danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't escape CSS (fixes use of html entities)

Browse Source
This commit is contained in:
Daniel Winzen
2016-09-02 10:35:18 +02:00
parent 1753606b8a
commit 8e75c36572
2 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
chat.php
View File

@ -3181,7 +3181,6 @@ function save_setup($C){
$_REQUEST['rulestxt']=preg_replace("/(\r?\n|\r\n?)/", '<br>', $_REQUEST['rulestxt']);
$_REQUEST['chatname']=htmlspecialchars($_REQUEST['chatname']);
$_REQUEST['redirect']=htmlspecialchars($_REQUEST['redirect']);
$_REQUEST['css']=htmlspecialchars($_REQUEST['css']);
if(!preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['colbg'])){
unset($_REQUEST['colbg']);
}