Fixed some XSS and SQL injection issues

git-svn-id: https://svn.roundcube.net/trunk@319 208e9e7b-5314-0410-a742-e7e81cd9613c
author: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2006-08-16 08:06:31 +0000
committer: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2006-08-16 08:06:31 +0000
commit: 6a1e26a23c7b6f58c35f2f7730a65f116a02849b (patch)
tree: abf0fc3ebe12f4eabd19c4dfc0bebc3dfaa260dd /roundcubemail/program
parent: 22e44bcebaedf1ea36443a2576399e27c64ad2be (diff)
3 files changed, 4 insertions, 5 deletions
diff --git a/roundcubemail/program/steps/error.inc b/roundcubemail/program/steps/error.inc
index aa8036afe..2d87a9da4 100644
--- a/roundcubemail/program/steps/error.inc
+++ b/roundcubemail/program/steps/error.inc
@@ -53,7 +53,7 @@ else if ($ERROR_CODE==401)
 else if ($ERROR_CODE==404)
   {
   $__error_title = "REQUEST FAILED/FILE NOT FOUND";
-  $request_url = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
+  $request_url = htmlentities($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
   $__error_text  = <<<EOF
 The requested page was not found!<br />
 Please contact your server-administrator.
diff --git a/roundcubemail/program/steps/settings/edit_identity.inc b/roundcubemail/program/steps/settings/edit_identity.inc
index 07cd8fa02..316eec785 100644
--- a/roundcubemail/program/steps/settings/edit_identity.inc
+++ b/roundcubemail/program/steps/settings/edit_identity.inc
@@ -21,12 +21,11 @@
 
 if (($_GET['_iid'] || $_POST['_iid']) && $_action=='edit-identity')
   {
-  $id = $_POST['_iid'] ? $_POST['_iid'] : $_GET['_iid'];
   $DB->query("SELECT * FROM ".get_table_name('identities')."
               WHERE  identity_id=?
               AND    user_id=?
               AND    del<>1",
-              $id,
+              get_input_value('_iid', RCUBE_INPUT_GPC),
               $_SESSION['user_id']);
   
   $IDENTITY_RECORD = $DB->fetch_assoc();
diff --git a/roundcubemail/program/steps/settings/save_identity.inc b/roundcubemail/program/steps/settings/save_identity.inc
index 9df6c61cb..2d64dc7b3 100644
--- a/roundcubemail/program/steps/settings/save_identity.inc
+++ b/roundcubemail/program/steps/settings/save_identity.inc
@@ -55,7 +55,7 @@ if ($_POST['_iid'])
                 WHERE  identity_id=?
                 AND    user_id=?
                 AND    del<>1",
-                $_POST['_iid'],
+                get_input_value('_iid', RCUBE_INPUT_POST),
                 $_SESSION['user_id']);
                        
     $updated = $DB->affected_rows();
@@ -72,7 +72,7 @@ if ($_POST['_iid'])
                 AND    identity_id<>?
                 AND    del<>1",
                 $_SESSION['user_id'],
-                $_POST['_iid']);
+                get_input_value('_iid', RCUBE_INPUT_POST));
     
     if ($_POST['_framed'])
       {
author	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2006-08-16 08:06:31 +0000
committer	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2006-08-16 08:06:31 +0000
commit	6a1e26a23c7b6f58c35f2f7730a65f116a02849b (patch)
tree	abf0fc3ebe12f4eabd19c4dfc0bebc3dfaa260dd /roundcubemail/program
parent	22e44bcebaedf1ea36443a2576399e27c64ad2be (diff)