Ignore:
Timestamp:
Jun 24, 2006 11:02:54 PM (18 years ago)
Author:
scdev
Message:

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Navigation.inc.php

    r184 r185  
    1818    // Configuration parameters for this object.
    1919    var $_params = array(       
    20         'html_title' = true,
    21         'body_title' = true,
     20        'head_title' => true,
     21        'body_title' => true,
    2222        'title' => true,
    2323        'path' => true,
     
    5858        $page = array(
    5959            'title' => $title,
    60             'url' => is_null($url) ? $_SERVER['PHP_SELF'] : $url;
     60            'url' => is_null($url) ? $_SERVER['PHP_SELF'] : $url,
    6161        );
    6262        $this->pages[] = array_merge($page, $vars);
Note: See TracChangeset for help on using the changeset viewer.