Bug #18562 ยป 8019_admPanel_htmlspecialchars.diff

Administrator Admin, 2008-04-04 13:33

View differences:

t3lib/class.t3lib_tsfebeuserauth.php (working copy)
304 304
						'pages.uid=fe_groups.pid AND pages.deleted=0 '.t3lib_BEfunc::deleteClause('fe_groups').' AND '.$this->getPagePermsClause(1)
305 305
					);
306 306
			while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
307
				$options.= '<option value="'.$row['uid'].'"'.($this->uc['TSFE_adminConfig']['preview_simulateUserGroup']==$row['uid']?' selected="selected"':'').'>'.htmlspecialchars('['.$row['uid'].'] '.$row['title']).'</option>';
307
				$options.= '<option value="'.$row['uid'].'"'.($this->uc['TSFE_adminConfig']['preview_simulateUserGroup']==$row['uid']?' selected="selected"':'').'>'.htmlspecialchars('['.$row['uid'].'] '.htmlspecialchars($row['title'])).'</option>';
308 308
			}
309 309
			$out.= $this->extGetItem('preview_simulateUserGroup', '<select name="TSFE_ADMIN_PANEL[preview_simulateUserGroup]">'.$options.'</select>');
310 310
		}
......
336 336
			$depth = $this->extGetFeAdminValue('cache','clearCacheLevels');
337 337
			$outTable = '';
338 338
			$this->extPageInTreeInfo = array();
339
			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],$GLOBALS['TSFE']->page['title'],$depth+1);
339
			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],htmlspecialchars($GLOBALS['TSFE']->page['title']),$depth+1);
340 340
			$this->extGetTreeList($GLOBALS['TSFE']->id, $depth,0,$this->getPagePermsClause(1));
341 341
			reset($this->extPageInTreeInfo);
342 342
			while(list(,$row)=each($this->extPageInTreeInfo)) {
......
377 377
			$depth = $this->extGetFeAdminValue('publish','levels');
378 378
			$outTable = '';
379 379
			$this->extPageInTreeInfo = array();
380
			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],$GLOBALS['TSFE']->page['title'],$depth+1);
380
			$this->extPageInTreeInfo[] = array($GLOBALS['TSFE']->page['uid'],htmlspecialchars($GLOBALS['TSFE']->page['title']),$depth+1);
381 381
			$this->extGetTreeList($GLOBALS['TSFE']->id, $depth,0,$this->getPagePermsClause(1));
382 382
			reset($this->extPageInTreeInfo);
383 383
			while(list(,$row)=each($this->extPageInTreeInfo)) {
    (1-1/1)