diff options
| author | Marco Ceppi <marco@ceppi.net> | 2012-12-21 13:42:47 -0800 |
|---|---|---|
| committer | Marco Ceppi <marco@ceppi.net> | 2012-12-21 13:42:47 -0800 |
| commit | 487d18593624a2e612177b356486b4699469f7ac (patch) | |
| tree | 8cbf8186744b9e365d9e0c06741adbecdef5d6a0 /Auth | |
| parent | bf06401859679de62d7f5e1dc821c5f96cd0e83f (diff) | |
| parent | e4e1ec1e4f4935df42c3fd3ed15eb92d9d0b9116 (diff) | |
| download | php-openid-487d18593624a2e612177b356486b4699469f7ac.zip php-openid-487d18593624a2e612177b356486b4699469f7ac.tar.gz php-openid-487d18593624a2e612177b356486b4699469f7ac.tar.bz2 | |
Merge pull request #83 from UNINETT/master
Fix encoding errors in some POST forms + fix example server
Diffstat (limited to 'Auth')
| -rw-r--r-- | Auth/OpenID/Message.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/Auth/OpenID/Message.php b/Auth/OpenID/Message.php index 9a5b20d..16ec1c1 100644 --- a/Auth/OpenID/Message.php +++ b/Auth/OpenID/Message.php @@ -675,7 +675,7 @@ class Auth_OpenID_Message { if ($form_tag_attrs) { foreach ($form_tag_attrs as $name => $attr) { - $form .= sprintf(" %s=\"%s\"", $name, $attr); + $form .= sprintf(" %s=\"%s\"", $name, htmlspecialchars($attr)); } } @@ -684,11 +684,11 @@ class Auth_OpenID_Message { foreach ($this->toPostArgs() as $name => $value) { $form .= sprintf( "<input type=\"hidden\" name=\"%s\" value=\"%s\" />\n", - $name, urldecode($value)); + htmlspecialchars($name), htmlspecialchars($value)); } $form .= sprintf("<input type=\"submit\" value=\"%s\" />\n", - $submit_text); + htmlspecialchars($submit_text)); $form .= "</form>\n"; |