diff options
| author | Igor Wiedler <igor@wiedler.ch> | 2011-08-18 23:38:39 +0200 |
|---|---|---|
| committer | Igor Wiedler <igor@wiedler.ch> | 2011-08-18 23:44:30 +0200 |
| commit | c5cef773c4811d2041c56a9c34da94a30f8190e1 (patch) | |
| tree | d3286beea76cbb7edc85732f6ccb2c4ea9fb4245 /phpBB/includes/functions.php | |
| parent | fd08cd8dd013c0d1bf8e18611f798c6987d9de9c (diff) | |
| download | forums-c5cef773c4811d2041c56a9c34da94a30f8190e1.tar forums-c5cef773c4811d2041c56a9c34da94a30f8190e1.tar.gz forums-c5cef773c4811d2041c56a9c34da94a30f8190e1.tar.bz2 forums-c5cef773c4811d2041c56a9c34da94a30f8190e1.tar.xz forums-c5cef773c4811d2041c56a9c34da94a30f8190e1.zip | |
[feature/request-class] Adjust code base to do html decoding manually
PHPBB3-9716
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ea96801129..b0c89bdceb 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -879,7 +879,8 @@ function phpbb_own_realpath($path) { // Warning: If chdir() has been used this will lie! // Warning: This has some problems sometime (CLI can create them easily) - $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($request->server('SCRIPT_FILENAME'))) . '/' . $path; + $filename = htmlspecialchars_decode($request->server('SCRIPT_FILENAME')); + $path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($filename)) . '/' . $path; $absolute = true; $path_prefix = ''; } @@ -4242,7 +4243,7 @@ function phpbb_http_login($param) { if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $username = $request->server($k); + $username = htmlspecialchars_decode($request->server($k)); break; } } @@ -4252,7 +4253,7 @@ function phpbb_http_login($param) { if ($request->is_set($k, phpbb_request_interface::SERVER)) { - $password = $request->server($k); + $password = htmlspecialchars_decode($request->server($k)); break; } } |