source: trunk/services/templates/password.ihtml @ 195

Last change on this file since 195 was 185, checked in by scdev, 18 years ago

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html
File size: 1.2 KB
RevLine 
[1]1<?php $fv->printErrorMessages(); ?>
2
[185]3<form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>">
[136]4<?php $app->printHiddenSession() ?>
[20]5<input type="hidden" name="op" value="update_password" />
6<table>
[1]7    <tr>
[121]8        <td class="sc-right"><label for="oldpassword"<?php $fv->err('oldpassword', ' class="error"') ?>><?php echo _("Old password"); ?></label></td>
[22]9        <td>
[121]10            <input type="password" class="sc-medium" size="50" name="oldpassword" />
[20]11        </td>
[1]12    </tr>
13    <tr>
[121]14        <td class="sc-right"><label for="newpassword"<?php $fv->err('newpassword', ' class="error"') ?>><?php echo _("New password"); ?></label></td>
[22]15        <td>
[121]16            <input type="password" class="sc-medium" size="50" name="newpassword" />
[20]17        </td>
[1]18    </tr>
19    <tr>
[121]20        <td class="sc-right"><label for="newpassword2"<?php $fv->err('newpassword2', ' class="error"') ?>><?php echo _("New password again"); ?></label></td>
[22]21        <td>
[121]22            <input type="password" class="sc-medium" size="50" name="newpassword2" />
[20]23        </td>
[1]24    </tr>
25    <tr>
[20]26        <td>&nbsp;</td>
[22]27        <td><input type="submit" value="<?php echo _("Change password"); ?>" /></td>
[1]28    </tr>
29</table>
30</form>
Note: See TracBrowser for help on using the repository browser.