WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fixed XSS

This commit is contained in:
Roland Gruber 2012-03-03 19:19:55 +00:00
parent 207e7a443f
commit e2a912583d
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lam/templates/3rdParty/pla/htdocs/export.php vendored
View File

@ -29,12 +29,12 @@ if ($request['file']) {
header('Content-type: application/download');
header(sprintf('Content-Disposition: inline; filename="%s.%s"','export',$types['extension'].($request['export']->isCompressed() ? '.gz' : '')));
$request['export']->export();
echo $request['export']->export();
die();
} else {
print '<span style="font-size: 14px; font-family: courier;"><pre>';
$request['export']->export();
echo htmlspecialchars($request['export']->export());
print '</pre></span>';
}
?>

16
lam/templates/3rdParty/pla/lib/export_functions.php vendored
View File

@ -318,9 +318,9 @@ class ExportCSV extends Export {
}
if ($this->compress)
echo gzencode($output);
return gzencode($output);
else
echo $output;
return $output;
}
/**
@ -422,9 +422,9 @@ class ExportDSML extends Export {
$output .= sprintf('</dsml>%s',$this->br);
if ($this->compress)
echo gzencode($output);
return gzencode($output);
else
echo $output;
return $output;
}
}
@ -500,9 +500,9 @@ class ExportLDIF extends Export {
}
if ($this->compress)
echo gzencode($output);
return gzencode($output);
else
echo $output;
return $output;
}
/**
@ -627,9 +627,9 @@ class ExportVCARD extends Export {
}
if ($this->compress)
echo gzencode($output);
return gzencode($output);
else
echo $output;
return $output;
}
}
?>