Skip to content

Commit

Permalink
Sanitize filename in import message
Browse files Browse the repository at this point in the history 
Signed-off-by: Michal Čihař <michal@cihar.com>
  • Loading branch information
@nijel
nijel committed Feb 5, 2014
1 parent addebbe commit 968d5d5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions import.php
View file
Expand Up @@ -568,9 +568,9 @@
$message->addString($import_notice);
}
if (isset($local_import_file)) {
$message->addString('(' . $local_import_file . ')');
$message->addString('(' . htmlspecialchars($local_import_file) . ')');
} else {
$message->addString('(' . $_FILES['import_file']['name'] . ')');
$message->addString('(' . htmlspecialchars($_FILES['import_file']['name']) . ')');
}
}
}
Expand Down

0 comments on commit 968d5d5

Please sign in to comment.