Issue 14324: Sanitize profile input

diff --git a/database.sql b/database.sql
index 6f5ca5fec6c07f9d050dbd7fb77b8d840a85a63a..eef9c762fa5f06325a2b67f646d3fccad861123f 100644 (file)
--- a/database.sql
+++ b/database.sql
@@ -1,6 +1,6 @@
 -- ------------------------------------------
 -- Friendica 2024.06-rc (Yellow Archangel)
--- DB_UPDATE_VERSION 1570
+-- DB_UPDATE_VERSION 1571
 -- ------------------------------------------
 
 

diff --git a/src/Module/Settings/Profile/Index.php b/src/Module/Settings/Profile/Index.php
index 96da3807fa15ff4483498d5773819fe0ecfff8ee..eb020297c8b50f5e7ba6eef28daefaf3add78117 100644 (file)
--- a/src/Module/Settings/Profile/Index.php
+++ b/src/Module/Settings/Profile/Index.php
@@ -125,9 +125,9 @@ class Index extends BaseSettings
                $country_name = trim($request['country_name']);
                $pub_keywords = self::cleanKeywords(trim($request['pub_keywords']));
                $prv_keywords = self::cleanKeywords(trim($request['prv_keywords']));
-               $xmpp         = trim($request['xmpp']);
-               $matrix       = trim($request['matrix']);
-               $homepage     = trim($request['homepage']);
+               $xmpp         = $this->cleanInput(trim($request['xmpp']));
+               $matrix       = $this->cleanInput(trim($request['matrix']));
+               $homepage     = $this->cleanInput(trim($request['homepage']));
                if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
                        // neither http nor https in URL, add them
                        $homepage = 'http://' . $homepage;
@@ -358,6 +358,11 @@ class Index extends BaseSettings
                return $profileFields;
        }
 
+       private function cleanInput(string $input): string
+       {
+               return str_replace(['<', '>', '"', ' '], '', $input);
+       }
+
        private static function cleanKeywords($keywords): string
        {
                $keywords = str_replace(',', ' ', $keywords);

diff --git a/static/dbstructure.config.php b/static/dbstructure.config.php
index b8b17ef044ab970dd09d71f36962fe8952b25077..771c24d693ca6d775c6032b8fc9e9da6d640b73c 100644 (file)
--- a/static/dbstructure.config.php
+++ b/static/dbstructure.config.php
@@ -56,7 +56,7 @@ use Friendica\Database\DBA;
 
 // This file is required several times during the test in DbaDefinition which justifies this condition
 if (!defined('DB_UPDATE_VERSION')) {
-       define('DB_UPDATE_VERSION', 1570);
+       define('DB_UPDATE_VERSION', 1571);
 }
 
 return [

diff --git a/update.php b/update.php
index 3b9b4f1c1427e3d05dcea14987993f5d131ddf39..f2f5072eba83da11686060d4cdbe6e2d39895ba2 100644 (file)
--- a/update.php
+++ b/update.php
@@ -1486,4 +1486,31 @@ function update_1566()
                Profile::setResponsibleRelayContact($user['uid']);
        }
        DBA::close($users);
-}
\ No newline at end of file
+}
+
+function update_1571()
+{
+       $profiles = DBA::select('profile', ['uid', 'homepage', 'xmpp', 'matrix']);
+       while ($profile = DBA::fetch($profiles)) {
+               $homepage = str_replace(['<', '>', '"', ' '], '', $profile['homepage']);
+               $xmpp     = str_replace(['<', '>', '"', ' '], '', $profile['xmpp']);
+               $matrix   = str_replace(['<', '>', '"', ' '], '', $profile['matrix']);
+
+               $fields = [];
+               if ($homepage != $profile['homepage']) {
+                       $fields['homepage'] = $homepage;
+               }
+               if ($xmpp != $profile['xmpp']) {
+                       $fields['xmpp'] = $xmpp;
+               }
+               if ($matrix != $profile['matrix']) {
+                       $fields['matrix'] = $matrix;
+               }
+               if (!empty($fields)) {
+                       Profile::update($fields, $profile['uid']);
+               }
+       }
+       DBA::close($profiles);
+
+       return Update::SUCCESS;
+}