diff options
| author | jim-p <jimp@netgate.com> | 2019-07-01 14:37:12 -0400 |
|---|---|---|
| committer | jim-p <jimp@netgate.com> | 2019-07-01 14:37:57 -0400 |
| commit | 3c2cc702439f725bd04ad22cd7809bc6652258f9 (patch) | |
| tree | 745e0ece6cb7da292c31c8ad7014587cd80e3480 | |
| parent | 9357ffe380b5eb5280ad58a596d7eb41963c58e6 (diff) | |
| download | pfsense-3c2cc702439f725bd04ad22cd7809bc6652258f9.zip pfsense-3c2cc702439f725bd04ad22cd7809bc6652258f9.tar.gz | |
Encode error output in services_captiveportal_mac.php. Fixes #9609
(cherry picked from commit d31362b69d5d52dc196dc72f66e830cd1e6e9a4f)
| -rw-r--r-- | src/usr/local/www/services_captiveportal_mac.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/usr/local/www/services_captiveportal_mac.php b/src/usr/local/www/services_captiveportal_mac.php index 4621fe5..036c853 100644 --- a/src/usr/local/www/services_captiveportal_mac.php +++ b/src/usr/local/www/services_captiveportal_mac.php @@ -89,7 +89,7 @@ if ($_POST['save']) { if (!empty($mac)) { $_POST['delmac'] = $mac['mac']; } else { - echo gettext("No entry exists for this username:") . " " . $_POST['username'] . "\n"; + echo gettext("No entry exists for this username:") . " " . htmlspecialchars($_POST['username']) . "\n"; } } @@ -112,7 +112,7 @@ if ($_POST['save']) { write_config(); echo gettext("The entry was successfully deleted") . "\n"; } else { - echo gettext("No entry exists for this mac address:") . " " . $_POST['delmac'] . "\n"; + echo gettext("No entry exists for this mac address:") . " " . htmlspecialchars($_POST['delmac']) . "\n"; } } exit; |
