[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: etemplate/inc class.uietemplate.inc.php,1.58,1.5
From: |
Ralf Becker <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: etemplate/inc class.uietemplate.inc.php,1.58,1.59 |
Date: |
Thu, 26 Jun 2003 15:16:14 -0400 |
Update of /cvsroot/phpgroupware/etemplate/inc
In directory subversions:/tmp/cvs-serv4274/etemplate/inc
Modified Files:
class.uietemplate.inc.php
Log Message:
some htmlentities against XSS
Index: class.uietemplate.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/etemplate/inc/class.uietemplate.inc.php,v
retrieving revision 1.58
retrieving revision 1.59
diff -C2 -r1.58 -r1.59
*** class.uietemplate.inc.php 27 Apr 2003 23:21:27 -0000 1.58
--- class.uietemplate.inc.php 26 Jun 2003 19:16:12 -0000 1.59
***************
*** 538,541 ****
--- 538,542 ----
list($style,$extra_link) =
explode(',',$cell['size']);
$value = strlen($value) > 1 &&
!$cell['no_lang'] ? lang($value) : $value;
+ $value = nl2br(htmlentities($value));
if ($value != '' && strstr($style,'b'))
$value = $this->html->bold($value);
if ($value != '' && strstr($style,'i'))
$value = $this->html->italic($value);
***************
*** 557,561 ****
if ($readonly)
{
! $html .=
$this->html->bold($value);
}
else
--- 558,562 ----
if ($readonly)
{
! $html .=
$this->html->bold(htmlentities($value));
}
else
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: etemplate/inc class.uietemplate.inc.php,1.58,1.59,
Ralf Becker <address@hidden> <=