Mercurial Mercurial > repos > enano-1.1 / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/wikiengine/Render/Plain/Anchor.php
author Dan
Sat, 19 Jan 2008 00:47:52 -0500
changeset 447 a9a3789ce02d
parent 1 fe660c52c48f
permissions -rw-r--r--
Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.

<?php

/**
* 
* This class renders an anchor target name in XHTML.
*
* @author Manuel Holtgrewe <purestorm at ggnore dot net>
*
* @author Paul M. Jones <pmjones at ciaweb dot net>
*
* @package Text_Wiki
*
*/

class Text_Wiki_Render_Plain_Anchor extends Text_Wiki_Render {
    
    function token($options)
    {
        return $options['name'];
    }
}

?>
Enano CMS (1.1.x)