Skip to content

Commit

Permalink
filter special chars from ajax call parameter. fixes #2019
Browse files Browse the repository at this point in the history
  • Loading branch information
@splitbrain
splitbrain committed Jun 27, 2017
1 parent e301b16 commit 238b8e8
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions lib/exe/ajax.php
View file
Expand Up @@ -15,9 +15,9 @@

//call the requested function
if($INPUT->post->has('call')){
$call = $INPUT->post->str('call');
$call = $INPUT->post->filter('utf8_stripspecials')->str('call');
}else if($INPUT->get->has('call')){
$call = $INPUT->get->str('call');
$call = $INPUT->get->filter('utf8_stripspecials')->str('call');
}else{
exit;
}
Expand Down

1 comment on commit 238b8e8

@splitbrain
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This fixes #2029!

Please sign in to comment.