git a/views/pages/Main.php b/views/pages/Main.php index 3aeeb37..e21011b 100644 --- a/views/pages/Main.php +++ b/views/pages/Main.php @@ -105,7 +105,7 @@ foreach ($photos as $pd) { foreach ($photos as $p) { $bck = 'background-image:url("' . $p['photourl'] . '")'; echo '
    -
    ' . $p['place'] . ' +
    ' . htmlspecialchars($p['place']) . '
    ' . Date::zmdate($p['posted_at']) . '
    '; ?> @@ -128,7 +128,7 @@ foreach ($photos as $pd) { foreach ($photos as $p) { $bck = 'background-image:url("' . $p['photourl'] . '")'; echo '
    -
    ' . $p['place'] . ' +
    ' . htmlspecialchars($p['place']) . '
    ' . Date::zmdate($p['posted_at']) . '
    '; ?> @@ -148,7 +148,7 @@ foreach ($photos as $pd) { =:time-300 ORDER BY online DESC', array(':time'=>time())); foreach ($online as $o) { - echo ''.$o['username'].', '; + echo ''.htmlspecialchars($o['username']).', '; } ?> diff --git a/views/pages/Photo.php b/views/pages/Photo.php index 9a2346c..93c18ed 100644 --- a/views/pages/Photo.php +++ b/views/pages/Photo.php @@ -7,8 +7,8 @@ $id = explode('/', $_SERVER['REQUEST_URI'])[2]; $photo = new \App\Models\Photo($id); if ($photo->i('id') !== null) { $photouser = new \App\Models\User($photo->i('user_id')); - if (DB::query('SELECT * FROM photos_views WHERE user_id=:uid AND photo_id=:pid ORDER BY id DESC LIMIT 1', array(':uid'=>Auth::userid(), ':pid'=>$id))[0]['time'] <= time()-86400) { - DB::query('INSERT INTO photos_views VALUES (\'0\', :uid, :pid, :time)', array(':uid'=>Auth::userid(), ':pid'=>$id, ':time'=>time())); + if (DB::query('SELECT * FROM photos_views WHERE user_id=:uid AND photo_id=:pid ORDER BY id DESC LIMIT 1', array(':uid' => Auth::userid(), ':pid' => $id))[0]['time'] <= time() - 86400) { + DB::query('INSERT INTO photos_views VALUES (\'0\', :uid, :pid, :time)', array(':uid' => Auth::userid(), ':pid' => $id, ':time' => time())); } } @@ -21,11 +21,11 @@ if ($photo->i('id') !== null) { - - - - - + + + + + @@ -34,85 +34,89 @@ if ($photo->i('id') !== null) { - - - + + +
    i('id') !== null) { - ?> -
    - + ?> +
    -
    - - -
    -
    -
    - - i('priority') === 1) { ?> -
    Условная публикация
    - i('priority') === 2) { ?> -
    Временная публикация
    - + +
    + + +
    +
    +
    + + i('priority') === 1) { ?> +
    Условная публикация
    + i('priority') === 2) { ?> +
    Временная публикация
    + +
    -
    - -
    + // Масштабирование фото + $('#ph').on('load', checkPhotoSize); + $(window).on('resize', checkPhotoSize); + checkPhotoSize(); + +
    @@ -132,11 +136,11 @@ if ($photo->i('id') !== null) {
    content('comment') ?>

    i('posted_at') === 943909200) { - $date = 'не указана'; - } else { - $date = Date::zmdate($photo->i('posted_at')); - } + if ($photo->i('posted_at') === 943909200) { + $date = 'не указана'; + } else { + $date = Date::zmdate($photo->i('posted_at')); + } ?>
    Прислал i('username') ?>          Дата:
    @@ -159,10 +163,14 @@ if ($photo->i('id') !== null) {
    0) { ?> -
    - Интересная фотография! - Мне не нравится -
    +
    + Интересная фотография! + Мне не нравится +
    @@ -171,7 +179,7 @@ if ($photo->i('id') !== null) { foreach ($votespos as $ps) { $uservote = new User($ps['user_id']); echo ' - + '; } @@ -184,7 +192,7 @@ if ($photo->i('id') !== null) { foreach ($votespos as $ps) { $uservote = new User($ps['user_id']); echo ' - + '; } @@ -205,173 +213,176 @@ if ($photo->i('id') !== null) { - +
    ' . $uservote->i('username') . '' . htmlspecialchars($uservote->i('username')) . ' +1
    ' . $uservote->i('username') . '' . htmlspecialchars($uservote->i('username')) . ' -1
    - content('type') != 'none') { - ?> -
    -

    Параметры съёмки

    -
    - - i('exif'), true); + content('type') != 'none') { + ?> +
    +

    Параметры съёмки

    +
    +
    + i('exif'), true); - foreach ($data as $key => $value) { - if ($key === 'FILE.FileDateTime') { - $value = Date::zmdate($value); - } - if (is_array($value)) { - $value = implode(', ', $value); // Convert array to a comma-separated string - } + foreach ($data as $key => $value) { + if ($key === 'FILE.FileDateTime') { + $value = Date::zmdate($value); + } + if (is_array($value)) { + $value = implode(', ', $value); // Convert array to a comma-separated string + } - echo ' + echo ' '; - } + } - ?> + ?> -
    ' . htmlspecialchars($key) . ': ' . htmlspecialchars($value) . '
    +
    +
    -
    content('lat') != null && $photo->content('lng') != null) { ?> -
    - -

    Место на карте

    -
    - - -
    -
    - - + // Установка всплывающего окна на маркере + marker.bindPopup("Выбранная точка").openPopup(); + + -
    + +
    -

    Комментарии · 1

    -
    - $id)); - foreach ($comments as $c) { - $comm = new Comment($c); - $comm->i(); - } - ?> -
    +
    + $id)); + foreach ($comments as $c) { + $comm = new Comment($c); + $comm->i(); + } + ?> +

    Ваш комментарий

    - +
      Ctrl + Enter
    - +
    - - -
    -

    Изображение не найдено

    -
    - Пусто -

    Изображения с таким номером нет на сайте.
    Может быть, его здесь никогда и не было.
    Если Вы уверены, что что-то здесь всё-таки было, значит, администратор по каким-то причинам это удалил.

    -
    -
    - - - - - - + +
    -
    diff --git a/views/pages/Profile/Index.php b/views/pages/Profile/Index.php index cc9c59a..674eac4 100644 --- a/views/pages/Profile/Index.php +++ b/views/pages/Profile/Index.php @@ -23,7 +23,7 @@ $userprofile = new User(explode('/', $_SERVER['REQUEST_URI'])[2]); i('id') === explode('/', $_SERVER['REQUEST_URI'])[2]) { ?> -

    i('username') ?>i('admin') === 1) { echo ''; } ?>

    +

    i('username')) ?>i('admin') === 1) { echo ''; } ?>

    i('id') === Auth::userid()) { ?> @@ -44,21 +44,21 @@ $userprofile = new User(explode('/', $_SERVER['REQUEST_URI'])[2]); if ($userprofile->content('location') !== null) { ?> Откуда: - content('location') ?> + content('location')) ?> i('content'), true)['aboutlive']['value'] != null) { ?> Откуда: - i('content'), true)['aboutlive']['value'] ?> + i('content'), true)['aboutlive']['value']) ?> i('content'), true)['aboutbirthday']['value'] != null) { ?> День рождения: - i('content'), true)['aboutbirthday']['value'] ?> + i('content'), true)['aboutbirthday']['value']) ?> @@ -69,63 +69,63 @@ $userprofile = new User(explode('/', $_SERVER['REQUEST_URI'])[2]); if (json_decode($userprofile->i('content'), true)['aboutlangs']['value'] != null) { ?> Владение языками: - i('content'), true)['aboutlangs']['value'] ?> + i('content'), true)['aboutlangs']['value']) ?> i('content'), true)['abouttelegram']['value'] != null) { ?> Telegram: - i('content'), true)['abouttelegram']['value'] ?> + i('content'), true)['abouttelegram']['value']) ?> i('content'), true)['aboutvk']['value'] != null) { ?> ВКонтакте: - i('content'), true)['aboutvk']['value'] ?> + i('content'), true)['aboutvk']['value']) ?> i('content'), true)['abouttwitter']['value'] != null) { ?> Twitter/X: - i('content'), true)['abouttwitter']['value'] ?> + i('content'), true)['abouttwitter']['value']) ?> i('content'), true)['aboutyoutube']['value'] != null) { ?> Twitter/X: - i('content'), true)['aboutyoutube']['value'] ?> + i('content'), true)['aboutyoutube']['value']) ?> i('content'), true)['aboutemail']['value'] != null) { ?> Почта: - i('content'), true)['aboutemail']['value'] ?> + i('content'), true)['aboutemail']['value']) ?> i('content'), true)['aboutinstagram']['value'] != null) { ?> Instagram: - i('content'), true)['aboutinstagram']['value'] ?> + i('content'), true)['aboutinstagram']['value']) ?> i('content'), true)['abouttransphoto']['value'] != null) { ?> TransPhoto: - i('content'), true)['abouttransphoto']['value'] ?> + i('content'), true)['abouttransphoto']['value']) ?> i('content'), true)['aboutwebsite']['value'] != null) { ?> Личный сайт: - i('content'), true)['aboutwebsite']['value'] ?> + i('content'), true)['aboutwebsite']['value']) ?> @@ -136,21 +136,21 @@ $userprofile = new User(explode('/', $_SERVER['REQUEST_URI'])[2]); if (json_decode($userprofile->i('content'), true)['aboutfavs_trains']['value'] != null) { ?> Любимые модели поездов: - i('content'), true)['aboutfavs_trains']['value'] ?> + i('content'), true)['aboutfavs_trains']['value']) ?> i('content'), true)['aboutfavs_countries']['value'] != null) { ?> Любимые страны: - i('content'), true)['aboutfavs_countries']['value'] ?> + i('content'), true)['aboutfavs_countries']['value']) ?> i('content'), true)['aboutfavs_cities']['value'] != null) { ?> Любимые города: - i('content'), true)['aboutfavs_cities']['value'] ?> + i('content'), true)['aboutfavs_cities']['value']) ?> diff --git a/views/pages/Profile/LK/History.php b/views/pages/Profile/LK/History.php index 9877c86..85ec966 100644 --- a/views/pages/Profile/LK/History.php +++ b/views/pages/Profile/LK/History.php @@ -56,8 +56,8 @@ use \App\Models\User; -

    '.$p['place'].'

    -

    '.Date::zmdate($p['posted_at']).'
    Автор: '.$author->i('username').'

    +

    '.htmlspecialchars($p['place']).'

    +

    '.Date::zmdate($p['posted_at']).'
    Автор: '.htmlspecialchars($author->i('username')).'

    diff --git a/views/pages/Profile/LK/Index.php b/views/pages/Profile/LK/Index.php index 093d03b..c346bac 100644 --- a/views/pages/Profile/LK/Index.php +++ b/views/pages/Profile/LK/Index.php @@ -20,7 +20,7 @@ $user = new User(Auth::userid());

    Общая информация

    -

    Здравствуйте, i('username')?>!

    +

    Здравствуйте, i('username'))?>!

    Количество ваших фотографий на сайте: Auth::userid()))[0]['COUNT(*)']?>

    diff --git a/views/pages/Search.php b/views/pages/Search.php index 31280e6..dc6c743 100644 --- a/views/pages/Search.php +++ b/views/pages/Search.php @@ -32,9 +32,9 @@ use App\Services\{Router, Auth, DB, Date}; -

    '.$p['place'].'

    - '.$p['postbody'].' -

    '.Date::zmdate($p['timeupload']).'
    Автор: '.$p['username'].'

    +

    '.htmlspecialchars($p['place']).'

    + '.htmlspecialchars($p['postbody']).' +

    '.Date::zmdate($p['timeupload']).'
    Автор: '.htmlspecialchars($p['username']).'