makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/12202] Can't call htmlspecialchars before checking for quotes

Browse source 
PHPBB3-12202
This commit is contained in:
Nathaniel Guse 2014-03-09 17:17:33 -05:00
parent 50dd76aef3
commit f3d8dfd1e3
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
phpBB/includes/functions.php
View file

@ -3368,7 +3368,7 @@ function parse_cfg_file($filename, $lines = false)
// Determine first occurrence, since in values the equal sign is allowed
$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));
$value = htmlspecialchars(trim(substr($line, $delim_pos + 1)));
$value = trim(substr($line, $delim_pos + 1));
if (in_array($value, array('off', 'false', '0')))
{
@ -3386,6 +3386,10 @@ function parse_cfg_file($filename, $lines = false)
{
$value = htmlspecialchars(substr($value, 1, sizeof($value)-2));
}
else
{
$value = htmlspecialchars($value);
}
$parsed_items[$key] = $value;
}