zydronium/openbay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #8 from samdark/xss-fixes

Browse source 
Fixed potential security issues
This commit is contained in:
isohuntto 2014-12-20 00:50:23 +05:00
commit b82a7b6ceb
4 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/www/themes/oldpiratebay/views/layouts/head.php
View file

@ -2,7 +2,7 @@
<html lang="en">
<head>
<meta charset="utf-8">
<title><?= $this->pageTitle; ?></title>
<title><?= CHtml::encode($this->pageTitle); ?></title>
<meta name="description" content="Download music, movies, games, software and much more. The Pirate Bay is the world's largest bittorrent tracker.">
<meta name="keywords" content="mp3, avi, bittorrent, piratebay, pirate bay, proxy, torrent, torrents, movies, music, games, applications, apps, download, upload, share, kopimi, magnets, magnet">
<!--[if lt IE 9]>

4
src/www/themes/oldpiratebay/views/main/categories.php
View file

@ -1,10 +1,10 @@
<div class="browse-cats short-query">
<?php foreach ($tags as $tag) {
$tagLower = mb_strtolower($tag);
$tagLower = mb_strtolower($tag, Yii::app()->charset);
$tagId = array_search($tag, LCategory::$categoriesTags);
?>
<div class="bg-white mb p">
<h3 class="mt0"><a href="<?= $this->createUrl('main/search', array('iht' => $tagId, 'age' => 0)); ?>"><?= $tag; ?> Torrents</a></h3>
<h3 class="mt0"><a href="<?= $this->createUrl('main/search', array('iht' => $tagId, 'age' => 0)); ?>"><?= CHtml::encode($tag); ?> Torrents</a></h3>
<small>
<a href="<?= $this->createUrl('main/search', array('iht' => $tagId, 'ihs' => 1, 'age' => 1)); ?>">For last day only</a>
</small>

2
src/www/themes/oldpiratebay/views/main/index.php
View file

@ -18,7 +18,7 @@
$tags = LCategory::$categoriesTags;
foreach($tags as $tagId => $tag) { ?>
<label title="<?=$tag;?>"><input name="iht" type="checkbox" value="<?=$tagId;?>"><?= $tag; ?></label>
<label title="<?= CHtml::encode($tag);?>"><input name="iht" type="checkbox" value="<?=$tagId;?>"><?= CHtml::encode($tag); ?></label>
<?php
}
?>

6
src/www/themes/oldpiratebay/views/main/view.php
View file

@ -1,12 +1,12 @@
<div id="detailsouterframe">
<div id="detailsframe">
<div id="title"><a href="<?= $torrent->getUrl(); ?>" class="link-textcolor vm"><?= $torrent->name; ?> torrent</a></div>
<div id="title"><a href="<?= $torrent->getUrl(); ?>" class="link-textcolor vm"><?= CHtml::encode($torrent->name); ?> torrent</a></div>
<div id="details">
<dl class="col1">
<dt>Type:</dt>
<dd><a href="<?= $this->createUrl('main/search', array('iht' => $torrent->getCategoryTagId(), 'age' => 0)); ?>"><?= ucfirst($torrent->getCategoryTag()); ?></a></dd>
<dd><a href="<?= $this->createUrl('main/search', array('iht' => $torrent->getCategoryTagId(), 'age' => 0)); ?>"><?= CHtml::encode(ucfirst($torrent->getCategoryTag())); ?></a></dd>
<dt>Files:</dt>
<dd><?= $torrent->files_count ?: "N/A" ; ?></dd>
@ -21,7 +21,7 @@
<dd><?= number_format($torrent->leechers, 0, '.', ' '); ?></dd>
<br>
<dt>Info Hash:</dt><dd><?= $torrent->hash; ?></dd>
<dt>Info Hash:</dt><dd><?= CHtml::encode($torrent->hash); ?></dd>
</dl>
<br><br>