diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2012-09-06 03:48:10 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2012-09-06 03:48:18 +0200 |
commit | f702e689c13f0d7b3d23b773ab95cea13e3f3c18 (patch) | |
tree | a2dc80eb16a22ed080612e15d77c36036b2620a2 /lib | |
parent | 24d4d4b6bd3bb821b85bac3d74ea4d1deec59ad8 (diff) |
removed xss vulnerabilities in template code
Diffstat (limited to 'lib')
-rw-r--r-- | lib/foldermapper.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/foldermapper.php b/lib/foldermapper.php index eb64fa871..4eb78b119 100644 --- a/lib/foldermapper.php +++ b/lib/foldermapper.php @@ -117,7 +117,7 @@ class FolderMapper { $parentid = $folder->getParentId(); $params=array( - htmlspecialchars_decode($name), + $name, $parentid, $this->userid ); @@ -137,7 +137,7 @@ class FolderMapper { $query = \OCP\DB::prepare('UPDATE ' . self::tableName . ' SET name = ? ' . ' WHERE id = ?'); - $params = array(htmlspecialchars_decode($folder->getName()), $folder->getId()); + $params = array($folder->getName(), $folder->getId()); $query->execute($params); return true; } |