blob: 00b36f0522db5fdd57085e54c0b07199838e2ac7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
--- horde3-3.1.1.orig/templates/problem/problem.inc
+++ horde3-3.1.1/templates/problem/problem.inc
@@ -31,17 +31,17 @@
<tr>
<td class="light rightAlign"><?php echo _("Your Name") ?></td>
- <td><input type="text" tabindex="1" name="name" value="<?php echo $name ?>" size="70" /></td>
+ <td><input type="text" tabindex="1" name="name" value="<?php echo htmlspecialchars($name) ?>" size="70" /></td>
</tr>
<tr>
<td class="light rightAlign"><?php echo _("Your Email Address") ?></td>
- <td><input type="text" tabindex="2" name="email" value="<?php echo $email ?>" size="70" /></td>
+ <td><input type="text" tabindex="2" name="email" value="<?php echo htmlspecialchars($email) ?>" size="70" /></td>
</tr>
<tr>
<td class="light rightAlign"><?php echo _("Short Summary") ?></td>
- <td><input type="text" tabindex="3" name="subject" value="<?php echo $subject ?>" size="70" /></td>
+ <td><input type="text" tabindex="3" name="subject" value="<?php echo htmlspecialchars($subject) ?>" size="70" /></td>
</tr>
<tr>
@@ -49,7 +49,7 @@
</tr>
<tr>
<td></td>
- <td><textarea tabindex="4" name="message" rows="20" cols="80" wrap="hard"><?php echo $message ?></textarea></td>
+ <td><textarea tabindex="4" name="message" rows="20" cols="80" wrap="hard"><?php echo htmlspecialchars($message) ?></textarea></td>
</tr>
<tr>
--- horde3-3.1.1.orig/test.php
+++ horde3-3.1.1/test.php
@@ -250,12 +250,12 @@
exit;
case 'phpinfo':
- echo '<a href="' . $url . '?mode=test"><< Back to test.php</a>';
+ echo '<a href="' . htmlspecialchars($url) . '?mode=test"><< Back to test.php</a>';
phpinfo();
exit;
case 'filetest':
- echo '<a href="' . $url . '?mode=test"><< Back to test.php</a>';
+ echo '<a href="' . htmlspecialchars($url) . '?mode=test"><< Back to test.php</a>';
?>
<html>
<body bgcolor="white" text="black">
|
GitWeb
