Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Fix bugfix project issue #925. #15

Merged
merged 1 commit into from about 2 years ago

3 participants

Ángel Guzmán Maeso Abdulmajed Al-hejji Danny Terweij
Danny Terweij dterweij merged commit 6af1b2e into from
Danny Terweij dterweij closed this
Abdulmajed Al-hejji

if that the text contains the entrance "( ) or < >" a will be rejected the text for example, in stats page protection a password null be output display a empty.
In the temporary reform disable the code ~> //$this->checkForScript($variable->value);
Regards ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Showing 1 unique commit by 1 author.

Mar 03, 2012
Ángel Guzmán Maeso Fix bugfix project issue #925. No assume that checkForScript() return…
… some value. Only invoke for checking previously
9049f7c
This page is out of date. Refresh to see the latest.

Showing 1 changed file with 10 additions and 6 deletions. Show diff stats Hide diff stats

  1. 16  kloxo/httpdocs/htmllib/htmllib.php
16  kloxo/httpdocs/htmllib/htmllib.php
@@ -6704,7 +6704,8 @@ function print_multiselect($form, $variable, $rowuniqueid, $rowclass, $rowcount)
6704 6704
 		global $gbl, $sgbl, $login, $ghtml;
6705 6705
 
6706 6706
 		$_t_name = $this->getcgikey($variable->name);
6707  
-		$m_value = $this->checkForScript($this->$_t_name);
  6707
+		$this->checkForScript($this->$_t_name);
  6708
+		$m_value = $this->$_t_name;
6708 6709
 		$ts_name = "ts_$variable->name";
6709 6710
 		$ts_name2 = "ts_{$variable->name}2";
6710 6711
 		$size = $variable->count;
@@ -6996,13 +6997,15 @@ function print_modify($form, $variable, $rowuniqueid, $rowclass, $rowcount)
6996 6997
 
6997 6998
 
6998 6999
 		if ($variable->value != "") {
6999  
-			$m_value = $this->checkForScript($variable->value);
  7000
+			$this->checkForScript($variable->value);
  7001
+			$m_value = $variable->value;
7000 7002
 		} else {
7001 7003
 			if (trim($variable->texttype) != "password") {
7002 7004
 				$m_value = null;
7003 7005
 				$index = trim($variable->name);
7004 7006
 				if (isset($prevvar[$index])) {
7005  
-					$m_value = $this->checkForScript($prevvar[$index]);
  7007
+					$this->checkForScript($prevvar[$index]);
  7008
+					$m_value = $prevvar[$index];
7006 7009
 				}
7007 7010
 			}
7008 7011
 		}
@@ -7215,7 +7218,8 @@ function print_variable($block, $variable, $count)
7215 7218
 			case "checkbox":
7216 7219
 				$m_value = null;
7217 7220
 				if (isset($prevvar[trim($variable->name)])) {
7218  
-					$m_value = $this->checkForScript($prevvar[trim($variable->name)]);
  7221
+					$this->checkForScript($prevvar[trim($variable->name)]);
  7222
+					$m_value = $prevvar[trim($variable->name)];
7219 7223
 				}
7220 7224
 				$checkedvalue = trim($variable->checked);
7221 7225
 				$checkv = null;
@@ -7232,10 +7236,10 @@ function print_variable($block, $variable, $count)
7232 7236
 
7233 7237
 
7234 7238
 			case "select":
7235  
-				$m_value = "";
7236 7239
 				$m_value = null;
7237 7240
 				if (isset($prevvar[trim($variable->name)])) {
7238  
-					$m_value = $this->checkForScript($prevvar[trim($variable->name)]);
  7241
+					$this->checkForScript($prevvar[trim($variable->name)]);
  7242
+					$m_value = $prevvar[trim($variable->name)];
7239 7243
 				}
7240 7244
 				print("$variable_description <br> ");
7241 7245
 				$v = $variable->name;
Commit_comment_tip

Tip: You can add notes to lines in a file. Hover to the left of a line to make a note

Something went wrong with that request. Please try again.