From: Roland Häder Date: Mon, 21 Apr 2008 11:53:30 +0000 (+0000) Subject: Exception output secured against XSS X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=a21829b7fd94ac84ec699974e3734f09196d3123;p=shipsimu.git Exception output secured against XSS --- diff --git a/inc/classes/exceptions/main/class_InvalidCommandException.php b/inc/classes/exceptions/main/class_InvalidCommandException.php index af30b8c..b0bc623 100644 --- a/inc/classes/exceptions/main/class_InvalidCommandException.php +++ b/inc/classes/exceptions/main/class_InvalidCommandException.php @@ -34,7 +34,7 @@ class InvalidCommandException extends FrameworkException { $message = sprintf("[%s:%d] Invalid command %s detected.", $msgArray[0]->__toString(), $this->getLine(), - $msgArray[1] + htmlentities(strip_tags($msgArray[1]), ENT_QUOTES) ); // Call parent constructor