mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

Updates for potential XSS vuln ... someone please verify and get back to me

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4706 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2003-12-30 14:17:49 +00:00
parent f51bf61478
commit ad06356c5f
2 changed files with 4 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
phpBB/groupcp.php
View File

@@ -137,6 +137,7 @@ else
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
@@ -590,7 +591,7 @@ else if ( $group_id )
$sql_in = '';
for($i = 0; $i < count($members); $i++)
{
$sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . $members[$i];
$sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
}
if ( isset($HTTP_POST_VARS['approve']) )