extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-22 14:41:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

some htmlentities against XSS

Browse Source
This commit is contained in:
Ralf Becker 2003-06-26 19:16:12 +00:00
parent 0aa813b7bf
commit 17ea20cbcc
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etemplate/inc/class.uietemplate.inc.php
View File

@ -537,6 +537,7 @@
break;
list($style,$extra_link) = explode(',',$cell['size']);
$value = strlen($value) > 1 && !$cell['no_lang'] ? lang($value) : $value;
$value = nl2br(htmlentities($value));
if ($value != '' && strstr($style,'b')) $value = $this->html->bold($value);
if ($value != '' && strstr($style,'i')) $value = $this->html->italic($value);
$html .= $value;
@ -556,7 +557,7 @@
case 'text': // size: [length][,maxLength]
if ($readonly)
{
$html .= $this->html->bold($value);
$html .= $this->html->bold(htmlentities($value));
}
else
{