Skip to content
Snippets Groups Projects
Commit 3213331f authored by Bernhard Posselt's avatar Bernhard Posselt
Browse files

Merge pull request #2129 from owncloud/don't-sanitize-error-message 

Don't sanitize error message hint
parents 145fb180 cfb10dc5
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
core/templates/error.php
+ 1
1
View file @ 3213331f
......@@ -2,7 +2,7 @@
<?php foreach($_["errors"] as $error):?>
<li class='error'>
<?php p($error['error']) ?><br/>
<p class='hint'><?php if(isset($error['hint']))p($error['hint']) ?></p>
<p class='hint'><?php if(isset($error['hint']))print_unescaped($error['hint']) ?></p>
</li>
<?php endforeach ?>
</ul>
lib/template.php
+ 3
2
View file @ 3213331f
......@@ -519,12 +519,13 @@ class OC_Template{
/**
* @brief Print a fatal error page and terminates the script
* @param string $error The error message to show
* @param string $hint An option hint message
* @param string $hint An optional hint message
* Warning: All data passed to $hint needs to get sanitized using OC_Util::sanitizeHTML
*/
public static function printErrorPage( $error_msg, $hint = '' ) {
$content = new OC_Template( '', 'error', 'error' );
$errors = array(array('error' => $error_msg, 'hint' => $hint));
$content->assign( 'errors', $errors, false );
$content->assign( 'errors', $errors );
$content->printPage();
die();
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment