From fe9a23f542bc56c1c0b6dc30257418e38ff7bd3a Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Sat, 08 Jun 2013 18:57:40 -0400
Subject: [PATCH] - Fixed FS#2936 - Please check and limit username input length.

---
 interface/web/dashboard/dashboard.php |   21 +++++++++++++++++++--
 1 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/interface/web/dashboard/dashboard.php b/interface/web/dashboard/dashboard.php
index 2f4ba5d..b0bb809 100644
--- a/interface/web/dashboard/dashboard.php
+++ b/interface/web/dashboard/dashboard.php
@@ -55,7 +55,7 @@
 	$name = $tmp['contact_name'];
 }
 
-$welcome = sprintf($wb['welcome_user_txt'], $name);
+$welcome = sprintf($wb['welcome_user_txt'], htmlentities($name, ENT_QUOTES, 'UTF-8'));
 $app->tpl->setVar('welcome_user', $welcome);
 
 
@@ -93,6 +93,16 @@
 */
 $info = array();
 
+if(isset($_SESSION['show_info_msg'])) {
+    $info[] = array('info_msg' => '<p>'.$_SESSION['show_info_msg'].'</p>');
+    unset($_SESSION['show_info_msg']);
+}
+if(isset($_SESSION['show_error_msg'])) {
+    $app->tpl->setloop('error', array(array('error_msg' => '<p>'.$_SESSION['show_error_msg'].'</p>')));
+    unset($_SESSION['show_error_msg']);
+}
+
+
 /*
  * Check the ISPConfig-Version (only for the admin)
 */
@@ -104,17 +114,24 @@
 	$v1 = ISPC_APP_VERSION;
 	$v2 = $_SESSION['s']['new_ispconfig_version'];
 	$this_version = explode(".",$v1);
+	/*
 	$this_fullversion = (($this_version[0] < 10) ? '0'.$this_version[0] : $this_version[0]) .
 			    ((isset($this_version[1]) && $this_version[1] < 10) ? '0'.$this_version[1] : $this_version[1]) .
 			    ((isset($this_version[2]) && $this_version[2] < 10) ? '0'.$this_version[2] : $this_version[2]) .
 			    ((isset($this_version[3]) && $this_version[3] < 10) ? (($this_version[3] < 1) ? '00' : '0'.$this_version[3]) : @$this_version[3]);
 
-
+	*/
+	
 	$new_version = explode(".",$v2);
+	/*
 	$new_fullversion =  (($new_version[0] < 10) ? '0'.$new_version[0] : $new_version[0]) .
 			    ((isset($new_version[1]) && $new_version[1] < 10) ? '0'.$new_version[1] : $new_version[1]) .
 			    ((isset($new_version[2]) && $new_version[2] < 10) ? '0'.$new_version[2] : $new_version[2]) .
 			    ((isset($new_version[3]) && $new_version[3] < 10) ? (($new_version[3] < 1) ? '00' : '0'.$new_version[3]) : @$new_version[3]);
+	*/
+	
+	$this_fullversion = str_pad($this_version[0], 2,'0',STR_PAD_LEFT).str_pad($this_version[1], 2,'0',STR_PAD_LEFT).@str_pad($this_version[2], 2,'0',STR_PAD_LEFT).@str_pad($this_version[3], 2,'0',STR_PAD_LEFT);
+	$new_fullversion = str_pad($new_version[0], 2,'0',STR_PAD_LEFT).str_pad($new_version[1], 2,'0',STR_PAD_LEFT).@str_pad($new_version[2], 2,'0',STR_PAD_LEFT).@str_pad($new_version[3], 2,'0',STR_PAD_LEFT);
 	if($new_fullversion > $this_fullversion) {
 		$info[] = array('info_msg' => '<p>There is a new Version of ISPConfig 3 available!</p>' . 
 			'<p>This Version: <b>' . $v1 . '</b></p>' . 

--
Gitblit v1.9.1