diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2012-02-19 04:49:54 +0100 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2012-02-19 05:21:48 +0100 |
| commit | 19789c3f759f4162a2eaa4ccc0b6fe0df51957ca (patch) | |
| tree | 3d1dd05e7c975d7c166a50ed389838513ced0844 /web/template/footer.php | |
| parent | 6f6904db3fa4921abc92b936dbc50bfdea0cb225 (diff) | |
| download | aur-19789c3f759f4162a2eaa4ccc0b6fe0df51957ca.tar.gz aur-19789c3f759f4162a2eaa4ccc0b6fe0df51957ca.tar.xz | |
Escape all output strings in the header and footer
Escape each output string using htmlspecialchars(). These aren't
exploitable; it's still better to escape them properly.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/footer.php')
| -rw-r--r-- | web/template/footer.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/web/template/footer.php b/web/template/footer.php index 435de5c7..0948f686 100644 --- a/web/template/footer.php +++ b/web/template/footer.php @@ -2,7 +2,7 @@ <!-- End of main content --> <?php if ($ver) { - echo "<div class=\"pgbox version\">$ver</div>"; + echo "<div class=\"pgbox version\">" . htmlspecialchars($ver) . "</div>"; } ?> </body> |