composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-12 23:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed Trac#446: XSS vulnerabilities... to be tested !

Browse Source 
Also fixed the display/download links on documents that were both doing exactly the same thing !

SVN:trunk[1443]
This commit is contained in:
Denis Flaven
2011-08-11 10:17:03 +00:00
parent a129c9814f
commit 6859326646
24 changed files with 248 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pages/UniversalSearch.php
View File

@@ -49,8 +49,8 @@ $oP->add_linked_script("../js/jquery.blockUI.js");
// Now render the content of the page
$sBaseClass = utils::ReadParam('baseClass', 'Organization');
$sClass = utils::ReadParam('class', $sBaseClass);
$sOQLClause = utils::ReadParam('oql_clause', '');
$sFilter = utils::ReadParam('filter', '');
$sOQLClause = utils::ReadParam('oql_clause', '', false, 'raw_data');
$sFilter = utils::ReadParam('filter', '', false, 'raw_data');
$sOperation = utils::ReadParam('operation', '');
// First part: select the class to search for