Skip to content

Commit eddaa67

Browse files
Fix XSS
1 parent 1ee43ae commit eddaa67

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

login.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
<label for="inputUser" class="sr-only">Username</label>
2626
<input type="text" name="username" id="inputUser" class="form-control"
2727
placeholder="Username"
28-
value="<?= isset($_POST['username']) ? $_POST['username'] : '' ?>"
28+
value="<?= isset($_POST['username']) ? htmlentities($_POST['username'], defined('ENT_SUBSTITUTE') ? (ENT_QUOTES | ENT_SUBSTITUTE) : ENT_QUOTES, 'utf-8') : '' ?>"
2929
required <?= isset($_POST['username']) ? '' : 'autofocus' ?>>
3030

3131
<label for="inputPassword" class="sr-only">Password</label>

0 commit comments

Comments
 (0)