Commit 77344413ecd0c0627ecb050df42e412e357e0d4f
1 parent
06c3d068
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6939 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
3 additions
and
3 deletions
templates/ktcore/forms/widgets/password.smarty
| 1 | - <input type="password" name="{$name}{if ($context->bConfirm)}[base]{/if}" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if}/> | 1 | + <input type="password" name="{$name}{if ($context->bConfirm)}[base]{/if}" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value|sanitize_input}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if}/> |
| 2 | 2 | ||
| 3 | {if ($context->bConfirm)} | 3 | {if ($context->bConfirm)} |
| 4 | <br /> <br /> | 4 | <br /> <br /> |
| 5 | <label for="{$name}">{i18n arg_label=$label}Confirm #label#{/i18n}{if ($required === true)}<span class="required">({i18n}Required{/i18n})</span>{/if}</label> | 5 | <label for="{$name}">{i18n arg_label=$label}Confirm #label#{/i18n}{if ($required === true)}<span class="required">({i18n}Required{/i18n})</span>{/if}</label> |
| 6 | <p class="descriptiveText">{$context->sConfirmDescription}</p> | 6 | <p class="descriptiveText">{$context->sConfirmDescription}</p> |
| 7 | - | ||
| 8 | - <input type="password" name="{$name}[confirm]" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if}/> | 7 | + |
| 8 | + <input type="password" name="{$name}[confirm]" {if $has_id}id="{$id}"{/if} {if $has_value}value="{$value|sanitize_input}"{/if}{if ($options.autocomplete === false)}autocomplete="off"{/if}/> | ||
| 9 | {/if} | 9 | {/if} |