diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-17 10:23:34 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-17 11:11:33 -0300 |
commit | acbab51a8c2fbdbcc41c96090afa71b8b57db68e (patch) | |
tree | 32c76a01fe8fce57027324fa84379e598a9eeefa /usr/local/www | |
parent | a8495e500aec7fed36e1a90673298622b14f254e (diff) | |
download | pfsense-acbab51a8c2fbdbcc41c96090afa71b8b57db68e.zip pfsense-acbab51a8c2fbdbcc41c96090afa71b8b57db68e.tar.gz |
Use htmlspecialchars(), a better solution for #2952
Diffstat (limited to 'usr/local/www')
-rwxr-xr-x | usr/local/www/system_firmware_check.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/system_firmware_check.php b/usr/local/www/system_firmware_check.php index 0cf9923..544a54d 100755 --- a/usr/local/www/system_firmware_check.php +++ b/usr/local/www/system_firmware_check.php @@ -181,7 +181,7 @@ if ($g['platform'] == "nanobsd") { $txt .= " " . gettext("NanoBSD Size") . " : " . trim(file_get_contents("/etc/nanosize.txt")) . "\\n"; } $txt .= " " . gettext("Built On") .": ". $current_installed_buildtime . "\\n"; -$txt .= " " . gettext("New version") .": ". addslashes($remote_version) . "\\n\\n"; +$txt .= " " . gettext("New version") .": ". htmlspecialchars($remote_version, ENT_QUOTES | ENT_HTML401). "\\n\\n"; $txt .= " " . gettext("Update source") .": ". $updater_url . "\\n"; update_output_window($txt); ?> |