From 7eb8f287fd6246a0ebaf5f020f3d1b681b50ce83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kyra=20=E3=83=84?= <KyraD@users.noreply.github.com>
Date: Sat, 16 Aug 2014 16:56:03 -0400
Subject: [PATCH] Fix XSS Vulnerability In "tpl.inc.php"

Fix applied to where the value is directly output to browser instead of where fetched in case special chars are allowed in `code_name`, which may break logic prior to output.
---
 include/staff/tpl.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/staff/tpl.inc.php b/include/staff/tpl.inc.php
index fff7e85da..9faa9d33b 100644
--- a/include/staff/tpl.inc.php
+++ b/include/staff/tpl.inc.php
@@ -77,7 +77,7 @@ $tpl=$msgtemplates[$selected];
 <form action="templates.php?id=<?php echo $id; ?>&amp;a=manage" method="post" id="save">
 <?php csrf_token(); ?>
 <?php foreach ($extras as $k=>$v) { ?>
-    <input type="hidden" name="<?php echo $k; ?>" value="<?php echo $v; ?>" />
+    <input type="hidden" name="<?php echo $k; ?>" value="<?php echo Format::htmlchars($v); ?>" />
 <?php } ?>
 <input type="hidden" name="id" value="<?php echo $id; ?>">
 <input type="hidden" name="a" value="manage">
-- 
GitLab