From cc6a1195b323e66b1b453f29b8121d8fe28ec347 Mon Sep 17 00:00:00 2001
From: Julian Prieber <julian.prieber@gmail.com>
Date: Mon, 5 Feb 2024 19:03:49 +0100
Subject: [PATCH] Sanitize text fields

---
 app/Functions/functions.php             | 12 ++++++++++++
 app/Http/Controllers/UserController.php | 13 +++++++++++--
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/app/Functions/functions.php b/app/Functions/functions.php
index 0a76d83..a5cdc7c 100644
--- a/app/Functions/functions.php
+++ b/app/Functions/functions.php
@@ -138,4 +138,16 @@ function footer($key)
         $title = env('TITLE_FOOTER_'.$upperStr);
     }
     return $title;
+}
+
+function strip_tags_except_allowed_protocols($str) {
+    preg_match_all('/<a[^>]+>(.*?)<\/a>/i', $str, $matches, PREG_SET_ORDER);
+
+    foreach ($matches as $val) {
+        if (!preg_match('/href=["\'](http:|https:|mailto:|tel:)[^"\']*["\']/', $val[0])) {
+            $str = str_replace($val[0], $val[1], $str);
+        }
+    }
+
+    return $str;
 }
\ No newline at end of file
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index f714378..2fbfd0d 100755
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -264,9 +264,13 @@ class UserController extends Controller
                         'button_id' => "42",
                     ]);
                 }elseif($linkType->typename == "text"){
+                    $sanitizedText = $request->text;
+                    $sanitizedText = strip_tags($sanitizedText, '<a><p><strong><i><ul><ol><li><blockquote><h2><h3><h4>');
+                    $sanitizedText = preg_replace("/<a([^>]*)>/i", "<a $1 rel=\"noopener noreferrer nofollow\">", $sanitizedText);
+                    $sanitizedText = strip_tags_except_allowed_protocols($sanitizedText);
                     $OrigLink->update([
                         'button_id' => "93",
-                        'title' => $request->text,
+                        'title' => $sanitizedText,
                     ]);
                 }elseif($linkType->typename == "email"){
                     $LinkURL = "mailto:".$LinkURL;
@@ -387,8 +391,12 @@ class UserController extends Controller
             }elseif($linkType->typename == "heading"){
                 $links->button_id = "42";
             }elseif($linkType->typename == "text"){
+                $sanitizedText = $request->text;
+                $sanitizedText = strip_tags($sanitizedText, '<a><p><strong><i><ul><ol><li><blockquote><h2><h3><h4>');
+                $sanitizedText = preg_replace("/<a([^>]*)>/i", "<a $1 rel=\"noopener noreferrer nofollow\">", $sanitizedText);
+                $sanitizedText = strip_tags_except_allowed_protocols($sanitizedText);
                 $links->button_id = "93";
-                $links->title = $request->text;
+                $links->title = $sanitizedText;
             }elseif($linkType->typename == "email"){
                 $links->link = "mailto:".$links->link;
                 $links->button_id = $button?->id;
@@ -789,6 +797,7 @@ class UserController extends Controller
         $pageName = $request->littlelink_name;
         $pageDescription = strip_tags($request->pageDescription, '<a><p><strong><i><ul><ol><li><blockquote><h2><h3><h4>');
         $pageDescription = preg_replace("/<a([^>]*)>/i", "<a $1 rel=\"noopener noreferrer nofollow\">", $pageDescription);
+        $pageDescription = strip_tags_except_allowed_protocols($pageDescription);
         $name = $request->name;
         $checkmark = $request->checkmark;
         $sharebtn = $request->sharebtn;