UserSpice 4.2 Bugs and security

[SavageStyle]

Here is few bugs I have found so far, may be I will remember some more that I patched for myself, so here is what i've found:

found bugs:

1) http://localhost/usercontrol/users/admin_user.php?id=2
not using global settings for name length

Code:

line 57, 58

should be changed to
<pre>

Code:

'min' => $settings->min_un,
'max' => $settings->max_un

</pre>



2)

Code:

function display_errors($errors = array())

- helpers.php - remove

Code:

echo "<br>"

- that br resulting content to slip below on every page that function called

3) http://localhost/usercontrol/users/admin...ssions.php

Code:

line 97,98

- dublicate of
<pre>

Code:

$errors = [];
$successes = [];

</pre>


that decleared above - that 2 lines should be removed, preventing any message to appear

4) http://localhost/usercontrol/users/admin...ssions.php

Code:

line 65

- echoing error to nowere, appearing above in black ugly block

Code:

echo "Permission Updated";

should be

Code:

$successes[] = 'TEXT';

5) http://localhost/usercontrol/users/profile.php?id=0
giving wrong id, resulting in banch of errors

Security issues:
1) http://localhost/usercontrol/users/admin.php
2 forms have no csrf protection - adding session token will solve that (i am using both session and per-request tokens)

2) http://localhost/usercontrol/users/admin...n.php?id=1

Code:

line 28

, value of

Code:

$_GET

is not sanitized

3) user name validation - user can create crazy names like <script>lala - should not allow that

That may be not bugs but logic flaws:
1) http://localhost/usercontrol/users/joinThankYou.php - should redirect if logged in?
2) http://localhost/usercontrol/users/join.php - should redirect if logged in?
3) http://localhost/usercontrol/users/login.php - should redirect if logged in?
4) http://localhost/usercontrol/users/maintenance.php - should redirect if no maintenance?