Title: SF.net SVN: mrbs:[2448] mrbsweb/trunk/inc/functions.inc.php
- Revision
- 2448
- Author
- jberanek
- Date
- 2012-10-01 20:52:55 +0000 (Mon, 01 Oct 2012)
Log Message
XSS fix, continued
Modified Paths
Diff
Modified: mrbsweb/trunk/inc/functions.inc.php (2447 => 2448)
--- mrbsweb/trunk/inc/functions.inc.php 2012-10-01 20:45:50 UTC (rev 2447)
+++ mrbsweb/trunk/inc/functions.inc.php 2012-10-01 20:52:55 UTC (rev 2448)
@@ -20,7 +20,7 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <title>MRBS: <?php echo(htmlspecialchars(($title ? $title : $section)) ?></title>
+ <title>MRBS: <?php echo(htmlspecialchars($title ? $title : $section)) ?></title>
<link rel="stylesheet" href="" type="text/css">
<!--[if lte IE 7]>
<link rel="stylesheet" href="" type="text/css">
@@ -46,7 +46,7 @@
<div id="title">
<a href="" src="" width="130" height="50" alt="logo"></a>
- <h1><?php echo(isset($title) ? $title : (isset($top_links[$section]['subtitle']) ? $top_links[$section]['subtitle'] : $section)) ?></h1>
+ <h1><?php echo(isset($title) ? htmlspecialchars($title) : (isset($top_links[$section]['subtitle']) ? $top_links[$section]['subtitle'] : htmlspecialchars($section))) ?></h1>
</div>
<div id="content">
------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
