From: Michael Gapczynski <GapczynskiM@gmail.com>
Date: Wed, 9 May 2012 13:23:19 +0000 (-0400)
Subject: Sanitize group in togglegroups
X-Git-Tag: v4.0.0RC~93
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=63cc1ccacd1908292854dd8ca35d6fb5009ddbbb;p=nextcloud-server.git

Sanitize group in togglegroups
---

diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index 3ee3239dd89..f76e22f51d2 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -10,7 +10,7 @@ $error = "add user to";
 $action = "add";
 
 $username = $_POST["username"];
-$group = $_POST["group"];
+$group = htmlentities($_POST["group"]);
 
 if(!OC_Group::groupExists($group)){
 	OC_Group::createGroup($group);