diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:03:44 -0500 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:03:51 -0500 |
commit | 225a2f0b4696c497263d0926011a0f39ab08b0f3 (patch) | |
tree | 8a5b402ff00a0c20e630f4beaf0f385edb2a9592 /usr/local/www/services_captiveportal_vouchers_edit.php | |
parent | 5812e717eb919e2d1eb94772f33275122415d76c (diff) | |
download | pfsense-225a2f0b4696c497263d0926011a0f39ab08b0f3.zip pfsense-225a2f0b4696c497263d0926011a0f39ab08b0f3.tar.gz |
Bring in XSS id fixes from m0n0wall
Diffstat (limited to 'usr/local/www/services_captiveportal_vouchers_edit.php')
-rw-r--r-- | usr/local/www/services_captiveportal_vouchers_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 96e563f..94724a9 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -191,7 +191,7 @@ include("head.inc"); <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <?php if (isset($id) && $a_roll[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> </td> </tr> |