dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
40c3bca
)
Fix cross site scripting bug
author
Jens Frank
<jeluf@users.mediawiki.org>
Wed, 13 Oct 2004 21:07:08 +0000
(21:07 +0000)
committer
Jens Frank
<jeluf@users.mediawiki.org>
Wed, 13 Oct 2004 21:07:08 +0000
(21:07 +0000)
includes/SpecialEmailuser.php
patch
|
blob
|
history
diff --git
a/includes/SpecialEmailuser.php
b/includes/SpecialEmailuser.php
index
9661a1c
..
35d3cce
100644
(file)
--- a/
includes/SpecialEmailuser.php
+++ b/
includes/SpecialEmailuser.php
@@
-114,9
+114,8
@@
class EmailUserForm {
</tr><tr>
<td align=right>{$emm}:</td>
<td align=left>
-<textarea name=\"wpText\" rows=10 cols=60 wrap=virtual>
-{$this->text}
-</textarea>
+<textarea name=\"wpText\" rows=10 cols=60 wrap=virtual>" . htmlspecialchars( $this->text ) .
+"</textarea>
</td></tr><tr>
<td> </td><td align=left>
<input type=submit name=\"wpSend\" value=\"{$ems}\">