Bug 1621 fixed : CSS vulnerability in register.php

login and mail_address fields must be filtered with htmlspecialchars. git-svn-id: http://piwigo.org/svn/trunk@5936 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-05-18 07:16:11 +02:00 · 2010-04-21 20:13:41 +00:00
parent 23cc91fcff
commit afb2e04fab
1 changed files with 2 additions and 2 deletions
@@ -76,8 +76,8 @@ $template->assign(array(
  'U_HOME' => make_index_url(),

  'F_ACTION' => 'register.php',
-  'F_LOGIN' => $login,
-  'F_EMAIL' => $email
+  'F_LOGIN' => htmlspecialchars($login, ENT_QUOTES, 'utf-8'),
+  'F_EMAIL' => htmlspecialchars($email, ENT_QUOTES, 'utf-8')
  ));

 //-------------------------------------------------------------- errors display