From 46546c5d79fd7efbc4847a52bbc12165cf0c6cb0 Mon Sep 17 00:00:00 2001
From: lemonsoftwarero <lemonsoftwarero>
Date: Tue, 17 Apr 2007 15:39:48 +0000
Subject: [PATCH] Patch for XSS vulnerability

---
 interface/login/login_frame.php | 57 +++++++++++++++++++++--------------------
 1 file changed, 29 insertions(+), 28 deletions(-)
 rewrite interface/login/login_frame.php (68%)

diff --git a/interface/login/login_frame.php b/interface/login/login_frame.php
dissimilarity index 68%
index 6a618c16a..6e4db5037 100644
--- a/interface/login/login_frame.php
+++ b/interface/login/login_frame.php
@@ -1,28 +1,29 @@
-<?
-$ignoreAuth=true;
-include_once("../globals.php");
-
-?>
-
-
-
-<HTML>
-<HEAD>
-<TITLE>
-Login
-</TITLE>
-</HEAD>
-<frameset rows="<?echo "$GLOBALS[logoBarHeight],$GLOBALS[titleBarHeight]" ?>,*" cols="*" frameborder="NO" border="0" framespacing="0">
-  <frame src="<?echo $rootdir;?>/login/filler.php" name="Filler Top" scrolling="no" noresize frameborder="NO">
-  <frame src="<?echo $rootdir;?>/login/login_title.php" name="Title" scrolling="no" noresize frameborder="NO">
-  <frame src="<?echo $rootdir;?>/login/login.php" name="Login" scrolling="auto" frameborder="NO">
-  <!--<frame src="<?echo $rootdir;?>/login/filler.php" name="Filler Bottom" scrolling="no" noresize frameborder="NO">-->
-</frameset>
-
-<noframes><body bgcolor="#FFFFFF">
-
-</body></noframes>
-
-
-
-</HTML>
+<?php
+$ignoreAuth = true;
+include_once ("../globals.php");
+include_once ("$srcdir/classes/Filtreatment_class.php");
+?>
+<HTML>
+<HEAD>
+    <TITLE><?php xl ('Login','e'); ?></TITLE>
+</HEAD>
+
+<?php
+$ob         = new Filtreatment();
+$_rootdir = $ob->doTreatment($rootdir, 'XSS');
+?>
+
+<frameset rows="<?echo "$GLOBALS[logoBarHeight],$GLOBALS[titleBarHeight]" ?>,*" cols="*" frameborder="NO" border="0" framespacing="0">
+  <frame src="<?echo $_rootdir;?>/login/filler.php" name="Filler Top" scrolling="no" noresize frameborder="NO">
+  <frame src="<?echo $_rootdir;?>/login/login_title.php" name="Title" scrolling="no" noresize frameborder="NO">
+  <frame src="<?echo $_rootdir;?>/login/login.php" name="Login" scrolling="auto" frameborder="NO">
+  <!--<frame src="<?echo $_rootdir;?>/login/filler.php" name="Filler Bottom" scrolling="no" noresize frameborder="NO">-->
+</frameset>
+
+<noframes><body bgcolor="#FFFFFF">
+
+</body></noframes>
+
+
+
+</HTML>
-- 
2.11.4.GIT