diff options
| author | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-12-05 18:13:03 +0000 |
|---|---|---|
| committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-12-05 18:13:03 +0000 |
| commit | bc0d7cb36914fd06db890854a3a45ef2b5af8902 (patch) | |
| tree | c19c3798cf89fbed15408bf2df5fc5f9c361763d /includes | |
| parent | 36d18330adb9dd4f0ba5ab9f65e7f7a86f1adbb9 (diff) | |
| download | brdo-bc0d7cb36914fd06db890854a3a45ef2b5af8902.tar.gz brdo-bc0d7cb36914fd06db890854a3a45ef2b5af8902.tar.bz2 | |
XSS fixes forward ported from Drupal 5.1 - previously not committed parts of http://drupal.org/cvs?commit=53675
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/form.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/includes/form.inc b/includes/form.inc index 011137758..0748b20d6 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -1353,7 +1353,7 @@ function form_select_options($element, $choices = NULL) { else { $selected = ''; } - $options .= '<option value="'. $key .'"'. $selected .'>'. check_plain($choice) .'</option>'; + $options .= '<option value="'. check_plain($key) .'"'. $selected .'>'. check_plain($choice) .'</option>'; } } return $options; @@ -1449,7 +1449,7 @@ function theme_radio($element) { $output = '<input type="radio" '; $output .= 'name="'. $element['#name'] .'" '; $output .= 'value="'. $element['#return_value'] .'" '; - $output .= ($element['#value'] == $element['#return_value']) ? ' checked="checked" ' : ' '; + $output .= (check_plain($element['#value']) == $element['#return_value']) ? ' checked="checked" ' : ' '; $output .= drupal_attributes($element['#attributes']) .' />'; if (!is_null($element['#title'])) { $output = '<label class="option">'. $output .' '. $element['#title'] .'</label>'; @@ -1652,7 +1652,7 @@ function expand_radios($element) { $element[$key] = array( '#type' => 'radio', '#title' => $choice, - '#return_value' => $key, + '#return_value' => check_plain($key), '#default_value' => isset($element['#default_value']) ? $element['#default_value'] : NULL, '#attributes' => $element['#attributes'], '#parents' => $element['#parents'], @@ -2052,10 +2052,10 @@ function theme_form_element($element, $value) { if (!empty($element['#title'])) { $title = $element['#title']; if (!empty($element['#id'])) { - $output .= ' <label for="'. $element['#id'] .'">'. $t('!title: !required', array('!title' => $title, '!required' => $required)) ."</label>\n"; + $output .= ' <label for="'. $element['#id'] .'">'. $t('!title: !required', array('!title' => filter_xss_admin($title), '!required' => $required)) ."</label>\n"; } else { - $output .= ' <label>'. $t('!title: !required', array('!title' => $title, '!required' => $required)) ."</label>\n"; + $output .= ' <label>'. $t('!title: !required', array('!title' => filter_xss_admin($title), '!required' => $required)) ."</label>\n"; } } |