global $wgOut;
if ('' == $this->mEmail) {
- $this->mainLoginForm( wfMsg( 'noemail', $this->mName ) );
+ $this->mainLoginForm( wfMsg( 'noemail', htmlspecialchars( $this->mName ) ) );
return;
}
$m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np );
$error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( 'passwordremindertitle' ), $m );
-
- return $error;
+
+ return htmlspecialchars( $error );
}
$mmp = wfMsg( 'mailmypassword' );
$endText = wfMsg( 'loginend' );
- if ( $endText = '<loginend>' ) {
+ if ( $endText == '<loginend>' ) {
$endText = '';
}