Fixed XSS
This commit is contained in:
parent
a5744c30f7
commit
10e9d80f48
1 changed files with 2 additions and 2 deletions
|
@ -18,14 +18,14 @@
|
||||||
$row = mysql_fetch_assoc(mysql_query($query));
|
$row = mysql_fetch_assoc(mysql_query($query));
|
||||||
?>
|
?>
|
||||||
<form method="post" action="account.php">
|
<form method="post" action="account.php">
|
||||||
<input type="hidden" name="orgid" value="<?=$_REQUEST['orgid']?>">
|
<input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
|
||||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan="2" class="title"><? printf(_("New Admin for %s"), $row[O]); ?></td>
|
<td colspan="2" class="title"><? printf(_("New Admin for %s"), $row[O]); ?></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="DataTD"><?=_("Email")?>:</td>
|
<td class="DataTD"><?=_("Email")?>:</td>
|
||||||
<td class="DataTD"><input type="text" name="email" value="<?=$_SESSION['_config']['email']?>"></td>
|
<td class="DataTD"><input type="text" name="email" value="<?=sanitizeHTML($_SESSION['_config']['email'])?>"></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="DataTD"><?=_("Department")?>:</td>
|
<td class="DataTD"><?=_("Department")?>:</td>
|
||||||
|
|
Loading…
Reference in a new issue