From a2100946c7b4574a8048823a6b58051a826c5fe7 Mon Sep 17 00:00:00 2001 From: Thomas Mudrunka Date: Tue, 4 Jun 2013 00:27:41 +0200 Subject: [PATCH] URL encode v kase --- assistants/bank.inc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/assistants/bank.inc.php b/assistants/bank.inc.php index e83af44..e5152d3 100644 --- a/assistants/bank.inc.php +++ b/assistants/bank.inc.php @@ -109,10 +109,10 @@ if(isset($_POST['transaction'])) { $account_to=$_POST['account_to']; $amount=$_POST['amount']; $comment=trim($_POST['comment']); - if(!is_numeric($amount) || $amount < 0) $this->post_redirect_get("$URL_INTERNAL?account=".$account_from,"Lze převádět jen kladné částky", true); - if(strlen($comment)<4) $this->post_redirect_get("$URL_INTERNAL?account=".$account_from,"Komentář musí mít alespoň 4 znaky!",true); + if(!is_numeric($amount) || $amount < 0) $this->post_redirect_get("$URL_INTERNAL?account=".urlencode($account_from),"Lze převádět jen kladné částky", true); + if(strlen($comment)<4) $this->post_redirect_get("$URL_INTERNAL?account=".urlencode($account_from),"Komentář musí mít alespoň 4 znaky!",true); bank_transaction($this, $account_from, $account_to, $comment, $amount); - $this->post_redirect_get("$URL_INTERNAL?account=".$account_from,"Transakce byla provedena:
Převod $amount $bank_currency z účtu $account_from na účet $account_to.
($comment)"); + $this->post_redirect_get("$URL_INTERNAL?account=".urlencode($account_from),"Transakce byla provedena:
Převod $amount $bank_currency z účtu $account_from na účet $account_to.
($comment)"); } $month = isset($_GET['month']) ? $_GET['month'] : false; @@ -131,7 +131,7 @@ $accounts = bank_get_accounts($this, $SUBPATH[0]=='admin'); $lastaccount=false; foreach($accounts as $account) { if($lastaccount && $lastaccount[0]!=$account[0] && !preg_match('/[a-zA-Z0-9]/', $lastaccount[0])) echo('
'); - echo("$account, "); + echo("$account, "); $lastaccount=$account; } -- 2.30.2