Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 01:28:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Better sanitizing

Browse Source
This commit is contained in:
Laurent Destailleur
2020-09-19 00:05:29 +02:00
parent 6d2d5d7cae
commit 63bc3aa48a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/lib/functions.lib.php
View File

@@ -608,7 +608,7 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
// Sanitizing for special var name. There is no reason to allow a backtopage to an external URL.
if ($paramname == 'backtopage') {
$out = preg_replace(array('/\/\//', '/^[a-z]*:/'), '', $out);
$out = preg_replace(array('/\/\/+/', '/^[a-z]*:/'), '', $out);
}
// Code for search criteria persistence.