diff options
author | Filip Komar <filip@mageia.org> | 2014-01-10 20:16:39 +0000 |
---|---|---|
committer | Filip Komar <filip@mageia.org> | 2014-01-10 20:16:39 +0000 |
commit | 4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f (patch) | |
tree | 4a57df1895b89fe6ac4dcc2c534c7f4e28d691a0 /langs/diff.php | |
parent | e861636e2f1c43ba899c265bcae30bbaefa2fe60 (diff) | |
download | www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.gz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.bz2 www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.xz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.zip |
security improved for some pages with strip_tags of
Diffstat (limited to 'langs/diff.php')
-rw-r--r-- | langs/diff.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/langs/diff.php b/langs/diff.php index ccc7f6416..117d38a9e 100644 --- a/langs/diff.php +++ b/langs/diff.php @@ -4,8 +4,8 @@ * against matching file in language 'l', if it exists. */ -$source_file = isset($_GET['s']) ? trim($_GET['s']) : null; -$target_lang = isset($_GET['l']) ? trim($_GET['l']) : null; +$source_file = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null; +$target_lang = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null; if (is_null($source_file) || is_null($target_lang)) { @@ -113,7 +113,7 @@ header('Content-Type: text/html;charset=utf-8'); </style> </head> <body> - <?php echo $s; ?> + <?php echo $s; $test_1 = TRUE; $test = strip_tags($test_1); echo '1. test: ' . $test; ?> <hr> </body> </html> |