From ff2f93815ff754c865f47fc642a5848e25770556 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 13 Mar 2021 12:33:26 +0100 Subject: [PATCH] Fix backtourl --- htdocs/website/index.php | 7 ++++--- test/phpunit/SecurityTest.php | 6 ++++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 03cd9366aba..e74944c3e2d 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -394,12 +394,12 @@ if ($cancel) { } $savbacktopage = $backtopage; -$backtopage = $_SERVER["PHP_SELF"].'?file_manager=1&website='.$websitekey.'&pageid='.$pageid.(GETPOST('section_dir', 'alpha') ? '§ion_dir='.urlencode(GETPOST('section_dir', 'alpha')) : ''); // used after a confirm_deletefile into actions_linkedfiles.inc.php +$backtopage = $_SERVER["PHP_SELF"].'?file_manager=1&website='.urlencode($websitekey).'&pageid='.urlencode($pageid).(GETPOST('section_dir', 'alpha') ? '§ion_dir='.urlencode(GETPOST('section_dir', 'alpha')) : ''); // used after a confirm_deletefile into actions_linkedfiles.inc.php if ($sortfield) { - $backtopage .= '&sortfield='.$sortfield; + $backtopage .= '&sortfield='.urlencode($sortfield); } if ($sortorder) { - $backtopage .= '&sortorder='.$sortorder; + $backtopage .= '&sortorder='.urlencode($sortorder); } include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; $backtopage = $savbacktopage; @@ -1511,6 +1511,7 @@ if ($action == 'updatecss') { if (!GETPOSTISSET('updateandstay')) { // If we click on "Save And Stay", we don not make the redirect $action = 'preview'; if ($backtopage) { + $backtopage = preg_replace('/searchstring=[^&]*/', '', $backtopage); // Clean backtopage url header("Location: ".$backtopage); exit; } diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index 55c3ea6de28..5e05daa5b9f 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -184,6 +184,12 @@ class SecurityTest extends PHPUnit\Framework\TestCase // Should be OK $expectedresult=0; + /* + $test = ''; + $result=testSqlAndScriptInject($test, 0); + $this->assertGreaterThanOrEqual(0, $result, 'Error on testSqlAndScriptInject kkk'); + */ + $_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices'; $result=testSqlAndScriptInject($_SERVER["PHP_SELF"], 2); $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 0a');