Mercurial > hgrepos > hgweb.cgi > s4

changeset 769:f86dac0373b9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Escape $gecos in showhome()
author HIROSE Yuuji <yuuji@gentei.org>
date Mon, 08 Jun 2020 20:14:01 +0900
parents 891f1f5a8153
children c06c2df8a25a dc5c2a03cb7a
files s4-funcs.sh
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/s4-funcs.sh	Mon Jun 08 20:07:56 2020 +0900
+++ b/s4-funcs.sh	Mon Jun 08 20:14:01 2020 +0900
@@ -2090,7 +2090,7 @@
 
   tf=$tmpd/title.$$ pf=$tmpd/profile.$$ bf=$tmpd/blogs.$$ sf=$tmpd/search.$$
   search_form "$search_form_args"	> $sf
-  printf "%s さん" "$gecos"		> $tf
+  printf "%s さん" "$gecos"|htmlescape	> $tf
   { echo "<div class=\"noprofimg\">"
     viewtable $formdir/user.def user $1
     echo "</div>"

yatex.org