From e6a5f797de7381791537b736eb83b71c6fb28b39 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 11:34:43 +0200 Subject: [ci skip] Fix Profiler not applying htmlspecialchars() to all inputs --- system/libraries/Profiler.php | 44 +++++++++++++++---------------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 19 insertions(+), 26 deletions(-) diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index cc7641436..cf455d3da 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -314,12 +314,14 @@ class CI_Profiler { foreach ($_GET as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_GET['
 					.$key.']   '
-					.((is_array($val) OR is_object($val)) ? '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
' : htmlspecialchars(stripslashes($val)))
-					."\n";
+					.$val."\n";
 			}
 
 			$output .= "\n";
@@ -352,36 +354,26 @@ class CI_Profiler {
 
 			foreach ($_POST as $key => $val)
 			{
-				is_int($key) OR $key = "'".$key."'";
+				is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
+				$val = (is_array($val) OR is_object($val))
+					? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_POST['
-					.$key.']   ';
-
-				if (is_array($val) OR is_object($val))
-				{
-					$output .= '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
';
-				}
-				else
-				{
-					$output .= htmlspecialchars(stripslashes($val));
-				}
-
-				$output .= "\n";
+					.$key.']   '
+					.$val."\n";
 			}
 
 			foreach ($_FILES as $key => $val)
 			{
-				is_int($key) OR $key = "'".$key."'";
+				is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
+				$val = (is_array($val) OR is_object($val))
+					? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_FILES['
-					.$key.']   ';
-
-				if (is_array($val) OR is_object($val))
-				{
-					$output .= '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
';
-				}
-
-				$output .= "\n";
+					.$key.']   '
+					.$val."\n";
 			}
 
 			$output .= "\n";
@@ -465,7 +457,7 @@ class CI_Profiler {
 
 		foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header)
 		{
-			$val = isset($_SERVER[$header]) ? $_SERVER[$header] : '';
+			$val = isset($_SERVER[$header]) ? htmlspecialchars($_SERVER[$header], ENT_QUOTES, config_item('charset')) : '';
 			$output .= ''
 				.$header.'  '.$val."\n";
 		}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 12d1fc4a3..4f2bfc04e 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -39,6 +39,7 @@ Bug fixes for 3.0.5
 -  Fixed a bug where :doc:`Session Library ` didn't clean-up internal variables for emulated locks with the 'memcached' driver.
 -  Fixed a bug where :doc:`Database ` transactions didn't work with the 'ibase' driver.
 -  Fixed a bug (#4475) - :doc:`Security Library ` method ``strip_image_tags()`` preserves only the first URL character from non-quoted *src* attributes.
+-  Fixed a bug where :doc:`Profiler Library ` didn't apply ``htmlspecialchars()`` to all displayed inputs.
 
 Version 3.0.4
 =============
-- 
cgit v1.2.3-24-g4f1b