Hello, this little php file have 25 XSS High Risk alert. To close this or prevent hacker you just need to add htmlspecialchars etc.
But im not dat pro with this and this code looks a bit crypted or converted.
Can some one find the problem and tell me how to fix this file? then i can fix all files like that too.
Here is the php File with 25 XSS included:
<?php defined('SYSPATH') or die('No direct script access.');?>
<form class="well form-horizontal" method="post" action="<?=Route::url('oc-panel',array('directory'=>'user','controller'=>'auth','action'=>'register'))?>">
<?=Form::errors()?>
<div class="form-group">
<label class="col-md-1 control-label"><?=__('Name')?></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input class="form-control" type="text" name="name" value="<?=Request::current()->post('name')?>" placeholder="<?=__('Name')?>">
</div>
</div>
<div class="form-group">
<label class="col-md-1 control-label"><?=__('Email')?></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input class="form-control" type="text" name="email" value="<?=Request::current()->post('email')?>" placeholder="<?=__('Email')?>">
</div>
</div>
<div class="col-md-offset-1">
<a class="btn btn-default" data-dismiss="modal" data-toggle="modal" title="<?=__('Login')?>" href="<?=Route::url('oc-panel',array('directory'=>'user','controller'=>'auth','action'=>'login'))?>#login-modal">
<i class="icon-user"></i>
<?=__('Login')?>
</a>
<button type="submit" class="btn btn-primary"><?=__('Register')?></button>
</div>
<?=Form::redirect()?>
<?=Form::CSRF('register')?>
</form>