Index: /CKEditor/trunk/CHANGES.html
===================================================================
--- /CKEditor/trunk/CHANGES.html (revision 7692)
+++ /CKEditor/trunk/CHANGES.html (revision 7693)
@@ -49,4 +49,11 @@
#8888 : It was not possible to scroll dialogs on very small viewports.
#9594 : The TAB key was having no effect on focused read-only editor.
+
+
+ CKEditor 3.6.5.1
+
+ Fixed issues:
+
+ - Security update: Added protection against XSS attack and possible path disclosure in PHP sample.
Index: /CKEditor/trunk/_samples/assets/_posteddata.php
===================================================================
--- /CKEditor/trunk/_samples/assets/_posteddata.php (revision 7692)
+++ /CKEditor/trunk/_samples/assets/_posteddata.php (revision 7693)
@@ -26,22 +26,22 @@
$value )
+ {
+ if ( ( !is_string($value) && !is_numeric($value) ) || !is_string($key) )
+ continue;
-foreach ( $postArray as $sForm => $value )
-{
- if ( get_magic_quotes_gpc() )
- $postedValue = htmlspecialchars( stripslashes( $value ) ) ;
- else
- $postedValue = htmlspecialchars( $value ) ;
-
+ if ( get_magic_quotes_gpc() )
+ $value = htmlspecialchars( stripslashes((string)$value) );
+ else
+ $value = htmlspecialchars( (string)$value );
?>
- |
- |
+ |
+ |