danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix XSS in session variables.

Browse Source
This commit is contained in:
cypherbits
2020-05-03 11:13:52 +02:00
parent 0f3a04b4de
commit 81b8b78df0
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
chat.php
View File

@ -45,6 +45,7 @@ load_config();
if(!isset($_REQUEST['session']) && isset($_COOKIE[COOKIENAME])){
$_REQUEST['session']=$_COOKIE[COOKIENAME];
}
$_REQUEST['session'] = preg_replace('/[^0-9a-zA-Z]/', '', $_REQUEST['session']);
load_lang();
check_db();
cron();