kazhnuz/koblog
1
0
Fork 0
Code Issues 30 Pull requests Projects 3 Releases Packages Wiki Activity Actions

Merge pull request #1 from Mik317/master

Browse source 
[FIX] XSS using htmlentities()
This commit is contained in:
Jamie Slome 2020-08-20 13:20:28 +01:00 committed by GitHub
commit 916f7b7a16
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
bl-kernel/admin/views/edit-category.php
View file

@ -31,7 +31,7 @@
echo Bootstrap::formInputText(array(
'name'=>'name',
'label'=>$L->g('Name'),
'value'=>$categoryMap['name'],
'value'=>htmlentities($categoryMap['name'], ENT_QUOTES, 'UTF-8'),
'class'=>'',
'placeholder'=>'',
'tip'=>''
@ -50,7 +50,7 @@
echo Bootstrap::formInputText(array(
'name'=>'template',
'label'=>$L->g('Template'),
'value'=>isset($categoryMap['template'])?$categoryMap['template']:'',
'value'=>isset($categoryMap['template'])?htmlentities($categoryMap['template'], ENT_QUOTES, 'UTF-8'):'',
'class'=>'',
'placeholder'=>'',
'tip'=>''
@ -89,4 +89,4 @@ $(document).ready(function() {
$("#jsform").submit();
});
});
</script>
</script>