Commit 06c3d068e0677a99d4b94cece549895df69bdaeb
1 parent
a489481c
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6938 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
templates/ktcore/forms/widgets/string.smarty
| 1 | - <input type="text" name="{$name}" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if} {if $options.width}size="{$options.width}"{/if} /> | |
| 1 | + <input type="text" name="{$name}" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value|sanitize_input}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if} {if $options.width}size="{$options.width}"{/if} /> | ... | ... |