Corrected XSS vuln in title param

( reported in claudehohl#556 )
krayon · Jan 31, 2022 · 657256e · 657256e
1 parent 5f5a083
commit 657256e
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 6 deletions.
diff --git a/htdocs/themes/bootstrap/views/defaults/paste_form.php b/htdocs/themes/bootstrap/views/defaults/paste_form.php
@@ -24,7 +24,8 @@
 					<label for="title">
 						<?php echo lang('paste_title'); ?>
 					</label>
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 				<div class="span3">
 					<label for="lang">

diff --git a/htdocs/themes/cleanwhite/views/defaults/paste_form.php b/htdocs/themes/cleanwhite/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 					<span class="instruction"><?php echo lang('paste_title_desc'); ?></span>
 				</label>
 
-				<input value="<?php if(isset($title_set)){ echo $title_set; }?>" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+				<?php $set = array('name' => 'title', 'id' => 'title', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+				echo form_input($set);?>
 			</div>
 
 			<div class="item last">

diff --git a/htdocs/themes/default/views/defaults/paste_form.php b/htdocs/themes/default/views/defaults/paste_form.php
@@ -26,7 +26,8 @@
 				<label for="title"><?php echo lang('paste_title'); ?>
 					<span class="instruction"><?php echo lang('paste_title_desc'); ?></span>
 				</label>
-				<input value="<?php if(isset($title_set)){ echo $title_set; }?>" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+				<?php $set = array('name' => 'title', 'id' => 'title', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+				echo form_input($set);?>
 			</div>
 
 			<div class="item last">

diff --git a/htdocs/themes/geocities/views/defaults/paste_form.php b/htdocs/themes/geocities/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 						<?php echo lang('paste_title'); ?>
 					</label>
 
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 
 				<div class="span3">

diff --git a/htdocs/themes/i386/views/defaults/paste_form.php b/htdocs/themes/i386/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 						<?php echo lang('paste_title'); ?>
 					</label>
 
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 
 				<div class="span3">

diff --git a/htdocs/themes/stikkedizr/views/defaults/paste_form.php b/htdocs/themes/stikkedizr/views/defaults/paste_form.php
@@ -28,7 +28,8 @@
 					<label for="title">
 						<i class="fa fa-flag"></i> <?php echo lang('paste_title'); ?>
 					</label>
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="form-control" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'form-control', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 
 				<div class="col-3 col-sm-12 col-lg-3">