cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 2 Projects Releases Wiki Activity

Added XSS prevention

Browse Source
pull/1/head
root 16 years ago
parent 16d7b35bae
commit 31c57ef051
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
www/ac.php
Unescape Escape View File

@ -23,7 +23,7 @@
$s = mysql_real_escape_string($_REQUEST['s']);
$id = mysql_real_escape_string(strip_tags($_REQUEST['id']));
echo "parent._ac_rpc('$id',";
echo "parent._ac_rpc('".sanitizeHTML($id)."',";
$bits = explode(",", $s);

Write Preview
Loading…
Cancel
Save