diff options
| author | plegall <plg@piwigo.org> | 2012-10-19 20:15:37 +0000 |
|---|---|---|
| committer | plegall <plg@piwigo.org> | 2012-10-19 20:15:37 +0000 |
| commit | 5a137f9fe45366c4db0605700c2058f9b12b4cf0 (patch) | |
| tree | 716ef15a8fb0a4d5399ddb992b01a7121c007e3a | |
| parent | 453765fc6721b612159ca34bb2c12b93560333e5 (diff) | |
bug 2774 fixed: better sanitize on username_or_email user input
git-svn-id: http://piwigo.org/svn/branches/2.4@18699 68402e56-0260-453c-a942-63ccdbb3a9ee
| -rw-r--r-- | password.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/password.php b/password.php index 0c4ecd05e..888dfefa7 100644 --- a/password.php +++ b/password.php @@ -324,7 +324,7 @@ if ('lost' == $page['action']) if (isset($_POST['username_or_email'])) { - $template->assign('username_or_email', stripslashes(strip_tags($_POST['username_or_email']))); + $template->assign('username_or_email', htmlspecialchars(stripslashes($_POST['username_or_email']))); } } |