SiT! Bugs

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000130SiT!otherpublic2008-07-21 16:382010-03-27 12:31
Reporterivan 
Assigned Toivan 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target Version3.60 LTSFixed in Version3.60 LTS 
Summary0000130: $_SESSION['formdata'] contains raw input with no checking
DescriptionSession formdata (which is used for returning data to forms when an input error has occurred) contains raw GET or POST data, tags are not stripped etc.

e.g.
$_SESSION['formdata']['add_task'] = $_POST;

This is then used in the form e.g.
echo "value='{$_SESSION['formdata']['add_task']['name']}'";

This is potentially very dangerous, we should cleanvar these variables before use.
Additional InformationWe need to work out cleanvar() or equiv. for the following data input/output cases

HTML form -> database, database -> HTML form, HTML form -> HTML form (the formdata), HTML form -> email, database -> email, email -> database

The test data at http://sitracker.org/wiki/Development/Test_Data [^] should be able to be input/stored and edited in every form, and also accepted as email in, and ok in email out.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
User avatar (0000109)
paulh (administrator)
2008-10-07 11:14

Need to check all vars got are clean
User avatar (0000130)
ivan (administrator)
2008-10-23 15:44

Adding a contact with surname O'Neil and then editing that contact causes the surname to be munged.
User avatar (0000195)
ivan (administrator)
2008-11-18 11:46

This isn't a blocking bug, it's not great but it's not that bad.
User avatar (0001153)
ivan (administrator)
2009-05-29 14:57

Still fails for the test data in most cases, but it's not fatal and it's not very high visibility, bumping to 3.60 release as we don't have time left for this.
User avatar (0002751)
ivan (administrator)
2010-03-20 16:11

Fixed in 3.x svn r6291
User avatar (0002845)
ivan (administrator)
2010-03-23 21:39

Fixed in git 8cb65b3

- Issue History
Date Modified Username Field Change
2008-07-21 16:38 ivan New Issue
2008-10-07 11:14 paulh Note Added: 0000109
2008-10-07 11:14 paulh Assigned To => ivan
2008-10-07 11:14 paulh Status new => feedback
2008-10-23 15:44 ivan Note Added: 0000130
2008-10-28 09:27 ivan Target Version 3.40 => 3.41
2008-10-28 09:27 ivan Additional Information Updated
2008-11-18 11:46 ivan Note Added: 0000195
2008-11-18 11:46 ivan Severity block => major
2008-11-29 23:32 kieran Target Version 3.41 => 3.45
2009-01-28 15:17 paulh Target Version 3.45 => 3.50
2009-05-29 14:48 ivan Additional Information Updated
2009-05-29 14:57 ivan Note Added: 0001153
2009-05-29 14:57 ivan Status feedback => assigned
2009-05-29 14:57 ivan Target Version 3.50 => 3.60
2010-03-20 16:11 ivan Fixed in Version 3.60 LTS => Current SVN
2010-03-20 16:11 ivan Note Added: 0002751
2010-03-20 16:11 ivan Status assigned => resolved
2010-03-20 16:11 ivan Fixed in Version => 3.60 LTS
2010-03-20 16:11 ivan Resolution open => fixed
2010-03-23 21:39 ivan Note Added: 0002845
2010-03-27 11:16 ivan Fixed in Version Current SVN => 3.60 LTS
2010-03-27 12:31 ivan Status resolved => closed


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker