diff options
| author | Larry Meaney <larry_meaney@iname.com> | 2010-11-30 07:07:20 +0000 |
|---|---|---|
| committer | Larry Meaney <larry_meaney@iname.com> | 2010-11-30 07:07:20 +0000 |
| commit | 8916174c4afcabb8e14fc4bad1cd7320f14a3080 (patch) | |
| tree | b398301f8e83153f7c39ec34064a9414a40cd643 /includes/controllers | |
| parent | c3bc207f78fd093e832bc1eff4662fd4100fbe01 (diff) | |
| download | webtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.tar.gz webtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.tar.bz2 webtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.zip | |
preg_quote the list of gedcoms when validating user input, in case any of the gedcoms have regex characters in their name
Diffstat (limited to 'includes/controllers')
| -rw-r--r-- | includes/controllers/remotelink_ctrl.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/includes/controllers/remotelink_ctrl.php b/includes/controllers/remotelink_ctrl.php index f3a4272a1c..5b9e5a5242 100644 --- a/includes/controllers/remotelink_ctrl.php +++ b/includes/controllers/remotelink_ctrl.php @@ -82,15 +82,15 @@ class RemoteLinkController extends BaseController { $this->form_location =safe_POST('location'); $this->form_txtURL =safe_POST('txtURL', WT_REGEX_URL); $this->form_txtTitle =safe_POST('txtTitle', '[^<>"%{};]+'); - $this->form_txtGID =safe_POST('txtGID', $this->gedcom_list); + $this->form_txtGID =safe_POST('txtGID', preg_quote_array($this->gedcom_list)); $this->form_txtUsername =safe_POST('txtUsername', WT_REGEX_USERNAME); $this->form_txtPassword =safe_POST('txtPassword', WT_REGEX_PASSWORD); $this->form_cbExistingServers=safe_POST('cbExistingServers', array_keys($this->server_list)); $this->form_txtCB_Title =safe_POST('txtCB_Title', '[^<>"%{};]+'); - $this->form_txtCB_GID =safe_POST('txtCB_GID', $this->gedcom_list); + $this->form_txtCB_GID =safe_POST('txtCB_GID', preg_quote_array($this->gedcom_list)); $this->form_txtFS_URL =safe_POST('txtFS_URL', WT_REGEX_URL); $this->form_txtFS_Title =safe_POST('txtFS_Title', '[^<>"%{};]+'); - $this->form_txtFS_GID =safe_POST('txtFS_GID', $this->gedcom_list); + $this->form_txtFS_GID =safe_POST('txtFS_GID', preg_quote_array($this->gedcom_list)); $this->form_txtFS_Username =safe_POST('txtFS_Username', WT_REGEX_USERNAME); $this->form_txtFS_Password =safe_POST('txtFS_Password', WT_REGEX_PASSWORD); |
