lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 17:14:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

auth tester, fix missing escape in diag_authentication.php

Browse Source
This commit is contained in:
Ad Schellevis 2021-10-26 10:13:41 +02:00
parent 1ddeeca108
commit 3e7aaee902
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/www/diag_authentication.php
View File

@ -68,8 +68,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (is_array($attr_value)) {
$attr_value = implode(",", $attr_value);
}
$attr_value = str_replace("\n", "<br/>", $attr_value);
$savemsg .= "{$attr_name} => {$attr_value}<br/>";
$attr_value = str_replace("\n", "<br/>", htmlspecialchars($attr_value));
$savemsg .= htmlspecialchars($attr_name) . " => {$attr_value}<br/>";
}
} else {
$input_errors[] = gettext("Authentication failed.");