Peter M. Groen / knowledgetree

Commit 56368afe8f89215e2fa5a9e2b7ff7582e6ddee08

Authored by Conrad Vermeulen
1 parent 543f5be3

KTS-2178 

"cross site scripting"
Updated.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6915 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 78 additions and 78 deletions
lib/browse/Criteria.inc
  View file @56368af
... ... @@ -8,7 +8,7 @@
8 8 * License Version 1.1.2 ("License"); You may not use this file except in
9 9 * compliance with the License. You may obtain a copy of the License at
10 10 * http://www.knowledgetree.com/KPL
11   - *
  11 + *
12 12 * Software distributed under the License is distributed on an "AS IS"
13 13 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
14 14 * See the License for the specific language governing rights and
... ... @@ -19,9 +19,9 @@
19 19 * (ii) the KnowledgeTree copyright notice
20 20 * in the same form as they appear in the distribution. See the License for
21 21 * requirements.
22   - *
  22 + *
23 23 * The Original Code is: KnowledgeTree Open Source
24   - *
  24 + *
25 25 * The Initial Developer of the Original Code is The Jam Warehouse Software
26 26 * (Pty) Ltd, trading as KnowledgeTree.
27 27 * Portions created by The Jam Warehouse Software (Pty) Ltd are Copyright
... ... @@ -92,7 +92,7 @@ class BrowseCriterion {
92 92 }
93 93  
94 94 function parameterDisplay($aData) {
95   - return sprintf("%s %s", $this->baseParameterDisplay(), $aData[$this->getWidgetBase()]);
  95 + return sprintf("%s %s", $this->baseParameterDisplay(), htmlentities($aData[$this->getWidgetBase()],ENT_QUOTES, 'UTF-8'));
96 96 }
97 97  
98 98 function folderQuery ($iParentID, $sSortDirection) {
... ... @@ -144,7 +144,7 @@ class BrowseCriterion {
144 144 // $sSortField = $this->getSortField();
145 145 $documentQuery .= "ORDER BY " . $this->getSortField() . " " . $sSortDirection;
146 146 }
147   -
  147 +
148 148 return array($documentQuery, $aParams);
149 149 }
150 150  
... ... @@ -176,7 +176,7 @@ class BrowseCriterion {
176 176 function getID() {
177 177 return $this->iID;
178 178 }
179   -
  179 +
180 180 function getNameSpace() {
181 181 return $this->sNamespace;
182 182 }
... ... @@ -203,10 +203,10 @@ class BrowseCriterion {
203 203 return $this->getNotWidget($aPreValue) . "<input type=\"text\" size=\"50\" name=\"" . $this->getWidgetBase() . "\" />";
204 204 }
205 205 }
206   -
  206 +
207 207 function getNotWidget($aPreValue=null) {
208 208 if (!$this->bHandleNot) { return ''; }
209   -
  209 +
210 210 // not perfect, but acceptable.
211 211 $form_name = $this->getWidgetBase() . '_not';
212 212 $pos_select = '';
... ... @@ -229,7 +229,7 @@ class BrowseCriterion {
229 229 $is_string = _kt('is');
230 230 } else {
231 231 $not_string = _kt('does not contain');
232   - $is_string = _kt('contains');
  232 + $is_string = _kt('contains');
233 233 }
234 234 $widget = sprintf('<select name="%s"><option value="0"%s>%s</option><option value="1"%s>%s</option></select>&nbsp;', $form_name, $pos_select, $is_string, $neg_select, $not_string);
235 235 return $widget;
... ... @@ -254,14 +254,14 @@ class BrowseCriterion {
254 254 // handle the boolean "not" stuff UNLESS our caller is doing so already.
255 255 if ($handle_not) {
256 256 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
257   -
  257 +
258 258 if (is_null($want_invert) || ($want_invert == "0")) { // use explicit "0" check
259 259 return $val;
260 260 } else {
261 261 $val[0] = '(NOT (' . $val[0] . '))';
262 262 }
263 263 }
264   -
  264 +
265 265 return $val;
266 266 }
267 267  
... ... @@ -276,7 +276,7 @@ class NameCriterion extends BrowseCriterion {
276 276 var $bString = true;
277 277 var $sSearchTable = "DC";
278 278 var $bContains = true;
279   -
  279 +
280 280 var $sDocumentField = 'filename';
281 281 var $sSortField = 'filename';
282 282 var $sNamespace = 'ktcore.criteria.name';
... ... @@ -343,7 +343,7 @@ class TitleCriterion extends BrowseCriterion {
343 343 function TitleCriterion() {
344 344 $this->sDisplay = _kt('Document Title');
345 345 }
346   -
  346 +
347 347 function documentDisplay ($oDocument) {
348 348 return $oDocument->getName();
349 349 }
... ... @@ -370,7 +370,7 @@ class CreatorCriterion extends BrowseCriterion {
370 370 function CreatorCriterion() {
371 371 $this->sDisplay = _kt('Creator');
372 372 }
373   -
  373 +
374 374 function documentDisplay ($oDocument) {
375 375 $oCreator = User::get($oDocument->getCreatorID());
376 376 if ($oCreator) {
... ... @@ -388,7 +388,7 @@ class CreatorCriterion extends BrowseCriterion {
388 388 $oUser =& User::get($aData[$this->getWidgetBase()]);
389 389 if(PEAR::isError($oUser)) {
390 390 return $sBase . 'unknown user';
391   - }
  391 + }
392 392 return $sBase . $oUser->getName();
393 393 }
394 394  
... ... @@ -434,7 +434,7 @@ class DateCreatedCriterion extends BrowseCriterion {
434 434  
435 435 if($sStart) {
436 436 $sDisp .= _kt('after ') .$sStart;
437   - }
  437 + }
438 438 if($sStart && $sEnd) {
439 439 $sDisp .= _kt(' and ');
440 440 }
... ... @@ -449,9 +449,9 @@ class DateCreatedCriterion extends BrowseCriterion {
449 449 }
450 450 function searchWidget ($aRequest, $aPreValue = null) {
451 451 global $default;
452   -
  452 +
453 453 // IMPORTANT: this requires the presence of kt3-calendar.js
454   -
  454 +
455 455 $sStartWidget = $this->getWidgetBase() . "_start";
456 456 $sEndWidget = $this->getWidgetBase() . "_end";
457 457 /* // legacy code.
... ... @@ -480,8 +480,8 @@ class DateCreatedCriterion extends BrowseCriterion {
480 480 } else {
481 481 $sEnd = $aRequest[$this->getWidgetBase() . "_end"];
482 482 }
483   -
484   -
  483 +
  484 +
485 485 $val = null;
486 486 if ($sStart && $sEnd) {
487 487 $val = array($this->getSearchTable() . "." . $this->getSearchField() . " BETWEEN ? AND ?", array($sStart, $sEnd));
... ... @@ -491,17 +491,17 @@ class DateCreatedCriterion extends BrowseCriterion {
491 491 $val = array($this->getSearchTable() . "." . $this->getSearchField() . " < ?", array($sEnd));
492 492 } else {
493 493 return null;
494   - }
495   -
  494 + }
  495 +
496 496 // handle the boolean "not" stuff.
497 497 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
498   -
  498 +
499 499 if (is_null($want_invert) || ($want_invert == "0")) {
500 500 return $val;
501 501 } else {
502 502 $val[0] = '(NOT (' . $val[0] . '))';
503 503 }
504   -
  504 +
505 505 // finally
506 506 return $val;
507 507 }
... ... @@ -636,15 +636,15 @@ class GenericMetadataCriterion extends BrowseCriterion {
636 636 $p = parent::searchSQL($aRequest, false); // handle not ourselves.
637 637 $p[0] = join(' AND ', array($p[0], "$this->sSearchTable.document_field_id = ?"));
638 638 $p[1] = array_merge($p[1], array($this->iID));
639   -
  639 +
640 640 // handle the boolean "not" stuff.
641 641 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
642 642 if (is_null($want_invert) || ($want_invert == "0")) {
643 643 return $p;
644 644 } else {
645 645 $p[0] = '(NOT (' . $p[0] . '))';
646   - }
647   -
  646 + }
  647 +
648 648 return $p;
649 649 }
650 650  
... ... @@ -671,9 +671,9 @@ class GeneralMetadataCriterion extends BrowseCriterion {
671 671 {
672 672 $this->sDisplay = _kt('General Metadata');
673 673 }
674   -
  674 +
675 675 function documentDisplay ($oDocument) {
676   -
  676 +
677 677 return 'General Metadata';
678 678 }
679 679  
... ... @@ -682,11 +682,11 @@ class GeneralMetadataCriterion extends BrowseCriterion {
682 682 return $this->aLookup['field'];
683 683 }
684 684  
685   -
  685 +
686 686 function searchSQL ($aRequest) {
687   - $val = array('('.$this->getSearchTable() . "." . $this->getSearchField() . " LIKE '%!%' OR DM.name LIKE '%!%' )",
688   - array(DBUtil::escapeSimple($aRequest[$this->getWidgetBase()]),DBUtil::escapeSimple($aRequest[$this->getWidgetBase()])));
689   -
  687 + $val = array('('.$this->getSearchTable() . "." . $this->getSearchField() . " LIKE '%!%' OR DM.name LIKE '%!%' )",
  688 + array(DBUtil::escapeSimple($aRequest[$this->getWidgetBase()]),DBUtil::escapeSimple($aRequest[$this->getWidgetBase()])));
  689 +
690 690 return $val;
691 691 }
692 692  
... ... @@ -736,7 +736,7 @@ class SizeCriterion extends BrowseCriterion {
736 736 function SizeCriterion() {
737 737 $this->sDisplay = _kt('File Size');
738 738 }
739   -
  739 +
740 740 function documentDisplay ($oDocument) {
741 741 return $oDocument->getFileSize();
742 742 }
... ... @@ -747,7 +747,7 @@ class SizeCriterion extends BrowseCriterion {
747 747  
748 748 function parameterDisplay($aData) {
749 749 $sBase = $this->getWidgetBase();
750   - return sprintf("%s %s %s %s", $this->baseParameterDisplay(), $this->aCmps[$aData[$sBase.'_not']], $aData[$sBase.'_num'], $this->aTypes[$aData[$sBase.'_type']]);
  750 + return sprintf("%s %s %s %s", $this->baseParameterDisplay(), $this->aCmps[$aData[$sBase.'_not']], htmlentities($aData[$sBase.'_num'],ENT_QUOTES,'UTF-8'), $this->aTypes[$aData[$sBase.'_type']]);
751 751 }
752 752  
753 753 function searchWidget ($aRequest, $aPreValue = null) {
... ... @@ -763,7 +763,7 @@ class SizeCriterion extends BrowseCriterion {
763 763  
764 764 // build number
765 765 $sNumInput = sprintf('<input type="text" name="%s" value="%s"/>', $sNumWidget, KTUtil::arrayGet($aPreValue, $sNumWidget, ''));
766   -
  766 +
767 767  
768 768 // build type selection widget
769 769 $sTypeSelect = '<select name="'.$sTypeWidget.'">';
... ... @@ -802,8 +802,8 @@ class ContentCriterion extends BrowseCriterion {
802 802  
803 803 function ContentCriterion() {
804 804 $this->sDisplay = _kt('Document Text');
805   - }
806   -
  805 + }
  806 +
807 807 function documentDisplay ($oDocument) {
808 808 return "Document Text";
809 809 }
... ... @@ -812,7 +812,7 @@ class ContentCriterion extends BrowseCriterion {
812 812 }
813 813 function getSearchField () {
814 814 return "document_text";
815   - }
  815 + }
816 816  
817 817 function searchSQL ($aRequest) {
818 818 $oKTConfig =& KTConfig::getSingleton();
... ... @@ -840,8 +840,8 @@ class ContentCriterion extends BrowseCriterion {
840 840 return $p;
841 841 } else {
842 842 $p[0] = '(NOT (' . $p[0] . '))';
843   - }
844   -
  843 + }
  844 +
845 845 return $p;
846 846 }
847 847  
... ... @@ -859,8 +859,8 @@ class WorkflowStateCriterion extends BrowseCriterion {
859 859  
860 860 function WorkflowStateCriterion() {
861 861 $this->sDisplay = _kt('Workflow State');
862   - }
863   -
  862 + }
  863 +
864 864 function documentDisplay ($oDocument) {
865 865 $oState =& KTWorkflowState::getByDocument($oDocument);
866 866 if ($oState) {
... ... @@ -894,14 +894,14 @@ class WorkflowStateCriterion extends BrowseCriterion {
894 894 $p = array();
895 895 $p[0] = "DM.workflow_state_id = ?";
896 896 $p[1] = $aRequest[$this->getWidgetBase()];
897   -
  897 +
898 898 // handle the boolean "not" stuff.
899 899 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
900 900 if (is_null($want_invert) || ($want_invert == "0")) {
901 901 return $p;
902 902 } else {
903 903 $p[0] = '(NOT (' . $p[0] . '))';
904   - }
  904 + }
905 905 return $p;
906 906 }
907 907  
... ... @@ -920,7 +920,7 @@ class WorkflowStateCriterion extends BrowseCriterion {
920 920 foreach ($aStates as $oState) {
921 921 $oWorkflow =& KTWorkflow::get($oState->getWorkflowId());
922 922 $sSelStr = '';
923   - if ($preval == $oState->getId()) { $sSelStr = ' selected="true"'; }
  923 + if ($preval == $oState->getId()) { $sSelStr = ' selected="true"'; }
924 924 $sRet .= "<option value=\"" . $oState->getId() . "\"" . $sSelStr . ">" . $oWorkflow->getName() . " - " . $oState->getName() . "</option>\n";
925 925 }
926 926 $sRet .= "</select>\n";
... ... @@ -937,9 +937,9 @@ class DiscussionTextCriterion extends BrowseCriterion {
937 937  
938 938 function DiscussionTextCriterion() {
939 939 $this->sDisplay = _kt('Discussion Threads');
940   - }
941   -
942   -
  940 + }
  941 +
  942 +
943 943 function documentDisplay ($oDocument) {
944 944 return "Discussion Threads";
945 945 }
... ... @@ -959,15 +959,15 @@ class DiscussionTextCriterion extends BrowseCriterion {
959 959 $p = array();
960 960 $p[0] = "MATCH(DDCT.body) AGAINST (? $boolean_mode)";
961 961 $p[1] = KTUtil::phraseQuote($aRequest[$this->getWidgetBase()]);
962   -
  962 +
963 963 // handle the boolean "not" stuff.
964 964 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
965 965 if (is_null($want_invert) || ($want_invert == "0")) {
966 966 return $p;
967 967 } else {
968 968 $p[0] = '(NOT (' . $p[0] . '))';
969   - }
970   -
  969 + }
  970 +
971 971 return $p;
972 972 }
973 973  
... ... @@ -989,8 +989,8 @@ class SearchableTextCriterion extends BrowseCriterion {
989 989  
990 990 function SearchableTextCriterion() {
991 991 $this->sDisplay = _kt('Simple Search Text');
992   - }
993   -
  992 + }
  993 +
994 994 function documentDisplay ($oDocument) {
995 995 return "Simple search text";
996 996 }
... ... @@ -1000,7 +1000,7 @@ class SearchableTextCriterion extends BrowseCriterion {
1000 1000  
1001 1001 function getSearchField () {
1002 1002 return "document_text";
1003   - }
  1003 + }
1004 1004  
1005 1005 function searchSQL ($aRequest) {
1006 1006 $oKTConfig =& KTConfig::getSingleton();
... ... @@ -1015,11 +1015,11 @@ class SearchableTextCriterion extends BrowseCriterion {
1015 1015 } else {
1016 1016 $boolean_mode = "";
1017 1017 }
1018   -
  1018 +
1019 1019 $p = array();
1020 1020 $temp = str_replace('%', '', $aRequest[$this->getWidgetBase()]);
1021 1021 $keywords = explode(' ', $temp);
1022   -
  1022 +
1023 1023 for($i=0; $i<count($keywords); $i++){
1024 1024 if($keywords[$i] == ' ' or $keywords[$i] == ''){
1025 1025 continue;
... ... @@ -1036,7 +1036,7 @@ class SearchableTextCriterion extends BrowseCriterion {
1036 1036 continue;
1037 1037 }
1038 1038 $keywords[$i] = '%'.$keywords[$i].'%';
1039   - }
  1039 + }
1040 1040 $p[0] = "DST.document_text LIKE ? AND DST.document_text LIKE ? ";
1041 1041 $p[1] = $keywords;
1042 1042 }else{
... ... @@ -1050,8 +1050,8 @@ class SearchableTextCriterion extends BrowseCriterion {
1050 1050 return $p;
1051 1051 } else {
1052 1052 $p[0] = '(NOT (' . $p[0] . '))';
1053   - }
1054   -
  1053 + }
  1054 +
1055 1055 return $p;
1056 1056 }
1057 1057  
... ... @@ -1071,8 +1071,8 @@ class TransactionTextCriterion extends BrowseCriterion {
1071 1071  
1072 1072 function TransactionTextCriterion() {
1073 1073 $this->sDisplay = _kt('Transaction Text');
1074   - }
1075   -
  1074 + }
  1075 +
1076 1076 function documentDisplay ($oDocument) {
1077 1077 return "Transaction text";
1078 1078 }
... ... @@ -1092,15 +1092,15 @@ class TransactionTextCriterion extends BrowseCriterion {
1092 1092 $p = array();
1093 1093 $p[0] = "MATCH(DTT.document_text) AGAINST (? $boolean_mode)";
1094 1094 $p[1] = KTUtil::phraseQuote($aRequest[$this->getWidgetBase()]);
1095   -
  1095 +
1096 1096 // handle the boolean "not" stuff.
1097 1097 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
1098 1098 if (is_null($want_invert) || ($want_invert == "0")) {
1099 1099 return $p;
1100 1100 } else {
1101 1101 $p[0] = '(NOT (' . $p[0] . '))';
1102   - }
1103   -
  1102 + }
  1103 +
1104 1104 return $p;
1105 1105 }
1106 1106  
... ... @@ -1118,11 +1118,11 @@ class TagCloudCriterion extends BrowseCriterion {
1118 1118 var $sSortField = 'tag';
1119 1119 var $sNamespace = 'ktcore.criteria.tagcloud';
1120 1120 var $sSearchTable = "TWS" ;
1121   -
  1121 +
1122 1122 function TagCloudCriterion() {
1123 1123 $this->sDisplay = _kt('Tag Cloud');
1124   - }
1125   -
  1124 + }
  1125 +
1126 1126 function documentDisplay ($oDocument) {
1127 1127 return "Tag Cloud";
1128 1128 }
... ... @@ -1132,16 +1132,16 @@ class TagCloudCriterion extends BrowseCriterion {
1132 1132  
1133 1133 function searchSQL ($aRequest) {
1134 1134 $p = parent::searchSQL($aRequest, false); // handle not ourselves.
1135   -
  1135 +
1136 1136 // handle the boolean "not" stuff.
1137 1137 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
1138 1138 if (is_null($want_invert) || ($want_invert == "0")) {
1139 1139 return $p;
1140 1140 } else {
1141 1141 $p[0] = '(NOT (' . $p[0] . '))';
1142   - }
1143   -
1144   - return $p;
  1142 + }
  1143 +
  1144 + return $p;
1145 1145 }
1146 1146  
1147 1147 function searchJoinSQL () {
... ... @@ -1163,14 +1163,14 @@ class DateCreatedDeltaCriterion extends DateCreatedCriterion {
1163 1163  
1164 1164 function DateCreatedDeltaCriterion() {
1165 1165 $this->sDisplay = _kt('Date Created Delta');
1166   - }
  1166 + }
1167 1167  
1168   - function parameterDisplay($aData) {
  1168 + function parameterDisplay($aData) {
1169 1169 $sNum = KTUtil::arrayGet($aData, $this->getWidgetBase() . '_num');
1170 1170 $sType = KTUtil::arrayGet($aData, $this->getWidgetBase() . '_type');
1171 1171 return sprintf('%s %s %s', $this->baseParameterDisplay(), $sNum, $this->aTypes[$sType]);
1172 1172 }
1173   -
  1173 +
1174 1174 function searchWidget ($aRequest, $aPreValue = null) {
1175 1175 $sNumWidget = $this->getWidgetBase() . '_num';
1176 1176 $sTypeWidget = $this->getWidgetBase() . '_type';
... ... @@ -1196,7 +1196,7 @@ class DateCreatedDeltaCriterion extends DateCreatedCriterion {
1196 1196 $sType = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_type');
1197 1197  
1198 1198 $val = array($this->getSearchTable() . "." . $this->getSearchField() . " > SUBDATE(NOW(), INTERVAL ? {$sType})", array($sNum));
1199   -
  1199 +
1200 1200 $want_invert = KTUtil::arrayGet($aRequest, $this->getWidgetBase() . '_not');
1201 1201 if (is_null($want_invert) || ($want_invert == "0")) {
1202 1202 return $val;
... ... @@ -1215,8 +1215,8 @@ class DateModifiedDeltaCriterion extends DateCreatedDeltaCriterion {
1215 1215  
1216 1216 function DateModifiedDeltaCriterion() {
1217 1217 $this->sDisplay = _kt('Date Modified Delta');
1218   - }
1219   -
  1218 + }
  1219 +
1220 1220 function documentDisplay ($oDocument) {
1221 1221 return $oDocument->getLastModifiedDate();
1222 1222 }
... ...