source: branches/1.1dev/templates/login_form.ihtml

Last change on this file was 185, checked in by scdev, 18 years ago

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html
File size: 887 bytes
Line 
1<form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>">
2<?php printHiddenSession() ?>
3<table border="0" cellspacing="0" cellpadding="4">
4    <tr>
5        <td class="formlabel" align="right" valign="top"><?php echo _("Username"); ?></td>
6        <td valign="top"><input type="text" class="forminputtext" size="25" name="username" value="<?php echo oTxt($frm['username']); ?>"></td>
7    </tr>
8    <tr>
9        <td class="formlabel" align="right" valign="top"><?php echo _("Password"); ?></td>
10        <td valign="top"><input type="password" class="forminputtext" size="25" name="password" value="<?php echo oTxt($frm['password']); ?>"></td>
11    </tr>
12    <tr>
13        <td class="formlabel" align="right" valign="top">&nbsp;</td>
14        <td valign="top"><br /><input type="submit" class="formsubmitbutton" value="<?php echo _("Login"); ?>"></td>
15    </tr>
16</table>
17</form>
Note: See TracBrowser for help on using the repository browser.