dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
afb3984
)
Remove non-digit chars from isbn to prevent html insertion attacks
author
Brion Vibber
<brion@users.mediawiki.org>
Sat, 24 May 2003 21:07:31 +0000
(21:07 +0000)
committer
Brion Vibber
<brion@users.mediawiki.org>
Sat, 24 May 2003 21:07:31 +0000
(21:07 +0000)
includes/SpecialBooksources.php
patch
|
blob
|
history
diff --git
a/includes/SpecialBooksources.php
b/includes/SpecialBooksources.php
index
f0017f5
..
b1ae00f
100644
(file)
--- a/
includes/SpecialBooksources.php
+++ b/
includes/SpecialBooksources.php
@@
-5,7
+5,7
@@
function wfSpecialBooksources()
{
- $isbn =
$_REQUEST["isbn"]
;
+ $isbn =
preg_replace( '/[^0-9X]/', '', $_REQUEST["isbn"] )
;
$bsl = new BookSourceList( $isbn );
$bsl->show();