Changeset 28911 for main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp

Timestamp:

2014-03-17T21:36:16+13:00 (10 years ago)

Author:

ak19

Message:

Fourth commit for security and safe cgiargs.

File:

• main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp (modified) (2 diffs)

main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp

@@ -743 +743 @@
       << "<form name=\"QueryForm\" method=\"get\" action=\"_gwcgi_\">\n"
       << "<input type=\"hidden\" name=\"a\" value=\"q\">\n"
-          << "<input type=\"hidden\" name=\"site\" value=\"_cgiargsite_\"\n"
+          << "<input type=\"hidden\" name=\"site\" value=\"_cgiargsiteAttrsafe_\"\n"
       << "<input type=\"hidden\" name=\"e\" value=\"_compressedoptions_\">\n"
       << "<input type=\"hidden\" name=\"ccp\" value=\"1\">\n"
@@ -1390 +1390 @@
     decode_cgi_arg (compressedoptions); 
     if (args["w"] == "utf-8") { // if the encoding was utf-8, then compressed options was utf-8, and we need unicode.
-    // if encoding wasn't utf-8, then compressed opotions may be screwed up, but seems to work for 8 bit encodings?
+    // if encoding wasn't utf-8, then compressed options may be screwed up, but seems to work for 8 bit encodings?
       compressedoptions = to_uni(compressedoptions);
     }