diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:13 -0500 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:20 -0500 |
| commit | dd5bf424c155922b065b45e64733bdf8de620c0f (patch) | |
| tree | 1b22756ce120544141edc9d3f2159037b955c2bc /usr/local/www/system_usermanager.php | |
| parent | 4656943e59eb19a534c06cc253e266da6c52e915 (diff) | |
| download | pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.zip pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.tar.gz | |
Fix XSS issues
Diffstat (limited to 'usr/local/www/system_usermanager.php')
| -rw-r--r-- | usr/local/www/system_usermanager.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index d4adf9e..9256c40 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -466,7 +466,7 @@ function sshkeyClicked(obj) { <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> <td width="78%" class="vtable"> <strong><?=strtoupper($pconfig['utype']);?></strong> - <input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/> + <input name="utype" type="hidden" value="<?=htmlspecialchars($pconfig['utype'])?>"/> </td> </tr> <tr> @@ -504,7 +504,7 @@ function sshkeyClicked(obj) { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Expiration date"); ?></td> <td width="78%" class="vtable"> - <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=$pconfig['expires'];?>"> + <input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=htmlspecialchars($pconfig['expires']);?>"> <a href="javascript:NewCal('expires','mmddyyyy')"> <img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_cal.gif" width="16" height="16" border="0" alt="<?=gettext("Pick a date");?>"> </a> |
