dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e75fda9)
fix xss attack
authorRiver Tarnell <kateturner@users.mediawiki.org>
Wed, 13 Oct 2004 21:38:50 +0000 (21:38 +0000)
committerRiver Tarnell <kateturner@users.mediawiki.org>
Wed, 13 Oct 2004 21:38:50 +0000 (21:38 +0000)
includes/SpecialMaintenance.php patch | blob | history

diff --git a/includes/SpecialMaintenance.php b/includes/SpecialMaintenance.php
index 3166c5a..85c1510 100644 (file)
--- a/includes/SpecialMaintenance.php
+++ b/includes/SpecialMaintenance.php
@@ -283,7 +283,8 @@ function wfSpecialMissingLanguageLinks() {
        $wgOut->addHTML( "<p>{$top}\n" );
 
        $sl = wfViewPrevNext( $offset, $limit, 'REPLACETHIS' ) ;
-       $sl = str_replace ( 'REPLACETHIS' , sns().":Maintenance&subfunction=missinglanguagelinks&thelang={$thelang}" , $sl ) ;
+       $sl = str_replace ( 'REPLACETHIS' , sns().":Maintenance&subfunction=missinglanguagelinks&thelang=".
+                                               htmlspecialchars($thelang), $sl ) ;
        $wgOut->addHTML( "<br>{$sl}\n" );
 
        $sk = $wgUser->getSkin();
Wiklou, le Wiki du Wiklou