includes/functions.php
changeset 329 e48b1937dfc3
parent 318 eec2dfd2f0a3
child 331 f0eee185880a
--- a/includes/functions.php	Sat Mar 21 18:57:34 2009 -0400
+++ b/includes/functions.php	Sat Mar 21 18:58:41 2009 -0400
@@ -2,7 +2,7 @@
 
 /*
  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
- * Version 1.0.5 (Ferrishyn)
+ * Version 1.0.6 (Roane)
  * Copyright (C) 2006-2007 Dan Fuhry
  *
  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
@@ -1139,26 +1139,19 @@
       '1.0.2'  => 'Coblynau',
       '1.0.3'  => 'Dyrad',
       '1.0.4'  => 'Ellyyllon',
-      '1.0.5'  => 'Ferrishyn'
+      '1.0.5'  => 'Ferrishyn',
+      '1.0.6'  => 'Roane'
     );
   $version = enano_version();
   if ( isset($names[$version]) )
   {
     return $names[$version];
   }
-  return 'Anonymous build';
+  return 'Unofficial build';
 }
 
 /**
- * What kinda sh** was I thinking when I wrote this. Deprecated.
- */
-
-function _dualurlenc($t) {
-  return rawurlencode(rawurlencode($t));
-}
-
-/**
- * Badly named function to send back eval'able Javascript code with an error message. Deprecated, use JSON instead.
+ * Badly named function to send back eval-able Javascript code with an error message. Deprecated, use JSON instead.
  * @param string Message to send
  */
 
@@ -1854,6 +1847,11 @@
   // <
   // The rule is so specific because everything else will have been filtered by now
   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
+  
+  // Vulnerability reported by fuzion from nukeit.org:
+  // XSS in closing HTML tag style attribute
+  // Fix: escape all closing tags with non-whitelisted characters
+  $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '&lt;/\\1&gt;', $html);
 
   // Restore stripped comments
   $i = 0;