From: Roland Häder <roland@mxchange.org>
Date: Tue, 24 Mar 2009 07:17:56 +0000 (+0000)
Subject: Now all command-line arguments are being passed through escapeshellcmd()
X-Git-Url: https://git.mxchange.org/?p=core.git;a=commitdiff_plain;h=749d4734a4eb3db7a98f1f2493752c7599e8776e

Now all command-line arguments are being passed through escapeshellcmd()
---

diff --git a/inc/classes/main/request/console/class_ConsoleRequest.php b/inc/classes/main/request/console/class_ConsoleRequest.php
index 6ef86f5e..aaa1540e 100644
--- a/inc/classes/main/request/console/class_ConsoleRequest.php
+++ b/inc/classes/main/request/console/class_ConsoleRequest.php
@@ -80,8 +80,8 @@ class ConsoleRequest extends BaseRequest implements Requestable {
 				// Add it likewise, but empty value
 				$this->setRequestElement($argArray[0], "");
 			} else {
-				// Set a name=value pair
-				$this->setRequestElement($argArray[0], $argArray[1]);
+				// Set a name=value pair escaped and secured
+				$this->setRequestElement($argArray[0], escapeshellcmd($argArray[1]));
 			}
 		} // END - foreach
 	}