dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
fix for script execution vulnerability
[lhc/web/wiklou.git]
/
includes
/
SpecialPreferences.php
diff --git
a/includes/SpecialPreferences.php
b/includes/SpecialPreferences.php
index
d47ad5c
..
3666030
100644
(file)
--- a/
includes/SpecialPreferences.php
+++ b/
includes/SpecialPreferences.php
@@
-91,6
+91,11
@@
class PreferencesForm {
}
}
}
+
+ # Validate language
+ if ( !preg_match( '/^[a-z\-]*$/', $this->mUserLanguage ) ) {
+ $this->mUserLanguage = 'nolanguage';
+ }
}
function execute() {