Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix XSS
  • Loading branch information
erikdubbelboer committed Oct 14, 2020
1 parent 1ee43ae commit eddaa67
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion login.php
Expand Up @@ -25,7 +25,7 @@
<label for="inputUser" class="sr-only">Username</label>
<input type="text" name="username" id="inputUser" class="form-control"
placeholder="Username"
value="<?= isset($_POST['username']) ? $_POST['username'] : '' ?>"
value="<?= isset($_POST['username']) ? htmlentities($_POST['username'], defined('ENT_SUBSTITUTE') ? (ENT_QUOTES | ENT_SUBSTITUTE) : ENT_QUOTES, 'utf-8') : '' ?>"
required <?= isset($_POST['username']) ? '' : 'autofocus' ?>>

<label for="inputPassword" class="sr-only">Password</label>
Expand Down

0 comments on commit eddaa67

Please sign in to comment.