Changeset 28948

Show
Ignore:
Timestamp:
24.03.2014 16:24:31 (5 years ago)
Author:
ak19
Message:

Another security commit surrounding cgiargs. Collectionaction updated.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/src/recpt/collectoraction.cpp

    r28930 r28948  
    870870    rv += "<input type=text name=\"bc1input\" value=\""; 
    871871    if (i < numvalues) { 
    872       rv += dm_safe(decode_commas(inputvalues[i])); 
     872      //rv += dm_safe(decode_commas(inputvalues[i])); 
     873      text_t websafe = encodeForHTMLAttr(inputvalues[i]); 
     874      rv += dm_safe(decode_commas(websafe)); 
    873875    } 
    874876    rv += "\" size=50>";