[Fusionforge-commits] r10405 - trunk/src/www/docman

Franck VILLAUME nerville at libremir.placard.fr.eu.org
Fri Sep 3 09:57:48 CEST 2010


Author: nerville
Date: 2010-09-03 09:57:47 +0200 (Fri, 03 Sep 2010)
New Revision: 10405

Modified:
   trunk/src/www/docman/index.php
Log:
protect feedback, error and warning string

Modified: trunk/src/www/docman/index.php
===================================================================
--- trunk/src/www/docman/index.php	2010-09-02 20:41:37 UTC (rev 10404)
+++ trunk/src/www/docman/index.php	2010-09-03 07:57:47 UTC (rev 10405)
@@ -39,9 +39,9 @@
 
 /* get informations from request or $_POST */
 $group_id = getIntFromRequest('group_id');
-$feedback = getStringFromRequest('feedback');
-$error_msg = getStringFromRequest('error_msg');
-$warning_msg = getStringFromRequest('warning_msg');
+$feedback = htmlspecialchars(getStringFromRequest('feedback'));
+$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
+$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
 
 /* validate group */
 if (!$group_id) {




More information about the Fusionforge-commits mailing list