From ef71840ddc113de3157df578fea3e05e3c170955 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 28 Jul 2024 04:34:44 +0000 Subject: [PATCH] Issue 14324: Sanitize profile input --- database.sql | 2 +- src/Module/Settings/Profile/Index.php | 11 +++++++--- static/dbstructure.config.php | 2 +- update.php | 29 ++++++++++++++++++++++++++- 4 files changed, 38 insertions(+), 6 deletions(-) diff --git a/database.sql b/database.sql index 6f5ca5fec6..eef9c762fa 100644 --- a/database.sql +++ b/database.sql @@ -1,6 +1,6 @@ -- ------------------------------------------ -- Friendica 2024.06-rc (Yellow Archangel) --- DB_UPDATE_VERSION 1570 +-- DB_UPDATE_VERSION 1571 -- ------------------------------------------ diff --git a/src/Module/Settings/Profile/Index.php b/src/Module/Settings/Profile/Index.php index 96da3807fa..eb020297c8 100644 --- a/src/Module/Settings/Profile/Index.php +++ b/src/Module/Settings/Profile/Index.php @@ -125,9 +125,9 @@ class Index extends BaseSettings $country_name = trim($request['country_name']); $pub_keywords = self::cleanKeywords(trim($request['pub_keywords'])); $prv_keywords = self::cleanKeywords(trim($request['prv_keywords'])); - $xmpp = trim($request['xmpp']); - $matrix = trim($request['matrix']); - $homepage = trim($request['homepage']); + $xmpp = $this->cleanInput(trim($request['xmpp'])); + $matrix = $this->cleanInput(trim($request['matrix'])); + $homepage = $this->cleanInput(trim($request['homepage'])); if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) { // neither http nor https in URL, add them $homepage = 'http://' . $homepage; @@ -358,6 +358,11 @@ class Index extends BaseSettings return $profileFields; } + private function cleanInput(string $input): string + { + return str_replace(['<', '>', '"', ' '], '', $input); + } + private static function cleanKeywords($keywords): string { $keywords = str_replace(',', ' ', $keywords); diff --git a/static/dbstructure.config.php b/static/dbstructure.config.php index b8b17ef044..771c24d693 100644 --- a/static/dbstructure.config.php +++ b/static/dbstructure.config.php @@ -56,7 +56,7 @@ use Friendica\Database\DBA; // This file is required several times during the test in DbaDefinition which justifies this condition if (!defined('DB_UPDATE_VERSION')) { - define('DB_UPDATE_VERSION', 1570); + define('DB_UPDATE_VERSION', 1571); } return [ diff --git a/update.php b/update.php index 3b9b4f1c14..f2f5072eba 100644 --- a/update.php +++ b/update.php @@ -1486,4 +1486,31 @@ function update_1566() Profile::setResponsibleRelayContact($user['uid']); } DBA::close($users); -} \ No newline at end of file +} + +function update_1571() +{ + $profiles = DBA::select('profile', ['uid', 'homepage', 'xmpp', 'matrix']); + while ($profile = DBA::fetch($profiles)) { + $homepage = str_replace(['<', '>', '"', ' '], '', $profile['homepage']); + $xmpp = str_replace(['<', '>', '"', ' '], '', $profile['xmpp']); + $matrix = str_replace(['<', '>', '"', ' '], '', $profile['matrix']); + + $fields = []; + if ($homepage != $profile['homepage']) { + $fields['homepage'] = $homepage; + } + if ($xmpp != $profile['xmpp']) { + $fields['xmpp'] = $xmpp; + } + if ($matrix != $profile['matrix']) { + $fields['matrix'] = $matrix; + } + if (!empty($fields)) { + Profile::update($fields, $profile['uid']); + } + } + DBA::close($profiles); + + return Update::SUCCESS; +}