Ignore:
Timestamp:
2014-03-14T22:46:25+13:00 (10 years ago)
Author:
ak19
Message:

Third commit for security, for ensuring cgiargs macros are websafe. This time all the changes to the runtime action classes.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp

    r28888 r28899  
    747747      << "<input type=\"hidden\" name=\"ccp\" value=\"1\">\n"
    748748      << "<center><table width=\"_pagewidth_\"><tr valign=\"top\">\n"
    749       << "<td>Select collections to search for \"" << args["q"]
    750       << "\" <i>(index=" << index << " subcollection=" << subcollection
    751       << " language=" << language << ")</i></td>\n"
     749      << "<td>Select collections to search for \"" << encodeForHTML(args["q"])
     750      << "\" <i>(index=" << encodeForHTML(index) << " subcollection=" << encodeForHTML(subcollection)
     751      << " language=" << encodeForHTML(language) << ")</i></td>\n"
    752752      << "<td><input type=\"submit\" value=\"_query:textbeginsearch_\"></td>\n"
    753753      << "</tr></table></center>\n"
Note: See TracChangeset for help on using the changeset viewer.