Changeset 3649:3b0b868d58b0 for admin/user.php
- Timestamp:
- 01/12/18 07:57:00 (5 years ago)
- Branch:
- default
- Children:
- 3650:11cb6291eea7, 3651:6980a7a06518
- File:
-
- 1 edited
-
admin/user.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
admin/user.php
r3639 r3649 80 80 $cur->user_id = $_POST['user_id']; 81 81 $cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0; 82 $cur->user_name = $user_name = $_POST['user_name'];83 $cur->user_firstname = $user_firstname = $_POST['user_firstname'];84 $cur->user_displayname = $user_displayname = $_POST['user_displayname'];85 $cur->user_email = $user_email = $_POST['user_email'];86 $cur->user_url = $user_url = $_POST['user_url'];87 $cur->user_lang = $user_lang = $_POST['user_lang'];88 $cur->user_tz = $user_tz = $_POST['user_tz'];89 $cur->user_post_status = $user_post_status = $_POST['user_post_status'];82 $cur->user_name = $user_name = html::escapeHTML($_POST['user_name']); 83 $cur->user_firstname = $user_firstname = html::escapeHTML($_POST['user_firstname']); 84 $cur->user_displayname = $user_displayname = html::escapeHTML($_POST['user_displayname']); 85 $cur->user_email = $user_email = html::escapeHTML($_POST['user_email']); 86 $cur->user_url = $user_url = html::escapeHTML($_POST['user_url']); 87 $cur->user_lang = $user_lang = html::escapeHTML($_POST['user_lang']); 88 $cur->user_tz = $user_tz = html::escapeHTML($_POST['user_tz']); 89 $cur->user_post_status = $user_post_status = html::escapeHTML($_POST['user_post_status']); 90 90 91 91 if ($user_id && $cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) { … … 105 105 } 106 106 107 $user_options['post_format'] = $_POST['user_post_format'];107 $user_options['post_format'] = html::escapeHTML($_POST['user_post_format']); 108 108 $user_options['edit_size'] = (integer) $_POST['user_edit_size']; 109 109
Note: See TracChangeset
for help on using the changeset viewer.