[geeklog-cvs] Geeklog-1.x/public_html users.php,1.161,1.162
Dirk Haun
dhaun at qs1489.pair.com
Sat Feb 16 16:24:30 EST 2008
Update of /cvsroot/geeklog/Geeklog-1.x/public_html
In directory qs1489.pair.com:/tmp/cvs-serv20255/public_html
Modified Files:
users.php
Log Message:
Threw in a few htmlspecialchars() calls
Index: users.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/users.php,v
retrieving revision 1.161
retrieving revision 1.162
diff -C2 -d -r1.161 -r1.162
*** users.php 20 Jan 2008 10:20:23 -0000 1.161
--- users.php 16 Feb 2008 21:24:28 -0000 1.162
***************
*** 103,107 ****
}
! $display_name = COM_getDisplayName ($user, $A['username'], $A['fullname']);
$retval .= COM_siteHeader ('menu', $LANG04[1] . ' ' . $display_name);
--- 103,108 ----
}
! $display_name = htmlspecialchars(COM_getDisplayName($user, $A['username'],
! $A['fullname']));
$retval .= COM_siteHeader ('menu', $LANG04[1] . ' ' . $display_name);
***************
*** 118,122 ****
'row' => 'commentrow.thtml',
'strow' => 'storyrow.thtml'));
! $user_templates->set_var ( 'xhtml', XHTML );
$user_templates->set_var ('site_url', $_CONF['site_url']);
$user_templates->set_var ('start_block_userprofile',
--- 119,123 ----
'row' => 'commentrow.thtml',
'strow' => 'storyrow.thtml'));
! $user_templates->set_var ('xhtml', XHTML);
$user_templates->set_var ('site_url', $_CONF['site_url']);
$user_templates->set_var ('start_block_userprofile',
***************
*** 137,140 ****
--- 138,143 ----
$fullname = $A['fullname'];
}
+ $username = htmlspecialchars($username);
+ $fullname = htmlspecialchars($fullname);
if ($A['status'] == USER_ACCOUNT_DISABLED) {
More information about the geeklog-cvs
mailing list