dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c733ea5
)
Escape input on a few error messages
author
Brion Vibber
<brion@users.mediawiki.org>
Thu, 14 Oct 2004 05:14:45 +0000
(
05:14
+0000)
committer
Brion Vibber
<brion@users.mediawiki.org>
Thu, 14 Oct 2004 05:14:45 +0000
(
05:14
+0000)
includes/SpecialUserlogin.php
patch
|
blob
|
history
diff --git
a/includes/SpecialUserlogin.php
b/includes/SpecialUserlogin.php
index
d2085de
..
89eedcb
100644
(file)
--- a/
includes/SpecialUserlogin.php
+++ b/
includes/SpecialUserlogin.php
@@
-87,7
+87,7
@@
class LoginForm {
global $wgOut;
if ('' == $this->mEmail) {
global $wgOut;
if ('' == $this->mEmail) {
- $this->mainLoginForm( wfMsg( 'noemail',
$this->mName
) );
+ $this->mainLoginForm( wfMsg( 'noemail',
htmlspecialchars( $this->mName )
) );
return;
}
return;
}
@@
-313,8
+313,8
@@
class LoginForm {
$m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np );
$error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( 'passwordremindertitle' ), $m );
$m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np );
$error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( 'passwordremindertitle' ), $m );
-
- return
$error
;
+
+ return
htmlspecialchars( $error )
;
}
}
@@
-371,7
+371,7
@@
class LoginForm {
$mmp = wfMsg( 'mailmypassword' );
$endText = wfMsg( 'loginend' );
$mmp = wfMsg( 'mailmypassword' );
$endText = wfMsg( 'loginend' );
- if ( $endText = '<loginend>' ) {
+ if ( $endText =
=
'<loginend>' ) {
$endText = '';
}
$endText = '';
}