hmrhkr
/
Mailadminscript
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use htmlentities to mitigate potential XSS vulnerabilities

This commit is contained in:
Humorhenker 2019-09-27 14:41:48 +02:00
parent a48be33024
commit 632d9ccfeb
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
public/admin.php
View File

@ -33,7 +33,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
echo 'Erfolgreich geändert.'; echo 'Erfolgreich geändert.';
} }
if (isset($_GET['fehler'])) { if (isset($_GET['fehler'])) {
echo '<h3>Fehler: ' . $_GET['fehler'] . '</h3>'; echo '<h3>Fehler: ' . htmlentities($_GET['fehler']) . '</h3>';
} }
echo '<a href="settings.php"><p>Normale Einstellungen</p></a><a href="logout.php"><button>Logout</button></a>'; echo '<a href="settings.php"><p>Normale Einstellungen</p></a><a href="logout.php"><button>Logout</button></a>';
echo '<h3>Mailadresse aktivieren:</h3> echo '<h3>Mailadresse aktivieren:</h3>
@ -42,7 +42,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
$abfrage = "SELECT `id`, `username`, `domain` FROM `accounts` WHERE `enabled` LIKE 0"; $abfrage = "SELECT `id`, `username`, `domain` FROM `accounts` WHERE `enabled` LIKE 0";
$result = $dbh->query($abfrage); $result = $dbh->query($abfrage);
while ($emails = $result->fetch()) { while ($emails = $result->fetch()) {
echo '<option value="' . $emails['id'] . '">' . $emails['username'] . '@' . $emails['domain'] . '</option>'; echo '<option value="' . htmlentities($emails['id']) . '">' . htmlentities($emails['username']) . '@' . htmlentities($emails['domain']) . '</option>';
} }
echo '</select></label> echo '</select></label>
<input type="submit" name="submit" value="aktivieren"/>'; <input type="submit" name="submit" value="aktivieren"/>';
@ -54,7 +54,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
$abfrage = "SELECT `id`, `username`, `domain` FROM `accounts` WHERE `enabled` LIKE 1"; $abfrage = "SELECT `id`, `username`, `domain` FROM `accounts` WHERE `enabled` LIKE 1";
$result = $dbh->query($abfrage); $result = $dbh->query($abfrage);
while ($emails = $result->fetch()) { while ($emails = $result->fetch()) {
echo '<option value="' . $emails['id'] . '">' . $emails['username'] . '@' . $emails['domain'] . '</option>'; echo '<option value="' . htmlentities($emails['id']) . '">' . htmlentities($emails['username']) . '@' . htmlentities($emails['domain']) . '</option>';
} }
echo '</select></label> echo '</select></label>
<input type="submit" name="submit" value="deaktivieren"/> <input type="submit" name="submit" value="deaktivieren"/>
@ -65,7 +65,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
$abfrage = "SELECT `id`, `domain` FROM `domains`"; $abfrage = "SELECT `id`, `domain` FROM `domains`";
$result = $dbh->query($abfrage); $result = $dbh->query($abfrage);
while ($domains = $result->fetch()) { while ($domains = $result->fetch()) {
echo '<option value="' . $domains['id'] . '">' . $domains['domain'] . '</option>'; echo '<option value="' . htmlentities($domains['id']) . '">' . htmlentities($domains['domain']) . '</option>';
} }
echo '</select> (benutze nicht ' . "'" . ')</label> echo '</select> (benutze nicht ' . "'" . ')</label>
<label>Neues Passwort<input type="password" name="newmailpw"/>(min. 8 Zeichen, benutze nicht ' . "'" . ')</label> <label>Neues Passwort<input type="password" name="newmailpw"/>(min. 8 Zeichen, benutze nicht ' . "'" . ')</label>
@ -78,7 +78,7 @@ echo '</select> (benutze nicht ' . "'" . ')</label>
$abfrage = "SELECT `id`, `username`, `domain` FROM `accounts`"; $abfrage = "SELECT `id`, `username`, `domain` FROM `accounts`";
$result = $dbh->query($abfrage); $result = $dbh->query($abfrage);
while ($emails = $result->fetch()) { while ($emails = $result->fetch()) {
echo '<option value="' . $emails['id'] . '">' . $emails['username'] . '@' . $emails['domain'] . '</option>'; echo '<option value="' . htmlentities($emails['id']) . '">' . htmlentities($emails['username']) . '@' . $emails['domain'] . '</option>';
} }
echo '</select></label> echo '</select></label>
<input type="submit" name="submit" value="ENTFERNEN"/> <input type="submit" name="submit" value="ENTFERNEN"/>

2
public/settings.php
View File

@ -28,7 +28,7 @@ if ($_SESSION['log'] == 1) {
<title>Mail Settings</title> <title>Mail Settings</title>
</head> </head>
<body> <body>
<h1>Mail Settings:</h1><p>Guten Tag, ' . $_SESSION['username'] . '@' . $_SESSION['domain'] . '</p>'; <h1>Mail Settings:</h1><p>Guten Tag, ' . htmlentities($_SESSION['username']) . '@' . htmlentities($_SESSION['domain']) . '</p>';
$randval = rand(0, 99); $randval = rand(0, 99);
echo '<!-- '. $randval . ' -->'; echo '<!-- '. $randval . ' -->';
if (rand(0,99) == 42) { if (rand(0,99) == 42) {

2
public/unsub.php
View File

@ -45,7 +45,7 @@ echo '<h2>Mailliste Abmeldung:</h2>
<form method="POST" action="bin/unsubmaillistpre.php"> <form method="POST" action="bin/unsubmaillistpre.php">
<label>Maillistadresse: <input name="source_adress" type="text"'; <label>Maillistadresse: <input name="source_adress" type="text"';
if (isset($_GET['maillist'])) { if (isset($_GET['maillist'])) {
echo 'value="' . htmlspecialchars($_GET['maillist']) . '" readonly="true"'; echo 'value="' . htmlentities($_GET['maillist']) . '" readonly="true"';
} }
echo '/></label> echo '/></label>
<label>Nutzeradresse: <input name="destination_adress" type="text"/></label> <label>Nutzeradresse: <input name="destination_adress" type="text"/></label>