htmlentities -> htmlspecialchars
This commit is contained in:
@@ -40,7 +40,7 @@ if (isset($_POST['do'])) {
|
||||
}else{
|
||||
email($OJ_ADMIN,"Privilege Add Warning!",$msg);
|
||||
}
|
||||
echo "<center><h4 class='text-danger'>User ".htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8')."'s Privilege Added!</h4></center>";
|
||||
echo "<center><h4 class='text-danger'>User ".htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8')."'s Privilege Added!</h4></center>";
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -51,9 +51,9 @@ if (isset($_POST['do'])) {
|
||||
<div class="form-group">
|
||||
<label class="col-sm-offset-3 col-sm-3 control-label"><?php echo $MSG_USER_ID?></label>
|
||||
<?php if(isset($_GET['uid'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else if(isset($_POST['user_id'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" placeholder="<?php echo $MSG_USER_ID."*"?>" type="text" required ></div>
|
||||
<?php } ?>
|
||||
@@ -112,9 +112,9 @@ if (isset($_POST['do'])) {
|
||||
<div class="form-group">
|
||||
<label class="col-sm-offset-3 col-sm-3 control-label"><?php echo $MSG_USER_ID?></label>
|
||||
<?php if(isset($_GET['uid'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else if(isset($_POST['user_id'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" placeholder="<?php echo $MSG_USER_ID."*"?>" type="text" required ></div>
|
||||
<?php } ?>
|
||||
@@ -147,9 +147,9 @@ if (isset($_POST['do'])) {
|
||||
<div class="form-group">
|
||||
<label class="col-sm-offset-3 col-sm-3 control-label"><?php echo $MSG_USER_ID?></label>
|
||||
<?php if(isset($_GET['uid'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_GET['uid'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else if(isset($_POST['user_id'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" value="<?php echo htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8');?>" type="text" required ></div>
|
||||
<?php } else { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control" placeholder="<?php echo $MSG_USER_ID."*"?>" type="text" required ></div>
|
||||
<?php } ?>
|
||||
|
||||
Reference in New Issue
Block a user