1 |
dani |
1.1 |
diff -Nur phpki/phpki-0.82/include/common.php phpki_bz10626/phpki-0.82/include/common.php |
2 |
|
|
--- phpki/phpki-0.82/include/common.php 2018-10-08 09:20:21.526025640 +0200 |
3 |
|
|
+++ phpki_bz10626/phpki-0.82/include/common.php 2018-10-08 09:22:31.486656132 +0200 |
4 |
|
|
@@ -7,8 +7,7 @@ |
5 |
|
|
else |
6 |
|
|
$PHPki_user = md5('default'); |
7 |
|
|
|
8 |
|
|
-$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF']; |
9 |
|
|
- |
10 |
|
|
+$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8"); |
11 |
|
|
|
12 |
|
|
function printHeader($withmenu="default") { |
13 |
|
|
global $config; |
14 |
|
|
diff -Nur phpki/phpki-0.82/include/my_functions.php phpki_bz10626/phpki-0.82/include/my_functions.php |
15 |
|
|
--- phpki/phpki-0.82/include/my_functions.php 2018-10-08 09:20:21.576025882 +0200 |
16 |
|
|
+++ phpki_bz10626/phpki-0.82/include/my_functions.php 2018-10-08 09:22:39.688695907 +0200 |
17 |
|
|
@@ -1,6 +1,6 @@ |
18 |
|
|
<?php |
19 |
|
|
|
20 |
|
|
-$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF']; |
21 |
|
|
+$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8"); |
22 |
|
|
|
23 |
|
|
# |
24 |
|
|
# Returns TRUE if browser is Internet Explorer. |