From: Roland Häder <roland@mxchange.org>
Date: Mon, 21 Apr 2008 11:53:30 +0000 (+0000)
Subject: Exception output secured against XSS
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=a21829b7fd94ac84ec699974e3734f09196d3123;p=shipsimu.git

Exception output secured against XSS
---

diff --git a/inc/classes/exceptions/main/class_InvalidCommandException.php b/inc/classes/exceptions/main/class_InvalidCommandException.php
index af30b8c..b0bc623 100644
--- a/inc/classes/exceptions/main/class_InvalidCommandException.php
+++ b/inc/classes/exceptions/main/class_InvalidCommandException.php
@@ -34,7 +34,7 @@ class InvalidCommandException extends FrameworkException {
 		$message = sprintf("[%s:%d] Invalid command <u>%s</u> detected.",
 			$msgArray[0]->__toString(),
 			$this->getLine(),
-			$msgArray[1]
+			htmlentities(strip_tags($msgArray[1]), ENT_QUOTES)
 		);
 
 		// Call parent constructor