Changeset 185 for trunk/lib/Lock.inc.php


Ignore:
Timestamp:
Jun 24, 2006 11:02:54 PM (18 years ago)
Author:
scdev
Message:

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Lock.inc.php

    r149 r185  
    365365
    366366        ?>
    367         <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
     367        <form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>">
    368368        <?php $app->printHiddenSession() ?>
    369369        <input type="hidden" name="lock_id" value="<?php echo $this->getID(); ?>" />
Note: See TracChangeset for help on using the changeset viewer.