[SECURITY] Missing escaping in scheduler
authorGeorg Ringer <mail@ringerge.org>
Wed, 28 Mar 2012 11:54:26 +0000 (13:54 +0200)
committerOliver Hader <oliver@typo3.org>
Wed, 28 Mar 2012 11:54:29 +0000 (13:54 +0200)
A proper escaping is missing for field "frequency"
Sanitize submitted uid

Change-Id: I0025d826e65889e84b1733d66ad93d608de5c6f0
Fixes: #24474
Security-Commit: f32c2f4159b641456e6466ae14a14f893d6c2326
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10008
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/scheduler/mod1/index.php

index b8bcc5e..354779e 100755 (executable)
@@ -183,6 +183,7 @@ class tx_scheduler_Module extends t3lib_SCbase {
 
                        // Get submitted data
                $this->submittedData = t3lib_div::_GPmerged('tx_scheduler');
+               $this->submittedData['uid'] = intval($this->submittedData['uid']);
 
                        // If a save command was submitted, handle saving now
                if ($this->CMD == 'save') {
@@ -843,7 +844,7 @@ class tx_scheduler_Module extends t3lib_SCbase {
                        // Frequency input field
                $label = '<label for="task_frequency">' . $GLOBALS['LANG']->getLL('label.frequency.long') . '</label>';
                $table[$tr][] = t3lib_BEfunc::wrapInHelp($this->cshKey, 'task_frequency', $label);
-               $cell = '<input type="text" name="tx_scheduler[frequency]" id="task_frequency" value="' . $taskInfo['frequency'] . '" />';
+               $cell = '<input type="text" name="tx_scheduler[frequency]" id="task_frequency" value="' . htmlspecialchars($taskInfo['frequency']) . '" />';
                $table[$tr][] = $cell;
                $tableLayout[$tr] = array (
                        'tr'     => array('<tr id="task_frequency_row"' . $style . '>', '</tr>'),