mantisbt bug_view_advanced_page.php,1.76,1.76.6.1 bug_view_page.php,1.77,1.77.6.1 changelog_page.php,1.15,1.15.12.1 manage_config_email_page.php,1.8,1.8.8.1 manage_config_work_threshold_page.php,1.11,1.11.6.1 manage_config_workflow_page.php,1.16,1.16.6.1 manage_proj_create.php,1.7,1.7.14.1 manage_proj_edit_page.php,1.92,1.92.6.1 print_all_bug_page.php,1.83,1.83.10.1 print_bug_page.php,1.56,1.56.6.1

Update of /cvsroot/mantisbt/mantisbt
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24639

Modified Files:
      Tag: BRANCH_1_0_0rc4
        bug_view_advanced_page.php bug_view_page.php 
        changelog_page.php manage_config_email_page.php 
        manage_config_work_threshold_page.php 
        manage_config_workflow_page.php manage_proj_create.php 
        manage_proj_edit_page.php print_all_bug_page.php 
        print_bug_page.php 
Log Message:
fix for 0006546: Port #6544: XSS Vulnerability in project name 
(TKADV2005-11-002)
 - Prevent HTML or scripts from being embedded in project name
 - Remove unwarranted HTML from project name


Index: manage_config_workflow_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_config_workflow_page.php,v
retrieving revision 1.16
retrieving revision 1.16.6.1
diff -u -d -r1.16 -r1.16.6.1
--- manage_config_workflow_page.php     31 Aug 2005 22:49:46 -0000      1.16
+++ manage_config_workflow_page.php     1 Jan 2006 02:58:50 -0000       1.16.6.1
@@ -398,7 +398,7 @@
        if ( ALL_PROJECTS == $t_project ) {
            $t_project_title = lang_get( 'config_all_projects' );
        } else {
-           $t_project_title = sprintf( lang_get( 'config_project' ) , 
project_get_name( $t_project ) );
+           $t_project_title = sprintf( lang_get( 'config_project' ) , 
string_display( project_get_name( $t_project ) ) );
        }
        echo '<p class="bold">' . $t_project_title . '</p>' . "\n";
        echo '<p>' . lang_get( 'colour_coding' ) . '<br />';

Index: changelog_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/changelog_page.php,v
retrieving revision 1.15
retrieving revision 1.15.12.1
diff -u -d -r1.15 -r1.15.12.1
--- changelog_page.php  21 Apr 2005 22:38:03 -0000      1.15
+++ changelog_page.php  1 Jan 2006 02:58:50 -0000       1.15.12.1
@@ -21,7 +21,7 @@
                $t_version_name = version_get_field( $p_version_id, 'version' );
                $t_project_name = project_get_field( $t_project_id, 'name' );
 
-               $t_release_title = $t_project_name . ' - ' . $t_version_name;
+               $t_release_title = string_display( $t_project_name ) . ' - ' . 
string_display( $t_version_name );
                echo $t_release_title, '<br />';
                echo str_pad( '', strlen( $t_release_title ), '=' ), '<br />';
 
@@ -74,7 +74,7 @@
 
                $t_version_rows = version_get_all_rows( $t_project_id );
 
-               echo '<br /><span class="pagetitle">', $t_project_name, ' - ', 
lang_get( 'changelog' ), '</span><br /><br />';
+               echo '<br /><span class="pagetitle">', string_display( 
$t_project_name ), ' - ', lang_get( 'changelog' ), '</span><br /><br />';
                echo '<tt>';
 
                $i = 0;

Index: bug_view_advanced_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/bug_view_advanced_page.php,v
retrieving revision 1.76
retrieving revision 1.76.6.1
diff -u -d -r1.76 -r1.76.6.1
--- bug_view_advanced_page.php  10 Aug 2005 19:59:13 -0000      1.76
+++ bug_view_advanced_page.php  1 Jan 2006 02:58:50 -0000       1.76.6.1
@@ -144,7 +144,7 @@
        <!-- Category -->
        <td>
                <?php
-                       $t_project_name = project_get_field( 
$t_bug->project_id, 'name' );
+                       $t_project_name = string_display( project_get_field( 
$t_bug->project_id, 'name' ) );
                        echo "[$t_project_name] $t_bug->category";
                ?>
        </td>

Index: manage_proj_create.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_proj_create.php,v
retrieving revision 1.7
retrieving revision 1.7.14.1
diff -u -d -r1.7 -r1.7.14.1
--- manage_proj_create.php      13 Feb 2005 21:36:17 -0000      1.7
+++ manage_proj_create.php      1 Jan 2006 02:58:50 -0000       1.7.14.1
@@ -25,7 +25,7 @@
        $f_status               = gpc_get_int( 'status' );
        $f_file_path    = gpc_get_string( 'file_path', '' );
 
-       $t_project_id = project_create( $f_name, $f_description, $f_status, 
$f_view_state, $f_file_path );
+       $t_project_id = project_create( string_strip_tags( $f_name ), 
$f_description, $f_status, $f_view_state, $f_file_path );
 
        if ( ( $f_view_state == VS_PRIVATE ) && ( false === 
current_user_is_administrator() ) ) {
                $t_access_level = access_get_global_level();

Index: bug_view_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/bug_view_page.php,v
retrieving revision 1.77
retrieving revision 1.77.6.1
diff -u -d -r1.77 -r1.77.6.1
--- bug_view_page.php   10 Aug 2005 19:59:13 -0000      1.77
+++ bug_view_page.php   1 Jan 2006 02:58:50 -0000       1.77.6.1
@@ -146,7 +146,7 @@
        <!-- Category -->
        <td>
                <?php
-                       $t_project_name = project_get_field( 
$t_bug->project_id, 'name' );
+                       $t_project_name = string_display( project_get_field( 
$t_bug->project_id, 'name' ) );
                        echo "[$t_project_name] $t_bug->category";
                ?>
        </td>

Index: print_bug_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/print_bug_page.php,v
retrieving revision 1.56
retrieving revision 1.56.6.1
diff -u -d -r1.56 -r1.56.6.1
--- print_bug_page.php  10 Aug 2005 20:07:01 -0000      1.56
+++ print_bug_page.php  1 Jan 2006 02:58:50 -0000       1.56.6.1
@@ -65,7 +65,7 @@
 <table class="width100" cellspacing="1">
 <tr>
        <td class="form-title" colspan="6">
-               <div class="center"><?php echo config_get( 'window_title' ) . ' 
- ' . project_get_name( $v_project_id ) ?></div>
+               <div class="center"><?php echo config_get( 'window_title' ) . ' 
- ' . string_display( project_get_name( $v_project_id ) ) ?></div>
        </td>
 </tr>
 <tr>

Index: manage_config_work_threshold_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_config_work_threshold_page.php,v
retrieving revision 1.11
retrieving revision 1.11.6.1
diff -u -d -r1.11 -r1.11.6.1
--- manage_config_work_threshold_page.php       1 Aug 2005 13:42:55 -0000       
1.11
+++ manage_config_work_threshold_page.php       1 Jan 2006 02:58:50 -0000       
1.11.6.1
@@ -242,7 +242,7 @@
        if ( ALL_PROJECTS == $t_project_id ) {
            $t_project_title = lang_get( 'config_all_projects' );
        } else {
-           $t_project_title = sprintf( lang_get( 'config_project' ) , 
project_get_name( $t_project_id ) );
+           $t_project_title = sprintf( lang_get( 'config_project' ) , 
string_display( project_get_name( $t_project_id ) ) );
        }
        echo '<p class="bold">' . $t_project_title . '</p>' . "\n";
        echo '<p>' . lang_get( 'colour_coding' ) . '<br />';

Index: manage_proj_edit_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_proj_edit_page.php,v
retrieving revision 1.92
retrieving revision 1.92.6.1
diff -u -d -r1.92 -r1.92.6.1
--- manage_proj_edit_page.php   26 Jul 2005 12:41:02 -0000      1.92
+++ manage_proj_edit_page.php   1 Jan 2006 02:58:50 -0000       1.92.6.1
@@ -244,7 +244,7 @@
                 continue;
                }
 ?>
-                               <option value="<?php echo $t_project['id'] 
?>"><?php echo $t_project['name'] ?></option>
+                               <option value="<?php echo $t_project['id'] 
?>"><?php echo string_attribute( $t_project['name'] ) ?></option>
 <?php
        } # End looping over projects
 ?>

Index: print_all_bug_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/print_all_bug_page.php,v
retrieving revision 1.83
retrieving revision 1.83.10.1
diff -u -d -r1.83 -r1.83.10.1
--- print_all_bug_page.php      24 May 2005 23:22:48 -0000      1.83
+++ print_all_bug_page.php      1 Jan 2006 02:58:50 -0000       1.83.10.1
@@ -79,7 +79,7 @@
 
 <table class="width100"><tr><td class="form-title">
        <div class="center">
-               <?php echo config_get( 'window_title' ) . ' - ' . 
project_get_name( $t_project_id ); ?>
+               <?php echo config_get( 'window_title' ) . ' - ' . 
string_display( project_get_name( $t_project_id ) ); ?>
        </div>
 </td></tr></table>
 

Index: manage_config_email_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_config_email_page.php,v
retrieving revision 1.8
retrieving revision 1.8.8.1
diff -u -d -r1.8 -r1.8.8.1
--- manage_config_email_page.php        16 Jul 2005 01:46:03 -0000      1.8
+++ manage_config_email_page.php        1 Jan 2006 02:58:50 -0000       1.8.8.1
@@ -229,7 +229,7 @@
            if ( ALL_PROJECTS == $t_project ) {
                $t_project_title = lang_get( 'config_all_projects' );
            } else {
-               $t_project_title = sprintf( lang_get( 'config_project' ) , 
project_get_name( $t_project ) );
+               $t_project_title = sprintf( lang_get( 'config_project' ) , 
string_display( project_get_name( $t_project ) ) );
            }
            echo '<p class="bold">' . $t_project_title . '</p>' . "\n";
            echo '<p>' . lang_get( 'colour_coding' ) . '<br />';



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click