From e6dce5f55626d47bcdb48786cd67ac45c9006121 Mon Sep 17 00:00:00 2001
From: Krayon <krayon.git@qdnx.org>
Date: Tue, 1 Feb 2022 02:13:19 +1100
Subject: Corrected XSS vuln in title param

( reported in https://github.com/claudehohl/Stikked/issues/556 )
---
 htdocs/themes/bootstrap/views/defaults/paste_form.php  | 3 ++-
 htdocs/themes/cleanwhite/views/defaults/paste_form.php | 3 ++-
 htdocs/themes/default/views/defaults/paste_form.php    | 3 ++-
 htdocs/themes/geocities/views/defaults/paste_form.php  | 3 ++-
 htdocs/themes/i386/views/defaults/paste_form.php       | 3 ++-
 htdocs/themes/stikkedizr/views/defaults/paste_form.php | 3 ++-
 6 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/htdocs/themes/bootstrap/views/defaults/paste_form.php b/htdocs/themes/bootstrap/views/defaults/paste_form.php
index 07fd4a2..9cc9fed 100644
--- a/htdocs/themes/bootstrap/views/defaults/paste_form.php
+++ b/htdocs/themes/bootstrap/views/defaults/paste_form.php
@@ -24,7 +24,8 @@
 					<label for="title">
 						<?php echo lang('paste_title'); ?>
 					</label>
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 				<div class="span3">
 					<label for="lang">
diff --git a/htdocs/themes/cleanwhite/views/defaults/paste_form.php b/htdocs/themes/cleanwhite/views/defaults/paste_form.php
index 3d0adfb..7782d64 100644
--- a/htdocs/themes/cleanwhite/views/defaults/paste_form.php
+++ b/htdocs/themes/cleanwhite/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 					<span class="instruction"><?php echo lang('paste_title_desc'); ?></span>
 				</label>
 				
-				<input value="<?php if(isset($title_set)){ echo $title_set; }?>" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+				<?php $set = array('name' => 'title', 'id' => 'title', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+				echo form_input($set);?>
 			</div>
 																		
 			<div class="item last">
diff --git a/htdocs/themes/default/views/defaults/paste_form.php b/htdocs/themes/default/views/defaults/paste_form.php
index 51db9b9..86ef9e0 100644
--- a/htdocs/themes/default/views/defaults/paste_form.php
+++ b/htdocs/themes/default/views/defaults/paste_form.php
@@ -26,7 +26,8 @@
 				<label for="title"><?php echo lang('paste_title'); ?>
 					<span class="instruction"><?php echo lang('paste_title_desc'); ?></span>
 				</label>
-				<input value="<?php if(isset($title_set)){ echo $title_set; }?>" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+				<?php $set = array('name' => 'title', 'id' => 'title', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+				echo form_input($set);?>
 			</div>
 
 			<div class="item last">
diff --git a/htdocs/themes/geocities/views/defaults/paste_form.php b/htdocs/themes/geocities/views/defaults/paste_form.php
index a426630..a29440c 100644
--- a/htdocs/themes/geocities/views/defaults/paste_form.php
+++ b/htdocs/themes/geocities/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 						<?php echo lang('paste_title'); ?>
 					</label>
 					
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 		
 				<div class="span3">
diff --git a/htdocs/themes/i386/views/defaults/paste_form.php b/htdocs/themes/i386/views/defaults/paste_form.php
index c2c36f6..3433902 100644
--- a/htdocs/themes/i386/views/defaults/paste_form.php
+++ b/htdocs/themes/i386/views/defaults/paste_form.php
@@ -29,7 +29,8 @@
 						<?php echo lang('paste_title'); ?>
 					</label>
 					
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="span3" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'span3', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 		
 				<div class="span3">
diff --git a/htdocs/themes/stikkedizr/views/defaults/paste_form.php b/htdocs/themes/stikkedizr/views/defaults/paste_form.php
index 594bebb..4bb844b 100644
--- a/htdocs/themes/stikkedizr/views/defaults/paste_form.php
+++ b/htdocs/themes/stikkedizr/views/defaults/paste_form.php
@@ -28,7 +28,8 @@
 					<label for="title">
 						<i class="fa fa-flag"></i> <?php echo lang('paste_title'); ?>
 					</label>
-					<input value="<?php if(isset($title_set)){ echo $title_set; }?>" class="form-control" type="text" id="title" name="title" tabindex="2" maxlength="50" />
+					<?php $set = array('name' => 'title', 'id' => 'title', 'class' => 'form-control', 'value' => (isset($title_set) ? $title_set : ''), 'maxlength' => '50', 'tabindex' => '2');
+					echo form_input($set);?>
 				</div>
 		
 				<div class="col-3 col-sm-12 col-lg-3">
-- 
cgit v1.2.3