kashire/lainchan
4
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

XSS/bug with last commit to utf8tohtml().

Browse Source
This commit is contained in:
Savetheinternet 2011-11-17 01:22:25 +11:00
parent f6f1ecd2df
commit 4a03c4c3cd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/functions.php
View File

@ -1339,7 +1339,7 @@
}
function utf8tohtml($utf8) {
return mb_encode_numericentity($utf8, Array(0xff, 0xffff, 0, 0xffff), 'UTF-8');
return mb_encode_numericentity(htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'), Array(0xff, 0xffff, 0, 0xffff), 'UTF-8');
}
function buildThread($id, $return=false, $mod=false) {