3 Commits (master)

Author	SHA1	Message	Date
Christian Boltz	e3b242e4d8	flash_error.tpl: ... - html-escape flash_info() / flash_error() messages to fix XSS if the message contains user-supplied input (thanks to Filippo Cavallarin for the report) Note: This will cause ugly output for some german error messages which contain ü etc., and the warning message in backup.php (with some HTML tags included) will also look totally ugly. Nevertheless, that's still better than XSS attacks ;-) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1331 a1433add-5e2c-0410-b055-b7f2511e0802	13 years ago
David Goodwin	25675e9377	use isset to check existance of a variable ... git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1238 a1433add-5e2c-0410-b055-b7f2511e0802	13 years ago
Christian Boltz	27ce979678	header.tpl, index.tpl, flash_error.tpl: ... - move flash_error and flash_info output from header.tpl to separate flash_error.tpl file - some HTML whitespace fixing in header.tpl This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF), https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1077 a1433add-5e2c-0410-b055-b7f2511e0802	13 years ago