Commit: b55d076eac8102296682420ec1f18d7e539e3103 Author: Sara Golemon <poll...@php.net> Tue, 5 Jul 2016 17:15:27 -0700 Parents: 91035f1f90cba8c22551e69886a765fadc3ef8db Branches: master
Link: http://git.php.net/?p=web/qa.git;a=commitdiff;h=b55d076eac8102296682420ec1f18d7e539e3103 Log: Escape output Changed paths: M build.php M list_builds.php M pftt.php M tested-methods.php Diff: diff --git a/build.php b/build.php index 69d1b6c..056fdea 100755 --- a/build.php +++ b/build.php @@ -21,16 +21,20 @@ $SITE_UPDATE = date("D M d H:i:s Y T", filectime(__FILE__)); common_header(NULL, $TITLE); - +$branchHTML = htmlentities($branch); +$branchURL = urlencode($branch); +$revisionHTML = htmlentities($revision); +$revisionURL = urlencode($revision); ?> -<h1><a href="list_builds.php?branch=<?php echo $branch; ?>"><?php echo $branch; ?></a> <?php echo $revision; ?></h1> +<h1><a href="list_builds.php?branch=<?php echo $branchURL; ?>"> +<?php echo $branchHTML; ?></a> <?php echo $revisionHTML; ?></h1> <h2>Summary</h2> <table> <tr> - <td><?php echo $branch; ?> <?php echo $revision; ?> </td> + <td><?php echo $branchHTML; ?> <?php echo $revisionHTML; ?> </td> </tr> </table> @@ -53,7 +57,7 @@ foreach ( scandir(BASE_REPORT_DIR."/$branch/$revision") as $report ) { ?> <tr<?php if ($has_fails_crashes) { echo ' style="background:#ff0000"'; } ?>> - <td>with <a href="/reports/db/<?php echo $branch; ?>/<?php echo $revision; ?>/<?php echo $report; ?>" target="_blank"><?php echo $report_name; ?></a></td> + <td>with <a href="/reports/db/<?php echo $branchURL; ?>/<?php echo $revisionURL; ?>/<?php echo urlencode($report); ?>" target="_blank"><?php echo htmlentities($report_name); ?></a></td> </tr> <?php @@ -77,7 +81,7 @@ foreach ( scandir(BASE_REPORT_DIR."/$branch/$revision") as $report ) { ?> <tr> - <td>with <a href="/reports/db/<?php echo $branch; ?>/<?php echo $revision; ?>/<?php echo $report; ?>" target="_blank"><?php echo $report_name; ?></a></td> + <td>with <a href="/reports/db/<?php echo $branchURL; ?>/<?php echo $revisionURL; ?>/<?php echo urlencode($report); ?>" target="_blank"><?php echo htmlentities($report_name); ?></a></td> </tr> <?php diff --git a/list_builds.php b/list_builds.php index a631a15..e8a06f3 100755 --- a/list_builds.php +++ b/list_builds.php @@ -15,9 +15,8 @@ $SITE_UPDATE = date("D M d H:i:s Y T", filectime(__FILE__)); common_header(NULL, $TITLE); - ?> -<h1><a href="pftt.php"><?php echo $branch; ?></a></h1> +<h1><a href="pftt.php"><?php echo htmlentities($branch); ?></a></h1> <p>Choose a PHP revision or build</p> <?php @@ -59,12 +58,11 @@ foreach ($mtimes as $mtime) { $red = is_file(BASE_REPORT_DIR."/$branch/$latest_revision/FAIL_CRASH.txt"); - ?> <table class="pftt" style="background:<?php echo $red ? '#ff0000' : '#ccff66'; ?>"> <tr> <td>Latest:</td> - <td><a href="build.php?branch=<?php echo $branch; ?>&revision=<?php echo $latest_revision; ?>"><?php echo $latest_revision; ?></a></td> + <td><a href="build.php?branch=<?php echo urlencode($branch); ?>&revision=<?php echo urlencode($latest_revision); ?>"><?php echo htmlentities($latest_revision); ?></a></td> </tr> </table> <br/> @@ -78,7 +76,7 @@ foreach ( $revisions as $revision ) { ?> <tr style="background:<?php echo $red ? '#ff0000' : '#ccff66'; ?>"> - <td><a href="build.php?branch=<?php echo $branch; ?>&revision=<?php echo $revision; ?>"><?php echo $revision; ?></a></td> + <td><a href="build.php?branch=<?php echo urlencode($branch); ?>&revision=<?php echo urlencode($revision); ?>"><?php echo htmlentities($revision); ?></a></td> </tr> <?php diff --git a/pftt.php b/pftt.php index 4896a84..62702ee 100755 --- a/pftt.php +++ b/pftt.php @@ -44,9 +44,9 @@ if ($branches!==FALSE) { ?> <table class="pftt" style="background:<?php echo $red ? '#ff0000;' : '#ccff66'; ?>"> <tr> - <td style="width:300px"><a href="list_builds.php?branch=<?php echo $branch; ?>"><?php echo $branch; ?></a></td> + <td style="width:300px"><a href="list_builds.php?branch=<?php echo urlencode($branch); ?>"><?php echo htmlentities($branch); ?></a></td> <td style="width:100px">Latest:</td> - <td style="width:300px"><a href="build.php?branch=<?php echo $branch; ?>&revision=<?php echo $latest_revision; ?>"><?php echo $latest_revision; ?></a></td> + <td style="width:300px"><a href="build.php?branch=<?php echo urlencode($branch); ?>&revision=<?php echo urlencode($latest_revision); ?>"><?php echo htmlentities($latest_revision); ?></a></td> </tr> </table> <br/> @@ -67,4 +67,4 @@ if ($branches!==FALSE) { <?php common_footer(); -?> \ No newline at end of file +?> diff --git a/tested-methods.php b/tested-methods.php index 652b0c8..63ab456 100644 --- a/tested-methods.php +++ b/tested-methods.php @@ -63,10 +63,11 @@ while (true) { continue; } - $extension = $line[EXTENSION]; - $class = $line[CLASS_NAME]; - $method = $line[METHOD_NAME]; - $tested = $line[TESTED]; + $extension = htmlentities($line[EXTENSION]); + $class = htmlentities($line[CLASS_NAME]); + $method = htmlentities($line[METHOD_NAME]); + $tested = htmlentities($line[TESTED]); + $tests = htmlentities($line[TESTS]); $bgcolor = "red"; $test_files_exist = false; @@ -80,7 +81,6 @@ while (true) { $test_files_exist = true; } - $tests = $line[TESTS]; echo "<tr>"; echo "<td>$extension</td>"; -- PHP Quality Assurance Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
