Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix(stats.php): security issue (XSS)
  • Loading branch information
Ydalb committed Aug 6, 2016
1 parent e1f4f17 commit 67e87f0
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion webroot/stats.php
Expand Up @@ -58,7 +58,7 @@
<?php $link = str_replace(['?','&'], ['%3F','%26'], $search['search']); ?>
<tr>
<td>
<a href="https://mapicoin.fr/?u=<?= $link ?>"><?= $search['search'] ?></a>
<a href="https://mapicoin.fr/?u=<?= htmlentities($link, ENT_QUOTES, "UTF-8"); ?>"><?= htmlentities($search['search'], ENT_QUOTES, "UTF-8") ?></a>
</td>
<td><?= $search['count'] ?></td>
<td><?= time_elapsed_string(strtotime($search['updated'])) ?></td>
Expand Down

0 comments on commit 67e87f0

Please sign in to comment.