Move shared .tpl files to tpl/ from lib/, this fixes a DoS vulneravility where master_template.tpl could be accessed as a standalone .tpl file that recursively called itself.
This commit is contained in:
Uriel
parent
9d87478586
commit
e91609e301
4 changed files with 1 additions and 1 deletions
18
tpl/_users/login.tpl
Normal file
18
tpl/_users/login.tpl
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
<h1>User login</h1>
|
||||
<br />
|
||||
% if(check_user) {
|
||||
You are logged in as: <b>%($logged_user%)</b>
|
||||
% }
|
||||
% if not {
|
||||
% if (~ $REQUEST_METHOD POST)
|
||||
% echo '<div class="notify_errors">Login failed!</div>'
|
||||
<form method="post" action="" style="text-align: right; float: left;">
|
||||
<fieldset>
|
||||
<label>User name: <input type="text" name="user_name" value="%($"post_arg_user_name%)"/></label><br />
|
||||
<label>User password: <input type="password" name="user_password" /></label><br />
|
||||
<input name="s" type="submit" value="Login" />
|
||||
</fieldset>
|
||||
</form>
|
||||
% }
|
||||
|
||||
<br style="clear:left" />
|
||||
Loading…
Add table
Add a link
Reference in a new issue