diff options
| author | Karl Vollmer <vollmer@ampache.org> | 2011-05-11 16:08:17 -0300 |
|---|---|---|
| committer | Karl Vollmer <vollmer@ampache.org> | 2011-05-11 16:08:17 -0300 |
| commit | dea9e7ffa1bf5db99524ae98786f956e43ec84ac (patch) | |
| tree | 7297dd9b9d328eab6e169b4a3e34a03da028c83a /templates | |
| parent | 5a7f17d61909c3e0605e315e4b09cecc25f46625 (diff) | |
| download | ampache-dea9e7ffa1bf5db99524ae98786f956e43ec84ac.tar.gz ampache-dea9e7ffa1bf5db99524ae98786f956e43ec84ac.tar.bz2 ampache-dea9e7ffa1bf5db99524ae98786f956e43ec84ac.zip | |
Resolves http://securityhome.eu/os/symbian/exploit.php?eid=13841837434dc7c979ead967.10205987
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/show_login_form.inc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/show_login_form.inc.php b/templates/show_login_form.inc.php index 800d0894..d4d65b2d 100644 --- a/templates/show_login_form.inc.php +++ b/templates/show_login_form.inc.php @@ -64,7 +64,7 @@ function focus(){ document.login.username.focus(); } <div class="loginfield" id="usernamefield"> <label for="username"><?php echo _('Username'); ?>:</label> - <input class="text_input" type="text" id="username" name="username" value="<?php echo $_REQUEST['username']; ; ?>" /> + <input class="text_input" type="text" id="username" name="username" value="<?php echo scrub_out($_REQUEST['username']); ?>" /> </div> <div class="loginfield" id="passwordfield"> <label for="password"><?php echo _('Password'); ?>:</label> |