]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 85bb13e)
MDL-7861 fixed regression caused by one of previous commit related to print_single_bu...
authorskodak <skodak>
Mon, 22 Jan 2007 18:23:14 +0000 (18:23 +0000)
committerskodak <skodak>
Mon, 22 Jan 2007 18:23:14 +0000 (18:23 +0000)
lib/weblib.php patch | blob | history

diff --git a/lib/weblib.php b/lib/weblib.php
index faa99560227c4895e5394e0c3d4593817d7a88f9..3452b3cc9bbe547155db61eba8bff04ac996e318 100644 (file)
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -2901,9 +2901,10 @@ function print_box_end($return=false) {
  */
 function print_single_button($link, $options, $label='OK', $method='get', $target='_self', $return=false) {
     $output = '';
+    $link = str_replace('"', '&quot;', $link); //basic XSS protection
     $output .= '<div class="singlebutton">';
     // taking target out, will need to add later target="'.$target.'"
-    $output .= '<form action="'. s($link) .'" method="'. $method .'">';   
+    $output .= '<form action="'. $link .'" method="'. $method .'">';   
     $output .= '<fieldset class="invisiblefieldset">';
     if ($options) {
         foreach ($options as $name => $value) {
Unnamed repository; edit this file to name it for gitweb.