1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 22_SA-CORE-2009-009.dpatch by Artur Rona <ari-tczew@tlen.pl>
4
## All lines beginning with `## DP:' are a description of the patch.
5
## DP: Multiple vulnerabilities and weaknesses were discovered in Drupal.
7
## Ubuntu: https://bugs.launchpad.net/bugs/431080
8
## Upstream: http://drupal.org/node/661586
9
## Patch: http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-5.20.patch
13
diff -pruN -x '*~' drupal-5.10.orig/modules/contact/contact.module drupal-5.10/modules/contact/contact.module
14
--- drupal-5.10.orig/modules/contact/contact.module 2007-06-05 09:18:05.000000000 +0200
15
+++ drupal-5.10/modules/contact/contact.module 2009-12-20 22:08:32.000000000 +0100
16
@@ -145,7 +145,7 @@ function contact_admin_categories() {
17
$result = db_query('SELECT cid, category, recipients, selected FROM {contact} ORDER BY weight, category');
19
while ($category = db_fetch_object($result)) {
20
- $rows[] = array($category->category, $category->recipients, ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
21
+ $rows[] = array(check_plain($category->category), check_plain($category->recipients), ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
23
$header = array(t('Category'), t('Recipients'), t('Selected'), array('data' => t('Operations'), 'colspan' => 2));