Peter M. Groen / knowledgetree

Commit 0dc513e2d904b70a29ce6e20bc5eb68ed9c36731

Authored by Conrad Vermeulen
1 parent 5f15c4da

KTS-2178 

"cross site scripting"
Updated.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6933 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 6 additions and 6 deletions
templates/ktcore/login.smarty
  View file @0dc513e
... ... @@ -3,12 +3,12 @@
3 3 <html>
4 4 <head>
5 5 <title>{i18n arg_appname="$appname"}Login | #appname#{/i18n}</title>
6   -
  6 +
7 7 <link rel="stylesheet" href="{$rootUrl}/resources/css/kt-login.css" type="text/css" />
8 8  
9 9 <link rel="icon" href="{$rootUrl}/resources/favicon.ico" type="image/x-icon">
10   - <link rel="shortcut icon" href="{$rootUrl}/resources/favicon.ico" type="image/x-icon">
11   -
  10 + <link rel="shortcut icon" href="{$rootUrl}/resources/favicon.ico" type="image/x-icon">
  11 +
12 12 <link rel="stylesheet" href="{$rootUrl}/resources/css/kt-ie-icons.css" type="text/css" />
13 13  
14 14 <script type="text/javascript" src="{$rootUrl}/thirdpartyjs/curvycorners/rounded_corners.inc.js"> </script>
... ... @@ -30,13 +30,13 @@
30 30 {if ($errorMessage == null)}
31 31 <p class="descriptiveText">{i18n}Please enter your details below to login.{/i18n}</p>
32 32 {else}
33   - <div class="ktErrorMessage"><span>{$errorMessage}</span></div>
  33 + <div class="ktErrorMessage"><span>{$errorMessage|sanitize}</span></div>
34 34 {/if}
35 35 <label for="username">{i18n}Username{/i18n}</label>
36 36 <input type="text" id="username" name="username"/>
37 37 <label for="password">{i18n}Password{/i18n}</label>
38 38 <input type="password" id="password" name="password"/>
39   -
  39 +
40 40 <label for="language">{i18n}Language{/i18n}</label>
41 41 <select id="language" name="language">
42 42 {foreach from=$languages key=sLang item=sLanguageName}
... ... @@ -55,7 +55,7 @@
55 55 {/if}
56 56 <p class="descriptiveText version">
57 57 {i18n arg_appname="$appname"}#appname# Version{/i18n}<br />{$versionName}<br/>
58   - {i18n}&copy; 2007 <a href="http://www.knowledgetree.com/">The Jam Warehouse Software (Pty) Ltd.</a> All Rights Reserved{/i18n}
  58 + {i18n}&copy; 2007 <a href="http://www.knowledgetree.com/">The Jam Warehouse Software (Pty) Ltd.</a> All Rights Reserved{/i18n}
59 59 </p>
60 60 <div id="bottomspacer"></div>
61 61 <div class="floatClear"></div>
... ...