Skip to:
Content

bbPress.org


Ignore:
Timestamp:
11/10/2014 05:37:29 PM (7 years ago)
Author:
johnjamesjacoby
Message:

Improve form field output sanitization when posting theme-side forum/topic/reply content. Thanks planetzuda. See #2719.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/replies/template.php

    r5513 r5558  
    25522552
    25532553        // Get _POST data
    2554         if ( bbp_is_post_request() && isset( $_POST['bbp_reply_content'] ) ) {
     2554        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_content'] ) ) {
    25552555            $reply_content = stripslashes( $_POST['bbp_reply_content'] );
    25562556
     
    25932593
    25942594        // Get $_REQUEST data
    2595         if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
     2595        if ( bbp_is_reply_form_post_request() && isset( $_REQUEST['bbp_reply_to'] ) ) {
    25962596            $reply_to = bbp_validate_reply_to( $_REQUEST['bbp_reply_to'] );
    25972597        }
     
    27112711
    27122712        // Get _POST data
    2713         if ( bbp_is_post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) {
    2714             $reply_revision = $_POST['bbp_log_reply_edit'];
     2713        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) {
     2714            $reply_revision = (bool) $_POST['bbp_log_reply_edit'];
    27152715
    27162716        // No data
    27172717        } else {
    2718             $reply_revision = 1;
    2719         }
    2720 
    2721         return apply_filters( 'bbp_get_form_reply_log_edit', checked( $reply_revision, true, false ) );
     2718            $reply_revision = true;
     2719        }
     2720
     2721        // Get checked output
     2722        $checked = checked( $reply_revision, true, false );
     2723
     2724        return apply_filters( 'bbp_get_form_reply_log_edit', $checked, $reply_revision );
    27222725    }
    27232726
     
    27442747
    27452748        // Get _POST data
    2746         if ( bbp_is_post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) {
    2747             $reply_edit_reason = $_POST['bbp_reply_edit_reason'];
     2749        if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) {
     2750            $reply_edit_reason = stripslashes( $_POST['bbp_reply_edit_reason'] );
    27482751
    27492752        // No data
     
    27522755        }
    27532756
    2754         return apply_filters( 'bbp_get_form_reply_edit_reason', esc_attr( $reply_edit_reason ) );
     2757        return apply_filters( 'bbp_get_form_reply_edit_reason', $reply_edit_reason );
    27552758    }
    27562759
     
    27982801
    27992802            // Post value is passed
    2800             if ( bbp_is_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
     2803            if ( bbp_is_reply_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    28012804                $r['selected'] = $_POST[ $r['select_id'] ];
    28022805
     
    28372840        return apply_filters( 'bbp_get_form_reply_status_dropdown', ob_get_clean(), $r );
    28382841    }
     2842
     2843/**
     2844 * Verify if a POST request came from a failed reply attempt.
     2845 *
     2846 * Used to avoid cross-site request forgeries when checking posted reply form
     2847 * content.
     2848 *
     2849 * @see bbp_reply_form_fields()
     2850 *
     2851 * @since bbPress (r5558)
     2852 * @return boolean True if is a post request with valid nonce
     2853 */
     2854function bbp_is_reply_form_post_request() {
     2855
     2856    // Bail if not a post request
     2857    if ( ! bbp_is_post_request() ) {
     2858        return false;
     2859    }
     2860
     2861    // Creating a new reply
     2862    if ( bbp_verify_nonce_request( 'bbp-new-reply' ) ) {
     2863        return true;
     2864    }
     2865
     2866    // Editing an existing reply
     2867    if ( bbp_verify_nonce_request( 'bbp-edit-reply' ) ) {
     2868        return true;
     2869    }
     2870
     2871    return false;
     2872}
Note: See TracChangeset for help on using the changeset viewer.