diff options
| author | Michael Tänzer <neo@nhng.de> | 2014-12-04 18:26:23 +0100 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2014-12-04 18:26:23 +0100 |
| commit | b0904b2bda37b292fa5d29d5d3b7ec64d100ad16 (patch) | |
| tree | a10f5fb0dfefccc4bbf5890d02f273ef770ba4b6 /pages/gpg/2.php | |
| parent | c7c4d077688807bcbec21e11d0aeb0af9ebfbd30 (diff) | |
| download | cacert-b0904b2bda37b292fa5d29d5d3b7ec64d100ad16.tar.gz cacert-b0904b2bda37b292fa5d29d5d3b7ec64d100ad16.tar.xz cacert-b0904b2bda37b292fa5d29d5d3b7ec64d100ad16.zip | |
Diffstat (limited to 'pages/gpg/2.php')
| -rw-r--r-- | pages/gpg/2.php | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/pages/gpg/2.php b/pages/gpg/2.php index cc8a872..84e11d2 100644 --- a/pages/gpg/2.php +++ b/pages/gpg/2.php @@ -30,7 +30,7 @@ $query = "select UNIX_TIMESTAMP(`issued`) as `issued`, UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`, UNIX_TIMESTAMP(`expire`) as `expired`, - `expire` as `expires`, `id`, `level`, + `expire`, `id`, `level`, `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."' ORDER BY `issued` desc"; $res = mysql_query($query); @@ -43,6 +43,7 @@ <? } else { while($row = mysql_fetch_assoc($res)) { + $verified = ''; if($row['timeleft'] > 0) $verified = _("Valid"); if($row['timeleft'] < 0) @@ -53,18 +54,18 @@ <tr> <? if($verified == _("Valid")) { ?> <td class="DataTD"><?=$verified?></td> - <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td> + <td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td> <? } else if($verified == _("Pending")) { ?> <td class="DataTD"><?=$verified?></td> - <td class="DataTD"><?=$row['email']?></td> + <td class="DataTD"><?=sanitizeHTML($row['email'])?></td> <? } else { ?> <td class="DataTD"><?=$verified?></td> - <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['email']?></a></td> + <td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></a></td> <? } ?> - <td class="DataTD"><?=$row['expires']?></td> - <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['keyid']?></a></td> - <td class="DataTD"><input name="comment_<?=$row['id']?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> - <td class="DataTD"><input type="checkbox" name="check_comment_<?=$row['id']?>" /></td> + <td class="DataTD"><?=$row['expire']?></td> + <td class="DataTD"><a href="gpg.php?id=3&cert=<?=intval($row['id'])?>"><?=sanitizeHTML($row['keyid'])?></a></td> + <td class="DataTD"><input name="comment_<?=intval($row['id'])?>" type="text" value="<?=htmlspecialchars($row['description'])?>" /></td> + <td class="DataTD"><input type="checkbox" name="check_comment_<?=intval($row['id'])?>" /></td> </tr> <? } ?> <? } ?> @@ -77,5 +78,5 @@ <td class="DataTD" colspan="6"><input type="submit" name="change" value="<?=_("Change settings")?>" /> </td> </tr> </table> -<input type="hidden" name="oldid" value="<?=$id?>" /> +<input type="hidden" name="oldid" value="<?=intval($id)?>" /> </form> |