diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-19 17:24:55 +0200 |
|---|---|---|
| committer | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-20 16:59:51 +0200 |
| commit | 902c649dad7a0bd1f5f2d0ec87953f0f059a67d8 (patch) | |
| tree | c921524cd92be48789387552ced4688b39550c5d /index.php | |
| parent | d9607df26f63a60b7047d078876e004689190707 (diff) | |
| download | nextcloud-server-902c649dad7a0bd1f5f2d0ec87953f0f059a67d8.tar.gz nextcloud-server-902c649dad7a0bd1f5f2d0ec87953f0f059a67d8.zip | |
use new sanitize HTML function backported
Conflicts:
lib/template.php
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/index.php b/index.php index 4df62327c47..3c38ff760f8 100644 --- a/index.php +++ b/index.php @@ -118,7 +118,7 @@ elseif(OC_User::isLoggedIn()) { if(!array_key_exists('sectoken', $_SESSION) || (array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE)) || substr(OC::$REQUESTEDFILE, -3) == 'php'){ $sectoken=rand(1000000,9999999); $_SESSION['sectoken']=$sectoken; - $redirect_url = (isset($_REQUEST['redirect_url'])) ? strip_tags($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI']; + $redirect_url = (isset($_REQUEST['redirect_url'])) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI']; OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url)); } } |