malhuda/as-stats-gui
1
0
Fork 0
mirror of https://github.com/nidebr/as-stats-gui.git synced 2025-02-20 11:23:18 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

encode unstrusted user inputs on search field from history

Browse Source
This commit is contained in:
bib0x 2023-05-10 15:59:01 +02:00
parent d1189fd243
commit 35c3a97cf7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
history.php
View File

@ -93,7 +93,7 @@ if ( isset($_GET['as']) ) {
<div class="box-body">
<form class="navbar-form navbar-left" role="search">
<div class="input-group">
<input type="text" class="form-control menu-input" name="as" placeholder="Search AS" value="<?php echo $val_searchas; ?>">
<input type="text" class="form-control menu-input" name="as" placeholder="Search AS" value="<?php echo htmlspecialchars($val_searchas); ?>">
<span class="input-group-btn">
<button type="submit" class="btn btn-flat button-input"><i class="fa fa-search"></i></button>
</span>