merge r3184 backport from trunk to branch 2.0

bug 933 fixed : quick fix to prevent html injection git-svn-id: http://piwigo.org/svn/branches/2.0@3214 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-03-28 17:42:57 +01:00 · 2009-03-19 19:29:03 +00:00
parent 810a0b1783
commit c86ae74710
1 changed files with 1 additions and 1 deletions
--- a/register.php
+++ b/register.php
@@ -46,7 +46,7 @@ if (isset($_POST['submit']))
  }

  $errors =
-      register_user($_POST['login'],
+      register_user(htmlspecialchars($_POST['login'],ENT_COMPAT,'utf-8'),
                    $_POST['password'],
                    $_POST['mail_address'],
                    true,