sanitize when logged in as another user

This commit is contained in:
Michiel de Jong 2012-06-09 20:39:24 +02:00
parent 897bfa8814
commit b46903fa76
1 changed files with 1 additions and 1 deletions

View File

@ -112,7 +112,7 @@ if($userId && $appUrl && $categories) {
}//end 'need to click Allow still'
} else {//login not ok
if($currUser) {
die('You are logged in as '.$currUser.' instead of '.$userId);
die('You are logged in as '.$currUser.' instead of '.htmlentities($userId));
} else {
header('Location: /?redirect_url='.urlencode('/apps/remoteStorage/auth.php'.$_SERVER['PATH_INFO'].'?'.$_SERVER['QUERY_STRING']));
}