htmlentities -> htmlspecialchars
This commit is contained in:
@@ -67,11 +67,11 @@
|
||||
</label>
|
||||
<?php if (isset($_GET['uid'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control"
|
||||
value="<?php echo htmlentities($_GET['uid'], ENT_QUOTES, 'UTF-8'); ?>"
|
||||
value="<?php echo htmlspecialchars($_GET['uid'], ENT_QUOTES, 'UTF-8'); ?>"
|
||||
type="text" required></div>
|
||||
<?php } else if (isset($_POST['user_id'])) { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control"
|
||||
value="<?php echo htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8'); ?>"
|
||||
value="<?php echo htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8'); ?>"
|
||||
type="text" required></div>
|
||||
<?php } else { ?>
|
||||
<div class="col-sm-3"><input name="user_id" class="form-control"
|
||||
@@ -85,7 +85,7 @@
|
||||
</label>
|
||||
<?php if (isset($_POST['ip'])) { ?>
|
||||
<div class="col-sm-3"><input name="ip" class="form-control"
|
||||
value="<?php echo htmlentities($_POST['ip'], ENT_QUOTES, 'UTF-8') ?>"
|
||||
value="<?php echo htmlspecialchars($_POST['ip'], ENT_QUOTES, 'UTF-8') ?>"
|
||||
type="text" autocomplete="off" required></div>
|
||||
<?php } else { ?>
|
||||
<div class="col-sm-3"><input name="ip" class="form-control"
|
||||
@@ -105,7 +105,7 @@
|
||||
|
||||
<?php
|
||||
if ($result2 == "changed")
|
||||
echo "<h2 style='color:#db2828'>User " . htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8') . "'s Login IP Changed to " . $ip . "</h2>";
|
||||
echo "<h2 style='color:#db2828'>User " . htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8') . "'s Login IP Changed to " . $ip . "</h2>";
|
||||
else
|
||||
echo "<h2 style='color:#db2828'>Login IP Change</h2>";
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user