diff options
Diffstat (limited to 'includes/notary.inc.php')
| -rw-r--r-- | includes/notary.inc.php | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/includes/notary.inc.php b/includes/notary.inc.php index bab5bc0..50ba756 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -1847,7 +1847,7 @@ function output_client_cert($row, $support=0, $readonly=true){ if ($verified === _("Pending")) { ?> <td class="DataTD"> - <input type="checkbox" name="delid[]" value="<?=$row['id']?>"> + <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"> </td> <? @@ -1859,7 +1859,7 @@ function output_client_cert($row, $support=0, $readonly=true){ } else { ?> <td class="DataTD"> - <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"> + <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"> </td> <? } @@ -1871,13 +1871,13 @@ function output_client_cert($row, $support=0, $readonly=true){ if ($verified === _("Pending")) { ?> - <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td> + <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?></td> <? } else { ?> <td class="DataTD"> - <a href="account.php?id=6&cert=<?=$row['id']?>"> - <?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?> + <a href="account.php?id=6&cert=<?=intval($row['id'])?>"> + <?=(trim($row['CN'])=="" ? _("empty") : htmlspecialchars($row['CN']))?> </a> </td> <? @@ -1888,21 +1888,21 @@ function output_client_cert($row, $support=0, $readonly=true){ <td class="DataTD"><?=$row['revoke']?></td> <td class="DataTD"><?=$row['expire']?></td> <td class="DataTD"> - <input type="checkbox" name="disablelogin_<?=$row['id']?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/> - <input type="hidden" name="cert_<?=$row['id']?>" value="1" /> + <input type="checkbox" name="disablelogin_<?=intval($row['id'])?>" value="1" <?=$row['disablelogin']?"":"checked='checked'"?> <?=$readonly?'disabled="disabled"':''?>/> + <input type="hidden" name="cert_<?=intval($row['id'])?>" value="1" /> </td> <? if (1 != $support) { ?> <td class="DataTD"> - <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> </td> <? if (!$readonly) { ?> <td class="DataTD"> - <input type="checkbox" name="check_comment_<?=$row['id']?>" /> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> </td> <? } @@ -1977,7 +1977,7 @@ function output_server_certs($row, $support=0, $readonly=true){ if ($verified === _("Pending")) { ?> <td class="DataTD"> - <input type="checkbox" name="delid[]" value="<?=$row['id']?>"/> + <input type="checkbox" name="delid[]" value="<?=intval($row['id'])?>"/> </td> <? } elseif($verified === _("Revoked")) { @@ -1987,7 +1987,7 @@ function output_server_certs($row, $support=0, $readonly=true){ } else { ?> <td class="DataTD"> - <input type="checkbox" name="revokeid[]" value="<?=$row['id']?>"/> + <input type="checkbox" name="revokeid[]" value="<?=intval($row['id'])?>"/> </td> <? } @@ -1999,13 +1999,13 @@ function output_server_certs($row, $support=0, $readonly=true){ if ($verified === _("Pending")) { ?> - <td class="DataTD"><?=$row['CN']?></td> + <td class="DataTD"><?=htmlspecialchars($row['CN'])?></td> <? } else { ?> <td class="DataTD"> - <a href="account.php?id=15&cert=<?=$row['id']?>"> - <?=$row['CN']?> + <a href="account.php?id=15&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['CN'])?> </a> </td> <? @@ -2020,13 +2020,13 @@ function output_server_certs($row, $support=0, $readonly=true){ if (1 != $support) { ?> <td class="DataTD"> - <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> </td> <? if (!$readonly) { ?> <td class="DataTD"> - <input type="checkbox" name="check_comment_<?=$row['id']?>" /> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> </td> <? } @@ -2087,13 +2087,13 @@ function output_gpg_certs($row, $support=0, $readonly=true){ if($verified == _("Pending")) { ?> - <td class="DataTD"><?=$row['email']?></td> + <td class="DataTD"><?=htmlspecialchars($row['email'])?></td> <? } else { ?> <td class="DataTD"> - <a href="gpg.php?id=3&cert=<?=$row['id']?>"> - <?=$row['email']?> + <a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['email'])?> </a> </td> <? @@ -2105,13 +2105,13 @@ function output_gpg_certs($row, $support=0, $readonly=true){ if($verified == _("Pending")) { ?> - <td class="DataTD"><?=$row['keyid']?></td> + <td class="DataTD"><?=htmlspecialchars($row['keyid'])?></td> <? } else { ?> <td class="DataTD"> - <a href="gpg.php?id=3&cert=<?=$row['id']?>"> - <?=$row['keyid']?> + <a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"> + <?=htmlspecialchars($row['keyid'])?> </a> </td> <? @@ -2120,13 +2120,13 @@ function output_gpg_certs($row, $support=0, $readonly=true){ if (1 != $support) { ?> <td class="DataTD"> - <input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> + <input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /> </td> <? if (!$readonly) { ?> <td class="DataTD"> - <input type="checkbox" name="check_comment_<?=$row['id']?>" /> + <input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /> </td> <? } |