leftypol
/
leftypol
4
5
Fork 2
Code Issues 55 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

XSS/bug with last commit to utf8tohtml().

pull/40/head
Savetheinternet 13 years ago
parent
f6f1ecd2df
commit
4a03c4c3cd
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      inc/functions.php

2
inc/functions.php
View File

@ -1339,7 +1339,7 @@
}
function utf8tohtml($utf8) {
return mb_encode_numericentity($utf8, Array(0xff, 0xffff, 0, 0xffff), 'UTF-8');
return mb_encode_numericentity(htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'), Array(0xff, 0xffff, 0, 0xffff), 'UTF-8');
}
function buildThread($id, $return=false, $mod=false) {

Write Preview
Loading…
Cancel
Save