[Fusionforge-commits] r16163 - trunk/src/plugins/webanalytics/view/admin

Franck VILLAUME nerville at fusionforge.org
Sun Aug 26 10:45:13 CEST 2012


Author: nerville
Date: 2012-08-26 10:45:12 +0200 (Sun, 26 Aug 2012)
New Revision: 16163

Modified:
   trunk/src/plugins/webanalytics/view/admin/viewGlobalConfiguration.php
Log:
fix #494: Sanitize HTML in webanalytics plugin, patched applied

Modified: trunk/src/plugins/webanalytics/view/admin/viewGlobalConfiguration.php
===================================================================
--- trunk/src/plugins/webanalytics/view/admin/viewGlobalConfiguration.php	2012-08-26 08:42:23 UTC (rev 16162)
+++ trunk/src/plugins/webanalytics/view/admin/viewGlobalConfiguration.php	2012-08-26 08:45:12 UTC (rev 16163)
@@ -34,7 +34,7 @@
 	echo $HTML->listTableTop($tabletop, false, 'sortable_webanalytics_listlinks', 'sortable', $classth);
 	foreach ($linksArray as $link) {
 		echo '<tr>';
-		echo '<td>'.$link['name'].'</td>';
+		echo '<td>'.htmlentities($link['name']).'</td>';
 		echo '<td><code>'.$link['url'].'</code></td>';
 		if ($link['is_enable']) {
 			echo '<td>'.html_image('docman/validate.png', 22, 22, array('alt'=>_('link is on'), 'class'=>'tabtitle', 'title'=>_('link is on'))).'</td>';




More information about the Fusionforge-commits mailing list