iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

form text fields now make htmlspecialchars

This commit is contained in:
Philip Häusler 2013-12-28 02:14:49 +01:00
parent c623a110ad
commit 8ce67793df
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
includes/pages/guest_login.php
View File

@ -48,7 +48,7 @@ function guest_register() {
}
} else {
$ok = false;
$msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), strip_request_item('nick')), true);
$msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true);
}
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {

2
includes/sys_template.php
View File

@ -113,7 +113,7 @@ function form_submit($name, $label) {
*/
function form_text($name, $label, $value, $disabled = false) {
$disabled = $disabled ? ' disabled="disabled"' : '';
return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name);
return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
}
/**