Fix more vulnerabilities
This commit is contained in:
parent
565fcf08a3
commit
531b5844d0
@ -1,7 +1,7 @@
|
|||||||
<div id="forum">
|
<div id="forum">
|
||||||
<div style="margin-bottom: 1em;">
|
<div style="margin-bottom: 1em;">
|
||||||
<?= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
|
<?= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
|
||||||
<?= $this->submitTag($this->t('.submit')) ?>
|
<?= $this->submitTag($this->t('.submit')) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
</div>
|
</div>
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<div id="forum">
|
<div id="forum">
|
||||||
<div id="search" style="margin-bottom: 1em;">
|
<div id="search" style="margin-bottom: 1em;">
|
||||||
<?= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
|
<?= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
|
||||||
<?= $this->submitTag($this->t('.search')) ?>
|
<?= $this->submitTag($this->t('.search')) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
</div>
|
</div>
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<h4><?= $this->t('.title') ?></h4>
|
<h4><?= $this->t('.title') ?></h4>
|
||||||
|
|
||||||
<?= $this->formTag(['action' => 'search'], ['method' => 'get'], function(){ ?>
|
<?= $this->formTag(['action' => 'search'], ['method' => 'get'], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => '40']) ?> <?= $this->submitTag($this->t('.search')) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => '40']) ?> <?= $this->submitTag($this->t('.search')) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
|
|
||||||
<?php if ($this->notes) : ?>
|
<?php if ($this->notes) : ?>
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
<?php if ($this->params()->order) : ?>
|
<?php if ($this->params()->order) : ?>
|
||||||
<?= $this->hiddenFieldTag("order", $this->params()->order) ?>
|
<?= $this->hiddenFieldTag("order", $this->params()->order) ?>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
|
||||||
<?= $this->submitTag($this->t('.search'), ['name' => '']) ?>
|
<?= $this->submitTag($this->t('.search'), ['name' => '']) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
</div>
|
</div>
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
<form method="get" action="/post/moderate">
|
<form method="get" action="/post/moderate">
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => '40']) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => '40']) ?>
|
||||||
<?= $this->submitTag($this->t('buttons.search')) ?>
|
<?= $this->submitTag($this->t('buttons.search')) ?>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<div style="margin-bottom: 1em;">
|
<div style="margin-bottom: 1em;">
|
||||||
<?= $this->formTag([], ['method' => 'get'], function(){ ?>
|
<?= $this->formTag([], ['method' => 'get'], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query)) ?>
|
||||||
<?= $this->submitTag($this->t('.search')) ?>
|
<?= $this->submitTag($this->t('.search')) ?>
|
||||||
<?= $this->submitTag($this->t('tag_implication.index.search')) ?>
|
<?= $this->submitTag($this->t('tag_implication.index.search')) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<div style="margin-bottom: 1em;">
|
<div style="margin-bottom: 1em;">
|
||||||
<?= $this->formTag(['action' => "index"], ['method' => 'get'], function(){ ?>
|
<?= $this->formTag(['action' => "index"], ['method' => 'get'], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query)) ?>
|
||||||
<?= $this->submitTag($this->t('.search')) ?>
|
<?= $this->submitTag($this->t('.search')) ?>
|
||||||
<?= $this->submitTag($this->t('tag_alias.index.search')) ?>
|
<?= $this->submitTag($this->t('tag_alias.index.search')) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
<div style="margin-bottom: 1em;">
|
<div style="margin-bottom: 1em;">
|
||||||
<h6>Search</h6>
|
<h6>Search</h6>
|
||||||
<?= $this->formTag(['action' => "index"], ['method' => "get"], function(){ ?>
|
<?= $this->formTag(['action' => "index"], ['method' => "get"], function(){ ?>
|
||||||
<?= $this->textFieldTag("query", $this->params()->query, ['size' => 20, 'id' => "search-box"]) ?>
|
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 20, 'id' => "search-box"]) ?>
|
||||||
<?php }) ?>
|
<?php }) ?>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user