--- a/plugins/SpecialUserFuncs.php Sat Dec 19 16:06:27 2009 -0500
+++ b/plugins/SpecialUserFuncs.php Thu Jul 01 18:24:11 2010 -0400
@@ -1236,13 +1236,13 @@
{
echo ' selected="selected"';
}
- echo '>' . $t['theme_name'] . '</option>';
+ echo '>' . htmlspecialchars($t['theme_name']) . '</option>';
}
}
?>
</select>
</p>
- <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
+ <p><input type="hidden" name="return_to" value="<?php echo htmlspecialchars($ret); ?>" />
<input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
<?php } else {
$theme = $_POST['theme'];
@@ -1268,13 +1268,13 @@
} else die($dir.' is not a dir');
foreach ( $list as $l )
{
- echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
+ echo '<option value="'.$l.'">'.ucfirst($l).'</option>';
}
?>
</select>
</p>
- <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
- <input type="hidden" name="theme" value="<?php echo $theme; ?>" />
+ <p><input type="hidden" name="return_to" value="<?php echo htmlspecialchars($ret); ?>" />
+ <input type="hidden" name="theme" value="<?php echo htmlspecialchars($theme); ?>" />
<input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
<?php } ?>
</form>