Context Navigation

admin_list.ihtml

Timestamp:

Jun 24, 2006 11:02:54 PM (18 years ago)

Author:

scdev

Message:

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html

File:

r136	r185
1	1
2	2	<?php $fv->printErrorMessages(); ?>
3		<form action="<?php echo ~~$_SERVER['PHP_SELF']~~; ?>" method="post">
	3	<form action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>" method="post">
4	4	<?php $app->printHiddenSession(false); ?>
5	5	<div id="commandbox">

Note: See TracChangeset for help on using the changeset viewer.