mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use sanitizeHTML instead of stripslashes + htmlspecialchars

This commit is contained in:
Lukas Reschke 2013-02-10 14:03:40 +01:00
parent 1c56539c01
commit 1b10032556
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/helper.php
View File

@ -437,7 +437,7 @@ class OC_Helper {
public static function init_var($s, $d="") { public static function init_var($s, $d="") {
$r = $d; $r = $d;
if(isset($_REQUEST[$s]) && !empty($_REQUEST[$s])) if(isset($_REQUEST[$s]) && !empty($_REQUEST[$s]))
$r = stripslashes(htmlspecialchars($_REQUEST[$s])); $r = OC_Util::sanitizeHTML($_REQUEST[$s]);
return $r; return $r;
} }