* (bug 6061) Improper escaping in some html forms

author Niklas Laxström <nikerabbit@users.mediawiki.org>

Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)

committer Niklas Laxström <nikerabbit@users.mediawiki.org>

Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)
author Niklas Laxström <nikerabbit@users.mediawiki.org>
Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)
committer Niklas Laxström <nikerabbit@users.mediawiki.org>
Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES

index 1c2f26f..25049f1 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -325,6 +325,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
  * (bug 6051) Improvement to German localisation (de)
  * (bug 6054) Update to Indonesian localisation (id) #16
  * Add {{CURRENTTIMESTAMP}} magic word
+* (bug 6061) Improper escaping in some html forms
  
  == Compatibility ==
  
diff --git a/includes/SpecialImport.php b/includes/SpecialImport.php

index 57a0ec7..5622e02 100644 (file)
--- a/includes/SpecialImport.php
+++ b/includes/SpecialImport.php
@@ -82,7 +82,7 @@ function wfSpecialImport( $page = '' ) {
                 <input type='hidden' name='source' value='upload' />
                 <input type='hidden' name='MAX_FILE_SIZE' value='2000000' />
                 <input type='file' name='xmlimport' value='' size='30' />
-               <input type='submit' value='" . wfMsgHtml( "uploadbtn" ) . "'/>
+               <input type='submit' value=\"" . wfMsgHtml( "uploadbtn" ) . "\" />
         </form>
  </fieldset>
  " );
diff --git a/includes/SpecialUpload.php b/includes/SpecialUpload.php

index 7d260b6..84b732f 100644 (file)
--- a/includes/SpecialUpload.php
+++ b/includes/SpecialUpload.php
@@ -554,13 +554,13 @@ class UploadForm {
                 <tr>
                         <tr>
                                 <td align='right'>
-                                       <input tabindex='2' type='submit' name='wpUpload' value='$save' />
+                                       <input tabindex='2' type='submit' name='wpUpload' value=\"$save\" />
                                 </td>
                                 <td align='left'>$iw</td>
                         </tr>
                         <tr>
                                 <td align='right'>
-                                       <input tabindex='2' type='submit' name='wpReUpload' value='{$reupload}' />
+                                       <input tabindex='2' type='submit' name='wpReUpload' value=\"{$reupload}\" />
                                 </td>
                                 <td align='left'>$reup</td>
                         </tr>
author	Niklas Laxström <nikerabbit@users.mediawiki.org>
	Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)
committer	Niklas Laxström <nikerabbit@users.mediawiki.org>
	Wed, 24 May 2006 19:04:23 +0000 (19:04 +0000)
RELEASE-NOTES		patch \| blob \| history
includes/SpecialImport.php		patch \| blob \| history
includes/SpecialUpload.php		patch \| blob \| history