Dotclear


Ignore:
Timestamp:
09/02/15 09:01:58 (10 years ago)
Author:
Dsls
Branch:
2.8
Children:
3088:5e6b3da2b372, 3095:7b52a5c13c7e
Message:

Fixed admin pager parameters escaping.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • inc/admin/lib.pager.php

    r3048 r3087  
    5252               if (is_array($v)) { 
    5353                    foreach ($v as $k2=>$v2) { 
    54                          $this->form_hidden .= form::hidden(array($k.'[]'),$v2); 
     54                         $this->form_hidden .= form::hidden(array($k.'[]'),html::escapeHTML($v2)); 
    5555                    } 
    5656               } else { 
    57                     $this->form_hidden .= form::hidden(array($k),$v); 
     57                    $this->form_hidden .= form::hidden(array($k),html::escapeHTML($v)); 
    5858               } 
    5959          } 
Note: See TracChangeset for help on using the changeset viewer.

Sites map