Remove XSS vulnerabilities
This commit is contained in:
parent
0dd89a0e7f
commit
08690a29a5
1 changed files with 14 additions and 14 deletions
|
@ -232,9 +232,9 @@ class zpmt_stats_page {
|
|||
font-weight: 600;">';
|
||||
}
|
||||
$line++;
|
||||
print '<td><a href="https://dev.zgo.cash/invoice/' . $row->pmt_orderid . '" target="_blank">' . $row->pmt_orderid . "</a></td>";
|
||||
print '<td><a href="https://dev.zgo.cash/invoice/' . htmlentities($row->pmt_orderid, ENT_QUOTES) . '" target="_blank">' . htmlentities($row->pmt_orderid, ENT_QUOTES) . "</a></td>";
|
||||
print "<td>" . $row->pmt_wc_order . "</td>";
|
||||
print "<td>" . $row->pmt_wc_custname . "</td>";
|
||||
print "<td>" . htmlentities($row->pmt_wc_custname, ENT_QUOTES) . "</td>";
|
||||
print '<td style="text-align:center;">'. $row->pmt_accepted . "</td>";
|
||||
print '<td style="text-align:center;">'.$row->pmt_confirmed ."</td>";
|
||||
print '<td style="text-align:right;">'. number_format($row->pmt_amount,2) . "</td>";
|
||||
|
|
Loading…
Reference in a new issue