cacert/cacert-webdb
9
0
Fork 0
Code Issues Pull requests 3 Projects Releases 4 Wiki Activity

Improved XSS avoidance

Browse source
This commit is contained in:
root 2008-10-02 15:07:56 +00:00
parent 1f4895e143
commit 1023242325
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pages/account/25.php
View file

@ -37,13 +37,13 @@
$domcount = mysql_num_rows($r2); $domcount = mysql_num_rows($r2);
?> ?>
<tr> <tr>
<td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=($row['C'])?></td> <td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td>
<td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=$row['id']?>"><?=_("Domains")?> (<?=$domcount?>)</a></td> <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
<td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td> <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
<td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td> <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td>
<td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td> <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td>
<? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?> <? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
<td class="DataTD"><?=($row['comments'])?></td> <td class="DataTD"><?=sanitizeHTML($row['comments'])?></td>
<? } ?> <? } ?>
</tr> </tr>
<? } ?> <? } ?>