Commit cd7a4383 authored by Ruslan Kabalin's avatar Ruslan Kabalin
Browse files

Fix special chars double encoding in form action attribute (bug #640152)


Signed-off-by: default avatarRuslan Kabalin <ruslan.kabalin@luns.net.uk>
parent ac8c8982
...@@ -1027,10 +1027,10 @@ function auth_get_login_form() { ...@@ -1027,10 +1027,10 @@ function auth_get_login_form() {
$action .= '?'; $action .= '?';
foreach ($_GET as $key => $value) { foreach ($_GET as $key => $value) {
if ($key != 'logout' && $key != 'login') { if ($key != 'logout' && $key != 'login') {
$action .= hsc($key) . '=' . hsc($value) . '&amp;'; $action .= hsc($key) . '=' . hsc($value) . '&';
} }
} }
$action = substr($action, 0, -5); $action = substr($action, 0, -1);
} }
} }
if ($_POST) { if ($_POST) {
...@@ -1532,7 +1532,7 @@ function auth_generate_login_form() { ...@@ -1532,7 +1532,7 @@ function auth_generate_login_form() {
} }
$action=''; $action='';
if (get_config('httpswwwroot')) { if (get_config('httpswwwroot')) {
$action = rtrim(get_config('httpswwwroot'), '/') . hsc(strip_querystring(get_relative_script_path())); $action = rtrim(get_config('httpswwwroot'), '/') . strip_querystring(get_relative_script_path());
} }
require_once('pieforms/pieform.php'); require_once('pieforms/pieform.php');
if (count_records('institution', 'registerallowed', 1, 'suspended', 0)) { if (count_records('institution', 'registerallowed', 1, 'suspended', 0)) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment