SF.net SVN: postfixadmin:[1189] trunk/smarty.inc.php
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
SF.net SVN: postfixadmin:[1189] trunk/smarty.inc.php
|
From: <chr...@us...> - 2011-09-24 16:35:48
|
Revision: 1189
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1189&view=rev
Author: christian_boltz
Date: 2011-09-24 16:35:42 +0000 (Sat, 24 Sep 2011)
Log Message:
-----------
smarty.inc.php - select_options():
- escape $val with htmlentities() (function result will/must be used
unescaped later)
Modified Paths:
--------------
trunk/smarty.inc.php
Modified: trunk/smarty.inc.php
===================================================================
--- trunk/smarty.inc.php 2011-09-24 11:49:14 UTC (rev 1188)
+++ trunk/smarty.inc.php 2011-09-24 16:35:42 UTC (rev 1189)
@@ -69,10 +69,10 @@
function select_options($aValues, $aSelected) {
$ret_val = '';
foreach ($aValues as $val) {
- $ret_val .= '<option value="'.$val.'"';
+ $ret_val .= '<option value="'.htmlentities($val).'"';
if (in_array ($val, $aSelected))
$ret_val .= ' selected="selected"';
- $ret_val .= '>'.$val.'</option>';
+ $ret_val .= '>'.htmlentities($val).'</option>';
}
return $ret_val;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|