2003-01-11 Ryan T. Sammartino <ryants@shaw.ca>
+ * www/survey/survey_resp.php: Audit: escape special characters
+ from user input before submitting to database.
+
+ * www/survey/admin/edit_survey.php: ditto.
+
+ * www/survey/admin/add_survey.php: ditto.
+
* www/survey/admin/add_survey.php: add missing <, don't display
empty table if there are no existing surveys.
} else {
$is_active = 0;
}
- $sql="UPDATE surveys SET survey_title='$survey_title', survey_questions='$survey_questions', is_active='$is_active' ".
+ $sql="UPDATE surveys SET survey_title='".htmlspecialchars($survey_title)."', survey_questions='$survey_questions', is_active='$is_active' ".
"WHERE survey_id='$survey_id' AND group_id='$group_id'";
$result=db_query($sql);
if (db_affected_rows($result) < 1) {
$cols = db_NumFields($result);
echo "<h3>$rows Found</h3>";
- echo /*"<table bgcolor=\"NAVY\"><tr><td bgcolor=\"NAVY\">*/ "<table border=\"0\">\n";
- /* Create the headers */
- echo "<tr style=\"background-color:$GLOBALS[COLOR_MENUBARBACK]\">\n";
- for ($i = 0; $i < $cols; $i++) {
- printf( "<th><span style=\"color:white\"><strong>%s</strong></span></th>\n", db_fieldname($result,$i));
- }
- echo "</tr>";
- for ($j=0; $j<$rows; $j++) {
-
- if ($j%2==0) {
- $row_bg="white";
- } else {
- $row_bg="$GLOBALS[COLOR_LTBACK1]";
+ if ($rows > 0) {
+ echo /*"<table bgcolor=\"NAVY\"><tr><td bgcolor=\"NAVY\">*/ "<table border=\"0\">\n";
+ /* Create the headers */
+ echo "<tr style=\"background-color:$GLOBALS[COLOR_MENUBARBACK]\">\n";
+ for ($i = 0; $i < $cols; $i++) {
+ printf( "<th><span><strong>%s</strong></span></th>\n", db_fieldname($result,$i));
}
+ echo "</tr>";
+ for ($j=0; $j<$rows; $j++) {
- echo "<tr style=\"background-color:$row_bg\">\n";
+ if ($j%2==0) {
+ $row_bg="white";
+ } else {
+ $row_bg="$GLOBALS[COLOR_LTBACK1]";
+ }
- echo "<td><a href=\"$PHP_SELF?group_id=$group_id&survey_id=".
- db_result($result,$j,0)."\">".db_result($result,$j,0)."</a></td>";
- for ($i = 1; $i < $cols; $i++) {
- printf("<td>%s</td>\n",db_result($result,$j,$i));
- }
+ echo "<tr style=\"background-color:$row_bg\">\n";
- echo "</tr>";
+ echo "<td><a href=\"$PHP_SELF?group_id=$group_id&survey_id=".
+ db_result($result,$j,0)."\">".db_result($result,$j,0)."</a></td>";
+ for ($i = 1; $i < $cols; $i++) {
+ printf("<td>%s</td>\n",db_result($result,$j,$i));
+ }
+
+ echo "</tr>";
+ }
+ echo "</table>"; //</td></tr></TABLE>";
}
- echo "</table>"; //</td></tr></TABLE>";
}
/*
$val="_" . $quest_array[$i];
$sql="INSERT INTO survey_responses (user_id,group_id,survey_id,question_id,response,date) ".
- "VALUES ('".user_getid()."','" . addslashes($group_id) . "','" . addslashes($survey_id) . "','" . addslashes($quest_array[$i]) . "','". addslashes($$val) . "','$now')";
+ "VALUES ('".user_getid()."','" . addslashes($group_id) . "','" . addslashes($survey_id) . "','" . addslashes($quest_array[$i]) . "','". htmlspecialchars(addslashes($$val)) . "','$now')";
$result=db_query($sql);
if (!$result) {
echo "<h1>Error</h1>";