Sanitize the browse.php message

author Robert Sesek <rsesek@bluestatic.org>

Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)

committer Robert Sesek <rsesek@bluestatic.org>

Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)
author Robert Sesek <rsesek@bluestatic.org>
Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)
committer Robert Sesek <rsesek@bluestatic.org>
Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)
diff --git a/browse.php b/browse.php

index 87de2e93cdc559c2e8c1ccf35eb2e1625eea3375..b9852479c65cb4647627a80d640613883bc54c46 100644 (file)
--- a/browse.php
+++ b/browse.php
@@ -49,6 +49,8 @@ if ($show['prev'])
  
  $revinfo = $viewsvn->svn->common->fetch_log($path, $viewsvn->paths->fetch_rev_num());
  
+$revinfo['message_clean'] = nl2br(htmlspecialchars($revinfo['messag']));
+
  $listing = $viewsvn->svn->ls($repos, $relpath, $viewsvn->paths->fetch_rev_num());
  
  $nodes = '';
diff --git a/templates/default/browse.tpl b/templates/default/browse.tpl

index e6969674e6a9d609bfa1506a4a24445634caaca6..2f74bc3943e38bad169f2594fadcd6ce4cccd055 100644 (file)
--- a/templates/default/browse.tpl
+++ b/templates/default/browse.tpl
@@ -12,7 +12,7 @@ $header
         <div><strong>Revision:</strong> $revinfo[rev]</div>
         <div><strong>Author:</strong> $revinfo[author]</div>
         <div><strong>Date:</strong> $revinfo[date] $revinfo[timezone]</div>
-       <div><strong>Message:</strong> $revinfo[message]</div>
+       <div><strong>Message:</strong> $revinfo[message_clean]</div>
  </div>
  
  <div class="head" style="border-width: 0px 1px 1px 1px">
author	Robert Sesek <rsesek@bluestatic.org>
	Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)
committer	Robert Sesek <rsesek@bluestatic.org>
	Mon, 12 Sep 2005 00:04:13 +0000 (00:04 +0000)
browse.php		patch \| blob \| history
templates/default/browse.tpl		patch \| blob \| history