Changeset 934

Show
Ignore:
Timestamp:
04/09/07 14:16:42 (1 year ago)
Author:
Rickard
Message:

Fixed XSS vulnerability when deleting a category (admin only).

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/upload/admin_categories.php

    r158 r934  
    119119                                                <legend>Confirm delete category</legend> 
    120120                                                <div class="infldset"> 
    121                                                         <p>Are you sure that you want to delete the category "<?php echo $cat_name ?>"?</p> 
     121                                                        <p>Are you sure that you want to delete the category "<?php echo pun_htmlspecialchars($cat_name) ?>"?</p> 
    122122                                                        <p>WARNING! Deleting a category will delete all forums and posts (if any) in that category!</p> 
    123123                                                </div>