diff options
| author | root | 2014-04-20 18:55:24 +0200 |
|---|---|---|
| committer | root | 2014-04-20 18:55:24 +0200 |
| commit | 3c94eb3f608f9bf0dc8d19583abe273b3a67e5ff (patch) | |
| tree | 9f589754331dbbab8f90f467f36a10f9a5ed99a7 /www/functions/func_login.php | |
| parent | 2441480079f68bd4bc15a12d7b9b47c18ce0bd52 (diff) | |
| download | jungegemeinde-3c94eb3f608f9bf0dc8d19583abe273b3a67e5ff.tar.gz | |
Fixed XSS vulnerability.
Diffstat (limited to 'www/functions/func_login.php')
| -rwxr-xr-x | www/functions/func_login.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/www/functions/func_login.php b/www/functions/func_login.php index d909180..7944c3e 100755 --- a/www/functions/func_login.php +++ b/www/functions/func_login.php @@ -4,7 +4,7 @@ function login($db){ /*___Database Query: Login___*/ $username = $_POST["username"]; $password = $_POST["password"]; - $safe_username = SQLite3::escapeString("$username"); + $safe_username = SQLite3::escapeString(htmlentities($username)); $log_in = false; $real_password = ""; |