htmlentities -> htmlspecialchars

This commit is contained in:
2024-12-06 15:35:38 +08:00
parent daa005f029
commit d9b2d13caa
184 changed files with 410 additions and 405 deletions

View File

@@ -67,11 +67,11 @@
</label>
<?php if (isset($_GET['uid'])) { ?>
<div class="col-sm-3"><input name="user_id" class="form-control"
value="<?php echo htmlentities($_GET['uid'], ENT_QUOTES, 'UTF-8'); ?>"
value="<?php echo htmlspecialchars($_GET['uid'], ENT_QUOTES, 'UTF-8'); ?>"
type="text" required></div>
<?php } else if (isset($_POST['user_id'])) { ?>
<div class="col-sm-3"><input name="user_id" class="form-control"
value="<?php echo htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8'); ?>"
value="<?php echo htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8'); ?>"
type="text" required></div>
<?php } else { ?>
<div class="col-sm-3"><input name="user_id" class="form-control"
@@ -85,7 +85,7 @@
</label>
<?php if (isset($_POST['ip'])) { ?>
<div class="col-sm-3"><input name="ip" class="form-control"
value="<?php echo htmlentities($_POST['ip'], ENT_QUOTES, 'UTF-8') ?>"
value="<?php echo htmlspecialchars($_POST['ip'], ENT_QUOTES, 'UTF-8') ?>"
type="text" autocomplete="off" required></div>
<?php } else { ?>
<div class="col-sm-3"><input name="ip" class="form-control"
@@ -105,7 +105,7 @@
<?php
if ($result2 == "changed")
echo "<h2 style='color:#db2828'>User " . htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8') . "'s Login IP Changed to " . $ip . "</h2>";
echo "<h2 style='color:#db2828'>User " . htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8') . "'s Login IP Changed to " . $ip . "</h2>";
else
echo "<h2 style='color:#db2828'>Login IP Change</h2>";
?>