Please login or register.

Login with username, password and session length
Advanced search  

News:

You need/want an older version of sNews ? Download an older/unsupported version here.

Author Topic: sNews 1.5.31 UPDATED - 06.02.2007.  (Read 3713 times)

Luka

  • Administrator
  • ULTIMATE member
  • ******
  • Karma: 36
  • Posts: 1716
    • http://www.snewscms.com
sNews 1.5.31 UPDATED - 06.02.2007.
« on: February 06, 2007, 10:43:48 AM »

The zip files have been updated with buxfixes.

CHANGELOG
- removed decode() function and all its instances [comments(), new_comments()]
- cleanXSS function replaced with the code found at from http://quickwired.com/kallahar/smallprojects/php_xss_filter_function.php
- mathCaptcha validation issue fix
- Contact form charset bug fixed
Logged

piXelatedEmpire

  • MIA
  • ULTIMATE member
  • ******
  • Karma: 37
  • Posts: 1401
  • currently MIA
sNews 1.5.31 UPDATED - 06.02.2007.
« Reply #1 on: February 06, 2007, 11:05:50 AM »

GREAT thanks very much Luka

Can I suggest that all threads that relate to previous fixes etc in the Patches section are either closed or somehow made redundant.  Save confusion.
Logged
my apologies to the sNews crew, but I will be MIA for the forseeable future

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • I'm a self-made man and worships my creator.
    • p-ahlqvist.com
sNews 1.5.31 UPDATED - 06.02.2007.
« Reply #2 on: February 07, 2007, 05:51:27 PM »

Well, this was just great ;)... apart from the validation this works wonders...

I did it like this if someone like me do not wanna upload a fresh copy over the already modded one...


Number one
Simply delete the whole function_decode()
Quote
// HTML ENTITY DECODE
function decode($text, $html = 'yes') {
# convert to html friendly variants
$output = html_entity_decode($text, ENT_QUOTES, s('charset'));
# allow html (yes, no)
if ($html == 'no') {
$output = strip_tags($output);
# additonal code removal routine
$output = str_replace(array('<', '>', ''', '"'), '', $output);
}
return trim($output);
}
and the occurances of the decode call in the comment() and new_comments(). These lines should be swapped:

This on approx line 680
Quote
case ($tag == 'comment'): echo decode($r['comment'], 'yes'); break;
swapped for this:
Quote
case ($tag == 'comment'): echo $r['comment']; break;
This on approx line 868
Quote
$name = decode($r['name'], 'no');
swapped for this
Quote
$name = $r['name'];
And this on approx line 868
Quote
$comment = decode($r['comment'], 'no');
swapped for this:
Quote
$comment = $r['comment'];
Number two is would be to simply swap the entire existing cleanXSS function for the new one, and this is the new one:
Code: [Select]
// XSS CLEAN
function cleanXSS($val) {
# source from http://quickwired.com/kallahar/smallprojects/php_xss_filter_function.php
$val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val);
$search = 'abcdefghijklmnopqrstuvwxyz';
$search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$search .= '1234567890!@#$%^&*()';
$search .= '~`";:?+/={}[]-_|\'\\';
for ($i = 0; $i < strlen($search); $i++) {
$val = preg_replace('/(&#[x|X]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val);
$val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val);
}
$ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
$ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
$ra = array_merge($ra1, $ra2);
$found = true;
while ($found == true) {
$val_before = $val;
for ($i = 0; $i < sizeof($ra); $i++) {
$pattern = '/';
for ($j = 0; $j < strlen($ra[$i]); $j++) {
if ($j > 0) {
$pattern .= '(';
$pattern .= '(&#[x|X]0{0,8}([9][a][b]);?)?';
$pattern .= '|(�{0,8}([9][10][13]);?)?';
$pattern .= ')?';
}
$pattern .= $ra[$i][$j];
}
$pattern .= '/i';
$replacement = substr($ra[$i], 0, 2).''.substr($ra[$i], 2);
$val = preg_replace($pattern, $replacement, $val);
if ($val_before == $val) {$found = false;}
}
}
$allowedtags = "

  • ";
    $cstring = strip_tags($val, $allowedtags);
    $cstring = nl2br($cstring);
    return $cstring;
    }
    Number three
    Well, I don't know why, but I simply choose to swap this one for the new one aswell ;)... And here it is:
    Code: [Select]
    // CONTACT FORM
    function contact() {
    if (!isset($_POST['contactform'])) {
    echo '

    '.l('contact').'

    ';
    html_input('form', '', 'post', '', '', '', '', '', '', '', '', '', 'post', db('website'), '');
    html_input('text', 'name', 'name', '', '* '.l('name'), 'text', '', '', '', '', '', '', '', '', '');
    html_input('text', 'email', 'email', '', '* '.l('email'), 'text', '', '', '', '', '', '', '', '', '');
    html_input('text', 'weblink', 'weblink', '', l('url'), 'text', '', '', '', '', '', '', '', '', '');
    html_input('textarea', 'message', 'message', '', '* '.l('message'), '', '', '', '', '', '5', '5', '', '', '');
    echo mathCaptcha();
    echo '

    ';
    html_input('hidden', 'ip', 'ip', $_SERVER['REMOTE_ADDR'], '', '', '', '', '', '', '', '', '', '', '');
    html_input('hidden', 'time', 'time', time(), '', '', '', '', '', '', '', '', '', '', '');
    html_input('submit', 'contactform', 'contactform', l('submit'), '', '', '', '', '', '', '', '', '', '', '');
    echo '

    ';
    }
    else {
    $to = s('website_email');
    $subject = s('contact_subject');
    $name = trim($_POST['name']);
    # name: min 2 characters
    $name = strlen($name) > 1 ? clean(cleanXSS($name)) : null;
    $mail = trim($_POST['email']);
    # email: min 8 characters
    $mail = trim($_POST['email']);
    $mail = (strlen($mail) > 7 && preg_match( '/^[A-Z0-9._-]+@[A-Z0-9][A-Z0-9.-]{0,61}[A-Z0-9]\.[A-Z.]{2,6}$/i' , $mail)) ? clean(cleanXSS($mail)) : null;
    # URL: min 9 characters
    $url = trim($_POST['weblink']);
    $url = (strlen($url) > 8 && strpos($url, '?') === false) ? clean(cleanXSS($url)) : null;
    # message: min 10 characters
    $message = trim($_POST['message']);
    $message = strlen($message) > 9 ? stripslashes(cleanXSS($message)) : null;
    // remove the next line if you want to preserve HTML in the message body
    $message = strip_tags($message);
    # time: numeric only
    $now = is_numeric($_POST['time']) ? $_POST['time'] : null;
    # IP: max 15 characters
    $ip = (strlen($_POST['ip']) < 16) ? clean(cleanXSS($_POST['ip'])) : null;
    #math captcha is numeric
    $inputCalc = is_numeric($_POST['calc']) ? $_POST['calc'] : null;
    $sum = is_numeric($_POST['sum']) ? $_POST['sum'] : null;
    $calc = $inputCalc === $sum ? $inputCalc : null;
    if ($ip == $_SERVER['REMOTE_ADDR'] && (time() - $now) > 4 && $name && $mail && $message && $calc) {
    $header = "MIME-Version: 1.0\n";
    $header .= "Content-type: text/plain; charset=".s('charset')."\n";
    $header .= "From: \"$name\" <$mail>\r\nReply-To: \"$name\" <$mail>";
    $addUrl = isset($url) ? l('url').': '.$url."\n\n" : '';
    $body = $addUrl.l('message').":\n".$message;
    mail($to, $subject, $body, $header);
    echo notification('','','');
    echo '

    '.l('backhome').'

    ';
    }
    else {echo notification(l('contact_not_sent'),l('message_error'),'contact/');}
    }
    }
    Well, done so far. The mathcaptchas function can be left alone as it do not validate as of yet... After I done this I got all things working. That is the, in my case, swedish carachters to behave and show up as they should.
Logged
"It's only dead fish that goes with the flow... "
Updated