From 3402ea7bf3347520f9bb8ba536328954ea9902b3 Mon Sep 17 00:00:00 2001 From: nikrou Date: Wed, 21 Apr 2010 20:17:07 +0000 Subject: Bug 1621 fixed : CSS vulnerability in register.php login and mail_address fields must be filtered with htmlspecialchars. merge from trunk git-svn-id: http://piwigo.org/svn/branches/2.0@5937 68402e56-0260-453c-a942-63ccdbb3a9ee --- register.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/register.php b/register.php index ca00bccfc..3c500ec31 100644 --- a/register.php +++ b/register.php @@ -76,8 +76,8 @@ $template->assign(array( 'U_HOME' => make_index_url(), 'F_ACTION' => 'register.php', - 'F_LOGIN' => $login, - 'F_EMAIL' => $email + 'F_LOGIN' => htmlspecialchars($login, ENT_QUOTES, 'utf-8'), + 'F_EMAIL' => htmlspecialchars($email, ENT_QUOTES, 'utf-8') )); //-------------------------------------------------------------- errors display -- cgit v1.2.3