From: Lukas Reschke Date: Sun, 10 Jun 2012 22:36:58 +0000 (+0200) Subject: Sanitizing user input X-Git-Tag: v4.5.0beta1~74^2~421^2~32 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3f9b967be72ed6271921c5a18042ea2d3c15d6fe;p=nextcloud-server.git Sanitizing user input --- diff --git a/apps/gallery/lib/tiles.php b/apps/gallery/lib/tiles.php index e43c99bb76a..5837c752ef6 100644 --- a/apps/gallery/lib/tiles.php +++ b/apps/gallery/lib/tiles.php @@ -141,7 +141,7 @@ class TileStack extends TileBase { } public function get() { - $r = ''; + $r = ''; for ($i = 0; $i < count($this->tiles_array); $i++) { $top = rand(-5, 5); $left = rand(-5, 5); @@ -168,7 +168,7 @@ class TileStack extends TileBase { } public function getOnClickAction() { - return 'javascript:openNewGal(\''.$this->stack_name.'\');'; + return 'javascript:openNewGal(\''.htmlentities($this->stack_name).'\');'; } private $tiles_array; diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php index fd83490d60c..f9926045498 100644 --- a/apps/gallery/templates/index.php +++ b/apps/gallery/templates/index.php @@ -14,7 +14,7 @@ div.visible { opacity: 0.8;}