Sanitize group in togglegroups

author: Michael Gapczynski <GapczynskiM@gmail.com> 2012-05-09 09:23:19 -0400
committer: Michael Gapczynski <GapczynskiM@gmail.com> 2012-05-09 09:23:19 -0400
commit: 63cc1ccacd1908292854dd8ca35d6fb5009ddbbb (patch)
tree: 689be273b56655f22fddb05e1651081843bd05d9 /settings/ajax
parent: 588b51d88ac6ba9d4a6b2ee80aa7ee8bad88547f (diff)
download: nextcloud-server-63cc1ccacd1908292854dd8ca35d6fb5009ddbbb.tar.gz
nextcloud-server-63cc1ccacd1908292854dd8ca35d6fb5009ddbbb.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index 3ee3239dd89..f76e22f51d2 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -10,7 +10,7 @@ $error = "add user to";
 $action = "add";
 
 $username = $_POST["username"];
-$group = $_POST["group"];
+$group = htmlentities($_POST["group"]);
 
 if(!OC_Group::groupExists($group)){
 	OC_Group::createGroup($group);
author	Michael Gapczynski <GapczynskiM@gmail.com>	2012-05-09 09:23:19 -0400
committer	Michael Gapczynski <GapczynskiM@gmail.com>	2012-05-09 09:23:19 -0400
commit	63cc1ccacd1908292854dd8ca35d6fb5009ddbbb (patch)
tree	689be273b56655f22fddb05e1651081843bd05d9 /settings/ajax
parent	588b51d88ac6ba9d4a6b2ee80aa7ee8bad88547f (diff)
download	nextcloud-server-63cc1ccacd1908292854dd8ca35d6fb5009ddbbb.tar.gz nextcloud-server-63cc1ccacd1908292854dd8ca35d6fb5009ddbbb.zip