diff options
Diffstat (limited to 'includes/specials/SpecialRestrictUser.php')
-rw-r--r-- | includes/specials/SpecialRestrictUser.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/includes/specials/SpecialRestrictUser.php b/includes/specials/SpecialRestrictUser.php index 761e0cd6..b946cde8 100644 --- a/includes/specials/SpecialRestrictUser.php +++ b/includes/specials/SpecialRestrictUser.php @@ -37,7 +37,8 @@ function wfSpecialRestrictUser( $par = null ) { class RestrictUserForm { public static function selectUserForm( $val = null, $error = null ) { global $wgScript, $wgTitle; - $s = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$wgScript}\">"; + $action = htmlspecialchars( $wgScript ); + $s = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$action}\">"; if( $error ) $s .= '<p>' . $error . '</p>'; $s .= Xml::hidden( 'title', $wgTitle->getPrefixedDbKey() ); |