BugTrack/231:fix XSS vulnerability.

diff --git a/plugin/bugtrack.inc.php b/plugin/bugtrack.inc.php
index 0813036..fe7057d 100644 (file)
--- a/plugin/bugtrack.inc.php
+++ b/plugin/bugtrack.inc.php
@@ -8,7 +8,7 @@
  * Êѹ¹ÍúÎò:
  *  2002.06.17: ºî¤ê»Ï¤á
  *
- * $Id: bugtrack.inc.php,v 1.9 2003/02/25 06:17:35 panda Exp $
+ * $Id: bugtrack.inc.php,v 1.10 2003/02/28 06:19:59 panda Exp $
  */
 
 function plugin_bugtrack_init()
@@ -86,7 +86,8 @@ function plugin_bugtrack_print_form($base,$category)
        else {
                $encoded_category = '<select name="category">';
                foreach ($category as $_category) {
-                       $encoded_category .= "<option value=\"$_category\">$_category</option>\n";
+                       $s_category = htmlspecialchars($_category);
+                       $encoded_category .= "<option value=\"$s_category\">$s_category</option>\n";
                }
                $encoded_category .= '</select>';
        }
@@ -182,7 +183,6 @@ function plugin_bugtrack_write($base, $pagename, $summary, $name, $priority, $st
        $pagename = strip_bracket($pagename);
        
        $postdata = plugin_bugtrack_template($base, $summary, $name, $priority, $state, $category, $version, $body);
-       $postdata = user_rules_str($postdata);
 
        $i = 0;
        do {