cuongpv/faveo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XSS patch for basic models

Browse Source
This commit is contained in:
Manish Verma
2021-03-12 19:28:16 +05:30
parent 5d8b86bf5e
commit 309a1557d9
6 changed files with 58 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/Agent/helpdesk/TicketController.php
View File

@@ -2786,7 +2786,7 @@ class TicketController extends Controller
$color = "<i class='fa fa-exclamation-triangle' title='".Lang::get('lang.accoutn-not-verified')."'></i>"; $color = "<i class='fa fa-exclamation-triangle' title='".Lang::get('lang.accoutn-not-verified')."'></i>";
} }
return "<a href='".$url."' title='".Lang::get('lang.see-profile1').' '.$name.'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:#508983'>".str_limit($name, 30).' <span style="color:#f75959">'.$color.'</span></span></a>'; return "<a href='".$url."' title='".Lang::get('lang.see-profile1').' '.strip_tags($name).'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:#508983'>".str_limit(strip_tags($name), 30).' <span style="color:#f75959">'.$color.'</span></span></a>';
}) })
->editColumn('a_uname', function ($tickets) { ->editColumn('a_uname', function ($tickets) {
if ($tickets->assigned_to == null && $tickets->name == null) { if ($tickets->assigned_to == null && $tickets->name == null) {
@@ -2797,11 +2797,11 @@ class TicketController extends Controller
$assign = utfEncoding($tickets->a_fname).' '.utfEncoding($tickets->a_lname); $assign = utfEncoding($tickets->a_fname).' '.utfEncoding($tickets->a_lname);
$url = route('user.show', $tickets->assigned_to); $url = route('user.show', $tickets->assigned_to);
return "<a href='".$url."' title='".Lang::get('lang.see-profile1').' '.$assign.'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:green'>".mb_substr($assign, 0, 30, 'UTF-8').'</span></a>'; return "<a href='".$url."' title='".Lang::get('lang.see-profile1').' '.strip_tags($assign).'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:green'>".mb_substr(strip_tags($assign), 0, 30, 'UTF-8').'</span></a>';
} else { } else {
$url1 = '#'; $url1 = '#';
return "<a href='".$url1."' title='".Lang::get('lang.see-profile1').' '.ucfirst($tickets->name).'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:green'>".mb_substr(ucfirst($tickets->name), 0, 30, 'UTF-8').'</span></a>'; return "<a href='".$url1."' title='".Lang::get('lang.see-profile1').' '.ucfirst(strip_tags($tickets->name)).'&apos;'.Lang::get('lang.see-profile2')."'><span style='color:green'>".mb_substr(ucfirst(strip_tags($tickets->name)), 0, 30, 'UTF-8').'</span></a>';
} }
} }
}) })

5
app/Http/Requests/helpdesk/ClientRequest.php
View File

@@ -41,6 +41,8 @@ class ClientRequest extends Request
'Email' => 'required|email', 'Email' => 'required|email',
'Subject' => 'required', 'Subject' => 'required',
'Details' => 'required', 'Details' => 'required',
'mobile' => 'numeric',
'Phone' => 'numeric',
]; ];
$custom_rule = $this->getCustomRule(); $custom_rule = $this->getCustomRule();
$rules = array_merge($current_rule, $custom_rule); $rules = array_merge($current_rule, $custom_rule);
@@ -133,7 +135,8 @@ class ClientRequest extends Request
'Email' => 'email', 'Email' => 'email',
'Subject' => 'required', 'Subject' => 'required',
'Details' => 'required', 'Details' => 'required',
'mobile' => 'required', 'mobile' => 'required|numeric',
'Phone' => 'numeric',
]; ];
} else { } else {
return [ return [

2
app/Model/helpdesk/Ticket/Ticket_Thread.php
View File

@@ -132,7 +132,7 @@ class Ticket_Thread extends Model
public function getSubject() public function getSubject()
{ {
$subject = $this->attributes['title']; $subject = strip_tags($this->attributes['title']);
$array = imap_mime_header_decode($subject); $array = imap_mime_header_decode($subject);
$title = ''; $title = '';
if (is_array($array) && count($array) > 0) { if (is_array($array) && count($array) > 0) {

20
app/Model/kb/Comment.php
View File

@@ -12,4 +12,24 @@ class Comment extends BaseModel
{ {
protected $table = 'kb_comment'; protected $table = 'kb_comment';
protected $fillable = ['article_id', 'name', 'email', 'website', 'comment', 'status']; protected $fillable = ['article_id', 'name', 'email', 'website', 'comment', 'status'];
public function setNameAttribute($value)
{
$this->attributes['name'] = strip_tags($value);
}
public function setCommentAttribute($value)
{
$this->attributes['comment'] = strip_tags($value);
}
public function getNameAttribute($value)
{
return strip_tags($value);
}
public function getCommentAttribute($value)
{
return strip_tags($value);
}
} }

29
app/User.php
View File

@@ -176,6 +176,35 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
return $this->name(); return $this->name();
} }
public function getFirstNameAttribute($value)
{
return strip_tags($value);
}
public function getLastNameAttribute($value)
{
return strip_tags($value);
}
public function getUserNameAttribute($value)
{
return strip_tags($value);
}
public function setFirstNameAttribute($value)
{
$this->attributes['first_name']=strip_tags($value);
}
public function setLastNameAttribute($value)
{
$this->attributes['last_name']= strip_tags($value);
}
public function setUserNameAttribute($value)
{
$this->attributes['user_name']= strip_tags($value);
}
/** /**
* Get the identifier that will be stored in the subject claim of the JWT. * Get the identifier that will be stored in the subject claim of the JWT.
* *

2
resources/views/themes/default1/agent/helpdesk/ticket/timeline.blade.php
View File

@@ -1219,7 +1219,7 @@ if ($thread->title != "") {
<select class="form-control" id="select-merge-parent" name='p_id' data-placeholder="{!! Lang::get('lang.select_tickets') !!}" style="width: 100%;"><option value="{{$tickets->id}}"><?php <select class="form-control" id="select-merge-parent" name='p_id' data-placeholder="{!! Lang::get('lang.select_tickets') !!}" style="width: 100%;"><option value="{{$tickets->id}}"><?php
$ticket_data = App\Model\helpdesk\Ticket\Ticket_Thread::select('title')->where('ticket_id', "=", $tickets->id)->first(); $ticket_data = App\Model\helpdesk\Ticket\Ticket_Thread::select('title')->where('ticket_id', "=", $tickets->id)->first();
echo $ticket_data->title; echo strip_tags($ticket_data->title);
?></option></select> ?></option></select>
</div> </div>
</div> </div>