Fix some missing html escaping...

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2731 44740490-163a-0410-bde0-09ae8108e29a

Fix some missing html escaping...
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2731 44740490-163a-0410-bde0-09ae8108e29a
4210eb01 · Andreas Åkre Solberg · e39c0f73 · 4210eb01 · 4210eb01
Commit 4210eb01 authored 14 years ago by Andreas Åkre Solberg
--- a/modules/oauth/templates/authorized.php
+++ b/modules/oauth/templates/authorized.php
@@ -8,9 +8,9 @@ $this->includeAtTemplateBase('includes/header.php');
    <p style="margin-top: 2em">
       You are now successfully authenticated, and you may click <em>Continue</em> in the application where you initiated authentication.
    </p>
-<?php if ($this->data['oauth_verifier']) {?>
+<?php if (!empty($this->data['oauth_verifier'])) {?>
 	<p>
-		When asked, the verifier code to finish the procedure, is: <b><?php echo $this->data['oauth_verifier'];?></b>.
+		When asked, the verifier code to finish the procedure, is: <b><?php echo htmlspecialchars($this->data['oauth_verifier']);?></b>.
 	</p>
 <?php } ?>       

--- a/modules/oauth/templates/consent.php
+++ b/modules/oauth/templates/consent.php
@@ -6,10 +6,10 @@ $this->includeAtTemplateBase('includes/header.php');
 ?>
    <p style="margin-top: 2em">
-       Do you agree to let the application at <b><?php echo $this->data['consumer']['name']?></b> use Foodle on your behalf? 
+       Do you agree to let the application at <b><?php echo htmlspecialchars($this->data['consumer']['name'])?></b> use Foodle on your behalf? 
    </p>
    <p>
-      <a href="<?php echo $this->data['urlAgree']; ?>">Yes I agree</a> |
+      <a href="<?php echo htmlspecialchars($this->data['urlAgree']); ?>">Yes I agree</a> |
      <a href="javascript:alert('Please close this browser.');">No, cancel the request.</a>
    </p>