áno určite bude, úprava bude jednoduchá. Zmení sa len jedna funkcia v phpRS systéme a do každého (z hľadiska XSS potencionálne nebezpečného) scriptu sa na začiatok pridá jedna konštanta. Do vydania úpravy postačí toto:
admin/areaders.php
r.198-205
for ($pom=0;$pom<$pocetct;$pom++):
$pole_data=phprs_sql_fetch_assoc($dotazct);
echo "<tr class=\"smltxt\" onmouseover=\"setPointer(this, '#CCFFCC')\" onmouseout=\"setPointer(this, '#FFFFFF')\">\n";
echo "<td align=\"center\">".$pole_data['idc']."</td>\n";
echo "<td align=\"center\">".htmlspecialchars($pole_data['prezdivka'],ENT_QUOTES)."</td>\n";
echo "<td align=\"left\">".TestNaNic(htmlspecialchars($pole_data['jmeno'],ENT_QUOTES))."</td>\n";
echo "<td align=\"left\">".TestNaNic(htmlspecialchars($pole_data['email'],ENT_QUOTES))."</td>\n";
echo "<td align=\"left\">";
admin/areaders.php
r.288-300
echo "<form action=\"".RS_VYKONNYSOUBOR."\" method=\"post\">
<table cellspacing=\"0\" cellpadding=\"5\" border=\"0\" align=\"center\" class=\"ramsedy-vypln\">
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_PREZDIVAK."</b></td>
<td align=\"left\">".htmlspecialchars($pole_data["prezdivka"],ENT_QUOTES)."</td></tr>
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_REG."</b></td>
<td align=\"left\">".MyDateTimeToDateTime($pole_data["datum"])."</td></tr>
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_POSL_AKT."</b></td>
<td align=\"left\">".MyDateTimeToDateTime($pole_data["posledni_login"])."</td></tr>
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_JMENO."</b></td>
<td align=\"left\"><input type=\"text\" name=\"prjmeno\" value=\"".htmlspecialchars($pole_data["jmeno"],ENT_QUOTES)."\" size=\"60\" class=\"textpole\" /></td></tr>
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_EMAIL."</b></td>
<td align=\"left\"><input type=\"text\" name=\"premail\" value=\"".htmlspecialchars($pole_data["email"],ENT_QUOTES)."\" size=\"60\" class=\"textpole\" /></td></tr>
<tr class=\"txt\"><td align=\"left\"><b>".RS_CTE_SC_FORM_INFO_CTE."</b></td>
Celkem upraveno 1×. Poslední úprava pa3k v 06.12.2007 19:59.