composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-24 02:58:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°5318 - Fix DBObject::CheckValue() messages being HTML encoded when not necessary (#326)

Browse Source 
* Rollback N°4898 - Security fix

* N°5318 - security fix
This commit is contained in:
Anne-Catherine
2022-08-12 17:50:14 +02:00
committed by GitHub
parent 35a8b501c9
commit d7e5705520
4 changed files with 21 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
core/coreexception.class.inc.php
View File

@@ -165,19 +165,15 @@ class CoreCannotSaveObjectException extends CoreException
public function getHtmlMessage()
{
$sTitle = Dict::S('UI:Error:SaveFailed');
$sContent = "<span><strong>{$sTitle}</strong></span>";
$sContent = "<span><strong>".utils::HtmlEntities($sTitle)."</strong></span>";
if (count($this->aIssues) == 1)
{
if (count($this->aIssues) == 1) {
$sIssue = reset($this->aIssues);
$sContent .= " <span>{$sIssue}</span>";
}
else
{
$sContent .= " <span>".utils::HtmlEntities($sIssue)."</span>";
} else {
$sContent .= '<ul>';
foreach ($this->aIssues as $sError)
{
$sContent .= "<li>$sError</li>";
foreach ($this->aIssues as $sError) {
$sContent .= "<li>".utils::HtmlEntities($sError)."</li>";
}
$sContent .= '</ul>';
}