From 380aab470ff375a8f898b3b9b8375236130209d0 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sun, 10 Jun 2012 23:16:59 +0200
Subject: [PATCH] Sanitzing user input

---
 apps/user_ldap/settings.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index 9c0620578be..f1a474ff27d 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -47,7 +47,7 @@ if ($_POST) {
 // fill template
 $tmpl = new OCP\Template( 'user_ldap', 'settings');
 foreach($params as $param){
-		$value = OCP\Config::getAppValue('user_ldap', $param,'');
+		$value = htmlentities(OCP\Config::getAppValue('user_ldap', $param,''));
 		$tmpl->assign($param, $value);
 }
 
-- 
2.39.5