<head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <script language="JavaScript"> <!-- function KeyPress() { if(window.event.keyCode == 27) window.close(); } //--> </script> <style type="text/css"> <!-- body {margin-left:0; margin-top:0; margin-right:0; margin-bottom:0;} --> </style> <title><?php echo $alt; ?> </title></head> <body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" onKeyPress="KeyPress()"> <img src="<?php echo htmlspecialchars_plus($img); ?> " border="0" alt="<?php echo $alt; ?> "> </body> </html>
<?php if (substr($url, 0, 4) != "http" && substr($url, 0, 1) != "/") { $url = "/" . $url; } //This function will protect against utf-7 xss //on page with no character setting function htmlspecialchars_plus($str) { return str_replace("+", "+", htmlspecialchars($str)); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo htmlspecialchars_plus($charset); ?> "> <meta http-equiv="Refresh" content="3;URL=<?php echo htmlspecialchars_plus($url); ?> "> </head> <body> <div align="center"><h3><?php echo htmlspecialchars_plus($mess); ?> </h3></div> </body> </html>