diff options
| author | sullrich <sullrich@pfsense.org> | 2009-11-27 19:39:47 -0500 |
|---|---|---|
| committer | sullrich <sullrich@pfsense.org> | 2009-11-27 19:40:06 -0500 |
| commit | d2aa8cd682a6db5a4d081ea39ff430df8715e9a0 (patch) | |
| tree | e02f54e391c3347163d55aedcfd2e18689968900 | |
| parent | 55c613269b23e74bd67119d9f24d4305354d8dff (diff) | |
| download | pfsense-d2aa8cd682a6db5a4d081ea39ff430df8715e9a0.zip pfsense-d2aa8cd682a6db5a4d081ea39ff430df8715e9a0.tar.gz | |
Escape ' Ticket #143
| -rw-r--r-- | etc/inc/auth.inc | 9 | ||||
| -rwxr-xr-x | usr/local/www/firewall_rules.php | 6 |
2 files changed, 7 insertions, 8 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 0b955b3..a395a91 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -849,11 +849,10 @@ function get_user_expiration_date($username) { function is_account_disabled($username) { global $config; - foreach($config['system']['user'] as $user) { - if(isset($user['disabled'])) { - return true; - } - } + foreach($config['system']['user'] as $user) + if($user == $username) + if(isset($user['disabled'])) + return true; return false; } diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 902dd26..bcfa435 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -414,7 +414,7 @@ echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript $a_schedules = &$config['schedules']['schedule']; $schedule_span_begin = ""; $schedule_span_end = ""; - $sched_caption = ""; + $sched_caption_escaped = ""; $sched_content = ""; $schedstatus = false; $dayArray = array ('Mon','Tues','Wed','Thur','Fri','Sat','Sun'); @@ -514,8 +514,8 @@ echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript $sched_content .= $dayFriendly . "; " . $timeFriendly . "<br>"; } } - $sched_caption = $schedule['descr']; - $schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$sched_caption</h1><p>$sched_content</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>"; + $sched_caption_escaped = str_replace("'", "\'", $schedule['descr']); + $schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>{$sched_caption_escaped}</h1><p>{$sched_content}</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>"; $schedule_span_end = "</U></span>"; } } |
