From 91c25fd917c4bece3bc594f6ab2b75f986071e42 Mon Sep 17 00:00:00 2001
From: Pierre-Lin Bonnemaison <pierre.lin@free.fr>
Date: Mon, 17 Aug 2015 02:41:51 +0200
Subject: [PATCH] =?UTF-8?q?Fix=20de=20failles=20xss=20et=20limitation=20de?=
 =?UTF-8?q?s=20messages=20dans=20une=20discussion=20=C3=A0=2025?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 controllers/discussions.php    | 15 +++++++++------
 templates/discussions/show.php | 12 ++++++------
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/controllers/discussions.php b/controllers/discussions.php
index bba8d38..d1be75c 100755
--- a/controllers/discussions.php
+++ b/controllers/discussions.php
@@ -82,8 +82,8 @@
 			foreach ($sendeds as $sended)
 			{
 				$messages[] = array(
-					'date' => $sended['at'],
-					'text' => $sended['content'],
+					'date' => htmlspecialchars($sended['at']),
+					'text' => htmlspecialchars($sended['content']),
 					'type' => 'sended',
 				);
 			}
@@ -91,8 +91,8 @@
 			foreach ($receiveds as $received)
 			{
 				$messages[] = array(
-					'date' => $received['at'],
-					'text' => $received['content'],
+					'date' => htmlspecialchars($received['at']),
+					'text' => htmlspecialchars($received['content']),
 					'type' => 'received',
 				);
 			}
@@ -100,8 +100,8 @@
 			foreach ($scheduleds as $scheduled)
 			{
 				$messages[] = array(
-					'date' => $scheduled['at'],
-					'text' => $scheduled['content'],
+					'date' => htmlspecialchars($scheduled['at']),
+					'text' => htmlspecialchars($scheduled['content']),
 					'type' => 'inprogress',
 				);
 			}
@@ -111,6 +111,9 @@
 				return strtotime($a["date"]) - strtotime($b["date"]);
 			});
 
+			//On récupère uniquement les 25 derniers messages sur l'ensemble
+			$messages = array_slice($messages, -25);
+
 			echo json_encode(['transactionId' => $transactionId, 'messages' => $messages]);
 			return true;
 		}
diff --git a/templates/discussions/show.php b/templates/discussions/show.php
index 67ce0d0..519bf12 100755
--- a/templates/discussions/show.php
+++ b/templates/discussions/show.php
@@ -71,8 +71,8 @@
 							var texte = '' +
 							'<div class="clearfix message-container">' +
 								'<div class="discussion-message message-received">' +
-									'<div class="discussion-message-text">' + message.text.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
-									'<div class="discussion-message-date">' + message.date.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
+									'<div class="discussion-message-text">' + message.text + '</div>' +
+									'<div class="discussion-message-date">' + message.date + '</div>' +
 								'</div>' +
 							'</div>';
 							break;
@@ -80,8 +80,8 @@
 							var texte = '' +
 							'<div class="clearfix message-container">' +
 								'<div class="discussion-message message-sended">' +
-									'<div class="discussion-message-text">' + message.text.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
-									'<div class="discussion-message-date">' + message.date.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
+									'<div class="discussion-message-text">' + message.text + '</div>' +
+									'<div class="discussion-message-date">' + message.date + '</div>' +
 								'</div>' +
 							'</div>';
 							break;
@@ -90,8 +90,8 @@
 								'<div class="clearfix message-container">' +
 									'<div class="discussion-message message-sended">' +
 										'<div class="message-in-progress-hover"><i class="fa fa-spinner fa-spin"></i></div>' +
-										'<div class="discussion-message-text">' + message.text.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
-										'<div class="discussion-message-date">' + message.date.replace(/</g, "&lt;").replace(/>/g, "&gt;") + '</div>' +
+										'<div class="discussion-message-text">' + message.text + '</div>' +
+										'<div class="discussion-message-date">' + message.date + '</div>' +
 									'</div>' +
 								'</div>';
 							break;