r1241 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r1240‎ \| r1241 \| r1242 >
Date:	07:19, 18 March 2003
Author:	vibber
Status:	old
Tags:
Comment:	Fix HTML insertion bug in upload description
Modified paths:	/trunk/phpwiki/newcodebase/SpecialUpload.php (modified) (history)

Diff [purge]

Index: trunk/phpwiki/newcodebase/SpecialUpload.php
—	—	@@ -175,12 +175,12 @@
176	176	action=\"{$action}\">
177	177	<input type=hidden name='wpUploadAffirm' value='1'>
178	178	<input type=hidden name='wpIgnoreWarning' value='1'>
179		~~-<input type=hidden name='wpUploadDescription' value=\"{$wpUploadDescription}\">~~
180		~~-<input type=hidden name='wpUploadSaveName' value=\"{$wpUploadSaveName}\">~~
181		~~-<input type=hidden name='wpUploadTempName' value=\"{$wpUploadTempName}\">~~
182		~~-<input type=hidden name='wpUploadSize' value=\"{$wpUploadSize}\">~~
183		~~-<input type=hidden name='wpSavedFile' value=\"{$wgSavedFile}\">~~
184		~~-<input type=hidden name='wpUploadOldVersion' value=\"{$wgUploadOldVersion}\">~~
	179	+<input type=hidden name='wpUploadDescription' value=\"" . htmlspecialchars( $wpUploadDescription ) . "\">
	180	+<input type=hidden name='wpUploadSaveName' value=\"" . htmlspecialchars( $wpUploadSaveName ) . "\">
	181	+<input type=hidden name='wpUploadTempName' value=\"" . htmlspecialchars( $wpUploadTempName ) . "\">
	182	+<input type=hidden name='wpUploadSize' value=\"" . htmlspecialchars( $wpUploadSize ) . "\">
	183	+<input type=hidden name='wpSavedFile' value=\"" . htmlspecialchars( $wgSavedFile ) . "\">
	184	+<input type=hidden name='wpUploadOldVersion' value=\"" . htmlspecialchars( $wgUploadOldVersion) . "\">
185	185	<table border=0><tr>
186	186	<tr><td align=right>
187	187	<input tabindex=2 type=submit name='wpUpload' value=\"{$save}\">
—	—	@@ -222,10 +222,10 @@
223	223	action=\"{$action}\">
224	224	<table border=0><tr>
225	225	<td align=right>{$fn}:</td><td align=left>
226		~~-<input tabindex=1 type='file' name='wpUploadFile' value=\"{$wpUploadFile}\" size=40>~~
	226	+<input tabindex=1 type='file' name='wpUploadFile' value=\"" . htmlspecialchars( $wpUploadFile ) . "\" size=40>
227	227	</td></tr><tr>
228	228	<td align=right>{$fd}:</td><td align=left>
229		~~-<input tabindex=2 type=text name='wpUploadDescription' value=\"{$wpUploadDescription}\" size=40>~~
	229	+<input tabindex=2 type=text name='wpUploadDescription' value=\"" . htmlspecialchars( $wpUploadDescription ) . "\" size=40>
230	230	</td></tr><tr>
231	231	<td align=right>
232	232	<input tabindex=3 type=checkbox name='wpUploadAffirm' value='1'>

Status & tagging log

21:41, 11 October 2010 Reedy (talk | contribs) changed the status of r1241 [removed: new added: old]