diff options
-rw-r--r-- | index.php | 4 | ||||
-rw-r--r-- | search.php | 21 |
2 files changed, 21 insertions, 4 deletions
@@ -54,7 +54,7 @@ <form action="/search.php"> <div id="query_wrap"> <div id="query_icon"></div> - <input id="query" type='search' value='<?php if($action === 'lmmtfy') echo $query;?>' name='query' autocorrect="off" autocapitalize="none" required autofocus/> + <input id="query" type='search' value='<?php if($action === 'lmmtfy') echo htmlspecialchars($query);?>' name='query' autocorrect="off" autocapitalize="none" required autofocus/> <button id="btn_def" type='submit' value='man' name='action' class="btn-def" aria-hidden="true" tabindex="-1"></button> <input type="checkbox" id="query_opts_toggle"/> <div id="query_opts"> @@ -80,6 +80,8 @@ $sel = ""; if((strlen($arch) > 0) && ($arch == $a)) $sel = 'selected="selected"'; + + $a = htmlspecialchars($a); echo "<option value='$a' $sel>$a</option>"; } ?> @@ -48,7 +48,7 @@ <nav id="search_pane"> <form> <div id="query_wrap"> - <input id="query" type='search' value='<?=$query;?>' name='query' autocorrect="off" autocapitalize="none" required/> + <input id="query" type='search' value='<?= htmlspecialchars($query);?>' name='query' autocorrect="off" autocapitalize="none" required/> <button id="btn_def" type='submit' value='man' name='action' class="btn-def" aria-hidden="true" tabindex="-1"></button> <input type="checkbox" id="query_opts_toggle"/> <div id="query_opts"> @@ -74,6 +74,8 @@ $sel = ""; if((strlen($arch) > 0) && ($arch == $a)) $sel = 'selected="selected"'; + + $a = htmlspecialchars($a); echo "<option value='$a' $sel>$a</option>"; } ?> @@ -96,9 +98,17 @@ <?php $arg_section = ""; if(!empty($section)) - $arg_section .= " -s ". escapeshellarg($section); + { + if(is_numeric($section) && (0 < $section) && ($section <= 9)) + $arg_section .= " -s ". escapeshellarg($section); + else $section = null; + } if(!empty($arch)) - $arg_section .= " -S ". escapeshellarg($arch); + { + if(in_array($arch, $archs, true)) + $arg_section .= " -S ". escapeshellarg($arch); + else $arch = null; + } /* NOTE: This seems like it's a too ad hoc of a solution, but _theoretically_ escapeshellarg() * should take care of the rest. I need more testing. @@ -125,6 +135,7 @@ * As you can see, they also decided to pepper the HTML with inline style coz they * just absolutely hate me, so I strip it too. */ + /* NOTE: don't htmlspecialchars() here because this is raw HTML from mandoc! */ for($i = 0; $i < count($lines); $i++) { $line = preg_replace('/\<br.\>/i', '', $lines[$i]); @@ -171,6 +182,10 @@ $url = "$root/search.php?query=". urlencode($name) ."§ion=". urlencode($sect) ."&arch=". urlencode($arch) ."&action=man"; + $fname = htmlspecialchars($fname); + $fsect = htmlspecialchars($fsect); + $desc = htmlspecialchars($desc); + echo '<dl>'; echo " <dt><a href='".$url."'>$fname($fsect)</a></dt>"; echo " <dd>$desc</dd>"; |