Commit 4d5cd9f5 authored by Gerhard Killesreiter's avatar Gerhard Killesreiter

SA-2006-011

parent b97a673f
Drupal 4.6.9, 2006-08-02
------------------------
- fixed security issue (XSS), see SA-2006-011
Drupal 4.6.8, 2006-06-01
------------------------
- fixed critical upload issue, see SA-2006-007
......
......@@ -835,7 +835,7 @@ function user_login($edit = array(), $msg = '') {
// Display login form:
if ($msg) {
$output .= "<p>$msg</p>";
$output .= '<p>'. check_plain($msg) .'</p>';
}
if (count(user_auth_help_links()) > 0) {
$output .= form_textfield(t('Username'), 'name', $edit['name'], 30, 64, t('Enter your %s username, or an ID from one of our affiliates: %a.', array('%s' => variable_get('site_name', 'local'), '%a' => implode(', ', user_auth_help_links()))));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment