Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-24 12:48:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize error output

Browse Source
This commit is contained in:
Mcat12
2017-01-07 14:34:30 -05:00
parent c32b3c2925
commit 79f7d93c52
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/pi-hole/php/auth.php
View File

@@ -105,7 +105,7 @@ function check_domain() {
if(isset($_POST['domain'])){
$validDomain = is_valid_domain_name($_POST['domain']);
if(!$validDomain){
log_and_die($_POST['domain']. ' is not a valid domain');
log_and_die(htmlspecialchars($_POST['domain']. ' is not a valid domain'));
}
}
}
@@ -126,11 +126,11 @@ function list_verify($type) {
require("password.php");
if(strlen($pwhash) == 0)
{
log_and_die("No password set - ".$type."listing with password not supported");
log_and_die("No password set - ".htmlspecialchars($type)."listing with password not supported");
}
elseif($wrongpassword)
{
log_and_die("Wrong password - ".$type."listing of ${_POST['domain']} not permitted");
log_and_die("Wrong password - ".htmlspecialchars($type)."listing of ${_POST['domain']} not permitted");
}
}
else