Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
workflow
Commits
d45f1589
Commit
d45f1589
authored
Mar 03, 2010
by
jvandyk
Browse files
security issue
#1207
(SA-
CONTRIB-2010
-023): filter [workflow-current-state-log-entry] token
parent
9507ec22
Changes
1
Hide whitespace changes
Inline
Side-by-side
workflow.module
View file @
d45f1589
...
...
@@ -2204,11 +2204,11 @@ function workflow_token_values($type, $object = NULL) {
$values
[
'workflow-current-state-date-tstamp'
]
=
$row
->
stamp
;
$values
[
'workflow-current-state-date-formatted'
]
=
date
(
'M d, Y h:i:s'
,
$row
->
stamp
);
$values
[
'workflow-current-state-updating-user-name'
]
=
$account
->
uid
?
$account
->
name
:
variable_get
(
'anonymous'
,
'Anonymous'
);
$values
[
'workflow-current-state-updating-user-name'
]
=
$account
->
uid
?
check_plain
(
$account
->
name
)
:
variable_get
(
'anonymous'
,
'Anonymous'
);
$values
[
'workflow-current-state-updating-user-uid'
]
=
$account
->
uid
;
$values
[
'workflow-current-state-updating-user-mail'
]
=
$account
->
uid
?
$account
->
mail
:
''
;
$values
[
'workflow-current-state-updating-user-mail'
]
=
$account
->
uid
?
check_plain
(
$account
->
mail
)
:
''
;
$values
[
'workflow-current-state-log-entry'
]
=
$row
->
comment
;
$values
[
'workflow-current-state-log-entry'
]
=
filter_xss
(
$row
->
comment
,
array
(
'a'
,
'em'
,
'strong'
))
;
break
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment