chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix coding covention and add security to the variable $_SERVER

Browse Source
1.10.x
nosolored 9 years ago
parent ebf574fd02
commit 01b43f5512
2 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/auth/inscription.php
  2. 2
      plugin/buycourses/src/process.php

2
main/auth/inscription.php
Unescape View File

@ -719,7 +719,7 @@ if ($form->validate()) {
} }
} }
if(!empty($_SESSION['urlReturn'])){ if (!empty($_SESSION['urlReturn'])) {
$form_data['action'] = api_get_path(WEB_PATH).$_SESSION['urlReturn']; $form_data['action'] = api_get_path(WEB_PATH).$_SESSION['urlReturn'];
Session::erase('urlReturn'); Session::erase('urlReturn');
} }

2
plugin/buycourses/src/process.php
Unescape View File

@ -13,7 +13,7 @@ use ChamiloSession as Session;
$currentUserId = api_get_user_id(); $currentUserId = api_get_user_id();
if (empty($currentUserId)) { if (empty($currentUserId)) {
Session::write('urlReturn', $_SERVER['REQUEST_URI']); Session::write('urlReturn', Security :: remove_XSS($_SERVER['REQUEST_URI']));
header('Location: ' . api_get_path(WEB_CODE_PATH) . 'auth/inscription.php'); header('Location: ' . api_get_path(WEB_CODE_PATH) . 'auth/inscription.php');
exit; exit;
} }

Write Preview
Loading…
Cancel
Save