kiduc
/
bibiuc.com
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 59 Wiki Activity
Browse Source

CVE-2019-8349 XSS vulnerabilities fix

pull/400/head
danpros 5 years ago
parent
fb6fac0af1
commit
ec1cf1d303
19 changed files with 31 additions and 190 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +0
    -147
      config/config.ini
  2. +3
    -1
      config/config.ini.example
  3. +0
    -9
      config/users/kanti.ini
  4. +1
    -1
      system/admin/admin.php
  5. +1
    -1
      system/admin/views/backup.html.php
  6. +1
    -1
      system/admin/views/delete-category.html.php
  7. +1
    -1
      system/admin/views/delete-page.html.php
  8. +1
    -1
      system/admin/views/delete-post.html.php
  9. +1
    -1
      system/admin/views/edit-content.html.php
  10. +1
    -1
      system/admin/views/edit-page.html.php
  11. +1
    -1
      system/admin/views/popular-posts.html.php
  12. +1
    -1
      system/admin/views/posts-list.html.php
  13. +1
    -1
      system/admin/views/user-draft.html.php
  14. +1
    -1
      system/admin/views/user-posts.html.php
  15. +12
    -12
      system/htmly.php
  16. +2
    -7
      system/includes/functions.php
  17. +1
    -1
      themes/blog/layout.html.php
  18. +1
    -1
      themes/twentyfifteen/layout.html.php
  19. +1
    -1
      themes/twentysixteen/layout.html.php

+ 0
- 147
config/config.ini View File

@ -1,147 +0,0 @@
; The URL of your blog. Include the http or https if you are using Facebook or Disqus comment.
site.url = ""
; Your timezone
timezone = "Asia/Jakarta"
; Your language ("en" for English, "de" for German, "pl" for Polish)
language = "en"
; Blog info
blog.title = "HTMLy"
blog.tagline = "Just another HTMLy blog"
blog.description = "Proudly powered by HTMLy, a databaseless blogging platform."
blog.copyright = "(c) Your name."
; Set permalink type. "default" using /year/month/title. "post" using /post/title
permalink.type = "default"
; Make the frontpage static. Options "false" and "true"
static.frontpage = "false"
; Show the /blog url as the blog homepage. Options "false" and "true"
blog.enable = "false"
; Social account
social.twitter = "https://twitter.com"
social.facebook = "https://www.facebook.com"
social.google = "https://plus.google.com"
social.tumblr = "http://www.tumblr.com"
; Custom menu link.
; See example below:
; "Google->http://www.google.com|Wikipedia->http://www.wikipedia.org".
blog.menu = ""
; Breadcrumb home text. Useful when installed on subfolder.
breadcrumb.home = "Home"
; Comment system. Choose "facebook", "disqus", or "disable".
comment.system = "disable"
; Facebook comments
fb.appid = ""
fb.num = "5"
fb.color = "light"
; Disqus comments
disqus.shortname = ""
; Google Web Master Tool ID verification
google.wmt.id = ""
; Google+ publisher
google.publisher = ""
; Google analytics
google.analytics.id = ""
; Google reCaptcha
; https://www.google.com/recaptcha/admin. Options "false" and "true"
google.reCaptcha = "false"
google.reCaptcha.public = ""
google.reCaptcha.private = ""
; Pagination, RSS, and JSON
posts.perpage = "10"
category.perpage = "10"
tag.perpage = "10"
archive.perpage = "10"
search.perpage = "10"
profile.perpage = "10"
type.perpage = "10"
json.count = "10"
; Category info
category.info = "true"
; Related posts
related.count = "3"
; Recent posts
recent.count = "5"
; Popular posts
popular.count = "5"
; Author info on blog post. Set "true" or "false".
author.info = "true"
; Teaser type: set "trimmed" or "full".
teaser.type = "full"
; Read more link text for "full" teaser type
read.more = "Read more"
; Teaser character count
teaser.char = "200"
; Description character count
description.char = "150"
; RSS feed count
rss.count = "10"
; RSS feed description length. If left empty we will use full page.
rss.char = "200"
; Enable image thumbnail on teaser, the options is "true" and "false". If set to "true", you can specify the default thumbnail also.
img.thumbnail = "false"
default.thumbnail = ""
; Enable views Counter, the options is "true" and "false". If set to "true", you can see the Counts in Admin page and popular posts.
views.counter = "false"
; Sitemap priorities between "0.0" and "1.0". Set "false" to disable a sitemap for the given type. (See /sitemap.xml)
sitemap.priority.base = "1.0"
sitemap.priority.post = "0.5"
sitemap.priority.static = "0.5"
sitemap.priority.category = "0.5"
sitemap.priority.tag = "0.5"
sitemap.priority.archiveDay = "0.5"
sitemap.priority.archiveMonth = "0.5"
sitemap.priority.archiveYear = "0.5"
sitemap.priority.author = "0.5"
sitemap.priority.type = "0.5"
; Also install pre-release
prerelease = "false"
; Cache expiration in hour. Eg. "6", "12". Default 6 hours.
cache.expiration = "6"
; Switch on and off the file cache for development purposes. Options "false" and "true"
cache.off = "false"
; Switch on and off the page generation time. Options "false" and "true"
generation.time = "false"
; Switch on and off the cache timestamp. Options "false" and "true"
cache.timestamp = "false"
; Set the theme here
views.root = "themes/twentysixteen"
; Framework config. No need to edit.
views.layout = "layout"

+ 3
- 1
config/config.ini.example View File

@ -4,6 +4,9 @@ site.url = ""
; Your timezone
timezone = "Asia/Jakarta"
; Time format. See: https://www.php.net/manual/en/function.date.php
time.format = "d F Y"
; Your language (currently only "en" for English or "de" for German)
language = "en"
@ -25,7 +28,6 @@ blog.enable = "false"
; Social account
social.twitter = "https://twitter.com"
social.facebook = "https://www.facebook.com"
social.google = "https://plus.google.com"
social.tumblr = "http://www.tumblr.com"
; Custom menu link.


+ 0
- 9
config/users/kanti.ini View File

@ -1,9 +0,0 @@
;Password
password = yourpassword
encryption = clear
; encryption: not set, leave blank or set to clear or none to use plain text password for the user,
; else set to encryption algoritm supported by hash function of php to use the selected
; encryption
;Role
role = admin

+ 1
- 1
system/admin/admin.php View File

@ -695,7 +695,7 @@ function get_user_posts()
$i++;
echo '<tr class="' . $class . '">';
echo '<td><a target="_blank" href="' . $p->url . '">' . $p->title . '</a></td>';
echo '<td>' . date('d F Y', $p->date) . '</td>';
echo '<td>' . format_date($p->date) . '</td>';
if (config("views.counter") == "true")
echo '<td>' . $p->views . '</td>';
echo '<td>' . $p->tag . '</td>';


+ 1
- 1
system/admin/views/backup.html.php View File

@ -1,7 +1,7 @@
<?php
if (login()) {
if (isset($_GET['file'])) {
$file = $_GET['file'];
$file = _h($_GET['file']);
if (!empty($file)) {
unlink($file);


+ 1
- 1
system/admin/views/delete-category.html.php View File

@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;


+ 1
- 1
system/admin/views/delete-page.html.php View File

@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;


+ 1
- 1
system/admin/views/delete-post.html.php View File

@ -1,6 +1,6 @@
<?php
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
}
$url = $p->file;
$oldurl = explode('_', $url);


+ 1
- 1
system/admin/views/edit-content.html.php View File

@ -30,7 +30,7 @@ if (empty($oldtag)) {
$oldmd = str_replace('.md', '', $oldurl[2]);
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
} else {
$destination = 'admin';
}


+ 1
- 1
system/admin/views/edit-page.html.php View File

@ -41,7 +41,7 @@ if ($type == 'is_frontpage') {
$oldcontent = remove_html_comments($content);
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
$destination = _h($_GET['destination']);
} else {
$destination = 'admin';
}


+ 1
- 1
system/admin/views/popular-posts.html.php View File

@ -24,7 +24,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td><?php endif; ?>
<td><a target="_blank" href="<?php echo $p->authorUrl ?>"><?php echo $p->author ?></a></td>


+ 1
- 1
system/admin/views/posts-list.html.php View File

@ -24,7 +24,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td><?php endif; ?>
<td><a target="_blank" href="<?php echo $p->authorUrl ?>"><?php echo $p->author ?></a></td>


+ 1
- 1
system/admin/views/user-draft.html.php View File

@ -22,7 +22,7 @@
?>
<tr class="<?php echo $class ?>">
<td><?php echo $p->title ?></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<td><?php echo strip_tags($p->tag) ?></td>
<td><a href="<?php echo $p->url ?>/edit?destination=admin/draft"><?php echo i18n('Edit');?></a> <a href="<?php echo $p->url ?>/delete?destination=admin/draft"><?php echo i18n('Delete');?></a></td>
</tr>


+ 1
- 1
system/admin/views/user-posts.html.php View File

@ -25,7 +25,7 @@
?>
<tr class="<?php echo $class ?>">
<td><a target="_blank" href="<?php echo $p->url ?>"><?php echo $p->title ?></a></td>
<td><?php echo date('d F Y', $p->date) ?></td>
<td><?php echo format_date($p->date) ?></td>
<?php if (config("views.counter") == "true"): ?>
<td><?php echo $p->views ?></td>
<?php endif; ?>


+ 12
- 12
system/htmly.php View File

@ -17,7 +17,7 @@ if (config('timezone')) {
get('/index', function () {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -186,7 +186,7 @@ post('/login', function () {
get('/author/:name', function ($name) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -397,7 +397,7 @@ get('/front/edit', function () {
// Show the "Add content" page
get('/add/content', function () {
$req = $_GET['type'];
$req = _h($_GET['type']);
$type = 'is_' . $req;
@ -1401,7 +1401,7 @@ get('/admin/categories', function () {
get('/category/:category', function ($category) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -1597,7 +1597,7 @@ post('/category/:category/delete', function () {
get('/type/:type', function ($type) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -1666,7 +1666,7 @@ get('/type/:type', function ($type) {
get('/tag/:tag', function ($tag) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -1731,7 +1731,7 @@ get('/tag/:tag', function ($tag) {
get('/archive/:req', function ($req) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -1806,7 +1806,7 @@ get('/archive/:req', function ($req) {
get('/search/:keyword', function ($keyword) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -1904,7 +1904,7 @@ get('/feed/opml', function () {
get('/post/:name', function ($name) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -2288,7 +2288,7 @@ post('/post/:name/delete', function () {
get('/:static', function ($static) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -2683,7 +2683,7 @@ post('/:static/delete', function () {
get('/:static/:sub', function ($static, $sub) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -2890,7 +2890,7 @@ post('/:static/:sub/delete', function () {
get('/:year/:month/:name', function ($year, $month, $name) {
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}


+ 2
- 7
system/includes/functions.php View File

@ -1816,7 +1816,6 @@ function social($imgDir = null)
{
$twitter = config('social.twitter');
$facebook = config('social.facebook');
$google = config('social.google');
$tumblr = config('social.tumblr');
$rss = site_url() . 'feed/rss';
@ -1832,10 +1831,6 @@ function social($imgDir = null)
echo '<a href="' . $facebook . '" target="_blank"><img src="' . site_url() . 'themes/' . $imgDir . 'facebook.png" width="32" height="32" alt="Facebook"/></a>';
}
if (!empty($google)) {
echo '<a href="' . $google . '" target="_blank"><img src="' . site_url() . 'themes/' . $imgDir . 'googleplus.png" width="32" height="32" alt="Google+"/></a>';
}
if (!empty($tumblr)) {
echo '<a href="' . $tumblr . '" target="_blank"><img src="' . site_url() . 'themes/' . $imgDir . 'tumblr.png" width="32" height="32" alt="Tumblr"/></a>';
}
@ -2164,7 +2159,7 @@ EOF;
EOF;
}
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}
@ -3212,7 +3207,7 @@ function get_language()
$langID = config('language');
$langFile = 'lang/'. $langID . '.ini';
$local = strtolower($langID);
$local = $langID;
// Settings for the language
if (!isset($langID) || config('language') === 'en') {


+ 1
- 1
themes/blog/layout.html.php View File

@ -26,7 +26,7 @@
</head>
<?php
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}


+ 1
- 1
themes/twentyfifteen/layout.html.php View File

@ -19,7 +19,7 @@
</head>
<?php
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}


+ 1
- 1
themes/twentysixteen/layout.html.php View File

@ -21,7 +21,7 @@
</head>
<?php
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}


Write Preview
Loading…
Cancel
Save