mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-24 02:21:43 +02:00
Code Issues Releases Wiki Activity

[ticket/security/279] Use rawurlencode for escaping smilie URLs

Browse Source 
SECURITY-279
This commit is contained in:
Derky
2023-09-21 15:41:20 +02:00
committed by Marc Alexander
parent d8ac6f575e
commit c4f42c1573
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/acp/acp_icons.php
View File

@@ -654,7 +654,7 @@ class acp_icons
{ {
$replace_sql = ($mode == 'smilies') ? $code : $img; $replace_sql = ($mode == 'smilies') ? $code : $img;
$sql = array( $sql = array(
$fields . '_url' => utf8_substr(htmlspecialchars($img, ENT_COMPAT), 0, 50), $fields . '_url' => utf8_substr(rawurlencode($img), 0, 50),
$fields . '_height' => (int) $height, $fields . '_height' => (int) $height,
$fields . '_width' => (int) $width, $fields . '_width' => (int) $width,
'display_on_posting' => (int) $display_on_posting, 'display_on_posting' => (int) $display_on_posting,
@@ -676,7 +676,7 @@ class acp_icons
++$order; ++$order;
$sql = array( $sql = array(
$fields . '_url' => utf8_substr(htmlspecialchars($img, ENT_COMPAT), 0, 50), $fields . '_url' => utf8_substr(rawurlencode($img), 0, 50),
$fields . '_height' => (int) $height, $fields . '_height' => (int) $height,
$fields . '_width' => (int) $width, $fields . '_width' => (int) $width,
$fields . '_order' => (int) $order, $fields . '_order' => (int) $order,