oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed possible security problem.

Browse source
This commit is contained in:
Len Kranendonk 2003-02-21 14:03:06 +00:00
parent de1d5834ac
commit 713811353c
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/WebGUI/Wobject/MailForm.pm
View file

@ -358,6 +358,8 @@ sub _createField {
my $name = WebGUI::URL::urlize($data->{name}); my $name = WebGUI::URL::urlize($data->{name});
my $f = WebGUI::HTMLForm->new( 'noTable' ); my $f = WebGUI::HTMLForm->new( 'noTable' );
$session{form}{$name} =~ s/\^.*?\;//gs ; # remove macro's from user input
SWITCH: for ($data->{type}) { SWITCH: for ($data->{type}) {
/^text$/ && do { /^text$/ && do {
$f->text( $f->text(