Commit c427037d authored by Dustri's avatar Dustri

Fix an XSS

parent 57559615
......@@ -66,9 +66,9 @@ function build_htmlpath ( $fullpath )
function build_asso_htmlpath ( $fullpath )
{
$tokens = explode(":",$fullpath);
$pole = $tokens[0];
$pole = htmlentities($tokens[0]);
unset($tokens[0]);
$asso = $tokens[1];
$asso = htmlentities($tokens[1]);
unset($tokens[1]);
$buffer = "<a href=\"./?name=".$pole.":".$asso."\">Wiki</a>";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment