Lanmikeman/nativegallery-weryskok
1
0
Fork 0
mirror of https://github.com/WerySkok/nativegallery.git synced 2024-11-15 03:31:19 +03:00
Code Issues Projects Releases Packages Wiki Activity

fix xss

Browse source
This commit is contained in:
themohooks 2024-07-17 01:37:42 +03:00
parent 7cbb9124fb
commit ceb737fc40
2 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
static/js/newcore.js
View file

@ -99,8 +99,7 @@
function errimg() {
// Create the HTML content
const content = <center>
const content = `<center>
<div class="p20 s5" style="border:none; margin:0 -20px; display:none;">
<b>Фото потеряно при крахе винчестера</b>
<div class="sm" style="margin-top:5px">
@ -108,7 +107,7 @@ function errimg() {
<a href="mailto:admin@transphoto.org?subject=Для восстановления фото 651731">admin@transphoto.org</a>
</div>
</div>
</center>;
</center>`;
$('#err').html(content);
$('#err .p20').slideDown(500);
}

6
views/pages/Photo.php
View file

@ -127,8 +127,8 @@ if ($photo->i('id') !== null) {
<table class="pwrite">
<tr>
<?php
if ($photo->i('place') != null) { ?>
<td class="nw" valign="top" align="right"><b><?= $photo->i('postbody') ?></b></td>
if ($photo->i('postbody') != null) { ?>
<td class="nw" valign="top" align="right"><b><?= htmlspecialchars($photo->i('postbody')) ?></b></td>
<?php } ?>
<td class="nw" align="left" valign="top"></td>
</tr>
@ -139,7 +139,7 @@ if ($photo->i('id') !== null) {
<div>
<?php
if ($photo->content('comment') != null) { ?>
<div style="padding-top:8px"><?= $photo->content('comment') ?></div>
<div style="padding-top:8px"><?= htmlspecialchars($photo->content('comment')) ?></div>
<?php } ?>
</div><br>
<?php