File tree Expand file tree Collapse file tree 2 files changed +7
-1
lines changed
Expand file tree Collapse file tree 2 files changed +7
-1
lines changed Original file line number Diff line number Diff line change 1111// Check token
1212verify_csrf ($ _GET
1313
14+ if (empty ($ _GET 'u ' ])){
15+ $ _GET 'u ' ] = '' ;
16+ }
17+ if (empty ($ _GET 'q ' ])){
18+ $ _GET 'q ' ] = '' ;
19+ }
1420// Data
1521$ qquoteshellarg ($ _GET 'q ' ]);
1622$ uquoteshellarg ($ _GET 'u ' ]);
Original file line number Diff line number Diff line change 143143 </ div >
144144 < div class ="clearfix l-unit__stat-col--left text-center "> < ?=translate_date($value['DATE'])?> </ div >
145145 < div class ="clearfix l-unit__stat-col--left text-center "> < b >
146- < a href ="/search/?q=<?=htmlspecialchars($q ); ?>&u=<?=$value['USER']; ?> "> < ?=$value['USER']; ?> </ a > </ b > </ div >
146+ < a href ="/search/?q=<?=htmlentities($_GET['q'] ); ?>&u=<?=$value['USER']; ?>&token=<?=$_SESSION['token'] ?> "> < ?=$value['USER']; ?> </ a > </ b > </ div >
147147 < div class ="clearfix l-unit__stat-col--left text-center "> < ?=_($object)?> </ b > </ div >
148148 </ div >
149149 </ div >
You can’t perform that action at this time.
0 commit comments