Improved XSS avoidance

This commit is contained in:
root 2008-10-02 15:07:56 +00:00
parent 1f4895e143
commit 1023242325

View file

@ -37,13 +37,13 @@
$domcount = mysql_num_rows($r2);
?>
<tr>
<td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=($row['C'])?></td>
<td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=$row['id']?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
<td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td>
<td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
<td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
<td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td>
<td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td>
<? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
<td class="DataTD"><?=($row['comments'])?></td>
<td class="DataTD"><?=sanitizeHTML($row['comments'])?></td>
<? } ?>
</tr>
<? } ?>