deon/phpldapadmin
1
0
Fork 0
Code Issues 36 Pull Requests Packages Projects Releases Wiki Activity

SF Bug #3477910 - XSS vulnerability in query

Browse Source
This commit is contained in:
Deon George 2012-01-24 12:37:28 +11:00
parent dece0f496f
commit 7dc8d57d69
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/QueryRender.php
View File

@ -497,7 +497,7 @@ class QueryRender extends PageRender {
$this->getAjaxRef($base), $this->getAjaxRef($base),
$this->getAjaxRef($base), $this->getAjaxRef($base),
($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'), ($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'),
$base); htmlspecialchars($base));
} }
echo '</tr>'; echo '</tr>';
echo '</table>'; echo '</table>';
@ -545,7 +545,7 @@ class QueryRender extends PageRender {
echo ' ]</small>'; echo ' ]</small>';
echo '<br />'; echo '<br />';
printf('<small>%s: <b>%s</b></small>',_('Base DN'),$base); printf('<small>%s: <b>%s</b></small>',_('Base DN'),htmlspecialchars($base));
echo '<br />'; echo '<br />';
printf('<small>%s: <b>%s</b></small>',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter'])); printf('<small>%s: <b>%s</b></small>',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter']));