use new sanitizeHTML() function
This commit is contained in:
Bjoern Schiessle
parent
09d2f76727
commit
34739b7ec5
|
|
@ -7,7 +7,7 @@
|
||||||
* See the COPYING-README file.
|
* See the COPYING-README file.
|
||||||
*/
|
*/
|
||||||
?>
|
?>
|
||||||
<input type="hidden" id="bookmarkFilterTag" value="<?php if(isset($_GET['tag'])) echo htmlentities($_GET['tag'],ENT_COMPAT,'utf-8'); ?>" />
|
<input type="hidden" id="bookmarkFilterTag" value="<?php if(isset($_GET['tag'])) echo OCP\Util::sanitizeHTML($_GET['tag']); ?>" />
|
||||||
<div id="controls">
|
<div id="controls">
|
||||||
<input type="hidden" id="bookmark_add_id" value="0" />
|
<input type="hidden" id="bookmark_add_id" value="0" />
|
||||||
<input type="text" id="bookmark_add_url" placeholder="<?php echo $l->t('Address'); ?>" class="bookmarks_input" />
|
<input type="text" id="bookmark_add_url" placeholder="<?php echo $l->t('Address'); ?>" class="bookmarks_input" />
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@
|
||||||
<a href="<?php echo link_to('', 'index.php'); ?>" title="" id="owncloud"><img class="svg" src="<?php echo image_path('', 'logo-wide.svg'); ?>" alt="ownCloud" /></a>
|
<a href="<?php echo link_to('', 'index.php'); ?>" title="" id="owncloud"><img class="svg" src="<?php echo image_path('', 'logo-wide.svg'); ?>" alt="ownCloud" /></a>
|
||||||
<a class="header-right header-action" id="logout" href="<?php echo link_to('', 'index.php'); ?>?logout=true"><img class="svg" alt="<?php echo $l->t('Log out');?>" title="<?php echo $l->t('Log out');?>" src="<?php echo image_path('', 'actions/logout.svg'); ?>" /></a>
|
<a class="header-right header-action" id="logout" href="<?php echo link_to('', 'index.php'); ?>?logout=true"><img class="svg" alt="<?php echo $l->t('Log out');?>" title="<?php echo $l->t('Log out');?>" src="<?php echo image_path('', 'actions/logout.svg'); ?>" /></a>
|
||||||
<form class="searchbox header-right" action="#" method="post">
|
<form class="searchbox header-right" action="#" method="post">
|
||||||
<input id="searchbox" class="svg" type="search" name="query" value="<?php if(isset($_POST['query'])){echo htmlentities($_POST['query']);};?>" autocomplete="off" />
|
<input id="searchbox" class="svg" type="search" name="query" value="<?php if(isset($_POST['query'])){echo OC_Util::sanitizeHTML($_POST['query']);};?>" autocomplete="off" />
|
||||||
</form>
|
</form>
|
||||||
</div></header>
|
</div></header>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<p class="infield">
|
<p class="infield">
|
||||||
<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
|
<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
|
||||||
<input type="text" name="user" id="user" value="<?php echo !empty($_POST['user'])?htmlentities($_POST['user'],ENT_COMPAT,'utf-8').'"':'" autofocus'; ?> autocomplete="off" required />
|
<input type="text" name="user" id="user" value="<?php echo !empty($_POST['user'])?OC_Util::sanitizeHTML($_POST['user'],ENT_COMPAT,'utf-8').'"':'" autofocus'; ?> autocomplete="off" required />
|
||||||
</p>
|
</p>
|
||||||
<p class="infield">
|
<p class="infield">
|
||||||
<label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label>
|
<label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label>
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@ $error = "add user to";
|
||||||
$action = "add";
|
$action = "add";
|
||||||
|
|
||||||
$username = $_POST["username"];
|
$username = $_POST["username"];
|
||||||
$group = htmlentities($_POST["group"]);
|
$group = OC_Util::sanitizeHTML($_POST["group"]);
|
||||||
|
|
||||||
if(!OC_Group::groupExists($group)){
|
if(!OC_Group::groupExists($group)){
|
||||||
OC_Group::createGroup($group);
|
OC_Group::createGroup($group);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue