// Before calling execute, echo out brief description of action taken + date and time ???
// this gives good user feedback for long-running methods...
- echo '<h2>' . htmlspecialchars($actionname) . ' on server ' . htmlspecialchars($server) . " ...</h2>\n";
+ echo '<h2>' . htmlspecialchars($actionname, ENT_COMPAT, $inputcharset) . ' on server ' . htmlspecialchars($server, ENT_COMPAT, $inputcharset) . " ...</h2>\n";
flush();
$response = null;
if ($response) {
if ($response->faultCode()) {
// call failed! echo out error msg!
- //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+ //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
echo "<h3>$protoName call FAILED!</h3>\n";
- echo "<p>Fault code: [" . htmlspecialchars($response->faultCode()) .
- "] Reason: '" . htmlspecialchars($response->faultString()) . "'</p>\n";
+ echo "<p>Fault code: [" . htmlspecialchars($response->faultCode(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+ "] Reason: '" . htmlspecialchars($response->faultString(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "'</p>\n";
echo(strftime("%d/%b/%Y:%H:%M:%S\n"));
} else {
// call succeeded: parse results
- //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+ //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
printf("<h3>%s call(s) OK (%.2f secs.)</h3>\n", $protoName, $time);
echo(strftime("%d/%b/%Y:%H:%M:%S\n"));
} else {
$class = ' class="evenrow"';
}
- echo("<tr><td$class>" . htmlspecialchars($rec->scalarval()) . "</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">" .
- "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
- "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
- "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
- "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+ echo("<tr><td$class>" . htmlspecialchars($rec->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">" .
+ "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
- "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
- "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+ "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
- "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
- "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
- "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
- "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+ "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
- "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
- "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
- "<input type=\"hidden\" name=\"method\" value=\"" . $rec->scalarval() . "\" />" .
+ "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($rec->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "\" />" .
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
"<input type=\"hidden\" name=\"action\" value=\"describe\" />" .
"<input type=\"hidden\" name=\"run\" value=\"now\" />" .
$r2 = $resp[1]->value();
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
- echo "<thead>\n<tr><th>Method</th><th>" . htmlspecialchars($method) . "</th><th> </th><th> </th></tr>\n</thead>\n<tbody>\n";
- $desc = htmlspecialchars($r1->scalarval());
+ echo "<thead>\n<tr><th>Method</th><th>" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "</th><th> </th><th> </th></tr>\n</thead>\n<tbody>\n";
+ $desc = htmlspecialchars($r1->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding);
if ($desc == "") {
$desc = "-";
}
$x = $r2->arraymem($i);
if ($x->kindOf() == "array") {
$ret = $x->arraymem(0);
- echo "<code>OUT: " . htmlspecialchars($ret->scalarval()) . "<br />IN: (";
+ echo "<code>OUT: " . htmlspecialchars($ret->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "<br />IN: (";
if ($x->arraysize() > 1) {
for ($k = 1; $k < $x->arraysize(); $k++) {
$y = $x->arraymem($k);
- echo $y->scalarval();
+ echo htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding);
if ($wstype != 1) {
- $payload = $payload . '<param><value><' . htmlspecialchars($y->scalarval()) . '></' . htmlspecialchars($y->scalarval()) . "></value></param>\n";
+ $payload = $payload . '<param><value><' .
+ htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+ '></' . htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+ "></value></param>\n";
}
$alt_payload .= $y->scalarval();
if ($k < $x->arraysize() - 1) {
// button to test this method
//$payload="<methodCall>\n<methodName>$method</methodName>\n<params>\n$payload</params>\n</methodCall>";
echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">" .
- "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
- "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
- "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
- "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+ "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
- "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
- "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+ "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
- "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
- "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
- "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
- "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+ "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
- "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
- "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
- "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method) . "\" />" .
- "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload) . "\" />" .
- "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload) . "\" />" .
+ "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
"<input type=\"hidden\" name=\"action\" value=\"execute\" />";
if ($wstype != 1) {
echo "</form></td>\n";
echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">" .
- "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
- "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
- "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
- "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+ "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
- "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
- "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+ "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
- "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
- "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
- "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
- "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+ "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
- "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
- "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
- "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method) . "\" />" .
+ "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"methodsig\" value=\"" . $i . "\" />" .
- "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload) . "\" />" .
- "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload) . "\" />" .
+ "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload, ENT_COMPAT, $inputcharset) . "\" />" .
+ "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset) . "\" />" .
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
"<input type=\"hidden\" name=\"run\" value=\"now\" />" .
"<input type=\"hidden\" name=\"action\" value=\"wrap\" />" .
* @todo add http no-cache headers
**/
+// make sure we set the correct charset type for output, so that we can display all characters
+//header('Content-Type: text/html; charset=utf-8');
+
include __DIR__ . '/common.php';
if ($action == '') {
$action = 'list';
<tr>
<td><h2>Target server</h2></td>
<td class="labelcell">Address:</td>
- <td><input type="text" name="host" value="<?php echo htmlspecialchars($host); ?>"/></td>
+ <td><input type="text" name="host" value="<?php echo htmlspecialchars($host, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Port:</td>
- <td><input type="text" name="port" value="<?php echo htmlspecialchars($port); ?>" size="5" maxlength="5"/>
+ <td><input type="text" name="port" value="<?php echo htmlspecialchars($port, ENT_COMPAT, $inputcharset); ?>" size="5" maxlength="5"/>
</td>
<td class="labelcell">Path:</td>
- <td><input type="text" name="path" value="<?php echo htmlspecialchars($path); ?>"/></td>
+ <td><input type="text" name="path" value="<?php echo htmlspecialchars($path, ENT_COMPAT, $inputcharset); ?>"/></td>
</tr>
</table>
<td>Generate stub for method call<input type="radio" name="action" value="wrap"<?php if ($action == 'wrap') { echo ' checked="checked"'; } ?> onclick="switchaction();"/></td>
</tr>
</table>
- <input type="hidden" name="methodsig" value="<?php echo htmlspecialchars($methodsig); ?>"/>
+ <input type="hidden" name="methodsig" value="<?php echo htmlspecialchars($methodsig, ENT_COMPAT, $inputcharset); ?>"/>
<table id="methodblock">
<tr>
<td><h2>Method</h2></td>
<td class="labelcell">Name:</td>
- <td><input type="text" name="method" value="<?php echo htmlspecialchars($method); ?>"/></td>
+ <td><input type="text" name="method" value="<?php echo htmlspecialchars($method, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Payload:<br/>
<div id="methodpayloadbtn"></div>
</td>
- <td><textarea id="methodpayload" name="methodpayload" rows="1" cols="40"><?php echo htmlspecialchars($payload); ?></textarea></td>
- <td class="labelcell" id="idcell">Msg id: <input type="text" name="id" size="3" value="<?php echo htmlspecialchars($id); ?>"/></td>
+ <td><textarea id="methodpayload" name="methodpayload" rows="1" cols="40"><?php echo htmlspecialchars($payload, ENT_COMPAT, $inputcharset); ?></textarea></td>
+ <td class="labelcell" id="idcell">Msg id: <input type="text" name="id" size="3" value="<?php echo htmlspecialchars($id, ENT_COMPAT, $inputcharset); ?>"/></td>
<td><input type="hidden" name="wstype" value="<?php echo $wstype; ?>"/>
<input type="submit" value="Execute" onclick="return verifyserver();"/></td>
</tr>
<tr>
<td class="labelcell">AUTH:</td>
<td class="labelcell">Username:</td>
- <td><input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"/></td>
+ <td><input type="text" name="username" value="<?php echo htmlspecialchars($username, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Pwd:</td>
- <td><input type="password" name="password" value="<?php echo htmlspecialchars($password); ?>"/></td>
+ <td><input type="password" name="password" value="<?php echo htmlspecialchars($password, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Type</td>
<td><select name="authtype">
<option value="1"<?php if ($authtype == 1) { echo ' selected="selected"'; } ?>>Basic</option>
<td class="labelcell">Verify Cert:</td>
<td><input type="checkbox" value="1" name="verifypeer" onclick="swicthcainfo();"<?php if ($verifypeer) { echo ' checked="checked"'; } ?> /></td>
<td class="labelcell">CA Cert file:</td>
- <td><input type="text" name="cainfo" value="<?php echo htmlspecialchars($cainfo); ?>"/></td>
+ <td><input type="text" name="cainfo" value="<?php echo htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset); ?>"/></td>
</tr>
<tr>
<td class="labelcell">PROXY:</td>
<td class="labelcell">Server:</td>
- <td><input type="text" name="proxy" value="<?php echo htmlspecialchars($proxy); ?>"/></td>
+ <td><input type="text" name="proxy" value="<?php echo htmlspecialchars($proxy, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Proxy user:</td>
- <td><input type="text" name="proxyuser" value="<?php echo htmlspecialchars($proxyuser); ?>"/></td>
+ <td><input type="text" name="proxyuser" value="<?php echo htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset); ?>"/></td>
<td class="labelcell">Proxy pwd:</td>
- <td><input type="password" name="proxypwd" value="<?php echo htmlspecialchars($proxypwd); ?>"/></td>
+ <td><input type="password" name="proxypwd" value="<?php echo htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset); ?>"/></td>
</tr>
<tr>
<td class="labelcell">COMPRESSION:</td>
</tr>
<tr>
<td class="labelcell">COOKIES:</td>
- <td colspan="4" class="labelcell"><input type="text" name="clientcookies" size="80" value="<?php echo htmlspecialchars($clientcookies); ?>"/></td>
+ <td colspan="4" class="labelcell"><input type="text" name="clientcookies" size="80" value="<?php echo htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset); ?>"/></td>
<td colspan="2">Format: 'cookie1=value1, cookie2=value2'</td>
</tr>
</table>