Bug 1621 fixed : CSS vulnerability in register.php

login and mail_address fields must be filtered with htmlspecialchars. merge from trunk git-svn-id: http://piwigo.org/svn/branches/2.0@5937 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-05-03 12:02:51 +02:00 · 2010-04-21 20:17:07 +00:00
parent a734c052c2
commit 3402ea7bf3
1 changed files with 2 additions and 2 deletions
--- a/register.php
+++ b/register.php
@@ -76,8 +76,8 @@ $template->assign(array(
  'U_HOME' => make_index_url(),

  'F_ACTION' => 'register.php',
-  'F_LOGIN' => $login,
-  'F_EMAIL' => $email
+  'F_LOGIN' => htmlspecialchars($login, ENT_QUOTES, 'utf-8'),
+  'F_EMAIL' => htmlspecialchars($email, ENT_QUOTES, 'utf-8')
  ));

 //-------------------------------------------------------------- errors display