mirror of
https://github.com/friendica/friendica
synced 2024-12-23 04:40:15 +00:00
potential xss exploit
This commit is contained in:
parent
2c1a27b2ae
commit
19a28434c4
1 changed files with 8 additions and 25 deletions
|
@ -158,7 +158,7 @@ function dfrn_request_post(&$a) {
|
||||||
// in $a->argv[1] and we should have their complete info in $a->profile.
|
// in $a->argv[1] and we should have their complete info in $a->profile.
|
||||||
|
|
||||||
if(! (is_array($a->profile) && count($a->profile))) {
|
if(! (is_array($a->profile) && count($a->profile))) {
|
||||||
notice(t("Profile unavailable.") . EOL);
|
notice( t('Profile unavailable.') . EOL);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -179,29 +179,9 @@ function dfrn_request_post(&$a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Is this an email-style DFRN locator?
|
// Canonicalise email-style profile locator
|
||||||
|
|
||||||
if(strstr($url,'@')) {
|
$url = webfinger($url);
|
||||||
$username = substr($url,0,strpos($url,'@'));
|
|
||||||
$hostname = substr($url,strpos($url,'@') + 1);
|
|
||||||
require_once('Scrape.php');
|
|
||||||
|
|
||||||
|
|
||||||
$parms = scrape_meta('https://' . $url);
|
|
||||||
if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) {
|
|
||||||
$url = sprintf($parms['dfrn-template'],$username);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$parms = scrape_meta('http://' . $url);
|
|
||||||
if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) {
|
|
||||||
$url = sprintf($parms['dfrn-template'],$username);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$url = '';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if(! strlen($url)) {
|
if(! strlen($url)) {
|
||||||
notice( t("Unable to resolve your name at the provided location.") . EOL);
|
notice( t("Unable to resolve your name at the provided location.") . EOL);
|
||||||
|
@ -306,7 +286,7 @@ function dfrn_request_post(&$a) {
|
||||||
intval($uid),
|
intval($uid),
|
||||||
intval($contact_record['id']),
|
intval($contact_record['id']),
|
||||||
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
||||||
dbesc(trim($_POST['dfrn-request-message'])),
|
dbesc(notags(trim($_POST['dfrn-request-message']))),
|
||||||
dbesc($hash),
|
dbesc($hash),
|
||||||
dbesc(datetime_convert())
|
dbesc(datetime_convert())
|
||||||
);
|
);
|
||||||
|
@ -404,7 +384,10 @@ function dfrn_request_content(&$a) {
|
||||||
'$siteurl' => $a->get_baseurl(),
|
'$siteurl' => $a->get_baseurl(),
|
||||||
'$sitename' => $a->config['sitename']
|
'$sitename' => $a->config['sitename']
|
||||||
));
|
));
|
||||||
$res = mail($r[0]['email'],t("Introduction received at ") . $a->config['sitename'],$email,t('From: Administrator@') . $_SERVER[SERVER_NAME] );
|
$res = mail($r[0]['email'],
|
||||||
|
t("Introduction received at ") . $a->config['sitename'],
|
||||||
|
$email,
|
||||||
|
t('From: Administrator@') . $_SERVER[SERVER_NAME] );
|
||||||
// This is a redundant notification - no point throwing errors if it fails.
|
// This is a redundant notification - no point throwing errors if it fails.
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue