diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:03:44 -0500 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:03:51 -0500 |
| commit | 225a2f0b4696c497263d0926011a0f39ab08b0f3 (patch) | |
| tree | 8a5b402ff00a0c20e630f4beaf0f385edb2a9592 /usr/local/www/vpn_l2tp_users_edit.php | |
| parent | 5812e717eb919e2d1eb94772f33275122415d76c (diff) | |
| download | pfsense-225a2f0b4696c497263d0926011a0f39ab08b0f3.zip pfsense-225a2f0b4696c497263d0926011a0f39ab08b0f3.tar.gz | |
Bring in XSS id fixes from m0n0wall
Diffstat (limited to 'usr/local/www/vpn_l2tp_users_edit.php')
| -rw-r--r-- | usr/local/www/vpn_l2tp_users_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/vpn_l2tp_users_edit.php b/usr/local/www/vpn_l2tp_users_edit.php index 31a33b7..5c4cdc3 100644 --- a/usr/local/www/vpn_l2tp_users_edit.php +++ b/usr/local/www/vpn_l2tp_users_edit.php @@ -176,7 +176,7 @@ include("head.inc"); <input id="submit" name="Submit" type="submit" class="formbtn" value="<?=gettext('Save');?>" /> <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="history.back()" /> <?php if (isset($id) && $a_secret[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <?php endif; ?> </td> </tr> |
