FluxBB.org

Changeset 733

Show
Ignore:
Timestamp:
11/27/08 01:48:36 (6 weeks ago)
Author:
Jamie
Message:

Fixed an XSS vulnerability, reported by Patrick.

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • fluxbb/branches/fluxbb-1.3-dev/upload/moderate.php

    r732 r733  
    15981598 
    15991599                        $forum_page['rep_item']['info']['lastpost'] = '<li class="info-data"><span class="label">'.$lang_forum['Last post label'].'<span>'.$lang_forum['Info separator'].'</span></span> <strong>'.$lang_forum['No information'].'</strong></li>'; 
    1600                         $forum_page['rep_item']['info']['select'] = '<li class="info-select"><input id="fld'.++$forum_page['fld_count'].'" type="checkbox" name="topics[]" value="'.$cur_topic['id'].'" /> <label for="fld'.$forum_page['fld_count'].'">'.sprintf($lang_forum['Select topic'], $cur_topic['subject']).'</label></li>'; 
     1600                        $forum_page['rep_item']['info']['select'] = '<li class="info-select"><input id="fld'.++$forum_page['fld_count'].'" type="checkbox" name="topics[]" value="'.$cur_topic['id'].'" /> <label for="fld'.$forum_page['fld_count'].'">'.sprintf($lang_forum['Select topic'], forum_htmlencode($cur_topic['subject'])).'</label></li>'; 
    16011601 
    16021602                        ($hook = get_hook('mr_topic_actions_moved_row_pre_output')) ? (defined('FORUM_USE_INCLUDE') ? include $hook : eval($hook)) : null; 
     
    16621662 
    16631663                        $forum_page['rep_item']['info']['lastpost'] = '<li class="info-data"><span class="label">'.$lang_forum['Last post label'].'<span>'.$lang_forum['Info separator'].'</span></span> <strong><a href="'.forum_link($forum_url['post'], $cur_topic['last_post_id']).'">'.format_time($cur_topic['last_post']).'</a></strong> <cite>'.sprintf($lang_forum['by poster'], forum_htmlencode($cur_topic['last_poster'])).'</cite></li>'; 
    1664                         $forum_page['rep_item']['info']['select'] = '<li class="info-select"><input id="fld'.++$forum_page['fld_count'].'" type="checkbox" name="topics[]" value="'.$cur_topic['id'].'" /> <label for="fld'.$forum_page['fld_count'].'">'.sprintf($lang_forum['Select topic'], $cur_topic['subject']).'</label></li>'; 
     1664                        $forum_page['rep_item']['info']['select'] = '<li class="info-select"><input id="fld'.++$forum_page['fld_count'].'" type="checkbox" name="topics[]" value="'.$cur_topic['id'].'" /> <label for="fld'.$forum_page['fld_count'].'">'.sprintf($lang_forum['Select topic'], forum_htmlencode($cur_topic['subject'])).'</label></li>'; 
    16651665                } 
    16661666