From 00d13178df1b85d621f1789a50feb89e06217143 Mon Sep 17 00:00:00 2001 From: dweller Date: Tue, 12 Mar 2024 01:36:42 +0200 Subject: if using older PHP version (like 7), the default flags for htmlspecialchars() are suboptimal, _sigh_ --- common.php | 1 + index.php | 4 ++-- search.php | 10 +++++----- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/common.php b/common.php index 82c59a6..5f7c05a 100644 --- a/common.php +++ b/common.php @@ -20,6 +20,7 @@ $section = trim($_GET['section'] ?? null); $arch = trim($_GET['arch'] ?? null); + $hsc_flags = ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401; /* function dbg_print($data) diff --git a/index.php b/index.php index 951be29..229cce2 100644 --- a/index.php +++ b/index.php @@ -54,7 +54,7 @@
- ' name='query' autocorrect="off" autocapitalize="none" required autofocus/> + ' name='query' autocorrect="off" autocapitalize="none" required autofocus/>
@@ -81,7 +81,7 @@ if((strlen($arch) > 0) && ($arch == $a)) $sel = 'selected="selected"'; - $a = htmlspecialchars($a); + $a = htmlspecialchars($a, $hsc_flags); echo ""; } ?> diff --git a/search.php b/search.php index e61da1b..522eeaf 100644 --- a/search.php +++ b/search.php @@ -48,7 +48,7 @@