[imc-sf-coders] CVS update of
sf-active/sf-active/shared/classes/pages (file_viewer.inc)
matt toups
mtoups at codecoop.org
Tue Dec 27 15:49:19 PST 2005
Date: Wednesday, December 28, 2005 @ 00:49:19
Author: mtoups
Path: /cvsroot/sf-active/sf-active/sf-active/shared/classes/pages
Modified: file_viewer.inc
fix alster's code injection bug the right way this time
-matt
Index: sf-active/sf-active/shared/classes/pages/file_viewer.inc
diff -u sf-active/sf-active/shared/classes/pages/file_viewer.inc:1.4 sf-active/sf-active/shared/classes/pages/file_viewer.inc:1.5
--- sf-active/sf-active/shared/classes/pages/file_viewer.inc:1.4 Sat Dec 25 20:44:34 2004
+++ sf-active/sf-active/shared/classes/pages/file_viewer.inc Wed Dec 28 00:49:19 2005
@@ -43,7 +43,7 @@
if ($lf){
$fsize=filesize($fullfilename);
while (!feof ($lf)) {
- $nextline=fgets($lf,400);
+ $nextline=htmlspecialchars(fgets($lf,400));
if (strlen($str1)<1 || strpos($nextline, $str1)>-1){
if (strlen($str2)<1 || strpos($nextline, $str2)>-1){
$contents.= $nextline;
More information about the imc-sf-coders
mailing list