diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-09-22 18:31:50 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-09-22 18:31:50 +0000 |
| commit | e3882844ec985a62ae573bbcf618c08343afc717 (patch) | |
| tree | f980f059ded6f06bee2bb3597269209be32cdb3a /phpBB/adm/swatch.php | |
| parent | cbb286420fe5cd82687df99a7f146ffc39408dc7 (diff) | |
| download | forums-e3882844ec985a62ae573bbcf618c08343afc717.tar forums-e3882844ec985a62ae573bbcf618c08343afc717.tar.gz forums-e3882844ec985a62ae573bbcf618c08343afc717.tar.bz2 forums-e3882844ec985a62ae573bbcf618c08343afc717.tar.xz forums-e3882844ec985a62ae573bbcf618c08343afc717.zip | |
#i62 - #i65
gone through every javascript invocation and making sure we adhere to our coding guidelines.
git-svn-id: file:///svn/phpbb/trunk@8099 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/adm/swatch.php')
| -rw-r--r-- | phpBB/adm/swatch.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/phpBB/adm/swatch.php b/phpBB/adm/swatch.php index 9e537290ff..5a5a4e6d5c 100644 --- a/phpBB/adm/swatch.php +++ b/phpBB/adm/swatch.php @@ -29,9 +29,16 @@ $template->set_filenames(array( 'body' => 'colour_swatch.html') ); +$form = request_var('form', ''); +$name = request_var('name', ''); + +// We validate form and name here, only id/class allowed +$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form; +$name = (!preg_match('/^[a-z0-9_-]+$/i', $name)) ? '' : $name; + $template->assign_vars(array( - 'OPENER' => addslashes(request_var('form', '')), - 'NAME' => request_var('name', ''), + 'OPENER' => $form, + 'NAME' => $name, 'T_IMAGES_PATH' => "{$phpbb_root_path}images/", 'S_USER_LANG' => $user->lang['USER_LANG'], |