[SECURITY] Missing escaping in scheduler
authorGeorg Ringer <mail@ringerge.org>
Wed, 28 Mar 2012 11:56:31 +0000 (13:56 +0200)
committerOliver Hader <oliver@typo3.org>
Wed, 28 Mar 2012 11:56:37 +0000 (13:56 +0200)
A proper escaping is missing for field "frequency"
Sanitize submitted uid

Change-Id: I882d167f55b813f7f20beba48ee09792acec4935
Fixes: #24474
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Commit: 68a9d5c2de0b6d466373cdde07fef03161bfa2de
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10034
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/scheduler/class.tx_scheduler_module.php

index 1dfe350..67c14d1 100644 (file)
@@ -176,6 +176,7 @@ class tx_scheduler_Module extends t3lib_SCbase {
 
                        // Get submitted data
                $this->submittedData = t3lib_div::_GPmerged('tx_scheduler');
+               $this->submittedData['uid'] = intval($this->submittedData['uid']);
 
                        // If a save command was submitted, handle saving now
                if ($this->CMD == 'save') {
@@ -842,7 +843,7 @@ class tx_scheduler_Module extends t3lib_SCbase {
                        // Frequency input field
                $label = '<label for="task_frequency">' . $GLOBALS['LANG']->getLL('label.frequency.long') . '</label>';
                $table[$tr][] = t3lib_BEfunc::wrapInHelp($this->cshKey, 'task_frequency', $label);
-               $cell = '<input type="text" name="tx_scheduler[frequency]" id="task_frequency" value="' . $taskInfo['frequency'] . '" />';
+               $cell = '<input type="text" name="tx_scheduler[frequency]" id="task_frequency" value="' . htmlspecialchars($taskInfo['frequency']) . '" />';
                $table[$tr][] = $cell;
                $tableLayout[$tr] = array (
                        'tr'     => array('<tr id="task_frequency_row"' . $style . '>', '</tr>'),
@@ -1614,4 +1615,4 @@ class tx_scheduler_Module extends t3lib_SCbase {
 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/scheduler/class.tx_scheduler_module.php'])) {
        include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/scheduler/class.tx_scheduler_module.php']);
 }
-?>
\ No newline at end of file
+?>