From 4d5d65a4a6f620b2ea8a2aa6d1efd5f05bde515d Mon Sep 17 00:00:00 2001
From: AlexanderDCrane <40072887+AlexanderDCrane@users.noreply.github.com>
Date: Fri, 8 Jun 2018 13:42:42 -0600
Subject: [PATCH] Update user_edit.php (#3086)

---
 core/users/user_edit.php | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/core/users/user_edit.php b/core/users/user_edit.php
index 9a02117025..b441f012d0 100644
--- a/core/users/user_edit.php
+++ b/core/users/user_edit.php
@@ -584,11 +584,11 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 	echo "		<td width='30%' class='vncellreq' valign='top'>".$text['label-username']."</td>";
 	echo "		<td width='70%' class='vtable'>";
 	if (permission_exists("user_edit")) {
-		echo "		<input type='text' class='formfld' name='username' id='username' value='".$username."' required='required'>\n";
+		echo "		<input type='text' class='formfld' name='username' id='username' value='".escape($username)."' required='required'>\n";
 	}
 	else {
-		echo "		".$username."\n";
-		echo "		<input type='hidden' name='username' id='username' value='".$username."'>\n";
+		echo "		".escape($username)."\n";
+		echo "		<input type='hidden' name='username' id='username' value='".escape($username)."'>\n";
 	}
 	echo "		</td>";
 	echo "	</tr>";
@@ -626,7 +626,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 	unset($prep_statement, $result, $row);
 	foreach ($_SESSION['app']['languages'] as $code) {
 		$selected = ($code == $user_settings['domain']['language']['code']) ? "selected='selected'" : null;
-		echo "	<option value='".$code."' ".$selected.">".$language_codes[$code]." [".$code."]</option>\n";
+		echo "	<option value='".escape($code)."' ".escape($selected).">".escape($language_codes[$code])." [".escape($code)."]</option>\n";
 	}
 	echo "		</select>\n";
 	echo "		<br />\n";
@@ -655,10 +655,10 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 			echo "		<optgroup label='".$category."'>\n";
 		}
 		if ($row == $user_settings['domain']['time_zone']['name']) {
-			echo "			<option value='".$row."' selected='selected'>".$row."</option>\n";
+			echo "			<option value='".escape($row)."' selected='selected'>".escape($row)."</option>\n";
 		}
 		else {
-			echo "			<option value='".$row."'>".$row."</option>\n";
+			echo "			<option value='".escape($row)."'>".escape($row)."</option>\n";
 		}
 		$previous_category = $category;
 		$x++;
@@ -709,7 +709,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 				if ($row['contact_name_family'] != '') { $contact_name[] = $row['contact_name_family']; }
 				if ($row['contact_name_given'] != '') { $contact_name[] = $row['contact_name_given']; }
 				if ($row['contact_name_family'] == '' && $row['contact_name_family'] == '' && $row['contact_nickname'] != '') { $contact_name[] = $row['contact_nickname']; }
-				echo "<option value='".$row['contact_uuid']."' ".(($row['contact_uuid'] == $contact_uuid) ? "selected='selected'" : null).">".implode(', ', $contact_name)."</option>\n";
+				echo "<option value='".escape($row['contact_uuid'])."' ".(($row['contact_uuid'] == $contact_uuid) ? "selected='selected'" : null).">".implode(', ', escape($contact_name))."</option>\n";
 		}
 		unset($sql, $result, $row_count);
 		echo "</select>\n";
@@ -724,19 +724,19 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 	else if ($action == 'add' && permission_exists("user_add")) {
 		echo "	<tr>";
 		echo "		<td class='vncellreq'>".$text['label-email']."</td>";
-		echo "		<td class='vtable'><input type='text' class='formfld' name='user_email' value='".$user_email."'></td>";
+		echo "		<td class='vtable'><input type='text' class='formfld' name='user_email' value='".escape($user_email)."'></td>";
 		echo "	</tr>";
 		echo "	<tr>";
 		echo "		<td class='vncell'>".$text['label-first_name']."</td>";
-		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_name_given' value='".$contact_name_given."'></td>";
+		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_name_given' value='".escape($contact_name_given)."'></td>";
 		echo "	</tr>";
 		echo "	<tr>";
 		echo "		<td class='vncell'>".$text['label-last_name']."</td>";
-		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_name_family' value='".$contact_name_family."'></td>";
+		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_name_family' value='".escape($contact_name_family)."'></td>";
 		echo "	</tr>";
 		echo "	<tr>";
 		echo "		<td class='vncell'>".$text['label-company_name']."</td>";
-		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_organization' value='".$contact_organization."'></td>";
+		echo "		<td class='vtable'><input type='text' class='formfld' name='contact_organization' value='".escape($contact_organization)."'></td>";
 		echo "	</tr>";
 	}
 
@@ -778,7 +778,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 					if ($result_count > 1) {
 						if (permission_exists('group_member_delete') || if_group("superadmin")) {
 							echo "	<td class='list_control_icons' style='width: 25px;'>\n";
-							echo "		<a href='user_edit.php?id=".$user_uuid."&domain_uuid=".$domain_uuid."&group_uuid=".$field['group_uuid']."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>\n";
+							echo "		<a href='user_edit.php?id=".escape($user_uuid)."&domain_uuid=".escape($domain_uuid)."&group_uuid=".$field['group_uuid']."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">".escape($v_link_label_delete)."</a>\n";
 							echo "	</td>\n";
 						}
 					}
@@ -829,7 +829,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 			echo "<td class='vtable' align='left'>\n";
 			echo "    <select class='formfld' name='domain_uuid'>\n";
 			foreach ($_SESSION['domains'] as $row) {
-				echo "	<option value='".$row['domain_uuid']."' ".(($row['domain_uuid'] == $domain_uuid) ? "selected='selected'" : null).">".$row['domain_name']."</option>\n";
+				echo "	<option value='".escape($row['domain_uuid'])."' ".(($row['domain_uuid'] == $domain_uuid) ? "selected='selected'" : null).">".escape($row['domain_name'])."</option>\n";
 			}
 			echo "    </select>\n";
 			echo "<br />\n";
@@ -838,14 +838,14 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 			echo "</tr>\n";
 		}
 		else {
-			echo "<input type='hidden' name='domain_uuid' value='".$domain_uuid."'>";
+			echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>";
 		}
 
 		if (file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/api/app_config.php')) {
 			echo "	<tr>";
 			echo "		<td class='vncell' valign='top'>".$text['label-api_key']."</td>";
 			echo "		<td class='vtable'>\n";
-			echo "			<input type=\"text\" class='formfld' name=\"api_key\" id='api_key' value=\"".$api_key."\" >";
+			echo "			<input type=\"text\" class='formfld' name=\"api_key\" id='api_key' value=\"".escape($api_key)."\" >";
 			echo "			<input type='button' class='btn' value='".$text['button-generate']."' onclick=\"getElementById('api_key').value='".uuid()."';\">";
 			if (strlen($text['description-api_key']) > 0) {
 				echo "			<br />".$text['description-api_key']."<br />\n";
@@ -869,15 +869,15 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
 		echo "</tr>\n";
 	}
 	else {
-		echo "<input type='hidden' name='domain_uuid' value='".$domain_uuid."'>";
+		echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>";
 	}
 
 	echo "	<tr>";
 	echo "		<td colspan='2' align='right'>";
 	if ($action == 'edit') {
-		echo "		<input type='hidden' name='id' value=\"$user_uuid\">";
+		echo "		<input type='hidden' name='id' value=\"".escape($user_uuid)."\">";
 		if (permission_exists("user_edit")) {
-			echo "	<input type='hidden' name='username_old' value=\"$username\">";
+			echo "	<input type='hidden' name='username_old' value=\"".escape($username)."\">";
 		}
 	}
 	echo "			<br>";