Fix potential XSS issue

2 files changed, 19 insertions, 3 deletions

diff --git a/functions/init/sanitize.php b/functions/init/sanitize.php
index db21021..5d72cad 100644
--- a/functions/init/sanitize.php
+++ b/functions/init/sanitize.php
@@ -32,6 +32,22 @@ function recursiveSanitize($value) {
     return $value;
 }
 
+
+function sanitizeForWeb($string) {
+    $string = preg_replace('/<br\s*\/?>/', "\n", $string);
+
+    $string = str_replace('&', '&amp;', $string);
+    $string = str_replace('<', '&lt;', $string);
+    $string = str_replace('>', '&gt;', $string);
+    $string = str_replace('\'', '&#39;', $string);
+    $string = str_replace('"', '&#34;', $string);
+
+    $string = str_replace('<br />', "\n", $string);
+    
+    return $string;
+}
+
+
 if (!isset($_SERVER) && isset($HTTP_SERVER_VARS)) {
 	$_SERVER = &$HTTP_SERVER_VARS;
 }
diff --git a/includes/event.php b/includes/event.php
index 150a0e4..ae9df5c 100644
--- a/includes/event.php
+++ b/includes/event.php
@@ -27,9 +27,9 @@ if ($_POST['time'] == -1) {
 	if ($start != $end) $event_times = "$start - $end";
 }
 
-$event['event_text']  = urldecode($event['event_text']);
-$event['description'] = urldecode($event['description']);
-$event['location']    = urldecode($event['location']);
+$event['event_text']  = sanitizeForWeb(urldecode($event['event_text']));
+$event['description'] = sanitizeForWeb(urldecode($event['description']));
+$event['location']    = sanitizeForWeb(urldecode($event['location']));
 $display ='';
 if (isset($event['description'])) $event['description'] = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]",'<a target="_new" href="\0">\0</a>',$event['description']);