Commit 1bf45d86 authored by chandi's avatar chandi Committed by Matthias Larisch

fix reflected XSS in /?page=quiz&sub=wall

parent 0fb85ccd
......@@ -60,14 +60,15 @@ class QuizControl extends Control
public function wall()
{
if ($q = $this->model->getQuestion($_GET['id'])) {
$questionId = (int)$_GET['id'];
if ($q = $this->model->getQuestion($questionId)) {
if ($name = $this->model->getVal('name', 'quiz', $q['quiz_id'])) {
$this->func->addBread($name, '/?page=quiz&id=' . (int)$_GET['id']);
$this->func->addBread($name, '/?page=quiz&id=' . $questionId);
}
$this->func->addBread('Frage #' . $q['id'], '/?page=quiz&sub=wall&id=' . (int)$q['id']);
$this->func->addContent($this->view->topbar('Quizfrage #' . $q['id'], '<a style="float:right;color:#FFF;font-size:13px;margin-top:-20px;" href="#" class="button" onclick="ajreq(\'editquest\',{id:' . (int)$q['id'] . ',qid:' . (int)$q['quiz_id'] . '});return false;">Frage bearbeiten</a>' . $q['text'] . '<p><strong>' . $q['fp'] . ' Fehlerpunkte, ' . $q['duration'] . ' Sekunden zum Antworten</strong></p>', '<img src="/img/quiz.png" />'), CNT_TOP);
$this->func->addContent($this->v_utils->v_field($this->wallposts('question', $_GET['id']), 'Kommentare'), CNT_MAIN);
$this->func->addContent($this->view->answerSidebar($this->model->getAnswers($q['id']), $_GET['id']), CNT_RIGHT);
$this->func->addContent($this->v_utils->v_field($this->wallposts('question', $questionId), 'Kommentare'), CNT_MAIN);
$this->func->addContent($this->view->answerSidebar($this->model->getAnswers($q['id']), $questionId), CNT_RIGHT);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment