fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-20 10:52:14 +09:00
Code Issues Projects Releases Packages Wiki Activity

xss defence

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@9876 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
flyskyko 2011-11-25 02:35:08 +00:00
parent 235d781638
commit b09862088a
3 changed files with 14 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/communication/communication.view.php
View file

@ -55,6 +55,7 @@
// Extract a list
$columnList = array('message_srl', 'readed', 'title', 'member.member_srl', 'member.nick_name', 'message.regdate', 'readed_date');
$output = $oCommunicationModel->getMessages($message_type, $columnList);
// set a template file
Context::set('total_count', $output->total_count);
Context::set('total_page', $output->total_page);
@ -62,6 +63,9 @@
Context::set('message_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
$oSecurity = new Security();
$oSecurity->encodeHTML('message_list..nick_name');
$this->setTemplateFile('messages');
}

7
modules/member/member.admin.view.php
View file

@ -49,7 +49,8 @@
}
// retrieve list of groups for each member
if($output->data) {
foreach($output->data as $key => $member) {
foreach($output->data as $key => $member)
{
$output->data[$key]->group_list = $oMemberModel->getMemberGroups($member->member_srl,0);
}
}
@ -73,8 +74,8 @@
Context::set('usedIdentifiers', $usedIdentifiers);
Context::set('page_navigation', $output->page_navigation);
$security = new Security();
$security->encodeHTML('member_list..user_name','member_list..group_list..');
$security = new Security();
$security->encodeHTML('member_list..user_name', 'member_list..nick_name', 'member_list..group_list..');
$this->setTemplateFile('member_list');
}

6
tests/phpunit.xml
View file

@ -1,4 +1,10 @@
<phpunit bootstrap="./Bootstrap.php">
<php>
<var name="DB_DSN" value="mysql:dbname=v150;host=localhost" />
<var name="DB_USER" value="ovclas" />
<var name="DB_PASSWD" value="12345" />
<var name="DB_DBNAME" value="v150" />
</php>
<testsuites>
<testsuite name="XE Core Test Suite">
<directory>.</directory>