Commit be05ac1a authored by Carsten  Rose's avatar Carsten Rose
Browse files

AbstractException.php: Error messages are no 'htmlspecialchars()' encoded....

AbstractException.php: Error messages are no 'htmlspecialchars()' encoded. Error output don't break the formatting anymore.
parent 51f3ccaa
......@@ -46,29 +46,29 @@ class AbstractException extends \Exception {
$this->messageArray['Content Id'] = $store->getVar(TYPO3_TT_CONTENT_UID, STORE_TYPO3);
}
$html .= "Code: " . $this->messageArray['Code'] . "<br>";
$html .= "Message: " . Support::wrapTag("<strong>", $this->messageArray['Message']) . "</br>";
$html .= "Code: " . htmlspecialchars($this->messageArray['Code']) . "<br>";
$html .= "Message: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Message'])) . "</br>";
// Form
if (isset($this->messageArray['Form'])) {
$html .= "Form: " . Support::wrapTag("<strong>", $this->messageArray['Form']) . "</br>";
$html .= "Form: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Form'])) . "</br>";
}
if (isset($this->messageArray['Form Element'])) {
$html .= "Form Element: " . Support::wrapTag("<strong>", $this->messageArray['Form Element']) . "</br>";
$html .= "Form Element: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Form Element'])) . "</br>";
}
// Report
if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_INDEX])) {
$html .= "Column index: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_INDEX]) . "</br>";
$html .= "Column index: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_INDEX])) . "</br>";
}
if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_NAME])) {
$html .= "Column name: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_NAME]) . "</br>";
$html .= "Column name: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_NAME])) . "</br>";
}
if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_VALUE])) {
$html .= "Column value: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_VALUE]) . "</br>";
$html .= "Column value: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_VALUE])) . "</br>";
}
$html = "<h2>Error</h2>" . Support::wrapTag('<p>', $html);
......@@ -86,7 +86,7 @@ class AbstractException extends \Exception {
}
if ($value !== '' && $value !== false)
$debug .= "<tr>" . "<td>$key</td>" . "<td>$value</td>" . "</tr>";
$debug .= "<tr>" . "<td>$key</td>" . "<td>" . htmlspecialchars($value) . "</td>" . "</tr>";
}
$debug = "<table border=1>" . $debug . "</table>";
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment