⌈⌋ branch:  freshcode


Check-in [453b4e3a7d]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fixed HTML escaping for password field.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:453b4e3a7d13185a14d30ea1d2eb22de79a35cef
User & Date: mario 2016-11-03 16:58:58
Context
2016-11-03
21:29
Hash any literal passwords. check-in: 322785403d user: mario tags: trunk
16:58
Fixed HTML escaping for password field. check-in: 453b4e3a7d user: mario tags: trunk
2016-05-31
10:14
Change `f_version()` back to allow meta characters `~+()#/@:` in release versions. check-in: 9c4fb2c6b2 user: mario tags: trunk
Changes

Changes to page_login.php.

41
42
43
44
45
46
47

48
49
50
51
52
53
54
..
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
// else
include("template/header.php");
?> <section id=main class=container-width><div style="width: 70%"><?php


// display login form
if (empty($_SESSION["openid"])) {


    print<<<HTML
    <h3>Login</h3>

    <table>
    <tr>
    <td>
................................................................................
    </p>
    <p>There are intentionally no user accounts on freshcode.club,
    but this prerequisite also helps eschew spam submissions.</p>
    </td>
    <td>
    <p>Or alternatively a per-project password.</p>
     <form action="" method=POST class="login box" style="background: #dde; border-color: #99b;">
       <input type=text id=login_pw name=set_password size=20 value="{$_SESSION["password"]}" placeholder="{$pw_placeholder}">
       <input type=submit value=Save>
       <br>
       <small>Write it down somewhere! And use "<u class=action>lock</u>" within the submit form to apply it.</small>
     </form>
    </p>
    </td>
    </tr>







>







 







|







41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
..
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
// else
include("template/header.php");
?> <section id=main class=container-width><div style="width: 70%"><?php


// display login form
if (empty($_SESSION["openid"])) {
    $h_password = htmlspecialchars($_SESSION["password"]);

    print<<<HTML
    <h3>Login</h3>

    <table>
    <tr>
    <td>
................................................................................
    </p>
    <p>There are intentionally no user accounts on freshcode.club,
    but this prerequisite also helps eschew spam submissions.</p>
    </td>
    <td>
    <p>Or alternatively a per-project password.</p>
     <form action="" method=POST class="login box" style="background: #dde; border-color: #99b;">
       <input type=text id=login_pw name=set_password size=20 value="{$h_password}" placeholder="{$pw_placeholder}">
       <input type=submit value=Save>
       <br>
       <small>Write it down somewhere! And use "<u class=action>lock</u>" within the submit form to apply it.</small>
     </form>
    </p>
    </td>
    </tr>