TPS
/
ORIENT
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape output to minimize potential XSS opportunities (#3916) 

Credit to @nathan-van-der-werf.
This commit is contained in:
Nathan van der Werf 2018-11-13 22:51:31 +01:00 committed by Luke Towers
parent 7c919e01bc
commit 8ae863f5e7
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/system/controllers/updates/_plugin_form.htm
View File

@ -6,7 +6,7 @@
<div class="modal-body">
<?php if ($this->fatalError): ?>
<p class="flash-message static error"><?= $fatalError ?></p>
<p class="flash-message static error"><?= e($fatalError) ?></p>
<?php endif ?>
<div class="form-group">
@ -16,7 +16,7 @@
type="text"
class="form-control"
id="pluginCode"
value="<?= post('code') ?>" />
value="<?= e(post('code')) ?>" />
<p class="help-block"><?= e(trans('system::lang.plugin.name.help')) ?></p>
</div>

2
modules/system/controllers/updates/_project_form.htm
View File

@ -6,7 +6,7 @@
<div class="modal-body">
<?php if ($this->fatalError): ?>
<p class="flash-message static error"><?= $fatalError ?></p>
<p class="flash-message static error"><?= e($fatalError) ?></p>
<?php endif ?>
<div class="form-group">

4
modules/system/controllers/updates/_theme_form.htm
View File

@ -6,7 +6,7 @@
<div class="modal-body">
<?php if ($this->fatalError): ?>
<p class="flash-message static error"><?= $fatalError ?></p>
<p class="flash-message static error"><?= e($fatalError) ?></p>
<?php endif ?>
<div class="form-group">
@ -16,7 +16,7 @@
type="text"
class="form-control"
id="themeCode"
value="<?= post('code') ?>" />
value="<?= e(post('code')) ?>" />
<p class="help-block"><?= e(trans('system::lang.theme.name.help')) ?></p>
</div>