Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-14 01:34:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix forum XSS

Browse Source
This commit is contained in:
slawkens
2023-11-27 22:56:38 +01:00
parent 98332f1483
commit d1046ba21d
3 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
system/pages/forum/edit_post.php
View File

@@ -40,6 +40,10 @@ if(Forum::canPost($account_logged))
$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
if (!superAdmin()) {
$html = 0;
}
$length = strlen($post_topic);
if(($length < 1 || $length > 60) && $thread['id'] == $thread['first_post']) {
$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";