#324880: SA-2008-067 (#324824): Fix XSS vulberability in book administration page.

author: Angie Byron <webchick@24967.no-reply.drupal.org> 2008-11-08 19:33:53 +0000
committer: Angie Byron <webchick@24967.no-reply.drupal.org> 2008-11-08 19:33:53 +0000
commit: d2331ebdf7b5b21245649f1b7169c652396bcc30 (patch)
tree: e1aa5ab9dc518a9e678e45aa5cedd17bf8d2075f
parent: 4e369a6b7ff097afcd0e8b9c1b1a0abeab540df6 (diff)
download: brdo-d2331ebdf7b5b21245649f1b7169c652396bcc30.tar.gz
brdo-d2331ebdf7b5b21245649f1b7169c652396bcc30.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/book/book.admin.inc b/modules/book/book.admin.inc
index be8fe7b4a..7cc4f8013 100644
--- a/modules/book/book.admin.inc
+++ b/modules/book/book.admin.inc
@@ -173,8 +173,8 @@ function _book_admin_table($node, &$form) {
  * @see book_admin_edit()
  */
 function _book_admin_table_tree($tree, &$form) {
-  foreach ($tree as $key => $data) {
-    $form[$key] = array(
+  foreach ($tree as $data) {
+    $form['book-admin-' . $data['link']['nid']] = array(
       '#item' => $data['link'],
       'nid' => array('#type' => 'value', '#value' => $data['link']['nid']),
       'depth' => array('#type' => 'value', '#value' => $data['link']['depth']),
author	Angie Byron <webchick@24967.no-reply.drupal.org>	2008-11-08 19:33:53 +0000
committer	Angie Byron <webchick@24967.no-reply.drupal.org>	2008-11-08 19:33:53 +0000
commit	d2331ebdf7b5b21245649f1b7169c652396bcc30 (patch)
tree	e1aa5ab9dc518a9e678e45aa5cedd17bf8d2075f
parent	4e369a6b7ff097afcd0e8b9c1b1a0abeab540df6 (diff)
download	brdo-d2331ebdf7b5b21245649f1b7169c652396bcc30.tar.gz brdo-d2331ebdf7b5b21245649f1b7169c652396bcc30.tar.bz2