From: xzilla Date: Fri, 1 Jun 2007 12:30:45 +0000 (+0000) Subject: move xss prevention to end of lib.inc.php in case we override $lang[appcharset] X-Git-Tag: REL_4-1-2~1 X-Git-Url: http://waps.l3s.uni-hannover.de/gitweb/%20?a=commitdiff_plain;h=e0e2568dcc4a922c911f50a282d194b162a3dde8;p=phppgadmin.git move xss prevention to end of lib.inc.php in case we override $lang[appcharset] --- diff --git a/libraries/lib.inc.php b/libraries/lib.inc.php index cda3baf5..adfa9f27 100644 --- a/libraries/lib.inc.php +++ b/libraries/lib.inc.php @@ -3,12 +3,9 @@ /** * Function library read in upon startup * - * $Id: lib.inc.php,v 1.111.2.3 2007/05/28 19:30:17 soranzo Exp $ + * $Id: lib.inc.php,v 1.111.2.4 2007/06/01 12:30:45 xzilla Exp $ */ - // Prevent XSS attacks - $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF']); - include_once('./libraries/decorator.inc.php'); include_once('./lang/translations.php'); @@ -223,4 +220,7 @@ } } + // Prevent XSS attacks + $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, $lang['appcharset']); + ?>