#1041 Protect against some XSS injections

SVN:trunk[3479]
This commit is contained in:
Denis Flaven
2014-12-18 08:50:04 +00:00
parent ece152173f
commit 143cefe4e3
4 changed files with 5 additions and 4 deletions

View File

@@ -826,7 +826,7 @@ EOF
}
$sStepHistory = implode(',', $aPreviousSteps);
$this->add("<input type=\"hidden\" id=\"step_history\" name=\"step_history\" value=\"$sStepHistory\">");
$this->add("<input type=\"hidden\" id=\"step_history\" name=\"step_history\" value=\"".htmlentities($sStepHistory, ENT_QUOTES, 'UTF-8')."\">");
if (!is_null($sNextStep))
{