summaryrefslogtreecommitdiff
path: root/pages/account/32.php
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-12-27 12:56:35 +0100
committerMichael Tänzer <neo@nhng.de>2011-12-27 12:56:35 +0100
commit4fe923c4e74aebfe1695ace966a8e72008a25703 (patch)
tree84c86816ec4ff5e7e6b937713f54e022366b50fb /pages/account/32.php
parent9159baecf3516528f9ad9c0353bd0478365ca287 (diff)
downloadcacert-4fe923c4e74aebfe1695ace966a8e72008a25703.tar.gz
cacert-4fe923c4e74aebfe1695ace966a8e72008a25703.tar.xz
cacert-4fe923c4e74aebfe1695ace966a8e72008a25703.zip
Source code taken from cacert-20111227.tar.bz2
Diffstat (limited to 'pages/account/32.php')
-rw-r--r--pages/account/32.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/pages/account/32.php b/pages/account/32.php
index 00dc1ea..a05c927 100644
--- a/pages/account/32.php
+++ b/pages/account/32.php
@@ -38,10 +38,10 @@
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['memid'])."'"));
?>
<tr>
- <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+ <td class="DataTD"><a href='mailto:<?=sanitizeHTML($user['email'])?>'><?=sanitizeHTML($user['fname'])?> <?=sanitizeHTML($user['lname'])?></a></td>
<td class="DataTD"><?=($row['masteracc'])?></a></td>
- <td class="DataTD"><?=($row['OU'])?></a></td>
- <td class="DataTD"><?=($row['comments'])?></a></td>
+ <td class="DataTD"><?=sanitizeHTML($row['OU'])?></a></td>
+ <td class="DataTD"><?=sanitizeHTML($row['comments'])?></a></td>
<? if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
<td class="DataTD"><a href="account.php?id=34&amp;orgid=<?=$row['orgid']?>&amp;memid=<?=$row['memid']?>"><?=_("Delete")?></a></td>
<? } else { ?>