diegods/homelabdspbx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape username before assigning to view (#7964)

Browse Source 
* Update database.php

* Update email.php

* Update totp.php
This commit is contained in:
Alex
2026-05-12 15:25:22 +00:00
committed by GitHub
parent 39ac20e7a0
commit 1a286a3020
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/authentication/resources/classes/plugins/database.php
+1 -1
View File
@@ -157,7 +157,7 @@ class plugin_database {
//assign user to the template
if (!empty($_SESSION['username'])) {
$view->assign("username", $_SESSION['username']);
$view->assign("username", escape($_SESSION['username']));
}
//messages
core/authentication/resources/classes/plugins/email.php
+1 -1
View File
@@ -358,7 +358,7 @@ class plugin_email {
$view->assign("button_verify", $text['label-verify']);
$view->assign("message_delay", $theme_message_delay);
if (!empty($_SESSION['username'])) {
$view->assign("username", $_SESSION['username']);
$view->assign("username", escape($_SESSION['username']));
$view->assign("button_cancel", $text['button-cancel']);
}
core/authentication/resources/classes/plugins/totp.php
+1 -1
View File
@@ -237,7 +237,7 @@ class plugin_totp {
$view->assign("favicon", $theme_favicon);
$view->assign("background_video", $theme_background_video);
if (!empty($_SESSION['username'])) {
$view->assign("username", $_SESSION['username']);
$view->assign("username", escape($_SESSION['username']));
$view->assign("button_cancel", $text['button-cancel']);
}