diff options
author | thomascube <thomas@roundcube.net> | 2006-08-16 08:06:31 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2006-08-16 08:06:31 +0000 |
commit | 89406f36c20e4d785bfb35c68e87475329cfbaf5 (patch) | |
tree | ae3f118ad16a87f112c3c8ef6df721d557fb8764 /program/steps/error.inc | |
parent | 3287e84c90d53f88a009beaed2836f337f0751f2 (diff) |
Fixed some XSS and SQL injection issues
Diffstat (limited to 'program/steps/error.inc')
-rw-r--r-- | program/steps/error.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/program/steps/error.inc b/program/steps/error.inc index aa8036afe..2d87a9da4 100644 --- a/program/steps/error.inc +++ b/program/steps/error.inc @@ -53,7 +53,7 @@ else if ($ERROR_CODE==401) else if ($ERROR_CODE==404) { $__error_title = "REQUEST FAILED/FILE NOT FOUND"; - $request_url = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; + $request_url = htmlentities($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); $__error_text = <<<EOF The requested page was not found!<br /> Please contact your server-administrator. |