diff options
author | pjmattal <pjmattal> | 2005-04-22 03:55:35 +0000 |
---|---|---|
committer | pjmattal <pjmattal> | 2005-04-22 03:55:35 +0000 |
commit | 7246c45eb391d144ece17f27bd7f026fa64ca2de (patch) | |
tree | a3a2ece43b3def233cb330ac331ec95554c111f3 /web/lib | |
parent | 890e26ca23be2a1a94bca4a803e074806a0228a1 (diff) |
added strip_tags() and htmlspecialchars() to improve comments safety
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/pkgfuncs.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc index 3c72f8a..9e1a912 100644 --- a/web/lib/pkgfuncs.inc +++ b/web/lib/pkgfuncs.inc @@ -403,7 +403,7 @@ function package_details($id=0) { print "</span>"; print "<tr><td class='boxSoft'>"; print "<code>\n"; - print str_replace('"',""", stripslashes($carr["Comments"])); + print str_replace('"',""", htmlspecialchars(strip_tags(stripslashes($carr["Comments"])))); print "</code>\n"; print "</td></tr>\n"; print "</table>\n"; |