From 59e2298b8504b4b87ee5309b7fc04df953bf68fe Mon Sep 17 00:00:00 2001 From: plegall Date: Sat, 7 Apr 2012 21:16:02 +0000 Subject: merge r13961 from branch 2.3 to trunk bug 2612 fixed: sanitize $_GET['installstatus'] before display for themes/languages/plugins installation git-svn-id: http://piwigo.org/svn/trunk@13962 68402e56-0260-453c-a942-63ccdbb3a9ee --- admin/plugins_new.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'admin/plugins_new.php') diff --git a/admin/plugins_new.php b/admin/plugins_new.php index f6d82444b..747652269 100644 --- a/admin/plugins_new.php +++ b/admin/plugins_new.php @@ -76,7 +76,7 @@ if (isset($_GET['installstatus'])) default: array_push($page['errors'], - sprintf(l10n('An error occured during extraction (%s).'), $_GET['installstatus']), + sprintf(l10n('An error occured during extraction (%s).'), htmlspecialchars($_GET['installstatus'])), l10n('Please check "plugins" folder and sub-folders permissions (CHMOD).')); } } -- cgit v1.2.3