diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2014-03-11 16:56:09 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2014-03-11 16:57:48 -0300 |
| commit | 49f3f28fea92114b09d3b2d8103398c4adcb3635 (patch) | |
| tree | 7a63296aea1fb85efb81db1fd487b6d86f1eaf9d | |
| parent | 7b4d12dcc92c3968c4440598d229bbef81562121 (diff) | |
| download | pfsense-49f3f28fea92114b09d3b2d8103398c4adcb3635.zip pfsense-49f3f28fea92114b09d3b2d8103398c4adcb3635.tar.gz | |
Pass id variable through htmlspecialchars before print it
| -rwxr-xr-x | usr/local/www/vpn_pppoe_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/vpn_pppoe_edit.php b/usr/local/www/vpn_pppoe_edit.php index 63db7e4..dfdbf91 100755 --- a/usr/local/www/vpn_pppoe_edit.php +++ b/usr/local/www/vpn_pppoe_edit.php @@ -593,7 +593,7 @@ if ($savemsg) <td width="78%"> <?php if (isset($id)) - echo "<input type='hidden' name='id' id='id' value='{$id}' />"; + echo "<input type='hidden' name='id' id='id' value='" . htmlspecialchars($id, ENT_QUOTES | ENT_HTML401) . "' />"; ?> <?php if (isset($pconfig['pppoeid'])) |
