fixed XSS
This commit is contained in:
parent
e2a912583d
commit
84dfcb203f
|
@ -34,7 +34,7 @@ if ($request['attribute']->isReadOnly())
|
||||||
# Render the form
|
# Render the form
|
||||||
if (! strcasecmp($request['attr'],'objectclass') || get_request('meth','REQUEST') != 'ajax') {
|
if (! strcasecmp($request['attr'],'objectclass') || get_request('meth','REQUEST') != 'ajax') {
|
||||||
# Render the form.
|
# Render the form.
|
||||||
$request['page']->drawTitle(sprintf(_('Add new <b>%s</b> value to <b>%s</b>'),$request['attr'],get_rdn($request['dn'])));
|
$request['page']->drawTitle(sprintf(_('Add new <b>%s</b> value to <b>%s</b>'), htmlspecialchars($request['attr']),htmlspecialchars(get_rdn($request['dn']))));
|
||||||
$request['page']->drawSubTitle();
|
$request['page']->drawSubTitle();
|
||||||
|
|
||||||
if (! strcasecmp($request['attr'],'objectclass')) {
|
if (! strcasecmp($request['attr'],'objectclass')) {
|
||||||
|
|
Loading…
Reference in New Issue