Changeset 5558 for trunk/src/includes/forums/template.php

Timestamp:

11/10/2014 05:37:29 PM (11 years ago)

Author:

johnjamesjacoby

Message:

Improve form field output sanitization when posting theme-side forum/topic/reply content. Thanks planetzuda. See #2719.

File:

• trunk/src/includes/forums/template.php (modified) (10 diffs)

trunk/src/includes/forums/template.php

@@ -2185 +2185 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_title'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_title'] ) ) {
             $forum_title = $_POST['bbp_forum_title'];
 
@@ -2222 +2222 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_content'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_content'] ) ) {
             $forum_content = stripslashes( $_POST['bbp_forum_content'] );
 
@@ -2260 +2260 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_id'] ) ) {
             $forum_parent = $_POST['bbp_forum_id'];
 
@@ -2298 +2298 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_type'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_type'] ) ) {
             $forum_type = $_POST['bbp_forum_type'];
 
@@ -2336 +2336 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_visibility'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_visibility'] ) ) {
             $forum_visibility = $_POST['bbp_forum_visibility'];
 
@@ -2378 +2378 @@
 
         // Get _POST data
-        if ( bbp_is_post_request() && isset( $_POST['bbp_forum_subscription'] ) ) {
+        if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_subscription'] ) ) {
             $forum_subscribed = (bool) $_POST['bbp_forum_subscription'];
 
@@ -2465 +2465 @@
 
             // Post value is passed
-            if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
+            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
                 $r['selected'] = $_POST[ $r['select_id'] ];
 
@@ -2557 +2557 @@
 
             // Post value is passed
-            if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
+            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
                 $r['selected'] = $_POST[ $r['select_id'] ];
 
@@ -2649 +2649 @@
 
             // Post value is passed
-            if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
+            if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
                 $r['selected'] = $_POST[ $r['select_id'] ];
 
@@ -2688 +2688 @@
         return apply_filters( 'bbp_get_form_forum_type_dropdown', ob_get_clean(), $r );
     }
+
+/**
+ * Verify if a POST request came from a failed forum attempt.
+ *
+ * Used to avoid cross-site request forgeries when checking posted forum form
+ * content.
+ *
+ * @see bbp_forum_form_fields()
+ *
+ * @since bbPress (r5558)
+ * @return boolean True if is a post request with valid nonce
+ */
+function bbp_is_forum_form_post_request() {
+
+    // Bail if not a post request
+    if ( ! bbp_is_post_request() ) {
+        return false;
+    }
+
+    // Creating a new topic
+    if ( bbp_verify_nonce_request( 'bbp-new-forum' ) ) {
+        return true;
+    }
+
+    // Editing an existing topic
+    if ( bbp_verify_nonce_request( 'bbp-edit-forum' ) ) {
+        return true;
+    }
+
+    return false;
+}
 
 /** Feeds *********************************************************************/