Merge pull request #1 from Novusvetus/stringescaping

Novusvetus · web-flow · commit 126cce4f5b75 · 2020-05-14T14:56:30.000+02:00
Fixed escaping of insertFormFieldTags
diff --git a/src/Contao/FormdataBackend.php b/src/Contao/FormdataBackend.php
@@ -7,6 +7,7 @@
  *
  * @package   Efg
  * @author    Thomas Kuhn <mail@th-kuhn.de>
+ * @author    Marcel Rudolf <dev@novusvetus.de>
  * @license   http://www.gnu.org/licenses/lgpl-3.0.html LGPL
  * @copyright Thomas Kuhn 2007-2014
  *
@@ -482,12 +483,17 @@ public function insertFormFieldTags()
 
         $result = \Database::getInstance()->prepare("SELECT label,name,type FROM tl_form_field WHERE pid=?")->execute($intFormId);
 
+        $clean = function($string)
+        {
+            return addcslashes($string, '\'');
+        };
+
         while ($result->next()) {
             if (empty($result->label)) {
                 continue;
             }
 
-            $strFields .= $result->label . ': {{form::' . $result->name . '}}<br/>';
+            $strFields .= $clean($result->label) . ': {{form::' . $clean($result->name) . '}}<br/>';
         }
 
         $GLOBALS['TL_LANG']['tl_form']['confirmationMailText'][1] = sprintf('<a style="text-decoration: underline;" onclick="javascript:document.getElementById(\'ctrl_confirmationMailText\').value+=\'<br/>%s\'.replace(/\<br\/\>/g,\'\\n\');">%s</a> ',

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@`
`7`	`7`	`*`
`8`	`8`	`* @package Efg`
`9`	`9`	`* @author Thomas Kuhn <mail@th-kuhn.de>`
	`10`	`+ * @author Marcel Rudolf <dev@novusvetus.de>`
`10`	`11`	`* @license http://www.gnu.org/licenses/lgpl-3.0.html LGPL`
`11`	`12`	`* @copyright Thomas Kuhn 2007-2014`
`12`	`13`	`*`
`@@ -482,12 +483,17 @@ public function insertFormFieldTags()`
`482`	`483`
`483`	`484`	`$result = \Database::getInstance()->prepare("SELECT label,name,type FROM tl_form_field WHERE pid=?")->execute($intFormId);`
`484`	`485`
	`486`	`+ $clean = function($string)`
	`487`	`+ {`
	`488`	`+ return addcslashes($string, '\'');`
	`489`	`+ };`
	`490`	`+`
`485`	`491`	`while ($result->next()) {`
`486`	`492`	`if (empty($result->label)) {`
`487`	`493`	`continue;`
`488`	`494`	`}`
`489`	`495`
`490`		`- $strFields .= $result->label . ': {{form::' . $result->name . '}}<br/>';`
	`496`	`+ $strFields .= $clean($result->label) . ': {{form::' . $clean($result->name) . '}}<br/>';`
`491`	`497`	`}`
`492`	`498`
`493`	`499`	`$GLOBALS['TL_LANG']['tl_form']['confirmationMailText'][1] = sprintf('<a style="text-decoration: underline;" onclick="javascript:document.getElementById(\'ctrl_confirmationMailText\').value+=\'<br/>%s\'.replace(/\<br\/\>/g,\'\\n\');">%s</a> ',`