* Martin Schulze: > I've taken a look at the patch, and several lines contain changes not > suitable for a security update, i.e. fix different potential bugs or > change the code. I'm attaching the patch. More eyes checking would > be appreciated.
This one seems only safe when magic_quotes_gpc is enabled: - <input type="submit" [...] onclick="self.location = '<?php echo $url; ?>'; return false;" /> + <input type="submit" [...] onclick="self.location = '<?php echo htmlspecialchars($url); ?>'; return false;" /> (htmlspecialchars does not quote single quotes, and even if it did, it would not really help because the HTML should be reversed before the JavaScript parser runs.) It's probably not a real problem because everybody runs with magic_quotes_gpc enabled, though. Apart from the issues in your diff, there seem to be others. Is anybody familiar with the HORDE framework (at that version) and can explain how variables are handled internal? There seems to be some kind of register_globals reimplementation. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
