summaryrefslogtreecommitdiffstats
path: root/web/template/footer.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2012-02-19 04:49:54 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2012-02-19 05:21:48 +0100
commit19789c3f759f4162a2eaa4ccc0b6fe0df51957ca (patch)
tree3d1dd05e7c975d7c166a50ed389838513ced0844 /web/template/footer.php
parent6f6904db3fa4921abc92b936dbc50bfdea0cb225 (diff)
downloadaurweb-19789c3f759f4162a2eaa4ccc0b6fe0df51957ca.tar.xz
Escape all output strings in the header and footer
Escape each output string using htmlspecialchars(). These aren't exploitable; it's still better to escape them properly. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/footer.php')
-rw-r--r--web/template/footer.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/web/template/footer.php b/web/template/footer.php
index 435de5c..0948f68 100644
--- a/web/template/footer.php
+++ b/web/template/footer.php
@@ -2,7 +2,7 @@
<!-- End of main content -->
<?php
if ($ver) {
- echo "<div class=\"pgbox version\">$ver</div>";
+ echo "<div class=\"pgbox version\">" . htmlspecialchars($ver) . "</div>";
}
?>
</body>