pk/palm-paste
1
0
Fork 0
mirror of https://github.com/pikami/palm-paste.git synced 2025-12-19 08:49:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pached XSS

Browse Source
This commit is contained in:
pikami
2016-06-13 12:49:13 +00:00
parent 04a6be87a5
commit 3ca9efd71c
4 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
MyPastes.php
View File

@@ -21,9 +21,9 @@ if($stmt->rowCount()>0){
printf('<tbody>');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
printf('<tr><td style="text-align: left;">'.$row["title"].'</td>');
printf('<tr><td style="text-align: left;">'.htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8').'</td>');
printf('<td style="text-align: left;">'.date('Y-m-d',$row["created"]).'</td>');
printf('<td style="text-align: right;"><a href="'.$row["uid"].'">'.$row["uid"].'</a></td></tr>');
printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td></tr>');
}
printf('</tbody></talbe>');
} else {