Browse Source

Fixed dangerous XSS vulnerability

pull/40/head
Savetheinternet 13 years ago
parent
commit
19187b6205
  1. 2
      post.php

2
post.php

@ -211,7 +211,7 @@
$post['mod'] = isset($_POST['mod']) && $_POST['mod'];
if($post['has_file'])
$post['filename'] = get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name'];
$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
if($config['force_body'] && empty($post['body']))
error($config['error']['tooshort_body']);

Loading…
Cancel
Save