Mirrors/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2024-07-24 21:34:53 +02:00
Code Issues Actions 34 Packages Projects Releases Wiki Activity

sanitize when logged in as another user

Browse Source
This commit is contained in:
Michiel de Jong 2012-06-09 20:39:24 +02:00
parent 897bfa8814
commit b46903fa76
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/remoteStorage/auth.php
View File

@ -112,7 +112,7 @@ if($userId && $appUrl && $categories) {
}//end 'need to click Allow still'
} else {//login not ok
if($currUser) {
die('You are logged in as '.$currUser.' instead of '.$userId);
die('You are logged in as '.$currUser.' instead of '.htmlentities($userId));
} else {
header('Location: /?redirect_url='.urlencode('/apps/remoteStorage/auth.php'.$_SERVER['PATH_INFO'].'?'.$_SERVER['QUERY_STRING']));
}