htmlentities -> htmlspecialchars
This commit is contained in:
@@ -72,7 +72,7 @@ if(isset($_GET['keyword']) && $_GET['keyword']!=""){
|
||||
echo "<td>".$row['rightstr'];
|
||||
if($row['valuestr']!="true") echo ":".$row['valuestr'];
|
||||
echo "</td>";
|
||||
echo "<td><a href='privilege_delete.php?uid=".htmlentities($row['user_id'],ENT_QUOTES,"UTF-8")."&rightstr={$row['rightstr']}&getkey=".$_SESSION[$OJ_NAME.'_'.'getkey']."'>Delete</a></td>";
|
||||
echo "<td><a href='privilege_delete.php?uid=".htmlspecialchars($row['user_id'],ENT_QUOTES,"UTF-8")."&rightstr={$row['rightstr']}&getkey=".$_SESSION[$OJ_NAME.'_'.'getkey']."'>Delete</a></td>";
|
||||
echo "</tr>";
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user