From a7a222aa341c789eb2f3f9ed343e839629bd67c3 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Wed, 29 Feb 2012 07:35:40 -0800
Subject: [PATCH] use html::purify on album titles to prevent XSS

---
 3.0/modules/albumtree/views/albumtree_block_dtree.html.php  | 2 +-
 3.0/modules/albumtree/views/albumtree_block_list.html.php   | 2 +-
 3.0/modules/albumtree/views/albumtree_block_select.html.php | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/3.0/modules/albumtree/views/albumtree_block_dtree.html.php b/3.0/modules/albumtree/views/albumtree_block_dtree.html.php
index 10f6c264..02295962 100644
--- a/3.0/modules/albumtree/views/albumtree_block_dtree.html.php
+++ b/3.0/modules/albumtree/views/albumtree_block_dtree.html.php
@@ -398,7 +398,7 @@ albumTree.config.cookieDomain = '';
 <?
 function addtree($album){
 ?>
-albumTree.add(<?= $album->id -1 ?>, <?= $album->parent_id -1 ?>, "<?= $album->title ?>", pf+'<?= $album->relative_url() ?>');
+albumTree.add(<?= $album->id -1 ?>, <?= $album->parent_id -1 ?>, "<?= html::purify($album->title) ?>", pf+'<?= $album->relative_url() ?>');
 <?
   foreach ($album->viewable()->children(null, null, array(array("type", "=", "album"))) as $child){
     addtree($child);
diff --git a/3.0/modules/albumtree/views/albumtree_block_list.html.php b/3.0/modules/albumtree/views/albumtree_block_list.html.php
index 58daf0ce..08ab3f04 100644
--- a/3.0/modules/albumtree/views/albumtree_block_list.html.php
+++ b/3.0/modules/albumtree/views/albumtree_block_list.html.php
@@ -15,7 +15,7 @@ function makelist($album,$level){
 //print out the list item
 ?>
   <li>
-    <a href="<?= item::root()->url() ?><?= $album->relative_url() ?>"><?= str_repeat("&nbsp;&nbsp;", $level) ?><?= $album->title ?></a>
+    <a href="<?= item::root()->url() ?><?= $album->relative_url() ?>"><?= str_repeat("&nbsp;&nbsp;", $level) ?><?= html::purify($album->title) ?></a>
   </li>
 <?
   //recurse over the children, and print their list items as well
diff --git a/3.0/modules/albumtree/views/albumtree_block_select.html.php b/3.0/modules/albumtree/views/albumtree_block_select.html.php
index cb543c86..afe1c7ff 100644
--- a/3.0/modules/albumtree/views/albumtree_block_select.html.php
+++ b/3.0/modules/albumtree/views/albumtree_block_select.html.php
@@ -4,7 +4,7 @@
 function makeselect($album, $level){
 //print out the list item as a select option
 ?>
-<option value="<?= item::root()->url() ?><?= $album->relative_url() ?>"><?= str_repeat("&nbsp;&nbsp;", $level) ?><?= $album->title ?></option>
+  <option value="<?= item::root()->url() ?><?= $album->relative_url() ?>"><?= str_repeat("&nbsp;&nbsp;", $level) ?><?= html::purify($album->title) ?></option>
 <?
   //recurse over the children, and print their list items as well
   foreach ($album->viewable()->children(null, null, array(array("type", "=", "album"))) as $child){