composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-22 00:32:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°5318 - Fix DBObject::CheckValue() messages being HTML encoded when not necessary (#326)

Browse Source 
* Rollback N°4898 - Security fix

* N°5318 - security fix
This commit is contained in:
Anne-Catherine
2022-08-12 17:50:14 +02:00
committed by GitHub
parent 35a8b501c9
commit d7e5705520
4 changed files with 21 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
application/cmdbabstract.class.inc.php
View File

@@ -4735,11 +4735,15 @@ EOF
$sCSSClass = $bResult ? HILIGHT_CLASS_NONE : HILIGHT_CLASS_CRITICAL;
$sChecked = $bResult ? 'checked' : '';
$sDisabled = $bResult ? '' : 'disabled';
$aErrorsToDisplay = array_map(function($sError) {
return utils::HtmlEntities($sError);
}, $aErrors);
$aRows[] = array(
'form::select' => "<input type=\"checkbox\" class=\"selectList\" $sChecked $sDisabled\"></input>",
'object' => $oObj->GetHyperlink(),
'status' => $sStatus,
'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrors)).'</p>',
'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrorsToDisplay)).'</p>',
'@class' => $sCSSClass,
);
if ($bResult && (!$bPreview))