- Fixed typo

author: Dries Buytaert <dries@buytaert.net> 2003-07-09 22:13:09 +0000
committer: Dries Buytaert <dries@buytaert.net> 2003-07-09 22:13:09 +0000
commit: e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3 (patch)
tree: d8b4c243b8431b764859d77ec5617846b0d399fc /includes
parent: 9fd25fa520420896c921be045cc876439e33ed45 (diff)
download: brdo-e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3.tar.gz
brdo-e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3.tar.bz2
1 files changed, 3 insertions, 2 deletions
diff --git a/includes/common.inc b/includes/common.inc
index ca717e506..3ebfa13c0 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -484,12 +484,13 @@ function xss_check_input_data($data) {
     */
 
     // check strings:
-    $match += preg_match("/\Wjavascript\s*:/i", $data);
+    $match  = preg_match("/\Wjavascript\s*:/i", $data);
     $match += preg_match("/\Wexpression\s*\(/i", $data);
     $match += preg_match("/\Walert\s*\(/i", $data);
 
     // check attributes:
-    $match  = preg_match("/\W(dynsrc|datasrc|data|lowsrc|on[a-z]+)\s*=[^>]+?>/i", $data);
+    $match += preg_match("/\W(dynsrc|datasrc|data|lowsrc|on[a-z]+)\s*=[^>]+?>/i", $data);
+    
 
     // check tags:
     $match += preg_match("/<\s*(applet|script|object|style|embed|form|blink|meta|html|frame|iframe|layer|ilayer|head|frameset|xml)/i", $data);
author	Dries Buytaert <dries@buytaert.net>	2003-07-09 22:13:09 +0000
committer	Dries Buytaert <dries@buytaert.net>	2003-07-09 22:13:09 +0000
commit	e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3 (patch)
tree	d8b4c243b8431b764859d77ec5617846b0d399fc /includes
parent	9fd25fa520420896c921be045cc876439e33ed45 (diff)
download	brdo-e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3.tar.gz brdo-e5b392b5d7ca27cbb9d7e88d4c9d94afeab540b3.tar.bz2