deon/phpldapadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SF Bug #2969826 - XSS found in cmd.php

Browse Source
This commit is contained in:
Deon George
2010-03-14 23:48:40 +11:00
parent 7b4d11f1f5
commit 0f782569e9
4 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/functions.php
View File

@@ -612,7 +612,7 @@ function error($msg,$type='note',$redirect=null,$fatal=false,$backtrace=false) {
_('Function'),$line['function']);
if (isset($line['args'])) {
$display = strlen(serialize($line['args'])) < 50 ? serialize($line['args']) : substr(serialize($line['args']),0,50).'...<TRUNCATED>';
$display = strlen(serialize($line['args'])) < 50 ? htmlspecialchars(serialize($line['args'])) : htmlspecialchars(substr(serialize($line['args']),0,50)).'...<TRUNCATED>';
$_SESSION['backtrace'][$error]['args'] = $line['args'];
if (file_exists(LIBDIR.'../tools/unserialize.php'))
$body .= sprintf('&nbsp;(<a href="%s?index=%s" target="backtrace">%s</a>)',