aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2012-10-19 20:16:52 +0000
committerplegall <plg@piwigo.org>2012-10-19 20:16:52 +0000
commit548698e760eeca2abbafe2a38f77e2202f9c013b (patch)
treed195a14c29a97e71e462d54d4824b7f4002320d9
parent248784ff18b0a08f4d2d7d0e2600c41c288faa8c (diff)
merge r18699 from branch 2.4 to trunk
bug 2774 fixed: better sanitize on username_or_email user input git-svn-id: http://piwigo.org/svn/trunk@18700 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--password.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/password.php b/password.php
index fd3717151..845a00a3d 100644
--- a/password.php
+++ b/password.php
@@ -326,7 +326,7 @@ if ('lost' == $page['action'])
if (isset($_POST['username_or_email']))
{
- $template->assign('username_or_email', stripslashes(strip_tags($_POST['username_or_email'])));
+ $template->assign('username_or_email', htmlspecialchars(stripslashes($_POST['username_or_email'])));
}
}