chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r20655] Fixed vulnerabilities of security when you send a message from who is online list - partial FS#4206

Browse Source
skala
Cristian Fasanando 16 years ago
parent 5211e59a3c
commit 2e9f6dd220
1 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/messages/send_message.php

4
main/messages/send_message.php
Unescape View File

@ -37,8 +37,8 @@ if (api_is_anonymous()) {
$user_id=intval($_POST['user_id']);
$panel_id=intval($_POST['panel_id']);
$content_message=$_POST['txt_content']; //check this is filtered on output
$subject_message=$_POST['txt_subject']; //check this is filtered on output
$content_message=Security::remove_XSS($_POST['txt_content'],COURSEMANAGER); //check this is filtered on output
$subject_message=Security::remove_XSS($_POST['txt_subject']); //check this is filtered on output
$user_info=array();
$user_info=api_get_user_info($user_id);
if ($panel_id==2) {

Write Preview
Loading…
Cancel
Save