Author: Ilija Tovilo (iluuu1994)
Committer: Derick Rethans (derickr)
Date: 2026-06-23T16:07:42+01:00

Commit: 
https://github.com/php/web-master/commit/62ffa6fa3e8d8c5fc8d7d0969dc24f0687fea4f6
Raw diff: 
https://github.com/php/web-master/commit/62ffa6fa3e8d8c5fc8d7d0969dc24f0687fea4f6.diff

Fix PHP_SELF escaping

Warning: Completely untested.

Changed paths:
  M  include/functions.inc
  M  public/forgot.php


Diff:

diff --git a/include/functions.inc b/include/functions.inc
index dfb3acb..c356e25 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -124,7 +124,7 @@ function show_prev_next($begin, $rows, $skip, $total, 
$extra = [], $table = true
    <?php
      if ($begin > 0) {
        printf("<a href=\"%s?%s\">&laquo; Previous %d",
-              $_SERVER['PHP_SELF'],
+              hsc($_SERVER['PHP_SELF']),
               array_to_url($extra, ["begin" => max(0,$begin-$skip)]),
               min($skip,$begin));
      }
@@ -143,7 +143,7 @@ function show_prev_next($begin, $rows, $skip, $total, 
$extra = [], $table = true
    <?php
      if ($begin+$rows < $total) {
        printf("<a href=\"%s?%s\">Next %d &raquo;",
-              $_SERVER['PHP_SELF'],
+              hsc($_SERVER['PHP_SELF']),
               array_to_url($extra, ["begin" => $begin+$skip]),
               min($skip,$total-($begin+$skip)));
      }
diff --git a/public/forgot.php b/public/forgot.php
index 3abba44..bca7388 100644
--- a/public/forgot.php
+++ b/public/forgot.php
@@ -94,7 +94,7 @@ function random_password() {
 ?>
 <p>Forgot your <acronym title="Version Control System">VCS</acronym> password, 
huh? Just fill in your VCS username, and
 instructions will be sent to you on how to change your password.</p>
-<form method="post" action="<?= $_SERVER['PHP_SELF'] ?>">
+<form method="post" action="<?= hsc($_SERVER['PHP_SELF']) ?>">
  <label for="user">username:</label>
  <input type="text" id="user" name="user" value="<?php echo hsc($user)?>" />
  <input type="submit" value="send help" />

Reply via email to