mirror of
https://github.com/phpbb/phpbb.git
synced 2025-05-07 16:15:22 +02:00
fix the html issue...
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5369 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
parent
8c5431cc68
commit
90a093fc5f
phpBB
@ -75,7 +75,8 @@ p,ul,td {font-size:10pt;}
|
||||
<li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
|
||||
<li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
|
||||
<li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
|
||||
<li>[Sec] fixed XSS issue in IE within the url bbcode</li>
|
||||
<li>[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode</li>
|
||||
<li>[Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled</li>
|
||||
</ul>
|
||||
|
||||
|
||||
|
@ -25,8 +25,8 @@ if (!defined('IN_PHPBB'))
|
||||
die('Hacking attempt');
|
||||
}
|
||||
|
||||
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
|
||||
$html_entities_replace = array('&', '<', '>');
|
||||
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
|
||||
$html_entities_replace = array('&', '<', '>', '"');
|
||||
|
||||
$unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
|
||||
$unhtml_specialchars_replace = array('>', '<', '"', '&');
|
||||
|
Loading…
x
Reference in New Issue
Block a user