]> scripts.mit.edu Git - autoinstalls/mediawiki.git/blobdiff - includes/specials/SpecialRestrictUser.php
scripts.mit.edu / autoinstalls / mediawiki.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Mediawiki 1.15.2
[autoinstalls/mediawiki.git] / includes / specials / SpecialRestrictUser.php
diff --git a/includes/specials/SpecialRestrictUser.php b/includes/specials/SpecialRestrictUser.php
index 761e0cd6e1290224e2ccd7c5c3efb18ed0af4b93..b946cde83e604d60bd0aedee0e07bfa99c4cca06 100644 (file)
--- a/includes/specials/SpecialRestrictUser.php
+++ b/includes/specials/SpecialRestrictUser.php
@@ -37,7 +37,8 @@ function wfSpecialRestrictUser( $par = null ) {
 class RestrictUserForm {
        public static function selectUserForm( $val = null, $error = null ) {
                global $wgScript, $wgTitle;
-               $s  = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$wgScript}\">";
+               $action = htmlspecialchars( $wgScript );
+               $s  = Xml::fieldset( wfMsg( 'restrictuser-userselect' ) ) . "<form action=\"{$action}\">";
                if( $error )
                        $s .= '<p>' . $error . '</p>';
                $s .= Xml::hidden( 'title', $wgTitle->getPrefixedDbKey() );
MediaWiki autoinstaller for scripts.mit.edu