Changeset 28899 for main/trunk/greenstone2/runtime-src/src/recpt/depositoraction.cpp

Timestamp:

2014-03-14T22:46:25+13:00 (10 years ago)

Author:

ak19

Message:

Third commit for security, for ensuring cgiargs macros are websafe. This time all the changes to the runtime action classes.

File:

• main/trunk/greenstone2/runtime-src/src/recpt/depositoraction.cpp (modified) (2 diffs)

main/trunk/greenstone2/runtime-src/src/recpt/depositoraction.cpp

@@ -707 +707 @@
   if ((depositor_page == "select") || (stepstring == "step")) {
           textout << outconvert << disp << ("_depositor:header_\n")
-          << ("_depositor:" + depositor_page + "content_\n")
+          << ("_depositor:" + encodeForHTML(depositor_page) + "content_\n")
           << ("_depositor:footer_\n");
       
@@ -771 +771 @@
       // output page ("bild" page was already output above)
       textout << outconvert << disp << ("_depositor:header_\n")
-          << ("_depositor:" + depositor_page + "content_\n")
+          << ("_depositor:" + encodeForHTML(depositor_page) + "content_\n")
           << ("_depositor:footer_\n");
     }