diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2014-02-17 10:23:34 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-17 11:11:23 -0300 |
| commit | f458b2cbf8949cf0a6cd7e0e34268aa33918ab23 (patch) | |
| tree | 52287dc0cb93acb34ac87b2ff543ade877066131 /usr/local/www/system_firmware_check.php | |
| parent | e4a4ec896f59ba546740e1984408e982b266973f (diff) | |
| download | pfsense-f458b2cbf8949cf0a6cd7e0e34268aa33918ab23.zip pfsense-f458b2cbf8949cf0a6cd7e0e34268aa33918ab23.tar.gz | |
Use htmlspecialchars(), a better solution for #2952
Diffstat (limited to 'usr/local/www/system_firmware_check.php')
| -rwxr-xr-x | usr/local/www/system_firmware_check.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/system_firmware_check.php b/usr/local/www/system_firmware_check.php index 0cf9923..544a54d 100755 --- a/usr/local/www/system_firmware_check.php +++ b/usr/local/www/system_firmware_check.php @@ -181,7 +181,7 @@ if ($g['platform'] == "nanobsd") { $txt .= " " . gettext("NanoBSD Size") . " : " . trim(file_get_contents("/etc/nanosize.txt")) . "\\n"; } $txt .= " " . gettext("Built On") .": ". $current_installed_buildtime . "\\n"; -$txt .= " " . gettext("New version") .": ". addslashes($remote_version) . "\\n\\n"; +$txt .= " " . gettext("New version") .": ". htmlspecialchars($remote_version, ENT_QUOTES | ENT_HTML401). "\\n\\n"; $txt .= " " . gettext("Update source") .": ". $updater_url . "\\n"; update_output_window($txt); ?> |
