[Vtigercrm-commits] [vtiger-commits] r9256 - /vtigercrm/trunk/include/database/PearDatabase.php
vtigercrm-commits at vtiger.fosslabs.com
vtigercrm-commits at vtiger.fosslabs.com
Mon Sep 4 09:37:18 EDT 2006
Author: saraj
Date: Mon Sep 4 07:37:10 2006
New Revision: 9256
Log:
Fixes made for HTML tag vulnerabilities
Modified:
vtigercrm/trunk/include/database/PearDatabase.php
Modified: vtigercrm/trunk/include/database/PearDatabase.php
==============================================================================
--- vtigercrm/trunk/include/database/PearDatabase.php (original)
+++ vtigercrm/trunk/include/database/PearDatabase.php Mon Sep 4 07:37:10 2006
@@ -441,7 +441,9 @@
$result->Move($row);
$rowdata = $this->change_key_case($result->FetchRow());
//$this->println($rowdata);
- $coldata = strip_selected_tags($rowdata[$col],'script');
+ //Commented strip_selected_tags and added to_html function for HTML tags vulnerability
+ //$coldata = strip_selected_tags($rowdata[$col],'script');
+ $coldata = to_html($rowdata[$col]);
//$this->println("ADODB query_result ". $coldata);
return $coldata;
}
More information about the vtigercrm-commits
mailing list