sanitize when logged in as another user
This commit is contained in:
parent
897bfa8814
commit
b46903fa76
|
@ -112,7 +112,7 @@ if($userId && $appUrl && $categories) {
|
|||
}//end 'need to click Allow still'
|
||||
} else {//login not ok
|
||||
if($currUser) {
|
||||
die('You are logged in as '.$currUser.' instead of '.$userId);
|
||||
die('You are logged in as '.$currUser.' instead of '.htmlentities($userId));
|
||||
} else {
|
||||
header('Location: /?redirect_url='.urlencode('/apps/remoteStorage/auth.php'.$_SERVER['PATH_INFO'].'?'.$_SERVER['QUERY_STRING']));
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue