From 66390acd89969402fb35ffd00235d573d96046ea Mon Sep 17 00:00:00 2001 From: donker Date: Tue, 5 Nov 2019 20:25:08 +0100 Subject: [PATCH] Improve input checking of sites --- DNN Platform/Library/Data/DataProvider.cs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/DNN Platform/Library/Data/DataProvider.cs b/DNN Platform/Library/Data/DataProvider.cs index ee4311e60ab..66676db22ae 100644 --- a/DNN Platform/Library/Data/DataProvider.cs +++ b/DNN Platform/Library/Data/DataProvider.cs @@ -517,7 +517,7 @@ public virtual int CreatePortal(string portalname, string currency, DateTime Exp { return CreatePortal( - portalname, + PortalSecurity.Instance.InputFilter(portalname, PortalSecurity.FilterFlag.NoMarkup), currency, ExpiryDate, HostFee, @@ -536,7 +536,7 @@ public virtual int CreatePortal(string portalname, string currency, DateTime Exp { return ExecuteScalar("AddPortalInfo", - portalname, + PortalSecurity.Instance.InputFilter(portalname, PortalSecurity.FilterFlag.NoMarkup), currency, GetNull(ExpiryDate), HostFee, @@ -653,14 +653,14 @@ public virtual void UpdatePortalInfo(int portalId, int portalGroupId, string por string processorPassword, string description, string keyWords, string backgroundFile, int siteLogHistory, int splashTabId, int homeTabId, int loginTabId, - int registerTabId, int userTabId, int searchTabId, int custom404TabId, int custom500TabId, + int registerTabId, int userTabId, int searchTabId, int custom404TabId, int custom500TabId, int termsTabId, int privacyTabId, string defaultLanguage, string homeDirectory, int lastModifiedByUserID, string cultureCode) { ExecuteNonQuery("UpdatePortalInfo", portalId, portalGroupId, - portalName, + PortalSecurity.Instance.InputFilter(portalName, PortalSecurity.FilterFlag.NoMarkup), GetNull(logoFile), GetNull(footerText), GetNull(expiryDate),