Skip to content

Commit

Permalink
make sure the subject has valid and clean content..
Browse files Browse the repository at this point in the history 
Signed-off-by:Thorsten Eurich <thorsten@eurich.de>
  • Loading branch information
@eurich
eurich committed Jun 1, 2013
1 parent a76dde7 commit 1e4330b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion sources/controllers/PersonalMessage.controller.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,7 +982,7 @@ function action_sendmessage2()
if (!isset($_REQUEST['xml']) && checkSession('post', '', false) != '')
$post_errors->addError('session_timeout');

$_REQUEST['subject'] = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
$_REQUEST['subject'] = isset($_REQUEST['subject']) ? strtr(Util::htmlspecialchars($_POST['subject']), array("\r" => '', "\n" => '', "\t" => '')) : '';
$_REQUEST['to'] = empty($_POST['to']) ? (empty($_GET['to']) ? '' : $_GET['to']) : $_POST['to'];
$_REQUEST['bcc'] = empty($_POST['bcc']) ? (empty($_GET['bcc']) ? '' : $_GET['bcc']) : $_POST['bcc'];

Expand Down

0 comments on commit 1e4330b

Please sign in to comment.