[37825] trunk/www/ports.php
ryandesign at macports.org
ryandesign at macports.org
Tue Jun 24 16:40:10 PDT 2008
Revision: 37825
http://trac.macosforge.org/projects/macports/changeset/37825
Author: ryandesign at macports.org
Date: 2008-06-24 16:40:10 -0700 (Tue, 24 Jun 2008)
Log Message:
-----------
ports.php: add some forgotten escaping
Modified Paths:
--------------
trunk/www/ports.php
Modified: trunk/www/ports.php
===================================================================
--- trunk/www/ports.php 2008-06-24 23:33:22 UTC (rev 37824)
+++ trunk/www/ports.php 2008-06-24 23:40:10 UTC (rev 37825)
@@ -139,7 +139,7 @@
if ($i == $page) {
$pagecontrol .= "<b>$i</b>";
} else {
- $pagecontrol .= "<a href=\"$_SERVER[PHP_SELF]?by=$by&substr=$substr&page=$i&pagesize=$pagesize\">$i</a>";
+ $pagecontrol .= "<a href=\"$_SERVER[PHP_SELF]?by=$by&substr=" . htmlspecialchars($substr) . "&page=$i&pagesize=$pagesize\">$i</a>";
}
}
$pagecontrol .= "</p>";
@@ -164,7 +164,7 @@
$row = mysql_fetch_assoc($result), $i++) {
/* Port name and Portfile URL */
- print "<dt><b><a href=\"${trac_url}browser/trunk/dports/$row[path]/Portfile\">" . htmlspecialchars($row['name'])
+ print "<dt><b><a href=\"${trac_url}browser/trunk/dports/" . urlencode($row['path']) . "/Portfile\">" . htmlspecialchars($row['name'])
. '</a></b> ' . htmlspecialchars($row['version']) . '</dt>';
print '<dd>';
@@ -181,7 +181,7 @@
while ($nrow = mysql_fetch_row($nresult)) {
if ($primary) { print ' <b>'; }
else { print ' '; }
- print obfuscate_email($nrow[0]);;
+ print htmlspecialchars(obfuscate_email($nrow[0]));
if ($primary) { print '</b>'; }
$primary = 0;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20080624/4405ff43/attachment.htm
More information about the macports-changes
mailing list