From 2c142c506c7c7eccc0723b52848923a91a384f69 Mon Sep 17 00:00:00 2001
From: Sarjuuk <junkdump@gmx.net>
Date: Thu, 13 Apr 2023 15:18:23 +0200
Subject: [PATCH] Search/Forms (#383)  * do not prefil search form with
 unchecked user input  * thx @Endalaust

---
 includes/types/quest.class.php | 2 +-
 includes/utilities.php         | 2 +-
 pages/search.php               | 2 +-
 template/bricks/head.tpl.php   | 2 +-
 template/bricks/header.tpl.php | 4 ++--
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/includes/types/quest.class.php b/includes/types/quest.class.php
index 1b6e6d90..47d53cf3 100644
--- a/includes/types/quest.class.php
+++ b/includes/types/quest.class.php
@@ -313,7 +313,7 @@ class QuestList extends BaseType
         if (!$this->curTpl)
             return null;
 
-        $title = htmlentities($this->getField('name', true));
+        $title = Util::htmlEscape($this->getField('name', true));
         $level = $this->curTpl['level'];
         if ($level < 0)
             $level = 0;
diff --git a/includes/utilities.php b/includes/utilities.php
index ab43276c..d07cd7a3 100644
--- a/includes/utilities.php
+++ b/includes/utilities.php
@@ -786,7 +786,7 @@ abstract class Util
             return $data;
         }
 
-        return htmlspecialchars($data, ENT_QUOTES, 'utf-8');
+        return htmlspecialchars($data, ENT_QUOTES | ENT_DISALLOWED | ENT_HTML5, 'utf-8');
     }
 
     public static function jsEscape($data)
diff --git a/pages/search.php b/pages/search.php
index 111d7001..0a520fff 100644
--- a/pages/search.php
+++ b/pages/search.php
@@ -198,7 +198,7 @@ class SearchPage extends GenericPage
 
     protected function generateTitle()
     {
-        array_unshift($this->title, $this->search, Lang::main('search'));
+        array_unshift($this->title, Util::htmlEscape($this->search), Lang::main('search'));
     }
 
     protected function generatePath() { }
diff --git a/template/bricks/head.tpl.php b/template/bricks/head.tpl.php
index 1b7efcec..d0086c1a 100644
--- a/template/bricks/head.tpl.php
+++ b/template/bricks/head.tpl.php
@@ -1,4 +1,4 @@
-    <title><?=htmlentities(implode(' - ', $this->title)); ?></title>
+    <title><?=Util::htmlEscape(implode(' - ', $this->title)); ?></title>
     <meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <link rel="SHORTCUT ICON" href="<?=STATIC_URL; ?>/images/logos/favicon.ico" />
diff --git a/template/bricks/header.tpl.php b/template/bricks/header.tpl.php
index 1c91a72e..67bc9450 100644
--- a/template/bricks/header.tpl.php
+++ b/template/bricks/header.tpl.php
@@ -19,14 +19,14 @@
     <div class="header" id="header">
         <div id="header-logo">
             <a class="header-logo" href="."></a>
-            <h1><?=htmlentities($this->name); ?></h1>
+            <h1><?=Util::htmlEscape($this->name); ?></h1>
         </div>
     </div>
     <div id="wrapper" class="wrapper">
         <div class="toplinks linklist"><?php $this->brick('headerMenu'); ?></div>
         <div class="toptabs" id="toptabs"></div>
         <div class="topbar" id="topbar">
-            <div class="topbar-search"><form action="."><a href="javascript:;"></a><input name="search" size="35" id="livesearch-generic" value="<?=(isset($this->search) ? $this->search : ''); ?>" /></form></div>
+            <div class="topbar-search"><form action="."><a href="javascript:;"></a><input name="search" size="35" id="livesearch-generic" value="<?=Util::htmlEscape($this->search ?? ''); ?>" /></form></div>
             <div class="topbar-browse" id="topbar-browse"></div>
             <div class="topbar-buttons" id="topbar-buttons"></div>
         </div>