kazhnuz/koblog
1
0
Fork 0
Code Issues 30 Pull requests Projects 3 Releases Packages Wiki Activity Actions

[FIX] XSS using htmlentities()

Browse source
This commit is contained in:
Michele Romano 2020-08-17 16:33:55 +02:00 committed by GitHub
parent 668c3a0335
commit f3b2ba0981
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
bl-kernel/admin/views/edit-category.php
View file

@ -31,7 +31,7 @@
echo Bootstrap::formInputText(array(
'name'=>'name',
'label'=>$L->g('Name'),
'value'=>$categoryMap['name'],
'value'=>htmlentities($categoryMap['name'], ENT_QUOTES, 'UTF-8'),
'class'=>'',
'placeholder'=>'',
'tip'=>''
@ -50,7 +50,7 @@
echo Bootstrap::formInputText(array(
'name'=>'template',
'label'=>$L->g('Template'),
'value'=>isset($categoryMap['template'])?$categoryMap['template']:'',
'value'=>isset($categoryMap['template'])?htmlentities($categoryMap['template'], ENT_QUOTES, 'UTF-8'):'',
'class'=>'',
'placeholder'=>'',
'tip'=>''
@ -89,4 +89,4 @@ $(document).ready(function() {
$("#jsform").submit();
});
});
</script>
</script>