[Fusionforge-commits] r10434 - trunk/src/www/themes/gforge-simple-theme

Alain Peyrat aljeux at libremir.placard.fr.eu.org
Wed Sep 8 20:23:12 CEST 2010


Author: aljeux
Date: 2010-09-08 20:23:12 +0200 (Wed, 08 Sep 2010)
New Revision: 10434

Modified:
   trunk/src/www/themes/gforge-simple-theme/Theme.class.php
Log:
Protect words used in query.

Modified: trunk/src/www/themes/gforge-simple-theme/Theme.class.php
===================================================================
--- trunk/src/www/themes/gforge-simple-theme/Theme.class.php	2010-09-08 18:23:07 UTC (rev 10433)
+++ trunk/src/www/themes/gforge-simple-theme/Theme.class.php	2010-09-08 18:23:12 UTC (rev 10434)
@@ -616,11 +616,8 @@
 function searchBox() {
 	global $words,$forum_id,$group_id,$group_project_id,$atid,$exact,$type_of_search;
 
-	if(get_magic_quotes_gpc()) {
-		$defaultWords = stripslashes($words);
-	} else {
-		$defaultWords = $words;
-	}
+	//Fix CVE-2007-0176
+	$defaultWords = htmlspecialchars($words);
 
 	// if there is no search currently, set the default
 	if ( ! isset($type_of_search) ) {




More information about the Fusionforge-commits mailing list