Browse code

Ridded of XSS flaw

Jaidyn Lev authored on 2018-11-10 20:02:10
Showing 2 changed files
... ...
@@ -4,8 +4,8 @@ include("../../resources/library/main.php");
4 4
 
5 5
 $item = strtolower($GLOBALS["file_beam_item"]);
6 6
 
7
-$filename = $_GET["success"];
8
-$error = $_GET["error"];
7
+$filename = sanitize_filename($_GET["success"]);
8
+$error = sanitize_filename($_GET["error"]);
9 9
 
10 10
 
11 11
 
... ...
@@ -4,8 +4,8 @@ include("../../resources/library/main.php");
4 4
 
5 5
 $item = strtolower($GLOBALS["url_aliasize_item"]);
6 6
 
7
-$filename = $_GET["success"];
8
-$error = $_GET["error"];
7
+$filename = sanitize_filename($_GET["success"]);
8
+$error = sanitize_filename($_GET["error"]);
9 9
 
10 10
 
11 11