From: Weblate Date: Tue, 19 May 2015 12:00:05 +0000 (+0200) Subject: Merge remote-tracking branch 'origin/master' X-Git-Tag: 1.1~75 X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/02ffb9fe02fbdb2abfa3c449ca60e37e76126f14?hp=896af1948aae9c3f48f10cff3752f926347d04f4 Merge remote-tracking branch 'origin/master' --- diff --git a/f.php b/f.php index 99a67df..75d77d7 100644 --- a/f.php +++ b/f.php @@ -191,9 +191,9 @@ if (!$password_challenged && !$do_download && !$do_preview) echo '" ' . 'method = "post" id = "submit_post">'; ?> ' . $link['file_name'] . '' . + echo '
' . htmlspecialchars($link['file_name']) . '
' . '' . ''; echo '';
' . - t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . + t('You are about to download') . ' "' . htmlspecialchars($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ')' . '
' . t('By using our services, you accept our'). ' ' . t('Term Of Service') . '' . diff --git a/lib/functions.php b/lib/functions.php index 1800231..0f42e21 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -614,7 +614,7 @@ jirafeau_admin_list ($name, $file_hash, $link_hash) continue; /* Filter. */ - if (!empty ($name) && !preg_match ("/$name/i", $l['file_name'])) + if (!empty ($name) && !preg_match ("/$name/i", htmlspecialchars($l['file_name']))) continue; if (!empty ($file_hash) && $file_hash != $l['md5']) continue; @@ -626,7 +626,7 @@ jirafeau_admin_list ($name, $file_hash, $link_hash) '
' . '' . '' . - '' . + '' . '
'; echo '
' . $l['mime_type'] . '