external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

added strip_tags() and htmlspecialchars() to improve comments safety

Browse source
This commit is contained in:
pjmattal 2005-04-22 03:55:35 +00:00
parent 890e26ca23
commit 7246c45eb3
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
web/lib/pkgfuncs.inc
View file

@ -403,7 +403,7 @@ function package_details($id=0) {
print "</span>";
print "<tr><td class='boxSoft'>";
print "<code>\n";
print str_replace('"',"&quot;", stripslashes($carr["Comments"]));
print str_replace('"',"&quot;", htmlspecialchars(strip_tags(stripslashes($carr["Comments"]))));
print "</code>\n";
print "</td></tr>\n";
print "</table>\n";