Protect admin from evil log messages

author Tom Needham <needham.thomas@gmail.com>

Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)

committer Tom Needham <needham.thomas@gmail.com>

Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)
author Tom Needham <needham.thomas@gmail.com>
Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)
committer Tom Needham <needham.thomas@gmail.com>
Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)
diff --git a/lib/log.php b/lib/log.php

index 8bb2839be66a36686539348fbfb913bbd16c361e..bccc46846cea07e9407725929d6577689b91225c 100644 (file)
--- a/lib/log.php
+++ b/lib/log.php
@@ -34,6 +34,6 @@ class OC_Log {
                         call_user_func(array(self::$class, 'init'));
                 }
                 $log_class=self::$class;
-               $log_class::write($app, $message, $level);
+               $log_class::write($app, htmlentities($message), $level);
         }
  }
author	Tom Needham <needham.thomas@gmail.com>
	Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)
committer	Tom Needham <needham.thomas@gmail.com>
	Tue, 8 May 2012 19:41:31 +0000 (19:41 +0000)