Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update SpotPage_login.php
For for issue: #718
  • Loading branch information
Sweepr committed Nov 13, 2021
1 parent 044bbd2 commit 2bfa001
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion lib/page/SpotPage_login.php
Expand Up @@ -37,7 +37,12 @@ public function render()

// bring the form action into the local scope
$formAction = $this->_loginForm['action'];


// Check redirect for chevrons, deny if found.
if (preg_match('/[<>]/i', $this->_params['data']['performredirect'])) {
$result->addError(_('Script is not allowed'));
}

// Are we already submitting the form login?
if (!empty($formAction)) {
// make sure we can simply assume all fields are there
Expand Down

0 comments on commit 2bfa001

Please sign in to comment.