Changeset:
047424009efa
https://sourceforge.net/p/mrbs/hg-code/ci/047424009efa15294a68b77f0bd6868a4da649a7
Author:
Campbell Morrison <[email protected]>
Date:
Thu Oct 06 23:13:01 2016 +0100
Log message:
Added escaping of HTML output
diffstat:
web/functions_error.inc | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (23 lines):
diff -r 4eadba1977a4 -r 047424009efa web/functions_error.inc
--- a/web/functions_error.inc Thu Oct 06 22:56:08 2016 +0100
+++ b/web/functions_error.inc Thu Oct 06 23:13:01 2016 +0100
@@ -49,8 +49,8 @@
if (ini_get('display_errors'))
{
- echo "<b>" . to_html($heading) . "</b>\n";
- echo to_html($body);
+ echo "<b>" . to_html(htmlspecialchars($heading)) . "</b>\n";
+ echo to_html(htmlspecialchars($body));
}
if (ini_get('log_errors'))
{
@@ -102,7 +102,7 @@
function fatal_error($message)
{
print_simple_header();
- echo "<p>$message</p>";
+ echo "<p>\n". htmlspecialchars($message) . "</p>\n";
output_trailer();
exit;
}
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
