gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 21:51:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- some more xss prevention

Browse Source
This commit is contained in:
steinm 2012-10-05 19:56:37 +00:00
parent b882d38dfb
commit e217b456fb
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
out/out.UsrMgr.php
View File

@ -187,7 +187,7 @@ UI::contentContainerStart();
if ($usr->isGuest()) continue; if ($usr->isGuest()) continue;
print "<li class=\"cbSelectItem\"><input id='revUsr".$usr->getID()."' type='checkbox' name='usrReviewers[]' value='". $usr->getID() ."'>".$usr->getLogin(); print "<li class=\"cbSelectItem\"><input id='revUsr".$usr->getID()."' type='checkbox' name='usrReviewers[]' value='". $usr->getID() ."'>".htmlspecialchars($usr->getLogin());
} }
?> ?>
</ul> </ul>
@ -217,7 +217,7 @@ UI::contentContainerStart();
if ($usr->isGuest()) continue; if ($usr->isGuest()) continue;
print "<li class=\"cbSelectItem\"><input id='appUsr".$usr->getID()."' type='checkbox' name='usrApprovers[]' value='". $usr->getID() ."'>".$usr->getLogin(); print "<li class=\"cbSelectItem\"><input id='appUsr".$usr->getID()."' type='checkbox' name='usrApprovers[]' value='". $usr->getID() ."'>".htmlspecialchars($usr->getLogin());
} }
?> ?>
</ul> </ul>
@ -249,7 +249,7 @@ UI::contentContainerStart();
print "<td id=\"keywords".$currUser->getID()."\" style=\"display : none;\">"; print "<td id=\"keywords".$currUser->getID()."\" style=\"display : none;\">";
UI::contentSubHeading(getMLText("user")." : ".$currUser->getLogin()); UI::contentSubHeading(getMLText("user")." : ".htmlspecialchars($currUser->getLogin()));
?> ?>
<a class="standardText" href="../out/out.RemoveUser.php?userid=<?php print $currUser->getID();?>"><img src="images/del.gif" width="15" height="15" border="0" align="absmiddle" alt=""> <?php printMLText("rm_user");?></a> <a class="standardText" href="../out/out.RemoveUser.php?userid=<?php print $currUser->getID();?>"><img src="images/del.gif" width="15" height="15" border="0" align="absmiddle" alt=""> <?php printMLText("rm_user");?></a>
@ -263,7 +263,7 @@ UI::contentContainerStart();
<table> <table>
<tr> <tr>
<td><?php printMLText("user_login");?>:</td> <td><?php printMLText("user_login");?>:</td>
<td><input name="login" value="<?php print $currUser->getLogin();?>"></td> <td><input name="login" value="<?php print htmlspecialchars($currUser->getLogin());?>"></td>
</tr> </tr>
<tr> <tr>
<td><?php printMLText("password");?>:</td> <td><?php printMLText("password");?>:</td>
@ -347,7 +347,7 @@ UI::contentContainerStart();
$checked=false; $checked=false;
foreach ($res as $r) if ($r['reviewerUserID']==$usr->getID()) $checked=true; foreach ($res as $r) if ($r['reviewerUserID']==$usr->getID()) $checked=true;
print "<li class=\"cbSelectItem\"><input id='revUsr".$usr->getID()."' type='checkbox' ".($checked?"checked='checked' ":"")."name='usrReviewers[]' value='". $usr->getID() ."'>".$usr->getLogin()."</li>\n"; print "<li class=\"cbSelectItem\"><input id='revUsr".$usr->getID()."' type='checkbox' ".($checked?"checked='checked' ":"")."name='usrReviewers[]' value='". $usr->getID() ."'>".htmlspecialchars($usr->getLogin())."</li>\n";
} }
?> ?>
</ul> </ul>
@ -387,7 +387,7 @@ UI::contentContainerStart();
$checked=false; $checked=false;
foreach ($res as $r) if ($r['approverUserID']==$usr->getID()) $checked=true; foreach ($res as $r) if ($r['approverUserID']==$usr->getID()) $checked=true;
print "<li class=\"cbSelectItem\"><input id='appUsr".$usr->getID()."' type='checkbox' ".($checked?"checked='checked' ":"")."name='usrApprovers[]' value='". $usr->getID() ."'>".$usr->getLogin()."</li>\n"; print "<li class=\"cbSelectItem\"><input id='appUsr".$usr->getID()."' type='checkbox' ".($checked?"checked='checked' ":"")."name='usrApprovers[]' value='". $usr->getID() ."'>".htmlspecialchars($usr->getLogin())."</li>\n";
} }
?> ?>
</ul> </ul>