diff --git a/libs/plugins/function.html_checkboxes.php b/libs/plugins/function.html_checkboxes.php index 29dfd328..40329025 100644 --- a/libs/plugins/function.html_checkboxes.php +++ b/libs/plugins/function.html_checkboxes.php @@ -21,6 +21,7 @@ * {html_checkboxes values=$ids checked=$checked separator='
' output=$names} * ------------------------------------------------------------- */ +require_once $this->_get_plugin_filepath('shared','escape_special_chars'); function smarty_function_html_checkboxes($params, &$smarty) { extract($params); @@ -47,12 +48,12 @@ function smarty_function_html_checkboxes($params, &$smarty) } function smarty_function_html_checkboxes_output($name, $value, $output, $checked, $separator) { - $_output = ' * ------------------------------------------------------------- */ +require_once $this->_get_plugin_filepath('shared','escape_special_chars'); function smarty_function_html_image($params, &$smarty) { $name = ''; $border = 0; $height = null; $width = null; + $extra = ''; $basedir = isset($GLOBALS['HTTP_SERVER_VARS']['DOCUMENT_ROOT']) ? $GLOBALS['HTTP_SERVER_VARS']['DOCUMENT_ROOT'] : null; - extract($params); + foreach($params as $_key => $_val) { + switch($_key) { + case 'name': + $name = $_val; + break; + case 'border': + $border = $_val; + break; + case 'height': + $height = $_val; + break; + case 'width': + $width = $_val; + break; + default: + $extra .= ' '.$_key.'="'.smarty_function_escape_special_chars($_val).'"'; + } + } if (empty($name)) { $smarty->trigger_error("html_image: missing 'name' parameter", E_USER_ERROR); @@ -48,12 +67,16 @@ function smarty_function_html_image($params, &$smarty) if(!is_readable($_image_path)) { $smarty->trigger_error("html_image: unable to read '$_image_path'", E_USER_ERROR); } - + + if(!$smarty->security && substr($_image_path,0,strlen($basedir)) != $basedir) { + $smarty->trigger_error("html_image: (secure) '$_image_path' not within basedir ($basedir)", E_USER_ERROR); + } + if(!$_image_data = getimagesize($_image_path)) { $smarty->trigger_error("html_image: '$_image_path' is not a valid image file", E_USER_ERROR); } - return "'; + return ""; } /* vim: set expandtab: */ diff --git a/libs/plugins/function.html_options.php b/libs/plugins/function.html_options.php index 068164a0..7a85e489 100644 --- a/libs/plugins/function.html_options.php +++ b/libs/plugins/function.html_options.php @@ -1,5 +1,7 @@ ' . smarty_function_html_options_htmlspecialchars($value) . '' . "\n"; + $html_result .= '>' . smarty_function_escape_special_chars($value) . '' . "\n"; } else { $html_result = smarty_function_html_options_optgroup($key, $value, $selected); } @@ -50,7 +52,7 @@ function smarty_function_html_options_optoutput($key, $value, $selected) { } function smarty_function_html_options_optgroup($key, $values, $selected) { - $optgroup_html = '' . "\n"; + $optgroup_html = '' . "\n"; foreach ($values as $key => $value) { $optgroup_html .= smarty_function_html_options_optoutput($key, $value, $selected); } @@ -58,14 +60,6 @@ function smarty_function_html_options_optgroup($key, $values, $selected) { return $optgroup_html; } -function smarty_function_html_options_htmlspecialchars($text) { - // do not escape already escaped entities (& {) - $text = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $text); - $text = htmlspecialchars($text); - $text = str_replace(array('%%%SMARTY_START%%%','%%%SMARTY_END%%%'), array('&',';'), $text); - return $text; -} - /* vim: set expandtab: */ ?> diff --git a/libs/plugins/function.html_radios.php b/libs/plugins/function.html_radios.php index 31f2ac73..92a9d0f0 100644 --- a/libs/plugins/function.html_radios.php +++ b/libs/plugins/function.html_radios.php @@ -8,7 +8,7 @@ * Name: html_radios * Version: 1.0 * Date: 24.Feb.2003 - * Purpose: Prints out a list of radio button input types + * Purpose: Prints out a list of radio input types * Input: name (optional) - string default "radio" * values (required) - array * checked (optional) - array default not set @@ -17,10 +17,11 @@ * Author: Christopher Kvarme * Credits: Monte Ohrt * Examples: {html_radios values=$ids output=$names} - * {html_radios values=$ids name='choices' separator='
' output=$names} + * {html_radios values=$ids name='box' separator='
' output=$names} * {html_radios values=$ids checked=$checked separator='
' output=$names} * ------------------------------------------------------------- */ +require_once $this->_get_plugin_filepath('shared','escape_special_chars'); function smarty_function_html_radios($params, &$smarty) { extract($params); @@ -47,12 +48,12 @@ function smarty_function_html_radios($params, &$smarty) } function smarty_function_html_radios_output($name, $value, $output, $checked, $separator) { - $_output = '