From: Aaron Schulz <aaron@users.mediawiki.org>
Date: Thu, 19 Feb 2009 19:08:22 +0000 (+0000)
Subject: escape $wgScript here
X-Git-Tag: 1.31.0-rc.0~42787
X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/password.php?a=commitdiff_plain;h=8d158c05bb97920c45f1e72b915aa1c0d0dc758c;p=lhc%2Fweb%2Fwiklou.git

escape $wgScript here
---

diff --git a/includes/specials/SpecialListUserRestrictions.php b/includes/specials/SpecialListUserRestrictions.php
index 27b2429822..98e7111f1f 100644
--- a/includes/specials/SpecialListUserRestrictions.php
+++ b/includes/specials/SpecialListUserRestrictions.php
@@ -24,9 +24,10 @@ function wfSpecialListUserRestrictions() {
 class SpecialListUserRestrictionsForm {
 	public function getHTML() {
 		global $wgRequest, $wgScript, $wgTitle;
+		$action = htmlspecialchars( $wgScript );
 		$s = '';
 		$s .= Xml::fieldset( wfMsg( 'listuserrestrictions-legend' ) );
-		$s .= "<form action=\"{$wgScript}\">";
+		$s .= "<form action=\"{$action}\">";
 		$s .= Xml::hidden( 'title', $wgTitle->getPrefixedDbKey() );
 		$s .= Xml::label( wfMsgHtml( 'listuserrestrictions-type' ), 'type' ) . '&nbsp;' .
 			self::typeSelector( 'type', $wgRequest->getVal( 'type' ), 'type' );
diff --git a/includes/specials/SpecialRestrictUser.php b/includes/specials/SpecialRestrictUser.php
index 761e0cd6e1..b946cde83e 100644
--- a/includes/specials/SpecialRestrictUser.php
+++ b/includes/specials/SpecialRestrictUser.php
@@ -37,7 +37,8 @@ function wfSpecialRestrictUser( $par = null ) {
 class RestrictUserForm {
 	public static function selectUserForm( $val = null, $error = null ) {
 		global $wgScript, $wgTitle;
-		$s  = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$wgScript}\">";
+		$action = htmlspecialchars( $wgScript );
+		$s  = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$action}\">";
 		if( $error )
 			$s .= '<p>' . $error . '</p>';
 		$s .= Xml::hidden( 'title', $wgTitle->getPrefixedDbKey() );