cacert/cacert-testmgr
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

bug 932: added escaping with htmlspecialchars function for user name

Browse source
This commit is contained in:
INOPIAE 2015-08-09 18:11:52 +02:00 committed by Benny Baumann
parent 51d8dffac8
commit 269829b175
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
manager/application/views/helpers/UserInfo.php
View file

@ -82,7 +82,7 @@ class Zend_View_Helper_UserInfo extends Zend_View_Helper_Placeholder_Container_S
$output .= $indent . "<div id=\"userinfo\">\n";
$output .= $indent . "\tUser: " . $this->items['authed_username'] . "<br>\n";
$output .= $indent . "\tName: " . $this->items['authed_fname'] . ' ' . $this->items['authed_lname'] . "<br>\n";
$output .= $indent . "\tName: " . htmlentities(strip_tags($this->items['authed_fname'] . ' ' . $this->items['authed_lname']), ENT_QUOTES, 'ISO-8859-1') . "<br>\n";
$output .= $indent . "\tRole: " . $this->items['authed_role'] . "<br>\n";
if ($this->items['authed_by_crt'] === true)
$output .= $indent . "\tLoginmethod: CRT<br>\n";