aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/install
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/install')
-rw-r--r--phpBB/install/database_update.php4
-rw-r--r--phpBB/install/index.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index 1600b7bd10..7795f8d7f7 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -236,7 +236,7 @@ if ($has_global && !$ga_forum_id)
<title><?php echo $lang['UPDATING_TO_LATEST_STABLE']; ?></title>
- <link href="<?php echo $phpbb_admin_path; ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
+ <link href="<?php echo htmlspecialchars($phpbb_admin_path); ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
</head>
@@ -286,7 +286,7 @@ header('Content-type: text/html; charset=UTF-8');
<title><?php echo $lang['UPDATING_TO_LATEST_STABLE']; ?></title>
-<link href="<?php echo $phpbb_admin_path; ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
+<link href="<?php echo htmlspecialchars($phpbb_admin_path); ?>style/admin.css" rel="stylesheet" type="text/css" media="screen" />
</head>
diff --git a/phpBB/install/index.php b/phpBB/install/index.php
index 69e9e7de42..643695ee2b 100644
--- a/phpBB/install/index.php
+++ b/phpBB/install/index.php
@@ -374,7 +374,7 @@ class module
'L_SELECT_LANG' => $lang['SELECT_LANG'],
'L_SKIP' => $lang['SKIP'],
'PAGE_TITLE' => $this->get_page_title(),
- 'T_IMAGE_PATH' => $phpbb_admin_path . 'images/',
+ 'T_IMAGE_PATH' => htmlspecialchars($phpbb_admin_path) . 'images/',
'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
'S_CONTENT_FLOW_BEGIN' => ($lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
@@ -577,7 +577,7 @@ class module
echo '<head>';
echo '<meta charset="utf-8">';
echo '<title>' . $lang['INST_ERR_FATAL'] . '</title>';
- echo '<link href="' . $phpbb_admin_path . 'style/admin.css" rel="stylesheet" type="text/css" media="screen" />';
+ echo '<link href="' . htmlspecialchars($phpbb_admin_path) . 'style/admin.css" rel="stylesheet" type="text/css" media="screen" />';
echo '</head>';
echo '<body id="errorpage">';
echo '<div id="wrap">';
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-02 07:32:47 +0000