Changeset 763 for trunk/lib/App.inc.php
- Timestamp:
- Feb 24, 2022 10:05:48 PM (2 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r762 r763 1335 1335 foreach ($val as $subval) { 1336 1336 if ('' != $key && '' != $subval) { 1337 $out .= sprintf('<input type="hidden" name="%s[]" value="%s" />', $key, $subval);1337 $out .= sprintf('<input type="hidden" name="%s[]" value="%s" />', oTxt($key), oTxt($subval)); 1338 1338 } 1339 1339 } 1340 1340 } else if ('' != $key && '' != $val) { 1341 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', $key, $val);1341 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt($key), oTxt($val)); 1342 1342 } 1343 1343 } … … 1355 1355 && $this->getParam('session_use_trans_sid') 1356 1356 ) { 1357 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', session_name(), session_id());1357 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt(session_name()), oTxt(session_id())); 1358 1358 } 1359 1359 … … 1361 1361 // This token can be validated upon form submission with $app->verifyCSRFToken() or $app->requireValidCSRFToken() 1362 1362 if ($this->getParam('csrf_token_enabled') && $include_csrf_token) { 1363 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', $this->getParam('csrf_token_name'), $this->getCSRFToken());1363 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt($this->getParam('csrf_token_name')), oTxt($this->getCSRFToken())); 1364 1364 } 1365 1365 … … 1530 1530 } else { 1531 1531 // Fallback: die using meta refresh instead. 1532 printf('<meta http-equiv="refresh" content="0;url=%s" />', $url);1532 printf('<meta http-equiv="refresh" content="0;url=%s" />', oTxt($url)); 1533 1533 $this->logMsg(sprintf('dieURL (refresh): %s; headers already sent (output started in %s : %s)', $url, $h_file, $h_line), LOG_NOTICE, __FILE__, __LINE__); 1534 1534 }
Note: See TracChangeset
for help on using the changeset viewer.