-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathSA-2007-005-4.7.5.patch
executable file
·69 lines (66 loc) · 2.72 KB
/
SA-2007-005-4.7.5.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
Index: modules/comment.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/Attic/comment.module,v
retrieving revision 1.455.2.14
diff -u -p -r1.455.2.14 comment.module
--- modules/comment.module 3 Jan 2007 21:56:58 -0000 1.455.2.14
+++ modules/comment.module 29 Jan 2007 21:04:18 -0000
@@ -1367,24 +1367,26 @@ function comment_form_add_preview($form,
$output = '';
- comment_validate($edit);
- $comment = (object)_comment_form_submit($edit);
-
- // Attach the user and time information.
- if ($edit['author']) {
- $account = user_load(array('name' => $edit['author']));
- }
- elseif ($user->uid && !isset($edit['is_anonymous'])) {
- $account = $user;
- }
- if ($account) {
- $comment->uid = $account->uid;
- $comment->name = check_plain($account->name);
- }
- $comment->timestamp = $edit['timestamp'] ? $edit['timestamp'] : time();
-
- // Preview the comment with security check.
+ // Invoke full validation for the form, to protect against cross site
+ // request forgeries (CSRF) and setting arbitrary values for fields such as
+ // the input format. Preview the comment only when form validation does not
+ // set any errors.
+ drupal_validate_form($form['form_id']['#value'], $form);
if (!form_get_errors()) {
+ $comment = (object)_comment_form_submit($edit);
+
+ // Attach the user and time information.
+ if ($edit['author']) {
+ $account = user_load(array('name' => $edit['author']));
+ }
+ elseif ($user->uid && !isset($edit['is_anonymous'])) {
+ $account = $user;
+ }
+ if ($account) {
+ $comment->uid = $account->uid;
+ $comment->name = check_plain($account->name);
+ }
+ $comment->timestamp = $edit['timestamp'] ? $edit['timestamp'] : time();
$output .= theme('comment_view', $comment);
}
$form['comment_preview'] = array(
Index: modules/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/Attic/node.module,v
retrieving revision 1.641.2.31
diff -u -p -r1.641.2.31 node.module
--- modules/node.module 4 Jan 2007 20:50:02 -0000 1.641.2.31
+++ modules/node.module 29 Jan 2007 21:04:20 -0000
@@ -1724,6 +1724,10 @@ function node_form_add_preview($form) {
$op = isset($_POST['op']) ? $_POST['op'] : '';
if ($op == t('Preview')) {
+ // Invoke full validation for the form, to protect against cross site
+ // request forgeries (CSRF) and setting arbitrary values for fields such as
+ // the input format. Preview the node only when form validation does not
+ // set any errors.
drupal_validate_form($form['form_id']['#value'], $form);
if (!form_get_errors()) {
// Because the node preview may display a form, we must render it