Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Fix bugfix project issue #925. #15

Merged
merged 1 commit into from

3 participants

Ángel Guzmán Maeso Abdulmajed Alhejji Danny Terweij
Danny Terweij dterweij was assigned
Danny Terweij dterweij merged commit 6af1b2e into from
Abdulmajed Alhejji

if that the text contains the entrance "( ) or < >" a will be rejected the text for example, in stats page protection a password null be output display a empty.
In the temporary reform disable the code ~> //$this->checkForScript($variable->value);
Regards ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 3, 2012
  1. Ángel Guzmán Maeso

    Fix bugfix project issue #925. No assume that checkForScript() return…

    shakaran authored
    … some value. Only invoke for checking previously
This page is out of date. Refresh to see the latest.
Showing with 10 additions and 6 deletions.
  1. +10 −6 kloxo/httpdocs/htmllib/htmllib.php
16 kloxo/httpdocs/htmllib/htmllib.php
View
@@ -6704,7 +6704,8 @@ function print_multiselect($form, $variable, $rowuniqueid, $rowclass, $rowcount)
global $gbl, $sgbl, $login, $ghtml;
$_t_name = $this->getcgikey($variable->name);
- $m_value = $this->checkForScript($this->$_t_name);
+ $this->checkForScript($this->$_t_name);
+ $m_value = $this->$_t_name;
$ts_name = "ts_$variable->name";
$ts_name2 = "ts_{$variable->name}2";
$size = $variable->count;
@@ -6996,13 +6997,15 @@ function print_modify($form, $variable, $rowuniqueid, $rowclass, $rowcount)
if ($variable->value != "") {
- $m_value = $this->checkForScript($variable->value);
+ $this->checkForScript($variable->value);
+ $m_value = $variable->value;
} else {
if (trim($variable->texttype) != "password") {
$m_value = null;
$index = trim($variable->name);
if (isset($prevvar[$index])) {
- $m_value = $this->checkForScript($prevvar[$index]);
+ $this->checkForScript($prevvar[$index]);
+ $m_value = $prevvar[$index];
}
}
}
@@ -7215,7 +7218,8 @@ function print_variable($block, $variable, $count)
case "checkbox":
$m_value = null;
if (isset($prevvar[trim($variable->name)])) {
- $m_value = $this->checkForScript($prevvar[trim($variable->name)]);
+ $this->checkForScript($prevvar[trim($variable->name)]);
+ $m_value = $prevvar[trim($variable->name)];
}
$checkedvalue = trim($variable->checked);
$checkv = null;
@@ -7232,10 +7236,10 @@ function print_variable($block, $variable, $count)
case "select":
- $m_value = "";
$m_value = null;
if (isset($prevvar[trim($variable->name)])) {
- $m_value = $this->checkForScript($prevvar[trim($variable->name)]);
+ $this->checkForScript($prevvar[trim($variable->name)]);
+ $m_value = $prevvar[trim($variable->name)];
}
print("$variable_description <br> ");
$v = $variable->name;
Something went wrong with that request. Please try again.