This is a web interface to the Dragonfly CMS CVS tree. You can browse the file hierarchy by picking directories. If you pick a file, you will see the revision history for that file.
Selecting a revision number will show that revision of the file. There are links at each revision to display diffs, annotate and download.
Note: Info about CVS and our commits can be found at our CVS Info Forum

File name: html/includes/functions/linking.php
Revision : 9.22 => 9.23 (4 years 7 months 6 hours 58 minutes 56 seconds ago) by djmaze
Changed : +8 -2 lines
Comment: Fixed XSS exploit http://dragonflycms.org/Forums/viewtopic/t=14751.html

---

--- html/includes/functions/linking.php:9.22	Wed Dec 28 02:20:38 2005
+++ html/includes/functions/linking.php	Thu Feb  2 11:14:58 2006
@@ -9,9 +9,9 @@
   of the GNU GPL version 2 or any later version

   $Source: /cvs/html/includes/functions/linking.php,v $
-  $Revision: 9.22 $
+  $Revision: 9.23 $
   $Author: djmaze $
-  $Date: 2005/12/28 02:20:38 $
+  $Date: 2006/02/02 11:14:58 $
 **********************************************/

 function getlink($url='', $UseLEO=true, $full=false)
@@ -92,6 +92,12 @@
 	} else {
 		$REQUEST_URI = $_SERVER['REQUEST_URI'];
 	}
+	# firefox encodes url by default but others don't
+	$REQUEST_URI = urldecode($REQUEST_URI);
+	die($REQUEST_URI);
+	# encode the url " %22 and <> %3C%3E
+	$REQUEST_URI = str_replace('"', '%22', $REQUEST_URI);
+	$REQUEST_URI = preg_replace('#([\x3C\x3E])#e', '"%".bin2hex(\'\\1\')', $REQUEST_URI);
 	$REQUEST_URI = substr($REQUEST_URI, 0, strlen($REQUEST_URI)-strlen(stristr($REQUEST_URI, '&CMSSESSID')));
 	return $REQUEST_URI;
 }