Index » yioop : Commitdiff ff994b
Summary | Shortlog | Commit | Commitdiff | Tree |

Fix XSS error version6, a=chris

Chris Pollett [2020-12-07 18:Dec:th]
Fix XSS error version6, a=chris
Filename
src/configs/Config.php
src/controllers/SearchController.php
src/library/IndexShard.php
 
diff --git a/src/configs/Config.php b/src/configs/Config.php
index 2f3e416a8..d0bbb5f79 100755
--- a/src/configs/Config.php
+++ b/src/configs/Config.php
@@ -442,7 +442,6 @@ if (file_exists(WORK_DIRECTORY . PROFILE_FILE_NAME)) {
     }
     /** @ignore */
     nsconddefine('PROFILE', false);
-    nsdefine('AUTHENTICATION_MODE', NORMAL_AUTHENTICATION);
     nsdefine('RECOVERY_MODE', EMAIL_RECOVERY);
     nsconddefine('DEBUG_LEVEL', NO_DEBUG_INFO);
     nsdefine('USE_FILECACHE', false);
@@ -516,6 +515,7 @@ if (file_exists(WORK_DIRECTORY . PROFILE_FILE_NAME)) {
     nsdefine('AD_LOCATION','none');
 }
 /** ignore */
+nsconddefine('AUTHENTICATION_MODE', NORMAL_AUTHENTICATION);
 nsconddefine('PRIVATE_DBMS', 'Sqlite3');
 nsconddefine('PRIVATE_DB_USER', '');
 nsconddefine('PRIVATE_DB_PASSWORD', '');
diff --git a/src/controllers/SearchController.php b/src/controllers/SearchController.php
index 75d0ed31e..99b15daaa 100755
--- a/src/controllers/SearchController.php
+++ b/src/controllers/SearchController.php
@@ -406,8 +406,8 @@ class SearchController extends Controller implements CrawlConstants
             list($query, $activity, $arg) = $this->extractActivityQuery();
         } else {
             $query = isset($_REQUEST['q']) ? $_REQUEST['q'] : "";
-            $query = $this->clean($query, "string");
         }
+        $query = $this->clean($query, "string");
         if (isset($_SESSION['OPEN_IN_TABS'])) {
             $data['OPEN_IN_TABS'] = $_SESSION['OPEN_IN_TABS'];
         } else {
diff --git a/src/library/IndexShard.php b/src/library/IndexShard.php
index eca590ee5..b4a865801 100644
--- a/src/library/IndexShard.php
+++ b/src/library/IndexShard.php
@@ -923,9 +923,9 @@ class IndexShard extends PersistentStructure implements CrawlConstants
      */
     public function computeProximity($position_list, $is_doc) {
         return (!$is_doc) ? floatval(C\LINK_WEIGHT):
-            (isset($position_list[0]) &&
+            ((isset($position_list[0]) &&
             $position_list[0] < C\AD_HOC_TITLE_LENGTH) ?
-            floatval(C\TITLE_WEIGHT) : floatval(C\DESCRIPTION_WEIGHT);
+            floatval(C\TITLE_WEIGHT) : floatval(C\DESCRIPTION_WEIGHT));
     }
     /**
      * Computes BM25F relevance and a score for the supplied item based
ViewGit