From 25ca538c0c59d14df1c76a557c7f76da9019f643 Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Mon, 13 Sep 2010 18:40:34 +0000
Subject: bug 1848 fixed: do not print methodName in header to avoid CRLF
 attack.

git-svn-id: http://piwigo.org/svn/branches/2.1@6890 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/ws_core.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/ws_core.inc.php')

diff --git a/include/ws_core.inc.php b/include/ws_core.inc.php
index 043c2c112..28f834a76 100644
--- a/include/ws_core.inc.php
+++ b/include/ws_core.inc.php
@@ -477,7 +477,7 @@ Request format: ".@$this->_requestFormat." Response format: ".@$this->_responseF
 
     if ( $method==null )
     {
-      return new PwgError(WS_ERR_INVALID_METHOD, 'Method name "'.$methodName.'" is not valid');
+      return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid');
     }
 
     // parameter check and data coercion !
-- 
cgit v1.2.3