chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r19055] minor - logic changes -added Security::remove_XSS in header HTTP - (partial FS#3878)

Browse Source
skala
Isaac Flores 17 years ago
parent 9e926837d0
commit 5081a901b5
2 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/messages/inbox.php
  2. 2
      main/messages/outbox.php

2
main/messages/inbox.php
Unescape View File

@ -37,7 +37,7 @@ include_once(api_get_path(LIBRARY_PATH).'/message.lib.php');
api_block_anonymous_users();
if (isset($_GET['messages_page_nr'])) {
if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
header('Location:../social/index.php?pager="'.$_GET['messages_page_nr'].'"&remote=2#remote-tab-2');
header('Location:../social/index.php?pager="'.Security::remove_XSS($_GET['messages_page_nr']).'"&remote=2#remote-tab-2');
}
}
if (api_get_setting('allow_message_tool')!='true'){

2
main/messages/outbox.php
Unescape View File

@ -37,7 +37,7 @@ require_once (api_get_path(LIBRARY_PATH).'message.lib.php');
api_block_anonymous_users();
if (isset($_GET['messages_page_nr'])) {
if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
header('Location:../social/index.php?pager="'.$_GET['messages_page_nr'].'"&remote=3#remote-tab-3');
header('Location:../social/index.php?pager="'.Security::remove_XSS($_GET['messages_page_nr']).'"&remote=3#remote-tab-3');
}
}
if (api_get_setting('allow_message_tool')!='true'){

Write Preview
Loading…
Cancel
Save