Skip to content
Permalink
Browse files Browse the repository at this point in the history
check cart page xss bug fix
  • Loading branch information
fancyecommerce committed May 26, 2020
1 parent 34bed95 commit 8fac645
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion app/appfront/theme/base/front/checkout/cart/index.php
Expand Up @@ -291,7 +291,7 @@
csrfVal = "<?= CRequest::getCsrfValue() ?>";
$(document).ready(function(){
// set select all checkbox
selectall = "<?= Yii::$app->request->get('selectall') ?>";
selectall = "<?= \Yii::$service->helper->htmlEncode(Yii::$app->request->get('selectall')) ?>";
selectAllChecked = false;
if (selectall == 1) {
selectAllChecked = true;
Expand Down
3 changes: 2 additions & 1 deletion app/apphtml5/theme/base/html5/checkout/cart/index.php
Expand Up @@ -172,7 +172,8 @@
csrfVal = "<?= CRequest::getCsrfValue() ?>";
$(document).ready(function(){
// set select all checkbox
selectall = "<?= Yii::$app->request->get('selectall') ?>";
// selectall = "<?= Yii::$app->request->get('selectall') ?>";
selectall = "<?= \Yii::$service->helper->htmlEncode(Yii::$app->request->get('selectall')) ?>";
selectAllChecked = false;
if (selectall == 1) {
selectAllChecked = true;
Expand Down

0 comments on commit 8fac645

Please sign in to comment.