Commit 852c4741353ee65c68e8176d1668a4bfd2f90764
1 parent
b87b5682
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6931 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
8 additions
and
8 deletions
templates/ktstandard/action/discussion_comment_list_item.smarty
| ... | ... | @@ -5,16 +5,16 @@ |
| 5 | 5 | {else} |
| 6 | 6 | <dl class="kt-discussion-comment odd-comment"> |
| 7 | 7 | {/if} |
| 8 | - | |
| 9 | - <dt>{i18n arg_subject=$comment->getSubject() arg_author=$creator->getName() arg_date=$comment->getDate()} | |
| 10 | - <span class="subject">#subject#</span> | |
| 8 | + | |
| 9 | + <dt> | |
| 10 | + <span class="subject">{$comment->getSubject()|sanitize_input}</span> | |
| 11 | 11 | by |
| 12 | - <span class="author">#author#</span> | |
| 13 | - <span class="date">(#date#)</span> | |
| 14 | - {/i18n} | |
| 12 | + <span class="author">{$creator->getName()}</span> | |
| 13 | + <span class="date">({$comment->getDate()})</span> | |
| 14 | + | |
| 15 | 15 | </dt> |
| 16 | - | |
| 17 | - <dd>{$comment->getBody()}</dd> | |
| 16 | + | |
| 17 | + <dd>{$comment->getBody()|sanitize_input}</dd> | |
| 18 | 18 | |
| 19 | 19 | </dl> |
| 20 | 20 | ... | ... |