Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Cross-Site Scripting
- Userinput reaches sensitive sink when function display() is called.
- 125: echo <?php echo htmlspecialchars( $this->name() ) . $extet ?>
- 120: $extet = " <a href=\"" . getEscapedProfileUrl( false, false, $e ) . "\">[–]</a>"; // if ( !$ex ) {else
- 116: $e += array( $name => $ep ); // if ( !$ex ) {else // // if ( $name != $this->name() ) {
- 113: $e = array(); // if ( !$ex ) {else
- 114: foreach ( $expand as $name => $ep ) { // if ( !$ex ) {else
- 78: $expand[$f] = true; //
- 77: foreach( explode( ',', $_REQUEST['expand'] ) as $f )
- 114: foreach ( $expand as $name => $ep ) { // if ( !$ex ) {else
- 78: $expand[$f] = true; //
- 77: foreach( explode( ',', $_REQUEST['expand'] ) as $f )
- requires:
- 100: <A NAME="display_declare"></A><a href="#display_call" title="jump to call"><span class="linenr">100:</span> <span class="phps-t-function">function</span> <span class="phps-t-string">display</span><span class="phps-code">(</span> <span style="cursor:pointer;" name="phps-var-expand" onClick="markVariable('expand')" onmouseover="markVariable('expand')" onmouseout="markVariable('expand')" class="phps-t-variable">$expand</span><span class="phps-code">,</span> <span style="cursor:pointer;" name="phps-var-indent" onClick="markVariable('indent')" onmouseover="markVariable('indent')" onmouseout="markVariable('indent')" class="phps-t-variable">$indent</span> <span class="phps-code">=</span> <span class="phps-t-dnumber">0.0</span> <span class="phps-code">)</span> <span class="phps-code">{</span> </a>
Add Comment
Please, Sign In to add comment