Skip to:
Content

bbPress.org

Changeset 5558


Ignore:
Timestamp:
11/10/2014 05:37:29 PM (10 years ago)
Author:
johnjamesjacoby
Message:

Improve form field output sanitization when posting theme-side forum/topic/reply content. Thanks planetzuda. See #2719.

Location:
trunk/src/includes
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/core/filters.php

    r5466 r5558  
    171171add_filter( 'bbp_get_form_reply_content', 'trim'                   );
    172172
     173// Form input output - sanitize
     174add_filter( 'bbp_get_form_reply_edit_reason', 'esc_attr' );
     175add_filter( 'bbp_get_form_reply_edit_reason', 'trim'     );
     176add_filter( 'bbp_get_form_topic_edit_reason', 'esc_attr' );
     177add_filter( 'bbp_get_form_topic_edit_reason', 'trim'     );
     178
    173179// Add number format filter to functions requiring numeric output
    174180add_filter( 'bbp_get_user_topic_count',     'bbp_number_format', 10 );
  • trunk/src/includes/forums/template.php

    r5501 r5558  
    21852185
    21862186        // Get _POST data
    2187         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_title'] ) ) {
     2187        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_title'] ) ) {
    21882188            $forum_title = $_POST['bbp_forum_title'];
    21892189
     
    22222222
    22232223        // Get _POST data
    2224         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_content'] ) ) {
     2224        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_content'] ) ) {
    22252225            $forum_content = stripslashes( $_POST['bbp_forum_content'] );
    22262226
     
    22602260
    22612261        // Get _POST data
    2262         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
     2262        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
    22632263            $forum_parent = $_POST['bbp_forum_id'];
    22642264
     
    22982298
    22992299        // Get _POST data
    2300         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_type'] ) ) {
     2300        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_type'] ) ) {
    23012301            $forum_type = $_POST['bbp_forum_type'];
    23022302
     
    23362336
    23372337        // Get _POST data
    2338         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_visibility'] ) ) {
     2338        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_visibility'] ) ) {
    23392339            $forum_visibility = $_POST['bbp_forum_visibility'];
    23402340
     
    23782378
    23792379        // Get _POST data
    2380         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_subscription'] ) ) {
     2380        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_subscription'] ) ) {
    23812381            $forum_subscribed = (bool) $_POST['bbp_forum_subscription'];
    23822382
     
    24652465
    24662466            // Post value is passed
    2467             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     2467            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    24682468                $r['selected'] = $_POST[ $r['select_id'] ];
    24692469
     
    25572557
    25582558            // Post value is passed
    2559             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     2559            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    25602560                $r['selected'] = $_POST[ $r['select_id'] ];
    25612561
     
    26492649
    26502650            // Post value is passed
    2651             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     2651            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    26522652                $r['selected'] = $_POST[ $r['select_id'] ];
    26532653
     
    26882688        return apply_filters( 'bbp_get_form_forum_type_dropdown', ob_get_clean(), $r );
    26892689    }
     2690
     2691/**
     2692 * Verify if a POST request came from a failed forum attempt.
     2693 *
     2694 * Used to avoid cross-site request forgeries when checking posted forum form
     2695 * content.
     2696 *
     2697 * @see bbp_forum_form_fields()
     2698 *
     2699 * @since bbPress (r5558)
     2700 * @return boolean True if is a post request with valid nonce
     2701 */
     2702function bbp_is_forum_form_post_request() {
     2703
     2704    // Bail if not a post request
     2705    if ( ! bbp_is_post_request() ) {
     2706        return false;
     2707    }
     2708
     2709    // Creating a new topic
     2710    if ( bbp_verify_nonce_request( 'bbp-new-forum' ) ) {
     2711        return true;
     2712    }
     2713
     2714    // Editing an existing topic
     2715    if ( bbp_verify_nonce_request( 'bbp-edit-forum' ) ) {
     2716        return true;
     2717    }
     2718
     2719    return false;
     2720}
    26902721
    26912722/** Feeds *********************************************************************/
  • trunk/src/includes/replies/template.php

    r5513 r5558  
    25522552
    25532553        // Get _POST data
    2554         if ( bbp_is_post_request() && isset( $_POST['bbp_reply_content'] ) ) {
     2554        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_content'] ) ) {
    25552555            $reply_content = stripslashes( $_POST['bbp_reply_content'] );
    25562556
     
    25932593
    25942594        // Get $_REQUEST data
    2595         if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
     2595        if ( bbp_is_reply_form_post_request() && isset( $_REQUEST['bbp_reply_to'] ) ) {
    25962596            $reply_to = bbp_validate_reply_to( $_REQUEST['bbp_reply_to'] );
    25972597        }
     
    27112711
    27122712        // Get _POST data
    2713         if ( bbp_is_post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) {
    2714             $reply_revision = $_POST['bbp_log_reply_edit'];
     2713        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) {
     2714            $reply_revision = (bool) $_POST['bbp_log_reply_edit'];
    27152715
    27162716        // No data
    27172717        } else {
    2718             $reply_revision = 1;
    2719         }
    2720 
    2721         return apply_filters( 'bbp_get_form_reply_log_edit', checked( $reply_revision, true, false ) );
     2718            $reply_revision = true;
     2719        }
     2720
     2721        // Get checked output
     2722        $checked = checked( $reply_revision, true, false );
     2723
     2724        return apply_filters( 'bbp_get_form_reply_log_edit', $checked, $reply_revision );
    27222725    }
    27232726
     
    27442747
    27452748        // Get _POST data
    2746         if ( bbp_is_post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) {
    2747             $reply_edit_reason = $_POST['bbp_reply_edit_reason'];
     2749        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) {
     2750            $reply_edit_reason = stripslashes( $_POST['bbp_reply_edit_reason'] );
    27482751
    27492752        // No data
     
    27522755        }
    27532756
    2754         return apply_filters( 'bbp_get_form_reply_edit_reason', esc_attr( $reply_edit_reason ) );
     2757        return apply_filters( 'bbp_get_form_reply_edit_reason', $reply_edit_reason );
    27552758    }
    27562759
     
    27982801
    27992802            // Post value is passed
    2800             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     2803            if ( bbp_is_reply_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    28012804                $r['selected'] = $_POST[ $r['select_id'] ];
    28022805
     
    28372840        return apply_filters( 'bbp_get_form_reply_status_dropdown', ob_get_clean(), $r );
    28382841    }
     2842
     2843/**
     2844 * Verify if a POST request came from a failed reply attempt.
     2845 *
     2846 * Used to avoid cross-site request forgeries when checking posted reply form
     2847 * content.
     2848 *
     2849 * @see bbp_reply_form_fields()
     2850 *
     2851 * @since bbPress (r5558)
     2852 * @return boolean True if is a post request with valid nonce
     2853 */
     2854function bbp_is_reply_form_post_request() {
     2855
     2856    // Bail if not a post request
     2857    if ( ! bbp_is_post_request() ) {
     2858        return false;
     2859    }
     2860
     2861    // Creating a new reply
     2862    if ( bbp_verify_nonce_request( 'bbp-new-reply' ) ) {
     2863        return true;
     2864    }
     2865
     2866    // Editing an existing reply
     2867    if ( bbp_verify_nonce_request( 'bbp-edit-reply' ) ) {
     2868        return true;
     2869    }
     2870
     2871    return false;
     2872}
  • trunk/src/includes/topics/template.php

    r5513 r5558  
    32663266
    32673267            // Post value is passed
    3268             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     3268            if ( bbp_is_topic_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    32693269                $r['selected'] = $_POST[ $r['select_id'] ];
    32703270
     
    33553355
    33563356            // Post value is passed
    3357             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     3357            if ( bbp_is_topic_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    33583358                $r['selected'] = $_POST[ $r['select_id'] ];
    33593359
     
    38493849
    38503850        // Get _POST data
    3851         if ( bbp_is_post_request() && isset( $_POST['bbp_topic_title'] ) ) {
    3852             $topic_title = $_POST['bbp_topic_title'];
     3851        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_title'] ) ) {
     3852            $topic_title = stripslashes( $_POST['bbp_topic_title'] );
    38533853
    38543854        // Get edit data
     
    38863886
    38873887        // Get _POST data
    3888         if ( bbp_is_post_request() && isset( $_POST['bbp_topic_content'] ) ) {
     3888        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_content'] ) ) {
    38893889            $topic_content = stripslashes( $_POST['bbp_topic_content'] );
    38903890
     
    39333933
    39343934        // Get _POST data
    3935         if ( bbp_is_post_request() && isset( $_POST['bbp_topic_tags'] ) ) {
    3936             $topic_tags = $_POST['bbp_topic_tags'];
     3935        if ( ( bbp_is_topic_form_post_request() || bbp_is_reply_form_post_request() ) && isset( $_POST['bbp_topic_tags'] ) ) {
     3936            $topic_tags = stripslashes( $_POST['bbp_topic_tags'] );
    39373937
    39383938        // Get edit data
     
    40164016
    40174017        // Get _POST data
    4018         if ( bbp_is_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
     4018        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
    40194019            $topic_forum = (int) $_POST['bbp_forum_id'];
    40204020
     
    40564056
    40574057        // Get _POST data
    4058         if ( bbp_is_post_request() && isset( $_POST['bbp_topic_subscription'] ) ) {
     4058        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_subscription'] ) ) {
    40594059            $topic_subscribed = (bool) $_POST['bbp_topic_subscription'];
    40604060
     
    41114111
    41124112        // Get _POST data
    4113         if ( bbp_is_post_request() && isset( $_POST['bbp_log_topic_edit'] ) ) {
    4114             $topic_revision = (int) $_POST['bbp_log_topic_edit'];
     4113        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_log_topic_edit'] ) ) {
     4114            $topic_revision = (bool) $_POST['bbp_log_topic_edit'];
    41154115
    41164116        // No data
    41174117        } else {
    4118             $topic_revision = 1;
     4118            $topic_revision = true;
    41194119        }
    41204120
     
    41474147
    41484148        // Get _POST data
    4149         if ( bbp_is_post_request() && isset( $_POST['bbp_topic_edit_reason'] ) ) {
    4150             $topic_edit_reason = $_POST['bbp_topic_edit_reason'];
     4149        if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_edit_reason'] ) ) {
     4150            $topic_edit_reason = stripslashes( $_POST['bbp_topic_edit_reason'] );
    41514151
    41524152        // No data
     
    41554155        }
    41564156
    4157         return apply_filters( 'bbp_get_form_topic_edit_reason', esc_attr( $topic_edit_reason ) );
    4158     }
     4157        return apply_filters( 'bbp_get_form_topic_edit_reason', $topic_edit_reason );
     4158    }
     4159
     4160/**
     4161 * Verify if a POST request came from a failed topic attempt.
     4162 *
     4163 * Used to avoid cross-site request forgeries when checking posted topic form
     4164 * content.
     4165 *
     4166 * @see bbp_topic_form_fields()
     4167 *
     4168 * @since bbPress (r5558)
     4169 * @return boolean True if is a post request with valid nonce
     4170 */
     4171function bbp_is_topic_form_post_request() {
     4172
     4173    // Bail if not a post request
     4174    if ( ! bbp_is_post_request() ) {
     4175        return false;
     4176    }
     4177
     4178    // Creating a new topic
     4179    if ( bbp_verify_nonce_request( 'bbp-new-topic' ) ) {
     4180        return true;
     4181    }
     4182
     4183    // Editing an existing topic
     4184    if ( bbp_verify_nonce_request( 'bbp-edit-topic' ) ) {
     4185        return true;
     4186    }
     4187
     4188    return false;
     4189}
Note: See TracChangeset for help on using the changeset viewer.