]> git.p6c8.net - devedit.git/commitdiff
Again: Forgot to encode HTML in some more strings...
authorpcanterino <>
Tue, 14 Jun 2005 14:58:39 +0000 (14:58 +0000)
committerpcanterino <>
Tue, 14 Jun 2005 14:58:39 +0000 (14:58 +0000)
modules/Command.pm

index f42deebabb2c682c8b577c2e7317d7238c4a57ee..b2bbfe96bf7e08d9a6bcc74bfdbf96df491bec3e 100644 (file)
@@ -514,8 +514,8 @@ sub exec_upload($$)
  my $virtual        = $data->{'virtual'};
  my $cgi            = $data->{'cgi'};
 
- return error($config->{'errors'}->{'no_directory'},upper_path($virtual),{FILE => $virtual}) unless(-d $physical && not -l $physical);
- return error($config->{'errors'}->{'dir_no_create'},$virtual,{DIR => $virtual})             unless(-w $physical);
+ return error($config->{'errors'}->{'no_directory'},upper_path($virtual),{FILE => encode_html($virtual)}) unless(-d $physical && not -l $physical);
+ return error($config->{'errors'}->{'dir_no_create'},$virtual,{DIR => encode_html($virtual)})             unless(-w $physical);
 
  if(my $uploaded_file = $cgi->param('uploaded_file'))
  {

patrick-canterino.de