diff options
| author | Andrew Dolgov <[email protected]> | 2017-12-03 23:35:38 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2017-12-03 23:35:38 +0300 |
| commit | e6532439d68234d86176e4d967609d68dd564c1d (patch) | |
| tree | 6b5336fc8ea97ab3ecb1db547189b63ae1cd6120 /classes/pluginhandler.php | |
| parent | 7c6f7bb0aa50f42fd697fbe82dc9b8b5931a3a52 (diff) | |
force strip_tags() on all user input unless explicitly allowed
Diffstat (limited to 'classes/pluginhandler.php')
| -rw-r--r-- | classes/pluginhandler.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/pluginhandler.php b/classes/pluginhandler.php index 1c9e7aef6..d10343e09 100644 --- a/classes/pluginhandler.php +++ b/classes/pluginhandler.php @@ -5,7 +5,7 @@ class PluginHandler extends Handler_Protected { } function catchall($method) { - $plugin = PluginHost::getInstance()->get_plugin($_REQUEST["plugin"]); + $plugin = PluginHost::getInstance()->get_plugin(clean($_REQUEST["plugin"])); if ($plugin) { if (method_exists($plugin, $method)) { |